diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 8f1fdb3f04..e8dc09b104 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -22,7 +22,7 @@ "davidanson.vscode-markdownlint", "bierner.markdown-preview-github-styles", "streetsidesoftware.code-spell-checker", - "hubwriter.open-reusable" + "alistairchristie.open-reusables" ], // Use 'forwardPorts' to make a list of ports inside the container available locally. diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index f54c51ee4e..0c69274411 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -24,7 +24,7 @@ package.json @github/docs-engineering /translations/log/ @github/docs-localization @Octomerger # Site Policy -/content/github/site-policy/ @github/site-policy-admins +/content/site-policy/ @github/site-policy-admins # Content strategy /contributing/content-markup-reference.md @github/docs-content-strategy @@ -32,7 +32,3 @@ package.json @github/docs-engineering /contributing/content-model.md @github/docs-content-strategy /contributing/content-style-guide.md @github/docs-content-strategy /contributing/content-templates.md @github/docs-content-strategy - -# Make sure that Octokit maintainers get notified about changes -# relevant to the Octokit libraries (https://github.com/octokit) -/content/rest/reference @github/octokit-maintainers diff --git a/.github/actions-scripts/enterprise-server-issue-templates/release-issue.md b/.github/actions-scripts/enterprise-server-issue-templates/release-issue.md index 31f1d6736c..b2e0325f8c 100644 --- a/.github/actions-scripts/enterprise-server-issue-templates/release-issue.md +++ b/.github/actions-scripts/enterprise-server-issue-templates/release-issue.md @@ -98,15 +98,18 @@ This file should be automatically updated, but you can also run `script/update-e ### Before shipping the release branch -- [ ] Add the GHES release notes to `data/release-notes/` and update the versioning frontmatter in `content/admin/release-notes.md` to `enterprise-server: '<='` +- [ ] Add the GHES release notes to `data/release-notes/`. - [ ] Add any required smoke tests to the opening post in the megabranch PR. Usually, we should smoke test any new GHES admin guides, any large features landing in this GHES version for the first time, and the REST and GraphQL API references. -- [ ] Alert the Neon Squad (formally docs-ecosystem team) 1-2 days before the release to deploy to `github/github`. A PR should already be open in `github/github`, to change `published` to `true` in `app/api/description/config/releases/ghes-.yaml`. They will need to: +- [ ] A few days before shipping, check for broken links. Run `script/check-english-links.js` in a local copy of the megabranch. +- [ ] [Freeze the repos](https://github.com/github/docs-content/blob/main/docs-content-docs/docs-content-workflows/freezing.md) at least 1-2 days before the release, and post an announcement in Slack so everybody knows. It's helpful to freeze the repos before doing the OpenAPI merges to avoid changes to the megabranch while preparing and deploying. +- [ ] Alert the Neon Squad (formally docs-ecosystem team) 1-2 days before the release to deploy to `github/github`. A PR should already be open in `github/github`, to change the OpenAPI schema config `published` to `true` in `app/api/description/config/releases/ghes-.yaml`. They will need to: - [ ] Get the required approval from `@github/ecosystem-api-reviewers` then deploy the PR to dotcom. This process generally takes 30-90 minutes. - - [ ] Once the PR merges, make sure that the auto-generated PR titled "Update OpenAPI Descriptions" in doc-internal contains both the derefrenced and decorated JSON files for the new GHES release. If everything looks good, merge the "Update OpenAPI Description" PR into the GHES release megabranch. **Note:** Be careful about resolving the conflicts correctly—you may wish to delete the existing OpenAPI files for the release version from the megabranch, so there are no conflicts to resolve and to ensure that the incoming artifacts are the correct ones. - - [ ] Add a blocking review to the auto-generated "Update OpenAPI Descriptions" PR in the public REST API description. (Remove this blocking review once the GHES release ships.) -- [ ] [Freeze the repos](https://github.com/github/docs-content/blob/main/docs-content-docs/docs-content-workflows/freezing.md) at least 1-2 days before the release, and post an announcement in Slack so everybody knows. + - [ ] Once the PR merges, make sure that the auto-generated PR titled "Update OpenAPI Descriptions" in doc-internal contains both the dereferenced and decorated JSON files for the new GHES release. If everything looks good, merge the "Update OpenAPI Description" PR into the GHES release megabranch. **Note:** Be careful about resolving the conflicts correctly—you may wish to delete the existing OpenAPI files for the release version from the megabranch (that is, delete the GHES release version `lib/rest/static` decorated and dereferenced JSON files), so there are no conflicts to resolve and to ensure that the incoming artifacts are the correct ones. +- [ ] Alert the Ecosystem-API team in #ecosystem-api about the pending release freeze and incoming blocking review of OpenAPI updates in the public REST API description (the `rest-api-descriptions` repo). They'll need to block any future "Update OpenAPI Descriptions" PRs in the public REST API description until after the ship. + - [ ] Add a blocking review to the auto-generated "Update OpenAPI Descriptions" PR in the public REST API description. (You or they will remove this blocking review once the GHES release ships.) + ### 🚢 🛳️ 🚢 Shipping the release branch @@ -114,11 +117,18 @@ This file should be automatically updated, but you can also run `script/update-e - [ ] The `github/docs-internal` repo is frozen, and the `Repo Freeze Check / Prevent merging during deployment freezes (pull_request_target)` test is expected to fail. Use admin permissions to ship the release branch with this failure. Make sure that the merge's commit title does not include anything like `[DO NOT MERGE]`, and remove all the branch's commit details from the merge's commit message except for the co-author list. -- [ ] Do any required smoke tests listed in the opening post in the megabranch PR. +- [ ] Do any required smoke tests listed in the opening post in the megabranch PR. You can monitor and check when the production deploy completed by viewing the [`docs-internal` deployments page](https://github.com/github/docs-internal/deployments). - [ ] Once smoke tests have passed, you can [unfreeze the repos](https://github.com/github/docs-content/blob/main/docs-content-docs/docs-content-workflows/freezing.md) and post an announcement in Slack. -- [ ] After unfreezing, push the search index LFS objects for the public `github/docs` repo. The LFS objects were already being pushed for the internal repo after the `sync-english-index-for-` was added to the megabranch. To push the LFS objects, run the [search sync workflow](https://github.com/github/docs-internal/actions/workflows/sync-search-indices.yml). Once you're there, click on `Run workflow` button. A modal will pop up where you can set the following inputs: - Branch: The new version megabranch you're working on - version: `enterprise-server@` - language: `en` +- [ ] After unfreezing, the megabranch creator should push the search index LFS objects for the public `github/docs` repo. The LFS objects were already pushed for the internal repo after the `sync-english-index-for-` was added to the megabranch. To push the LFS objects to the public repo: + 1. First navigate to the [sync search indices workflow](https://github.com/github/docs-internal/actions/workflows/sync-search-indices.yml). + 2. Then, to run the workflow with parameters, click on `Run workflow` button. + 3. A modal will pop up where you will set the following inputs: + - Branch: The new version megabranch you're working on + - Version: `enterprise-server@` + - Language: `en` + 4. Run the job. The workflow job may fail on the first run—so retry the failed job if needed. +- [ ] After unfreezing, alert the Ecosystem-API team in #ecosystem-api the docs freeze is finished/thawed and the release has shipped. + - [ ] You (or they) can now remove your blocking review on the auto-generated "Update OpenAPI Descriptions" PR in public REST API description (the `rest-api-descriptions` repo). (although it's likely newer PRs have been created since yours with the blocking review, in which case the Ecosystem-API team will close your PR and perform the next step on the most recent PR). + - [ ] The Ecosystem-API team will merge the latest auto-generated "Update OpenAPI Descriptions" PR (which will contain the OpenAPI schema config that changed `published` to `true` for the release). - [ ] After unfreezing, if there were significant or highlighted GraphQL changes in the release, consider manually running the [GraphQL update workflow](https://github.com/github/docs-internal/actions/workflows/update-graphql-files.yml) to update our GraphQL schemas. By default this workflow only runs once every 24 hours. - [ ] After the release, in the `docs-content` repo, add the now live version number to the "Specific GHES version(s)" section in the following files: [`.github/ISSUE_TEMPLATE/release-tier-1-or-2-tracking.yml`](https://github.com/github/docs-content/blob/main/.github/ISSUE_TEMPLATE/release-tier-1-or-2-tracking.yml) and [`.github/ISSUE_TEMPLATE/release-tier-3-or-tier-4.yml`](https://github.com/github/docs-content/blob/main/.github/ISSUE_TEMPLATE/release-tier-3-or-tier-4.yml). When the PR is approved, merge it in. diff --git a/.github/actions-scripts/projects.js b/.github/actions-scripts/projects.js index 86480f8bf5..249b8e1aef 100644 --- a/.github/actions-scripts/projects.js +++ b/.github/actions-scripts/projects.js @@ -190,7 +190,7 @@ export function generateUpdateProjectNextItemFieldMutation({ // Strip all non-alphanumeric out of the item ID when creating the mutation ID to avoid a GraphQL parsing error // (statistically, this should still give us a unique mutation ID) return ` - set_${fieldID.substr(1)}_item_${item.replaceAll( + set_${fieldID.slice(1)}_item_${item.replaceAll( /[^a-z0-9]/g, '' )}: updateProjectNextItemField(input: { diff --git a/.github/workflows/azure-preview-env-deploy.yml b/.github/workflows/azure-preview-env-deploy.yml index c37dbedfdc..b87f627ba5 100644 --- a/.github/workflows/azure-preview-env-deploy.yml +++ b/.github/workflows/azure-preview-env-deploy.yml @@ -53,7 +53,7 @@ jobs: # to link a PR to a list of environments later. url: ${{ env.APP_URL }} env: - PR_NUMBER: ${{ github.event.number || github.event.inputs.PR_NUMBER }} + PR_NUMBER: ${{ github.event.number || github.event.inputs.PR_NUMBER || github.run_id }} COMMIT_REF: ${{ github.event.pull_request.head.sha || github.event.inputs.COMMIT_REF }} BRANCH_NAME: ${{ github.head_ref || github.ref_name }} IS_INTERNAL_BUILD: ${{ github.repository == 'github/docs-internal' }} @@ -165,7 +165,7 @@ jobs: rsync -rptovR ./user-code/content/./**/*.md ./content rsync -rptovR ./user-code/assets/./**/*.png ./assets rsync -rptovR ./user-code/data/./**/*.{yml,md} ./data - rsync -rptovR ./user-code/components/./**/*.{ts,tsx} ./components + rsync -rptovR ./user-code/components/./**/*.{scss,ts,tsx} ./components rsync -rptovR --ignore-missing-args ./user-code/lib/./**/*.{js,ts} ./lib rsync -rptovR --ignore-missing-args ./user-code/middleware/./**/*.{js,ts} ./middleware rsync -rptovR ./user-code/pages/./**/*.tsx ./pages diff --git a/.github/workflows/browser-test.yml b/.github/workflows/browser-test.yml index b5fb973f6c..14b0e3de1b 100644 --- a/.github/workflows/browser-test.yml +++ b/.github/workflows/browser-test.yml @@ -59,5 +59,8 @@ jobs: path: .next/cache key: ${{ runner.os }}-nextjs-${{ hashFiles('package*.json') }} + - name: Run build script + run: npm run build + - name: Run browser-test run: npm run browser-test diff --git a/.github/workflows/crowdin-cleanup.yml b/.github/workflows/crowdin-cleanup.yml index 26f4b8dc91..d378461d77 100644 --- a/.github/workflows/crowdin-cleanup.yml +++ b/.github/workflows/crowdin-cleanup.yml @@ -41,7 +41,7 @@ jobs: run: script/i18n/homogenize-frontmatter.js - name: Check in homogenized files - uses: EndBug/add-and-commit@756d9ea820f11931e591eaf57f25e0f5b903d5b2 + uses: EndBug/add-and-commit@050a66787244b10a4874a2a5f682130263edc192 with: # The arguments for the `git add` command add: 'translations' diff --git a/.github/workflows/openapi-decorate.yml b/.github/workflows/openapi-decorate.yml index f064658f71..a77301d393 100644 --- a/.github/workflows/openapi-decorate.yml +++ b/.github/workflows/openapi-decorate.yml @@ -54,7 +54,7 @@ jobs: run: script/rest/update-files.js --decorate-only - name: Check in the decorated files - uses: EndBug/add-and-commit@756d9ea820f11931e591eaf57f25e0f5b903d5b2 + uses: EndBug/add-and-commit@050a66787244b10a4874a2a5f682130263edc192 with: # The arguments for the `git add` command add: '["lib/rest/static/apps", "lib/rest/static/decorated"]' diff --git a/.github/workflows/optimize-images.yml b/.github/workflows/optimize-images.yml index 4679d6aaf8..88e05bffb7 100644 --- a/.github/workflows/optimize-images.yml +++ b/.github/workflows/optimize-images.yml @@ -23,6 +23,10 @@ jobs: uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 with: ref: ${{ github.head_ref }} + # Need to specify a PAT here because otherwise GITHUB_TOKEN is used + # by default. Workflows won't trigger in that case because actions + # performed with GITHUB_TOKEN don't trigger other workflows. + token: ${{ secrets.DOCUBOT_REPO_PAT }} - name: Check out base ref run: git fetch --no-tags --depth=1 origin $GITHUB_BASE_REF diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index de1034d14f..7b4669893d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -135,11 +135,6 @@ jobs: - name: Run build script run: npm run build - - name: Warm possible disk caching - env: - NODE_ENV: test - run: ./script/warm-before-tests.mjs - - name: Run tests env: DIFF_FILE: get_diff_files.txt diff --git a/.github/workflows/triage-unallowed-internal-changes.yml b/.github/workflows/triage-unallowed-internal-changes.yml index 8a2a2171cb..00299d1ca8 100644 --- a/.github/workflows/triage-unallowed-internal-changes.yml +++ b/.github/workflows/triage-unallowed-internal-changes.yml @@ -39,7 +39,7 @@ jobs: id: filter with: # Base branch used to get changed files - base: ${{ github.event.pull_request.base.ref }} + base: ${{ github.event.pull_request.base.ref || github.base_ref || github.ref }} # Enables setting an output in the format in `${FILTER_NAME}_files # with the names of the matching files formatted as JSON array diff --git a/Dockerfile b/Dockerfile index 082e40cf85..2fef6655a0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -89,6 +89,7 @@ COPY --chown=node:node feature-flags.json ./ COPY --chown=node:node data ./data COPY --chown=node:node next.config.js ./ COPY --chown=node:node server.mjs ./server.mjs +COPY --chown=node:node start-server.mjs ./start-server.mjs EXPOSE $PORT diff --git a/LICENSE-CODE b/LICENSE-CODE index b50625eb63..c9802266ce 100644 --- a/LICENSE-CODE +++ b/LICENSE-CODE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2020 GitHub +Copyright 2022 GitHub Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/assets/images/azure/github-ae-azure-portal-search.png b/assets/images/azure/github-ae-azure-portal-search.png deleted file mode 100644 index cedd769d07..0000000000 Binary files a/assets/images/azure/github-ae-azure-portal-search.png and /dev/null differ diff --git a/assets/images/enterprise/3.4/repository/code-scanning-alert-tracked-in-pill.png b/assets/images/enterprise/3.4/repository/code-scanning-alert-tracked-in-pill.png new file mode 100644 index 0000000000..c5908794f2 Binary files /dev/null and b/assets/images/enterprise/3.4/repository/code-scanning-alert-tracked-in-pill.png differ diff --git a/assets/images/enterprise/3.4/repository/code-scanning-alert.png b/assets/images/enterprise/3.4/repository/code-scanning-alert.png new file mode 100644 index 0000000000..28a2c2fd55 Binary files /dev/null and b/assets/images/enterprise/3.4/repository/code-scanning-alert.png differ diff --git a/assets/images/enterprise/3.4/repository/code-scanning-create-issue-for-alert.png b/assets/images/enterprise/3.4/repository/code-scanning-create-issue-for-alert.png new file mode 100644 index 0000000000..8221e34a5c Binary files /dev/null and b/assets/images/enterprise/3.4/repository/code-scanning-create-issue-for-alert.png differ diff --git a/assets/images/enterprise/3.4/repository/code-scanning-free-text-search-areas.png b/assets/images/enterprise/3.4/repository/code-scanning-free-text-search-areas.png new file mode 100644 index 0000000000..756f2c5b17 Binary files /dev/null and b/assets/images/enterprise/3.4/repository/code-scanning-free-text-search-areas.png differ diff --git a/assets/images/enterprise/3.4/repository/code-scanning-pr-alert.png b/assets/images/enterprise/3.4/repository/code-scanning-pr-alert.png new file mode 100644 index 0000000000..39307058cd Binary files /dev/null and b/assets/images/enterprise/3.4/repository/code-scanning-pr-alert.png differ diff --git a/assets/images/enterprise/3.4/repository/code-scanning-show-paths.png b/assets/images/enterprise/3.4/repository/code-scanning-show-paths.png new file mode 100644 index 0000000000..ebfcac79ed Binary files /dev/null and b/assets/images/enterprise/3.4/repository/code-scanning-show-paths.png differ diff --git a/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-disabled.png b/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-disabled.png new file mode 100644 index 0000000000..1d5a3ec89a Binary files /dev/null and b/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-disabled.png differ diff --git a/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-enabled.png b/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-enabled.png new file mode 100644 index 0000000000..e0e5dcc693 Binary files /dev/null and b/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-enabled.png differ diff --git a/assets/images/help/profile/organization-profile-following.png b/assets/images/help/profile/organization-profile-following.png new file mode 100644 index 0000000000..b7675091af Binary files /dev/null and b/assets/images/help/profile/organization-profile-following.png differ diff --git a/assets/images/help/profile/organization-profile-unfollowing.png b/assets/images/help/profile/organization-profile-unfollowing.png new file mode 100644 index 0000000000..6e87c66043 Binary files /dev/null and b/assets/images/help/profile/organization-profile-unfollowing.png differ diff --git a/assets/images/help/repository/code-scanning-affected-branches.png b/assets/images/help/repository/code-scanning-affected-branches.png new file mode 100644 index 0000000000..73b0bf209b Binary files /dev/null and b/assets/images/help/repository/code-scanning-affected-branches.png differ diff --git a/assets/images/help/repository/code-scanning-alert-tracked-in-pill.png b/assets/images/help/repository/code-scanning-alert-tracked-in-pill.png index c5908794f2..a0096d4b35 100644 Binary files a/assets/images/help/repository/code-scanning-alert-tracked-in-pill.png and b/assets/images/help/repository/code-scanning-alert-tracked-in-pill.png differ diff --git a/assets/images/help/repository/code-scanning-alert.png b/assets/images/help/repository/code-scanning-alert.png index 28a2c2fd55..a1cedb5369 100644 Binary files a/assets/images/help/repository/code-scanning-alert.png and b/assets/images/help/repository/code-scanning-alert.png differ diff --git a/assets/images/help/repository/code-scanning-create-issue-for-alert.png b/assets/images/help/repository/code-scanning-create-issue-for-alert.png index 8221e34a5c..277df5df89 100644 Binary files a/assets/images/help/repository/code-scanning-create-issue-for-alert.png and b/assets/images/help/repository/code-scanning-create-issue-for-alert.png differ diff --git a/assets/images/help/repository/code-scanning-free-text-search-areas.png b/assets/images/help/repository/code-scanning-free-text-search-areas.png index 756f2c5b17..20af94eaef 100644 Binary files a/assets/images/help/repository/code-scanning-free-text-search-areas.png and b/assets/images/help/repository/code-scanning-free-text-search-areas.png differ diff --git a/assets/images/help/repository/code-scanning-pr-alert.png b/assets/images/help/repository/code-scanning-pr-alert.png index 39307058cd..6c2e2edad0 100644 Binary files a/assets/images/help/repository/code-scanning-pr-alert.png and b/assets/images/help/repository/code-scanning-pr-alert.png differ diff --git a/assets/images/help/repository/code-scanning-show-paths.png b/assets/images/help/repository/code-scanning-show-paths.png index ebfcac79ed..20c908effc 100644 Binary files a/assets/images/help/repository/code-scanning-show-paths.png and b/assets/images/help/repository/code-scanning-show-paths.png differ diff --git a/assets/images/help/repository/mermaid-file-diagram.png b/assets/images/help/repository/mermaid-file-diagram.png new file mode 100644 index 0000000000..57d8bb7b25 Binary files /dev/null and b/assets/images/help/repository/mermaid-file-diagram.png differ diff --git a/assets/images/help/repository/previous-run-attempts.png b/assets/images/help/repository/previous-run-attempts.png new file mode 100644 index 0000000000..cf33de5c28 Binary files /dev/null and b/assets/images/help/repository/previous-run-attempts.png differ diff --git a/assets/images/help/repository/re-run-selected-job.png b/assets/images/help/repository/re-run-selected-job.png new file mode 100644 index 0000000000..4c57b7871d Binary files /dev/null and b/assets/images/help/repository/re-run-selected-job.png differ diff --git a/assets/images/help/repository/re-run-single-job-from-log.png b/assets/images/help/repository/re-run-single-job-from-log.png new file mode 100644 index 0000000000..26fbf9765a Binary files /dev/null and b/assets/images/help/repository/re-run-single-job-from-log.png differ diff --git a/assets/images/help/repository/rerun-failed-jobs-drop-down.png b/assets/images/help/repository/rerun-failed-jobs-drop-down.png new file mode 100644 index 0000000000..5e74115503 Binary files /dev/null and b/assets/images/help/repository/rerun-failed-jobs-drop-down.png differ diff --git a/assets/images/help/saml/management-console-enable-encrypted-assertions.png b/assets/images/help/saml/management-console-enable-encrypted-assertions.png index ff34240e05..e5490ab201 100644 Binary files a/assets/images/help/saml/management-console-enable-encrypted-assertions.png and b/assets/images/help/saml/management-console-enable-encrypted-assertions.png differ diff --git a/assets/images/help/saml/management-console-encrypted-assertions-download-certificate.png b/assets/images/help/saml/management-console-encrypted-assertions-download-certificate.png new file mode 100644 index 0000000000..3416a3a48d Binary files /dev/null and b/assets/images/help/saml/management-console-encrypted-assertions-download-certificate.png differ diff --git a/assets/images/help/saml/management-console-encrypted-assertions-encryption-method.png b/assets/images/help/saml/management-console-encrypted-assertions-encryption-method.png index 61ceaa94f0..453f3ace93 100644 Binary files a/assets/images/help/saml/management-console-encrypted-assertions-encryption-method.png and b/assets/images/help/saml/management-console-encrypted-assertions-encryption-method.png differ diff --git a/assets/images/help/saml/management-console-encrypted-assertions-key-transport-method.png b/assets/images/help/saml/management-console-encrypted-assertions-key-transport-method.png index dac6dd0f83..3568032907 100644 Binary files a/assets/images/help/saml/management-console-encrypted-assertions-key-transport-method.png and b/assets/images/help/saml/management-console-encrypted-assertions-key-transport-method.png differ diff --git a/assets/images/help/writing/fenced-geojson-rendered-map.png b/assets/images/help/writing/fenced-geojson-rendered-map.png new file mode 100644 index 0000000000..84a40eeec1 Binary files /dev/null and b/assets/images/help/writing/fenced-geojson-rendered-map.png differ diff --git a/assets/images/help/writing/fenced-stl-rendered-object.png b/assets/images/help/writing/fenced-stl-rendered-object.png new file mode 100644 index 0000000000..465561c8a4 Binary files /dev/null and b/assets/images/help/writing/fenced-stl-rendered-object.png differ diff --git a/assets/images/help/writing/fenced-topojson-rendered-map.png b/assets/images/help/writing/fenced-topojson-rendered-map.png new file mode 100644 index 0000000000..7cc1bafcce Binary files /dev/null and b/assets/images/help/writing/fenced-topojson-rendered-map.png differ diff --git a/assets/images/oauth-apps/enable-device-flow.png b/assets/images/oauth-apps/enable-device-flow.png new file mode 100644 index 0000000000..46a1dfe10b Binary files /dev/null and b/assets/images/oauth-apps/enable-device-flow.png differ diff --git a/components/article/ClientSideHighlightJS.tsx b/components/article/ClientSideHighlightJS.tsx index 47ec0efe5e..c14ec0fec3 100644 --- a/components/article/ClientSideHighlightJS.tsx +++ b/components/article/ClientSideHighlightJS.tsx @@ -66,6 +66,10 @@ export default function ClientSideHighlightJS() { intersectionObserver.observe(element) } } + + return () => { + intersectionObserver.disconnect() + } }, [asPath]) return null diff --git a/components/article/ToolPicker.tsx b/components/article/ToolPicker.tsx index 2f05ef820d..b28b6adfe4 100644 --- a/components/article/ToolPicker.tsx +++ b/components/article/ToolPicker.tsx @@ -20,6 +20,8 @@ const supportedTools = [ 'vscode', 'importer_cli', 'graphql', + 'powershell', + 'bash', ] const toolTitles = { webui: 'Web browser', @@ -30,6 +32,8 @@ const toolTitles = { vscode: 'Visual Studio Code', importer_cli: 'GitHub Enterprise Importer CLI', graphql: 'GraphQL API', + powershell: 'PowerShell', + bash: 'Bash', } as Record // Imperatively modify article content to show only the selected tool diff --git a/components/page-header/RestBanner.tsx b/components/page-header/RestBanner.tsx index 96d2fac76b..89f916f047 100644 --- a/components/page-header/RestBanner.tsx +++ b/components/page-header/RestBanner.tsx @@ -7,6 +7,7 @@ const restRepoDisplayPages = [ 'branches', 'collaborators', 'commits', + 'deploy_keys', 'deployments', 'pages', 'releases', @@ -19,6 +20,7 @@ const restRepoCategoryExceptionsTitles = { branches: 'Branches', collaborators: 'Collaborators', commits: 'Commits', + deploy_keys: 'Deploy Keys', deployments: 'Deployments', pages: 'GitHub Pages', releases: 'Releases', diff --git a/components/rest/CodeBlock.module.scss b/components/rest/CodeBlock.module.scss index 2b05520880..2027f5c9d7 100644 --- a/components/rest/CodeBlock.module.scss +++ b/components/rest/CodeBlock.module.scss @@ -1,8 +1,4 @@ .codeBlock { - pre { - margin-bottom: 0; - border: 1px solid var(--color-border-default); - max-height: 32rem; - overflow: auto; - } + max-height: 32rem; + overflow: auto; } diff --git a/components/rest/CodeBlock.tsx b/components/rest/CodeBlock.tsx index a1081fbe48..40c9ce137b 100644 --- a/components/rest/CodeBlock.tsx +++ b/components/rest/CodeBlock.tsx @@ -20,7 +20,7 @@ export function CodeBlock({ verb, headingLang, codeBlock, highlight }: Props) { }) return ( -
+
{headingLang && (
{headingLang === 'JavaScript' ? ( @@ -41,13 +41,7 @@ export function CodeBlock({ verb, headingLang, codeBlock, highlight }: Props) {
)} - 
+      
         
           {verb && (
             
diff --git a/components/rest/RestOperation.tsx b/components/rest/RestOperation.tsx
index aff86eda2f..f3d95cfc2c 100644
--- a/components/rest/RestOperation.tsx
+++ b/components/rest/RestOperation.tsx
@@ -48,6 +48,7 @@ export function RestOperation({ operation }: Props) {
       {previews && (
         
       )}
+
) } diff --git a/components/rest/RestReferencePage.tsx b/components/rest/RestReferencePage.tsx index 88be120bef..37a810c8e3 100644 --- a/components/rest/RestReferencePage.tsx +++ b/components/rest/RestReferencePage.tsx @@ -68,7 +68,8 @@ export const RestReferencePage = ({ if ( hash && (pathname.endsWith('/rest/reference/repos') || - pathname.endsWith('/rest/reference/enterprise-admin')) + pathname.endsWith('/rest/reference/enterprise-admin') || + pathname.endsWith('/rest/reference/deployments')) ) { setLoadClientsideRedirectExceptions(true) } @@ -160,9 +161,6 @@ export const RestReferencePage = ({ {page.introPlainText} )} -
-
-
@@ -185,6 +183,9 @@ export const RestReferencePage = ({ )}
+
+
+
{subcategories.map((subcategory, index) => (
diff --git a/components/rest/RestResponse.tsx b/components/rest/RestResponse.tsx index 68d98876ce..ea89589579 100644 --- a/components/rest/RestResponse.tsx +++ b/components/rest/RestResponse.tsx @@ -1,14 +1,44 @@ import { CodeResponse } from './types' import { CodeBlock } from './CodeBlock' +import { useTranslation } from 'components/hooks/useTranslation' +import { RestResponseTable } from './RestResponseTable' type Props = { responses: Array + variant?: 'non-error' | 'error' } -export function RestResponse({ responses }: Props) { +export function RestResponse(props: Props) { + const { responses, variant = 'non-error' } = props + const { t } = useTranslation('products') + + if (!responses || responses.length === 0) { + return null + } + + const filteredResponses = responses.filter((response) => { + const responseCode = parseInt(response.httpStatusCode) + + if (variant === 'error') { + return responseCode >= 400 + } else { + return responseCode < 400 + } + }) + + if (filteredResponses.length === 0) { + return null + } + + if (variant === 'error') { + return ( + + ) + } + return ( <> - {responses.map((response: CodeResponse, index: number) => { + {filteredResponses.map((response, index) => { return (

diff --git a/components/rest/RestResponseTable.module.scss b/components/rest/RestResponseTable.module.scss new file mode 100644 index 0000000000..cf933c580c --- /dev/null +++ b/components/rest/RestResponseTable.module.scss @@ -0,0 +1,48 @@ +.restResponseTable { + table-layout: fixed !important; + + thead { + tr { + border-top: none; + + th { + border: 0; + font-weight: normal; + } + + th:first-child { + width: 25%; + } + + th:nth-child(2) { + width: 75%; + } + } + } + + tr:nth-child(2n) { + background: none !important; + } + + td { + padding: 0.75rem 0.5rem !important; + border: 0 !important; + vertical-align: top; + width: 100%; + } + + tbody { + tr td:first-child { + width: 30%; + font-weight: bold; + } + + tr td:nth-child(2) { + width: 70%; + } + + table tr td:not(:first-child) { + font-weight: normal; + } + } +} diff --git a/components/rest/RestResponseTable.tsx b/components/rest/RestResponseTable.tsx new file mode 100644 index 0000000000..f6a2f4e500 --- /dev/null +++ b/components/rest/RestResponseTable.tsx @@ -0,0 +1,45 @@ +import cx from 'classnames' +import { CodeResponse } from './types' +import { useTranslation } from 'components/hooks/useTranslation' +import styles from './RestResponseTable.module.scss' + +type Props = { + heading: string + responses: Array +} + +export function RestResponseTable({ heading, responses }: Props) { + const { t } = useTranslation('products') + + return ( + <> +

{heading}

+ + + + + + + + + {responses.map((response, index) => { + return ( + + + + + ) + })} + +
{t('rest.reference.http_status_code')}{t('rest.reference.description')}
+ {response.httpStatusCode} + + {response.description ? ( +
+ ) : ( + response.httpStatusMessage + )} +
+ + ) +} diff --git a/components/ui/ScrollButton/ScrollButton.tsx b/components/ui/ScrollButton/ScrollButton.tsx index c28b7379dd..b47ebe48a7 100644 --- a/components/ui/ScrollButton/ScrollButton.tsx +++ b/components/ui/ScrollButton/ScrollButton.tsx @@ -24,8 +24,10 @@ export const ScrollButton = ({ className, ariaLabel }: ScrollButtonPropsT) => { }, { threshold: [0] } ) - observer.observe(document.getElementsByTagName('h1')[0]) + return () => { + observer.disconnect() + } }, []) const onClick = () => { diff --git a/content/README.md b/content/README.md index 1f37f95462..de6ce8ba17 100644 --- a/content/README.md +++ b/content/README.md @@ -228,7 +228,7 @@ defaultPlatform: linux ### `defaultTool` - Purpose: Override the initial tool selection for a page, where tool refers to the application the reader is using to work with GitHub (such as GitHub.com's web UI, the GitHub CLI, or GitHub Desktop) or the GitHub APIs (such as cURL or the GitHub CLI). For more information about the tool selector, see [Markup reference for GitHub Docs](../contributing/content-markup-reference.md#tool-tags). If this frontmatter is omitted, then the tool-specific content matching the GitHub web UI is shown by default. If a user has indicated a tool preference (by clicking on a tool tab), then the user's preference will be applied instead of the default value. -- Type: `String`, one of: `webui`, `cli`, `desktop`, `curl`, `codespaces`, `vscode`, `importer_cli`, `graphql`. +- Type: `String`, one of: `webui`, `cli`, `desktop`, `curl`, `codespaces`, `vscode`, `importer_cli`, `graphql`, `powershell`, `bash`. - Optional. ```yaml diff --git a/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md b/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md index 286b7b089f..066ef4eb97 100644 --- a/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md +++ b/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md @@ -134,7 +134,7 @@ Email notifications from {% data variables.product.product_location %} contain t | `To` field | This field connects directly to the thread.{% ifversion not ghae %} If you reply to the email, you'll add a new comment to the conversation.{% endif %} | | `Cc` address | {% data variables.product.product_name %} will `Cc` you if you're subscribed to a conversation. The second `Cc` email address matches the notification reason. The suffix for these notification reasons is {% data variables.notifications.cc_address %}. The possible notification reasons are:
  • `assign`: You were assigned to an issue or pull request.
  • `author`: You created an issue or pull request.
  • `ci_activity`: A {% data variables.product.prodname_actions %} workflow run that you triggered was completed.
  • `comment`: You commented on an issue or pull request.
  • `manual`: There was an update to an issue or pull request you manually subscribed to.
  • `mention`: You were mentioned on an issue or pull request.
  • `push`: Someone committed to a pull request you're subscribed to.
  • `review_requested`: You or a team you're a member of was requested to review a pull request.
    • {% ifversion fpt or ghes or ghae-issue-4864 or ghec %}
  • `security_alert`: {% data variables.product.prodname_dotcom %} detected a vulnerability in a repository you receive alerts for.
    • {% endif %}
  • `state_change`: An issue or pull request you're subscribed to was either closed or opened.
  • `subscribed`: There was an update in a repository you're watching.
  • `team_mention`: A team you belong to was mentioned on an issue or pull request.
  • `your_activity`: You opened, commented on, or closed an issue or pull request.
| | `mailing list` field | This field identifies the name of the repository and its owner. The format of this address is always `..{% data variables.command_line.backticks %}`. |{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} -| `X-GitHub-Severity` field | {% data reusables.repositories.security-alerts-x-github-severity %} The possible severity levels are:
  • `low`
  • `moderate`
  • `high`
  • `critical`
For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." |{% endif %} +| `X-GitHub-Severity` field | {% data reusables.repositories.security-alerts-x-github-severity %} The possible severity levels are:
  • `low`
  • `moderate`
  • `high`
  • `critical`
For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." |{% endif %} ## Choosing your notification settings diff --git a/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md b/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md index 0b8710d460..321b39c1ca 100644 --- a/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md +++ b/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md @@ -173,7 +173,7 @@ If you use {% data variables.product.prodname_dependabot %} to keep your depende - `reason:security_alert` to show notifications for {% data variables.product.prodname_dependabot_alerts %} and security update pull requests. - `author:app/dependabot` to show notifications generated by {% data variables.product.prodname_dependabot %}. This includes {% data variables.product.prodname_dependabot_alerts %}, security update pull requests, and version update pull requests. -For more information about {% data variables.product.prodname_dependabot %}, see "[About managing vulnerable dependencies](/github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies)." +For more information about {% data variables.product.prodname_dependabot %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." {% endif %} {% ifversion ghes < 3.3 or ghae-issue-4864 %} @@ -182,7 +182,7 @@ If you use {% data variables.product.prodname_dependabot %} to tell you about vu - `is:repository_vulnerability_alert` - `reason:security_alert` -For more information about {% data variables.product.prodname_dependabot %}, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +For more information about {% data variables.product.prodname_dependabot %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." {% endif %} {% endif %} diff --git a/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/about-your-personal-dashboard.md b/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/about-your-personal-dashboard.md index 8ed0bcd91e..3a8b6f2226 100644 --- a/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/about-your-personal-dashboard.md +++ b/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/about-your-personal-dashboard.md @@ -40,9 +40,23 @@ You can also find a list of your recently visited repositories, teams, and proje ## Staying updated with activity from the community -In the "All activity" section of your news feed, you can view updates from repositories you're subscribed to and people you follow. The "All activity" section shows updates from repositories you watch or have starred, and from users you follow. +{% if for-you-feed %} +The main section of your dashboard has two activity feeds: + +- Following: Activity by people you follow and from repositories you watch. +- For you: Activity and recommendations based on your {% data variables.product.product_name %} network. + +### Following feed + +This feed shows activity from repositories and users you have shown a direct interest in, by following a user or watching a repository. For example, you'll see updates when a user you follow: + +{% else %} +In the "All activity" section of your news feed, you can view updates from repositories you watch and users you follow. You'll see updates in your news feed when a user you follow: +{% endif %} + + - Stars a repository. - Follows another user.{% ifversion fpt or ghes or ghec %} - Creates a public repository.{% endif %} @@ -51,7 +65,26 @@ You'll see updates in your news feed when a user you follow: - Forks a public repository.{% endif %} - Publishes a new release. -For more information about starring repositories and following people, see "[Saving repositories with stars](/articles/saving-repositories-with-stars/)" and "[Following people](/articles/following-people)." +For more information about starring repositories and following people, see "[Following people](/articles/following-people)" and "[Be social](/get-started/quickstart/be-social)." + +{% if for-you-feed %} +### For you feed + +{% note %} + +**Note:** This new tab is currently in public beta and subject to change. + +{% endnote %} + +This feed shows activity and recommendations based on your network on {% data variables.product.product_name %}. It's designed to provide updates that inspire you, keep you up-to-date, and help you find new communities you want to participate in. Your network includes: + +- Repositories you have starred +- Repositories you've contributed to +- Users you follow or sponsor +- Users you've collaborated with +- Organizations you follow + +{% endif %} ## Exploring recommended repositories diff --git a/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md b/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md index ec1dab67f4..eda7a7fcba 100644 --- a/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md +++ b/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md @@ -49,5 +49,5 @@ For an overview of repository-level security, see "[Securing your repository](/c ## Further reading - "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" -- "[Managing vulnerabilities in your project's dependencies](/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies)" +- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" - "[Keeping your dependencies updated automatically](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically)" diff --git a/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md b/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md index fadc98773a..e9b90a2b10 100644 --- a/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md +++ b/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md @@ -45,7 +45,7 @@ The repository owner has full control of the repository. In addition to the acti | Customize the repository's social media preview | "[Customizing your repository's social media preview](/github/administering-a-repository/customizing-your-repositorys-social-media-preview)" | | Create a template from the repository | "[Creating a template repository](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)" |{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} | Control access to {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies | "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)" |{% endif %}{% ifversion fpt or ghec %} -| Dismiss {% data variables.product.prodname_dependabot_alerts %} in the repository | "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" | +| Dismiss {% data variables.product.prodname_dependabot_alerts %} in the repository | "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" | | Manage data use for a private repository | "[Managing data use settings for your private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)"|{% endif %} | Define code owners for the repository | "[About code owners](/github/creating-cloning-and-archiving-repositories/about-code-owners)" | | Archive the repository | "[Archiving repositories](/repositories/archiving-a-github-repository/archiving-repositories)" |{% ifversion fpt or ghec %} diff --git a/content/actions/hosting-your-own-runners/about-self-hosted-runners.md b/content/actions/hosting-your-own-runners/about-self-hosted-runners.md index f2904902c9..472e15ed55 100644 --- a/content/actions/hosting-your-own-runners/about-self-hosted-runners.md +++ b/content/actions/hosting-your-own-runners/about-self-hosted-runners.md @@ -133,16 +133,30 @@ Some extra configuration might be required to use actions from {% data variables ## Communication between self-hosted runners and {% data variables.product.product_name %} -The self-hosted runner polls {% data variables.product.product_name %} to retrieve application updates and to check if any jobs are queued for processing. The self-hosted runner uses a HTTPS _long poll_ that opens a connection to {% data variables.product.product_name %} for 50 seconds, and if no response is received, it then times out and creates a new long poll. The application must be running on the machine to accept and run {% data variables.product.prodname_actions %} jobs. +The self-hosted runner connects to {% data variables.product.product_name %} to receive job assignments and to download new versions of the runner application. The self-hosted runner uses an {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} _long poll_ that opens a connection to {% data variables.product.product_name %} for 50 seconds, and if no response is received, it then times out and creates a new long poll. The application must be running on the machine to accept and run {% data variables.product.prodname_actions %} jobs. {% data reusables.actions.self-hosted-runner-ports-protocols %} -{% data reusables.actions.self-hosted-runner-communications-for-ghae %} +{% ifversion fpt or ghec %} +Since the self-hosted runner opens a connection to {% data variables.product.product_location %}, you do not need to allow {% data variables.product.prodname_dotcom %} to make inbound connections to your self-hosted runner. +{% elsif ghes or ghae %} +Only an outbound connection from the runner to {% data variables.product.product_location %} is required. There is no need for an inbound connection from {% data variables.product.product_location %} to the runner. +{%- endif %} + +{% ifversion ghes %} + +{% data variables.product.product_name %} must accept inbound connections from your runners over {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} at {% data variables.product.product_location %}'s hostname and API subdomain, and your runners must allow outbound connections over {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} to {% data variables.product.product_location %}'s hostname and API subdomain. + +{% elsif ghae %} + +You must ensure that the self-hosted runner has appropriate network access to communicate with your {% data variables.product.product_name %} URL and its subdomains. For example, if your subdomain for {% data variables.product.product_name %} is `octoghae`, then you will need to allow the self-hosted runner to access `octoghae.githubenterprise.com`, `api.octoghae.githubenterprise.com`, and `codeload.octoghae.githubenterprise.com`. + +If you use an IP address allow list, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)." + +{% endif %} {% ifversion fpt or ghec %} -Since the self-hosted runner opens a connection to {% data variables.product.prodname_dotcom %}, you do not need to allow {% data variables.product.prodname_dotcom %} to make inbound connections to your self-hosted runner. - You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} hosts listed below. Some hosts are required for essential runner operations, while other hosts are only required for certain functionality. {% note %} @@ -191,27 +205,25 @@ If you use an IP address allow list for your {% data variables.product.prodname_ {% else %} -You must ensure that the machine has the appropriate network access to communicate with {% data variables.product.product_location %}.{% ifversion ghes %} Self-hosted runners connect directly to {% data variables.product.product_location %} and do not require any external internet access in order to function. As a result, you can use network routing to direct communication between the self-hosted runner and {% data variables.product.product_location %}. For example, you can assign a private IP address to your self-hosted runner and configure routing to send traffic to {% data variables.product.product_location %}, with no need for traffic to traverse a public network.{% endif %} +{% ifversion ghes %}Self-hosted runners do not require any external internet access in order to function. As a result, you can use network routing to direct communication between the self-hosted runner and {% data variables.product.product_location %}. For example, you can assign a private IP address to your self-hosted runner and configure routing to send traffic to {% data variables.product.product_location %}, with no need for traffic to traverse a public network.{% endif %} {% endif %} +{% ifversion ghae %} +If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)." +{% endif %} + You can also use self-hosted runners with a proxy server. For more information, see "[Using a proxy server with self-hosted runners](/actions/automating-your-workflow-with-github-actions/using-a-proxy-server-with-self-hosted-runners)." For more information about troubleshooting common network connectivity issues, see "[Monitoring and troubleshooting self-hosted runners](/actions/hosting-your-own-runners/monitoring-and-troubleshooting-self-hosted-runners#troubleshooting-network-connectivity)." -{% ifversion ghes %} +{% ifversion ghes or ghae %} ## Communication between self-hosted runners and {% data variables.product.prodname_dotcom_the_website %} -Self-hosted runners do not need to connect to {% data variables.product.prodname_dotcom_the_website %} unless you have [enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect). +Self-hosted runners do not need to connect to {% data variables.product.prodname_dotcom_the_website %} unless you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions for {% data variables.product.product_location %}. For more information, see "[About using actions in your enterprise](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise)." -If you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}, then the self-hosted runner will connect directly to {% data variables.product.prodname_dotcom_the_website %} to download actions. You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} URLs listed below. - -{% note %} - -**Note:** Some of the domains listed below are configured using `CNAME` records. Some firewalls might require you to add rules recursively for all `CNAME` records. Note that the `CNAME` records might change in the future, and that only the domains listed below will remain constant. - -{% endnote %} +If you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions, then the self-hosted runner will connect directly to {% data variables.product.prodname_dotcom_the_website %} to download actions. You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} URLs listed below. ``` github.com @@ -219,6 +231,13 @@ api.github.com codeload.github.com ``` +{% note %} + +**Note:** Some of the domains listed above are configured using `CNAME` records. Some firewalls might require you to add rules recursively for all `CNAME` records. Note that the `CNAME` records might change in the future, and that only the domains listed above will remain constant. + +{% endnote %} + + {% endif %} ## Self-hosted runner security diff --git a/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md b/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md index a936ce68b3..cfc81438f0 100644 --- a/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md +++ b/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md @@ -14,7 +14,6 @@ shortTitle: Manage access to runners {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -{% data reusables.actions.restrict-runner-workflow-beta %} ## About self-hosted runner groups diff --git a/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md b/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md index 1c98738420..15900b51e5 100644 --- a/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md +++ b/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md @@ -1,6 +1,6 @@ --- title: Re-running workflows and jobs -intro: You can re-run a workflow run up to 30 days after its initial run. +intro: You can re-run a workflow run{% if re-run-jobs %}, all failed jobs in a workflow run, or specific jobs in a workflow run{% endif %} up to 30 days after its initial run. permissions: People with write permissions to a repository can re-run workflows in the repository. miniTocMaxHeadingLevel: 3 redirect_from: @@ -15,9 +15,11 @@ versions: {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -## Re-running all the jobs in a workflow +## About re-running workflows and jobs -Re-running a workflow uses the same `GITHUB_SHA` (commit SHA) and `GITHUB_REF` (Git ref) of the original event that triggered the workflow run. You can re-run a workflow for up to 30 days after the initial run. +Re-running a workflow{% if re-run-jobs %} or jobs in a workflow{% endif %} uses the same `GITHUB_SHA` (commit SHA) and `GITHUB_REF` (Git ref) of the original event that triggered the workflow run. You can re-run a workflow{% if re-run-jobs %} or jobs in a workflow{% endif %} for up to 30 days after the initial run. + +## Re-running all the jobs in a workflow {% webui %} @@ -26,7 +28,9 @@ Re-running a workflow uses the same `GITHUB_SHA` (commit SHA) and `GITHUB_REF` ( {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} {% ifversion fpt or ghes > 3.2 or ghae-issue-4721 or ghec %} -1. In the upper-right corner of the workflow, use the **Re-run jobs** drop-down menu, and select **Re-run all jobs** +1. In the upper-right corner of the workflow, use the **Re-run jobs** drop-down menu, and select **Re-run all jobs**. + + If no jobs failed, you will not see the **Re-run jobs** drop-down menu. Instead, click **Re-run all jobs**. ![Rerun checks drop-down menu](/assets/images/help/repository/rerun-checks-drop-down.png) {% endif %} {% ifversion ghes < 3.3 or ghae %} @@ -54,8 +58,64 @@ gh run watch {% endcli %} +{% if re-run-jobs %} +## Re-running failed jobs in a workflow + +If any jobs in a workflow run failed, you can re-run just the jobs that failed. When you re-run failed jobs in a workflow, a new workflow run will start for all failed jobs and their dependents. Any outputs for any successful jobs in the previous workflow run will be used for the re-run. Any artifacts that were created in the initial run will be available in the re-run. Any environment protection rules that passed in the previous run will automatically pass in the re-run. + +{% webui %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.actions-tab %} +{% data reusables.repositories.navigate-to-workflow %} +{% data reusables.repositories.view-run %} +1. In the upper-right corner of the workflow, use the **Re-run jobs** drop-down menu, and select **Re-run failed jobs**. + ![Re-run failed jobs drop-down menu](/assets/images/help/repository/rerun-failed-jobs-drop-down.png) + +{% endwebui %} + +{% cli %} + +To re-run failed jobs in a workflow run, use the `run rerun` subcommand with the `--failed` flag. Replace `run-id` with the ID of the run for which you want to re-run failed jobs. If you don't specify a `run-id`, {% data variables.product.prodname_cli %} returns an interactive menu for you to choose a recent failed run. + +```shell +gh run rerun run-id --failed +``` + +{% endcli %} + +## Re-running a specific job in a workflow + +When you re-run a specific job in a workflow, a new workflow run will start for the job and any dependents. Any outputs for any other jobs in the previous workflow run will be used for the re-run. Any artifacts that were created in the initial run will be available in the re-run. Any environment protection rules that passed in the previous run will automatically pass in the re-run. + +{% webui %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.actions-tab %} +{% data reusables.repositories.navigate-to-workflow %} +{% data reusables.repositories.view-run %} +1. Next to the job that you want to re-run, click {% octicon "sync" aria-label="The re-run icon" %}. + ![Re-run selected job](/assets/images/help/repository/re-run-selected-job.png) + + Alternatively, click on a job to view the log. In the log, click {% octicon "sync" aria-label="The re-run icon" %}. + ![Re-run selected job](/assets/images/help/repository/re-run-single-job-from-log.png) + +{% endwebui %} + +{% cli %} + +To re-run a specific job in a workflow run, use the `run rerun` subcommand with the `--job` flag. Replace `job-id` with the ID of the job that you want to re-run. + +```shell +gh run rerun --job job-id +``` + +{% endcli %} + +{% endif %} + {% ifversion fpt or ghes > 3.2 or ghae-issue-4721 or ghec %} -### Reviewing previous workflow runs +## Reviewing previous workflow runs You can view the results from your previous attempts at running a workflow. You can also view previous workflow runs using the API. For more information, see ["Get a workflow run"](/rest/reference/actions#get-a-workflow-run). @@ -63,8 +123,13 @@ You can view the results from your previous attempts at running a workflow. You {% data reusables.repositories.actions-tab %} {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} +{%- if re-run-jobs %} +1. Any previous run attempts are shown in the **Latest** drop-down menu. + ![Previous run attempts](/assets/images/help/repository/previous-run-attempts.png) +{%- else %} 1. Any previous run attempts are shown in the left pane. ![Rerun workflow](/assets/images/help/settings/actions-review-workflow-rerun.png) +{%- endif %} 1. Click an entry to view its results. {% endif %} diff --git a/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md b/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md index ee19cf7ffe..ae7c5898c8 100644 --- a/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md +++ b/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md @@ -63,6 +63,16 @@ You can download the log files from your workflow run. You can also download a w ![Download logs drop-down menu](/assets/images/help/repository/download-logs-drop-down-updated-2.png) + {% if re-run-jobs %} + + {% note %} + + **Note**: When you download the log archive for a workflow that was partially re-run, the archive only includes the jobs that were re-run. To get a complete set of logs for jobs that were run from a workflow, you must download the log archives for the previous run attempts that ran the other jobs. + + {% endnote %} + + {% endif %} + ## Deleting logs You can delete the log files from your workflow run. {% data reusables.repositories.permissions-statement-write %} diff --git a/content/actions/security-guides/automatic-token-authentication.md b/content/actions/security-guides/automatic-token-authentication.md index a6cdabb850..7399217ace 100644 --- a/content/actions/security-guides/automatic-token-authentication.md +++ b/content/actions/security-guides/automatic-token-authentication.md @@ -23,7 +23,7 @@ At the start of each workflow run, {% data variables.product.prodname_dotcom %} When you enable {% data variables.product.prodname_actions %}, {% data variables.product.prodname_dotcom %} installs a {% data variables.product.prodname_github_app %} on your repository. The `GITHUB_TOKEN` secret is a {% data variables.product.prodname_github_app %} installation access token. You can use the installation access token to authenticate on behalf of the {% data variables.product.prodname_github_app %} installed on your repository. The token's permissions are limited to the repository that contains your workflow. For more information, see "[Permissions for the `GITHUB_TOKEN`](#permissions-for-the-github_token)." -Before each job begins, {% data variables.product.prodname_dotcom %} fetches an installation access token for the job. The token expires when the job is finished. +Before each job begins, {% data variables.product.prodname_dotcom %} fetches an installation access token for the job. {% data reusables.actions.github-token-expiration %} The token is also available in the `github.token` context. For more information, see "[Contexts](/actions/learn-github-actions/contexts#github-context)." diff --git a/content/actions/security-guides/encrypted-secrets.md b/content/actions/security-guides/encrypted-secrets.md index e6a4f5b110..d202e8bfb0 100644 --- a/content/actions/security-guides/encrypted-secrets.md +++ b/content/actions/security-guides/encrypted-secrets.md @@ -227,6 +227,10 @@ steps: ``` {% endraw %} +Secrets cannot be directly referenced in `if:` conditionals. Instead, consider setting secrets as job-level environment variables, then referencing the environment variables to conditionally run steps in the job. For more information, see "[Context availability](/actions/learn-github-actions/contexts#context-availability)" and [`jobs..steps[*].if`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsif). + +If a secret has not been set, the return value of an expression referencing the secret (such as {% raw %}`${{ secrets.SuperSecret }}`{% endraw %} in the example) will be an empty string. + Avoid passing secrets between processes from the command line, whenever possible. Command-line processes may be visible to other users (using the `ps` command) or captured by [security audit events](https://docs.microsoft.com/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing). To help protect secrets, consider using environment variables, `STDIN`, or other mechanisms supported by the target process. If you must pass secrets within a command line, then enclose them within the proper quoting rules. Secrets often contain special characters that may unintentionally affect your shell. To escape these special characters, use quoting with your environment variables. For example: diff --git a/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md b/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md index 2490853d8a..3e09c7dbe0 100644 --- a/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md +++ b/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md @@ -234,3 +234,11 @@ For example, if a pull request contains a `feature` branch (the current scope) a ## Usage limits and eviction policy {% data variables.product.prodname_dotcom %} will remove any cache entries that have not been accessed in over 7 days. There is no limit on the number of caches you can store, but the total size of all caches in a repository is limited to 10 GB. If you exceed this limit, {% data variables.product.prodname_dotcom %} will save your cache but will begin evicting caches until the total size is less than 10 GB. + +{% if actions-cache-management %} + +## Managing caches + +You can use the {% data variables.product.product_name %} REST API to manage your caches. At present, you can use the API to see your cache usage, with more functionality expected in future updates. For more information, see the "[Actions](/rest/reference/actions#cache)" REST API documentation. + +{% endif %} diff --git a/content/actions/using-workflows/workflow-commands-for-github-actions.md b/content/actions/using-workflows/workflow-commands-for-github-actions.md index d9c7e21aa1..33f4bbdedd 100644 --- a/content/actions/using-workflows/workflow-commands-for-github-actions.md +++ b/content/actions/using-workflows/workflow-commands-for-github-actions.md @@ -2,6 +2,7 @@ title: Workflow commands for GitHub Actions shortTitle: Workflow commands intro: You can use workflow commands when running shell commands in a workflow or in an action's code. +defaultTool: bash redirect_from: - /articles/development-tools-for-github-actions - /github/automating-your-workflow-with-github-actions/development-tools-for-github-actions @@ -26,10 +27,24 @@ Actions can communicate with the runner machine to set environment variables, ou Most workflow commands use the `echo` command in a specific format, while others are invoked by writing to a file. For more information, see ["Environment files".](#environment-files) -``` bash +### Example + +{% bash %} + +```bash{:copy} echo "::workflow-command parameter1={data},parameter2={data}::{command value}" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::workflow-command parameter1={data},parameter2={data}::{command value}" +``` + +{% endpowershell %} + {% note %} **Note:** Workflow command and parameter names are not case-sensitive. @@ -46,14 +61,18 @@ echo "::workflow-command parameter1={data},parameter2={data}::{command value}" The [actions/toolkit](https://github.com/actions/toolkit) includes a number of functions that can be executed as workflow commands. Use the `::` syntax to run the workflow commands within your YAML file; these commands are then sent to the runner over `stdout`. For example, instead of using code to set an output, as below: -```javascript +```javascript{:copy} core.setOutput('SELECTED_COLOR', 'green'); ``` +### Example: Setting a value + You can use the `set-output` command in your workflow to set the same value: +{% bash %} + {% raw %} -``` yaml +```yaml{:copy} - name: Set selected color run: echo '::set-output name=SELECTED_COLOR::green' id: random-color-generator @@ -62,6 +81,22 @@ You can use the `set-output` command in your workflow to set the same value: ``` {% endraw %} +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} + - name: Set selected color + run: Write-Output "::set-output name=SELECTED_COLOR::green" + id: random-color-generator + - name: Get color + run: Write-Output "The selected color is ${{ steps.random-color-generator.outputs.SELECTED_COLOR }}" +``` +{% endraw %} + +{% endpowershell %} + The following table shows which toolkit functions are available within a workflow: | Toolkit function | Equivalent workflow command | @@ -85,186 +120,336 @@ The following table shows which toolkit functions are available within a workflo ## Setting an output parameter -``` +Sets an action's output parameter. + +```{:copy} ::set-output name={name}::{value} ``` -Sets an action's output parameter. - Optionally, you can also declare output parameters in an action's metadata file. For more information, see "[Metadata syntax for {% data variables.product.prodname_actions %}](/articles/metadata-syntax-for-github-actions#outputs-for-docker-container-and-javascript-actions)." -### Example +### Example: Setting an output parameter -``` bash +{% bash %} + +```bash{:copy} echo "::set-output name=action_fruit::strawberry" ``` -## Setting a debug message +{% endbash %} +{% powershell %} + +```pwsh{:copy} +Write-Output "::set-output name=action_fruit::strawberry" ``` -::debug::{message} -``` + +{% endpowershell %} + +## Setting a debug message Prints a debug message to the log. You must create a secret named `ACTIONS_STEP_DEBUG` with the value `true` to see the debug messages set by this command in the log. For more information, see "[Enabling debug logging](/actions/managing-workflow-runs/enabling-debug-logging)." -### Example +```{:copy} +::debug::{message} +``` -``` bash +### Example: Setting a debug message + +{% bash %} + +```bash{:copy} echo "::debug::Set the Octocat variable" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::debug::Set the Octocat variable" +``` + +{% endpowershell %} + {% ifversion fpt or ghes > 3.2 or ghae-issue-4929 or ghec %} ## Setting a notice message -``` +Creates a notice message and prints the message to the log. {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::notice file={name},line={line},endLine={endLine},title={title}::{message} ``` -Creates a notice message and prints the message to the log. {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### Example +### Example: Setting a notice message -``` bash +{% bash %} + +```bash{:copy} echo "::notice file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::notice file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} {% endif %} ## Setting a warning message -``` +Creates a warning message and prints the message to the log. {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::warning file={name},line={line},endLine={endLine},title={title}::{message} ``` -Creates a warning message and prints the message to the log. {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### Example +### Example: Setting a warning message -``` bash +{% bash %} + +```bash{:copy} echo "::warning file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::warning file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} ## Setting an error message -``` +Creates an error message and prints the message to the log. {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::error file={name},line={line},endLine={endLine},title={title}::{message} ``` -Creates an error message and prints the message to the log. {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### Example +### Example: Setting an error message -``` bash +{% bash %} + +```bash{:copy} echo "::error file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::error file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} ## Grouping log lines -``` +Creates an expandable group in the log. To create a group, use the `group` command and specify a `title`. Anything you print to the log between the `group` and `endgroup` commands is nested inside an expandable entry in the log. + +```{:copy} ::group::{title} ::endgroup:: ``` -Creates an expandable group in the log. To create a group, use the `group` command and specify a `title`. Anything you print to the log between the `group` and `endgroup` commands is nested inside an expandable entry in the log. +### Example: Grouping log lines -### Example +{% bash %} -```bash -echo "::group::My title" -echo "Inside group" -echo "::endgroup::" +```yaml{:copy} +jobs: + bash-example: + runs-on: ubuntu-latest + steps: + - name: Group of log lines + run: | + echo "::group::My title" + echo "Inside group" + echo "::endgroup::" ``` +{% endbash %} + +{% powershell %} + +```yaml{:copy} +jobs: + powershell-example: + runs-on: windows-latest + steps: + - name: Group of log lines + run: | + Write-Output "::group::My title" + Write-Output "Inside group" + Write-Output "::endgroup::" +``` + +{% endpowershell %} + ![Foldable group in workflow run log](/assets/images/actions-log-group.png) ## Masking a value in log -``` +```{:copy} ::add-mask::{value} ``` Masking a value prevents a string or variable from being printed in the log. Each masked word separated by whitespace is replaced with the `*` character. You can use an environment variable or string for the mask's `value`. -### Example masking a string +### Example: Masking a string When you print `"Mona The Octocat"` in the log, you'll see `"***"`. -```bash +{% bash %} + +```bash{:copy} echo "::add-mask::Mona The Octocat" ``` -### Example masking an environment variable +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::add-mask::Mona The Octocat" +``` + +{% endpowershell %} + +### Example: Masking an environment variable When you print the variable `MY_NAME` or the value `"Mona The Octocat"` in the log, you'll see `"***"` instead of `"Mona The Octocat"`. -```bash -MY_NAME="Mona The Octocat" -echo "::add-mask::$MY_NAME" +{% bash %} + +```yaml{:copy} +jobs: + bash-example: + runs-on: ubuntu-latest + env: + MY_NAME: "Mona The Octocat" + steps: + - name: bash-version + run: echo "::add-mask::$MY_NAME" ``` +{% endbash %} + +{% powershell %} + +```yaml{:copy} +jobs: + powershell-example: + runs-on: windows-latest + env: + MY_NAME: "Mona The Octocat" + steps: + - name: powershell-version + run: Write-Output "::add-mask::$env:MY_NAME" +``` + +{% endpowershell %} + ## Stopping and starting workflow commands -`::stop-commands::{endtoken}` - Stops processing any workflow commands. This special command allows you to log anything without accidentally running a workflow command. For example, you could stop logging to output an entire script that has comments. +```{:copy} +::stop-commands::{endtoken} +``` + To stop the processing of workflow commands, pass a unique token to `stop-commands`. To resume processing workflow commands, pass the same token that you used to stop workflow commands. {% warning %} -**Warning:** Make sure the token you're using is randomly generated and unique for each run. As demonstrated in the example below, you can generate a unique hash of your `github.token` for each run. +**Warning:** Make sure the token you're using is randomly generated and unique for each run. {% endwarning %} -``` +```{:copy} ::{endtoken}:: ``` -### Example stopping and starting workflow commands +### Example: Stopping and starting workflow commands + +{% bash %} {% raw %} -```yaml +```yaml{:copy} jobs: workflow-command-job: runs-on: ubuntu-latest steps: - - name: disable workflow commands + - name: Disable workflow commands run: | - echo '::warning:: this is a warning' - echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" - echo '::warning:: this will NOT be a warning' - echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" - echo '::warning:: this is a warning again' + echo '::warning:: This is a warning message, to demonstrate that commands are being processed.' + stopMarker=$(uuidgen) + echo "::stop-commands::$stopMarker" + echo '::warning:: This will NOT be rendered as a warning, because stop-commands has been invoked.' + echo "::$stopMarker::" + echo '::warning:: This is a warning again, because stop-commands has been turned off.' +``` +{% endraw %} + +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} +jobs: + workflow-command-job: + runs-on: windows-latest + steps: + - name: Disable workflow commands + run: | + Write-Output '::warning:: This is a warning message, to demonstrate that commands are being processed.' + $stopMarker = New-Guid + Write-Output "::stop-commands::$stopMarker" + Write-Output '::warning:: This will NOT be rendered as a warning, because stop-commands has been invoked.' + Write-Output "::$stopMarker::" + Write-Output '::warning:: This is a warning again, because stop-commands has been turned off.' ``` {% endraw %} +{% endpowershell %} + ## Echoing command outputs -``` +Enables or disables echoing of workflow commands. For example, if you use the `set-output` command in a workflow, it sets an output parameter but the workflow run's log does not show the command itself. If you enable command echoing, then the log shows the command, such as `::set-output name={name}::{value}`. + +```{:copy} ::echo::on ::echo::off ``` -Enables or disables echoing of workflow commands. For example, if you use the `set-output` command in a workflow, it sets an output parameter but the workflow run's log does not show the command itself. If you enable command echoing, then the log shows the command, such as `::set-output name={name}::{value}`. - Command echoing is disabled by default. However, a workflow command is echoed if there are any errors processing the command. The `add-mask`, `debug`, `warning`, and `error` commands do not support echoing because their outputs are already echoed to the log. You can also enable command echoing globally by turning on step debug logging using the `ACTIONS_STEP_DEBUG` secret. For more information, see "[Enabling debug logging](/actions/managing-workflow-runs/enabling-debug-logging)". In contrast, the `echo` workflow command lets you enable command echoing at a more granular level, rather than enabling it for every workflow in a repository. -### Example toggling command echoing +### Example: Toggling command echoing -```yaml +{% bash %} + +```yaml{:copy} jobs: workflow-command-job: runs-on: ubuntu-latest @@ -278,9 +463,29 @@ jobs: echo '::set-output name=action_echo::disabled' ``` -The step above prints the following lines to the log: +{% endbash %} +{% powershell %} + +```yaml{:copy} +jobs: + workflow-command-job: + runs-on: windows-latest + steps: + - name: toggle workflow command echoing + run: | + write-output "::set-output name=action_echo::disabled" + write-output "::echo::on" + write-output "::set-output name=action_echo::enabled" + write-output "::echo::off" + write-output "::set-output name=action_echo::disabled" ``` + +{% endpowershell %} + +The example above prints the following lines to the log: + +```{:copy} ::set-output name=action_echo::enabled ::echo::off ``` @@ -297,13 +502,13 @@ The `save-state` command can only be run within an action, and is not available This example uses JavaScript to run the `save-state` command. The resulting environment variable is named `STATE_processID` with the value of `12345`: -``` javascript +```javascript{:copy} console.log('::save-state name=processID::12345') ``` The `STATE_processID` variable is then exclusively available to the cleanup script running under the `main` action. This example runs in `main` and uses JavaScript to display the value assigned to the `STATE_processID` environment variable: -``` javascript +```javascript{:copy} console.log("The running PID from the main action is: " + process.env.STATE_processID); ``` @@ -311,37 +516,70 @@ console.log("The running PID from the main action is: " + process.env.STATE_pro During the execution of a workflow, the runner generates temporary files that can be used to perform certain actions. The path to these files are exposed via environment variables. You will need to use UTF-8 encoding when writing to these files to ensure proper processing of the commands. Multiple commands can be written to the same file, separated by newlines. -{% warning %} +{% powershell %} -**Warning:** On Windows, legacy PowerShell (`shell: powershell`) does not use UTF-8 by default. +{% note %} -When using `shell: powershell`, you must specify UTF-8 encoding. For example: +**Note:** PowerShell versions 5.1 and below (`shell: powershell`) do not use UTF-8 by default, so you must specify the UTF-8 encoding. For example: -```yaml +```yaml{:copy} jobs: legacy-powershell-example: - uses: windows-2019 + runs-on: windows-latest steps: - shell: powershell - run: echo "mypath" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append + run: | + "mypath" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append ``` -Alternatively, you can use PowerShell Core (`shell: pwsh`), which defaults to UTF-8. +PowerShell Core versions 6 and higher (`shell: pwsh`) use UTF-8 by default. For example: -{% endwarning %} +```yaml{:copy} +jobs: + powershell-core-example: + runs-on: windows-latest + steps: + - shell: pwsh + run: | + "mypath" >> $env:GITHUB_PATH +``` + +{% endnote %} + +{% endpowershell %} ## Setting an environment variable -``` bash +{% bash %} + +```bash{:copy} echo "{environment_variable_name}={value}" >> $GITHUB_ENV ``` +{% endbash %} + +{% powershell %} + +- Using PowerShell version 6 and higher: +```pwsh{:copy} +"{environment_variable_name}={value}" >> $env:GITHUB_ENV +``` + +- Using PowerShell version 5.1 and below: +```powershell{:copy} +"{environment_variable_name}={value}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append +``` + +{% endpowershell %} + You can make an environment variable available to any subsequent steps in a workflow job by defining or updating the environment variable and writing this to the `GITHUB_ENV` environment file. The step that creates or updates the environment variable does not have access to the new value, but all subsequent steps in a job will have access. The names of environment variables are case-sensitive, and you can include punctuation. For more information, see "[Environment variables](/actions/learn-github-actions/environment-variables)." ### Example +{% bash %} + {% raw %} -``` +```yaml{:copy} steps: - name: Set the value id: step_one @@ -354,11 +592,31 @@ steps: ``` {% endraw %} +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} +steps: + - name: Set the value + id: step_one + run: | + "action_state=yellow" >> $env:GITHUB_ENV + - name: Use the value + id: step_two + run: | + Write-Output "${{ env.action_state }}" # This will output 'yellow' +``` +{% endraw %} + +{% endpowershell %} + ### Multiline strings For multiline strings, you may use a delimiter with the following syntax. -``` +```{:copy} {name}<<{delimiter} {value} {delimiter} @@ -366,29 +624,75 @@ For multiline strings, you may use a delimiter with the following syntax. #### Example -In this example, we use `EOF` as a delimiter and set the `JSON_RESPONSE` environment variable to the value of the curl response. -```yaml +This example uses `EOF` as a delimiter, and sets the `JSON_RESPONSE` environment variable to the value of the `curl` response. + +{% bash %} + +```yaml{:copy} steps: - - name: Set the value + - name: Set the value in bash id: step_one run: | echo 'JSON_RESPONSE<> $GITHUB_ENV - curl https://httpbin.org/json >> $GITHUB_ENV + curl https://example.lab >> $GITHUB_ENV echo 'EOF' >> $GITHUB_ENV ``` -## Adding a system path +{% endbash %} -``` bash -echo "{path}" >> $GITHUB_PATH +{% powershell %} + +```yaml{:copy} +steps: + - name: Set the value in pwsh + id: step_one + run: | + "JSON_RESPONSE<> $env:GITHUB_ENV + (Invoke-WebRequest -Uri "https://example.lab").Content >> $env:GITHUB_ENV + "EOF" >> $env:GITHUB_ENV + shell: pwsh ``` +{% endpowershell %} + +## Adding a system path + Prepends a directory to the system `PATH` variable and automatically makes it available to all subsequent actions in the current job; the currently running action cannot access the updated path variable. To see the currently defined paths for your job, you can use `echo "$PATH"` in a step or an action. +{% bash %} + +```bash{:copy} +echo "{path}" >> $GITHUB_PATH +``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +"{path}" >> $env:GITHUB_PATH +``` + +{% endpowershell %} + ### Example This example demonstrates how to add the user `$HOME/.local/bin` directory to `PATH`: -``` bash +{% bash %} + +```bash{:copy} echo "$HOME/.local/bin" >> $GITHUB_PATH ``` + +{% endbash %} + + +This example demonstrates how to add the user `$env:HOMEPATH/.local/bin` directory to `PATH`: + +{% powershell %} + +```pwsh{:copy} +"$env:HOMEPATH/.local/bin" >> $env:GITHUB_PATH +``` + +{% endpowershell %} diff --git a/content/actions/using-workflows/workflow-syntax-for-github-actions.md b/content/actions/using-workflows/workflow-syntax-for-github-actions.md index 4623da349c..40e81f395f 100644 --- a/content/actions/using-workflows/workflow-syntax-for-github-actions.md +++ b/content/actions/using-workflows/workflow-syntax-for-github-actions.md @@ -342,6 +342,31 @@ steps: uses: actions/heroku@1.0.0 ``` +#### Example: Using secrets + +Secrets cannot be directly referenced in `if:` conditionals. Instead, consider setting secrets as job-level environment variables, then referencing the environment variables to conditionally run steps in the job. + +If a secret has not been set, the return value of an expression referencing the secret (such as {% raw %}`${{ secrets.SuperSecret }}`{% endraw %} in the example) will be an empty string. + +{% raw %} +```yaml +name: Run a step if a secret has been set +on: push +jobs: + my-jobname: + runs-on: ubuntu-latest + env: + super_secret: ${{ secrets.SuperSecret }} + steps: + - if: ${{ env.super_secret != '' }} + run: echo 'This step will only run if the secret has a value set.' + - if: ${{ env.super_secret == '' }} + run: echo 'This step will only run if the secret does not have a value set.' +``` +{% endraw %} + +For more information, see "[Context availability](/actions/learn-github-actions/contexts#context-availability)" and "[Encrypted secrets](/actions/security-guides/encrypted-secrets)." + ### `jobs..steps[*].name` A name for your step to display on {% data variables.product.prodname_dotcom %}. @@ -714,6 +739,12 @@ The maximum number of minutes to let a job run before {% data variables.product. If the timeout exceeds the job execution time limit for the runner, the job will be canceled when the execution time limit is met instead. For more information about job execution time limits, see {% ifversion fpt or ghec or ghes %}"[Usage limits and billing](/actions/reference/usage-limits-billing-and-administration#usage-limits)" for {% data variables.product.prodname_dotcom %}-hosted runners and {% endif %}"[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners/#usage-limits){% ifversion fpt or ghec or ghes %}" for self-hosted runner usage limits.{% elsif ghae %}."{% endif %} +{% note %} + +**Note:** {% data reusables.actions.github-token-expiration %} For self-hosted runners, the token may be the limiting factor if the job timeout is greater than 24 hours. For more information on the `GITHUB_TOKEN`, see "[About the `GITHUB_TOKEN` secret](/actions/security-guides/automatic-token-authentication#about-the-github_token-secret)." + +{% endnote %} + ## `jobs..strategy` {% data reusables.actions.jobs.section-using-a-build-matrix-for-your-jobs-strategy %} diff --git a/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md b/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md index ca6d8479e4..f8547c0cb5 100644 --- a/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md +++ b/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md @@ -290,7 +290,7 @@ GitHub helps you avoid using third-party software that contains known vulnerabil | Dependency Management Tool | Description | |----|----| -| Dependabot Alerts | You can track your repository's dependencies and receive Dependabot alerts when your enterprise detects vulnerable dependencies. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)." | +| Dependabot Alerts | You can track your repository's dependencies and receive Dependabot alerts when your enterprise detects vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)." | | Dependency Graph | The dependency graph is a summary of the manifest and lock files stored in a repository. It shows you the ecosystems and packages your codebase depends on (its dependencies) and the repositories and packages that depend on your project (its dependents). For more information, see "[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)." |{% ifversion ghes > 3.1 or ghec %} | Dependency Review | If a pull request contains changes to dependencies, you can view a summary of what has changed and whether there are known vulnerabilities in any of the dependencies. For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)" or "[Reviewing Dependency Changes in a Pull Request](/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)." | {% endif %} {% ifversion ghec or ghes > 3.2 %} | Dependabot Security Updates | Dependabot can fix vulnerable dependencies for you by raising pull requests with security updates. For more information, see "[About Dependabot security updates](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." | diff --git a/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md b/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md index 94693b6bef..b53ae48210 100644 --- a/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md +++ b/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md @@ -49,7 +49,7 @@ You can also choose to manually sync vulnerability data at any time. For more in When {% data variables.product.product_location %} receives information about a vulnerability, it identifies repositories in {% data variables.product.product_location %} that use the affected version of the dependency and generates {% data variables.product.prodname_dependabot_alerts %}. You can choose whether or not to notify users automatically about new {% data variables.product.prodname_dependabot_alerts %}. -For repositories with {% data variables.product.prodname_dependabot_alerts %} enabled, scanning is triggered on any push to the default branch that contains a manifest file or lock file. Additionally, when a new vulnerability record is added to {% data variables.product.product_location %}, {% data variables.product.product_name %} scans all existing repositories on {% data variables.product.product_location %} and generates alerts for any repository that is vulnerable. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +For repositories with {% data variables.product.prodname_dependabot_alerts %} enabled, scanning is triggered on any push to the default branch that contains a manifest file or lock file. Additionally, when a new vulnerability record is added to {% data variables.product.product_location %}, {% data variables.product.product_name %} scans all existing repositories on {% data variables.product.product_location %} and generates alerts for any repository that is vulnerable. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." {% ifversion ghes > 3.2 %} ### About {% data variables.product.prodname_dependabot_updates %} @@ -67,7 +67,7 @@ After you enable {% data variables.product.prodname_dependabot_alerts %}, you ca With {% data variables.product.prodname_dependabot_updates %}, {% data variables.product.company_short %} automatically creates pull requests to update dependencies in two ways. - **{% data variables.product.prodname_dependabot_version_updates %}**: Users add a {% data variables.product.prodname_dependabot %} configuration file to the repository to enable {% data variables.product.prodname_dependabot %} to create pull requests when a new version of a tracked dependency is released. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates)." -- **{% data variables.product.prodname_dependabot_security_updates %}**: Users toggle a repository setting to enable {% data variables.product.prodname_dependabot %} to create pull requests when {% data variables.product.prodname_dotcom %} detects a vulnerability in one of the dependencies of the dependency graph for the repository. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." +- **{% data variables.product.prodname_dependabot_security_updates %}**: Users toggle a repository setting to enable {% data variables.product.prodname_dependabot %} to create pull requests when {% data variables.product.prodname_dotcom %} detects a vulnerability in one of the dependencies of the dependency graph for the repository. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." {% endif %} ## Enabling {% data variables.product.prodname_dependabot_alerts %} diff --git a/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md b/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md index 2727ae6ddc..4c374cc4df 100644 --- a/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md +++ b/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md @@ -16,7 +16,11 @@ topics: --- If you configure a hostname instead of a hard-coded IP address, you will be able to change the physical hardware that {% data variables.product.product_location %} runs on without affecting users or client software. -The hostname setting in the {% data variables.enterprise.management_console %} should be set to an appropriate fully qualified domain name (FQDN) which is resolvable on the internet or within your internal network. For example, your hostname setting could be `github.companyname.com.` We also recommend enabling subdomain isolation for the chosen hostname to mitigate several cross-site scripting style vulnerabilities. For more information on hostname settings, see [Section 2.1 of the HTTP RFC](https://tools.ietf.org/html/rfc1123#section-2). +The hostname setting in the {% data variables.enterprise.management_console %} should be set to an appropriate fully qualified domain name (FQDN) which is resolvable on the internet or within your internal network. For example, your hostname setting could be `github.companyname.com.` Web and API requests will automatically redirect to the hostname configured in the {% data variables.enterprise.management_console %}. + +After you configure a hostname, you can enable subdomain isolation to further increase the security of {% data variables.product.product_location %}. For more information, see "[Enabling subdomain isolation](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)." + +For more information on the supported hostname types, see [Section 2.1 of the HTTP RFC](https://tools.ietf.org/html/rfc1123#section-2). {% data reusables.enterprise_installation.changing-hostname-not-supported %} @@ -30,4 +34,4 @@ The hostname setting in the {% data variables.enterprise.management_console %} s {% data reusables.enterprise_management_console.test-domain-settings-failure %} {% data reusables.enterprise_management_console.save-settings %} -After you configure a hostname, we recommend that you enable subdomain isolation for {% data variables.product.product_location %}. For more information, see "[Enabling subdomain isolation](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)." +To help mitigate various cross-site scripting vulnerabilities, we recommend that you enable subdomain isolation for {% data variables.product.product_location %} after you configure a hostname. For more information, see "[Enabling subdomain isolation](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)." diff --git a/content/admin/configuration/configuring-network-settings/network-ports.md b/content/admin/configuration/configuring-network-settings/network-ports.md index 80cfbb860b..ec8cf46782 100644 --- a/content/admin/configuration/configuring-network-settings/network-ports.md +++ b/content/admin/configuration/configuring-network-settings/network-ports.md @@ -25,7 +25,7 @@ Some administrative ports are required to configure {% data variables.product.pr | Port | Service | Description | |---|---|---| | 8443 | HTTPS | Secure web-based {% data variables.enterprise.management_console %}. Required for basic installation and configuration. | -| 8080 | HTTP | Plain-text web-based {% data variables.enterprise.management_console %}. Not required unless SSL is disabled manually. | +| 8080 | HTTP | Plain-text web-based {% data variables.enterprise.management_console %}. Not required unless TLS is disabled manually. | | 122 | SSH | Shell access for {% data variables.product.product_location %}. Required to be open to incoming connections between all nodes in a high availability configuration. The default SSH port (22) is dedicated to Git and SSH application network traffic. | | 1194/UDP | VPN | Secure replication network tunnel in high availability configuration. Required to be open for communication between all nodes in the configuration.| | 123/UDP| NTP | Required for time protocol operation. | @@ -38,7 +38,7 @@ Application ports provide web application and Git access for end users. | Port | Service | Description | |---|---|---| | 443 | HTTPS | Access to the web application and Git over HTTPS. | -| 80 | HTTP | Access to the web application. All requests are redirected to the HTTPS port when SSL is enabled. | +| 80 | HTTP | Access to the web application. All requests are redirected to the HTTPS port if TLS is configured. | | 22 | SSH | Access to Git over SSH. Supports clone, fetch, and push operations to public and private repositories. | | 9418 | Git | Git protocol port supports clone and fetch operations to public repositories with unencrypted network communication. {% data reusables.enterprise_installation.when-9418-necessary %} | @@ -51,3 +51,18 @@ Email ports must be accessible directly or via relay for inbound email support f | Port | Service | Description | |---|---|---| | 25 | SMTP | Support for SMTP with encryption (STARTTLS). | + +## {% data variables.product.prodname_actions %} ports + +{% data variables.product.prodname_actions %} ports must be accessible for self-hosted runners to connect to {% data variables.product.product_location %}. For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners#communication-between-self-hosted-runners-and-github-enterprise-server)." + +| Port | Service | Description | +|---|---|---| +| 443 | HTTPS | Self-hosted runners connect to {% data variables.product.product_location %} to receive job assignments and to download new versions of the runner application. Required if TLS is configured. +| 80 | HTTP | Self-hosted runners connect to {% data variables.product.product_location %} to receive job assignments and to download new versions of the runner application. Required if TLS is not configured. + +If you enable automatic access to {% data variables.product.prodname_dotcom_the_website %} actions, {% data variables.product.prodname_actions %} will always search for an action on {% data variables.product.product_location %} first, via these ports, before checking {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[Enabling automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect#about-resolution-for-actions-using-github-connect)." + +## Further reading + +- "[Configuring TLS](/admin/configuration/configuring-network-settings/configuring-tls)" diff --git a/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md b/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md index d5c7840c04..752e08380d 100644 --- a/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md +++ b/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md @@ -22,6 +22,8 @@ shortTitle: About configuration {% endif %} {% ifversion ghae %} +To get started with {% data variables.product.product_name %}, you first need to deploy {% data variables.product.product_name %}. For more information, see "[Deploying {% data variables.product.product_name %}](/admin/configuration/configuring-your-enterprise/deploying-github-ae)." + The first time you access your enterprise, you will complete an initial configuration to get {% data variables.product.product_name %} ready to use. The initial configuration includes connecting your enterprise with an identity provider (IdP), authenticating with SAML SSO, configuring policies for repositories and organizations in your enterprise, and configuring SMTP for outbound email. For more information, see "[Initializing {% data variables.product.prodname_ghe_managed %}](/admin/configuration/initializing-github-ae)." Later, you can use the site admin dashboard and enterprise settings to further configure your enterprise, manage users, organizations and repositories, and set policies that reduce risk and increase quality. diff --git a/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md b/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md new file mode 100644 index 0000000000..6b90d7a924 --- /dev/null +++ b/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md @@ -0,0 +1,68 @@ +--- +title: Deploying GitHub AE +intro: 'You can deploy {% data variables.product.product_name %} to an available Azure region.' +versions: + ghae: '*' +topics: + - Accounts + - Enterprise +type: how_to +shortTitle: Deploy GitHub AE +redirect_from: + - /get-started/signing-up-for-github/setting-up-a-trial-of-github-ae +--- + +## About deployment of {% data variables.product.product_name %} + +{% data reusables.github-ae.github-ae-enables-you %} For more information, see "[About {% data variables.product.prodname_ghe_managed %}](/admin/overview/about-github-ae)." + +After you purchase or start a trial of {% data variables.product.product_name %}, you can deploy {% data variables.product.product_name %} to an available Azure region. This guide refers to the Azure resource that contains the deployment of {% data variables.product.product_name %} as the {% data variables.product.product_name %} account. You'll use the Azure portal at [https://portal.azure.com](https://portal.azure.com) to deploy the {% data variables.product.product_name %} account. + +## Prerequisites + +- Before you can deploy {% data variables.product.product_name %}, you must request access from your {% data variables.product.company_short %} account team. {% data variables.product.company_short %} will enable deployment of {% data variables.product.product_name %} for your Azure subscription. If you haven't already purchased {% data variables.product.product_name %}, you can contact {% data variables.contact.contact_enterprise_sales %} to check your eligibility for a trial. + +- You must have permission to perform the `/register/action` operation for the resource provider in Azure. The permission is included in the `Contributor` and `Owner` roles. For more information, see [Azure resource providers and types](https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/resource-providers-and-types#register-resource-provider) in the Microsoft documentation. + +## Deploying {% data variables.product.product_name %} with the {% data variables.actions.azure_portal %} + +The {% data variables.actions.azure_portal %} allows you to deploy the {% data variables.product.product_name %} account in your Azure resource group. + +1. Click one of the following two links to begin deployment of {% data variables.product.product_name %}. The link you should click depends on the Azure cloud where you plan to deploy {% data variables.product.product_name %}. For more information about Azure Government, see [What is Azure Government?](https://docs.microsoft.com/en-us/azure/azure-government/documentation-government-welcome) in the Microsoft documentation. + + - [Deploy {% data variables.product.product_name %} to Azure Commercial](https://aka.ms/create-github-ae-instance) + - [Deploy {% data variables.product.product_name %} to Azure Government](https://aka.ms/create-github-ae-instance-gov) +1. To begin the process of adding a new {% data variables.product.product_name %} account, click **Create GitHub AE account**. +1. Complete the "Project details" and "Instance details" fields. + ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-form.png) + - **Account name:** The hostname for your enterprise + - **Administrator username:** A username for the initial enterprise owner that will be created in {% data variables.product.product_name %} + - **Administrator email:** The email address that will receive the login information +1. To review a summary of the proposed changes, click **Review + create**. +1. After the validation process has completed, click **Create**. + +The email address you entered above will receive instructions on how to access your enterprise. After you have access, you can get started by following the initial setup steps. For more information, see "[Initializing {% data variables.product.product_name %}](/admin/configuration/initializing-github-ae)." + +{% note %} + +**Note:** Software updates for your {% data variables.product.product_name %} deployment are performed by {% data variables.product.prodname_dotcom %}. For more information, see "[About upgrades to new releases](/admin/overview/about-upgrades-to-new-releases)." + +{% endnote %} + +## Navigating to your enterprise + +You can use the {% data variables.actions.azure_portal %} to navigate to your {% data variables.product.product_name %} deployment. The resulting list includes all the {% data variables.product.product_name %} deployments in your Azure region. + +1. On the {% data variables.actions.azure_portal %}, in the left panel, click **All resources**. +1. From the available filters, click **All types**, then deselect **Select all** and select **GitHub AE**: + ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-type-filter.png) + +## Next steps + +- Once your deployment has been provisioned, the next step is to initialize {% data variables.product.product_name %}. For more information, see "[Initializing {% data variables.product.product_name %}](/github-ae@latest/admin/configuration/configuring-your-enterprise/initializing-github-ae)." +- If you're trying {% data variables.product.product_name %}, you can upgrade to a full license at any time during the trial period by contacting contact {% data variables.contact.contact_enterprise_sales %}. If you haven't upgraded by the last day of your trial, then the deployment is automatically deleted. If you need more time to evaluate {% data variables.product.product_name %}, contact {% data variables.contact.contact_enterprise_sales %} to request an extension. + +## Further reading + +- "[Enabling {% data variables.product.prodname_advanced_security %} features on {% data variables.product.product_name %}](/github/getting-started-with-github/about-github-advanced-security#enabling-advanced-security-features-on-github-ae)" +- "[{% data variables.product.product_name %} release notes](/github-ae@latest/admin/overview/github-ae-release-notes)" diff --git a/content/admin/configuration/configuring-your-enterprise/index.md b/content/admin/configuration/configuring-your-enterprise/index.md index ff4c39c4da..bd280990a9 100644 --- a/content/admin/configuration/configuring-your-enterprise/index.md +++ b/content/admin/configuration/configuring-your-enterprise/index.md @@ -16,6 +16,7 @@ topics: - Enterprise children: - /about-enterprise-configuration + - /deploying-github-ae - /initializing-github-ae - /accessing-the-management-console - /accessing-the-administrative-shell-ssh diff --git a/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md b/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md index a76bdee366..fc91e87d76 100644 --- a/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md +++ b/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md @@ -18,25 +18,32 @@ The time required to failover depends on how long it takes to manually promote t {% data reusables.enterprise_installation.promoting-a-replica %} -1. To allow replication to finish before you switch appliances, put the primary appliance into maintenance mode: - - To use the management console, see "[Enabling and scheduling maintenance mode](/enterprise/admin/guides/installation/enabling-and-scheduling-maintenance-mode/)" - - You can also use the `ghe-maintenance -s` command. - ```shell - $ ghe-maintenance -s - ``` -2. When the number of active Git operations, MySQL queries, and Resque jobs reaches zero, wait 30 seconds. +1. If the primary appliance is available, to allow replication to finish before you switch appliances, on the primary appliance, put the primary appliance into maintenance mode. - {% note %} + - Put the appliance into maintenance mode. - **Note:** Nomad will always have jobs running, even in maintenance mode, so you can safely ignore these jobs. + - To use the management console, see "[Enabling and scheduling maintenance mode](/enterprise/admin/guides/installation/enabling-and-scheduling-maintenance-mode/)" + + - You can also use the `ghe-maintenance -s` command. + ```shell + $ ghe-maintenance -s + ``` + + - When the number of active Git operations, MySQL queries, and Resque jobs reaches zero, wait 30 seconds. + + {% note %} + + **Note:** Nomad will always have jobs running, even in maintenance mode, so you can safely ignore these jobs. - {% endnote %} + {% endnote %} -3. To verify all replication channels report `OK`, use the `ghe-repl-status -vv` command. - ```shell - $ ghe-repl-status -vv - ``` -4. To stop replication and promote the replica appliance to primary status, use the `ghe-repl-promote` command. This will also automatically put the primary node in maintenance node if it’s reachable. + - To verify all replication channels report `OK`, use the `ghe-repl-status -vv` command. + + ```shell + $ ghe-repl-status -vv + ``` + +4. On the replica appliance, to stop replication and promote the replica appliance to primary status, use the `ghe-repl-promote` command. This will also automatically put the primary node in maintenance node if it’s reachable. ```shell $ ghe-repl-promote ``` diff --git a/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md b/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md index b07878188c..b0313604d2 100644 --- a/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md +++ b/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md @@ -33,7 +33,7 @@ topics: {% data variables.product.prodname_actions %} helps your team work faster at scale. When large repositories start using {% data variables.product.prodname_actions %}, teams merge significantly more pull requests per day, and the pull requests are merged significantly faster. For more information, see "[Writing and shipping code faster](https://octoverse.github.com/writing-code-faster/#scale-through-automation)" in the State of the Octoverse. -You can create your own unique automations, or you can use and adapt workflows from our ecosystem of over 10,000 actions built by industry leaders and the open source community. For more information, see "[Finding and customizing actions](/actions/learn-github-actions/finding-and-customizing-actions)." +You can create your own unique automations, or you can use and adapt workflows from our ecosystem of over 10,000 actions built by industry leaders and the open source community. {% ifversion ghec %}For more information, see "[Finding and customizing actions](/actions/learn-github-actions/finding-and-customizing-actions)."{% else %}You can restrict your developers to using actions that exist on {% data variables.product.product_location %}, or you can allow your developers to access actions on {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[About using actions in your enterprise](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise)."{% endif %} {% data variables.product.prodname_actions %} is developer friendly, because it's integrated directly into the familiar {% data variables.product.product_name %} experience. diff --git a/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md b/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md index 0574bc0877..b507720da4 100644 --- a/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md +++ b/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md @@ -13,7 +13,7 @@ type: overview topics: - Actions - Enterprise -shortTitle: Add actions in your enterprise +shortTitle: About actions in your enterprise --- {% data reusables.actions.enterprise-beta %} @@ -23,13 +23,24 @@ shortTitle: Add actions in your enterprise {% data variables.product.prodname_actions %} workflows can use _actions_, which are individual tasks that you can combine to create jobs and customize your workflow. You can create your own actions, or use and customize actions shared by the {% data variables.product.prodname_dotcom %} community. -{% data reusables.actions.enterprise-no-internet-actions %} +{% data reusables.actions.enterprise-no-internet-actions %} You can restrict your developers to using actions that are stored on {% data variables.product.product_location %}, which includes most official {% data variables.product.company_short %}-authored actions, as well as any actions your developers create. Alternatively, to allow your developers to benefit from the full ecosystem of actions built by industry leaders and the open source community, you can configure access to other actions from {% data variables.product.prodname_dotcom_the_website %}. + +We recommend allowing automatic access to all actions from {% data variables.product.prodname_dotcom_the_website %}. {% ifversion ghes %}However, this does require {% data variables.product.product_name %} to make outbound connections to {% data variables.product.prodname_dotcom_the_website %}. If you don't want to allow these connections, or{% else %}If{% endif %} you want to have greater control over which actions are used on your enterprise, you can manually sync specific actions from {% data variables.product.prodname_dotcom_the_website %}. ## Official actions bundled with your enterprise instance {% data reusables.actions.actions-bundled-with-ghes %} -The bundled official actions include `actions/checkout`, `actions/upload-artifact`, `actions/download-artifact`, `actions/labeler`, and various `actions/setup-` actions, among others. To see all the official actions included on your enterprise instance, browse to the `actions` organization on your instance: https://HOSTNAME/actions. +The bundled official actions include the following, among others. +- `actions/checkout` +- `actions/upload-artifact` +- `actions/download-artifact` +- `actions/labeler` +- Various `actions/setup-` actions + +To see all the official actions included on your enterprise instance, browse to the `actions` organization on your instance: https://HOSTNAME/actions. + +There is no connection required between {% data variables.product.product_location %} and {% data variables.product.prodname_dotcom_the_website %} to use these actions. Each action is a repository in the `actions` organization, and each action repository includes the necessary tags, branches, and commit SHAs that your workflows can use to reference the action. For information on how to update the bundled official actions, see "[Using the latest version of the official bundled actions](/admin/github-actions/using-the-latest-version-of-the-official-bundled-actions)." @@ -43,14 +54,21 @@ Each action is a repository in the `actions` organization, and each action repos ## Configuring access to actions on {% data variables.product.prodname_dotcom_the_website %} -{% ifversion ghes %} -Before you can configure access to actions on {% data variables.product.prodname_dotcom_the_website %}, you must configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." -{% endif %} - {% data reusables.actions.access-actions-on-dotcom %} The recommended approach is to enable automatic access to all actions from {% data variables.product.prodname_dotcom_the_website %}. You can do this by using {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. For more information, see "[Enabling automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/enterprise/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect)". +{% ifversion ghes %} +{% note %} + +**Note:** Before you can configure access to actions on {% data variables.product.prodname_dotcom_the_website %}, you must configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." + + +{% endnote %} +{% endif %} + +{% data reusables.actions.self-hosted-runner-networking-to-dotcom %} + {% data reusables.actions.enterprise-limit-actions-use %} -Alternatively, if you want stricter control over which actions are allowed in your enterprise, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. For more information, see "[Manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)." +Alternatively, if you want stricter control over which actions are allowed in your enterprise, or you do not want to allow outbound connections to {% data variables.product.prodname_dotcom_the_website %}, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. For more information, see "[Manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)." diff --git a/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md b/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md index 3dc27dc3ff..f539aeca8d 100644 --- a/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md +++ b/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md @@ -21,11 +21,18 @@ shortTitle: Use GitHub Connect for actions ## About automatic access to {% data variables.product.prodname_dotcom_the_website %} actions -By default, {% data variables.product.prodname_actions %} workflows on {% data variables.product.product_name %} cannot use actions directly from {% data variables.product.prodname_dotcom_the_website %} or [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions). +By default, {% data variables.product.prodname_actions %} workflows on {% data variables.product.product_name %} cannot use actions directly from {% data variables.product.prodname_dotcom_the_website %} or [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions). To make all actions from {% data variables.product.prodname_dotcom_the_website %} available on your enterprise instance, you can use {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. -To make all actions from {% data variables.product.prodname_dotcom_the_website %} available on your enterprise instance, you can use {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. For other ways of accessing actions from {% data variables.product.prodname_dotcom_the_website %}, see "[About using actions in your enterprise](/admin/github-actions/about-using-actions-in-your-enterprise)." +{% data reusables.actions.self-hosted-runner-networking-to-dotcom %} -To use actions from {% data variables.product.prodname_dotcom_the_website %}, your self-hosted runners must be able to download public actions from `api.github.com`. +Alternatively, if you want stricter control over which actions are allowed in your enterprise, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. For more information, see "[Manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)." + +## About resolution for actions using {% data variables.product.prodname_github_connect %} + +{% data reusables.actions.github-connect-resolution %} + +If a user has already created an organization and repository in your enterprise that matches an organization and repository name on {% data variables.product.prodname_dotcom_the_website %}, the repository on your enterprise will be used instead of the {% data variables.product.prodname_dotcom_the_website %} repository. {% ifversion ghes < 3.3 or ghae %}A malicious user could take advantage of this behavior to run code as part of a workflow{% else %}For more information, see "[Automatic retirement of namespaces for actions accessed on {% data variables.product.prodname_dotcom_the_website%}](#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom)." +{% endif %} ## Enabling automatic access to all {% data variables.product.prodname_dotcom_the_website %} actions @@ -33,8 +40,6 @@ Before enabling access to all actions from {% data variables.product.prodname_do - Configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." - Enable{% else %} enable{% endif %} {% data variables.product.prodname_github_connect %}. For more information, see "[Managing {% data variables.product.prodname_github_connect %}](/admin/configuration/configuring-github-connect/managing-github-connect)." -{% data reusables.actions.enterprise-github-connect-warning %} - {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.github-connect-tab %} 1. Under "Users can utilize actions from GitHub.com in workflow runs", use the drop-down menu and select **Enabled**. diff --git a/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md b/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md index 7748d92eba..acf035efed 100644 --- a/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md +++ b/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md @@ -54,7 +54,7 @@ A mapping is created between the `NameID` and the {% data variables.product.prod {% note %} -**Note**: If the `NameID` for a user does change on the IdP, the user will see an error message when they try to sign in to your {% data variables.product.prodname_ghe_server %} instance. {% ifversion ghes %}To restore the user's access, you'll need to update the user account's `NameID` mapping. For more information, see "[Updating a user's SAML `NameID`](#updating-a-users-saml-nameid)."{% else %} For more information, see "[Error: 'Another user already owns the account'](#error-another-user-already-owns-the-account)."{% endif %} +**Note**: If the `NameID` for a user does change on the IdP, the user will see an error message when they try to sign into {% data variables.product.product_location %}. To restore the user's access, you'll need to update the user account's `NameID` mapping. For more information, see "[Updating a user's SAML `NameID`](#updating-a-users-saml-nameid)." {% endnote %} @@ -96,6 +96,14 @@ To specify more than one value for an attribute, use multiple ` 3.3 %} +1. Optionally, to allow {% data variables.product.product_location %} to receive encrypted assertions from your SAML IdP, select **Require encrypted assertions**. You must ensure that your IdP supports encrypted assertions and that the encryption and key transport methods in the management console match the values configured on your IdP. You must also provide {% data variables.product.product_location %}'s public certificate to your IdP. For more information, see "[Enabling encrypted assertions](#enabling-encrypted-assertions)." ![Screenshot of "Enable encrypted assertions" checkbox within management console's "Authentication" section](/assets/images/help/saml/management-console-enable-encrypted-assertions.png) - - {% warning %} - - **Warning**: Incorrectly configuring encrypted assertions can cause all authentication to {% data variables.product.product_location %} to fail. - - - You must ensure that your IdP supports encrypted assertions and that the encryption and key transport methods in the management console match the values configured on your IdP. You must also provide {% data variables.product.product_location %}'s public certificate to your IdP. For more information, see "[Enabling encrypted assertions](#enabling-encrypted-assertions)." - - - Before enabling encrypted assertions, {% data variables.product.company_short %} recommends testing encrypted assertions in a staging environment, and confirming that SAML authentication functions as you expect. For more information, see "[Setting up a staging instance](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)." - - {% endwarning %} +{%- endif %} 1. In the **Single sign-on URL** field, type the HTTP or HTTPS endpoint on your IdP for single sign-on requests. This value is provided by your IdP configuration. If the host is only available from your internal network, you may need to [configure {% data variables.product.product_location %} to use internal nameservers](/enterprise/{{ currentVersion }}/admin/guides/installation/configuring-dns-nameservers/). ![Screenshot of text field for single sign-on URL](/assets/images/enterprise/management-console/saml-single-sign-url.png) @@ -153,37 +153,38 @@ To specify more than one value for an attribute, use multiple ` Another user already owns the account. Please have your administrator check the authentication log. -The message typically indicates that the person's username or email address has changed on the IdP. {% ifversion ghes %}Ensure that the `NameID` mapping for the user account on {% data variables.product.prodname_ghe_server %} matches the user's `NameID` on your IdP. For more information, see "[Updating a user's SAML `NameID`](#updating-a-users-saml-nameid)."{% else %}For help updating the `NameID` mapping, contact {% data variables.contact.contact_ent_support %}.{% endif %} +The message typically indicates that the person's username or email address has changed on the IdP. Ensure that the `NameID` mapping for the user account on {% data variables.product.prodname_ghe_server %} matches the user's `NameID` on your IdP. For more information, see "[Updating a user's SAML `NameID`](#updating-a-users-saml-nameid)." ### Error: Recipient in SAML response was blank or not valid -If the `Recipient` does not match the ACS URL for your {% data variables.product.prodname_ghe_server %} instance, one of the following two error messages will appear in the authentication log when a user attempts to authenticate. +If the `Recipient` does not match the ACS URL for {% data variables.product.product_location %}, one of the following two error messages will appear in the authentication log when a user attempts to authenticate. ``` Recipient in the SAML response must not be blank. @@ -259,7 +260,7 @@ Recipient in the SAML response must not be blank. Recipient in the SAML response was not valid. ``` -Ensure that you set the value for `Recipient` on your IdP to the full ACS URL for your {% data variables.product.prodname_ghe_server %} instance. For example, `https://ghe.corp.example.com/saml/consume`. +Ensure that you set the value for `Recipient` on your IdP to the full ACS URL for {% data variables.product.product_location %}. For example, `https://ghe.corp.example.com/saml/consume`. ### Error: "SAML Response is not signed or has been modified" @@ -279,4 +280,40 @@ If the IdP's response has a missing or incorrect value for `Audience`, the follo Audience is invalid. Audience attribute does not match https://YOUR-INSTANCE-URL ``` -Ensure that you set the value for `Audience` on your IdP to the `EntityId` for your {% data variables.product.prodname_ghe_server %} instance, which is the full URL to your {% data variables.product.prodname_ghe_server %} instance. For example, `https://ghe.corp.example.com`. +Ensure that you set the value for `Audience` on your IdP to the `EntityId` for {% data variables.product.product_location %}, which is the full URL to {% data variables.product.product_location %}. For example, `https://ghe.corp.example.com`. + +### Configuring SAML debugging + +You can configure {% data variables.product.product_name %} to write verbose debug logs to _/var/log/github/auth.log_ for every SAML authentication attempt. You may be able to troubleshoot failed authentication attempts with this extra output. + +{% warning %} + +**Warnings**: + +- Only enable SAML debugging temporarily, and disable debugging immediately after you finish troubleshooting. If you leave debugging enabled, the size of your log may increase much faster than usual, which can negatively impact the performance of {% data variables.product.product_name %}. +- Test new authentication settings for {% data variables.product.product_location %} in a staging environment before you apply the settings in your production environment. For more information, see "[Setting up a staging instance](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)." + +{% endwarning %} + +{% data reusables.enterprise-accounts.access-enterprise %} +{% data reusables.enterprise-accounts.policies-tab %} +{% data reusables.enterprise-accounts.options-tab %} +1. Under "SAML debugging", select the drop-down and click **Enabled**. + + ![Screenshot of drop-down to enable SAML debugging](/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-enabled.png) + +1. Attempt to sign into {% data variables.product.product_location %} through your SAML IdP. + +1. Review the debug output in _/var/log/github/auth.log_ on {% data variables.product.product_location %}. + +1. When you're done troubleshooting, select the drop-down and click **Disabled**. + + ![Screenshot of drop-down to disable SAML debugging](/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-disabled.png) + +### Decoding responses in _auth.log_ + +Some output in _auth.log_ may be Base64-encoded. You can access the administrative shell and use the `base64` utility on {% data variables.product.product_location %} to decode these responses. For more information, see "[Accessing the administrative shell (SSH)](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh)." + +```shell +$ base64 --decode ENCODED OUTPUT +``` diff --git a/content/admin/index.md b/content/admin/index.md index d45da0275e..0779c3cbb1 100644 --- a/content/admin/index.md +++ b/content/admin/index.md @@ -96,7 +96,7 @@ featuredLinks: - '{% ifversion ghae %}/admin/identity-and-access-management/configuring-authentication-and-provisioning-for-your-enterprise-using-azure-ad{% endif %}' - '{% ifversion ghae %}/billing/managing-billing-for-your-github-account/about-billing-for-your-enterprise{% endif %}' - '{% ifversion ghae %}/admin/overview/about-upgrades-to-new-releases{% endif %}' - - '{% ifversion ghae %}/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae{% endif %}' + - '{% ifversion ghae %}/admin/configuration/configuring-your-enterprise/deploying-github-ae{% endif %}' - '{% ifversion ghes %}/billing/managing-your-license-for-github-enterprise{% endif %}' - '{% ifversion ghes %}/admin/configuration/command-line-utilities{% endif %}' - '{% ifversion ghec %}/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise{% endif %}' diff --git a/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md b/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md index e5ff4d4023..ec1e70ee35 100644 --- a/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md +++ b/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md @@ -24,7 +24,7 @@ There are three types of migrations you can perform: In a migration, everything revolves around a repository. Most data associated with a repository can be migrated. For example, a repository within an organization will migrate the repository *and* the organization, as well as any users, teams, issues, and pull requests associated with the repository. -The items in the table below can be migrated with a repository. Any items not shown in the list of migrated data can not be migrated. +The items in the table below can be migrated with a repository. Any items not shown in the list of migrated data can not be migrated, including {% data variables.large_files.product_name_short %} assets. {% data reusables.enterprise_migrations.fork-persistence %} diff --git a/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md b/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md index 291407dc29..edd4ada50f 100644 --- a/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md +++ b/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md @@ -25,7 +25,7 @@ shortTitle: Check for existing SSH key # Lists the files in your .ssh directory, if they exist ``` -3. Check the directory listing to see if you already have a public SSH key. By default, the {% ifversion ghae %}filename of a supported public key for {% data variables.product.product_name %} is *id_rsa.pub*.{% elsif fpt or ghes %}filenames of supported public keys for {% data variables.product.product_name %} are one of the following. +3. Check the directory listing to see if you already have a public SSH key. By default, the {% ifversion ghae %}filename of a supported public key for {% data variables.product.product_name %} is *id_rsa.pub*.{% else %}filenames of supported public keys for {% data variables.product.product_name %} are one of the following. - *id_rsa.pub* - *id_ecdsa.pub* - *id_ed25519.pub*{% endif %} diff --git a/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md b/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md index 484e90b4d2..9b50fabb3a 100644 --- a/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md +++ b/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md @@ -32,7 +32,7 @@ If that worked, great! If not, you may need to [follow our troubleshooting guide If you are able to SSH into `git@ssh.{% data variables.command_line.backticks %}` over port 443, you can override your SSH settings to force any connection to {% data variables.product.product_location %} to run through that server and port. -To set this in your SSH confifguration file, edit the file at `~/.ssh/config`, and add this section: +To set this in your SSH configuration file, edit the file at `~/.ssh/config`, and add this section: ``` Host {% data variables.command_line.codeblock %} diff --git a/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md b/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md index 3d628cfa43..60fc384867 100644 --- a/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md +++ b/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md @@ -27,7 +27,15 @@ By default, {% data variables.product.prodname_code_scanning %} analyzes your co Each alert highlights a problem with the code and the name of the tool that identified it. You can see the line of code that triggered the alert, as well as properties of the alert, such as the alert severity{% ifversion fpt or ghes > 3.1 or ghae or ghec %}, security severity,{% endif %} and the nature of the problem. Alerts also tell you when the issue was first introduced. For alerts identified by {% data variables.product.prodname_codeql %} analysis, you will also see information on how to fix the problem. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.alert-default-branch %} +{% endif %} + +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Example alert from {% data variables.product.prodname_code_scanning %}](/assets/images/help/repository/code-scanning-alert.png) +{% else %} +![Example alert from {% data variables.product.prodname_code_scanning %}](/assets/images/enterprise/3.4/repository/code-scanning-alert.png) +{% endif %} If you set up {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %}, you can also find data-flow problems in your code. Data-flow analysis finds potential security issues in code, such as: using data insecurely, passing dangerous arguments to functions, and leaking sensitive information. diff --git a/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md b/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md index d6ae1c8097..c8f214deae 100644 --- a/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md +++ b/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md @@ -46,9 +46,16 @@ By default, the code scanning alerts page is filtered to show alerts for the def {% else %} ![List of alerts from {% data variables.product.prodname_code_scanning %}](/assets/images/enterprise/3.1/help/repository/code-scanning-click-alert.png) {% endif %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} + {% data reusables.code-scanning.alert-default-branch %} + ![The "Affected branches" section in an alert](/assets/images/help/repository/code-scanning-affected-branches.png){% endif %} 1. Optionally, if the alert highlights a problem with data flow, click **Show paths** to display the path from the data source to the sink where it's used. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![The "Show paths" link on an alert](/assets/images/help/repository/code-scanning-show-paths.png) -1. Alerts from {% data variables.product.prodname_codeql %} analysis include a description of the problem. Click **Show more** for guidance on how to fix your code. + {% else %} + ![The "Show paths" link on an alert](/assets/images/enterprise/3.4/repository/code-scanning-show-paths.png) + {% endif %} +2. Alerts from {% data variables.product.prodname_codeql %} analysis include a description of the problem. Click **Show more** for guidance on how to fix your code. ![Details for an alert](/assets/images/help/repository/code-scanning-alert-details.png) For more information, see "[About {% data variables.product.prodname_code_scanning %} alerts](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts)." @@ -80,6 +87,10 @@ The benefit of using keyword filters is that only values with results are shown If you enter multiple filters, the view will show alerts matching _all_ these filters. For example, `is:closed severity:high branch:main` will only display closed high-severity alerts that are present on the `main` branch. The exception is filters relating to refs (`ref`, `branch` and `pr`): `is:open branch:main branch:next` will show you open alerts from both the `main` branch and the `next` branch. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.filter-non-default-branches %} +{% endif %} + {% ifversion fpt or ghes > 3.3 or ghec %} You can prefix the `tag` filter with `-` to exclude results with that tag. For example, `-tag:style` only shows alerts that do not have the `style` tag{% if codeql-ml-queries %} and `-tag:experimental` will omit all experimental alerts. For more information, see "[About {% data variables.product.prodname_code_scanning %} alerts](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts#about-experimental-alerts)."{% else %}.{% endif %} @@ -96,10 +107,12 @@ You can use the "Only alerts in application code" filter or `autofilter:true` ke You can search the list of alerts. This is useful if there is a large number of alerts in your repository, or if you don't know the exact name for an alert for example. {% data variables.product.product_name %} performs the free text search across: - The name of the alert -- The alert description - The alert details (this also includes the information hidden from view by default in the **Show more** collapsible section) - + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![The alert information used in searches](/assets/images/help/repository/code-scanning-free-text-search-areas.png) + {% else %} + ![The alert information used in searches](/assets/images/enterprise/3.4/repository/code-scanning-free-text-search-areas.png) + {% endif %} | Supported search | Syntax example | Results | | ---- | ---- | ---- | @@ -113,7 +126,7 @@ You can search the list of alerts. This is useful if there is a large number of **Tips:** - The multiple word search is equivalent to an OR search. -- The AND search will return results where the search terms are found _anywhere_, in any order in the alert name, description, or details. +- The AND search will return results where the search terms are found _anywhere_, in any order in the alert name or details. {% endtip %} @@ -143,7 +156,7 @@ If you have write permission for a repository, you can view fixed alerts by view You can use{% ifversion fpt or ghes > 3.1 or ghae or ghec %} the free text search or{% endif %} the filters to display a subset of alerts and then in turn mark all matching alerts as closed. -Alerts may be fixed in one branch but not in another. You can use the "Branch" drop-down menu, on the summary of alerts, to check whether an alert is fixed in a particular branch. +Alerts may be fixed in one branch but not in another. You can use the "Branch" filter, on the summary of alerts, to check whether an alert is fixed in a particular branch. {% ifversion fpt or ghes > 3.1 or ghae or ghec %} ![Filtering alerts by branch](/assets/images/help/repository/code-scanning-branch-filter.png) @@ -151,6 +164,9 @@ Alerts may be fixed in one branch but not in another. You can use the "Branch" d ![Filtering alerts by branch](/assets/images/enterprise/3.1/help/repository/code-scanning-branch-filter.png) {% endif %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.filter-non-default-branches %} +{% endif %} ## Dismissing or deleting alerts There are two ways of closing an alert. You can fix the problem in the code, or you can dismiss the alert. Alternatively, if you have admin permissions for the repository, you can delete alerts. Deleting alerts is useful in situations where you have set up a {% data variables.product.prodname_code_scanning %} tool and then decided to remove it, or where you have configured {% data variables.product.prodname_codeql %} analysis with a larger set of queries than you want to continue using, and you've then removed some queries from the tool. In both cases, deleting alerts allows you to clean up your {% data variables.product.prodname_code_scanning %} results. You can delete alerts from the summary list within the **Security** tab. diff --git a/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md b/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md index 66e2303aa0..8b32764582 100644 --- a/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md +++ b/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md @@ -39,7 +39,11 @@ You can use more than one issue to track the same {% data variables.product.prod - A "tracked in" section will also show in the corresponding alert page. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Tracked in section on code scanning alert page](/assets/images/help/repository/code-scanning-alert-tracked-in-pill.png) + {% else %} + ![Tracked in section on code scanning alert page](/assets/images/enterprise/3.4/repository/code-scanning-alert-tracked-in-pill.png) + {% endif %} - On the tracking issue, {% data variables.product.prodname_dotcom %} displays a security badge icon in the task list and on the hovercard. @@ -65,7 +69,11 @@ The status of the tracked alert won't change if you change the checkbox state of 1. Optionally, to find the alert to track, you can use the free-text search or the drop-down menus to filter and locate the alert. For more information, see "[Managing code scanning alerts for your repository](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#filtering-code-scanning-alerts)." {% endif %} 1. Towards the top of the page, on the right side, click **Create issue**. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Create a tracking issue for the code scanning alert](/assets/images/help/repository/code-scanning-create-issue-for-alert.png) + {% else %} + ![Create a tracking issue for the code scanning alert](/assets/images/enterprise/3.4/repository/code-scanning-create-issue-for-alert.png) + {% endif %} {% data variables.product.prodname_dotcom %} automatically creates an issue to track the alert and adds the alert as a task list item. {% data variables.product.prodname_dotcom %} prepopulates the issue: - The title contains the name of the {% data variables.product.prodname_code_scanning %} alert. diff --git a/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md b/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md index 66ae7d484f..29eaaa3ea7 100644 --- a/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md +++ b/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md @@ -74,10 +74,17 @@ If you have write permission for the repository, some annotations contain links To see more information about an alert, users with write permission can click the **Show more details** link shown in the annotation. This allows you to see all of the context and metadata provided by the tool in an alert view. In the example below, you can see tags showing the severity, type, and relevant common weakness enumerations (CWEs) for the problem. The view also shows which commit introduced the problem. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.alert-default-branch %} +{% endif %} + In the detailed view for an alert, some {% data variables.product.prodname_code_scanning %} tools, like {% data variables.product.prodname_codeql %} analysis, also include a description of the problem and a **Show more** link for guidance on how to fix your code. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Alert description and link to show more information](/assets/images/help/repository/code-scanning-pr-alert.png) - +{% else %} +![Alert description and link to show more information](/assets/images/enterprise/3.4/repository/code-scanning-pr-alert.png) +{% endif %} ## Fixing an alert on your pull request Anyone with push access to a pull request can fix a {% data variables.product.prodname_code_scanning %} alert that's identified on that pull request. If you commit changes to the pull request this triggers a new run of the pull request checks. If your changes fix the problem, the alert is closed and the annotation removed. diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md b/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md similarity index 94% rename from content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md rename to content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md index 52b0aa9c64..da996b60cc 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md +++ b/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md @@ -1,11 +1,12 @@ --- -title: About alerts for vulnerable dependencies +title: About Dependabot alerts intro: '{% data variables.product.product_name %} sends {% data variables.product.prodname_dependabot_alerts %} when we detect vulnerabilities affecting your repository.' redirect_from: - /articles/about-security-alerts-for-vulnerable-dependencies - /github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies - /github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies - /code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies versions: fpt: '*' ghes: '*' @@ -81,7 +82,7 @@ For repositories where {% data variables.product.prodname_dependabot_security_up ## Access to {% data variables.product.prodname_dependabot_alerts %} -You can see all of the alerts that affect a particular project{% ifversion fpt or ghec %} on the repository's Security tab or{% endif %} in the repository's dependency graph. For more information, see "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." +You can see all of the alerts that affect a particular project{% ifversion fpt or ghec %} on the repository's Security tab or{% endif %} in the repository's dependency graph. For more information, see "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." By default, we notify people with admin permissions in the affected repositories about new {% data variables.product.prodname_dependabot_alerts %}. {% ifversion fpt or ghec %}{% data variables.product.product_name %} never publicly discloses identified vulnerabilities for any repository. You can also make {% data variables.product.prodname_dependabot_alerts %} visible to additional people or teams working repositories that you own or have admin permissions for. For more information, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)." {% endif %} @@ -95,5 +96,5 @@ You can also see all the {% data variables.product.prodname_dependabot_alerts %} ## Further reading - "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" -- "[Viewing and updating vulnerable dependencies in your repository](/articles/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% endif %} +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/articles/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% endif %} {% ifversion fpt or ghec %}- "[Privacy on {% data variables.product.prodname_dotcom %}](/get-started/privacy-on-github)"{% endif %} diff --git a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md b/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md similarity index 95% rename from translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md rename to content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md index 635a4f5cce..98741cedb4 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md +++ b/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md @@ -6,6 +6,7 @@ miniTocMaxHeadingLevel: 3 redirect_from: - /github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database - /code-security/supply-chain-security/browsing-security-vulnerabilities-in-the-github-advisory-database + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database versions: fpt: '*' ghec: '*' @@ -35,7 +36,7 @@ The {% data variables.product.prodname_advisory_database %} contains a list of k We carefully review each advisory for validity. Each {% data variables.product.company_short %}-reviewed advisory has a full description, and contains both ecosystem and package information. -If you enable {% data variables.product.prodname_dependabot_alerts %} for your repositories, you are automatically notified when a new {% data variables.product.company_short %}-reviewed advisory affects packages you depend on. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." +If you enable {% data variables.product.prodname_dependabot_alerts %} for your repositories, you are automatically notified when a new {% data variables.product.company_short %}-reviewed advisory affects packages you depend on. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." ### About unreviewed advisories @@ -107,7 +108,7 @@ You can search the database, and use qualifiers to narrow your search. For examp ## Viewing your vulnerable repositories -For any {% data variables.product.company_short %}-reviewed advisory in the {% data variables.product.prodname_advisory_database %}, you can see which of your repositories are affected by that security vulnerability. To see a vulnerable repository, you must have access to {% data variables.product.prodname_dependabot_alerts %} for that repository. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)." +For any {% data variables.product.company_short %}-reviewed advisory in the {% data variables.product.prodname_advisory_database %}, you can see which of your repositories are affected by that security vulnerability. To see a vulnerable repository, you must have access to {% data variables.product.prodname_dependabot_alerts %} for that repository. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)." 1. Navigate to https://github.com/advisories. 2. Click an advisory. diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md b/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md similarity index 91% rename from content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md rename to content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md index 5d8407e57a..1ca05f1e50 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md +++ b/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md @@ -1,10 +1,11 @@ --- -title: Configuring notifications for vulnerable dependencies -shortTitle: Configuring notifications +title: Configuring notifications for Dependabot alerts +shortTitle: Configure notifications intro: 'Optimize how you receive notifications about {% data variables.product.prodname_dependabot_alerts %}.' redirect_from: - /github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies - /code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies versions: fpt: '*' ghes: '*' @@ -58,7 +59,7 @@ You can configure notification settings for yourself or your organization from t ## How to reduce the noise from notifications for vulnerable dependencies -If you are concerned about receiving too many notifications for {% data variables.product.prodname_dependabot_alerts %}, we recommend you opt into the weekly email digest, or turn off notifications while keeping {% data variables.product.prodname_dependabot_alerts %} enabled. You can still navigate to see your {% data variables.product.prodname_dependabot_alerts %} in your repository's Security tab. For more information, see "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." +If you are concerned about receiving too many notifications for {% data variables.product.prodname_dependabot_alerts %}, we recommend you opt into the weekly email digest, or turn off notifications while keeping {% data variables.product.prodname_dependabot_alerts %} enabled. You can still navigate to see your {% data variables.product.prodname_dependabot_alerts %} in your repository's Security tab. For more information, see "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." ## Further reading diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md b/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md similarity index 94% rename from content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md rename to content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md index 46757161a1..d23fc34416 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md +++ b/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md @@ -3,6 +3,7 @@ title: Editing security advisories in the GitHub Advisory Database intro: 'You can submit improvements to any advisory published in the {% data variables.product.prodname_advisory_database %}.' redirect_from: - /code-security/security-advisories/editing-security-advisories-in-the-github-advisory-database + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database versions: fpt: '*' ghec: '*' diff --git a/content/code-security/dependabot/dependabot-alerts/index.md b/content/code-security/dependabot/dependabot-alerts/index.md new file mode 100644 index 0000000000..b474ec8f2d --- /dev/null +++ b/content/code-security/dependabot/dependabot-alerts/index.md @@ -0,0 +1,24 @@ +--- +title: Identifying vulnerabilities in your project's dependencies with Dependabot alerts +shortTitle: Dependabot alerts +intro: '{% data variables.product.prodname_dependabot %} generates {% data variables.product.prodname_dependabot_alerts %} when known vulnerabilites are detected in dependencies that your project uses.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +topics: + - Dependabot + - Alerts + - Vulnerabilities + - Repositories + - Dependencies +children: + - /browsing-security-vulnerabilities-in-the-github-advisory-database + - /editing-security-advisories-in-the-github-advisory-database + - /about-dependabot-alerts + - /viewing-and-updating-dependabot-alerts + - /configuring-notifications-for-dependabot-alerts +--- + diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md b/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md similarity index 94% rename from content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md rename to content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md index ce51732a37..02b5b1a801 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md +++ b/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md @@ -1,12 +1,13 @@ --- -title: Viewing and updating vulnerable dependencies in your repository +title: Viewing and updating Dependabot alerts intro: 'If {% data variables.product.product_name %} discovers vulnerable dependencies in your project, you can view them on the Dependabot alerts tab of your repository. Then, you can update your project to resolve or dismiss the vulnerability.' redirect_from: - /articles/viewing-and-updating-vulnerable-dependencies-in-your-repository - /github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository - /code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository permissions: Repository administrators and organization owners can view and update dependencies. -shortTitle: View vulnerable dependencies +shortTitle: View Dependabot alerts versions: fpt: '*' ghes: '*' @@ -25,7 +26,7 @@ topics: {% data reusables.dependabot.beta-security-and-version-updates %} {% data reusables.dependabot.enterprise-enable-dependabot %} -Your repository's {% data variables.product.prodname_dependabot_alerts %} tab lists all open and closed {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt or ghec or ghes > 3.2 %} and corresponding {% data variables.product.prodname_dependabot_security_updates %}{% endif %}. You can{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} filter alerts by package, ecosystem, or manifest. You can also{% endif %} sort the list of alerts, and you can click into specific alerts for more details. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." +Your repository's {% data variables.product.prodname_dependabot_alerts %} tab lists all open and closed {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt or ghec or ghes > 3.2 %} and corresponding {% data variables.product.prodname_dependabot_security_updates %}{% endif %}. You can{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} filter alerts by package, ecosystem, or manifest. You can also{% endif %} sort the list of alerts, and you can click into specific alerts for more details. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." {% ifversion fpt or ghec or ghes > 3.2 %} You can enable automatic security updates for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." @@ -112,7 +113,7 @@ Each {% data variables.product.prodname_dependabot %} alert has a unique numeric ## Further reading -- "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} - "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)"{% endif %} - "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" - "[Troubleshooting the detection of vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} diff --git a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md b/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md similarity index 92% rename from translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md rename to content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md index b283a4b5e0..278efb2684 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md +++ b/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md @@ -6,6 +6,7 @@ redirect_from: - /github/managing-security-vulnerabilities/about-github-dependabot-security-updates - /github/managing-security-vulnerabilities/about-dependabot-security-updates - /code-security/supply-chain-security/about-dependabot-security-updates + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates versions: fpt: '*' ghec: '*' @@ -27,7 +28,7 @@ topics: ## About {% data variables.product.prodname_dependabot_security_updates %} -{% data variables.product.prodname_dependabot_security_updates %} make it easier for you to fix vulnerable dependencies in your repository. If you enable this feature, when a {% data variables.product.prodname_dependabot %} alert is raised for a vulnerable dependency in the dependency graph of your repository, {% data variables.product.prodname_dependabot %} automatically tries to fix it. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" and "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." +{% data variables.product.prodname_dependabot_security_updates %} make it easier for you to fix vulnerable dependencies in your repository. If you enable this feature, when a {% data variables.product.prodname_dependabot %} alert is raised for a vulnerable dependency in the dependency graph of your repository, {% data variables.product.prodname_dependabot %} automatically tries to fix it. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" and "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." {% data variables.product.prodname_dotcom %} may send {% data variables.product.prodname_dependabot_alerts %} to repositories affected by a vulnerability disclosed by a recently published {% data variables.product.prodname_dotcom %} security advisory. {% data reusables.security-advisory.link-browsing-advisory-db %} diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md b/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md similarity index 91% rename from content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md rename to content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md index 40c479eb51..6cc5ca642c 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md +++ b/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md @@ -9,6 +9,7 @@ redirect_from: - /github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates - /github/managing-security-vulnerabilities/configuring-dependabot-security-updates - /code-security/supply-chain-security/configuring-dependabot-security-updates + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates versions: fpt: '*' ghec: '*' @@ -37,7 +38,7 @@ You can disable {% data variables.product.prodname_dependabot_security_updates % ## Supported repositories -{% data variables.product.prodname_dotcom %} automatically enables {% data variables.product.prodname_dependabot_security_updates %} for every repository that meets these prerequisites. +{% data variables.product.prodname_dotcom %} automatically enables {% data variables.product.prodname_dependabot_security_updates %} for every repository that meets these prerequisites. {% note %} @@ -59,7 +60,7 @@ If security updates are not enabled for your repository and you don't know why, You can enable or disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository (see below). -You can also enable or disable {% data variables.product.prodname_dependabot_security_updates %} for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." +You can also enable or disable {% data variables.product.prodname_dependabot_security_updates %} for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." {% data variables.product.prodname_dependabot_security_updates %} require specific repository settings. For more information, see "[Supported repositories](#supported-repositories)." @@ -68,12 +69,12 @@ You can also enable or disable {% data variables.product.prodname_dependabot_sec {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-security-and-analysis %} -1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot %} security updates", click **Enable** or **Disable**. +1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot %} security updates", click **Enable** to enable the feature or **Disable** to disable it. {% ifversion fpt or ghec %}For public repositories, the button is disabled if the feature is always enabled.{% endif %} {% ifversion fpt or ghec %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/help/repository/enable-dependabot-security-updates-button.png){% else %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/enterprise/3.3/repository/security-and-analysis-disable-or-enable-ghes.png){% endif %} ## Further reading -- "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec %} +- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec %} - "[Managing data use settings for your private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)"{% endif %} - "[Supported package ecosystems](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)" diff --git a/content/code-security/dependabot/dependabot-security-updates/index.md b/content/code-security/dependabot/dependabot-security-updates/index.md new file mode 100644 index 0000000000..d5d9e2ae0c --- /dev/null +++ b/content/code-security/dependabot/dependabot-security-updates/index.md @@ -0,0 +1,20 @@ +--- +title: Automatically updating dependencies with known vulnerabilities with Dependabot security updates +intro: '{% data variables.product.prodname_dependabot %} can help you fix vulnerable dependencies by automatically raising pull requests to update dependencies to secure versions.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Security updates + - Dependencies + - Pull requests +shortTitle: Dependabot security updates +children: + - /about-dependabot-security-updates + - /configuring-dependabot-security-updates +--- + diff --git a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md similarity index 90% rename from content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md rename to content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md index 0a2e98654a..c2cc636e94 100644 --- a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md +++ b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md @@ -8,6 +8,7 @@ redirect_from: - /github/administering-a-repository/about-dependabot-version-updates - /code-security/supply-chain-security/about-dependabot-version-updates - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/upgrading-from-dependabotcom-to-github-native-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates versions: fpt: '*' ghec: '*' @@ -31,7 +32,7 @@ shortTitle: Dependabot version updates You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. Vendored (or cached) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary. -When {% data variables.product.prodname_dependabot %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. For vendored dependencies, {% data variables.product.prodname_dependabot %} raises a pull request to replace the outdated dependency with the new version directly. You check that your tests pass, review the changelog and release notes included in the pull request summary, and then merge it. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +When {% data variables.product.prodname_dependabot %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. For vendored dependencies, {% data variables.product.prodname_dependabot %} raises a pull request to replace the outdated dependency with the new version directly. You check that your tests pass, review the changelog and release notes included in the pull request summary, and then merge it. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." If you enable _security updates_, {% data variables.product.prodname_dependabot %} also raises pull requests to update vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." @@ -50,7 +51,7 @@ If you've enabled security updates, you'll sometimes see extra pull requests for ## Supported repositories and ecosystems -You can configure version updates for repositories that contain a dependency manifest or lock file for one of the supported package managers. For some package managers, you can also configure vendoring for dependencies. For more information, see "[Configuration options for dependency updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#vendor)." +You can configure version updates for repositories that contain a dependency manifest or lock file for one of the supported package managers. For some package managers, you can also configure vendoring for dependencies. For more information, see "[Configuration options for the dependabot.yml file](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#vendor)." {% note %} {% data reusables.dependabot.private-dependencies-note %} diff --git a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md similarity index 98% rename from translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md rename to content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md index 4e18304d1a..d96f63c8ba 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md +++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md @@ -1,10 +1,12 @@ --- -title: Configuration options for dependency updates +title: Configuration options for the dependabot.yml file intro: 'Detailed information for all the options you can use to customize how {% data variables.product.prodname_dependabot %} maintains your repositories.' permissions: 'People with write permissions to a repository can configure {% data variables.product.prodname_dependabot %} for the repository.' +allowTitleToDifferFromFilename: true redirect_from: - /github/administering-a-repository/configuration-options-for-dependency-updates - /code-security/supply-chain-security/configuration-options-for-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates miniTocMaxHeadingLevel: 3 versions: fpt: '*' @@ -17,7 +19,7 @@ topics: - Repositories - Dependencies - Pull requests -shortTitle: Configuration options +shortTitle: Configure dependabot.yml --- {% data reusables.dependabot.beta-security-and-version-updates %} @@ -27,7 +29,7 @@ shortTitle: Configuration options The {% data variables.product.prodname_dependabot %} configuration file, *dependabot.yml*, uses YAML syntax. If you're new to YAML and want to learn more, see "[Learn YAML in five minutes](https://www.codeproject.com/Articles/1214409/Learn-YAML-in-five-minutes)." -You must store this file in the `.github` directory of your repository. When you add or update the *dependabot.yml* file, this triggers an immediate check for version updates. For more information and an example, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-dependabot-version-updates)." +You must store this file in the `.github` directory of your repository. When you add or update the *dependabot.yml* file, this triggers an immediate check for version updates. For more information and an example, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-dependabot-version-updates)." Any options that also affect security updates are used the next time a security alert triggers a pull request for a security update. For more information, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)." @@ -254,6 +256,12 @@ By default, {% data variables.product.prodname_dependabot %} attempts to detect Supported options +{% note %} + +**Note:** The `prefix` and the `prefix-development` options have a 15 character limit. + +{% endnote %} + - `prefix` specifies a prefix for all commit messages. - `prefix-development` specifies a separate prefix for all commit messages that update dependencies in the Development dependency group. When you specify a value for this option, the `prefix` is used only for updates to dependencies in the Production dependency group. This is supported by: `bundler`, `composer`, `mix`, `maven`, `npm`, and `pip`. - `include: "scope"` specifies that any prefix is followed by a list of the dependencies updated in the commit. diff --git a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md b/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md similarity index 93% rename from translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md rename to content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md index ab9c946fed..383009127e 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md +++ b/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md @@ -1,11 +1,12 @@ --- -title: Enabling and disabling Dependabot version updates +title: Configuring Dependabot version updates intro: 'You can configure your repository so that {% data variables.product.prodname_dependabot %} automatically updates the packages you use.' permissions: 'People with write permissions to a repository can enable or disable {% data variables.product.prodname_dependabot_version_updates %} for the repository.' redirect_from: - /github/administering-a-repository/enabling-and-disabling-version-updates - /code-security/supply-chain-security/enabling-and-disabling-version-updates - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-version-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates versions: fpt: '*' ghec: '*' @@ -17,7 +18,7 @@ topics: - Repositories - Dependencies - Pull requests -shortTitle: Enable and disable updates +shortTitle: Configure version updates --- {% data reusables.dependabot.beta-security-and-version-updates %} @@ -33,7 +34,7 @@ You enable {% data variables.product.prodname_dependabot_version_updates %} by c ## Enabling {% data variables.product.prodname_dependabot_version_updates %} -{% data reusables.dependabot.create-dependabot-yml %} For information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates)." +{% data reusables.dependabot.create-dependabot-yml %} For information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates)." 1. Add a `version`. 1. Optionally, if you have dependencies in a private registry, add a `registries` section containing authentication details. 1. Add an `updates` section, with an entry for each package manager you want {% data variables.product.prodname_dependabot %} to monitor. @@ -137,4 +138,4 @@ updates: update-types: ["version-update:semver-patch"] ``` -For more information about checking for existing ignore preferences, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)." +For more information about checking for existing ignore preferences, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)." diff --git a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md b/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md similarity index 92% rename from translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md rename to content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md index 217257ceb2..7ae4112ea1 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md +++ b/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md @@ -5,6 +5,7 @@ permissions: 'People with write permissions to a repository can configure {% dat redirect_from: - /github/administering-a-repository/customizing-dependency-updates - /code-security/supply-chain-security/customizing-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates versions: fpt: '*' ghec: '*' @@ -34,7 +35,7 @@ After you've enabled version updates, you can customize how {% data variables.pr - Change the maximum number of open pull requests for version updates from the default of 5: `open-pull-requests-limit` - Open pull requests for version updates to target a specific branch, instead of the default branch: `target-branch` -For more information about the configuration options, see "[Configuration options for dependency updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)." +For more information about the configuration options, see "[Configuration options for the dependabot.yml file](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)." When you update the *dependabot.yml* file in your repository, {% data variables.product.prodname_dependabot %} runs an immediate check with the new configuration. Within minutes you will see an updated list of dependencies on the **{% data variables.product.prodname_dependabot %}** tab, this may take longer if the repository has many dependencies. You may also see new pull requests for version updates. For more information, see "[Listing dependencies configured for version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates)." @@ -140,4 +141,4 @@ updates: ## More examples -For more examples, see "[Configuration options for dependency updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)." +For more examples, see "[Configuration options for the dependabot.yml file](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)." diff --git a/content/code-security/dependabot/dependabot-version-updates/index.md b/content/code-security/dependabot/dependabot-version-updates/index.md new file mode 100644 index 0000000000..0a8b2903c7 --- /dev/null +++ b/content/code-security/dependabot/dependabot-version-updates/index.md @@ -0,0 +1,26 @@ +--- +title: Keeping your dependencies updated automatically with Dependabot version updates +intro: 'You can use {% data variables.product.prodname_dependabot %} to automatically keep the dependencies and packages used in your repository updated to the latest version, even when they don’t have any known vulnerabilities.' +allowTitleToDifferFromFilename: true +redirect_from: + - /github/administering-a-repository/keeping-your-dependencies-updated-automatically + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Version updates + - Dependencies + - Pull requests +children: + - /about-dependabot-version-updates + - /configuring-dependabot-version-updates + - /listing-dependencies-configured-for-version-updates + - /customizing-dependency-updates + - /configuration-options-for-the-dependabot.yml-file +shortTitle: Dependabot version updates +--- + diff --git a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md b/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md similarity index 84% rename from translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md rename to content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md index 4a0585c911..697e9d131e 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md +++ b/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md @@ -4,6 +4,7 @@ intro: 'You can view the dependencies that {% data variables.product.prodname_de redirect_from: - /github/administering-a-repository/listing-dependencies-configured-for-version-updates - /code-security/supply-chain-security/listing-dependencies-configured-for-version-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates versions: fpt: '*' ghec: '*' @@ -22,7 +23,7 @@ shortTitle: List configured dependencies ## Viewing dependencies monitored by {% data variables.product.prodname_dependabot %} -After you've enabled version updates, you can confirm that your configuration is correct using the **{% data variables.product.prodname_dependabot %}** tab in the dependency graph for the repository. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +After you've enabled version updates, you can confirm that your configuration is correct using the **{% data variables.product.prodname_dependabot %}** tab in the dependency graph for the repository. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.accessing-repository-graphs %} diff --git a/content/code-security/dependabot/index.md b/content/code-security/dependabot/index.md new file mode 100644 index 0000000000..cb1f4984f9 --- /dev/null +++ b/content/code-security/dependabot/index.md @@ -0,0 +1,23 @@ +--- +title: Keeping your supply chain secure with Dependabot +shortTitle: Dependabot +intro: 'Monitor vulnerabilities in dependencies used in your project{% ifversion fpt or ghec or ghes > 3.2 %} and keep your dependencies up-to-date{% endif %} with {% data variables.product.prodname_dependabot %}.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +topics: + - Dependabot + - Alerts + - Vulnerabilities + - Repositories + - Dependencies +children: + - /dependabot-alerts + - /dependabot-security-updates + - /dependabot-version-updates + - /working-with-dependabot +--- + diff --git a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md b/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md similarity index 99% rename from translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md rename to content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md index 9b97e577a9..d819a42fad 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md +++ b/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md @@ -17,6 +17,8 @@ topics: - Dependencies - Pull requests shortTitle: Use Dependabot with Actions +redirect_from: + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions --- {% data reusables.dependabot.beta-security-and-version-updates %} diff --git a/content/code-security/dependabot/working-with-dependabot/index.md b/content/code-security/dependabot/working-with-dependabot/index.md new file mode 100644 index 0000000000..2ff0dbc0da --- /dev/null +++ b/content/code-security/dependabot/working-with-dependabot/index.md @@ -0,0 +1,24 @@ +--- +title: Working with Dependabot +shortTitle: Work with Dependabot +intro: 'Guidance and recommendations for working with {% data variables.product.prodname_dependabot %}, such as managing pull requests raised by {% data variables.product.prodname_dependabot %}, using {% data variables.product.prodname_actions %} with {% data variables.product.prodname_dependabot %}, and troubleshooting {% data variables.product.prodname_dependabot %} errors.' +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Version updates + - Security updates + - Dependencies + - Pull requests +children: + - /managing-pull-requests-for-dependency-updates + - /automating-dependabot-with-github-actions + - /keeping-your-actions-up-to-date-with-dependabot + - /managing-encrypted-secrets-for-dependabot + - /troubleshooting-the-detection-of-vulnerable-dependencies + - /troubleshooting-dependabot-errors +--- + diff --git a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md b/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md similarity index 88% rename from content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md rename to content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md index 7261cc6b3b..e373bef51a 100644 --- a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md +++ b/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md @@ -5,6 +5,7 @@ redirect_from: - /github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot - /github/administering-a-repository/keeping-your-actions-up-to-date-with-dependabot - /code-security/supply-chain-security/keeping-your-actions-up-to-date-with-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot versions: fpt: '*' ghec: '*' @@ -36,7 +37,7 @@ Actions are often updated with bug fixes and new features to make automated proc 1. Set a `schedule.interval` to specify how often to check for new versions. {% data reusables.dependabot.check-in-dependabot-yml %} If you have edited an existing file, save your changes. -You can also enable {% data variables.product.prodname_dependabot_version_updates %} on forks. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-version-updates-on-forks)." +You can also enable {% data variables.product.prodname_dependabot_version_updates %} on forks. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-version-updates-on-forks)." ### Example *dependabot.yml* file for {% data variables.product.prodname_actions %} @@ -57,7 +58,7 @@ updates: ## Configuring {% data variables.product.prodname_dependabot_version_updates %} for actions -When enabling {% data variables.product.prodname_dependabot_version_updates %} for actions, you must specify values for `package-ecosystem`, `directory`, and `schedule.interval`. There are many more optional properties that you can set to further customize your version updates. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates)." +When enabling {% data variables.product.prodname_dependabot_version_updates %} for actions, you must specify values for `package-ecosystem`, `directory`, and `schedule.interval`. There are many more optional properties that you can set to further customize your version updates. For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates)." ## Further reading diff --git a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md b/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md similarity index 93% rename from translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md rename to content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md index 2227c45900..c6f149b16a 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md +++ b/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md @@ -4,6 +4,7 @@ intro: 'You can store sensitive information, like passwords and access tokens, a redirect_from: - /github/administering-a-repository/managing-encrypted-secrets-for-dependabot - /code-security/supply-chain-security/managing-encrypted-secrets-for-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot versions: fpt: '*' ghec: '*' @@ -33,7 +34,7 @@ password: ${{secrets.MY_ARTIFACTORY_PASSWORD}} ``` {% endraw %} -For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." +For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." ### Naming your secrets diff --git a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md b/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md similarity index 93% rename from content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md rename to content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md index 99176596b7..e3fefa8389 100644 --- a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md +++ b/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md @@ -4,6 +4,7 @@ intro: 'You manage pull requests raised by {% data variables.product.prodname_de redirect_from: - /github/administering-a-repository/managing-pull-requests-for-dependency-updates - /code-security/supply-chain-security/managing-pull-requests-for-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates versions: fpt: '*' ghec: '*' @@ -41,7 +42,7 @@ If you have many dependencies to manage, you may want to customize the configura ## Changing the rebase strategy for {% data variables.product.prodname_dependabot %} pull requests -By default, {% data variables.product.prodname_dependabot %} automatically rebases pull requests to resolve any conflicts. If you'd prefer to handle merge conflicts manually, you can disable this using the `rebase-strategy` option. For details, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#rebase-strategy)." +By default, {% data variables.product.prodname_dependabot %} automatically rebases pull requests to resolve any conflicts. If you'd prefer to handle merge conflicts manually, you can disable this using the `rebase-strategy` option. For details, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#rebase-strategy)." ## Managing {% data variables.product.prodname_dependabot %} pull requests with comment commands @@ -62,4 +63,4 @@ You can use any of the following commands on a {% data variables.product.prodnam {% data variables.product.prodname_dependabot %} will react with a "thumbs up" emoji to acknowledge the command, and may respond with a comment on the pull request. While {% data variables.product.prodname_dependabot %} usually responds quickly, some commands may take several minutes to complete if {% data variables.product.prodname_dependabot %} is busy processing other updates or commands. -If you run any of the commands for ignoring dependencies or versions, {% data variables.product.prodname_dependabot %} stores the preferences for the repository centrally. While this is a quick solution, for repositories with more than one contributor it is better to explicitly define the dependencies and versions to ignore in the configuration file. This makes it easy for all contributors to see why a particular dependency isn't being updated automatically. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)." +If you run any of the commands for ignoring dependencies or versions, {% data variables.product.prodname_dependabot %} stores the preferences for the repository centrally. While this is a quick solution, for repositories with more than one contributor it is better to explicitly define the dependencies and versions to ignore in the configuration file. This makes it easy for all contributors to see why a particular dependency isn't being updated automatically. For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)." diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md b/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md similarity index 90% rename from content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md rename to content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md index f0e5dc57aa..d79a0241df 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md +++ b/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md @@ -6,6 +6,7 @@ redirect_from: - /github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors - /github/managing-security-vulnerabilities/troubleshooting-dependabot-errors - /code-security/supply-chain-security/troubleshooting-dependabot-errors + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors versions: fpt: '*' ghec: '*' @@ -76,7 +77,7 @@ Pull requests for security updates act to upgrade a vulnerable dependency to the Every application that has dependencies has a dependency graph, that is, a directed acyclic graph of every package version that the application directly or indirectly depends on. Every time a dependency is updated, this graph must resolve otherwise the application won't build. When an ecosystem has a deep and complex dependency graph, for example, npm and RubyGems, it is often impossible to upgrade a single dependency without upgrading the whole ecosystem. -The best way to avoid this problem is to stay up to date with the most recently released versions, for example, by enabling version updates. This increases the likelihood that a vulnerability in one dependency can be resolved by a simple upgrade that doesn't break the dependency graph. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +The best way to avoid this problem is to stay up to date with the most recently released versions, for example, by enabling version updates. This increases the likelihood that a vulnerability in one dependency can be resolved by a simple upgrade that doesn't break the dependency graph. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." ### {% data variables.product.prodname_dependabot %} cannot update to the required version as there is already an open pull request for the latest version @@ -90,13 +91,13 @@ There are two options: you can review the open pull request and merge it as soon This error is difficult to address. If a version update times out, you could specify the most important dependencies to update using the `allow` parameter or, alternatively, use the `ignore` parameter to exclude some dependencies from updates. Updating your configuration might allow {% data variables.product.prodname_dependabot %} to review the version update and generate the pull request in the time available. -If a security update times out, you can reduce the chances of this happening by keeping the dependencies updated, for example, by enabling version updates. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +If a security update times out, you can reduce the chances of this happening by keeping the dependencies updated, for example, by enabling version updates. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." ### {% data variables.product.prodname_dependabot %} cannot open any more pull requests There's a limit on the number of open pull requests {% data variables.product.prodname_dependabot %} will generate. When this limit is reached, no new pull requests are opened and this error is reported. The best way to resolve this error is to review and merge some of the open pull requests. -There are separate limits for security and version update pull requests, so that open version update pull requests cannot block the creation of a security update pull request. The limit for security update pull requests is 10. By default, the limit for version updates is 5 but you can change this using the `open-pull-requests-limit` parameter in the configuration file. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit)." +There are separate limits for security and version update pull requests, so that open version update pull requests cannot block the creation of a security update pull request. The limit for security update pull requests is 10. By default, the limit for version updates is 5 but you can change this using the `open-pull-requests-limit` parameter in the configuration file. For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit)." The best way to resolve this error is to merge or close some of the existing pull requests and trigger a new pull request manually. For more information, see "[Triggering a {% data variables.product.prodname_dependabot %} pull request manually](#triggering-a-dependabot-pull-request-manually)." @@ -125,3 +126,8 @@ If you unblock {% data variables.product.prodname_dependabot %}, you can manuall - **Security updates**—display the {% data variables.product.prodname_dependabot %} alert that shows the error you have fixed and click **Create {% data variables.product.prodname_dependabot %} security update**. - **Version updates**—on the **Insights** tab for the repository click **Dependency graph**, and then click the **Dependabot** tab. Click **Last checked *TIME* ago** to see the log file that {% data variables.product.prodname_dependabot %} generated during the last check for version updates. Click **Check for updates**. + +## Further reading + +- "[Troubleshooting the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)" +- "[Troubleshooting the detection of vulnerable dependencies](/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies)" diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md b/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md similarity index 70% rename from content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md rename to content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md index 4a967cf2fb..722d2e48bd 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md +++ b/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md @@ -1,10 +1,11 @@ --- title: Troubleshooting the detection of vulnerable dependencies intro: 'If the dependency information reported by {% data variables.product.product_name %} is not what you expected, there are a number of points to consider, and various things you can check.' -shortTitle: Troubleshoot detection +shortTitle: Troubleshoot vulnerability detection redirect_from: - /github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies - /code-security/supply-chain-security/troubleshooting-the-detection-of-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies versions: fpt: '*' ghes: '*' @@ -19,26 +20,31 @@ topics: - Security updates - Dependencies - Vulnerabilities - - Dependency graph - - Alerts - CVEs - Repositories --- {% data reusables.dependabot.beta-security-and-version-updates %} - -The results of dependency detection reported by {% data variables.product.product_name %} may be different from the results returned by other tools. There are good reasons for this and it's helpful to understand how {% data variables.product.prodname_dotcom %} determines dependencies for your project. +{% data reusables.dependabot.result-discrepancy %} ## Why do some dependencies seem to be missing? {% data variables.product.prodname_dotcom %} generates and displays dependency data differently than other tools. Consequently, if you've been using another tool to identify dependencies you will almost certainly see different results. Consider the following: * {% data variables.product.prodname_advisory_database %} is one of the data sources that {% data variables.product.prodname_dotcom %} uses to identify vulnerable dependencies. It's a free, curated database of vulnerability information for common package ecosystems on {% data variables.product.prodname_dotcom %}. It includes both data reported directly to {% data variables.product.prodname_dotcom %} from {% data variables.product.prodname_security_advisories %}, as well as official feeds and community sources. This data is reviewed and curated by {% data variables.product.prodname_dotcom %} to ensure that false or unactionable information is not shared with the development community. {% data reusables.security-advisory.link-browsing-advisory-db %} -* The dependency graph parses all known package manifest files in a user’s repository. For example, for npm it will parse the _package-lock.json_ file. It constructs a graph of all of the repository’s dependencies and public dependents. This happens when you enable the dependency graph and when anyone pushes to the default branch, and it includes commits that makes changes to a supported manifest format. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)." -* {% data variables.product.prodname_dependabot %} scans any push, to the default branch, that contains a manifest file. When a new vulnerability record is added, it scans all existing repositories and generates an alert for each vulnerable repository. {% data variables.product.prodname_dependabot_alerts %} are aggregated at the repository level, rather than creating one alert per vulnerability. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." +* The dependency graph parses all known package manifest files in a user’s repository. For example, for npm it will parse the _package-lock.json_ file. It constructs a graph of all of the repository’s dependencies and public dependents. This happens when you enable the dependency graph and when anyone pushes to the default branch, and it includes commits that makes changes to a supported manifest format. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" and "[Troubleshooting the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)." +* {% data variables.product.prodname_dependabot %} scans any push, to the default branch, that contains a manifest file. When a new vulnerability record is added, it scans all existing repositories and generates an alert for each vulnerable repository. {% data variables.product.prodname_dependabot_alerts %} are aggregated at the repository level, rather than creating one alert per vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." * {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} are triggered when you receive an alert about a vulnerable dependency in your repository. Where possible, {% data variables.product.prodname_dependabot %} creates a pull request in your repository to upgrade the vulnerable dependency to the minimum possible secure version needed to avoid the vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" and "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)." - {% endif %}{% data variables.product.prodname_dependabot %} doesn't scan repositories for vulnerable dependencies on a schedule, but rather when something changes. For example, a scan is triggered when a new dependency is added ({% data variables.product.prodname_dotcom %} checks for this on every push), or when a new vulnerability is added to the advisory database{% ifversion ghes or ghae-issue-4864 %} and synchronized to {% data variables.product.product_location %}{% endif %}. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)." + {% endif %}{% data variables.product.prodname_dependabot %} doesn't scan repositories for vulnerable dependencies on a schedule, but rather when something changes. For example, a scan is triggered when a new dependency is added ({% data variables.product.prodname_dotcom %} checks for this on every push), or when a new vulnerability is added to the advisory database{% ifversion ghes or ghae-issue-4864 %} and synchronized to {% data variables.product.product_location %}{% endif %}. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)." + +## Do {% data variables.product.prodname_dependabot_alerts %} only relate to vulnerable dependencies in manifests and lockfiles? + +{% data variables.product.prodname_dependabot_alerts %} advise you about dependencies you should update, including transitive dependencies, where the version can be determined from a manifest or a lockfile. {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} only suggest a change where {% data variables.product.prodname_dependabot %} can directly "fix" the dependency, that is, when these are: +* Direct dependencies explicitly declared in a manifest or lockfile +* Transitive dependencies declared in a lockfile{% endif %} + +**Check**: Is the uncaught vulnerability for a component that's not specified in the repository's manifest or lockfile? ## Why don't I get vulnerability alerts for some ecosystems? @@ -48,44 +54,6 @@ It's worth noting that {% data variables.product.prodname_dotcom %} Security Adv **Check**: Does the uncaught vulnerability apply to an unsupported ecosystem? -## Does the dependency graph only find dependencies in manifests and lockfiles? - -The dependency graph includes information on dependencies that are explicitly declared in your environment. That is, dependencies that are specified in a manifest or a lockfile. The dependency graph generally also includes transitive dependencies, even when they aren't specified in a lockfile, by looking at the dependencies of the dependencies in a manifest file. - -{% data variables.product.prodname_dependabot_alerts %} advise you about dependencies you should update, including transitive dependencies, where the version can be determined from a manifest or a lockfile. {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} only suggest a change where {% data variables.product.prodname_dependabot %} can directly "fix" the dependency, that is, when these are: -* Direct dependencies explicitly declared in a manifest or lockfile -* Transitive dependencies declared in a lockfile{% endif %} - -The dependency graph doesn't include "loose" dependencies. "Loose" dependencies are individual files that are copied from another source and checked into the repository directly or within an archive (such as a ZIP or JAR file), rather than being referenced by in a package manager’s manifest or lockfile. - -**Check**: Is the uncaught vulnerability for a component that's not specified in the repository's manifest or lockfile? - -## Does the dependency graph detect dependencies specified using variables? - -The dependency graph analyzes manifests as they’re pushed to {% data variables.product.prodname_dotcom %}. The dependency graph doesn't, therefore, have access to the build environment of the project, so it can't resolve variables used within manifests. If you use variables within a manifest to specify the name, or more commonly the version of a dependency, then that dependency will not be included in the dependency graph. - -**Check**: Is the missing dependency declared in the manifest by using a variable for its name or version? - -## Are there limits which affect the dependency graph data? - -Yes, the dependency graph has two categories of limits: - -1. **Processing limits** - - These affect the dependency graph displayed within {% data variables.product.prodname_dotcom %} and also prevent {% data variables.product.prodname_dependabot_alerts %} being created. - - Manifests over 0.5 MB in size are only processed for enterprise accounts. For other accounts, manifests over 0.5 MB are ignored and will not create {% data variables.product.prodname_dependabot_alerts %}. - - By default, {% data variables.product.prodname_dotcom %} will not process more than 20 manifests per repository. {% data variables.product.prodname_dependabot_alerts %} are not created for manifests beyond this limit. If you need to increase the limit, contact {% data variables.contact.contact_support %}. - -2. **Visualization limits** - - These affect what's displayed in the dependency graph within {% data variables.product.prodname_dotcom %}. However, they don't affect the {% data variables.product.prodname_dependabot_alerts %} that are created. - - The Dependencies view of the dependency graph for a repository only displays 100 manifests. Typically this is adequate as it is significantly higher than the processing limit described above. In situations where the processing limit is over 100, {% data variables.product.prodname_dependabot_alerts %} are still created for any manifests that are not shown within {% data variables.product.prodname_dotcom %}. - -**Check**: Is the missing dependency in a manifest file that's over 0.5 MB, or in a repository with a large number of manifests? - ## Does {% data variables.product.prodname_dependabot %} generate alerts for vulnerabilities that have been known for many years? The {% data variables.product.prodname_advisory_database %} was launched in November 2019, and initially back-filled to include vulnerability information for the supported ecosystems, starting from 2017. When adding CVEs to the database, we prioritize curating newer CVEs, and CVEs affecting newer versions of software. @@ -118,7 +86,8 @@ The {% data variables.product.prodname_dependabot_alerts %} count in {% data var ## Further reading -- "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" -- "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" -- "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" +- "[Troubleshooting the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)"{% ifversion fpt or ghec or ghes > 3.2 %} - "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"{% endif %} diff --git a/content/code-security/getting-started/github-security-features.md b/content/code-security/getting-started/github-security-features.md index 19655b0a18..21c6e0e3f7 100644 --- a/content/code-security/getting-started/github-security-features.md +++ b/content/code-security/getting-started/github-security-features.md @@ -37,7 +37,7 @@ Privately discuss and fix security vulnerabilities in your repository's code. Yo ### {% data variables.product.prodname_dependabot_alerts %} and security updates -View alerts about dependencies that are known to contain security vulnerabilities, and choose whether to have pull requests generated automatically to update these dependencies. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" +View alerts about dependencies that are known to contain security vulnerabilities, and choose whether to have pull requests generated automatically to update these dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." {% endif %} @@ -46,7 +46,7 @@ and "[About {% data variables.product.prodname_dependabot_security_updates %}](/ {% data reusables.dependabot.dependabot-alerts-beta %} -View alerts about dependencies that are known to contain security vulnerabilities, and manage these alerts. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +View alerts about dependencies that are known to contain security vulnerabilities, and manage these alerts. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." {% endif %} {% ifversion fpt or ghec or ghes > 3.2 %} diff --git a/content/code-security/getting-started/securing-your-organization.md b/content/code-security/getting-started/securing-your-organization.md index bd40761fce..667abbef44 100644 --- a/content/code-security/getting-started/securing-your-organization.md +++ b/content/code-security/getting-started/securing-your-organization.md @@ -48,7 +48,7 @@ You can create a default security policy that will display in any of your organi {% data reusables.dependabot.dependabot-alerts-beta %} {% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} -For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)," "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)," and "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." +For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)," "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)," and "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." {% endif %} {% ifversion fpt or ghes > 3.1 or ghae-issue-4864 or ghec %} @@ -79,7 +79,7 @@ For more information, see "[About {% data variables.product.prodname_dependabot_ You can enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/about-dependabot-version-updates)." -To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." {% endif %} @@ -135,7 +135,7 @@ For more information, see "[Managing security and analysis settings for your org ## Next steps {% ifversion fpt or ghes > 3.1 or ghec %}You can view, filter, and sort security alerts for repositories owned by your organization in the security overview. For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)."{% endif %} -You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing and updating vulnerable dependencies in your repository](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." +You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." {% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)." {% endif %} diff --git a/content/code-security/getting-started/securing-your-repository.md b/content/code-security/getting-started/securing-your-repository.md index 293eb3185b..1073b342f8 100644 --- a/content/code-security/getting-started/securing-your-repository.md +++ b/content/code-security/getting-started/securing-your-repository.md @@ -75,7 +75,7 @@ For more information, see "[Exploring the dependencies of a repository](/code-se {% data reusables.dependabot.dependabot-alerts-beta %} {% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} -For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt or ghec %}" and "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account){% endif %}." +For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt or ghec %}" and "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account){% endif %}." {% endif %} @@ -111,7 +111,7 @@ For more information, see "[About {% data variables.product.prodname_dependabot_ You can enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/about-dependabot-version-updates)." -To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." {% endif %} @@ -132,7 +132,7 @@ You can set up {% data variables.product.prodname_code_scanning %} to automatica {% endif %} ## Next steps -You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing and updating vulnerable dependencies in your repository](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." +You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." {% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)." {% endif %} diff --git a/content/code-security/guides.md b/content/code-security/guides.md index 5a086ef693..f039f78ff4 100644 --- a/content/code-security/guides.md +++ b/content/code-security/guides.md @@ -75,7 +75,6 @@ includeGuides: - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates diff --git a/content/code-security/index.md b/content/code-security/index.md index 19f3861138..e7248afec2 100644 --- a/content/code-security/index.md +++ b/content/code-security/index.md @@ -54,6 +54,7 @@ children: - /code-scanning - /repository-security-advisories - /supply-chain-security + - /dependabot - /security-overview - /guides --- diff --git a/content/code-security/secret-scanning/about-secret-scanning.md b/content/code-security/secret-scanning/about-secret-scanning.md index f49db4795c..9549eaaae2 100644 --- a/content/code-security/secret-scanning/about-secret-scanning.md +++ b/content/code-security/secret-scanning/about-secret-scanning.md @@ -31,9 +31,9 @@ If your project communicates with an external service, you might use a token or {% ifversion fpt or ghec %} {% data variables.product.prodname_secret_scanning_caps %} is available on {% data variables.product.prodname_dotcom_the_website %} in two forms: -1. **{% data variables.product.prodname_secret_scanning_partner_caps %}.** Runs automatically on all public repositories. Any strings that match patterns that were provided by secret scanning partners are reported directly to the relvant partner. +1. **{% data variables.product.prodname_secret_scanning_partner_caps %}.** Runs automatically on all public repositories. Any strings that match patterns that were provided by secret scanning partners are reported directly to the relevant partner. -2. **{% data variables.product.prodname_secret_scanning_GHAS_caps %}.** You can enable and configure additional scanning for repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. Any strings that match patterns provided by secret scannng partners, by other service providers, or defined by your organization are reported as alerts in the "Security" tab of repositories. If a string in a public repository matches a partner pattern, it is also reported to the partner. +2. **{% data variables.product.prodname_secret_scanning_GHAS_caps %}.** You can enable and configure additional scanning for repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. Any strings that match patterns provided by secret scanning partners, by other service providers, or defined by your organization, are reported as alerts in the "Security" tab of repositories. If a string in a public repository matches a partner pattern, it is also reported to the partner. {% endif %} Service providers can partner with {% data variables.product.company_short %} to provide their secret formats for scanning. {% data reusables.secret-scanning.partner-program-link %} diff --git a/content/code-security/security-overview/about-the-security-overview.md b/content/code-security/security-overview/about-the-security-overview.md index 8cfb95f56e..5227039b4f 100644 --- a/content/code-security/security-overview/about-the-security-overview.md +++ b/content/code-security/security-overview/about-the-security-overview.md @@ -28,7 +28,7 @@ shortTitle: About security overview You can use the security overview for a high-level view of the security status of your organization or to identify problematic repositories that require intervention. You can view aggregate or repository-specific security information in the security overview. You can also use the security overview to see which security features are enabled for your repositories and to configure any available security features that are not currently in use. -The security overview indicates whether {% ifversion fpt or ghes > 3.1 or ghec %}security{% endif %}{% ifversion ghae %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} features are enabled for repositories owned by your organization and consolidates alerts for each feature.{% ifversion fpt or ghes > 3.1 or ghec %} Security features include {% data variables.product.prodname_GH_advanced_security %} features, such as {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_secret_scanning %}, as well as {% data variables.product.prodname_dependabot_alerts %}.{% endif %} For more information about {% data variables.product.prodname_GH_advanced_security %} features, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)."{% ifversion fpt or ghes > 3.1 or ghec %} For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)."{% endif %} +The security overview indicates whether {% ifversion fpt or ghes > 3.1 or ghec %}security{% endif %}{% ifversion ghae %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} features are enabled for repositories owned by your organization and consolidates alerts for each feature.{% ifversion fpt or ghes > 3.1 or ghec %} Security features include {% data variables.product.prodname_GH_advanced_security %} features, such as {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_secret_scanning %}, as well as {% data variables.product.prodname_dependabot_alerts %}.{% endif %} For more information about {% data variables.product.prodname_GH_advanced_security %} features, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)."{% ifversion fpt or ghes > 3.1 or ghec %} For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)."{% endif %} For more information about securing your code at the repository and organization levels, see "[Securing your repository](/code-security/getting-started/securing-your-repository)" and "[Securing your organization](/code-security/getting-started/securing-your-organization)." @@ -54,7 +54,7 @@ For each repository in the security overview, you will see icons for each type o | -------- | -------- | | {% octicon "code-square" aria-label="Code scanning alerts" %} | {% data variables.product.prodname_code_scanning_capc %} alerts. For more information, see "[About {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/about-code-scanning)." | | {% octicon "key" aria-label="Secret scanning alerts" %} | {% data variables.product.prodname_secret_scanning_caps %} alerts. For more information, see "[About {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/about-secret-scanning)." | -| {% octicon "hubot" aria-label="Dependabot alerts" %} | {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." | +| {% octicon "hubot" aria-label="Dependabot alerts" %} | {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." | | {% octicon "check" aria-label="Check" %} | The security feature is enabled, but does not raise alerts in this repository. | | {% octicon "x" aria-label="x" %} | The security feature is not supported in this repository. | diff --git a/content/code-security/supply-chain-security/index.md b/content/code-security/supply-chain-security/index.md index 6676ac8a44..920263b971 100644 --- a/content/code-security/supply-chain-security/index.md +++ b/content/code-security/supply-chain-security/index.md @@ -16,8 +16,6 @@ topics: - Repositories children: - /understanding-your-software-supply-chain - - /keeping-your-dependencies-updated-automatically - - /managing-vulnerabilities-in-your-projects-dependencies - /end-to-end-supply-chain --- diff --git a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md b/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md deleted file mode 100644 index 4e18304d1a..0000000000 --- a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md +++ /dev/null @@ -1,967 +0,0 @@ ---- -title: Configuration options for dependency updates -intro: 'Detailed information for all the options you can use to customize how {% data variables.product.prodname_dependabot %} maintains your repositories.' -permissions: 'People with write permissions to a repository can configure {% data variables.product.prodname_dependabot %} for the repository.' -redirect_from: - - /github/administering-a-repository/configuration-options-for-dependency-updates - - /code-security/supply-chain-security/configuration-options-for-dependency-updates -miniTocMaxHeadingLevel: 3 -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -type: reference -topics: - - Dependabot - - Version updates - - Repositories - - Dependencies - - Pull requests -shortTitle: Configuration options ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} -{% data reusables.dependabot.enterprise-enable-dependabot %} - -## About the *dependabot.yml* file - -The {% data variables.product.prodname_dependabot %} configuration file, *dependabot.yml*, uses YAML syntax. If you're new to YAML and want to learn more, see "[Learn YAML in five minutes](https://www.codeproject.com/Articles/1214409/Learn-YAML-in-five-minutes)." - -You must store this file in the `.github` directory of your repository. When you add or update the *dependabot.yml* file, this triggers an immediate check for version updates. For more information and an example, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-dependabot-version-updates)." - -Any options that also affect security updates are used the next time a security alert triggers a pull request for a security update. For more information, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)." - -The *dependabot.yml* file has two mandatory top-level keys: `version`, and `updates`. You can, optionally, include a top-level `registries` key. The file must start with `version: 2`. - -## Configuration options for updates - -The top-level `updates` key is mandatory. You use it to configure how {% data variables.product.prodname_dependabot %} updates the versions or your project's dependencies. Each entry configures the update settings for a particular package manager. You can use the following options. - -| Option | Required | Description | -|:---|:---:|:---| -| [`package-ecosystem`](#package-ecosystem) | **X** | Package manager to use | -| [`directory`](#directory) | **X** | Location of package manifests | -| [`schedule.interval`](#scheduleinterval) | **X** | How often to check for updates | -| [`allow`](#allow) | | Customize which updates are allowed | -| [`assignees`](#assignees) | | Assignees to set on pull requests | -| [`commit-message`](#commit-message) | | Commit message preferences | -| [`ignore`](#ignore) | | Ignore certain dependencies or versions | -| [`insecure-external-code-execution`](#insecure-external-code-execution) | | Allow or deny code execution in manifest files | -| [`labels`](#labels) | | Labels to set on pull requests | -| [`milestone`](#milestone) | | Milestone to set on pull requests | -| [`open-pull-requests-limit`](#open-pull-requests-limit) | | Limit number of open pull requests for version updates| -| [`pull-request-branch-name.separator`](#pull-request-branch-nameseparator) | | Change separator for pull request branch names | -| [`rebase-strategy`](#rebase-strategy) | | Disable automatic rebasing | -| [`registries`](#registries) | | Private registries that {% data variables.product.prodname_dependabot %} can access| -| [`reviewers`](#reviewers) | | Reviewers to set on pull requests | -| [`schedule.day`](#scheduleday) | | Day of week to check for updates | -| [`schedule.time`](#scheduletime) | | Time of day to check for updates (hh:mm) | -| [`schedule.timezone`](#scheduletimezone) | | Timezone for time of day (zone identifier) | -| [`target-branch`](#target-branch) | | Branch to create pull requests against | -| [`vendor`](#vendor) | | Update vendored or cached dependencies | -| [`versioning-strategy`](#versioning-strategy) | | How to update manifest version requirements | - -These options fit broadly into the following categories. - -- Essential set up options that you must include in all configurations: [`package-ecosystem`](#package-ecosystem), [`directory`](#directory),[`schedule.interval`](#scheduleinterval). -- Options to customize the update schedule: [`schedule.time`](#scheduletime), [`schedule.timezone`](#scheduletimezone), [`schedule.day`](#scheduleday). -- Options to control which dependencies are updated: [`allow`](#allow), [`ignore`](#ignore), [`vendor`](#vendor). -- Options to add metadata to pull requests: [`reviewers`](#reviewers), [`assignees`](#assignees), [`labels`](#labels), [`milestone`](#milestone). -- Options to change the behavior of the pull requests: [`target-branch`](#target-branch), [`versioning-strategy`](#versioning-strategy), [`commit-message`](#commit-message), [`rebase-strategy`](#rebase-strategy), [`pull-request-branch-name.separator`](#pull-request-branch-nameseparator). - -In addition, the [`open-pull-requests-limit`](#open-pull-requests-limit) option changes the maximum number of pull requests for version updates that {% data variables.product.prodname_dependabot %} can open. - -{% note %} - -**Note:** Some of these configuration options may also affect pull requests raised for security updates of vulnerable package manifests. - -Security updates are raised for vulnerable package manifests only on the default branch. When configuration options are set for the same branch (true unless you use `target-branch`), and specify a `package-ecosystem` and `directory` for the vulnerable manifest, then pull requests for security updates use relevant options. - -In general, security updates use any configuration options that affect pull requests, for example, adding metadata or changing their behavior. For more information about security updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)." - -{% endnote %} - -### `package-ecosystem` - -**Required**. You add one `package-ecosystem` element for each package manager that you want {% data variables.product.prodname_dependabot %} to monitor for new versions. The repository must also contain a dependency manifest or lock file for each of these package managers. If you want to enable vendoring for a package manager that supports it, the vendored dependencies must be located in the required directory. For more information, see [`vendor`](#vendor) below. - -{% data reusables.dependabot.supported-package-managers %} - -```yaml -# Basic set up for three package managers - -version: 2 -updates: - - # Maintain dependencies for GitHub Actions - - package-ecosystem: "github-actions" - directory: "/" - schedule: - interval: "daily" - - # Maintain dependencies for npm - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - - # Maintain dependencies for Composer - - package-ecosystem: "composer" - directory: "/" - schedule: - interval: "daily" -``` - -### `directory` - -**Required**. You must define the location of the package manifests for each package manager (for example, the *package.json* or *Gemfile*). You define the directory relative to the root of the repository for all ecosystems except GitHub Actions. For GitHub Actions, set the directory to `/` to check for workflow files in `.github/workflows`. - -```yaml -# Specify location of manifest files for each package manager - -version: 2 -updates: - - package-ecosystem: "composer" - # Files stored in repository root - directory: "/" - schedule: - interval: "daily" - - - package-ecosystem: "npm" - # Files stored in `app` directory - directory: "/app" - schedule: - interval: "daily" - - - package-ecosystem: "github-actions" - # Workflow files stored in the - # default location of `.github/workflows` - directory: "/" - schedule: - interval: "daily" -``` - -### `schedule.interval` - -**Required**. You must define how often to check for new versions for each package manager. By default, {% data variables.product.prodname_dependabot %} randomly assigns a time to apply all the updates in the configuration file. To set a specific time, you can use [`schedule.time`](#scheduletime) and [`schedule.timezone`](#scheduletimezone). - -- `daily`—runs on every weekday, Monday to Friday. -- `weekly`—runs once each week. By default, this is on Monday. To modify this, use [`schedule.day`](#scheduleday). -- `monthly`—runs once each month. This is on the first day of the month. - -```yaml -# Set update schedule for each package manager - -version: 2 -updates: - - - package-ecosystem: "github-actions" - directory: "/" - schedule: - # Check for updates to GitHub Actions every weekday - interval: "daily" - - - package-ecosystem: "composer" - directory: "/" - schedule: - # Check for updates managed by Composer once a week - interval: "weekly" -``` - -{% note %} - -**Note**: `schedule` defines when {% data variables.product.prodname_dependabot %} attempts a new update. However, it's not the only time you may receive pull requests. Updates can be triggered based on changes to your `dependabot.yml` file, changes to your manifest file(s) after a failed update, or {% data variables.product.prodname_dependabot_security_updates %}. For more information, see "[Frequency of {% data variables.product.prodname_dependabot %} pull requests](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates#frequency-of-dependabot-pull-requests)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." - -{% endnote %} - -### `allow` - -{% data reusables.dependabot.default-dependencies-allow-ignore %} - -Use the `allow` option to customize which dependencies are updated. This applies to both version and security updates. You can use the following options: - -- `dependency-name`—use to allow updates for dependencies with matching names, optionally using `*` to match zero or more characters. For Java dependencies, the format of the `dependency-name` attribute is: `groupId:artifactId`, for example: `org.kohsuke:github-api`. -- `dependency-type`—use to allow updates for dependencies of specific types. - - | Dependency types | Supported by package managers | Allow updates | - |------------------|-------------------------------|--------| - | `direct` | All | All explicitly defined dependencies. | - | `indirect` | `bundler`, `pip`, `composer`, `cargo` | Dependencies of direct dependencies (also known as sub-dependencies, or transient dependencies).| - | `all` | All | All explicitly defined dependencies. For `bundler`, `pip`, `composer`, `cargo`, also the dependencies of direct dependencies.| - | `production` | `bundler`, `composer`, `mix`, `maven`, `npm`, `pip` | Only dependencies in the "Production dependency group". | - | `development`| `bundler`, `composer`, `mix`, `maven`, `npm`, `pip` | Only dependencies in the "Development dependency group". | - -```yaml -# Use `allow` to specify which dependencies to maintain - -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - allow: - # Allow updates for Lodash - - dependency-name: "lodash" - # Allow updates for React and any packages starting "react" - - dependency-name: "react*" - - - package-ecosystem: "composer" - directory: "/" - schedule: - interval: "daily" - allow: - # Allow both direct and indirect updates for all packages - - dependency-type: "all" - - - package-ecosystem: "pip" - directory: "/" - schedule: - interval: "daily" - allow: - # Allow only direct updates for - # Django and any packages starting "django" - - dependency-name: "django*" - dependency-type: "direct" - # Allow only production updates for Sphinx - - dependency-name: "sphinx" - dependency-type: "production" -``` - -### `assignees` - -Use `assignees` to specify individual assignees for all pull requests raised for a package manager. - -{% data reusables.dependabot.option-affects-security-updates %} - -```yaml -# Specify assignees for pull requests - -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - # Add assignees - assignees: - - "octocat" -``` - -### `commit-message` - -By default, {% data variables.product.prodname_dependabot %} attempts to detect your commit message preferences and use similar patterns. Use the `commit-message` option to specify your preferences explicitly. - -Supported options - -- `prefix` specifies a prefix for all commit messages. -- `prefix-development` specifies a separate prefix for all commit messages that update dependencies in the Development dependency group. When you specify a value for this option, the `prefix` is used only for updates to dependencies in the Production dependency group. This is supported by: `bundler`, `composer`, `mix`, `maven`, `npm`, and `pip`. -- `include: "scope"` specifies that any prefix is followed by a list of the dependencies updated in the commit. - -{% data reusables.dependabot.option-affects-security-updates %} - -```yaml -# Customize commit messages - -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - commit-message: - # Prefix all commit messages with "npm" - prefix: "npm" - - - package-ecosystem: "composer" - directory: "/" - schedule: - interval: "daily" - # Prefix all commit messages with "Composer" - # include a list of updated dependencies - commit-message: - prefix: "Composer" - include: "scope" - - - package-ecosystem: "pip" - directory: "/" - schedule: - interval: "daily" - # Include a list of updated dependencies - # with a prefix determined by the dependency group - commit-message: - prefix: "pip prod" - prefix-development: "pip dev" - include: "scope" -``` - -### `ignore` - -{% data reusables.dependabot.default-dependencies-allow-ignore %} - -Dependencies can be ignored either by adding them to `ignore` or by using the `@dependabot ignore` command on a pull request opened by {% data variables.product.prodname_dependabot %}. - -#### Creating `ignore` conditions from `@dependabot ignore` - -Dependencies ignored by using the `@dependabot ignore` command are stored centrally for each package manager. If you start ignoring dependencies in the `dependabot.yml` file, these existing preferences are considered alongside the `ignore` dependencies in the configuration. - -You can check whether a repository has stored `ignore` preferences by searching the repository for `"@dependabot ignore" in:comments`. If you wish to un-ignore a dependency ignored this way, re-open the pull request. - -For more information about the `@dependabot ignore` commands, see "[Managing pull requests for dependency updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)." - -#### Specifying dependencies and versions to ignore - -You can use the `ignore` option to customize which dependencies are updated. The `ignore` option supports the following options. - -- `dependency-name`—use to ignore updates for dependencies with matching names, optionally using `*` to match zero or more characters. For Java dependencies, the format of the `dependency-name` attribute is: `groupId:artifactId` (for example: `org.kohsuke:github-api`). -- `versions`—use to ignore specific versions or ranges of versions. If you want to define a range, use the standard pattern for the package manager (for example: `^1.0.0` for npm, or `~> 2.0` for Bundler). -- `update-types`—use to ignore types of updates, such as semver `major`, `minor`, or `patch` updates on version updates (for example: `version-update:semver-patch` will ignore patch updates). You can combine this with `dependency-name: "*"` to ignore particular `update-types` for all dependencies. Currently, `version-update:semver-major`, `version-update:semver-minor`, and `version-update:semver-patch` are the only supported options. Security updates are unaffected by this setting. - -If `versions` and `update-types` are used together, {% data variables.product.prodname_dependabot %} will ignore any update in either set. - -{% data reusables.dependabot.option-affects-security-updates %} - -```yaml -# Use `ignore` to specify dependencies that should not be updated - -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - ignore: - - dependency-name: "express" - # For Express, ignore all updates for version 4 and 5 - versions: ["4.x", "5.x"] - # For Lodash, ignore all updates - - dependency-name: "lodash" - # For AWS SDK, ignore all patch updates - - dependency-name: "aws-sdk" - update-types: ["version-update:semver-patch"] -``` - -{% note %} - -**Note**: {% data variables.product.prodname_dependabot %} can only run version updates on manifest or lock files if it can access all of the dependencies in the file, even if you add inaccessible dependencies to the `ignore` option of your configuration file. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)" and "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors#dependabot-cant-resolve-your-dependency-files)." - - -{% endnote %} - -### `insecure-external-code-execution` - -Package managers with the `package-ecosystem` values `bundler`, `mix`, and `pip` may execute external code in the manifest as part of the version update process. This might allow a compromised package to steal credentials or gain access to configured registries. When you add a [`registries`](#registries) setting within an `updates` configuration, {% data variables.product.prodname_dependabot %} automatically prevents external code execution, in which case the version update may fail. You can choose to override this behavior and allow external code execution for `bundler`, `mix`, and `pip` package managers by setting `insecure-external-code-execution` to `allow`. - -You can explicitly deny external code execution, irrespective of whether there is a `registries` setting for this update configuration, by setting `insecure-external-code-execution` to `deny`. - -{% raw %} -```yaml -# Allow external code execution when updating dependencies from private registries - -version: 2 -registries: - ruby-github: - type: rubygems-server - url: https://rubygems.pkg.github.com/octocat/github_api - token: ${{secrets.MY_GITHUB_PERSONAL_TOKEN}} -updates: - - package-ecosystem: "bundler" - directory: "/rubygems-server" - insecure-external-code-execution: allow - registries: "*" - schedule: - interval: "monthly" -``` -{% endraw %} - -### `labels` - -{% data reusables.dependabot.default-labels %} - -Use `labels` to override the default labels and specify alternative labels for all pull requests raised for a package manager. If any of these labels is not defined in the repository, it is ignored. -To disable all labels, including the default labels, use `labels: [ ]`. - -{% data reusables.dependabot.option-affects-security-updates %} - -```yaml -# Specify labels for pull requests - -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - # Specify labels for npm pull requests - labels: - - "npm" - - "dependencies" -``` - -### `milestone` - -Use `milestone` to associate all pull requests raised for a package manager with a milestone. You need to specify the numeric identifier of the milestone and not its label. If you view a milestone, the final part of the page URL, after `milestone`, is the identifier. For example: `https://github.com///milestone/3`. - -{% data reusables.dependabot.option-affects-security-updates %} - -```yaml -# Specify a milestone for pull requests - -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - # Associate pull requests with milestone "4" - milestone: 4 -``` - -### `open-pull-requests-limit` - -By default, {% data variables.product.prodname_dependabot %} opens a maximum of five pull requests for version updates. Once there are five open pull requests, new requests are blocked until you merge or close some of the open requests, after which new pull requests can be opened on subsequent updates. Use `open-pull-requests-limit` to change this limit. This also provides a simple way to temporarily disable version updates for a package manager. - -This option has no impact on security updates, which have a separate, internal limit of ten open pull requests. - -```yaml -# Specify the number of open pull requests allowed - -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - # Disable version updates for npm dependencies - open-pull-requests-limit: 0 - - - package-ecosystem: "pip" - directory: "/" - schedule: - interval: "daily" - # Allow up to 10 open pull requests for pip dependencies - open-pull-requests-limit: 10 -``` - -### `pull-request-branch-name.separator` - -{% data variables.product.prodname_dependabot %} generates a branch for each pull request. Each branch name includes `dependabot`, and the package manager and dependency that are updated. By default, these parts are separated by a `/` symbol, for example: `dependabot/npm_and_yarn/next_js/acorn-6.4.1`. - -Use `pull-request-branch-name.separator` to specify a different separator. This can be one of: `"-"`, `_` or `/`. The hyphen symbol must be quoted because otherwise it's interpreted as starting an empty YAML list. - -{% data reusables.dependabot.option-affects-security-updates %} - -```yaml -# Specify a different separator for branch names - -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - pull-request-branch-name: - # Separate sections of the branch name with a hyphen - # for example, `dependabot-npm_and_yarn-next_js-acorn-6.4.1` - separator: "-" -``` - -### `rebase-strategy` - -By default, {% data variables.product.prodname_dependabot %} automatically rebases open pull requests when it detects any changes to the pull request. Use `rebase-strategy` to disable this behavior. - -Available rebase strategies - -- `disabled` to disable automatic rebasing. -- `auto` to use the default behavior and rebase open pull requests when changes are detected. - -{% data reusables.dependabot.option-affects-security-updates %} - -```yaml -# Disable automatic rebasing - -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - # Disable rebasing for npm pull requests - rebase-strategy: "disabled" -``` - -### `registries` - -To allow {% data variables.product.prodname_dependabot %} to access a private package registry when performing a version update, you must include a `registries` setting within the relevant `updates` configuration. You can allow all of the defined registries to be used by setting `registries` to `"*"`. Alternatively, you can list the registries that the update can use. To do this, use the name of the registry as defined in the top-level `registries` section of the _dependabot.yml_ file. For more information, see "[Configuration options for private registries](#configuration-options-for-private-registries)" below. - -To allow {% data variables.product.prodname_dependabot %} to use `bundler`, `mix`, and `pip` package managers to update dependencies in private registries, you can choose to allow external code execution. For more information, see [`insecure-external-code-execution`](#insecure-external-code-execution) above. - -```yaml -# Allow {% data variables.product.prodname_dependabot %} to use one of the two defined private registries -# when updating dependency versions for this ecosystem - -{% raw %} -version: 2 -registries: - maven-github: - type: maven-repository - url: https://maven.pkg.github.com/octocat - username: octocat - password: ${{secrets.MY_ARTIFACTORY_PASSWORD}} - npm-npmjs: - type: npm-registry - url: https://registry.npmjs.org - username: octocat - password: ${{secrets.MY_NPM_PASSWORD}} -updates: - - package-ecosystem: "gitsubmodule" - directory: "/" - registries: - - maven-github - schedule: - interval: "monthly" -{% endraw %} -``` - -### `reviewers` - -Use `reviewers` to specify individual reviewers or teams of reviewers for all pull requests raised for a package manager. You must use the full team name, including the organization, as if you were @mentioning the team. - -{% data reusables.dependabot.option-affects-security-updates %} - -```yaml -# Specify reviewers for pull requests - -version: 2 -updates: - - package-ecosystem: "pip" - directory: "/" - schedule: - interval: "daily" - # Add reviewers - reviewers: - - "octocat" - - "my-username" - - "my-org/python-team" -``` - -### `schedule.day` - -When you set a `weekly` update schedule, by default, {% data variables.product.prodname_dependabot %} checks for new versions on Monday at a random set time for the repository. Use `schedule.day` to specify an alternative day to check for updates. - -Supported values - -- `monday` -- `tuesday` -- `wednesday` -- `thursday` -- `friday` -- `saturday` -- `sunday` - -```yaml -# Specify the day for weekly checks - -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "weekly" - # Check for npm updates on Sundays - day: "sunday" -``` - -### `schedule.time` - -By default, {% data variables.product.prodname_dependabot %} checks for new versions at a random set time for the repository. Use `schedule.time` to specify an alternative time of day to check for updates (format: `hh:mm`). - -```yaml -# Set a time for checks -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - # Check for npm updates at 9am UTC - time: "09:00" -``` - -### `schedule.timezone` - -By default, {% data variables.product.prodname_dependabot %} checks for new versions at a random set time for the repository. Use `schedule.timezone` to specify an alternative time zone. The time zone identifier must be from the Time Zone database maintained by [iana](https://www.iana.org/time-zones). For more information, see [List of tz database time zones](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). - -```yaml -# Specify the timezone for checks - -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - time: "09:00" - # Use Japan Standard Time (UTC +09:00) - timezone: "Asia/Tokyo" -``` - -### `target-branch` - -By default, {% data variables.product.prodname_dependabot %} checks for manifest files on the default branch and raises pull requests for version updates against this branch. Use `target-branch` to specify a different branch for manifest files and for pull requests. When you use this option, the settings for this package manager will no longer affect any pull requests raised for security updates. - -```yaml -# Specify a non-default branch for pull requests for pip - -version: 2 -updates: - - package-ecosystem: "pip" - directory: "/" - schedule: - interval: "daily" - # Raise pull requests for version updates - # to pip against the `develop` branch - target-branch: "develop" - # Labels on pull requests for version updates only - labels: - - "pip dependencies" - - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "weekly" - # Check for npm updates on Sundays - day: "sunday" - # Labels on pull requests for security and version updates - labels: - - "npm dependencies" -``` - -### `vendor` - -Use the `vendor` option to tell {% data variables.product.prodname_dependabot %} to vendor dependencies when updating them. Don't use this option if you're using `gomod` as {% data variables.product.prodname_dependabot %} automatically detects vendoring for this tool. - -```yaml -# Configure version updates for both dependencies defined in manifests and vendored dependencies - -version: 2 -updates: - - package-ecosystem: "bundler" - # Raise pull requests to update vendored dependencies that are checked in to the repository - vendor: true - directory: "/" - schedule: - interval: "weekly" -``` - -{% data variables.product.prodname_dependabot %} only updates the vendored dependencies located in specific directories in a repository. - -| Package manager | Required file path for vendored dependencies | More information | - |------------------|-------------------------------|--------| - | `bundler` | The dependencies must be in the _vendor/cache_ directory.
Other file paths are not supported. | [`bundle cache` documentation](https://bundler.io/man/bundle-cache.1.html) | - | `gomod` | No path requirement (dependencies are usually located in the _vendor_ directory) | [`go mod vendor` documentation](https://golang.org/ref/mod#go-mod-vendor) | - - -### `versioning-strategy` - -When {% data variables.product.prodname_dependabot %} edits a manifest file to update a version, it uses the following overall strategies: - -- For apps, the version requirements are increased, for example: npm, pip and Composer. -- For libraries, the range of versions is widened, for example: Bundler and Cargo. - -Use the `versioning-strategy` option to change this behavior for supported package managers. - -{% data reusables.dependabot.option-affects-security-updates %} - -Available update strategies - -| Option | Supported by | Action | -|--------|--------------|--------| -| `lockfile-only` | `bundler`, `cargo`, `composer`, `mix`, `npm`, `pip` | Only create pull requests to update lockfiles. Ignore any new versions that would require package manifest changes. | -| `auto` | `bundler`, `cargo`, `composer`, `mix`, `npm`, `pip` | Follow the default strategy described above.| -| `widen`| `composer`, `npm` | Relax the version requirement to include both the new and old version, when possible. | -| `increase`| `bundler`, `composer`, `npm` | Always increase the version requirement to match the new version. | -| `increase-if-necessary` | `bundler`, `composer`, `npm` | Increase the version requirement only when required by the new version. | - -```yaml -# Customize the manifest version strategy - -version: 2 -updates: - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - # Update the npm manifest file to relax - # the version requirements - versioning-strategy: widen - - - package-ecosystem: "composer" - directory: "/" - schedule: - interval: "daily" - # Increase the version requirements for Composer - # only when required - versioning-strategy: increase-if-necessary - - - package-ecosystem: "pip" - directory: "/" - schedule: - interval: "daily" - # Only allow updates to the lockfile for pip and - # ignore any version updates that affect the manifest - versioning-strategy: lockfile-only -``` - -## Configuration options for private registries - -The top-level `registries` key is optional. It allows you to specify authentication details that {% data variables.product.prodname_dependabot %} can use to access private package registries. - -{% note %} - -**Note:** Private registries behind firewalls on private networks are not supported. - -{% endnote %} - -The value of the `registries` key is an associative array, each element of which consists of a key that identifies a particular registry and a value which is an associative array that specifies the settings required to access that registry. The following *dependabot.yml* file, configures a registry identified as `dockerhub` in the `registries` section of the file and then references this in the `updates` section of the file. - -{% raw %} -```yaml -# Minimal settings to update dependencies in one private registry - -version: 2 -registries: - dockerhub: # Define access for a private registry - type: docker-registry - url: registry.hub.docker.com - username: octocat - password: ${{secrets.DOCKERHUB_PASSWORD}} -updates: - - package-ecosystem: "docker" - directory: "/docker-registry/dockerhub" - registries: - - dockerhub # Allow version updates for dependencies in this registry - schedule: - interval: "monthly" -``` -{% endraw %} - -You use the following options to specify access settings. Registry settings must contain a `type` and a `url`, and typically either a `username` and `password` combination or a `token`. - -| Option                 | Description | -|:---|:---| -| `type` | Identifies the type of registry. See the full list of types below. | -| `url` | The URL to use to access the dependencies in this registry. The protocol is optional. If not specified, `https://` is assumed. {% data variables.product.prodname_dependabot %} adds or ignores trailing slashes as required. | -| `username` | The username that {% data variables.product.prodname_dependabot %} uses to access the registry. | -| `password` | A reference to a {% data variables.product.prodname_dependabot %} secret containing the password for the specified user. For more information, see "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)." | -| `key` | A reference to a {% data variables.product.prodname_dependabot %} secret containing an access key for this registry. For more information, see "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)." | -| `token` | A reference to a {% data variables.product.prodname_dependabot %} secret containing an access token for this registry. For more information, see "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)." | -| `replaces-base` | For registries with `type: python-index`, if the boolean value is `true`, pip resolves dependencies by using the specified URL rather than the base URL of the Python Package Index (by default `https://pypi.org/simple`). | - - -Each configuration `type` requires you to provide particular settings. Some types allow more than one way to connect. The following sections provide details of the settings you should use for each `type`. - -### `composer-repository` - -The `composer-repository` type supports username and password. - -{% raw %} -```yaml -registries: - composer: - type: composer-repository - url: https://repo.packagist.com/example-company/ - username: octocat - password: ${{secrets.MY_PACKAGIST_PASSWORD}} -``` -{% endraw %} - -### `docker-registry` - -The `docker-registry` type supports username and password. - -{% raw %} -```yaml -registries: - dockerhub: - type: docker-registry - url: https://registry.hub.docker.com - username: octocat - password: ${{secrets.MY_DOCKERHUB_PASSWORD}} -``` -{% endraw %} - -The `docker-registry` type can also be used to pull from Amazon ECR using static AWS credentials. - -{% raw %} -```yaml -registries: - ecr-docker: - type: docker-registry - url: https://1234567890.dkr.ecr.us-east-1.amazonaws.com - username: ${{secrets.ECR_AWS_ACCESS_KEY_ID}} - password: ${{secrets.ECR_AWS_SECRET_ACCESS_KEY}} -``` -{% endraw %} - -### `git` - -The `git` type supports username and password. - -{% raw %} -```yaml -registries: - github-octocat: - type: git - url: https://github.com - username: x-access-token - password: ${{secrets.MY_GITHUB_PERSONAL_TOKEN}} -``` -{% endraw %} - -### `hex-organization` - -The `hex-organization` type supports organization and key. - -{% raw %} -```yaml -registries: - github-hex-org: - type: hex-organization - organization: github - key: ${{secrets.MY_HEX_ORGANIZATION_KEY}} -``` -{% endraw %} - -### `maven-repository` - -The `maven-repository` type supports username and password. - -{% raw %} -```yaml -registries: - maven-artifactory: - type: maven-repository - url: https://artifactory.example.com - username: octocat - password: ${{secrets.MY_ARTIFACTORY_PASSWORD}} -``` -{% endraw %} - -### `npm-registry` - -The `npm-registry` type supports username and password, or token. - -When using username and password, your `.npmrc`'s auth token may contain a `base64` encoded `_password`; however, the password referenced in your {% data variables.product.prodname_dependabot %} configuration file must be the original (unencoded) password. - -{% raw %} -```yaml -registries: - npm-npmjs: - type: npm-registry - url: https://registry.npmjs.org - username: octocat - password: ${{secrets.MY_NPM_PASSWORD}} # Must be an unencoded password -``` -{% endraw %} - -{% raw %} -```yaml -registries: - npm-github: - type: npm-registry - url: https://npm.pkg.github.com - token: ${{secrets.MY_GITHUB_PERSONAL_TOKEN}} -``` -{% endraw %} - -### `nuget-feed` - -The `nuget-feed` type supports username and password, or token. - -{% raw %} -```yaml -registries: - nuget-example: - type: nuget-feed - url: https://nuget.example.com/v3/index.json - username: octocat@example.com - password: ${{secrets.MY_NUGET_PASSWORD}} -``` -{% endraw %} - -{% raw %} -```yaml -registries: - nuget-azure-devops: - type: nuget-feed - url: https://pkgs.dev.azure.com/.../_packaging/My_Feed/nuget/v3/index.json - token: ${{secrets.MY_AZURE_DEVOPS_TOKEN}} -``` -{% endraw %} - -### `python-index` - -The `python-index` type supports username and password, or token. - -{% raw %} -```yaml -registries: - python-example: - type: python-index - url: https://example.com/_packaging/my-feed/pypi/example - username: octocat - password: ${{secrets.MY_BASIC_AUTH_PASSWORD}} - replaces-base: true -``` -{% endraw %} - -{% raw %} -```yaml -registries: - python-azure: - type: python-index - url: https://pkgs.dev.azure.com/octocat/_packaging/my-feed/pypi/example - token: ${{secrets.MY_AZURE_DEVOPS_TOKEN}} - replaces-base: true -``` -{% endraw %} - -### `rubygems-server` - -The `rubygems-server` type supports username and password, or token. - -{% raw %} -```yaml -registries: - ruby-example: - type: rubygems-server - url: https://rubygems.example.com - username: octocat@example.com - password: ${{secrets.MY_RUBYGEMS_PASSWORD}} -``` -{% endraw %} - -{% raw %} -```yaml -registries: - ruby-github: - type: rubygems-server - url: https://rubygems.pkg.github.com/octocat/github_api - token: ${{secrets.MY_GITHUB_PERSONAL_TOKEN}} -``` -{% endraw %} - -### `terraform-registry` - -The `terraform-registry` type supports a token. - -{% raw %} -```yaml -registries: - terraform-example: - type: terraform-registry - url: https://terraform.example.com - token: ${{secrets.MY_TERRAFORM_API_TOKEN}} -``` -{% endraw %} diff --git a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md b/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md deleted file mode 100644 index 217257ceb2..0000000000 --- a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md +++ /dev/null @@ -1,143 +0,0 @@ ---- -title: Customizing dependency updates -intro: 'You can customize how {% data variables.product.prodname_dependabot %} maintains your dependencies.' -permissions: 'People with write permissions to a repository can configure {% data variables.product.prodname_dependabot %} for the repository.' -redirect_from: - - /github/administering-a-repository/customizing-dependency-updates - - /code-security/supply-chain-security/customizing-dependency-updates -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -type: how_to -topics: - - Dependabot - - Version updates - - Security updates - - Repositories - - Dependencies - - Pull requests - - Vulnerabilities -shortTitle: Customize updates ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} -{% data reusables.dependabot.enterprise-enable-dependabot %} - -## About customizing dependency updates - -After you've enabled version updates, you can customize how {% data variables.product.prodname_dependabot %} maintains your dependencies by adding further options to the *dependabot.yml* file. For example, you could: - -- Specify which day of the week to open pull requests for version updates: `schedule.day` -- Set reviewers, assignees, and labels for each package manager: `reviewers`, `assignees`, and `labels` -- Define a versioning strategy for changes to each manifest file: `versioning-strategy` -- Change the maximum number of open pull requests for version updates from the default of 5: `open-pull-requests-limit` -- Open pull requests for version updates to target a specific branch, instead of the default branch: `target-branch` - -For more information about the configuration options, see "[Configuration options for dependency updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)." - -When you update the *dependabot.yml* file in your repository, {% data variables.product.prodname_dependabot %} runs an immediate check with the new configuration. Within minutes you will see an updated list of dependencies on the **{% data variables.product.prodname_dependabot %}** tab, this may take longer if the repository has many dependencies. You may also see new pull requests for version updates. For more information, see "[Listing dependencies configured for version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates)." - -## Impact of configuration changes on security updates - -If you customize the *dependabot.yml* file, you may notice some changes to the pull requests raised for security updates. These pull requests are always triggered by a security advisory for a dependency, rather than by the {% data variables.product.prodname_dependabot %} schedule. However, they inherit relevant configuration settings from the *dependabot.yml* file unless you specify a different target branch for version updates. - -For an example, see "[Setting custom labels](#setting-custom-labels)" below. - -## Modifying scheduling - -When you set a `daily` update schedule, by default, {% data variables.product.prodname_dependabot %} checks for new versions at 05:00 UTC. You can use `schedule.time` to specify an alternative time of day to check for updates (format: `hh:mm`). - -The example *dependabot.yml* file below expands the npm configuration to specify when {% data variables.product.prodname_dependabot %} should check for version updates to dependencies. - -```yaml -# dependabot.yml file with -# customized schedule for version updates - -version: 2 -updates: - # Keep npm dependencies up to date - - package-ecosystem: "npm" - directory: "/" - # Check the npm registry for updates at 2am UTC - schedule: - interval: "daily" - time: "02:00" -``` - -## Setting reviewers and assignees - -By default, {% data variables.product.prodname_dependabot %} raises pull requests without any reviewers or assignees. - -You can use `reviewers` and `assignees` to specify reviewers and assignees for all pull requests raised for a package manager. When you specify a team, you must use the full team name, as if you were @mentioning the team (including the organization). - -The example *dependabot.yml* file below changes the npm configuration so that all pull requests opened with version and security updates for npm will have two reviewers and one assignee. - -```yaml -# dependabot.yml file with -# reviews and an assignee for all npm pull requests - -version: 2 -updates: - # Keep npm dependencies up to date - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - # Raise all npm pull requests with reviewers - reviewers: - - "my-org/team-name" - - "octocat" - # Raise all npm pull requests with an assignee - assignees: - - "user-name" -``` - -## Setting custom labels - -{% data reusables.dependabot.default-labels %} - -You can use `labels` to override the default labels and specify alternative labels for all pull requests raised for a package manager. You can't create new labels in the *dependabot.yml* file, so the alternative labels must already exist in the repository. - -The example *dependabot.yml* file below changes the npm configuration so that all pull requests opened with version and security updates for npm will have custom labels. It also changes the Docker configuration to check for version updates against a custom branch and to raise pull requests with custom labels against that custom branch. The changes to Docker will not affect security update pull requests because security updates are always made against the default branch. - -{% note %} - -**Note:** The new `target-branch` must contain a Dockerfile to update, otherwise this change will have the effect of disabling version updates for Docker. - -{% endnote %} - -```yaml -# dependabot.yml file with -# customized npm configuration - -version: 2 -updates: - # Keep npm dependencies up to date - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - # Raise all npm pull requests with custom labels - labels: - - "npm dependencies" - - "triage-board" - - # Keep Docker dependencies up to date - - package-ecosystem: "docker" - directory: "/" - schedule: - interval: "daily" - # Raise pull requests for Docker version updates - # against the "develop" branch. The Docker configuration - # no longer affects security update pull requests. - target-branch: "develop" - # Use custom labels on pull requests for Docker version updates - labels: - - "Docker dependencies" - - "triage-board" -``` - -## More examples - -For more examples, see "[Configuration options for dependency updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)." diff --git a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md b/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md deleted file mode 100644 index ab9c946fed..0000000000 --- a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md +++ /dev/null @@ -1,140 +0,0 @@ ---- -title: Enabling and disabling Dependabot version updates -intro: 'You can configure your repository so that {% data variables.product.prodname_dependabot %} automatically updates the packages you use.' -permissions: 'People with write permissions to a repository can enable or disable {% data variables.product.prodname_dependabot_version_updates %} for the repository.' -redirect_from: - - /github/administering-a-repository/enabling-and-disabling-version-updates - - /code-security/supply-chain-security/enabling-and-disabling-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-version-updates -versions: - fpt: '*' - ghec: '*' - ghes: '> 3.2' -type: how_to -topics: - - Dependabot - - Version updates - - Repositories - - Dependencies - - Pull requests -shortTitle: Enable and disable updates ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} -{% data reusables.dependabot.enterprise-enable-dependabot %} - -## About version updates for dependencies - -You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a *dependabot.yml* configuration file in to your repository's `.github` directory. {% data variables.product.prodname_dependabot %} then raises pull requests to keep the dependencies you configure up-to-date. For each package manager's dependencies that you want to update, you must specify the location of the package manifest files and how often to check for updates to the dependencies listed in those files. For information about enabling security updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." - -{% data reusables.dependabot.initial-updates %} For more information, see "[Customizing dependency updates](/github/administering-a-repository/customizing-dependency-updates)." - -{% data reusables.dependabot.private-dependencies-note %} Additionally, {% data variables.product.prodname_dependabot %} doesn't support private {% data variables.product.prodname_dotcom %} dependencies for all package managers. For more information, see "[About Dependabot version updates](/github/administering-a-repository/about-dependabot-version-updates#supported-repositories-and-ecosystems)" and "[{% data variables.product.prodname_dotcom %} language support](/github/getting-started-with-github/github-language-support)." - -## Enabling {% data variables.product.prodname_dependabot_version_updates %} - -{% data reusables.dependabot.create-dependabot-yml %} For information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates)." -1. Add a `version`. -1. Optionally, if you have dependencies in a private registry, add a `registries` section containing authentication details. -1. Add an `updates` section, with an entry for each package manager you want {% data variables.product.prodname_dependabot %} to monitor. -1. For each package manager, use: - - `package-ecosystem` to specify the package manager. - - `directory` to specify the location of the manifest or other definition files. - - `schedule.interval` to specify how often to check for new versions. -{% data reusables.dependabot.check-in-dependabot-yml %} - -### Example *dependabot.yml* file - -The example *dependabot.yml* file below configures version updates for two package managers: npm and Docker. When this file is checked in, {% data variables.product.prodname_dependabot %} checks the manifest files on the default branch for outdated dependencies. If it finds outdated dependencies, it will raise pull requests against the default branch to update the dependencies. - -```yaml -# Basic dependabot.yml file with -# minimum configuration for two package managers - -version: 2 -updates: - # Enable version updates for npm - - package-ecosystem: "npm" - # Look for `package.json` and `lock` files in the `root` directory - directory: "/" - # Check the npm registry for updates every day (weekdays) - schedule: - interval: "daily" - - # Enable version updates for Docker - - package-ecosystem: "docker" - # Look for a `Dockerfile` in the `root` directory - directory: "/" - # Check for updates once a week - schedule: - interval: "weekly" -``` - -In the example above, if the Docker dependencies were very outdated, you might want to start with a `daily` schedule until the dependencies are up-to-date, and then drop back to a weekly schedule. - -### Enabling version updates on forks - -If you want to enable version updates on forks, there's an extra step. Version updates are not automatically enabled on forks when a *dependabot.yml* configuration file is present. This ensures that fork owners don't unintentionally enable version updates when they pull changes including a *dependabot.yml* configuration file from the original repository. - -On a fork, you also need to explicitly enable {% data variables.product.prodname_dependabot %}. - -{% data reusables.repositories.navigate-to-repo %} -{% data reusables.repositories.accessing-repository-graphs %} -{% data reusables.repositories.click-dependency-graph %} -{% data reusables.dependabot.click-dependabot-tab %} -5. Under "Enable Dependabot", click **Enable Dependabot**. - -## Checking the status of version updates - -After you enable version updates, the **Dependabot** tab in the dependency graph for the repository is populated. This tab shows which package managers {% data variables.product.prodname_dependabot %} is configured to monitor and when {% data variables.product.prodname_dependabot %} last checked for new versions. - -![Repository Insights tab, Dependency graph, Dependabot tab](/assets/images/help/dependabot/dependabot-tab-view.png) - -For information, see "[Listing dependencies configured for version updates](/github/administering-a-repository/listing-dependencies-configured-for-version-updates)." - -## Disabling {% data variables.product.prodname_dependabot_version_updates %} - -You can disable version updates entirely by deleting the *dependabot.yml* file from your repository. More usually, you want to disable updates temporarily for one or more dependencies, or package managers. - -- Package managers: disable by setting `open-pull-requests-limit: 0` or by commenting out the relevant `package-ecosystem` in the configuration file. -- Specific dependencies: disable by adding `ignore` attributes for packages or applications that you want to exclude from updates. - -When you disable dependencies, you can use wild cards to match a set of related libraries. You can also specify which versions to exclude. This is particularly useful if you need to block updates to a library, pending work to support a breaking change to its API, but want to get any security fixes to the version you use. - -### Example disabling version updates for some dependencies - -The example *dependabot.yml* file below includes examples of the different ways to disable updates to some dependencies, while allowing other updates to continue. - -```yaml -# dependabot.yml file with updates -# disabled for Docker and limited for npm - -version: 2 -updates: - # Configuration for Dockerfile - - package-ecosystem: "docker" - directory: "/" - schedule: - interval: "weekly" - # Disable all pull requests for Docker dependencies - open-pull-requests-limit: 0 - - # Configuration for npm - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - ignore: - # Ignore updates to packages that start with 'aws' - # Wildcards match zero or more arbitrary characters - - dependency-name: "aws*" - # Ignore some updates to the 'express' package - - dependency-name: "express" - # Ignore only new versions for 4.x and 5.x - versions: ["4.x", "5.x"] - # For all packages, ignore all patch updates - - dependency-name: "*" - update-types: ["version-update:semver-patch"] -``` - -For more information about checking for existing ignore preferences, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)." diff --git a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md b/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md deleted file mode 100644 index e01e8e1116..0000000000 --- a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md +++ /dev/null @@ -1,29 +0,0 @@ ---- -title: Keeping your dependencies updated automatically -intro: '{% data variables.product.prodname_dependabot %} can maintain your repository''s dependencies automatically.' -redirect_from: - - /github/administering-a-repository/keeping-your-dependencies-updated-automatically -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -topics: - - Repositories - - Dependabot - - Version updates - - Dependencies - - Pull requests -children: - - /about-dependabot-version-updates - - /enabling-and-disabling-dependabot-version-updates - - /listing-dependencies-configured-for-version-updates - - /managing-pull-requests-for-dependency-updates - - /automating-dependabot-with-github-actions - - /managing-encrypted-secrets-for-dependabot - - /customizing-dependency-updates - - /configuration-options-for-dependency-updates - - /keeping-your-actions-up-to-date-with-dependabot -shortTitle: Auto-update dependencies ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} diff --git a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md b/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md deleted file mode 100644 index 4a0585c911..0000000000 --- a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md +++ /dev/null @@ -1,41 +0,0 @@ ---- -title: Listing dependencies configured for version updates -intro: 'You can view the dependencies that {% data variables.product.prodname_dependabot %} monitors for updates.' -redirect_from: - - /github/administering-a-repository/listing-dependencies-configured-for-version-updates - - /code-security/supply-chain-security/listing-dependencies-configured-for-version-updates -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -type: how_to -topics: - - Repositories - - Dependabot - - Version updates - - Dependencies -shortTitle: List configured dependencies ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} -{% data reusables.dependabot.enterprise-enable-dependabot %} - -## Viewing dependencies monitored by {% data variables.product.prodname_dependabot %} - -After you've enabled version updates, you can confirm that your configuration is correct using the **{% data variables.product.prodname_dependabot %}** tab in the dependency graph for the repository. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." - -{% data reusables.repositories.navigate-to-repo %} -{% data reusables.repositories.accessing-repository-graphs %} -{% data reusables.repositories.click-dependency-graph %} -{% data reusables.dependabot.click-dependabot-tab %} -1. Optionally, to view the files monitored for a package manager, click the associated {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %}. - ![Monitored dependency files](/assets/images/help/dependabot/monitored-dependency-files.png) - -If any dependencies are missing, check the log files for errors. If any package managers are missing, review the configuration file. - -## Viewing {% data variables.product.prodname_dependabot %} log files - -1. On the **{% data variables.product.prodname_dependabot %}** tab, click **Last checked *TIME* ago** to see the log file that {% data variables.product.prodname_dependabot %} generated during the last check for version updates. - ![View log file](/assets/images/help/dependabot/last-checked-link.png) -2. Optionally, to rerun the version check, click **Check for updates**. - ![Check for updates](/assets/images/help/dependabot/check-for-updates.png) diff --git a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md b/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md deleted file mode 100644 index 2227c45900..0000000000 --- a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md +++ /dev/null @@ -1,91 +0,0 @@ ---- -title: Managing encrypted secrets for Dependabot -intro: 'You can store sensitive information, like passwords and access tokens, as encrypted secrets and then reference these in the {% data variables.product.prodname_dependabot %} configuration file.' -redirect_from: - - /github/administering-a-repository/managing-encrypted-secrets-for-dependabot - - /code-security/supply-chain-security/managing-encrypted-secrets-for-dependabot -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -type: how_to -topics: - - Dependabot - - Version updates - - Secret store - - Repositories - - Dependencies -shortTitle: Manage encrypted secrets ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} - -## About encrypted secrets for {% data variables.product.prodname_dependabot %} - -{% data variables.product.prodname_dependabot %} secrets are encrypted credentials that you create at either the organization level or the repository level. -When you add a secret at the organization level, you can specify which repositories can access the secret. You can use secrets to allow {% data variables.product.prodname_dependabot %} to update dependencies located in private package registries. When you add a secret it's encrypted before it reaches {% data variables.product.prodname_dotcom %} and it remains encrypted until it's used by {% data variables.product.prodname_dependabot %} to access a private package registry. - -After you add a {% data variables.product.prodname_dependabot %} secret, you can reference it in the _dependabot.yml_ configuration file like this: {% raw %}`${{secrets.NAME}}`{% endraw %}, where "NAME" is the name you chose for the secret. For example: - -{% raw %} -```yaml -password: ${{secrets.MY_ARTIFACTORY_PASSWORD}} -``` -{% endraw %} - -For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." - -### Naming your secrets - -The name of a {% data variables.product.prodname_dependabot %} secret: -* Can only contain alphanumeric characters (`[A-Z]`, `[0-9]`) or underscores (`_`). Spaces are not allowed. If you enter lowercase letters these are changed to uppercase. -* Must not start with the `GITHUB_` prefix. -* Must not start with a number. - -## Adding a repository secret for {% data variables.product.prodname_dependabot %} - -{% data reusables.actions.permissions-statement-secrets-repository %} - -{% data reusables.repositories.navigate-to-repo %} -{% data reusables.repositories.sidebar-settings %} -{% data reusables.actions.sidebar-secret %} -{% data reusables.dependabot.dependabot-secrets-button %} -1. Click **New repository secret**. -1. Type a name for your secret in the **Name** input box. -1. Enter the value for your secret. -1. Click **Add secret**. - - The name of the secret is listed on the Dependabot secrets page. You can click **Update** to change the secret value. You can click **Remove** to delete the secret. - - ![Update or remove a repository secret](/assets/images/help/dependabot/update-remove-repo-secret.png) - -## Adding an organization secret for {% data variables.product.prodname_dependabot %} - -When creating a secret in an organization, you can use a policy to limit which repositories can access that secret. For example, you can grant access to all repositories, or limit access to only private repositories or a specified list of repositories. - -{% data reusables.actions.permissions-statement-secrets-organization %} - -{% data reusables.organizations.navigate-to-org %} -{% data reusables.organizations.org_settings %} -{% data reusables.actions.sidebar-secret %} -{% data reusables.dependabot.dependabot-secrets-button %} -1. Click **New organization secret**. -1. Type a name for your secret in the **Name** input box. -1. Enter the **Value** for your secret. -1. From the **Repository access** dropdown list, choose an access policy. -1. If you chose **Selected repositories**: - - * Click {% octicon "gear" aria-label="The Gear icon" %}. - * Choose the repositories that can access this secret. - ![Select repositories for this secret](/assets/images/help/dependabot/secret-repository-access.png) - * Click **Update selection**. - -1. Click **Add secret**. - - The name of the secret is listed on the Dependabot secrets page. You can click **Update** to change the secret value or its access policy. You can click **Remove** to delete the secret. - - ![Update or remove an organization secret](/assets/images/help/dependabot/update-remove-org-secret.png) - -## Adding {% data variables.product.prodname_dependabot %} to your registries IP allow list - -If your private registry is configured with an IP allow list, you can find the IP addresses {% data variables.product.prodname_dependabot %} uses to access the registry in the meta API endpoint, under the `dependabot` key. For more information, see "[Meta](/rest/reference/meta)." diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md deleted file mode 100644 index b283a4b5e0..0000000000 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md +++ /dev/null @@ -1,66 +0,0 @@ ---- -title: About Dependabot security updates -intro: '{% data variables.product.prodname_dependabot %} can fix vulnerable dependencies for you by raising pull requests with security updates.' -shortTitle: Dependabot security updates -redirect_from: - - /github/managing-security-vulnerabilities/about-github-dependabot-security-updates - - /github/managing-security-vulnerabilities/about-dependabot-security-updates - - /code-security/supply-chain-security/about-dependabot-security-updates -versions: - fpt: '*' - ghec: '*' - ghes: '> 3.2' -type: overview -topics: - - Dependabot - - Security updates - - Vulnerabilities - - Repositories - - Dependencies - - Pull requests ---- - - - -{% data reusables.dependabot.beta-security-and-version-updates %} -{% data reusables.dependabot.enterprise-enable-dependabot %} - -## About {% data variables.product.prodname_dependabot_security_updates %} - -{% data variables.product.prodname_dependabot_security_updates %} make it easier for you to fix vulnerable dependencies in your repository. If you enable this feature, when a {% data variables.product.prodname_dependabot %} alert is raised for a vulnerable dependency in the dependency graph of your repository, {% data variables.product.prodname_dependabot %} automatically tries to fix it. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" and "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." - -{% data variables.product.prodname_dotcom %} may send {% data variables.product.prodname_dependabot_alerts %} to repositories affected by a vulnerability disclosed by a recently published {% data variables.product.prodname_dotcom %} security advisory. {% data reusables.security-advisory.link-browsing-advisory-db %} - -{% data variables.product.prodname_dependabot %} checks whether it's possible to upgrade the vulnerable dependency to a fixed version without disrupting the dependency graph for the repository. Then {% data variables.product.prodname_dependabot %} raises a pull request to update the dependency to the minimum version that includes the patch and links the pull request to the {% data variables.product.prodname_dependabot %} alert, or reports an error on the alert. For more information, see "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)." - -{% note %} - -**Note** - -The {% data variables.product.prodname_dependabot_security_updates %} feature is available for repositories where you have enabled the dependency graph and {% data variables.product.prodname_dependabot_alerts %}. You will see a {% data variables.product.prodname_dependabot %} alert for every vulnerable dependency identified in your full dependency graph. However, security updates are triggered only for dependencies that are specified in a manifest or lock file. {% data variables.product.prodname_dependabot %} is unable to update an indirect or transitive dependency that is not explicitly defined. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#dependencies-included)." - -{% endnote %} - -You can enable a related feature, {% data variables.product.prodname_dependabot_version_updates %}, so that {% data variables.product.prodname_dependabot %} raises pull requests to update the manifest to the latest version of the dependency, whenever it detects an outdated dependency. For more information, see "[About {% data variables.product.prodname_dependabot %} version updates](/github/administering-a-repository/about-dependabot-version-updates)." - -{% data reusables.dependabot.pull-request-security-vs-version-updates %} - -## About pull requests for security updates - -Each pull request contains everything you need to quickly and safely review and merge a proposed fix into your project. This includes information about the vulnerability like release notes, changelog entries, and commit details. Details of which vulnerability a pull request resolves are hidden from anyone who does not have access to {% data variables.product.prodname_dependabot_alerts %} for the repository. - -When you merge a pull request that contains a security update, the corresponding {% data variables.product.prodname_dependabot %} alert is marked as resolved for your repository. For more information about {% data variables.product.prodname_dependabot %} pull requests, see "[Managing pull requests for dependency updates](/github/administering-a-repository/managing-pull-requests-for-dependency-updates)." - -{% data reusables.dependabot.automated-tests-note %} - -{% ifversion fpt or ghec %} - -## About compatibility scores - -{% data variables.product.prodname_dependabot_security_updates %} may include compatibility scores to let you know whether updating a dependency could cause breaking changes to your project. These are calculated from CI tests in other public repositories where the same security update has been generated. An update's compatibility score is the percentage of CI runs that passed when updating between specific versions of the dependency. - -{% endif %} - -## About notifications for {% data variables.product.prodname_dependabot %} security updates - -You can filter your notifications on {% data variables.product.company_short %} to show {% data variables.product.prodname_dependabot %} security updates. For more information, see "[Managing notifications from your inbox](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#dependabot-custom-filters)." diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md deleted file mode 100644 index ee0c826d03..0000000000 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md +++ /dev/null @@ -1,46 +0,0 @@ ---- -title: About managing vulnerable dependencies -intro: '{% data variables.product.product_name %} helps you to avoid using third-party software that contains known vulnerabilities.' -redirect_from: - - /github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies - - /code-security/supply-chain-security/about-managing-vulnerable-dependencies -versions: - fpt: '*' - ghes: '>=3.2' - ghae: issue-4864 - ghec: '*' -type: overview -topics: - - Dependabot - - Dependency graph - - Dependency review - - Vulnerabilities - - Repositories - - Dependencies - - Pull requests -shortTitle: Vulnerable dependencies ---- - - -{% data variables.product.product_name %} provides the following tools for removing and avoiding vulnerable dependencies. - -## Dependency graph -The dependency graph is a summary of the manifest and lock files stored in a repository. It shows you the ecosystems and packages your codebase depends on (its dependencies) and the repositories and packages that depend on your project (its dependents). The information in the dependency graph is used by dependency review and {% data variables.product.prodname_dependabot %}. -For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)." - -## Dependency review - -{% data reusables.dependency-review.beta %} - -By checking the dependency reviews on pull requests you can avoid introducing vulnerabilities from dependencies into your codebase. If the pull requests adds a vulnerable dependency, or changes a dependency to a vulnerable version, this is highlighted in the dependency review. You can change the dependency to a patched version before merging the pull request. For more information, see "[About dependency review](/code-security/supply-chain-security/about-dependency-review)." - -## {% data variables.product.prodname_dependabot_alerts %} -{% data variables.product.product_name %} can create {% data variables.product.prodname_dependabot_alerts %} when it detects vulnerable dependencies in your repository. The alert is displayed on the Security tab for the repository. The alert includes a link to the affected file in the project, and information about a fixed version. {% data variables.product.product_name %} also notifies the maintainers of the repository, according to their notification preferences. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." - -{% ifversion fpt or ghec or ghes > 3.2 %} -## {% data variables.product.prodname_dependabot_security_updates %} -When {% data variables.product.product_name %} generates a {% data variables.product.prodname_dependabot %} alert for a vulnerable dependency in your repository, {% data variables.product.prodname_dependabot %} can automatically try to fix it for you. {% data variables.product.prodname_dependabot_security_updates %} are automatically generated pull requests that update a vulnerable dependency to a fixed version. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." - -## {% data variables.product.prodname_dependabot_version_updates %} -Enabling {% data variables.product.prodname_dependabot_version_updates %} takes the effort out of maintaining your dependencies. With {% data variables.product.prodname_dependabot_version_updates %}, whenever {% data variables.product.prodname_dotcom %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. By contrast, {% data variables.product.prodname_dependabot_security_updates %} only raises pull requests to fix vulnerable dependencies. For more information, see "[About Dependabot version updates](/github/administering-a-repository/about-dependabot-version-updates)." -{% endif %} diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md deleted file mode 100644 index a86e842f2d..0000000000 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md +++ /dev/null @@ -1,36 +0,0 @@ ---- -title: Managing vulnerabilities in your project's dependencies -intro: 'You can track your repository''s dependencies and receive {% data variables.product.prodname_dependabot_alerts %} when {% data variables.product.product_name %} detects vulnerable dependencies.' -redirect_from: - - /articles/updating-your-project-s-dependencies - - /articles/updating-your-projects-dependencies - - /articles/managing-security-vulnerabilities-in-your-projects-dependencies - - /articles/managing-vulnerabilities-in-your-projects-dependencies - - /github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies -versions: - fpt: '*' - ghes: '*' - ghae: issue-4864 - ghec: '*' -topics: - - Repositories - - Dependabot - - Version updates - - Dependencies - - Pull requests - - Vulnerabilities - - Alerts -children: - - /about-managing-vulnerable-dependencies - - /browsing-security-vulnerabilities-in-the-github-advisory-database - - /editing-security-advisories-in-the-github-advisory-database - - /about-alerts-for-vulnerable-dependencies - - /configuring-notifications-for-vulnerable-dependencies - - /about-dependabot-security-updates - - /configuring-dependabot-security-updates - - /viewing-and-updating-vulnerable-dependencies-in-your-repository - - /troubleshooting-the-detection-of-vulnerable-dependencies - - /troubleshooting-dependabot-errors -shortTitle: Fix vulnerable dependencies ---- - diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md index a6b5986909..fdc3d5e35b 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md @@ -41,7 +41,7 @@ Sometimes you might just want to update the version of one dependency in a manif By checking the dependency reviews in a pull request, and changing any dependencies that are flagged as vulnerable, you can avoid vulnerabilities being added to your project. For more information about how dependency review works, see "[Reviewing dependency changes in a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)." -{% data variables.product.prodname_dependabot_alerts %} will find vulnerabilities that are already in your dependencies, but it's much better to avoid introducing potential problems than to fix problems at a later date. For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)." +{% data variables.product.prodname_dependabot_alerts %} will find vulnerabilities that are already in your dependencies, but it's much better to avoid introducing potential problems than to fix problems at a later date. For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)." Dependency review supports the same languages and package management ecosystems as the dependency graph. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)." @@ -49,4 +49,4 @@ Dependency review supports the same languages and package management ecosystems ## Enabling dependency review The dependency review feature becomes available when you enable the dependency graph. {% ifversion ghec %}For more information, see "[Enabling the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph)."{% endif %}{% ifversion ghes or ghae %}For more information, see "[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)."{% endif %} -{% endif %} \ No newline at end of file +{% endif %} diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md new file mode 100644 index 0000000000..6ff3e6e9ed --- /dev/null +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md @@ -0,0 +1,156 @@ +--- +title: About supply chain security +intro: '{% data variables.product.product_name %} helps you secure your supply chain, from understanding the dependencies in your environment, to knowing about vulnerabilities in those dependencies{% ifversion fpt or ghec or ghes > 3.2 %}, and patching them{% endif %}.' +miniTocMaxHeadingLevel: 3 +shortTitle: Supply chain security +redirect_from: + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +type: overview +topics: + - Advanced Security + - Dependency review + - Dependency graph + - Vulnerabilities + - Dependencies + - Pull requests + - Repositories +--- + +## About supply chain security at GitHub + +With the accelerated use of open source, most projects depend on hundreds of open-source dependencies. This poses a security problem: what if the dependencies you're using are vulnerable? You could be putting your users at risk of a supply chain attack. One of the most important things you can do to protect your supply chain is to patch your vulnerabilities. + +You add dependencies directly to your supply chain when you specify them in a manifest file or a lockfile. Dependencies can also be included transitively, that is, even if you don’t specify a particular dependency, but a dependency of yours uses it, then you’re also dependent on that dependency. + +{% data variables.product.product_name %} offers a range of features to help you understand the dependencies in your environment{% ifversion ghes < 3.3 or ghae %} and know about vulnerabilities in those dependencies{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %}, know about vulnerabilities in those dependencies, and patch them{% endif %}. + +The supply chain features on {% data variables.product.product_name %} are: +- **Dependency graph** +{% ifversion fpt or ghec or ghes > 3.1 or ghae %}- **Dependency review**{% endif %} +- **{% data variables.product.prodname_dependabot_alerts %} ** +{% ifversion fpt or ghec or ghes > 3.2 %}- **{% data variables.product.prodname_dependabot_updates %}** + - **{% data variables.product.prodname_dependabot_security_updates %}** + - **{% data variables.product.prodname_dependabot_version_updates %}**{% endif %} + +The dependency graph is central to supply chain security. The dependency graph identifies all upstream dependencies and public downstream dependents of a repository or package. You can see your repository’s dependencies and some of their properties, like vulnerability information, on the dependency graph for the repository. + +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +Other supply chain features on {% data variables.product.prodname_dotcom %} rely on the information provided by the dependency graph. + +- Dependency review uses the dependency graph to identify dependency changes and help you understand the security impact of these changes when you review pull requests. +- {% data variables.product.prodname_dependabot %} cross-references dependency data provided by the dependency graph with the list of known vulnerabilities published in the {% data variables.product.prodname_advisory_database %}, scans your dependecies and generates {% data variables.product.prodname_dependabot_alerts %} when a potential vulnerability is detected. +{% ifversion fpt or ghec or ghes > 3.2 %}- {% data variables.product.prodname_dependabot_security_updates %} use the dependency graph and {% data variables.product.prodname_dependabot_alerts %} to help you update dependencies with known vulnerabilities in your repository. + +{% data variables.product.prodname_dependabot_version_updates %} don't use the dependency graph and rely on the semantic versioning of dependencies instead. {% data variables.product.prodname_dependabot_version_updates %} help you keep your dependencies updated, even when they don’t have any vulnerabilities. +{% endif %} +{% endif %} + +{% ifversion ghes < 3.2 %} +{% data variables.product.prodname_dependabot %} cross-references dependency data provided by the dependency graph with the list of known vulnerabilities published in the {% data variables.product.prodname_advisory_database %}, scans your dependencies and generates {% data variables.product.prodname_dependabot_alerts %} when a potential vulnerability is detected. + {% endif %} + +## Feature overview + +### What is the dependency graph + +To generate the dependency graph, {% data variables.product.company_short %} looks at a repository’s explicit dependencies declared in the manifest and lockfiles. When enabled, the dependency graph automatically parses all known package manifest files in the repository, and uses this to construct a graph with known dependency names and versions. + +- The dependency graph includes information on your _direct_ dependencies and _transitive_ dependencies. +- The dependency graph is automatically updated when you push a commit to {% data variables.product.company_short %} that changes or adds a supported manifest or lock file to the default branch, and when anyone pushes a change to the repository of one of your dependencies. +- You can see the dependency graph by opening the repository's main page on {% data variables.product.product_name %}, and navigating to the **Insights** tab. + +For more information about the dependency graph, see "[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)." + +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +### What is dependency review + +Dependency review helps reviewers and contributors understand dependency changes and their security impact in every pull request. + +- Dependency review tells you which dependencies were added, removed, or updated, in a pull request. You can use the release dates, popularity of dependencies, and vulnerability information to help you decide whether to accept the change. +- You can see the dependency review for a pull request by showing the rich diff on the **Files Changed** tab. + +For more information about dependency review, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)." + +{% endif %} + +### What is Dependabot + +{% data variables.product.prodname_dependabot %} keeps your dependencies up to date by informing you of any security vulnerabilities in your dependencies{% ifversion fpt or ghec or ghes > 3.2 or ghae %}, and automatically opens pull requests to upgrade your dependencies to the next available secure version when a {% data variables.product.prodname_dependabot %} alert is triggered, or to the latest version when a release is published{% else %} so that you can update that dependency{% endif %}. + +{% ifversion fpt or ghec or ghes > 3.2 %} +The term "{% data variables.product.prodname_dependabot %}" encompasses the following features: +- {% data variables.product.prodname_dependabot_alerts %}—Displayed notification on the **Security** tab for the repository, and in the repository's dependency graph. The alert includes a link to the affected file in the project, and information about a fixed version. +- {% data variables.product.prodname_dependabot_updates %}: + - {% data variables.product.prodname_dependabot_security_updates %}—Triggered updates to upgrade your dependencies to a secure version when an alert is triggered. + - {% data variables.product.prodname_dependabot_version_updates %}—Scheduled updates to keep your dependencies up to date with the latest version. +{% endif %} + +#### What are Dependabot alerts + +{% data variables.product.prodname_dependabot_alerts %} highlight repositories affected by a newly discovered vulnerability based on the dependency graph and the {% data variables.product.prodname_advisory_database %}, which contains the versions on known vulnerability lists. + +- {% data variables.product.prodname_dependabot %} performs a scan to detect vulnerable dependencies and sends {% data variables.product.prodname_dependabot_alerts %} when: +{% ifversion fpt or ghec %} + - A new vulnerability is added to the {% data variables.product.prodname_advisory_database %}.{% else %} + - New advisory data is synchronized to {% data variables.product.product_location %} each hour from {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.security-advisory.link-browsing-advisory-db %}{% endif %} + - The dependency graph for the repository changes. +- {% data variables.product.prodname_dependabot_alerts %} are displayed {% ifversion fpt or ghec or ghes > 3.0 %} on the **Security** tab for the repository and{% endif %} in the repository's dependency graph. The alert includes {% ifversion fpt or ghec or ghes > 3.0 %}a link to the affected file in the project, and {% endif %}information about a fixed version. + +For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)." + +{% ifversion fpt or ghec or ghes > 3.2 %} +#### What are Dependabot updates + +There are two types of {% data variables.product.prodname_dependabot_updates %}: {% data variables.product.prodname_dependabot %} _security_ updates and _version_ updates. {% data variables.product.prodname_dependabot %} generates automatic pull requests to update your dependencies in both cases, but there are several differences. + +{% data variables.product.prodname_dependabot_security_updates %}: + - Triggered by a {% data variables.product.prodname_dependabot %} alert + - Update dependencies to the minimum version that resolves a known vulnerability + - Supported for ecosystems the dependency graph supports + +{% data variables.product.prodname_dependabot_version_updates %}: + - Run on a schedule you configure + - Update dependencies to the latest version that matches the configuration + - Supported for a different group of ecosystems + +For more information about {% data variables.product.prodname_dependabot_updates %}, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)" and "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates)." +{% endif %} + +## Feature availability + +{% ifversion fpt or ghec %} + +Public repositories: +- **Dependency graph**—enabled by default and cannot be disabled. +- **Dependency review**—enabled by default and cannot be disabled. +- **{% data variables.product.prodname_dependabot_alerts %}**—not enabled by default. {% data variables.product.prodname_dotcom %} detects vulnerable dependencies and displays information in the dependency graph, but does not generate {% data variables.product.prodname_dependabot_alerts %} by default. Repository owners or people with admin access can enable {% data variables.product.prodname_dependabot_alerts %}. + You can also enable or disable Dependabot alerts for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)." + +Private repositories: +- **Dependency graph**—not enabled by default. The feature can be enabled by repository administrators. For more information, see "[Exploring the dependencies of a repository](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." +{% ifversion fpt %} +- **Dependency review**—available in private repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review). +{% elsif ghec %} +- **Dependency review**—available in private repositories owned by organizations provided you have a license for {% data variables.product.prodname_GH_advanced_security %} and the dependency graph enabled. For more information, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)" and "[Exploring the dependencies of a repository](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." +{% endif %} +- **{% data variables.product.prodname_dependabot_alerts %}**—not enabled by default. Owners of private repositories, or people with admin access, can enable {% data variables.product.prodname_dependabot_alerts %} by enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for their repositories. + You can also enable or disable Dependabot alerts for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)." + +Any repository type: +- **{% data variables.product.prodname_dependabot_security_updates %}**—not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." +- **{% data variables.product.prodname_dependabot_version_updates %}**—not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling security updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." +{% endif %} + +{% ifversion ghes or ghae %} +- **Dependency graph** and **{% data variables.product.prodname_dependabot_alerts %}**—not enabled by default. Both features are configured at an enterprise level by the enterprise owner. For more information, see {% ifversion ghes %}"[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)" and {% endif %}"[Enabling {% data variables.product.prodname_dependabot %} for your enterprise](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)." +- **Dependency review**—available when dependency graph is enabled for {% data variables.product.product_location %} and {% data variables.product.prodname_advanced_security %} is enabled for the organization or repository. For more information, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)." +{% endif %} +{% ifversion ghes > 3.2 %} +- **{% data variables.product.prodname_dependabot_security_updates %}**—not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." +- **{% data variables.product.prodname_dependabot_version_updates %}**—not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling security updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." +{% endif %} diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md index de81712e37..91b871b9ef 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md @@ -55,7 +55,7 @@ You can use the dependency graph to: - Explore the repositories your code depends on{% ifversion fpt or ghec %}, and those that depend on it{% endif %}. For more information, see "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)." {% ifversion fpt or ghec %} - View a summary of the dependencies used in your organization's repositories in a single dashboard. For more information, see "[Viewing insights for your organization](/articles/viewing-insights-for-your-organization#viewing-organization-dependency-insights)."{% endif %} -- View and update vulnerable dependencies for your repository. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."{% ifversion fpt or ghes > 3.1 or ghec %} +- View and update vulnerable dependencies for your repository. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."{% ifversion fpt or ghes > 3.1 or ghec %} - See information about vulnerable dependencies in pull requests. For more information, see "[Reviewing dependency changes in a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)."{% endif %} ## Enabling the dependency graph @@ -84,7 +84,7 @@ The recommended formats explicitly define which versions are used for all direct {%- endif %} | Maven | Java, Scala | `pom.xml` | `pom.xml` | | npm | JavaScript | `package-lock.json` | `package-lock.json`, `package.json`| -| Python PIP | Python | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`{% if github-actions-in-dependency-graph %}[2]{% else %}[1]{% endif %} | +| pip | Python | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`{% if github-actions-in-dependency-graph %}[2]{% else %}[1]{% endif %} | {%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-4752 %} | Python Poetry | Python | `poetry.lock` | `poetry.lock`, `pyproject.toml` |{% endif %} | RubyGems | Ruby | `Gemfile.lock` | `Gemfile.lock`, `Gemfile`, `*.gemspec` | @@ -111,5 +111,5 @@ The recommended formats explicitly define which versions are used for all direct - "[Dependency graph](https://en.wikipedia.org/wiki/Dependency_graph)" on Wikipedia - "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)"{% ifversion fpt or ghec %} - "[Viewing insights for your organization](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)"{% endif %} -- "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" - "[Troubleshooting the detection of vulnerable dependencies](/github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies)" diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md index a9acbfc377..8b1c81aaf8 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md @@ -40,7 +40,7 @@ Enterprise owners can configure the dependency graph at an enterprise level. For ### Dependencies view {% ifversion fpt or ghec %} -Dependencies are grouped by ecosystem. You can expand a dependency to view its dependencies. For dependencies on public repositories hosted on {% data variables.product.product_name %}, you can also click a dependency to view the repository. Dependencies on private repositories, private packages, or unrecognized files are shown in plain text. +Dependencies are grouped by ecosystem. You can expand a dependency to view its dependencies. Dependencies on private repositories, private packages, or unrecognized files are shown in plain text. If the package manager for the dependency is in a public repository, {% data variables.product.product_name %} will display a link to that repository. If vulnerabilities have been detected in the repository, these are shown at the top of the view for users with access to {% data variables.product.prodname_dependabot_alerts %}. @@ -84,7 +84,10 @@ You can disable the dependency graph at any time by clicking **Disable** next to ## Changing the "Used by" package -If the dependency graph is enabled, and your repository contains a package that's published on a supported package ecosystem, {% data variables.product.prodname_dotcom %} displays a "Used by" section in the sidebar of the **Code** tab of your repository. For more information about the supported package ecosystems, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)." +You may notice some repositories have a "Used by" section in the sidebar of the **Code** tab. Your repository will have a "Used by" section if: + * The dependency graph is enabled for the repository (see the above section for more details). + * Your repository contains a package that is published on a [supported package ecosystem](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems). + * Within the ecosystem, your package has a link to a _public_ repository where the source is stored. The "Used by" section shows the number of public references to the package that were found, and displays the avatars of some of the owners of the dependent projects. @@ -114,7 +117,7 @@ If a manifest or lock file is not processed, its dependencies are omitted from t ## Further reading - "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" -- "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% ifversion fpt or ghec %} +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% ifversion fpt or ghec %} - "[Viewing insights for your organization](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)" - "[Understanding how {% data variables.product.prodname_dotcom %} uses and protects your data](/get-started/privacy-on-github)" {% endif %} diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md index 0e1e4f1579..646c4e30f1 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md @@ -9,10 +9,12 @@ topics: - Dependency graph - Dependencies - Repositories -children: - - /about-the-dependency-graph - - /exploring-the-dependencies-of-a-repository - - /about-dependency-review shortTitle: Understand your supply chain +children: + - /about-supply-chain-security + - /about-the-dependency-graph + - /about-dependency-review + - /exploring-the-dependencies-of-a-repository + - /troubleshooting-the-dependency-graph --- diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md new file mode 100644 index 0000000000..6de1b7a25d --- /dev/null +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md @@ -0,0 +1,62 @@ +--- +title: Troubleshooting the dependency graph +intro: 'If the dependency information reported by the dependency graph is not what you expected, there are a number of points to consider, and various things you can check.' +shortTitle: Troubleshoot dependency graph +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +type: how_to +topics: + - Troubleshooting + - Errors + - Dependencies + - Vulnerabilities + - Dependency graph + - CVEs + - Repositories +--- + +{% data reusables.dependabot.result-discrepancy %} + +## Does the dependency graph only find dependencies in manifests and lockfiles? + +The dependency graph includes information on dependencies that are explicitly declared in your environment. That is, dependencies that are specified in a manifest or a lockfile. The dependency graph generally also includes transitive dependencies, even when they aren't specified in a lockfile, by looking at the dependencies of the dependencies in a manifest file. + +The dependency graph doesn't include "loose" dependencies. "Loose" dependencies are individual files that are copied from another source and checked into the repository directly or within an archive (such as a ZIP or JAR file), rather than being referenced by in a package manager’s manifest or lockfile. + +**Check**: Is the missing dependency for a component that's not specified in the repository's manifest or lockfile? + +## Does the dependency graph detect dependencies specified using variables? + +The dependency graph analyzes manifests as they’re pushed to {% data variables.product.prodname_dotcom %}. The dependency graph doesn't, therefore, have access to the build environment of the project, so it can't resolve variables used within manifests. If you use variables within a manifest to specify the name, or more commonly the version of a dependency, then that dependency will not be included in the dependency graph. + +**Check**: Is the missing dependency declared in the manifest by using a variable for its name or version? + +## Are there limits which affect the dependency graph data? + +Yes, the dependency graph has two categories of limits: + +1. **Processing limits** + + These affect the dependency graph displayed within {% data variables.product.prodname_dotcom %} and also prevent {% data variables.product.prodname_dependabot_alerts %} being created. + + Manifests over 0.5 MB in size are only processed for enterprise accounts. For other accounts, manifests over 0.5 MB are ignored and will not create {% data variables.product.prodname_dependabot_alerts %}. + + By default, {% data variables.product.prodname_dotcom %} will not process more than 20 manifests per repository. {% data variables.product.prodname_dependabot_alerts %} are not created for manifests beyond this limit. If you need to increase the limit, contact {% data variables.contact.contact_support %}. + +2. **Visualization limits** + + These affect what's displayed in the dependency graph within {% data variables.product.prodname_dotcom %}. However, they don't affect the {% data variables.product.prodname_dependabot_alerts %} that are created. + + The Dependencies view of the dependency graph for a repository only displays 100 manifests. Typically this is adequate as it is significantly higher than the processing limit described above. In situations where the processing limit is over 100, {% data variables.product.prodname_dependabot_alerts %} are still created for any manifests that are not shown within {% data variables.product.prodname_dotcom %}. + +**Check**: Is the missing dependency in a manifest file that's over 0.5 MB, or in a repository with a large number of manifests? + +## Further reading + +- "[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)" +- "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" +- "[Troubleshooting the detection of vulnerable dependencies](/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"{% endif %} \ No newline at end of file diff --git a/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md b/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md index bb9208c4bd..2f2596db90 100644 --- a/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md +++ b/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md @@ -89,7 +89,7 @@ Permission | Description [`starring`](/rest/reference/permissions-required-for-github-apps/#permission-on-starring) | Grants access to the [Starring API](/rest/reference/activity#starring). Can be one of: `none`, `read`, or `write`. [`statuses`](/rest/reference/permissions-required-for-github-apps/#permission-on-statuses) | Grants access to the [Statuses API](/rest/reference/commits#commit-statuses). Can be one of: `none`, `read`, or `write`. [`team_discussions`](/rest/reference/permissions-required-for-github-apps/#permission-on-team-discussions) | Grants access to the [Team Discussions API](/rest/reference/teams#discussions) and the [Team Discussion Comments API](/rest/reference/teams#discussion-comments). Can be one of: `none`, `read`, or `write`.{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} -`vulnerability_alerts`| Grants access to receive security alerts for vulnerable dependencies in a repository. See "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)" to learn more. Can be one of: `none` or `read`.{% endif %} +`vulnerability_alerts`| Grants access to receive {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies in a repository. See "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)" to learn more. Can be one of: `none` or `read`.{% endif %} `watching` | Grants access to list and change repositories a user is subscribed to. Can be one of: `none`, `read`, or `write`. ## {% data variables.product.prodname_github_app %} webhook events diff --git a/content/developers/apps/building-github-apps/creating-a-github-app.md b/content/developers/apps/building-github-apps/creating-a-github-app.md index c16185959a..76e5cffc8a 100644 --- a/content/developers/apps/building-github-apps/creating-a-github-app.md +++ b/content/developers/apps/building-github-apps/creating-a-github-app.md @@ -52,7 +52,9 @@ topics: 1. By default, to improve your app's security, your app will use expiring user authorization tokens. To opt-out of using expiring user tokens, you must deselect "Expire user authorization tokens". To learn more about setting up a refresh token flow and the benefits of expiring user tokens, see "[Refreshing user-to-server access tokens](/apps/building-github-apps/refreshing-user-to-server-access-tokens/)." ![Option to opt-in to expiring user tokens during GitHub Apps setup](/assets/images/github-apps/expire-user-tokens-selection.png) 1. If your app authorizes users using the OAuth flow, you can select **Request user authorization (OAuth) during installation** to allow people to authorize the app when they install it, saving a step. If you select this option, the "Setup URL" becomes unavailable and users will be redirected to your "User authorization callback URL" after installing the app. See "[Authorizing users during installation](/apps/installing-github-apps/#authorizing-users-during-installation)" for more information. -![Request user authorization during installation](/assets/images/github-apps/github_apps_request_auth_upon_install.png) +![Request user authorization during installation](/assets/images/github-apps/github_apps_request_auth_upon_install.png){% if device-flow-is-opt-in %} +1. If your GitHub App will use the device flow to identify and authorize users, click **Enable Device Flow**. For more information about the device flow, see "[Authorizing OAuth Apps](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)." + ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} 1. If additional setup is required after installation, add a "Setup URL" to redirect users to after they install your app. ![Field for the setup URL of your GitHub App ](/assets/images/github-apps/github_apps_setup_url.png) diff --git a/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md b/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md index 466044f7b7..1c874a6fcb 100644 --- a/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md +++ b/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md @@ -124,9 +124,9 @@ curl -H "Authorization: token OAUTH-TOKEN" {% data variables.product.api_url_pre {% endnote %} -The device flow allows you to authorize users for a headless app, such as a CLI tool or Git credential manager. +The device flow allows you to authorize users for a headless app, such as a CLI tool or Git credential manager. -For more information about authorizing users using the device flow, see "[Authorizing OAuth Apps](/developers/apps/authorizing-oauth-apps#device-flow)". +{% if device-flow-is-opt-in %}Before you can use the device flow to identify and authorize users, you must first enable it in your app's settings. For more information on enabling device flow, see "[Modifying a GitHub App](/developers/apps/managing-github-apps/modifying-a-github-app)." {% endif %}For more information about authorizing users using the device flow, see "[Authorizing OAuth Apps](/developers/apps/authorizing-oauth-apps#device-flow)." ## Check which installation's resources a user can access diff --git a/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md b/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md index 3dfba1b4bf..fc1883a9d7 100644 --- a/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md +++ b/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md @@ -125,6 +125,12 @@ curl -H "Authorization: token OAUTH-TOKEN" {% data variables.product.api_url_pre The device flow allows you to authorize users for a headless app, such as a CLI tool or Git credential manager. +{% if device-flow-is-opt-in %} + +Before you can use the device flow to authorize and identify users, you must first enable it in your app's settings. For more information about enabling the device flow in your app, see "[Modifying an OAuth App](/developers/apps/managing-oauth-apps/modifying-an-oauth-app)" for OAuth Apps and "[Modifying a GitHub App](/developers/apps/managing-github-apps/modifying-a-github-app)" for GitHub Apps. + +{% endif %} + ### Overview of the device flow 1. Your app requests device and user verification codes and gets the authorization URL where the user will enter the user verification code. @@ -254,10 +260,12 @@ If you make more than one access token request (`POST {% data variables.product. | `unsupported_grant_type` | The grant type must be `urn:ietf:params:oauth:grant-type:device_code` and included as an input parameter when you poll the OAuth token request `POST {% data variables.product.oauth_host_code %}/login/oauth/access_token`. | `incorrect_client_credentials` | For the device flow, you must pass your app's client ID, which you can find on your app settings page. The `client_secret` is not needed for the device flow. | `incorrect_device_code` | The device_code provided is not valid. -| `access_denied` | When a user clicks cancel during the authorization process, you'll receive a `access_denied` error and the user won't be able to use the verification code again. +| `access_denied` | When a user clicks cancel during the authorization process, you'll receive a `access_denied` error and the user won't be able to use the verification code again.{% if device-flow-is-opt-in %} +| `device_flow_disabled` | Device flow has not been enabled in the app's settings. For more information, see "[Device flow](#device-flow)."{% endif %} For more information, see the "[OAuth 2.0 Device Authorization Grant](https://tools.ietf.org/html/rfc8628#section-3.5)." + ## Non-Web application flow Non-web authentication is available for limited situations like testing. If you need to, you can use [Basic Authentication](/rest/overview/other-authentication-methods#basic-authentication) to create a personal access token using your [Personal access tokens settings page](/articles/creating-an-access-token-for-command-line-use). This technique enables the user to revoke access at any time. diff --git a/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md b/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md index fa68055de4..7b9ad1ee07 100644 --- a/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md +++ b/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md @@ -53,6 +53,8 @@ topics: **Note:** OAuth Apps cannot have multiple callback URLs, unlike {% data variables.product.prodname_github_apps %}. {% endnote %} -{% endif %} -10. Click **Register application**. +{% endif %}{% if device-flow-is-opt-in %} +1. If your OAuth App will use the device flow to identify and authorize users, click **Enable Device Flow**. For more information about the device flow, see "[Authorizing OAuth Apps](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)." + ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} +2. Click **Register application**. ![Button to register an application](/assets/images/oauth-apps/oauth_apps_register_application.png) diff --git a/content/developers/apps/managing-github-apps/modifying-a-github-app.md b/content/developers/apps/managing-github-apps/modifying-a-github-app.md index 48fc1ccfb1..992812d0d3 100644 --- a/content/developers/apps/managing-github-apps/modifying-a-github-app.md +++ b/content/developers/apps/managing-github-apps/modifying-a-github-app.md @@ -18,6 +18,8 @@ topics: {% data reusables.user-settings.github_apps %} {% data reusables.user-settings.modify_github_app %} 5. In "Basic information", modify the GitHub App information that you'd like to change. -![Basic information section for your GitHub App](/assets/images/github-apps/github_apps_basic_information.png) +![Basic information section for your GitHub App](/assets/images/github-apps/github_apps_basic_information.png){% if device-flow-is-opt-in %} +1. If your GitHub App will use the device flow to identify and authorize users, click **Enable device flow**. For more information about the device flow, see "[Authorizing OAuth Apps](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)." + ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} 6. Click **Save changes**. ![Button to save changes for your GitHub App](/assets/images/github-apps/github_apps_save_changes.png) diff --git a/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md b/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md index eb0ffba0ac..5665ae13d3 100644 --- a/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md +++ b/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md @@ -51,7 +51,7 @@ Key | Type | Description `name` | `string` | The plan's name. `description` | `string` | This plan's description. `monthly_price_in_cents` | `integer` | The monthly price of this plan in cents (US currency). For example, a listing that costs 10 US dollars per month will be 1000 cents. -`yearly_price_in_cents` | `integer` | The yearly price of this plan in cents (US currency). For example, a listing that costs 100 US dollars per month will be 10000 cents. +`yearly_price_in_cents` | `integer` | The yearly price of this plan in cents (US currency). For example, a listing that costs 100 US dollars per month will be 120000 cents. `price_model` | `string` | The pricing model for this listing. Can be one of `flat-rate`, `per-unit`, or `free`. `has_free_trial` | `boolean` | `true` when this listing offers a free trial. `unit_name` | `string` | The name of the unit. If the pricing model is not `per-unit` this will be `nil`. diff --git a/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md b/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md index 54befbadb1..65142bbe04 100644 --- a/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md +++ b/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md @@ -1244,7 +1244,7 @@ Key | Type | Description Activity related to a security advisory that has been reviewed by {% data variables.product.company_short %}. A {% data variables.product.company_short %}-reviewed security advisory provides information about security-related vulnerabilities in software on {% data variables.product.prodname_dotcom %}. -The security advisory dataset also powers the GitHub {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)." +The security advisory dataset also powers the GitHub {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)." ### Availability diff --git a/content/get-started/exploring-projects-on-github/finding-ways-to-contribute-to-open-source-on-github.md b/content/get-started/exploring-projects-on-github/finding-ways-to-contribute-to-open-source-on-github.md index 671697cc51..8858b9e749 100644 --- a/content/get-started/exploring-projects-on-github/finding-ways-to-contribute-to-open-source-on-github.md +++ b/content/get-started/exploring-projects-on-github/finding-ways-to-contribute-to-open-source-on-github.md @@ -24,7 +24,7 @@ If there's a particular topic that interests you, visit `github.com/topics/ +```geojson +{ + "type": "Polygon", + "coordinates": [ + [ + [-90,30], + [-90,35], + [-90,35], + [-85,35], + [-85,30] + ] + ] +} +``` + + +![Rendered map](/assets/images/help/writing/fenced-geojson-rendered-map.png) + +### Using topoJSON + +For example, you can create a simple topoJSON map: + +
+```topojson
+{
+  "type": "Topology",
+  "transform": {
+    "scale": [0.0005000500050005, 0.00010001000100010001],
+    "translate": [100, 0]
+  },
+  "objects": {
+    "example": {
+      "type": "GeometryCollection",
+      "geometries": [
+        {
+          "type": "Point",
+          "properties": {"prop0": "value0"},
+          "coordinates": [4000, 5000]
+        },
+        {
+          "type": "LineString",
+          "properties": {"prop0": "value0", "prop1": 0},
+          "arcs": [0]
+        },
+        {
+          "type": "Polygon",
+          "properties": {"prop0": "value0",
+            "prop1": {"this": "that"}
+          },
+          "arcs": [[1]]
+        }
+      ]
+    }
+  },
+  "arcs": [[[4000, 0], [1999, 9999], [2000, -9999], [2000, 9999]],[[0, 0], [0, 9999], [2000, 0], [0, -9999], [-2000, 0]]]
+}
+```
+
+ +![Rendered topojson map](/assets/images/help/writing/fenced-topojson-rendered-map.png) + +For more information on working with `.geojson` and `.topojson` files, see "[Working with non-code files](/repositories/working-with-files/using-files/working-with-non-code-files#mapping-geojson-files-on-github)." + + +## Creating STL 3D models + +You can use ASCII STL syntax directly in markdown to create interactive 3D models. To display a model, add ASCII STL syntax inside a fenced code block with the `stl` syntax identifier. For more information, see "[Creating and highlighting code blocks](/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks)." + +For example, you can create a simple 3D model: + +
+```stl
+solid cube_corner
+  facet normal 0.0 -1.0 0.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 1.0 0.0 0.0
+      vertex 0.0 0.0 1.0
+    endloop
+  endfacet
+  facet normal 0.0 0.0 -1.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 0.0 1.0 0.0
+      vertex 1.0 0.0 0.0
+    endloop
+  endfacet
+  facet normal -1.0 0.0 0.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 0.0 0.0 1.0
+      vertex 0.0 1.0 0.0
+    endloop
+  endfacet
+  facet normal 0.577 0.577 0.577
+    outer loop
+      vertex 1.0 0.0 0.0
+      vertex 0.0 1.0 0.0
+      vertex 0.0 0.0 1.0
+    endloop
+  endfacet
+endsolid
+```
+
+ +![Rendered 3D model](/assets/images/help/writing/fenced-stl-rendered-object.png) + +For more information on working with `.stl` files, see "[Working with non-code files](/repositories/working-with-files/using-files/working-with-non-code-files#3d-file-viewer)." + diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md index 535f165c25..61b87d6530 100644 --- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md @@ -123,7 +123,7 @@ You can enable or disable features for all repositories. By default, {% data variables.product.prodname_dependabot %} can't update dependencies that are located in private repositories or private package registries. However, if a dependency is in a private {% data variables.product.prodname_dotcom %} repository within the same organization as the project that uses that dependency, you can allow {% data variables.product.prodname_dependabot %} to update the version successfully by giving it access to the host repository. -If your code depends on packages in a private registry, you can allow {% data variables.product.prodname_dependabot %} to update the versions of these dependencies by configuring this at the repository level. You do this by adding authentication details to the _dependabot.yml_ file for the repository. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." +If your code depends on packages in a private registry, you can allow {% data variables.product.prodname_dependabot %} to update the versions of these dependencies by configuring this at the repository level. You do this by adding authentication details to the _dependabot.yml_ file for the repository. For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." To allow {% data variables.product.prodname_dependabot %} to access a private {% data variables.product.prodname_dotcom %} repository: @@ -163,6 +163,5 @@ You can manage access to {% data variables.product.prodname_GH_advanced_security - "[Securing your repository](/code-security/getting-started/securing-your-repository)"{% ifversion not fpt %} - "[About secret scanning](/github/administering-a-repository/about-secret-scanning)"{% endif %}{% ifversion not ghae %} -- "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" -- "[Managing vulnerabilities in your project's dependencies](/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies)"{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %} -- "[Keeping your dependencies updated automatically](/github/administering-a-repository/keeping-your-dependencies-updated-automatically)"{% endif %} +- "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)"{% endif %}{% ifversion fpt or ghec or ghes or ghae-issue-4864 %} +- "[About supply chain security](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)"{% endif %} diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md index c8eb80ee20..f6d67a50f8 100644 --- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md @@ -42,7 +42,7 @@ To search for specific events, use the `action` qualifier in your query. Actions | [`billing`](#billing-category-actions) | Contains all activities related to your organization's billing. | [`business`](#business-category-actions) | Contains activities related to business settings for an enterprise. | | [`codespaces`](#codespaces-category-actions) | Contains all activities related to your organization's codespaces. |{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %} -| [`dependabot_alerts`](#dependabot_alerts-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in existing repositories. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +| [`dependabot_alerts`](#dependabot_alerts-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in existing repositories. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." | [`dependabot_alerts_new_repos`](#dependabot_alerts_new_repos-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in new repositories created in the organization. | [`dependabot_security_updates`](#dependabot_security_updates-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_security_updates %} in existing repositories. For more information, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." | [`dependabot_security_updates_new_repos`](#dependabot_security_updates_new_repos-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_security_updates %} for new repositories created in the organization.{% endif %}{% ifversion fpt or ghec %} @@ -508,10 +508,10 @@ For more information, see "[Managing the publication of {% data variables.produc | Action | Description | |--------|-------------| | `package_version_published` | Triggered when a package version is published. | -| `package_version_deleted` | Triggered when a specific package version is deleted. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." -| `package_deleted` | Triggered when an entire package is deleted. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." -| `package_version_restored` | Triggered when a specific package version is deleted. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." -| `package_restored` | Triggered when an entire package is restored. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." +| `package_version_deleted` | Triggered when a specific package version is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_deleted` | Triggered when an entire package is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_version_restored` | Triggered when a specific package version is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_restored` | Triggered when an entire package is restored.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} {% endif %} @@ -680,7 +680,7 @@ For more information, see "[Managing the publication of {% data variables.produc | Action | Description |------------------|------------------- -| `create` | Triggered when {% data variables.product.product_name %} creates a {% data variables.product.prodname_dependabot %} alert for a repository that uses a vulnerable dependency. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +| `create` | Triggered when {% data variables.product.product_name %} creates a {% data variables.product.prodname_dependabot %} alert for a repository that uses a vulnerable dependency. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." | `dismiss` | Triggered when an organization owner or person with admin access to the repository dismisses a {% data variables.product.prodname_dependabot %} alert about a vulnerable dependency. | `resolve` | Triggered when someone with write access to a repository pushes changes to update and resolve a vulnerability in a project dependency. diff --git a/content/packages/learn-github-packages/about-permissions-for-github-packages.md b/content/packages/learn-github-packages/about-permissions-for-github-packages.md index 67fc4b6b0a..4205f11706 100644 --- a/content/packages/learn-github-packages/about-permissions-for-github-packages.md +++ b/content/packages/learn-github-packages/about-permissions-for-github-packages.md @@ -47,7 +47,7 @@ To use or manage a package hosted by a package registry, you must use a token wi For example: - To download and install packages from a repository, your token must have the `read:packages` scope, and your user account must have read permission. -- {% ifversion fpt or ghes or ghec %}To delete a package on {% data variables.product.product_name %}, your token must at least have the `delete:packages` and `read:packages` scope. The `repo` scope is also required for repo-scoped packages.{% elsif ghae %}To delete a specified version of a package on {% data variables.product.product_name %}, your token must have the `delete:packages` and `repo` scope.{% endif %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." +- {% ifversion fpt or ghes > 3.1 or ghec %}To delete a package on {% data variables.product.product_name %}, your token must at least have the `delete:packages` and `read:packages` scope. The `repo` scope is also required for repo-scoped packages. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% elsif ghae %}To delete a specified version of a package on {% data variables.product.product_name %}, your token must have the `delete:packages` and `repo` scope. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} | Scope | Description | Required permission | | --- | --- | --- | diff --git a/content/packages/learn-github-packages/deleting-and-restoring-a-package.md b/content/packages/learn-github-packages/deleting-and-restoring-a-package.md index 4a64a1bdc8..5c3da7dcb8 100644 --- a/content/packages/learn-github-packages/deleting-and-restoring-a-package.md +++ b/content/packages/learn-github-packages/deleting-and-restoring-a-package.md @@ -9,7 +9,7 @@ redirect_from: - /packages/guides/deleting-a-container-image versions: fpt: '*' - ghes: '*' + ghes: '>=3.2' ghec: '*' ghae: '*' shortTitle: Delete & restore a package @@ -27,7 +27,7 @@ On {% data variables.product.prodname_dotcom %} if you have the required access, {% note %} -**Note:** +**Note:** - You cannot delete a public package if any version of the package has more than 5000 downloads. In this scenario, contact [GitHub support](https://support.github.com/contact?tags=docs-packages) for further assistance. - When deleting public packages, be aware that you may break projects that depend on your package. diff --git a/content/packages/learn-github-packages/introduction-to-github-packages.md b/content/packages/learn-github-packages/introduction-to-github-packages.md index 1292276a7b..2f92adc46d 100644 --- a/content/packages/learn-github-packages/introduction-to-github-packages.md +++ b/content/packages/learn-github-packages/introduction-to-github-packages.md @@ -108,7 +108,7 @@ You can delete a private or public package in the {% data variables.product.prod You can delete a version of a package in the {% data variables.product.product_name %} user interface or using the GraphQL API. {% endif %} -When you use the GraphQL API to query and delete private packages, you must use the same token you use to authenticate to {% data variables.product.prodname_registry %}. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" and "[Forming calls with GraphQL]({% ifversion ghec %}/free-pro-team@latest{% endif %}/graphql/guides/forming-calls-with-graphql)." +When you use the GraphQL API to query and delete private packages, you must use the same token you use to authenticate to {% data variables.product.prodname_registry %}. For more information, see {% ifversion fpt or ghec or ghes > 3.1 or ghae %}"[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" and {% endif %}"[Forming calls with GraphQL]({% ifversion ghec %}/free-pro-team@latest{% endif %}/graphql/guides/forming-calls-with-graphql)." You can configure webhooks to subscribe to package-related events, such as when a package is published or updated. For more information, see the "[`package` webhook event](/webhooks/event-payloads/#package)." diff --git a/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md b/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md index 724f57e18d..c18396b6fa 100644 --- a/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md +++ b/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md @@ -190,5 +190,5 @@ To install an Apache Maven package from {% data variables.product.prodname_regis ## Further reading -- "[Working with the Gradle registry](/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry)" -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +- "[Working with the Gradle registry](/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry)"{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)"{% endif %} diff --git a/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md b/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md index dc433c384c..f114ecd455 100644 --- a/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md +++ b/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md @@ -261,8 +261,12 @@ $ docker pull HOSTNAME/OWNER/REPOSITORY/IMAGE_NAME:TAG_NAME {% endnote %} +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} + ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +{% endif %} + {% endif %} diff --git a/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md b/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md index 7ff16231a5..62c520c70b 100644 --- a/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md +++ b/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md @@ -215,5 +215,5 @@ To use a published package from {% data variables.product.prodname_registry %}, ## Further reading -- "[Working with the Apache Maven registry](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)" -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +- "[Working with the Apache Maven registry](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)"{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)"{% endif %} diff --git a/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md b/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md index b7d14dcd6a..f34f6977a1 100644 --- a/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md +++ b/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md @@ -27,7 +27,7 @@ If you publish over 1,000 npm package versions to {% data variables.product.prod In the future, to improve performance of the service, you won't be able to publish more than 1,000 versions of a package on {% data variables.product.prodname_dotcom %}. Any versions published before hitting this limit will still be readable. -If you reach this limit, consider deleting package versions or contact Support for help. When this limit is enforced, our documentation will be updated with a way to work around this limit. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" or "[Contacting Support](/packages/learn-github-packages/about-github-packages#contacting-support)." +If you reach this limit, consider deleting package versions or contact Support for help. When this limit is enforced, our documentation will be updated with a way to work around this limit. For more information, see {% ifversion fpt or ghec or ghes > 3.1 or ghae %}"[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" or {% endif %}"[Contacting Support](/packages/learn-github-packages/about-github-packages#contacting-support)." ## Authenticating to {% data variables.product.prodname_registry %} @@ -212,7 +212,3 @@ If your instance has subdomain isolation disabled: {% data variables.product.prodname_registry %} allows you to access the official NPM registry at `registry.npmjs.com`, if your {% data variables.product.prodname_ghe_server %} administrator has enabled this feature. For more information, see [Connecting to the official NPM registry](/admin/packages/configuring-packages-support-for-your-enterprise#connecting-to-the-official-npm-registry). {% endif %} - -## Further reading - -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" diff --git a/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md b/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md index 0fb8b99987..cd835bf35f 100644 --- a/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md +++ b/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md @@ -232,6 +232,8 @@ Your NuGet package may fail to push if the `RepositoryUrl` in *.csproj* is not s If you're using a nuspec file, ensure that it has a `repository` element with the required `type` and `url` attributes. +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +{% endif %} diff --git a/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md b/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md index c17c6eaa13..01a56b4478 100644 --- a/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md +++ b/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md @@ -136,7 +136,7 @@ You can use gems from {% data variables.product.prodname_registry %} much like y end ``` -3. For Bundler versions earlier than 1.7.0, you need to add a new global `source`. For more information on using Bundler, see the [bundler.io documentation](http://bundler.io/v1.5/gemfile.html). +3. For Bundler versions earlier than 1.7.0, you need to add a new global `source`. For more information on using Bundler, see the [bundler.io documentation](https://bundler.io/gemfile.html). ```ruby source "https://{% ifversion fpt or ghec %}rubygems.pkg.github.com{% else %}REGISTRY-URL{% endif %}/OWNER" @@ -151,6 +151,10 @@ You can use gems from {% data variables.product.prodname_registry %} much like y $ gem install octo-gem --version "0.1.1" ``` +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} + ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" + +{% endif %} diff --git a/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md b/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md index 0468b92cc8..6c243ce6e4 100644 --- a/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md +++ b/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md @@ -50,6 +50,12 @@ Before you can use Jekyll to test a site, you must: ``` 3. To preview your site, in your web browser, navigate to `http://localhost:4000`. +{% note %} + +**Note:** If you are using Ruby 3.0 and Jekyll 4.2.x or older, you will need to add the `webrick` gem to your project's Gemfile prior to running `bundle install`. + +{% endnote %} + ## Updating the {% data variables.product.prodname_pages %} gem Jekyll is an active open source project that is updated frequently. If the `github-pages` gem on your computer is out of date with the `github-pages` gem on the {% data variables.product.prodname_pages %} server, your site may look different when built locally than when published on {% data variables.product.product_name %}. To avoid this, regularly update the `github-pages` gem on your computer. diff --git a/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md b/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md index 0d8f54b35a..2e1c7f916a 100644 --- a/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md +++ b/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md @@ -16,9 +16,11 @@ topics: - Pull requests shortTitle: Request a PR review --- -Owners and collaborators on a repository owned by a user account can assign pull request reviews. Organization members with triage permissions to a repository can assign a pull request review. +Repositories belong to a personal account (a single individual owner) or an organization account (a shared account with numerous collaborators or maintainers). For more information, see "[Types of {% data variables.product.prodname_dotcom %} accounts](/get-started/learning-about-github/types-of-github-accounts)." Owners and collaborators on a repository owned by a personal account can assign pull request reviews. Organization members with triage permissions can also assign a reviewer for a pull request. -Owners or collaborators can assign a pull request review to any person that has been explicitly granted [read access](/articles/access-permissions-on-github) to a user-owned repository. Organization members can assign a pull request review to any person or team with read access to a repository. The requested reviewer or team will receive a notification that you asked them to review the pull request. {% ifversion fpt or ghae or ghes or ghec %}If you request a review from a team and code review assignment is enabled, specific members will be requested and the team will be removed as a reviewer. For more information, see "[Managing code review settings for your team](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)."{% endif %} +To assign a reviewer to a pull request, you will need write access to the repository. For more information about repository access, see "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)." If you have write access, you can assign anyone who has read access to the repository as a reviewer. + +Organization members with write access can also assign a pull request review to any person or team with read access to a repository. The requested reviewer or team will receive a notification that you asked them to review the pull request. {% ifversion fpt or ghae or ghes or ghec %}If you request a review from a team and code review assignment is enabled, specific members will be requested and the team will be removed as a reviewer. For more information, see "[Managing code review settings for your team](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)."{% endif %} {% note %} diff --git a/content/repositories/creating-and-managing-repositories/renaming-a-repository.md b/content/repositories/creating-and-managing-repositories/renaming-a-repository.md index c089e88750..7d86a30d4d 100644 --- a/content/repositories/creating-and-managing-repositories/renaming-a-repository.md +++ b/content/repositories/creating-and-managing-repositories/renaming-a-repository.md @@ -36,11 +36,11 @@ If you plan to rename a repository that has a {% data variables.product.prodname {% endif %} -{% tip %} +{% note %} -**Tip:** {% data reusables.organizations.owners-and-admins-can %} rename a repository. {% data reusables.organizations.new-repo-permissions-more-info %} +**Note:** {% data variables.product.prodname_dotcom %} will not redirect calls to an action hosted by a renamed repository. Any workflow that uses that action will fail with the error `repository not found`. Instead, create a new repository and action with the new name and archive the old repository. For more information, see "[Archiving repositories](/repositories/archiving-a-github-repository/archiving-repositories)." -{% endtip %} +{% endnote %} {% warning %} diff --git a/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md b/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md index 647063b1ee..a4bef4079e 100644 --- a/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md +++ b/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md @@ -37,7 +37,7 @@ Each CODEOWNERS file assigns the code owners for a single branch in the reposito For code owners to receive review requests, the CODEOWNERS file must be on the base branch of the pull request. For example, if you assign `@octocat` as the code owner for *.js* files on the `gh-pages` branch of your repository, `@octocat` will receive review requests when a pull request with changes to *.js* files is opened between the head branch and `gh-pages`. -{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-9273 %} +{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4675 %} ## CODEOWNERS file size CODEOWNERS files must be under 3 MB in size. A CODEOWNERS file over this limit will not be loaded, which means that code owner information is not shown and the appropriate code owners will not be requested to review changes in a pull request. diff --git a/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md b/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md index fb70e9fcec..d13265d50b 100644 --- a/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md +++ b/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md @@ -7,7 +7,7 @@ versions: fpt: '*' ghec: '*' ghes: '>3.2' - ghae-issue-4974: '*' + ghae: 'issue-4974' topics: - Repositories --- diff --git a/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md b/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md index 29e586ab41..890f1e122a 100644 --- a/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md +++ b/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md @@ -75,5 +75,5 @@ Almost all software relies on code developed and maintained by other developers, The dependency graph provides a great way to visualize and explore the dependencies for a repository. For more information, see "[About the dependency graph](/code-security/supply-chain-security/about-the-dependency-graph)" and "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository)." -You can also set up your repository so that {% data variables.product.company_short %} alerts you automatically whenever a security vulnerability is found in one of your dependencies. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +You can also set up your repository so that {% data variables.product.company_short %} alerts you automatically whenever a security vulnerability is found in one of your dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." {% endif %} diff --git a/content/repositories/working-with-files/using-files/working-with-non-code-files.md b/content/repositories/working-with-files/using-files/working-with-non-code-files.md index 2623fdbd36..a35cb818f9 100644 --- a/content/repositories/working-with-files/using-files/working-with-non-code-files.md +++ b/content/repositories/working-with-files/using-files/working-with-non-code-files.md @@ -130,6 +130,12 @@ By default, the embedded renderer is 420 pixels wide by 620 pixels high, but you {% endtip %} +{% if mermaid %} +### Rendering in Markdown + +You can embed ASCII STL syntax directly in Markdown. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-stl-3d-models)." +{% endif %} + ## Rendering CSV and TSV data GitHub supports rendering tabular data in the form of *.csv* (comma-separated) and .*tsv* (tab-separated) files. @@ -240,7 +246,7 @@ When you click the paper icon on the right, you'll also see the changes made to ![Source Render toggle screenshot](/assets/images/help/repository/source-render-toggle-geojson.png) -### Geometry Types +### Geometry types Maps on {% data variables.product.product_name %} use [Leaflet.js](http://leafletjs.com) and support all the geometry types outlined in [the geoJSON spec](http://www.geojson.org/geojson-spec.html) (Point, LineString, Polygon, MultiPoint, MultiLineString, MultiPolygon, and GeometryCollection). TopoJSON files should be type "Topology" and adhere to the [topoJSON spec](https://github.com/mbostock/topojson/wiki/Specification). @@ -281,6 +287,12 @@ By default, the embedded map 420px x 620px, but you can customize the output by {% endtip %} +{% if mermaid %} +### Mapping in Markdown + +You can embed geoJSON and topoJSON directly in Markdown. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-geojson-and-topojson-maps)." +{% endif %} + ### Clustering If your map contains a large number of markers (roughly over 750), GitHub will automatically cluster nearby markers at higher zoom levels. Simply click the cluster or zoom in to see individual markers. @@ -299,7 +311,7 @@ Additionally, if your `.geojson` file is especially large (over 10 MB), it is no It may still be possible to render the data by converting the `.geojson` file to [TopoJSON](https://github.com/mbostock/topojson), a compression format that, in some cases, can reduce filesize by up to 80%. Of course, you can always break the file into smaller chunks (such as by state or by year), and store the data as multiple files within the repository. -### Additional Resources +### Further reading * [Leaflet.js geojson documentation](http://leafletjs.com/examples/geojson.html) * [MapBox marker-styling documentation](http://www.mapbox.com/developers/simplestyle/) @@ -327,3 +339,45 @@ $ jupyter nbconvert --to html NOTEBOOK-NAME.ipynb - [Jupyter Notebook's GitHub repository](https://github.com/jupyter/jupyter_notebook) - [Gallery of Jupyter Notebooks](https://github.com/jupyter/jupyter/wiki/A-gallery-of-interesting-Jupyter-Notebooks) + +{% if mermaid %} +## Displaying Mermaid files on {% data variables.product.prodname_dotcom %} + +{% data variables.product.product_name %} supports rendering Mermaid files within repositories. Commit the file as you would normally using a `.mermaid` or `.mmd` extension. Then, navigate to the path of the Mermaid file on {% data variables.product.prodname_dotcom %}. + +For example, if you add a `.mmd` file with the following content to your repository: + +``` +graph TD + A[Friend's Birthday] -->|Get money| B(Go shopping) + B --> C{Let me think} + C -->|One| D["Cool
Laptop"] + C -->|Two| E[iPhone] + C -->|Three| F[fa:fa-car Car] +``` + +When you view the file in the repository, it is rendered as a flow chart. +![Rendered mermaid file diagram](/assets/images/help/repository/mermaid-file-diagram.png) + +### Troubleshooting + +If your chart does not render at all, verify that it contains valid Mermaid Markdown syntax by checking your chart with the [Mermaid live editor](https://mermaid.live/edit). + +If the chart displays, but does not appear as you'd expect, you can create a new [feedback discussion](https://github.com/github/feedback/discussions/categories/general-feedback), and add the `mermaid` tag. + +#### Known issues + +* Sequence diagram charts frequently render with additional padding below the chart, with more padding added as the chart size increases. This is a known issue with the Mermaid library. +* Actor nodes with popover menus do not work as expected within sequence diagram charts. This is due to a discrepancy in how JavaScript events are added to a chart when the Mermaid library's API is used to render a chart. +* Not all charts are a11y compliant. This may affect users who rely on a screen reader. + +### Mermaid in Markdown + +You can embed Mermaid syntax directly in Markdown. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-mermaid-diagrams)." + +### Further reading + +* [Mermaid.js documentation](https://mermaid-js.github.io/mermaid/#/) +* [Mermaid.js live editor](https://mermaid.live/edit) +{% endif %} + diff --git a/content/rest/overview/permissions-required-for-github-apps.md b/content/rest/overview/permissions-required-for-github-apps.md index b7a48ad6e5..cfcd1ace6c 100644 --- a/content/rest/overview/permissions-required-for-github-apps.md +++ b/content/rest/overview/permissions-required-for-github-apps.md @@ -121,6 +121,9 @@ _Search_ - [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#get-an-artifact) (:read) - [`DELETE /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#delete-an-artifact) (:write) - [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id/zip`](/rest/reference/actions#download-an-artifact) (:read) +{% if actions-cache-management -%} +- [`GET /repos/:owner/:repo/actions/cache/usage`](/rest/reference/actions#get-github-actions-cache-usage-for-a-repository) (:read) +{% endif -%} - [`GET /repos/:owner/:repo/actions/jobs/:job_id`](/rest/reference/actions#get-a-job-for-a-workflow-run) (:read) - [`GET /repos/:owner/:repo/actions/jobs/:job_id/logs`](/rest/reference/actions#download-job-logs-for-a-workflow-run) (:read) - [`GET /repos/:owner/:repo/actions/runs`](/rest/reference/actions#list-workflow-runs-for-a-repository) (:read) @@ -644,6 +647,10 @@ _Teams_ ### Permission on "organization administration" - [`PATCH /orgs/:org`](/rest/reference/orgs#update-an-organization) (:write) +{% if actions-cache-management -%} +- [`GET /orgs/:org/actions/cache/usage`](/rest/reference/actions#get-github-actions-cache-usage-for-an-organization) (:read) +- [`GET /orgs/:org/actions/cache/usage-by-repository`](/rest/reference/actions#list-repositories-with-github-actions-cache-usage-for-an-organization) (:read) +{% endif -%} {% ifversion fpt -%} - [`GET /orgs/:org/interaction-limits`](/rest/reference/interactions#get-interaction-restrictions-for-an-organization) (:read) {% endif -%} diff --git a/content/rest/reference/deploy_keys.md b/content/rest/reference/deploy_keys.md new file mode 100644 index 0000000000..2a49dbdf47 --- /dev/null +++ b/content/rest/reference/deploy_keys.md @@ -0,0 +1,17 @@ +--- +title: Deploy Keys +intro: 'The Deploy Keys API allows to create an SSH key that is stored on your server and grants access to a GitHub repository.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: '*' + ghec: '*' +topics: + - API +miniTocMaxHeadingLevel: 3 +--- + + \ No newline at end of file diff --git a/content/rest/reference/deployments.md b/content/rest/reference/deployments.md index ebed155118..23d5e0a4ab 100644 --- a/content/rest/reference/deployments.md +++ b/content/rest/reference/deployments.md @@ -1,6 +1,6 @@ --- title: Deployments -intro: 'The deployments API allows you to create and delete deploy keys, deployments, and deployment environments.' +intro: 'The deployments API allows you to create and delete deployments and deployment environments.' allowTitleToDifferFromFilename: true versions: fpt: '*' diff --git a/content/rest/reference/index.md b/content/rest/reference/index.md index 91bdedf6b6..f8af7f0e7a 100644 --- a/content/rest/reference/index.md +++ b/content/rest/reference/index.md @@ -22,6 +22,7 @@ children: - /collaborators - /commits - /dependabot + - /deploy_keys - /deployments - /emojis - /enterprise-admin diff --git a/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md b/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md index 587d5ac59f..1e4adc1f7a 100644 --- a/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md +++ b/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md @@ -98,7 +98,7 @@ The Service's bandwidth limitations vary based on the features you use. If we de While we understand that you may want to promote your Content by posting supporters' names or logos in your Account, the primary focus of the Content posted in or through your Account to the Service should not be advertising or promotional marketing. This includes Content posted in or through Pages, Packages, repositories, and all other parts of the Service. You may include static images, links, and promotional text in the README documents or project description sections associated with your Account, but they must be related to the project you are hosting on GitHub. You may not advertise in other Users' Accounts, such as by posting monetized or excessive bulk content in issues. -You may not promote or distribute content or activity that is illegal or otherwise prohibited by our [Terms of Service](/github/site-policy/github-terms-of-service/)or [Acceptable Use Policies](/github/site-policy/github-acceptable-use-policies/), including excessive automated bulk activity (for example, spamming), get-rich-quick schemes, and misrepresentation or deception related to your promotion. +You may not promote or distribute content or activity that is illegal or otherwise prohibited by our [Terms of Service](/github/site-policy/github-terms-of-service/) or [Acceptable Use Policies](/github/site-policy/github-acceptable-use-policies/), including excessive automated bulk activity (for example, spamming), get-rich-quick schemes, and misrepresentation or deception related to your promotion. If you decide to post any promotional materials in your Account, you are solely responsible for complying with all applicable laws and regulations, including without limitation the U.S. Federal Trade Commission's Guidelines on Endorsements and Testimonials. We reserve the right to remove any promotional materials or advertisements that, in our sole discretion, violate any GitHub terms or policies. diff --git a/contributing/content-markup-reference.md b/contributing/content-markup-reference.md index 8d71dffedd..7d8fe5dd2e 100644 --- a/contributing/content-markup-reference.md +++ b/contributing/content-markup-reference.md @@ -196,6 +196,22 @@ These instructions are pertinent to GraphQL API users. {% endgraphql %} ``` +``` +{% powershell %} + +These instructions are pertinent to `pwsh` and `powershell` commands. + +{% endpowershell %} +``` + +``` +{% bash %} + +These instructions are pertinent to Bash shell commands. + +{% endbash %} +``` + You can define a default tool in the frontmatter. For more information, see the [content README](../content/README.md#defaulttool). ## Reusable and variable strings of text diff --git a/data/features/actions-cache-management.yml b/data/features/actions-cache-management.yml new file mode 100644 index 0000000000..1ce07a81ed --- /dev/null +++ b/data/features/actions-cache-management.yml @@ -0,0 +1,7 @@ +# Reference: #6154 +# Documentation for Actions cache management APIs (initial ship) +versions: + fpt: '*' + ghec: '*' + ghes: '> 3.4' + ghae: 'issue-6154' diff --git a/data/features/device-flow-is-opt-in.yml b/data/features/device-flow-is-opt-in.yml new file mode 100644 index 0000000000..1d72f08d3d --- /dev/null +++ b/data/features/device-flow-is-opt-in.yml @@ -0,0 +1,5 @@ +# docs-content 6307. OAuth device auth flow is opt in. +versions: + fpt: '*' + ghec: '*' + ghae: 'issue-6307' diff --git a/data/features/for-you-feed.yml b/data/features/for-you-feed.yml new file mode 100644 index 0000000000..3b45cb456d --- /dev/null +++ b/data/features/for-you-feed.yml @@ -0,0 +1,5 @@ +# Issues 4834 and 5722 +# New feed for personal dashboards and option to follow organizations +versions: + fpt: '*' + ghec: '*' diff --git a/data/features/mermaid.yml b/data/features/mermaid.yml index 7923730060..453320d1bf 100644 --- a/data/features/mermaid.yml +++ b/data/features/mermaid.yml @@ -1,7 +1,7 @@ -# Issue 5812 and 6172 -# Mermaid syntax support +# Issues 5812 and 6172, also 6411 +# Mermaid syntax support, also ASCII STL and geoJSON/topoJSON syntax support versions: fpt: '*' ghec: '*' - ghes: '>=3.5' + ghes: '>=3.6' ghae: 'issue-6172' diff --git a/data/features/re-run-jobs.yml b/data/features/re-run-jobs.yml new file mode 100644 index 0000000000..31a13136ba --- /dev/null +++ b/data/features/re-run-jobs.yml @@ -0,0 +1,7 @@ +# Issue 4722 +# Re-running failed jobs in an Actions workflow +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.5' + ghae: 'issue-4722' diff --git a/data/learning-tracks/admin.yml b/data/learning-tracks/admin.yml index 3c957cda2d..6ef7226986 100644 --- a/data/learning-tracks/admin.yml +++ b/data/learning-tracks/admin.yml @@ -7,6 +7,7 @@ get_started_with_github_ae: guides: - /admin/overview/about-github-ae - /admin/overview/about-data-residency + - /admin/configuration/configuring-your-enterprise/deploying-github-ae - /admin/configuration/initializing-github-ae - /admin/configuration/restricting-network-traffic-to-your-enterprise - /admin/github-actions/getting-started-with-github-actions-for-github-ae diff --git a/data/learning-tracks/code-security.yml b/data/learning-tracks/code-security.yml index a3953b368e..c406f23375 100644 --- a/data/learning-tracks/code-security.yml +++ b/data/learning-tracks/code-security.yml @@ -18,24 +18,24 @@ dependabot_alerts: title: 'Get notifications for vulnerable dependencies' description: 'Set up Dependabot to alert you to new vulnerabilities in your dependencies.' guides: - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies + - /code-security/dependabot/dependabot-alerts/about-dependabot-alerts - '{% ifversion fpt or ghec or ghes > 3.2 %}/github/administering-a-repository/managing-repository-settings/managing-security-and-analysis-settings-for-your-repository{% endif %}' - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors + - /code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts + - /code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies + - /code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors # Feature available on dotcom and GHES 3.3+, so articles available on GHAE and earlier GHES hidden to hide the learning track dependabot_security_updates: title: 'Get pull requests to update your vulnerable dependencies' description: 'Set up Dependabot to create pull requests when new vulnerabilities are reported.' guides: - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates + - /code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates + - /code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates - '{% ifversion fpt or ghec or ghes > 3.2 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies{% endif %}' - '{% ifversion fpt or ghec or ghes > 3.2 %}/github/administering-a-repository/managing-repository-settings/managing-security-and-analysis-settings-for-your-repository{% endif %}' - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates - '{% ifversion fpt or ghec or ghes > 3.2 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies{% endif %}' # Feature available only on dotcom and GHES 3.3+ @@ -43,16 +43,16 @@ dependency_version_updates: title: 'Keep your dependencies up-to-date' description: 'Use Dependabot to check for new releases and create pull requests to update your dependencies.' guides: - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors + - /code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates + - /code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates + - /code-security/dependabot/dependabot-version-updates/customizing-dependency-updates + - /code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + - /code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot + - /code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions + - /code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates + - /code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors # Feature available in GHEC, GHES 3.0 up, and GHAE. Feature limited on FPT so hidden there. secret_scanning: diff --git a/data/product-examples/code-security/code-examples.yml b/data/product-examples/code-security/code-examples.yml index 4a9dc89aaa..5296f72264 100644 --- a/data/product-examples/code-security/code-examples.yml +++ b/data/product-examples/code-security/code-examples.yml @@ -21,7 +21,7 @@ # Security policies - title: Microsoft security policy template description: Example security policy - href: https://github.com/microsoft/repo-templates/blob/main/shared/SECURITY.md + href: /microsoft/repo-templates/blob/main/shared/SECURITY.md tags: - Security policy - title: Electron security policy diff --git a/data/release-notes/enterprise-server/3-1/0.yml b/data/release-notes/enterprise-server/3-1/0.yml index f4db0c2cc8..ccd0725cf4 100644 --- a/data/release-notes/enterprise-server/3-1/0.yml +++ b/data/release-notes/enterprise-server/3-1/0.yml @@ -76,6 +76,7 @@ sections: - The latest release of the CodeQL CLI supports uploading analysis results to GitHub. This makes it easier to run code analysis for customers who wish to use CI/CD systems other than {% data variables.product.prodname_actions %}. Previously, such users had to use the separate CodeQL runner, which will continue to be available. For more information, see "[About CodeQL code scanning in your CI system](/enterprise-server@3.1/code-security/secure-coding/about-codeql-code-scanning-in-your-ci-system)." - '{% data variables.product.prodname_actions %} now supports skipping `push` and `pull_request` workflows by looking for some common keywords in your commit message.' - Check annotations older than four months will be archived. + - Scaling of worker allocation for background tasks has been revised. We recommend validating that the new defaults are appropriate for your workload. Custom background worker overrides should be unset in most cases. [Updated 2022-03-18] - heading: Security Changes notes: diff --git a/data/release-notes/enterprise-server/3-4/0-rc1.yml b/data/release-notes/enterprise-server/3-4/0-rc1.yml index 0d9f46c338..9aa637db8e 100644 --- a/data/release-notes/enterprise-server/3-4/0-rc1.yml +++ b/data/release-notes/enterprise-server/3-4/0-rc1.yml @@ -1,6 +1,6 @@ date: '2022-02-15' release_candidate: true -deprecated: false +deprecated: true intro: | {% note %} diff --git a/data/release-notes/enterprise-server/3-4/0.yml b/data/release-notes/enterprise-server/3-4/0.yml new file mode 100644 index 0000000000..8e5db4ccfe --- /dev/null +++ b/data/release-notes/enterprise-server/3-4/0.yml @@ -0,0 +1,288 @@ +date: '2022-03-15' +intro: | + + For upgrade instructions, see "[Upgrading {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)." + + > This release is dedicated to our colleague and friend John, a Hubber who was always there to help. You will be greatly missed. + > + > **John "Ralph" Wiebalk 1986–2021** + +sections: + features: + - heading: Secret scanning REST API now returns locations + notes: + # https://github.com/github/releases/issues/1642 + - | + {% data variables.product.prodname_GH_advanced_security %} customers can now use the REST API to retrieve commit details of secrets detected in private repository scans. The new endpoint returns details of a secret's first detection within a file, including the secret's location and commit SHA. For more information, see "[Secret scanning](/rest/reference/secret-scanning)" in the REST API documentation. + + - heading: Export license data of committer-based billing for GitHub Advanced Security + notes: + # https://github.com/github/releases/issues/1757 + - | + Enterprise and organization owners can now export their {% data variables.product.prodname_GH_advanced_security %} license usage data to a CSV file. The {% data variables.product.prodname_advanced_security %} billing data can also be retrieved via billing endpoints in the REST API. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-11-export-github-advanced-security-license-usage-data/)." + + - heading: GitHub Actions reusable workflows in public beta + notes: + # https://github.com/github/releases/issues/1541 + - | + You can now reuse entire workflows as if they were an action. This feature is available in public beta. Instead of copying and pasting workflow definitions across repositories, you can now reference an existing workflow with a single line of configuration. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-05-github-actions-dry-your-github-actions-configuration-by-reusing-workflows/)." + + - heading: Dependabot security and version updates in public beta + notes: + # https://github.com/github/releases/issues/2004 + - | + {% data variables.product.prodname_dependabot %} is now available in {% data variables.product.prodname_ghe_server %} 3.4 as a public beta, offering both version updates and security updates for several popular ecosystems. {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_ghe_server %} requires {% data variables.product.prodname_actions %} and a pool of self-hosted runners configured for {% data variables.product.prodname_dependabot %} use. {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_ghe_server %} also requires {% data variables.product.prodname_github_connect %} and {% data variables.product.prodname_dependabot %} to be enabled by an administrator. Beta feedback and suggestions can be shared in the [{% data variables.product.prodname_dependabot %} Feedback GitHub discussion](https://github.com/github/feedback/discussions/categories/dependabot-feedback). For more information and to try the beta, see "[Setting up {% data variables.product.prodname_dependabot %} security and version updates on your enterprise](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/setting-up-dependabot-updates)." + + - heading: SAML authentication supports encrypted assertions + notes: + # https://github.com/github/releases/issues/1946 + - | + If you use SAML authentication for {% data variables.product.prodname_ghe_server %}, you can now configure encrypted assertions from your IdP to improve security. Encrypted assertions add an additional layer of encryption when your IdP transmits information to {% data variables.product.product_location %}. For more information, see "[Using SAML](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml#enabling-encrypted-assertions)." + + changes: + - heading: Administration Changes + notes: + # https://github.com/github/releases/issues/1657 + - Users can now choose the number of spaces a tab is equal to, by setting their preferred tab size in the "Appearance" settings of their user account. All code with a tab indent will render using the preferred tab size. + + # https://github.com/github/releases/issues/2062 + - The {% data variables.product.prodname_github_connect %} data connection record now includes a count of the number of active and dormant users and the configured dormancy period. + + # https://github.com/github/releases/issues/1722 + - You can now give users access to enterprise-specific links by adding custom footers to {% data variables.product.prodname_ghe_server %}. For more information, see "[Configuring custom footers](/admin/configuration/configuring-your-enterprise/configuring-custom-footers)." + + - heading: Performance Changes + notes: + # https://github.com/github/releases/issues/2031 + - WireGuard, used to secure communication between {% data variables.product.prodname_ghe_server %} instances in a High Availability configuration, has been migrated to the Kernel implementation. + + - heading: Notification Changes + notes: + # https://github.com/github/releases/issues/1801 + - Organization owners can now unsubscribe from email notifications when new deploy keys are added to repositories belonging to their organizations. For more information, see "[Configuring notifications](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications)." + + # https://github.com/github/releases/issues/1714 + - 'Notification emails from newly created issues and pull requests now include `(Issue #xx)` or `(PR #xx)` in the email subject, so you can recognize and filter emails that reference these types of issues.' + + - heading: Organization Changes + notes: + # https://github.com/github/releases/issues/1509 + - Organizations can now display a `README.md` file on their profile Overview. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-14-readmes-for-organization-profiles/)." + + # https://github.com/github/releases/issues/1883 + - Members of organizations can now view a list of their enterprise owners under the organization's "People" tab. The enterprise owners list is also now accessible using the GraphQL API. For more information, see the "[`enterpriseOwners`](/graphql/reference/objects#organization)" field under the Organization object in the GraphQL API documentation. + + - heading: Repositories changes + notes: + # https://github.com/github/releases/issues/1944 + - | + A "Manage Access" section is now shown on the "Collaborators and teams" page in your repository settings. The new section makes it easier for repository administrators to see and manage who has access to their repository, and the level of access granted to each user. Administrators can now: + + * Search all members, teams and collaborators who have access to the repository. + * View when members have mixed role assignments, granted to them directly as individuals or indirectly via a team. This is visualized through a new "mixed roles" warning, which displays the highest level role the user is granted if their permission level is higher than their assigned role. + * Manage access to popular repositories reliably, with page pagination and fewer timeouts when large groups of users have access. + + # https://github.com/github/releases/issues/1748 + - '{% data variables.product.prodname_ghe_server %} 3.4 includes improvements to the repository invitation experience, such as notifications for private repository invites, a UI prompt when visiting a private repository you have a pending invitation for, and a banner on a public repository overview page when there is an pending invitation.' + + # https://github.com/github/releases/issues/1739 + - You can now use single-character prefixes for custom autolinks. Autolink prefixes also now allow `.`, `-`, `_`, `+`, `=`, `:`, `/`, and `#` characters, as well as alphanumerics. For more information about custom autolinks, see "[Configuring autolinks to reference external resources](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources)." + + # https://github.com/github/releases/issues/1776 + - A `CODE_OF_CONDUCT.md` file in the root of a repository is now highlighted in the "About" sidebar on the repository overview page. + + - heading: 'Releases changes' + notes: + # https://github.com/github/releases/issues/1723 + - '{% data variables.product.prodname_ghe_server %} 3.4 includes improvements to the Releases UI, such as automatically generated release notes which display a summary of all the pull requests for a given release. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-20-improvements-to-github-releases-generally-available/)."' + + # https://github.com/github/releases/issues/1606 + - When a release is published, an avatar list is now displayed at the bottom of the release. Avatars for all user accounts mentioned in the release notes are shown. For more information, see "[Managing releases in a repository](/repositories/releasing-projects-on-github/managing-releases-in-a-repository)." + + - heading: 'Markdown changes' + notes: + # https://github.com/github/releases/issues/1779 + - You can now use the new "Accessibility" settings page to manage your keyboard shortcuts. You can choose to disable keyboard shortcuts that only use single characters like S, G C, and . (the period key). For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-16-managing-keyboard-shortcuts-using-accessibility-settings/)." + + # https://github.com/github/releases/issues/1727 + - You can now choose to use a fixed-width font in Markdown-enabled fields, like issue comments and pull request descriptions. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-12-fixed-width-font-support-in-markdown-enabled-fields/)." + + # https://github.com/github/releases/issues/1761 + - You can now paste a URL on selected text to quickly create a Markdown link. This works in all Markdown-enabled fields, such as issue comments and pull request descriptions. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-linkify-selected-text-on-url-paste/)." + + # https://github.com/github/releases/issues/1758 + - An image URL can now be appended with a theme context, such as `#gh-dark-mode-only`, to define how the Markdown image is displayed to a viewer. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-24-specify-theme-context-for-images-in-markdown/)." + + # https://github.com/github/releases/issues/1686 + - When creating or editing a gist file with the Markdown (`.md`) file extension, you can now use the "Preview" or "Preview Changes" tab to display a Markdown rendering of the file contents. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-17-preview-the-markdown-rendering-of-gists/)." + + # https://github.com/github/releases/issues/1754 + - When typing the name of a {% data variables.product.prodname_dotcom %} user in issues, pull requests and discussions, the @mention suggester now ranks existing participants higher than other {% data variables.product.prodname_dotcom %} users, so that it's more likely the user you're looking for will be listed. + + # https://github.com/github/releases/issues/1636 + - Right-to-left languages are now supported natively in Markdown files, issues, pull requests, discussions, and comments. + + - heading: 'Issues and pull requests changes' + notes: + # https://github.com/github/releases/issues/1731 + - The diff setting to hide whitespace changes in the pull request "Files changed" tab is now retained for your user account for that pull request. The setting you have chosen is automatically reapplied if you navigate away from the page and then revisit the "Files changed" tab of the same pull request. + + # https://github.com/github/releases/issues/1663 + - When using auto assignment for pull request code reviews, you can now choose to only notify requested team members independently of your auto assignment settings. This setting is useful in scenarios where many users are auto assigned but not all users require notification. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-team-member-pull-request-review-notifications-can-be-configured-independently-of-auto-assignment/)." + + - heading: 'Branches changes' + notes: + # https://github.com/github/releases/issues/1526 + - Organization and repository administrators can now trigger webhooks to listen for changes to branch protection rules on their repositories. For more information, see the "[branch_protection_rule](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#branch_protection_rule)" event in the webhooks events and payloads documentation. + + # https://github.com/github/releases/issues/1759 + - When configuring protected branches, you can now enforce that a required status check is provided by a specific {% data variables.product.prodname_github_app %}. If a status is then provided by a different application, or by a user via a commit status, merging is prevented. This ensures all changes are validated by the intended application. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-12-01-ensure-required-status-checks-provided-by-the-intended-app/)." + + # https://github.com/github/releases/issues/1911 + - Only users with administrator permissions are now able to rename protected branches and modify branch protection rules. Previously, with the exception of the default branch, a collaborator could rename a branch and consequently any non-wildcard branch protection rules that applied to that branch were also renamed. For more information, see "[Renaming a branch](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch)" and "[Managing a branch protection rule](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule)." + + # https://github.com/github/releases/issues/1845 + - Administrators can now allow only specific users and teams to bypass pull request requirements. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-19-allow-bypassing-required-pull-requests/)." + + # https://github.com/github/releases/issues/1850 + - Administrators can now allow only specific users and teams to force push to a repository. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-12-21-specify-who-can-force-push-to-a-repository/)." + + # https://github.com/github/releases/issues/1796 + - When requiring pull requests for all changes to a protected branch, administrators can now choose if approved reviews are also a requirement. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-require-pull-requests-without-requiring-reviews/)." + + - heading: 'GitHub Actions changes' + notes: + # https://github.com/github/releases/issues/1906 + - '{% data variables.product.prodname_actions %} workflows triggered by {% data variables.product.prodname_dependabot %} for the `create`, `deployment`, and `deployment_status` events now always receive a read-only token and no secrets. Similarly, workflows triggered by {% data variables.product.prodname_dependabot %} for the `pull_request_target` event on pull requests where the base ref was created by {% data variables.product.prodname_dependabot %}, now always receive a read-only token and no secrets. These changes are designed to prevent potentially malicious code from executing in a privileged workflow. For more information, see "[Automating {% data variables.product.prodname_dependabot %} with {% data variables.product.prodname_actions %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)."' + + # https://github.com/github/releases/issues/1667 + - Workflow runs on `push` and `pull_request` events triggered by {% data variables.product.prodname_dependabot %} will now respect the permissions specified in your workflows, allowing you to control how you manage automatic dependency updates. The default token permissions will remain read-only. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-06-github-actions-workflows-triggered-by-dependabot-prs-will-respect-permissions-key-in-workflows/)." + + # https://github.com/github/releases/issues/1668 + - '{% data variables.product.prodname_actions %} workflows triggered by {% data variables.product.prodname_dependabot %} will now be sent the {% data variables.product.prodname_dependabot %} secrets. You can now pull from private package registries in your CI using the same secrets you have configured for {% data variables.product.prodname_dependabot %} to use, improving how {% data variables.product.prodname_actions %} and {% data variables.product.prodname_dependabot %} work together. For more information, see "[Automating {% data variables.product.prodname_dependabot %} with {% data variables.product.prodname_actions %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)."' + + # https://github.com/github/releases/issues/1615 + - You can now manage runner groups and see the status of your self-hosted runners using new Runners and Runner Groups pages in the UI. The Actions settings page for your repository or organization now shows a summary view of your runners, and allows you to deep dive into a specific runner to edit it or see what job it may be currently running. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-20-github-actions-experience-refresh-for-the-management-of-self-hosted-runners/)." + + # https://github.com/github/releases/issues/1785 + - 'Actions authors can now have their action run in Node.js 16 by specifying [`runs.using` as `node16` in the action''s `action.yml`](/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-javascript-actions). This is in addition to the existing Node.js 12 support; actions can continue to specify `runs.using: node12` to use the Node.js 12 runtime.' + + # https://github.com/github/releases/issues/1799 + - 'For manually triggered workflows, {% data variables.product.prodname_actions %} now supports the `choice`, `boolean`, and `environment` input types in addition to the default `string` type. For more information, see "[`on.workflow_dispatch.inputs`](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_dispatchinputs)."' + + # https://github.com/github/releases/issues/1782 + - Actions written in YAML, also known as composite actions, now support `if` conditionals. This lets you prevent specific steps from executing unless a condition has been met. Like steps defined in workflows, you can use any supported context and expression to create a conditional. + + # https://github.com/github/releases/issues/1919 + - The search order behavior for self-hosted runners has now changed, so that the first available matching runner at any level will run the job in all cases. This allows jobs to be sent to self-hosted runners much faster, especially for organizations and enterprises with lots of self-hosted runners. Previously, when running a job that required a self-hosted runner, {% data variables.product.prodname_actions %} would look for self-hosted runners in the repository, organization, and enterprise, in that order. + + # https://github.com/github/releases/issues/1753 + - Runner labels for {% data variables.product.prodname_actions %} self-hosted runners can now be listed, added and removed using the REST API. For more information about using the new APIs at a repository, organization, or enterprise level, see "[Repositories](/rest/reference/actions#list-labels-for-a-self-hosted-runner-for-a-repository)", "[Organizations](/rest/reference/actions#add-custom-labels-to-a-self-hosted-runner-for-an-organization)", and "[Enterprises](/rest/reference/enterprise-admin#list-labels-for-a-self-hosted-runner-for-an-enterprise)" in the REST API documentation. + + - heading: 'Dependabot and Dependency graph changes' + notes: + # https://github.com/github/releases/issues/1520 + - Dependency graph now supports detecting Python dependencies in repositories that use the Poetry package manager. Dependencies will be detected from both `pyproject.toml` and `poetry.lock` manifest files. + + # https://github.com/github/releases/issues/1921 + - When configuring {% data variables.product.prodname_dependabot %} security and version updates on GitHub Enterprise Server, we recommend you also enable {% data variables.product.prodname_dependabot %} in {% data variables.product.prodname_github_connect %}. This will allow {% data variables.product.prodname_dependabot %} to retrieve an updated list of dependencies and vulnerabilities from {% data variables.product.prodname_dotcom_the_website %}, by querying for information such as the changelogs of the public releases of open source code that you depend upon. For more information, see "[Enabling the dependency graph and Dependabot alerts for your enterprise](/admin/configuration/configuring-github-connect/enabling-the-dependency-graph-and-dependabot-alerts-for-your-enterprise)." + + # https://github.com/github/releases/issues/1717 + - '{% data variables.product.prodname_dependabot_alerts %} alerts can now be dismissed using the GraphQL API. For more information, see the "[dismissRepositoryVulnerabilityAlert](/graphql/reference/mutations#dismissrepositoryvulnerabilityalert)" mutation in the GraphQL API documentation.' + + - heading: 'Code scanning and secret scanning changes' + notes: + # https://github.com/github/releases/issues/1802 + - The {% data variables.product.prodname_codeql %} CLI now supports including markdown-rendered query help in SARIF files, so that the help text can be viewed in the {% data variables.product.prodname_code_scanning %} UI when the query generates an alert. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-23-display-help-text-for-your-custom-codeql-queries-in-code-scanning/)." + + # https://github.com/github/releases/issues/1790 + - The {% data variables.product.prodname_codeql %} CLI and {% data variables.product.prodname_vscode %} extension now support building databases and analyzing code on machines powered by Apple Silicon, such as Apple M1. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-codeql-now-supports-apple-silicon-m1/)." + + # https://github.com/github/releases/issues/1732 + - | + The depth of {% data variables.product.prodname_codeql %}'s analysis has been improved by adding support for more [libraries and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/) from the Python ecosystem. As a result, {% data variables.product.prodname_codeql %} can now detect even more potential sources of untrusted user data, steps through which that data flows, and potentially dangerous sinks where the data could end up. This results in an overall improvement of the quality of {% data variables.product.prodname_code_scanning %} alerts. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-24-codeql-code-scanning-now-recognizes-more-python-libraries-and-frameworks/)." + + # https://github.com/github/releases/issues/1567 + - Code scanning with {% data variables.product.prodname_codeql %} now includes beta support for analyzing code in all common Ruby versions, up to and including 3.02. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-27-codeql-code-scanning-adds-beta-support-for-ruby/)." + + # https://github.com/github/releases/issues/1764 + - | + Several improvements have been made to the {% data variables.product.prodname_code_scanning %} API: + + * The `fixed_at` timestamp has been added to alerts. This timestamp is the first time that the alert was not detected in an analysis. + * Alert results can now be sorted using `sort` and `direction` on either `created`, `updated` or `number`. For more information, see "[List code scanning alerts for a repository](/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository)." + * A `Last-Modified` header has been added to the alerts and alert endpoint response. For more information, see [`Last-Modified`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Last-Modified) in the Mozilla documentation. + * The `relatedLocations` field has been added to the SARIF response when you request a code scanning analysis. The field may contain locations which are not the primary location of the alert. See an example in the [SARIF spec](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html#_Toc16012616) and for more information see "[Get a code scanning analysis for a repository](/rest/reference/code-scanning#get-a-code-scanning-analysis-for-a-repository)." + * Both `help` and `tags` data have been added to the webhook response alert rule object. For more information, see "[Code scanning alert webhooks events and payloads](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#code_scanning_alert)." + * Personal access tokens with the `public_repo` scope now have write access for code scanning endpoints on public repos, if the user has permission. + + For more information, see "[Code scanning](/rest/reference/code-scanning)" in the REST API documentation. + + # https://github.com/github/releases/issues/1943 + - '{% data variables.product.prodname_GH_advanced_security %} customers can now use the REST API to retrieve private repository secret scanning results at the enterprise level. The new endpoint supplements the existing repository-level and organization-level endpoints. For more information, see "[Secret scanning](/rest/reference/secret-scanning)" in the REST API documentation.' + + # No security/bug fixes for the GA release + # security_fixes: + # - PLACEHOLDER + + # bugs: + # - PLACEHOLDER + + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - Custom firewall rules are removed during the upgrade process. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + - The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues. + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - Actions services needs to be restarted after restoring appliance from backup taken on a different host. + + deprecations: + - heading: Deprecation of GitHub Enterprise Server 3.0 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.0 was discontinued on February 16, 2022**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - heading: Deprecation of GitHub Enterprise Server 3.1 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.1 will be discontinued on June 3, 2022**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + + - heading: Deprecation of XenServer Hypervisor support + notes: + # https://github.com/github/docs-content/issues/4439 + - Starting in {% data variables.product.prodname_ghe_server %} 3.3, {% data variables.product.prodname_ghe_server %} on XenServer was deprecated and is no longer supported. Please contact [GitHub Support](https://support.github.com) with questions or concerns. + + - heading: Deprecation of the Content Attachments API preview + notes: + # + - Due to low usage, we have deprecated the Content References API preview in {% data variables.product.prodname_ghe_server %} 3.4. The API was previously accessible with the `corsair-preview` header. Users can continue to navigate to external URLs without this API. Any registered usages of the Content References API will no longer receive a webhook notification for URLs from your registered domain(s) and we no longer return valid response codes for attempted updates to existing content attachments. + + - heading: Deprecation of the Codes of Conduct API preview + notes: + # https://github.com/github/releases/issues/1708 + - 'The Codes of Conduct API preview, which was accessible with the `scarlet-witch-preview` header, is deprecated and no longer accessible in {% data variables.product.prodname_ghe_server %} 3.4. We instead recommend using the "[Get community profile metrics](/rest/reference/repos#get-community-profile-metrics)" endpoint to retrieve information about a repository''s code of conduct. For more information, see the "[Deprecation Notice: Codes of Conduct API preview](https://github.blog/changelog/2021-10-06-deprecation-notice-codes-of-conduct-api-preview/)" in the {% data variables.product.prodname_dotcom %} changelog.' + + - heading: Deprecation of OAuth Application API endpoints and API authentication using query parameters + notes: + # https://github.com/github/releases/issues/1316 + - | + Starting with {% data variables.product.prodname_ghe_server %} 3.4, the [deprecated version of the OAuth Application API endpoints](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#endpoints-affected) have been removed. If you encounter 404 error messages on these endpoints, convert your code to the versions of the OAuth Application API that do not have `access_tokens` in the URL. We've also disabled the use of API authentication using query parameters. We instead recommend using [API authentication in the request header](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make). + + - heading: Deprecation of the CodeQL runner + notes: + # https://github.com/github/releases/issues/1632 + - The {% data variables.product.prodname_codeql %} runner is deprecated in {% data variables.product.prodname_ghe_server %} 3.4 and is no longer supported. The deprecation only affects users who use {% data variables.product.prodname_codeql %} code scanning in third party CI/CD systems; {% data variables.product.prodname_actions %} users are not affected. We strongly recommend that customers migrate to the {% data variables.product.prodname_codeql %} CLI, which is a feature-complete replacement for the {% data variables.product.prodname_codeql %} runner. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/). + + - heading: Deprecation of custom bit-cache extensions + notes: + # https://github.com/github/releases/issues/1415 + - | + Starting in {% data variables.product.prodname_ghe_server %} 3.1, support for {% data variables.product.company_short %}'s proprietary bit-cache extensions began to be phased out. These extensions are deprecated in {% data variables.product.prodname_ghe_server %} 3.3 onwards. + + Any repositories that were already present and active on {% data variables.product.product_location %} running version 3.1 or 3.2 will have been automatically updated. + + Repositories which were not present and active before upgrading to {% data variables.product.prodname_ghe_server %} 3.3 may not perform optimally until a repository maintenance task is run and has successfully completed. + + To start a repository maintenance task manually, browse to `https:///stafftools/repositories///network` for each affected repository and click the Schedule button. + + backups: + - '{% data variables.product.prodname_ghe_server %} 3.4 requires at least [GitHub Enterprise Backup Utilities 3.4.0](https://github.com/github/backup-utils) for [Backups and Disaster Recovery](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance).' diff --git a/data/reusables/actions/enterprise-github-connect-warning.md b/data/reusables/actions/enterprise-github-connect-warning.md deleted file mode 100644 index 30cd0dd1e4..0000000000 --- a/data/reusables/actions/enterprise-github-connect-warning.md +++ /dev/null @@ -1,15 +0,0 @@ -{% ifversion ghes > 3.2 or ghae-issue-4815 %} -{% note %} - -**Note:** When a workflow uses an action by referencing the repository where the action is stored, {% data variables.product.prodname_actions %} will try to find the repository on your {% data variables.product.prodname_ghe_server %} instance first before falling back to {% data variables.product.prodname_dotcom_the_website %}. If a user has already created an organization and repository in your enterprise that matches an organization and repository name on {% data variables.product.prodname_dotcom %}, the repository on your enterprise will be used in place of the {% data variables.product.prodname_dotcom %} repository. For more information, see "[Automatic retirement of namespaces for actions accessed on {% data variables.product.prodname_dotcom_the_website%}](#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom)." - -{% endnote %} -{% endif %} - -{% ifversion ghes < 3.3 or ghae %} -{% note %} - -**Note:** When a workflow uses an action by referencing the repository where the action is stored, {% data variables.product.prodname_actions %} will try to find the repository on your {% data variables.product.prodname_ghe_server %} instance first before falling back to {% data variables.product.prodname_dotcom_the_website %}. If a user creates an organization and repository in your enterprise that matches an organization and repository name on {% data variables.product.prodname_dotcom %}, the repository on your enterprise will be used in place of the {% data variables.product.prodname_dotcom %} repository. A malicious user could take advantage of this behavior to run code as part of a workflow. - -{% endnote %} -{% endif %} diff --git a/data/reusables/actions/github-connect-resolution.md b/data/reusables/actions/github-connect-resolution.md new file mode 100644 index 0000000000..816e314a30 --- /dev/null +++ b/data/reusables/actions/github-connect-resolution.md @@ -0,0 +1 @@ +When a workflow uses an action by referencing the repository where the action is stored, {% data variables.product.prodname_actions %} will first try to find the repository on {% data variables.product.product_location %}. If the repository does not exist on {% data variables.product.product_location %}, and if you have automatic access to {% data variables.product.prodname_dotcom_the_website %} enabled, {% data variables.product.prodname_actions %} will try to find the repository on {% data variables.product.prodname_dotcom_the_website %}. \ No newline at end of file diff --git a/data/reusables/actions/github-token-expiration.md b/data/reusables/actions/github-token-expiration.md new file mode 100644 index 0000000000..3391ce321f --- /dev/null +++ b/data/reusables/actions/github-token-expiration.md @@ -0,0 +1 @@ +The `GITHUB_TOKEN` expires when a job finishes or after a maximum of 24 hours. \ No newline at end of file diff --git a/data/reusables/actions/restrict-runner-workflow-beta.md b/data/reusables/actions/restrict-runner-workflow-beta.md deleted file mode 100644 index 77949eb08b..0000000000 --- a/data/reusables/actions/restrict-runner-workflow-beta.md +++ /dev/null @@ -1,7 +0,0 @@ -{% if restrict-groups-to-workflows %} -{% note %} - -**Note:** Configuring the workflows that can access a runner group is currently in beta and subject to change. - -{% endnote %} -{% endif %} diff --git a/data/reusables/actions/self-hosted-runner-communications-for-ghae.md b/data/reusables/actions/self-hosted-runner-communications-for-ghae.md deleted file mode 100644 index 3734abb068..0000000000 --- a/data/reusables/actions/self-hosted-runner-communications-for-ghae.md +++ /dev/null @@ -1,8 +0,0 @@ -{% ifversion ghae %} - -You must ensure that the self-hosted runner has appropriate network access to communicate with your {% data variables.product.prodname_ghe_managed %} URL and its subdomains. -For example, if your instance name is `octoghae`, then you will need to allow the self-hosted runner to access `octoghae.githubenterprise.com`, `api.octoghae.githubenterprise.com`, and `codeload.octoghae.githubenterprise.com`. - -If you use an IP address allow list for your organization or enterprise account on {% data variables.product.prodname_dotcom %}, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)." - -{% endif %} diff --git a/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md b/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md new file mode 100644 index 0000000000..893f05bfe2 --- /dev/null +++ b/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md @@ -0,0 +1 @@ +To use actions from {% data variables.product.prodname_dotcom_the_website %},{% ifversion ghes %} both {% data variables.product.product_location %} and{% endif %} your self-hosted runners must be able to make outbound connections to {% data variables.product.prodname_dotcom_the_website %}. No inbound connections from {% data variables.product.prodname_dotcom_the_website %} are required. For more information. For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners#communication-betweens-self-hosted-runners-and-githubcom)." \ No newline at end of file diff --git a/data/reusables/actions/self-hosted-runner-ports-protocols.md b/data/reusables/actions/self-hosted-runner-ports-protocols.md index 57f16b0906..d81e3706fb 100644 --- a/data/reusables/actions/self-hosted-runner-ports-protocols.md +++ b/data/reusables/actions/self-hosted-runner-ports-protocols.md @@ -1 +1,3 @@ -Self-hosted runners must be able to communicate with {% ifversion ghae %}your enterprise on {% data variables.product.product_name %}{% elsif fpt or ghec or ghes %}{% data variables.product.product_location %}{% endif %} over HTTP (port 80) and HTTPS (port 443). +{% ifversion ghes or ghae %} +The connection between self-hosted runners and {% data variables.product.product_name %} is over {% ifversion ghes %}HTTP (port 80) or {% endif %}HTTPS (port 443). {% ifversion ghes %}To ensure connectivity over HTTPS, configure TLS for {% data variables.product.product_location %}. For more information, see "[Configuring TLS](/admin/configuration/configuring-network-settings/configuring-tls)."{% endif %} +{% endif %} diff --git a/data/reusables/code-scanning/alert-default-branch.md b/data/reusables/code-scanning/alert-default-branch.md new file mode 100644 index 0000000000..c6a6029e70 --- /dev/null +++ b/data/reusables/code-scanning/alert-default-branch.md @@ -0,0 +1 @@ +The status and details on the alert page only reflect the state of the alert on the default branch of the repository, even if the alert exists in other branches. You can see the status of the alert on non-default branches in the **Affected branches** section on the right-hand side of the alert page. If an alert doesn't exist in the default branch, the status of the alert will display as "in pull request" or "in branch" and will be colored grey. \ No newline at end of file diff --git a/data/reusables/code-scanning/beta.md b/data/reusables/code-scanning/beta.md index d8c203c722..ecb5dc9480 100644 --- a/data/reusables/code-scanning/beta.md +++ b/data/reusables/code-scanning/beta.md @@ -1,4 +1,8 @@ -{% ifversion ghae %} +{% ifversion ghae-issue-5752 %} + + + +{% elsif ghae %} {% note %} diff --git a/data/reusables/code-scanning/filter-non-default-branches.md b/data/reusables/code-scanning/filter-non-default-branches.md new file mode 100644 index 0000000000..4df28a76d5 --- /dev/null +++ b/data/reusables/code-scanning/filter-non-default-branches.md @@ -0,0 +1 @@ +Please note that if you have filtered for alerts on a non-default branch, but the same alerts exist on the default branch, the alert page for any given alert will still only reflect the alert's status on the default branch, even if that status conflicts with the status on a non-default branch. For example, an alert that appears in the "Open" list in the summary of alerts for `branch-x` could show a status of "Fixed" on the alert page, if the alert is already fixed on the default branch. You can view the status of the alert for the branch you filtered on in the **Affected branches** section on the right side of the alert page. \ No newline at end of file diff --git a/data/reusables/dependabot/private-dependencies-note.md b/data/reusables/dependabot/private-dependencies-note.md index c3b22f4515..8b8c034cbc 100644 --- a/data/reusables/dependabot/private-dependencies-note.md +++ b/data/reusables/dependabot/private-dependencies-note.md @@ -1 +1 @@ -When running security or version updates, some ecosystems must be able to resolve all dependencies from their source to verify that updates have been successful. If your manifest or lock files contain any private dependencies, {% data variables.product.prodname_dependabot %} must be able to access the location at which those dependencies are hosted. Organization owners can grant {% data variables.product.prodname_dependabot %} access to private repositories containing dependencies for a project within the same organization. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)." You can configure access to private registries in a repository's _dependabot.yml_ configuration file. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." +When running security or version updates, some ecosystems must be able to resolve all dependencies from their source to verify that updates have been successful. If your manifest or lock files contain any private dependencies, {% data variables.product.prodname_dependabot %} must be able to access the location at which those dependencies are hosted. Organization owners can grant {% data variables.product.prodname_dependabot %} access to private repositories containing dependencies for a project within the same organization. For more information, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)." You can configure access to private registries in a repository's _dependabot.yml_ configuration file. For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." diff --git a/data/reusables/dependabot/result-discrepancy.md b/data/reusables/dependabot/result-discrepancy.md new file mode 100644 index 0000000000..241548122b --- /dev/null +++ b/data/reusables/dependabot/result-discrepancy.md @@ -0,0 +1 @@ +The results of dependency detection reported by {% data variables.product.product_name %} may be different from the results returned by other tools. There are good reasons for this and it's helpful to understand how {% data variables.product.prodname_dotcom %} determines dependencies for your project. diff --git a/data/reusables/enterprise/test-in-staging.md b/data/reusables/enterprise/test-in-staging.md new file mode 100644 index 0000000000..94eede5d3c --- /dev/null +++ b/data/reusables/enterprise/test-in-staging.md @@ -0,0 +1 @@ +{% data variables.product.company_short %} strongly recommends that you verify any new configuration for authentication in a staging environment. An incorrect configuration could result in downtime for {% data variables.product.product_location %}. For more information, see "[Setting up a staging instance](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)." diff --git a/data/reusables/repositories/github-reviews-security-advisories.md b/data/reusables/repositories/github-reviews-security-advisories.md index cf870a9e65..23dfa68dc7 100644 --- a/data/reusables/repositories/github-reviews-security-advisories.md +++ b/data/reusables/repositories/github-reviews-security-advisories.md @@ -1,3 +1,3 @@ {% data variables.product.prodname_dotcom %} will review each published security advisory, add it to the {% data variables.product.prodname_advisory_database %}, and may use the security advisory to send {% data variables.product.prodname_dependabot_alerts %} to affected repositories. If the security advisory comes from a fork, we'll only send an alert if the fork owns a package, published under a unique name, on a public package registry. This process can take up to 72 hours and {% data variables.product.prodname_dotcom %} may contact you for more information. -For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-dependabot-security-updates)." For more information about {% data variables.product.prodname_advisory_database %}, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)." +For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-dependabot-security-updates)." For more information about {% data variables.product.prodname_advisory_database %}, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)." diff --git a/data/reusables/repositories/security-alert-delivery-options.md b/data/reusables/repositories/security-alert-delivery-options.md index 35ab3f8fef..5c2d9404e4 100644 --- a/data/reusables/repositories/security-alert-delivery-options.md +++ b/data/reusables/repositories/security-alert-delivery-options.md @@ -1,3 +1,3 @@ {% ifversion not ghae %} -If your repository has a supported dependency manifest{% ifversion fpt or ghec %} (and if you've set up the dependency graph if it's a private repository){% endif %}, whenever {% data variables.product.product_name %} detects a vulnerable dependency in your repository, you will receive a weekly digest email. You can also configure your security alerts as web notifications, individual email notifications, daily email digests, or alerts in the {% data variables.product.product_name %} interface. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +If your repository has a supported dependency manifest{% ifversion fpt or ghec %} (and if you've set up the dependency graph if it's a private repository){% endif %}, whenever {% data variables.product.product_name %} detects a vulnerable dependency in your repository, you will receive a weekly digest email. You can also configure your security alerts as web notifications, individual email notifications, daily email digests, or alerts in the {% data variables.product.product_name %} interface. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." {% endif %} diff --git a/data/reusables/rest-reference/actions/cache.md b/data/reusables/rest-reference/actions/cache.md new file mode 100644 index 0000000000..6f735ae59c --- /dev/null +++ b/data/reusables/rest-reference/actions/cache.md @@ -0,0 +1,3 @@ +## Cache + +The cache API allows you to query and manage the {% data variables.product.prodname_actions %} cache for repositories. For more information, see "[Caching dependencies to speed up workflows](/actions/advanced-guides/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy)." \ No newline at end of file diff --git a/data/reusables/rest-reference/deployments/keys.md b/data/reusables/rest-reference/deploy_keys/deploy_keys.md similarity index 94% rename from data/reusables/rest-reference/deployments/keys.md rename to data/reusables/rest-reference/deploy_keys/deploy_keys.md index 52e0735aa4..008b8ba133 100644 --- a/data/reusables/rest-reference/deployments/keys.md +++ b/data/reusables/rest-reference/deploy_keys/deploy_keys.md @@ -1,5 +1,3 @@ -## Deploy keys - {% data reusables.repositories.deploy-keys %} Deploy keys can either be setup using the following API endpoints, or by using GitHub. To learn how to set deploy keys up in GitHub, see "[Managing deploy keys](/developers/overview/managing-deploy-keys)." \ No newline at end of file diff --git a/data/reusables/rest-reference/packages/packages.md b/data/reusables/rest-reference/packages/packages.md index 32c478f7c8..87c94f8857 100644 --- a/data/reusables/rest-reference/packages/packages.md +++ b/data/reusables/rest-reference/packages/packages.md @@ -1,4 +1,4 @@ -The {% data variables.product.prodname_registry %} API enables you to manage packages using the REST API. To learn more about restoring or deleting packages, see "[Restoring and deleting packages](/packages/learn-github-packages/deleting-and-restoring-a-package)." +The {% data variables.product.prodname_registry %} API enables you to manage packages using the REST API.{% ifversion fpt or ghec or ghes > 3.1 or ghae %} To learn more about restoring or deleting packages, see "[Restoring and deleting packages](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} To use this API, you must authenticate using a personal access token. - To access package metadata, your token must include the `read:packages` scope. diff --git a/data/reusables/secret-scanning/beta.md b/data/reusables/secret-scanning/beta.md index b42386fada..30ec5c2ce6 100644 --- a/data/reusables/secret-scanning/beta.md +++ b/data/reusables/secret-scanning/beta.md @@ -1,4 +1,9 @@ -{% ifversion ghae %} +{% ifversion ghae-issue-5752 %} + + + +{% elsif ghae %} + {% note %} **Note:** {% data variables.product.prodname_secret_scanning_caps %} for organization-owned repositories is currently in beta and subject to change. diff --git a/data/reusables/secret-scanning/partner-secret-list-public-repo.md b/data/reusables/secret-scanning/partner-secret-list-public-repo.md index 87d68a1614..7bf2691f9b 100644 --- a/data/reusables/secret-scanning/partner-secret-list-public-repo.md +++ b/data/reusables/secret-scanning/partner-secret-list-public-repo.md @@ -58,6 +58,7 @@ MessageBird | MessageBird API Key Meta | Facebook Access Token npm | npm Access Token NuGet | NuGet API Key +Octopus Deploy | Octopus Deploy API Key OpenAI | OpenAI API Key Palantir | Palantir JSON Web Token PlanetScale | PlanetScale Database Password diff --git a/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md b/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md index bf2b01e473..3dcba9b58d 100644 --- a/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md +++ b/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md @@ -1 +1 @@ -Activity related to security vulnerability alerts in a repository. {% data reusables.webhooks.action_type_desc %} For more information, see the "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)". +Activity related to security vulnerability alerts in a repository. {% data reusables.webhooks.action_type_desc %} For more information, see the "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)". diff --git a/data/ui.yml b/data/ui.yml index 38fa911b1e..852e0c769e 100644 --- a/data/ui.yml +++ b/data/ui.yml @@ -113,6 +113,8 @@ products: notes: Notes parameters: Parameters response: Response + error_codes: Error Codes + http_status_code: HTTP Status Code code_sample: Code sample code_samples: Code samples preview_notice: Preview notice diff --git a/data/variables/release_candidate.yml b/data/variables/release_candidate.yml index 2352b83fd1..026d2f7e61 100644 --- a/data/variables/release_candidate.yml +++ b/data/variables/release_candidate.yml @@ -1 +1 @@ -version: enterprise-server@3.4 +version: '' diff --git a/docker-compose.prod.tmpl.yaml b/docker-compose.prod.tmpl.yaml index a9d84b73da..d447edd1a1 100644 --- a/docker-compose.prod.tmpl.yaml +++ b/docker-compose.prod.tmpl.yaml @@ -17,6 +17,7 @@ services: ENABLED_LANGUAGES: ${ENABLED_LANGUAGES} DEPLOYMENT_ENV: ${DEPLOYMENT_ENV} RATE_LIMIT_MAX: ${RATE_LIMIT_MAX} + SLOW_DOWN_MAX: ${SLOW_DOWN_MAX} HEROKU_PRODUCTION_APP: true PORT: 4000 DD_AGENT_HOST: datadog-agent diff --git a/jest.config.js b/jest.config.js index 6b0e3458c1..7e320cd0dc 100644 --- a/jest.config.js +++ b/jest.config.js @@ -41,4 +41,6 @@ module.exports = { ], testMatch: ['**/tests/**/*.js'], testLocationInResults: isActions, + globalSetup: './script/start-server-for-jest.mjs', + globalTeardown: './script/kill-server-for-jest.mjs', } diff --git a/lib/frontmatter.js b/lib/frontmatter.js index 5f8a673ad6..0d14fabc2f 100644 --- a/lib/frontmatter.js +++ b/lib/frontmatter.js @@ -181,7 +181,18 @@ export const schema = { // Tool-specific content preference defaultTool: { type: 'string', - enum: ['webui', 'cli', 'desktop', 'curl', 'codespaces', 'vscode', 'importer_cli', 'graphql'], + enum: [ + 'webui', + 'cli', + 'desktop', + 'curl', + 'codespaces', + 'vscode', + 'importer_cli', + 'graphql', + 'powershell', + 'bash', + ], }, // Documentation contributed by a third party, such as a GitHub Partner contributor: { diff --git a/lib/liquid-tags/extended-markdown.js b/lib/liquid-tags/extended-markdown.js index 507b8b83c2..20eec54659 100644 --- a/lib/liquid-tags/extended-markdown.js +++ b/lib/liquid-tags/extended-markdown.js @@ -10,6 +10,8 @@ export const tags = { vscode: '', importer_cli: '', graphql: '', + powershell: '', + bash: '', all: '', tip: 'border rounded-1 mb-4 p-3 color-border-accent-emphasis color-bg-accent f5', note: 'border rounded-1 mb-4 p-3 color-border-accent-emphasis color-bg-accent f5', diff --git a/lib/page.js b/lib/page.js index 0041c699ab..6e66b4f02e 100644 --- a/lib/page.js +++ b/lib/page.js @@ -294,6 +294,8 @@ class Page { 'vscode', `importer_cli`, `graphql`, + 'powershell', + 'bash', ].filter((tool) => html.includes(`extended-markdown ${tool}`) || html.includes(`tool-${tool}`)) this.includesToolSpecificContent = this.detectedTools.length > 0 diff --git a/lib/redirects/static/client-side-rest-api-redirects.json b/lib/redirects/static/client-side-rest-api-redirects.json index 66f496b36a..8942c8e74c 100644 --- a/lib/redirects/static/client-side-rest-api-redirects.json +++ b/lib/redirects/static/client-side-rest-api-redirects.json @@ -25,10 +25,16 @@ "/rest/reference/repos#list-repository-invitations": "/rest/reference/collaborators#list-repository-invitations", "/rest/reference/repos#update-a-repository-invitation": "/rest/reference/collaborators#update-a-repository-invitation", "/rest/reference/repos#delete-a-repository-invitation": "/rest/reference/collaborators#delete-a-repository-invitation", - "/rest/reference/repos#list-deploy-keys": "/rest/reference/deployments#list-deploy-keys", - "/rest/reference/repos#create-a-deploy-key": "/rest/reference/deployments#create-a-deploy-key", - "/rest/reference/repos#get-a-deploy-key": "/rest/reference/deployments#get-a-deploy-key", - "/rest/reference/repos#delete-a-deploy-key": "/rest/reference/deployments#delete-a-deploy-key", + "/rest/reference/repos#list-deploy-keys": "/rest/reference/deploy_keys#list-deploy-keys", + "/rest/reference/repos#create-a-deploy-key": "/rest/reference/deploy_keys#create-a-deploy-key", + "/rest/reference/repos#get-a-deploy-key": "/rest/reference/deploy_keys#get-a-deploy-key", + "/rest/reference/repos#delete-a-deploy-key": "/rest/reference/deploy_keys#delete-a-deploy-key", + "/rest/reference/repos#deploy-keys": "/rest/reference/deploy_keys", + "/rest/reference/deployments#list-deploy-keys": "/rest/reference/deploy_keys#list-deploy-keys", + "/rest/reference/deployments#create-a-deploy-key": "/rest/reference/deploy_keys#create-a-deploy-key", + "/rest/reference/deployments#get-a-deploy-key": "/rest/reference/deploy_keys#get-a-deploy-key", + "/rest/reference/deployments#delete-a-deploy-key": "/rest/reference/deploy_keys#delete-a-deploy-key", + "/rest/reference/deployments#deploy-keys": "/rest/reference/deploy_keys", "/rest/reference/repos#get-a-github-pages-site": "/rest/reference/pages#get-a-github-pages-site", "/rest/reference/repos#create-a-github-pages-site": "/rest/reference/pages#create-a-github-pages-site", "/rest/reference/repos#update-information-about-a-github-pages-site": "/rest/reference/pages#update-information-about-a-github-pages-site", diff --git a/lib/rest/static/apps/enabled-for-apps.json b/lib/rest/static/apps/enabled-for-apps.json index b535855212..2f66e77dc8 100644 --- a/lib/rest/static/apps/enabled-for-apps.json +++ b/lib/rest/static/apps/enabled-for-apps.json @@ -1,6 +1,21 @@ { "api.github.com": { "actions": [ + { + "slug": "get-github-actions-cache-usage-for-an-enterprise", + "verb": "get", + "requestPath": "/enterprises/{enterprise}/actions/cache/usage" + }, + { + "slug": "get-github-actions-cache-usage-for-an-organization", + "verb": "get", + "requestPath": "/orgs/{org}/actions/cache/usage" + }, + { + "slug": "list-repositories-with-github-actions-cache-usage-for-an-organization", + "verb": "get", + "requestPath": "/orgs/{org}/actions/cache/usage-by-repository" + }, { "slug": "get-github-actions-permissions-for-an-organization", "verb": "get", @@ -236,6 +251,11 @@ "verb": "get", "requestPath": "/repos/{owner}/{repo}/actions/artifacts/{artifact_id}/{archive_format}" }, + { + "slug": "get-github-actions-cache-usage-for-a-repository", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/actions/cache/usage" + }, { "slug": "get-a-job-for-a-workflow-run", "verb": "get", @@ -246,6 +266,11 @@ "verb": "get", "requestPath": "/repos/{owner}/{repo}/actions/jobs/{job_id}/logs" }, + { + "slug": "re-run-a-job-from-a-workflow-run", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/actions/jobs/{job_id}/rerun" + }, { "slug": "get-github-actions-permissions-for-a-repository", "verb": "get", @@ -406,6 +431,11 @@ "verb": "post", "requestPath": "/repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments" }, + { + "slug": "re-run-failed-jobs-from-a-workflow-run", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/actions/runs/{run_id}/rerun-failed-jobs" + }, { "slug": "list-repository-secrets", "verb": "get", @@ -1103,6 +1133,28 @@ "requestPath": "/repos/{owner}/{repo}/dependabot/secrets/{secret_name}" } ], + "deploy_keys": [ + { + "slug": "list-deploy-keys", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys" + }, + { + "slug": "create-a-deploy-key", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/keys" + }, + { + "slug": "get-a-deploy-key", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" + }, + { + "slug": "delete-a-deploy-key", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" + } + ], "deployments": [ { "slug": "list-deployments", @@ -1158,26 +1210,6 @@ "slug": "delete-an-environment", "verb": "delete", "requestPath": "/repos/{owner}/{repo}/environments/{environment_name}" - }, - { - "slug": "list-deploy-keys", - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys" - }, - { - "slug": "create-a-deploy-key", - "verb": "post", - "requestPath": "/repos/{owner}/{repo}/keys" - }, - { - "slug": "get-a-deploy-key", - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" - }, - { - "slug": "delete-a-deploy-key", - "verb": "delete", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" } ], "emojis": [ @@ -3938,6 +3970,28 @@ "requestPath": "/repos/{owner}/{repo}/statuses/{sha}" } ], + "deploy_keys": [ + { + "slug": "list-deploy-keys", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys" + }, + { + "slug": "create-a-deploy-key", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/keys" + }, + { + "slug": "get-a-deploy-key", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" + }, + { + "slug": "delete-a-deploy-key", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" + } + ], "deployments": [ { "slug": "list-deployments", @@ -3973,26 +4027,6 @@ "slug": "get-a-deployment-status", "verb": "get", "requestPath": "/repos/{owner}/{repo}/deployments/{deployment_id}/statuses/{status_id}" - }, - { - "slug": "list-deploy-keys", - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys" - }, - { - "slug": "create-a-deploy-key", - "verb": "post", - "requestPath": "/repos/{owner}/{repo}/keys" - }, - { - "slug": "get-a-deploy-key", - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" - }, - { - "slug": "delete-a-deploy-key", - "verb": "delete", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" } ], "emojis": [ @@ -6441,6 +6475,28 @@ "requestPath": "/repos/{owner}/{repo}/statuses/{sha}" } ], + "deploy_keys": [ + { + "slug": "list-deploy-keys", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys" + }, + { + "slug": "create-a-deploy-key", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/keys" + }, + { + "slug": "get-a-deploy-key", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" + }, + { + "slug": "delete-a-deploy-key", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" + } + ], "deployments": [ { "slug": "list-deployments", @@ -6496,26 +6552,6 @@ "slug": "delete-an-environment", "verb": "delete", "requestPath": "/repos/{owner}/{repo}/environments/{environment_name}" - }, - { - "slug": "list-deploy-keys", - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys" - }, - { - "slug": "create-a-deploy-key", - "verb": "post", - "requestPath": "/repos/{owner}/{repo}/keys" - }, - { - "slug": "get-a-deploy-key", - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" - }, - { - "slug": "delete-a-deploy-key", - "verb": "delete", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" } ], "emojis": [ @@ -9019,6 +9055,28 @@ "requestPath": "/repos/{owner}/{repo}/statuses/{sha}" } ], + "deploy_keys": [ + { + "slug": "list-deploy-keys", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys" + }, + { + "slug": "create-a-deploy-key", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/keys" + }, + { + "slug": "get-a-deploy-key", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" + }, + { + "slug": "delete-a-deploy-key", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" + } + ], "deployments": [ { "slug": "list-deployments", @@ -9074,26 +9132,6 @@ "slug": "delete-an-environment", "verb": "delete", "requestPath": "/repos/{owner}/{repo}/environments/{environment_name}" - }, - { - "slug": "list-deploy-keys", - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys" - }, - { - "slug": "create-a-deploy-key", - "verb": "post", - "requestPath": "/repos/{owner}/{repo}/keys" - }, - { - "slug": "get-a-deploy-key", - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" - }, - { - "slug": "delete-a-deploy-key", - "verb": "delete", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" } ], "emojis": [ @@ -11761,6 +11799,28 @@ "requestPath": "/repos/{owner}/{repo}/dependabot/secrets/{secret_name}" } ], + "deploy_keys": [ + { + "slug": "list-deploy-keys", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys" + }, + { + "slug": "create-a-deploy-key", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/keys" + }, + { + "slug": "get-a-deploy-key", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" + }, + { + "slug": "delete-a-deploy-key", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" + } + ], "deployments": [ { "slug": "list-deployments", @@ -11816,26 +11876,6 @@ "slug": "delete-an-environment", "verb": "delete", "requestPath": "/repos/{owner}/{repo}/environments/{environment_name}" - }, - { - "slug": "list-deploy-keys", - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys" - }, - { - "slug": "create-a-deploy-key", - "verb": "post", - "requestPath": "/repos/{owner}/{repo}/keys" - }, - { - "slug": "get-a-deploy-key", - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" - }, - { - "slug": "delete-a-deploy-key", - "verb": "delete", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" } ], "emojis": [ @@ -14290,6 +14330,28 @@ "requestPath": "/repos/{owner}/{repo}/statuses/{sha}" } ], + "deploy_keys": [ + { + "slug": "list-deploy-keys", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys" + }, + { + "slug": "create-a-deploy-key", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/keys" + }, + { + "slug": "get-a-deploy-key", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" + }, + { + "slug": "delete-a-deploy-key", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" + } + ], "deployments": [ { "slug": "list-deployments", @@ -14325,26 +14387,6 @@ "slug": "get-a-deployment-status", "verb": "get", "requestPath": "/repos/{owner}/{repo}/deployments/{deployment_id}/statuses/{status_id}" - }, - { - "slug": "list-deploy-keys", - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys" - }, - { - "slug": "create-a-deploy-key", - "verb": "post", - "requestPath": "/repos/{owner}/{repo}/keys" - }, - { - "slug": "get-a-deploy-key", - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" - }, - { - "slug": "delete-a-deploy-key", - "verb": "delete", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}" } ], "emojis": [ diff --git a/lib/rest/static/decorated/api.github.com.json b/lib/rest/static/decorated/api.github.com.json index ae93a9b95f..795ddd5c20 100644 --- a/lib/rest/static/decorated/api.github.com.json +++ b/lib/rest/static/decorated/api.github.com.json @@ -359,6 +359,218 @@ ] } ], + "cache": [ + { + "verb": "get", + "requestPath": "/enterprises/{enterprise}/actions/cache/usage", + "parameters": [ + { + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/enterprises/ENTERPRISE/actions/cache/usage" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /enterprises/{enterprise}/actions/cache/usage', {\n enterprise: 'enterprise'\n})" + } + ], + "summary": "Get GitHub Actions cache usage for an enterprise", + "x-github": { + "enabledForGitHubApps": true, + "category": "actions", + "subcategory": "cache" + }, + "slug": "get-github-actions-cache-usage-for-an-enterprise", + "category": "actions", + "subcategory": "cache", + "notes": [], + "bodyParameters": [], + "descriptionHTML": "

Gets the total GitHub Actions cache usage for an enterprise.\nThe data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.\nYou must authenticate using an access token with the admin:enterprise scope to use this endpoint.

", + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "{\n \"total_active_caches_size_in_bytes\": 3344284,\n \"total_active_caches_count\": 5\n}" + } + ] + }, + { + "verb": "get", + "requestPath": "/orgs/{org}/actions/cache/usage", + "parameters": [ + { + "name": "org", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/orgs/ORG/actions/cache/usage" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /orgs/{org}/actions/cache/usage', {\n org: 'org'\n})" + } + ], + "summary": "Get GitHub Actions cache usage for an organization", + "x-github": { + "enabledForGitHubApps": true, + "category": "actions", + "subcategory": "cache" + }, + "slug": "get-github-actions-cache-usage-for-an-organization", + "category": "actions", + "subcategory": "cache", + "notes": [], + "bodyParameters": [], + "descriptionHTML": "

Gets the total GitHub Actions cache usage for an organization.\nThe data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.\nYou must authenticate using an access token with the read:org scope to use this endpoint. GitHub Apps must have the organization_admistration:read permission to use this endpoint.

", + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "{\n \"total_active_caches_size_in_bytes\": 3344284,\n \"total_active_caches_count\": 5\n}" + } + ] + }, + { + "verb": "get", + "requestPath": "/orgs/{org}/actions/cache/usage-by-repository", + "parameters": [ + { + "name": "org", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "per_page", + "description": "Results per page (max 100)", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + }, + "descriptionHTML": "

Results per page (max 100)

" + }, + { + "name": "page", + "description": "Page number of the results to fetch.", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + }, + "descriptionHTML": "

Page number of the results to fetch.

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/orgs/ORG/actions/cache/usage-by-repository" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /orgs/{org}/actions/cache/usage-by-repository', {\n org: 'org'\n})" + } + ], + "summary": "List repositories with GitHub Actions cache usage for an organization", + "x-github": { + "enabledForGitHubApps": true, + "category": "actions", + "subcategory": "cache" + }, + "slug": "list-repositories-with-github-actions-cache-usage-for-an-organization", + "category": "actions", + "subcategory": "cache", + "notes": [], + "bodyParameters": [], + "descriptionHTML": "

Lists repositories and their GitHub Actions cache usage for an organization.\nThe data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.\nYou must authenticate using an access token with the read:org scope to use this endpoint. GitHub Apps must have the organization_admistration:read permission to use this endpoint.

", + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "{\n \"total_count\": 2,\n \"repository_cache_usages\": [\n {\n \"full_name\": \"octo-org/Hello-World\",\n \"active_caches_size_in_bytes\": 2322142,\n \"active_caches_count\": 3\n },\n {\n \"full_name\": \"octo-org/server\",\n \"active_caches_size_in_bytes\": 1022142,\n \"active_caches_count\": 2\n }\n ]\n}" + } + ] + }, + { + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/actions/cache/usage", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/repos/octocat/hello-world/actions/cache/usage" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /repos/{owner}/{repo}/actions/cache/usage', {\n owner: 'octocat',\n repo: 'hello-world'\n})" + } + ], + "summary": "Get GitHub Actions cache usage for a repository", + "x-github": { + "enabledForGitHubApps": true, + "category": "actions", + "subcategory": "cache" + }, + "slug": "get-github-actions-cache-usage-for-a-repository", + "category": "actions", + "subcategory": "cache", + "notes": [], + "bodyParameters": [], + "descriptionHTML": "

Gets GitHub Actions cache usage for a repository.\nThe data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.\nAnyone with read access to the repository can use this endpoint. If the repository is private, you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

", + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "{\n \"full_name\": \"octo-org/Hello-World\",\n \"active_caches_size_in_bytes\": 2322142,\n \"active_caches_count\": 3\n}" + } + ] + } + ], "permissions": [ { "verb": "get", @@ -8613,6 +8825,74 @@ } ], "workflow-runs": [ + { + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/actions/jobs/{job_id}/rerun", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "job_id", + "description": "job_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

job_id parameter

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/repos/octocat/hello-world/actions/jobs/42/rerun" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('POST /repos/{owner}/{repo}/actions/jobs/{job_id}/rerun', {\n owner: 'octocat',\n repo: 'hello-world',\n job_id: 42\n})" + } + ], + "summary": "Re-run a job from a workflow run", + "x-github": { + "enabledForGitHubApps": true, + "category": "actions", + "subcategory": "workflow-runs" + }, + "slug": "re-run-a-job-from-a-workflow-run", + "category": "actions", + "subcategory": "workflow-runs", + "notes": [], + "bodyParameters": [], + "descriptionHTML": "

Re-run a job and its dependent jobs in a workflow run. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.

", + "responses": [ + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "

Response

" + }, + { + "httpStatusCode": "403", + "httpStatusMessage": "Forbidden", + "description": "

Forbidden

" + } + ] + }, { "verb": "get", "requestPath": "/repos/{owner}/{repo}/actions/runs", @@ -9703,6 +9983,69 @@ } ] }, + { + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/actions/runs/{run_id}/rerun-failed-jobs", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "run_id", + "description": "The id of the workflow run.", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

The id of the workflow run.

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/repos/octocat/hello-world/actions/runs/42/rerun-failed-jobs" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('POST /repos/{owner}/{repo}/actions/runs/{run_id}/rerun-failed-jobs', {\n owner: 'octocat',\n repo: 'hello-world',\n run_id: 42\n})" + } + ], + "summary": "Re-run failed jobs from a workflow run", + "x-github": { + "enabledForGitHubApps": true, + "category": "actions", + "subcategory": "workflow-runs" + }, + "slug": "re-run-failed-jobs-from-a-workflow-run", + "category": "actions", + "subcategory": "workflow-runs", + "notes": [], + "bodyParameters": [], + "descriptionHTML": "

Re-run all of the failed jobs and their dependent jobs in a workflow run using the id of the workflow run. You must authenticate using an access token with the repo scope to use this endpoint.

", + "responses": [ + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "

Response

" + } + ] + }, { "verb": "get", "requestPath": "/repos/{owner}/{repo}/actions/runs/{run_id}/timing", @@ -12874,17 +13217,6 @@ } ], "summary": "Create a GitHub App from a manifest", - "requestBody": { - "required": false, - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false - } - } - } - }, "x-github": { "enabledForGitHubApps": false, "category": "apps", @@ -13003,6 +13335,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -13059,6 +13396,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -13109,6 +13451,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -13965,6 +14312,17 @@ ] } } + }, + "examples": { + "default": { + "value": { + "respoitory": "Hello-World", + "permissions": { + "issues": "write", + "contents": "read" + } + } + } } } } @@ -14861,6 +15219,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -14911,6 +15274,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -15358,6 +15726,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -15439,6 +15812,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -15508,6 +15886,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -16167,6 +16550,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -16254,6 +16642,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -16288,6 +16681,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -16307,7 +16707,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" }, { "httpStatusCode": "404", @@ -16344,6 +16744,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -16378,6 +16783,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -16397,7 +16809,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" }, { "httpStatusCode": "422", @@ -16429,6 +16841,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -16516,6 +16933,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -17405,6 +17827,19 @@ "required": [ "access_token" ] + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a", + "target": "octocat", + "permissions": { + "metadata": "read", + "issues": "write", + "contents": "read" + } + } + } } } } @@ -17424,7 +17859,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"installation\": {\n \"permissions\": {\n \"metadata\": \"read\",\n \"issues\": \"write\",\n \"contents\": \"read\"\n },\n \"repository_selection\": \"selected\",\n \"single_file_name\": \".github/workflow.yml\",\n \"repositories_url\": \"https://api.github.com/user/repos\",\n \"account\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"has_multiple_single_files\": false,\n \"single_file_paths\": []\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"installation\": {\n \"permissions\": {\n \"metadata\": \"read\",\n \"issues\": \"write\",\n \"contents\": \"read\"\n },\n \"repository_selection\": \"selected\",\n \"single_file_name\": \".github/workflow.yml\",\n \"repositories_url\": \"https://api.github.com/user/repos\",\n \"account\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"has_multiple_single_files\": false,\n \"single_file_paths\": []\n }\n}" }, { "httpStatusCode": "401", @@ -18421,12 +18856,16 @@ "description": "

Determines whether the SSL certificate of the host for url will be verified when delivering payloads. Supported values include 0 (verification is performed) and 1 (verification is not performed). The default is 0. We strongly recommend not setting this to 1 as you are subject to man-in-the-middle and other attacks.

", "childParamsGroups": [] } - }, - "example": { - "content_type": "json", - "insecure_ssl": "0", - "secret": "********", - "url": "https://example.com/webhook" + } + }, + "examples": { + "default": { + "value": { + "content_type": "json", + "insecure_ssl": "0", + "secret": "********", + "url": "https://example.com/webhook" + } } } } @@ -25795,7 +26234,13 @@ "httpStatusCode": "201", "httpStatusMessage": "Created", "description": "Response for completed conclusion", - "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": \"2018-05-04T01:14:52Z\",\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" + "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"42\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": \"2018-05-04T01:14:52Z\",\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" + }, + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "Response for completed conclusion", + "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"42\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"in_progress\",\n \"conclusion\": null,\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": null,\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" } ], "bodyParameters": [ @@ -29311,8 +29756,12 @@ "head_sha" ] }, - "example": { - "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + "examples": { + "default": { + "value": { + "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + } + } } } } @@ -29331,7 +29780,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

when the suite already existed

", + "description": "

Response when the suite already exists

", "payload": "{\n \"id\": 5,\n \"node_id\": \"MDEwOkNoZWNrU3VpdGU1\",\n \"head_branch\": \"master\",\n \"head_sha\": \"d6fde92930d4715a2b49857d24b940956b26d2d3\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-suites/5\",\n \"before\": \"146e867f55c26428e5f9fade55a9bbf5e95a7912\",\n \"after\": \"d6fde92930d4715a2b49857d24b940956b26d2d3\",\n \"pull_requests\": [],\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"repository\": {\n \"id\": 1296269,\n \"node_id\": \"MDEwOlJlcG9zaXRvcnkxMjk2MjY5\",\n \"name\": \"Hello-World\",\n \"full_name\": \"octocat/Hello-World\",\n \"template_repository\": {\n \"id\": 1296269,\n \"node_id\": \"MDEwOlJlcG9zaXRvcnkxMjk2MjY5\",\n \"name\": \"Hello-World-Template\",\n \"full_name\": \"octocat/Hello-World-Template\",\n \"owner\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"private\": false,\n \"html_url\": \"https://github.com/octocat/Hello-World-Template\",\n \"description\": \"This your first repo!\",\n \"fork\": false,\n \"url\": \"https://api.github.com/repos/octocat/Hello-World-Template\",\n \"archive_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/{archive_format}{/ref}\",\n \"assignees_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/assignees{/user}\",\n \"blobs_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/blobs{/sha}\",\n \"branches_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/branches{/branch}\",\n \"collaborators_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/collaborators{/collaborator}\",\n \"comments_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/comments{/number}\",\n \"commits_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/commits{/sha}\",\n \"compare_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/compare/{base}...{head}\",\n \"contents_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/contents/{+path}\",\n \"contributors_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/contributors\",\n \"deployments_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/deployments\",\n \"downloads_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/downloads\",\n \"events_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/events\",\n \"forks_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/forks\",\n \"git_commits_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/commits{/sha}\",\n \"git_refs_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/refs{/sha}\",\n \"git_tags_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/tags{/sha}\",\n \"git_url\": \"git:github.com/octocat/Hello-World-Template.git\",\n \"issue_comment_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues/comments{/number}\",\n \"issue_events_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues/events{/number}\",\n \"issues_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues{/number}\",\n \"keys_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/keys{/key_id}\",\n \"labels_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/labels{/name}\",\n \"languages_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/languages\",\n \"merges_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/merges\",\n \"milestones_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/milestones{/number}\",\n \"notifications_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/notifications{?since,all,participating}\",\n \"pulls_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/pulls{/number}\",\n \"releases_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/releases{/id}\",\n \"ssh_url\": \"git@github.com:octocat/Hello-World-Template.git\",\n \"stargazers_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/stargazers\",\n \"statuses_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/statuses/{sha}\",\n \"subscribers_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/subscribers\",\n \"subscription_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/subscription\",\n \"tags_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/tags\",\n \"teams_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/teams\",\n \"trees_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/trees{/sha}\",\n \"clone_url\": \"https://github.com/octocat/Hello-World-Template.git\",\n \"mirror_url\": \"git:git.example.com/octocat/Hello-World-Template\",\n \"hooks_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/hooks\",\n \"svn_url\": \"https://svn.github.com/octocat/Hello-World-Template\",\n \"homepage\": \"https://github.com\",\n \"language\": null,\n \"forks\": 9,\n \"forks_count\": 9,\n \"stargazers_count\": 80,\n \"watchers_count\": 80,\n \"watchers\": 80,\n \"size\": 108,\n \"default_branch\": \"master\",\n \"open_issues\": 0,\n \"open_issues_count\": 0,\n \"is_template\": true,\n \"license\": {\n \"key\": \"mit\",\n \"name\": \"MIT License\",\n \"url\": \"https://api.github.com/licenses/mit\",\n \"spdx_id\": \"MIT\",\n \"node_id\": \"MDc6TGljZW5zZW1pdA==\",\n \"html_url\": \"https://api.github.com/licenses/mit\"\n },\n \"topics\": [\n \"octocat\",\n \"atom\",\n \"electron\",\n \"api\"\n ],\n \"has_issues\": true,\n \"has_projects\": true,\n \"has_wiki\": true,\n \"has_pages\": false,\n \"has_downloads\": true,\n \"archived\": false,\n \"disabled\": false,\n \"visibility\": \"public\",\n \"pushed_at\": \"2011-01-26T19:06:43Z\",\n \"created_at\": \"2011-01-26T19:01:12Z\",\n \"updated_at\": \"2011-01-26T19:14:43Z\",\n \"permissions\": {\n \"admin\": false,\n \"push\": false,\n \"pull\": true\n },\n \"allow_rebase_merge\": true,\n \"temp_clone_token\": \"ABTLWHOULUVAXGTRYU7OC2876QJ2O\",\n \"allow_squash_merge\": true,\n \"allow_auto_merge\": false,\n \"delete_branch_on_merge\": true,\n \"allow_merge_commit\": true,\n \"subscribers_count\": 42,\n \"network_count\": 0\n },\n \"owner\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"private\": false,\n \"html_url\": \"https://github.com/octocat/Hello-World\",\n \"description\": \"This your first repo!\",\n \"fork\": false,\n \"url\": \"https://api.github.com/repos/octocat/Hello-World\",\n \"archive_url\": \"https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}\",\n \"assignees_url\": \"https://api.github.com/repos/octocat/Hello-World/assignees{/user}\",\n \"blobs_url\": \"https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}\",\n \"branches_url\": \"https://api.github.com/repos/octocat/Hello-World/branches{/branch}\",\n \"collaborators_url\": \"https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}\",\n \"comments_url\": \"https://api.github.com/repos/octocat/Hello-World/comments{/number}\",\n \"commits_url\": \"https://api.github.com/repos/octocat/Hello-World/commits{/sha}\",\n \"compare_url\": \"https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}\",\n \"contents_url\": \"https://api.github.com/repos/octocat/Hello-World/contents/{+path}\",\n \"contributors_url\": \"https://api.github.com/repos/octocat/Hello-World/contributors\",\n \"deployments_url\": \"https://api.github.com/repos/octocat/Hello-World/deployments\",\n \"downloads_url\": \"https://api.github.com/repos/octocat/Hello-World/downloads\",\n \"events_url\": \"https://api.github.com/repos/octocat/Hello-World/events\",\n \"forks_url\": \"https://api.github.com/repos/octocat/Hello-World/forks\",\n \"git_commits_url\": \"https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}\",\n \"git_refs_url\": \"https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}\",\n \"git_tags_url\": \"https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}\",\n \"git_url\": \"git:github.com/octocat/Hello-World.git\",\n \"issue_comment_url\": \"https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}\",\n \"issue_events_url\": \"https://api.github.com/repos/octocat/Hello-World/issues/events{/number}\",\n \"issues_url\": \"https://api.github.com/repos/octocat/Hello-World/issues{/number}\",\n \"keys_url\": \"https://api.github.com/repos/octocat/Hello-World/keys{/key_id}\",\n \"labels_url\": \"https://api.github.com/repos/octocat/Hello-World/labels{/name}\",\n \"languages_url\": \"https://api.github.com/repos/octocat/Hello-World/languages\",\n \"merges_url\": \"https://api.github.com/repos/octocat/Hello-World/merges\",\n \"milestones_url\": \"https://api.github.com/repos/octocat/Hello-World/milestones{/number}\",\n \"notifications_url\": \"https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}\",\n \"pulls_url\": \"https://api.github.com/repos/octocat/Hello-World/pulls{/number}\",\n \"releases_url\": \"https://api.github.com/repos/octocat/Hello-World/releases{/id}\",\n \"ssh_url\": \"git@github.com:octocat/Hello-World.git\",\n \"stargazers_url\": \"https://api.github.com/repos/octocat/Hello-World/stargazers\",\n \"statuses_url\": \"https://api.github.com/repos/octocat/Hello-World/statuses/{sha}\",\n \"subscribers_url\": \"https://api.github.com/repos/octocat/Hello-World/subscribers\",\n \"subscription_url\": \"https://api.github.com/repos/octocat/Hello-World/subscription\",\n \"tags_url\": \"https://api.github.com/repos/octocat/Hello-World/tags\",\n \"teams_url\": \"https://api.github.com/repos/octocat/Hello-World/teams\",\n \"trees_url\": \"https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}\",\n \"clone_url\": \"https://github.com/octocat/Hello-World.git\",\n \"mirror_url\": \"git:git.example.com/octocat/Hello-World\",\n \"hooks_url\": \"https://api.github.com/repos/octocat/Hello-World/hooks\",\n \"svn_url\": \"https://svn.github.com/octocat/Hello-World\",\n \"homepage\": \"https://github.com\",\n \"language\": null,\n \"forks_count\": 9,\n \"stargazers_count\": 80,\n \"watchers_count\": 80,\n \"size\": 108,\n \"default_branch\": \"master\",\n \"open_issues_count\": 0,\n \"is_template\": false,\n \"topics\": [\n \"octocat\",\n \"atom\",\n \"electron\",\n \"api\"\n ],\n \"has_issues\": true,\n \"has_projects\": true,\n \"has_wiki\": true,\n \"has_pages\": false,\n \"has_downloads\": true,\n \"archived\": false,\n \"disabled\": false,\n \"visibility\": \"public\",\n \"pushed_at\": \"2011-01-26T19:06:43Z\",\n \"created_at\": \"2011-01-26T19:01:12Z\",\n \"updated_at\": \"2011-01-26T19:14:43Z\",\n \"permissions\": {\n \"admin\": false,\n \"push\": false,\n \"pull\": true\n },\n \"temp_clone_token\": \"ABTLWHOULUVAXGTRYU7OC2876QJ2O\",\n \"delete_branch_on_merge\": true,\n \"subscribers_count\": 42,\n \"network_count\": 0\n },\n \"head_commit\": {\n \"id\": \"7fd1a60b01f91b314f59955a4e4d4e80d8edf11d\",\n \"tree_id\": \"7fd1a60b01f91b314f59955a4e4d4e80d8edf11d\",\n \"message\": \"Merge pull request #6 from Spaceghost/patch-1\\n\\nNew line at end of file.\",\n \"timestamp\": \"2016-10-10T00:00:00Z\",\n \"author\": {\n \"name\": \"The Octocat\",\n \"email\": \"octocat@nowhere.com\"\n },\n \"committer\": {\n \"name\": \"The Octocat\",\n \"email\": \"octocat@nowhere.com\"\n }\n },\n \"latest_check_runs_count\": 1,\n \"check_runs_url\": \"https://api.github.com/repos/octocat/Hello-World/check-suites/5/check-runs\"\n}" }, { @@ -31367,9 +31816,13 @@ } } }, - "example": { - "repository_id": 1, - "ref": "main" + "examples": { + "default": { + "value": { + "repository_id": 1, + "ref": "main" + } + } } } } @@ -31568,9 +32021,13 @@ } } }, - "example": { - "repository_id": 1, - "ref": "main" + "examples": { + "default": { + "value": { + "repository_id": 1, + "ref": "main" + } + } } } } @@ -32008,10 +32465,14 @@ } ] }, - "example": { - "repository_id": 1, - "ref": "main", - "location": "WestUs2" + "examples": { + "default": { + "value": { + "repository_id": 1, + "ref": "main", + "location": "WestUs2" + } + } } } } @@ -36967,6 +37428,350 @@ } ] }, + "deploy_keys": { + "deploy_keys": [ + { + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "per_page", + "description": "Results per page (max 100)", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + }, + "descriptionHTML": "

Results per page (max 100)

" + }, + { + "name": "page", + "description": "Page number of the results to fetch.", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + }, + "descriptionHTML": "

Page number of the results to fetch.

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/repos/octocat/hello-world/keys" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world'\n})" + } + ], + "summary": "List deploy keys", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "list-deploy-keys", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "", + "bodyParameters": [], + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "[\n {\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n }\n]" + } + ] + }, + { + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/keys", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/repos/octocat/hello-world/keys \\\n -d '{\"key\":\"key\"}'" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('POST /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world',\n key: 'key'\n})" + } + ], + "summary": "Create a deploy key", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "title": { + "type": "string", + "description": "

A name for the key.

", + "name": "title", + "in": "body", + "rawType": "string", + "rawDescription": "A name for the key.", + "childParamsGroups": [] + }, + "key": { + "type": "string", + "description": "

Required. The contents of the key.

", + "name": "key", + "in": "body", + "rawType": "string", + "rawDescription": "The contents of the key.", + "childParamsGroups": [] + }, + "read_only": { + "type": "boolean", + "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", + "name": "read_only", + "in": "body", + "rawType": "boolean", + "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", + "childParamsGroups": [] + } + }, + "required": [ + "key" + ] + }, + "example": { + "title": "octocat@octomac", + "key": "ssh-rsa AAA...", + "read_only": true + } + } + } + }, + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "create-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "

You can create a read-only deploy key.

", + "responses": [ + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "

Response

", + "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" + }, + { + "httpStatusCode": "422", + "httpStatusMessage": "Unprocessable Entity", + "description": "

Validation failed

" + } + ], + "bodyParameters": [ + { + "type": "string", + "description": "

A name for the key.

", + "name": "title", + "in": "body", + "rawType": "string", + "rawDescription": "A name for the key.", + "childParamsGroups": [] + }, + { + "type": "string", + "description": "

Required. The contents of the key.

", + "name": "key", + "in": "body", + "rawType": "string", + "rawDescription": "The contents of the key.", + "childParamsGroups": [] + }, + { + "type": "boolean", + "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", + "name": "read_only", + "in": "body", + "rawType": "boolean", + "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", + "childParamsGroups": [] + } + ] + }, + { + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "key_id", + "description": "key_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

key_id parameter

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/repos/octocat/hello-world/keys/42" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" + } + ], + "summary": "Get a deploy key", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "get-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "", + "bodyParameters": [], + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" + }, + { + "httpStatusCode": "404", + "httpStatusMessage": "Not Found", + "description": "

Resource not found

" + } + ] + }, + { + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "key_id", + "description": "key_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

key_id parameter

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X DELETE \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/repos/octocat/hello-world/keys/42" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('DELETE /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" + } + ], + "summary": "Delete a deploy key", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "delete-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "bodyParameters": [], + "descriptionHTML": "

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

", + "responses": [ + { + "httpStatusCode": "204", + "httpStatusMessage": "No Content", + "description": "

Response

" + } + ] + } + ] + }, "deployments": { "deployments": [ { @@ -38087,348 +38892,6 @@ ] } ], - "keys": [ - { - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "per_page", - "description": "Results per page (max 100)", - "in": "query", - "schema": { - "type": "integer", - "default": 30 - }, - "descriptionHTML": "

Results per page (max 100)

" - }, - { - "name": "page", - "description": "Page number of the results to fetch.", - "in": "query", - "schema": { - "type": "integer", - "default": 1 - }, - "descriptionHTML": "

Page number of the results to fetch.

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/repos/octocat/hello-world/keys" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('GET /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world'\n})" - } - ], - "summary": "List deploy keys", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "list-deploy-keys", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "", - "bodyParameters": [], - "responses": [ - { - "httpStatusCode": "200", - "httpStatusMessage": "OK", - "description": "

Response

", - "payload": "[\n {\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n }\n]" - } - ] - }, - { - "verb": "post", - "requestPath": "/repos/{owner}/{repo}/keys", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/repos/octocat/hello-world/keys \\\n -d '{\"key\":\"key\"}'" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('POST /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world',\n key: 'key'\n})" - } - ], - "summary": "Create a deploy key", - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "title": { - "type": "string", - "description": "

A name for the key.

", - "name": "title", - "in": "body", - "rawType": "string", - "rawDescription": "A name for the key.", - "childParamsGroups": [] - }, - "key": { - "type": "string", - "description": "

Required. The contents of the key.

", - "name": "key", - "in": "body", - "rawType": "string", - "rawDescription": "The contents of the key.", - "childParamsGroups": [] - }, - "read_only": { - "type": "boolean", - "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", - "name": "read_only", - "in": "body", - "rawType": "boolean", - "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", - "childParamsGroups": [] - } - }, - "required": [ - "key" - ] - }, - "example": { - "title": "octocat@octomac", - "key": "ssh-rsa AAA...", - "read_only": true - } - } - } - }, - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "create-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "

You can create a read-only deploy key.

", - "responses": [ - { - "httpStatusCode": "201", - "httpStatusMessage": "Created", - "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" - }, - { - "httpStatusCode": "422", - "httpStatusMessage": "Unprocessable Entity", - "description": "

Validation failed

" - } - ], - "bodyParameters": [ - { - "type": "string", - "description": "

A name for the key.

", - "name": "title", - "in": "body", - "rawType": "string", - "rawDescription": "A name for the key.", - "childParamsGroups": [] - }, - { - "type": "string", - "description": "

Required. The contents of the key.

", - "name": "key", - "in": "body", - "rawType": "string", - "rawDescription": "The contents of the key.", - "childParamsGroups": [] - }, - { - "type": "boolean", - "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", - "name": "read_only", - "in": "body", - "rawType": "boolean", - "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", - "childParamsGroups": [] - } - ] - }, - { - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "key_id", - "description": "key_id parameter", - "in": "path", - "required": true, - "schema": { - "type": "integer" - }, - "descriptionHTML": "

key_id parameter

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/repos/octocat/hello-world/keys/42" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('GET /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" - } - ], - "summary": "Get a deploy key", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "get-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "", - "bodyParameters": [], - "responses": [ - { - "httpStatusCode": "200", - "httpStatusMessage": "OK", - "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" - }, - { - "httpStatusCode": "404", - "httpStatusMessage": "Not Found", - "description": "

Resource not found

" - } - ] - }, - { - "verb": "delete", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "key_id", - "description": "key_id parameter", - "in": "path", - "required": true, - "schema": { - "type": "integer" - }, - "descriptionHTML": "

key_id parameter

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -X DELETE \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://api.github.com/repos/octocat/hello-world/keys/42" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('DELETE /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" - } - ], - "summary": "Delete a deploy key", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "delete-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "bodyParameters": [], - "descriptionHTML": "

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

", - "responses": [ - { - "httpStatusCode": "204", - "httpStatusMessage": "No Content", - "description": "

Response

" - } - ] - } - ], "statuses": [ { "verb": "get", @@ -52898,20 +53361,28 @@ }, "vcs": { "type": "string", + "description": "

The type of version control system you are migrating from.

", + "enum": [ + "subversion", + "tfvc", + "git", + "mercurial" + ], "example": "\"git\"", "name": "vcs", "in": "body", "rawType": "string", - "description": "", + "rawDescription": "The type of version control system you are migrating from.", "childParamsGroups": [] }, "tfvc_project": { "type": "string", + "description": "

For a tfvc import, the name of the project that is being imported.

", "example": "\"project1\"", "name": "tfvc_project", "in": "body", "rawType": "string", - "description": "", + "rawDescription": "For a tfvc import, the name of the project that is being imported.", "childParamsGroups": [] } }, @@ -52919,11 +53390,22 @@ }, "examples": { "example-1": { - "summary": "Example 1", + "summary": "Update authentication for an import", "value": { "vcs_username": "octocat", "vcs_password": "secret" } + }, + "example-2": { + "summary": "Updating the project choice", + "value": { + "vcs": "tfvc", + "tfvc_project": "project1", + "human_name": "project1 (tfs)" + } + }, + "example-3": { + "summary": "Restarting an import" } } } @@ -52938,7 +53420,7 @@ "category": "migrations", "subcategory": "source-imports", "notes": [], - "descriptionHTML": "

An import can be updated with credentials or a project choice by passing in the appropriate parameters in this API\nrequest. If no parameters are provided, the import will be restarted.

", + "descriptionHTML": "

An import can be updated with credentials or a project choice by passing in the appropriate parameters in this API\nrequest. If no parameters are provided, the import will be restarted.

\n

Some servers (e.g. TFS servers) can have several projects at a single URL. In those cases the import progress will\nhave the status detection_found_multiple and the Import Progress response will include a project_choices array.\nYou can select the project to import by providing one of the objects in the project_choices array in the update request.

", "responses": [ { "httpStatusCode": "200", @@ -52980,20 +53462,28 @@ }, { "type": "string", + "description": "

The type of version control system you are migrating from.

", + "enum": [ + "subversion", + "tfvc", + "git", + "mercurial" + ], "example": "\"git\"", "name": "vcs", "in": "body", "rawType": "string", - "description": "", + "rawDescription": "The type of version control system you are migrating from.", "childParamsGroups": [] }, { "type": "string", + "description": "

For a tfvc import, the name of the project that is being imported.

", "example": "\"project1\"", "name": "tfvc_project", "in": "body", "rawType": "string", - "description": "", + "rawDescription": "For a tfvc import, the name of the project that is being imported.", "childParamsGroups": [] } ] @@ -54581,6 +55071,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -54782,6 +55277,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -67124,16 +67624,6 @@ ] }, "examples": { - "example-for-a-single-line-comment": { - "summary": "Example for a single-line comment", - "value": { - "body": "Let's add this deleted line back.", - "commit_id": "6dcb09b5b57875f334f61aebed695e2e4193db5e", - "path": "file1.txt", - "line": 5, - "side": "LEFT" - } - }, "example-for-a-multi-line-comment": { "summary": "Example for a multi-line comment", "value": { @@ -69233,8 +69723,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -69252,7 +69746,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

Response

", + "description": "

Response when the reaction type has already been added to this team discussion comment

", "payload": "{\n \"id\": 1,\n \"node_id\": \"MDg6UmVhY3Rpb24x\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"content\": \"heart\",\n \"created_at\": \"2016-05-20T20:09:31Z\"\n}" }, { @@ -69545,8 +70039,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -69854,7 +70352,11 @@ ] }, "example": { - "content": "heart" + "default": { + "value": { + "content": "heart" + } + } } } } @@ -70171,8 +70673,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -70489,8 +70995,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -70802,8 +71312,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -71116,8 +71630,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -83471,10 +83989,14 @@ "name" ] }, - "example": { - "name": "new team name", - "description": "new team description", - "privacy": "closed" + "examples": { + "default": { + "value": { + "name": "new team name", + "description": "new team description", + "privacy": "closed" + } + } } } } @@ -83495,7 +84017,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

Response

", + "description": "

Response when the updated information already exists

", "payload": "{\n \"id\": 1,\n \"node_id\": \"MDQ6VGVhbTE=\",\n \"url\": \"https://api.github.com/teams/1\",\n \"html_url\": \"https://github.com/orgs/github/teams/justice-league\",\n \"name\": \"Justice League\",\n \"slug\": \"justice-league\",\n \"description\": \"A great team.\",\n \"privacy\": \"closed\",\n \"permission\": \"admin\",\n \"members_url\": \"https://api.github.com/teams/1/members{/member}\",\n \"repositories_url\": \"https://api.github.com/teams/1/repos\",\n \"parent\": null,\n \"members_count\": 3,\n \"repos_count\": 10,\n \"created_at\": \"2017-07-14T16:53:42Z\",\n \"updated_at\": \"2017-08-17T12:37:15Z\",\n \"organization\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"updated_at\": \"2017-08-17T12:37:15Z\",\n \"type\": \"Organization\"\n }\n}" }, { diff --git a/lib/rest/static/decorated/ghes-3.1.json b/lib/rest/static/decorated/ghes-3.1.json index 347b319b1c..13802afa64 100644 --- a/lib/rest/static/decorated/ghes-3.1.json +++ b/lib/rest/static/decorated/ghes-3.1.json @@ -10026,17 +10026,6 @@ } ], "summary": "Create a GitHub App from a manifest", - "requestBody": { - "required": false, - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false - } - } - } - }, "x-github": { "enabledForGitHubApps": false, "category": "apps", @@ -10155,6 +10144,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -10211,6 +10205,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -10261,6 +10260,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -11143,6 +11147,17 @@ ] } } + }, + "examples": { + "default": { + "value": { + "respoitory": "Hello-World", + "permissions": { + "issues": "write", + "contents": "read" + } + } + } } } } @@ -12065,6 +12080,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -12115,6 +12135,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -12731,6 +12756,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -12818,6 +12848,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -12887,6 +12922,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -12958,6 +12998,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -13045,6 +13090,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -13102,6 +13152,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -13136,6 +13191,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -13192,6 +13254,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -13226,6 +13293,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -13277,6 +13351,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -13364,6 +13443,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -14279,6 +14363,19 @@ "required": [ "access_token" ] + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a", + "target": "octocat", + "permissions": { + "metadata": "read", + "issues": "write", + "contents": "read" + } + } + } } } } @@ -15226,6 +15323,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -15289,6 +15391,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -15347,6 +15454,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -15499,12 +15611,16 @@ "description": "

Determines whether the SSL certificate of the host for url will be verified when delivering payloads. Supported values include 0 (verification is performed) and 1 (verification is not performed). The default is 0. We strongly recommend not setting this to 1 as you are subject to man-in-the-middle and other attacks.

", "childParamsGroups": [] } - }, - "example": { - "content_type": "json", - "insecure_ssl": "0", - "secret": "********", - "url": "https://example.com/webhook" + } + }, + "examples": { + "default": { + "value": { + "content_type": "json", + "insecure_ssl": "0", + "secret": "********", + "url": "https://example.com/webhook" + } } } } @@ -21733,7 +21849,13 @@ "httpStatusCode": "201", "httpStatusMessage": "Created", "description": "Response for completed conclusion", - "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": \"2018-05-04T01:14:52Z\",\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" + "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"42\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": \"2018-05-04T01:14:52Z\",\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" + }, + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "Response for completed conclusion", + "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"42\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"in_progress\",\n \"conclusion\": null,\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": null,\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" } ], "bodyParameters": [ @@ -25171,8 +25293,12 @@ "head_sha" ] }, - "example": { - "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + "examples": { + "default": { + "value": { + "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + } + } } } } @@ -25191,7 +25317,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

when the suite already existed

", + "description": "

Response when the suite already exists

", "payload": "{\n \"id\": 5,\n \"node_id\": \"MDEwOkNoZWNrU3VpdGU1\",\n \"head_branch\": \"master\",\n \"head_sha\": \"d6fde92930d4715a2b49857d24b940956b26d2d3\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-suites/5\",\n \"before\": \"146e867f55c26428e5f9fade55a9bbf5e95a7912\",\n \"after\": \"d6fde92930d4715a2b49857d24b940956b26d2d3\",\n \"pull_requests\": [],\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"repository\": {\n \"id\": 1296269,\n \"node_id\": \"MDEwOlJlcG9zaXRvcnkxMjk2MjY5\",\n \"name\": \"Hello-World\",\n \"full_name\": \"octocat/Hello-World\",\n \"template_repository\": {\n \"id\": 1296269,\n \"node_id\": \"MDEwOlJlcG9zaXRvcnkxMjk2MjY5\",\n \"name\": \"Hello-World-Template\",\n \"full_name\": \"octocat/Hello-World-Template\",\n \"owner\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"private\": false,\n \"html_url\": \"https://github.com/octocat/Hello-World-Template\",\n \"description\": \"This your first repo!\",\n \"fork\": false,\n \"url\": \"https://api.github.com/repos/octocat/Hello-World-Template\",\n \"archive_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/{archive_format}{/ref}\",\n \"assignees_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/assignees{/user}\",\n \"blobs_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/blobs{/sha}\",\n \"branches_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/branches{/branch}\",\n \"collaborators_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/collaborators{/collaborator}\",\n \"comments_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/comments{/number}\",\n \"commits_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/commits{/sha}\",\n \"compare_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/compare/{base}...{head}\",\n \"contents_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/contents/{+path}\",\n \"contributors_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/contributors\",\n \"deployments_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/deployments\",\n \"downloads_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/downloads\",\n \"events_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/events\",\n \"forks_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/forks\",\n \"git_commits_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/commits{/sha}\",\n \"git_refs_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/refs{/sha}\",\n \"git_tags_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/tags{/sha}\",\n \"git_url\": \"git:github.com/octocat/Hello-World-Template.git\",\n \"issue_comment_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues/comments{/number}\",\n \"issue_events_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues/events{/number}\",\n \"issues_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues{/number}\",\n \"keys_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/keys{/key_id}\",\n \"labels_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/labels{/name}\",\n \"languages_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/languages\",\n \"merges_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/merges\",\n \"milestones_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/milestones{/number}\",\n \"notifications_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/notifications{?since,all,participating}\",\n \"pulls_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/pulls{/number}\",\n \"releases_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/releases{/id}\",\n \"ssh_url\": \"git@github.com:octocat/Hello-World-Template.git\",\n \"stargazers_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/stargazers\",\n \"statuses_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/statuses/{sha}\",\n \"subscribers_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/subscribers\",\n \"subscription_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/subscription\",\n \"tags_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/tags\",\n \"teams_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/teams\",\n \"trees_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/trees{/sha}\",\n \"clone_url\": \"https://github.com/octocat/Hello-World-Template.git\",\n \"mirror_url\": \"git:git.example.com/octocat/Hello-World-Template\",\n \"hooks_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/hooks\",\n \"svn_url\": \"https://svn.github.com/octocat/Hello-World-Template\",\n \"homepage\": \"https://github.com\",\n \"forks\": 9,\n \"forks_count\": 9,\n \"stargazers_count\": 80,\n \"watchers_count\": 80,\n \"watchers\": 80,\n \"size\": 108,\n \"default_branch\": \"master\",\n \"open_issues\": 0,\n \"open_issues_count\": 0,\n \"is_template\": true,\n \"license\": {\n \"key\": \"mit\",\n \"name\": \"MIT License\",\n \"url\": \"https://api.github.com/licenses/mit\",\n \"spdx_id\": \"MIT\",\n \"node_id\": \"MDc6TGljZW5zZW1pdA==\",\n \"html_url\": \"https://api.github.com/licenses/mit\"\n },\n \"topics\": [\n \"octocat\",\n \"atom\",\n \"electron\",\n \"api\"\n ],\n \"has_issues\": true,\n \"has_projects\": true,\n \"has_wiki\": true,\n \"has_pages\": false,\n \"has_downloads\": true,\n \"archived\": false,\n \"disabled\": false,\n \"visibility\": \"public\",\n \"pushed_at\": \"2011-01-26T19:06:43Z\",\n \"created_at\": \"2011-01-26T19:01:12Z\",\n \"updated_at\": \"2011-01-26T19:14:43Z\",\n \"permissions\": {\n \"admin\": false,\n \"push\": false,\n \"pull\": true\n },\n \"allow_rebase_merge\": true,\n \"temp_clone_token\": \"ABTLWHOULUVAXGTRYU7OC2876QJ2O\",\n \"allow_squash_merge\": true,\n \"delete_branch_on_merge\": true,\n \"allow_merge_commit\": true,\n \"subscribers_count\": 42,\n \"network_count\": 0\n },\n \"owner\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"private\": false,\n \"html_url\": \"https://github.com/octocat/Hello-World\",\n \"description\": \"This your first repo!\",\n \"fork\": false,\n \"url\": \"https://api.github.com/repos/octocat/Hello-World\",\n \"archive_url\": \"https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}\",\n \"assignees_url\": \"https://api.github.com/repos/octocat/Hello-World/assignees{/user}\",\n \"blobs_url\": \"https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}\",\n \"branches_url\": \"https://api.github.com/repos/octocat/Hello-World/branches{/branch}\",\n \"collaborators_url\": \"https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}\",\n \"comments_url\": \"https://api.github.com/repos/octocat/Hello-World/comments{/number}\",\n \"commits_url\": \"https://api.github.com/repos/octocat/Hello-World/commits{/sha}\",\n \"compare_url\": \"https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}\",\n \"contents_url\": \"https://api.github.com/repos/octocat/Hello-World/contents/{+path}\",\n \"contributors_url\": \"https://api.github.com/repos/octocat/Hello-World/contributors\",\n \"deployments_url\": \"https://api.github.com/repos/octocat/Hello-World/deployments\",\n \"downloads_url\": \"https://api.github.com/repos/octocat/Hello-World/downloads\",\n \"events_url\": \"https://api.github.com/repos/octocat/Hello-World/events\",\n \"forks_url\": \"https://api.github.com/repos/octocat/Hello-World/forks\",\n \"git_commits_url\": \"https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}\",\n \"git_refs_url\": \"https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}\",\n \"git_tags_url\": \"https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}\",\n \"git_url\": \"git:github.com/octocat/Hello-World.git\",\n \"issue_comment_url\": \"https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}\",\n \"issue_events_url\": \"https://api.github.com/repos/octocat/Hello-World/issues/events{/number}\",\n \"issues_url\": \"https://api.github.com/repos/octocat/Hello-World/issues{/number}\",\n \"keys_url\": \"https://api.github.com/repos/octocat/Hello-World/keys{/key_id}\",\n \"labels_url\": \"https://api.github.com/repos/octocat/Hello-World/labels{/name}\",\n \"languages_url\": \"https://api.github.com/repos/octocat/Hello-World/languages\",\n \"merges_url\": \"https://api.github.com/repos/octocat/Hello-World/merges\",\n \"milestones_url\": \"https://api.github.com/repos/octocat/Hello-World/milestones{/number}\",\n \"notifications_url\": \"https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}\",\n \"pulls_url\": \"https://api.github.com/repos/octocat/Hello-World/pulls{/number}\",\n \"releases_url\": \"https://api.github.com/repos/octocat/Hello-World/releases{/id}\",\n \"ssh_url\": \"git@github.com:octocat/Hello-World.git\",\n \"stargazers_url\": \"https://api.github.com/repos/octocat/Hello-World/stargazers\",\n \"statuses_url\": \"https://api.github.com/repos/octocat/Hello-World/statuses/{sha}\",\n \"subscribers_url\": \"https://api.github.com/repos/octocat/Hello-World/subscribers\",\n \"subscription_url\": \"https://api.github.com/repos/octocat/Hello-World/subscription\",\n \"tags_url\": \"https://api.github.com/repos/octocat/Hello-World/tags\",\n \"teams_url\": \"https://api.github.com/repos/octocat/Hello-World/teams\",\n \"trees_url\": \"https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}\",\n \"clone_url\": \"https://github.com/octocat/Hello-World.git\",\n \"mirror_url\": \"git:git.example.com/octocat/Hello-World\",\n \"hooks_url\": \"https://api.github.com/repos/octocat/Hello-World/hooks\",\n \"svn_url\": \"https://svn.github.com/octocat/Hello-World\",\n \"homepage\": \"https://github.com\",\n \"forks_count\": 9,\n \"stargazers_count\": 80,\n \"watchers_count\": 80,\n \"size\": 108,\n \"default_branch\": \"master\",\n \"open_issues_count\": 0,\n \"is_template\": false,\n \"topics\": [\n \"octocat\",\n \"atom\",\n \"electron\",\n \"api\"\n ],\n \"has_issues\": true,\n \"has_projects\": true,\n \"has_wiki\": true,\n \"has_pages\": false,\n \"has_downloads\": true,\n \"archived\": false,\n \"disabled\": false,\n \"visibility\": \"public\",\n \"pushed_at\": \"2011-01-26T19:06:43Z\",\n \"created_at\": \"2011-01-26T19:01:12Z\",\n \"updated_at\": \"2011-01-26T19:14:43Z\",\n \"permissions\": {\n \"admin\": false,\n \"push\": false,\n \"pull\": true\n },\n \"temp_clone_token\": \"ABTLWHOULUVAXGTRYU7OC2876QJ2O\",\n \"delete_branch_on_merge\": true,\n \"subscribers_count\": 42,\n \"network_count\": 0\n },\n \"head_commit\": {\n \"id\": \"7fd1a60b01f91b314f59955a4e4d4e80d8edf11d\",\n \"tree_id\": \"7fd1a60b01f91b314f59955a4e4d4e80d8edf11d\",\n \"message\": \"Merge pull request #6 from Spaceghost/patch-1\\n\\nNew line at end of file.\",\n \"timestamp\": \"2016-10-10T00:00:00Z\",\n \"author\": {\n \"name\": \"The Octocat\",\n \"email\": \"octocat@nowhere.com\"\n },\n \"committer\": {\n \"name\": \"The Octocat\",\n \"email\": \"octocat@nowhere.com\"\n }\n },\n \"latest_check_runs_count\": 1,\n \"check_runs_url\": \"https://api.github.com/repos/octocat/Hello-World/check-suites/5/check-runs\"\n}" }, { @@ -29176,6 +29302,350 @@ } ] }, + "deploy_keys": { + "deploy_keys": [ + { + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "per_page", + "description": "Results per page (max 100)", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + }, + "descriptionHTML": "

Results per page (max 100)

" + }, + { + "name": "page", + "description": "Page number of the results to fetch.", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + }, + "descriptionHTML": "

Page number of the results to fetch.

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world'\n})" + } + ], + "summary": "List deploy keys", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "list-deploy-keys", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "", + "bodyParameters": [], + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "[\n {\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n }\n]" + } + ] + }, + { + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/keys", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys \\\n -d '{\"key\":\"key\"}'" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('POST /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world',\n key: 'key'\n})" + } + ], + "summary": "Create a deploy key", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "title": { + "type": "string", + "description": "

A name for the key.

", + "name": "title", + "in": "body", + "rawType": "string", + "rawDescription": "A name for the key.", + "childParamsGroups": [] + }, + "key": { + "type": "string", + "description": "

Required. The contents of the key.

", + "name": "key", + "in": "body", + "rawType": "string", + "rawDescription": "The contents of the key.", + "childParamsGroups": [] + }, + "read_only": { + "type": "boolean", + "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", + "name": "read_only", + "in": "body", + "rawType": "boolean", + "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", + "childParamsGroups": [] + } + }, + "required": [ + "key" + ] + }, + "example": { + "title": "octocat@octomac", + "key": "ssh-rsa AAA...", + "read_only": true + } + } + } + }, + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "create-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "

You can create a read-only deploy key.

", + "responses": [ + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "

Response

", + "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" + }, + { + "httpStatusCode": "422", + "httpStatusMessage": "Unprocessable Entity", + "description": "

Validation failed

" + } + ], + "bodyParameters": [ + { + "type": "string", + "description": "

A name for the key.

", + "name": "title", + "in": "body", + "rawType": "string", + "rawDescription": "A name for the key.", + "childParamsGroups": [] + }, + { + "type": "string", + "description": "

Required. The contents of the key.

", + "name": "key", + "in": "body", + "rawType": "string", + "rawDescription": "The contents of the key.", + "childParamsGroups": [] + }, + { + "type": "boolean", + "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", + "name": "read_only", + "in": "body", + "rawType": "boolean", + "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", + "childParamsGroups": [] + } + ] + }, + { + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "key_id", + "description": "key_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

key_id parameter

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" + } + ], + "summary": "Get a deploy key", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "get-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "", + "bodyParameters": [], + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" + }, + { + "httpStatusCode": "404", + "httpStatusMessage": "Not Found", + "description": "

Resource not found

" + } + ] + }, + { + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "key_id", + "description": "key_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

key_id parameter

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X DELETE \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('DELETE /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" + } + ], + "summary": "Delete a deploy key", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "delete-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "bodyParameters": [], + "descriptionHTML": "

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

", + "responses": [ + { + "httpStatusCode": "204", + "httpStatusMessage": "No Content", + "description": "

Response

" + } + ] + } + ] + }, "deployments": { "deployments": [ { @@ -29769,348 +30239,6 @@ "subcategory": "deployments" } ], - "keys": [ - { - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "per_page", - "description": "Results per page (max 100)", - "in": "query", - "schema": { - "type": "integer", - "default": 30 - }, - "descriptionHTML": "

Results per page (max 100)

" - }, - { - "name": "page", - "description": "Page number of the results to fetch.", - "in": "query", - "schema": { - "type": "integer", - "default": 1 - }, - "descriptionHTML": "

Page number of the results to fetch.

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('GET /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world'\n})" - } - ], - "summary": "List deploy keys", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "list-deploy-keys", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "", - "bodyParameters": [], - "responses": [ - { - "httpStatusCode": "200", - "httpStatusMessage": "OK", - "description": "

Response

", - "payload": "[\n {\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n }\n]" - } - ] - }, - { - "verb": "post", - "requestPath": "/repos/{owner}/{repo}/keys", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys \\\n -d '{\"key\":\"key\"}'" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('POST /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world',\n key: 'key'\n})" - } - ], - "summary": "Create a deploy key", - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "title": { - "type": "string", - "description": "

A name for the key.

", - "name": "title", - "in": "body", - "rawType": "string", - "rawDescription": "A name for the key.", - "childParamsGroups": [] - }, - "key": { - "type": "string", - "description": "

Required. The contents of the key.

", - "name": "key", - "in": "body", - "rawType": "string", - "rawDescription": "The contents of the key.", - "childParamsGroups": [] - }, - "read_only": { - "type": "boolean", - "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", - "name": "read_only", - "in": "body", - "rawType": "boolean", - "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", - "childParamsGroups": [] - } - }, - "required": [ - "key" - ] - }, - "example": { - "title": "octocat@octomac", - "key": "ssh-rsa AAA...", - "read_only": true - } - } - } - }, - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "create-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "

You can create a read-only deploy key.

", - "responses": [ - { - "httpStatusCode": "201", - "httpStatusMessage": "Created", - "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" - }, - { - "httpStatusCode": "422", - "httpStatusMessage": "Unprocessable Entity", - "description": "

Validation failed

" - } - ], - "bodyParameters": [ - { - "type": "string", - "description": "

A name for the key.

", - "name": "title", - "in": "body", - "rawType": "string", - "rawDescription": "A name for the key.", - "childParamsGroups": [] - }, - { - "type": "string", - "description": "

Required. The contents of the key.

", - "name": "key", - "in": "body", - "rawType": "string", - "rawDescription": "The contents of the key.", - "childParamsGroups": [] - }, - { - "type": "boolean", - "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", - "name": "read_only", - "in": "body", - "rawType": "boolean", - "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", - "childParamsGroups": [] - } - ] - }, - { - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "key_id", - "description": "key_id parameter", - "in": "path", - "required": true, - "schema": { - "type": "integer" - }, - "descriptionHTML": "

key_id parameter

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('GET /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" - } - ], - "summary": "Get a deploy key", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "get-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "", - "bodyParameters": [], - "responses": [ - { - "httpStatusCode": "200", - "httpStatusMessage": "OK", - "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" - }, - { - "httpStatusCode": "404", - "httpStatusMessage": "Not Found", - "description": "

Resource not found

" - } - ] - }, - { - "verb": "delete", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "key_id", - "description": "key_id parameter", - "in": "path", - "required": true, - "schema": { - "type": "integer" - }, - "descriptionHTML": "

key_id parameter

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -X DELETE \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('DELETE /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" - } - ], - "summary": "Delete a deploy key", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "delete-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "bodyParameters": [], - "descriptionHTML": "

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

", - "responses": [ - { - "httpStatusCode": "204", - "httpStatusMessage": "No Content", - "description": "

Response

" - } - ] - } - ], "statuses": [ { "verb": "get", @@ -32458,7 +32586,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" + "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"aqueduct jobs\",\n \"number\": 34\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" } ] }, @@ -32519,7 +32647,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" + "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"aqueduct jobs\",\n \"number\": 34\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" } ], "bodyParameters": [ @@ -45892,6 +46020,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -46093,6 +46226,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -46700,7 +46838,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "Default response", - "payload": "{\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"twitter_username\": \"github\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"updated_at\": \"2014-03-03T18:58:10Z\",\n \"type\": \"Organization\",\n \"total_private_repos\": 100,\n \"owned_private_repos\": 100,\n \"private_gists\": 81,\n \"disk_usage\": 10000,\n \"collaborators\": 8,\n \"billing_email\": \"mona@github.com\",\n \"plan\": {\n \"name\": \"Medium\",\n \"space\": 400,\n \"private_repos\": 20,\n \"filled_seats\": 4,\n \"seats\": 5\n },\n \"default_repository_permission\": \"read\",\n \"members_can_create_repositories\": true,\n \"two_factor_requirement_enabled\": true,\n \"members_allowed_repository_creation_type\": \"all\",\n \"members_can_create_public_repositories\": false,\n \"members_can_create_private_repositories\": false,\n \"members_can_create_internal_repositories\": false,\n \"members_can_create_pages\": true,\n \"members_can_fork_private_repositories\": false\n}" + "payload": "{\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"twitter_username\": \"github\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"updated_at\": \"2014-03-03T18:58:10Z\",\n \"type\": \"Organization\",\n \"total_private_repos\": 100,\n \"owned_private_repos\": 100,\n \"private_gists\": 81,\n \"disk_usage\": 10000,\n \"collaborators\": 8,\n \"billing_email\": \"mona@github.com\",\n \"plan\": {\n \"name\": \"Medium\",\n \"space\": 400,\n \"private_repos\": 20,\n \"filled_seats\": 4,\n \"seats\": 5\n },\n \"default_repository_permission\": \"read\",\n \"members_can_create_repositories\": true,\n \"two_factor_requirement_enabled\": true,\n \"members_allowed_repository_creation_type\": \"all\",\n \"members_can_create_public_repositories\": false,\n \"members_can_create_private_repositories\": false,\n \"members_can_create_internal_repositories\": false,\n \"members_can_create_pages\": true\n}" }, { "httpStatusCode": "404", @@ -46900,16 +47038,6 @@ "rawDescription": "Toggles whether organization members can create GitHub Pages sites. Can be one of: \n\\* `true` - all organization members can create GitHub Pages sites. \n\\* `false` - no organization members can create GitHub Pages sites. Existing published sites will not be impacted.", "childParamsGroups": [] }, - "members_can_fork_private_repositories": { - "type": "boolean", - "description": "

Toggles whether organization members can fork private organization repositories. Can be one of:
\n* true - all organization members can fork private repositories within the organization.
\n* false - no organization members can fork private repositories within the organization.

", - "default": false, - "name": "members_can_fork_private_repositories", - "in": "body", - "rawType": "boolean", - "rawDescription": "Toggles whether organization members can fork private organization repositories. Can be one of: \n\\* `true` - all organization members can fork private repositories within the organization. \n\\* `false` - no organization members can fork private repositories within the organization.", - "childParamsGroups": [] - }, "blog": { "type": "string", "example": "\"http://github.blog\"", @@ -46955,7 +47083,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"twitter_username\": \"github\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"type\": \"Organization\",\n \"total_private_repos\": 100,\n \"owned_private_repos\": 100,\n \"private_gists\": 81,\n \"disk_usage\": 10000,\n \"collaborators\": 8,\n \"billing_email\": \"mona@github.com\",\n \"plan\": {\n \"name\": \"Medium\",\n \"space\": 400,\n \"private_repos\": 20\n },\n \"default_repository_permission\": \"read\",\n \"members_can_create_repositories\": true,\n \"two_factor_requirement_enabled\": true,\n \"members_allowed_repository_creation_type\": \"all\",\n \"members_can_create_public_repositories\": false,\n \"members_can_create_private_repositories\": false,\n \"members_can_create_internal_repositories\": false,\n \"members_can_create_pages\": true,\n \"members_can_create_public_pages\": true,\n \"members_can_create_private_pages\": true,\n \"members_can_fork_private_repositories\": false,\n \"updated_at\": \"2014-03-03T18:58:10Z\"\n}" + "payload": "{\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"twitter_username\": \"github\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"type\": \"Organization\",\n \"total_private_repos\": 100,\n \"owned_private_repos\": 100,\n \"private_gists\": 81,\n \"disk_usage\": 10000,\n \"collaborators\": 8,\n \"billing_email\": \"mona@github.com\",\n \"plan\": {\n \"name\": \"Medium\",\n \"space\": 400,\n \"private_repos\": 20\n },\n \"default_repository_permission\": \"read\",\n \"members_can_create_repositories\": true,\n \"two_factor_requirement_enabled\": true,\n \"members_allowed_repository_creation_type\": \"all\",\n \"members_can_create_public_repositories\": false,\n \"members_can_create_private_repositories\": false,\n \"members_can_create_internal_repositories\": false,\n \"members_can_create_pages\": true,\n \"members_can_create_public_pages\": true,\n \"members_can_create_private_pages\": true,\n \"updated_at\": \"2014-03-03T18:58:10Z\"\n}" }, { "httpStatusCode": "409", @@ -47127,16 +47255,6 @@ "rawDescription": "Toggles whether organization members can create GitHub Pages sites. Can be one of: \n\\* `true` - all organization members can create GitHub Pages sites. \n\\* `false` - no organization members can create GitHub Pages sites. Existing published sites will not be impacted.", "childParamsGroups": [] }, - { - "type": "boolean", - "description": "

Toggles whether organization members can fork private organization repositories. Can be one of:
\n* true - all organization members can fork private repositories within the organization.
\n* false - no organization members can fork private repositories within the organization.

", - "default": false, - "name": "members_can_fork_private_repositories", - "in": "body", - "rawType": "boolean", - "rawDescription": "Toggles whether organization members can fork private organization repositories. Can be one of: \n\\* `true` - all organization members can fork private repositories within the organization. \n\\* `false` - no organization members can fork private repositories within the organization.", - "childParamsGroups": [] - }, { "type": "string", "example": "\"http://github.blog\"", @@ -55209,16 +55327,6 @@ ] }, "examples": { - "example-for-a-single-line-comment": { - "summary": "Example for a single-line comment", - "value": { - "body": "Let's add this deleted line back.", - "commit_id": "6dcb09b5b57875f334f61aebed695e2e4193db5e", - "path": "file1.txt", - "line": 5, - "side": "LEFT" - } - }, "example-for-a-multi-line-comment": { "summary": "Example for a multi-line comment", "value": { @@ -57329,8 +57437,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -57353,7 +57465,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

Response

", + "description": "

Response when the reaction type has already been added to this team discussion comment

", "payload": "{\n \"id\": 1,\n \"node_id\": \"MDg6UmVhY3Rpb24x\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"content\": \"heart\",\n \"created_at\": \"2016-05-20T20:09:31Z\"\n}" }, { @@ -57656,8 +57768,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -58052,7 +58168,11 @@ ] }, "example": { - "content": "heart" + "default": { + "value": { + "content": "heart" + } + } } } } @@ -58384,8 +58504,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -58717,8 +58841,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -59045,8 +59173,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -67871,10 +68003,14 @@ "name" ] }, - "example": { - "name": "new team name", - "description": "new team description", - "privacy": "closed" + "examples": { + "default": { + "value": { + "name": "new team name", + "description": "new team description", + "privacy": "closed" + } + } } } } @@ -67895,7 +68031,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

Response

", + "description": "

Response when the updated information already exists

", "payload": "{\n \"id\": 1,\n \"node_id\": \"MDQ6VGVhbTE=\",\n \"url\": \"https://api.github.com/teams/1\",\n \"html_url\": \"https://github.com/orgs/github/teams/justice-league\",\n \"name\": \"Justice League\",\n \"slug\": \"justice-league\",\n \"description\": \"A great team.\",\n \"privacy\": \"closed\",\n \"permission\": \"admin\",\n \"members_url\": \"https://api.github.com/teams/1/members{/member}\",\n \"repositories_url\": \"https://api.github.com/teams/1/repos\",\n \"members_count\": 3,\n \"repos_count\": 10,\n \"created_at\": \"2017-07-14T16:53:42Z\",\n \"updated_at\": \"2017-08-17T12:37:15Z\",\n \"organization\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"updated_at\": \"2017-08-17T12:37:15Z\",\n \"type\": \"Organization\"\n },\n \"ldap_dn\": \"uid=asdf,ou=users,dc=github,dc=com\"\n}" }, { diff --git a/lib/rest/static/decorated/ghes-3.2.json b/lib/rest/static/decorated/ghes-3.2.json index de168835d4..d1beb36532 100644 --- a/lib/rest/static/decorated/ghes-3.2.json +++ b/lib/rest/static/decorated/ghes-3.2.json @@ -10705,17 +10705,6 @@ } ], "summary": "Create a GitHub App from a manifest", - "requestBody": { - "required": false, - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false - } - } - } - }, "x-github": { "enabledForGitHubApps": false, "category": "apps", @@ -10834,6 +10823,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -10890,6 +10884,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -10940,6 +10939,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -11822,6 +11826,17 @@ ] } } + }, + "examples": { + "default": { + "value": { + "respoitory": "Hello-World", + "permissions": { + "issues": "write", + "contents": "read" + } + } + } } } } @@ -12744,6 +12759,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -12794,6 +12814,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -13410,6 +13435,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -13497,6 +13527,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -13566,6 +13601,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -13637,6 +13677,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -13724,6 +13769,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -13781,6 +13831,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -13815,6 +13870,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -13834,7 +13896,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" }, { "httpStatusCode": "404", @@ -13871,6 +13933,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -13905,6 +13972,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -13924,7 +13998,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" }, { "httpStatusCode": "422", @@ -13956,6 +14030,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -14043,6 +14122,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -14958,6 +15042,19 @@ "required": [ "access_token" ] + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a", + "target": "octocat", + "permissions": { + "metadata": "read", + "issues": "write", + "contents": "read" + } + } + } } } } @@ -14977,7 +15074,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"installation\": {\n \"permissions\": {\n \"metadata\": \"read\",\n \"issues\": \"write\",\n \"contents\": \"read\"\n },\n \"repository_selection\": \"selected\",\n \"single_file_name\": \".github/workflow.yml\",\n \"repositories_url\": \"https://api.github.com/user/repos\",\n \"account\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"has_multiple_single_files\": false,\n \"single_file_paths\": []\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"installation\": {\n \"permissions\": {\n \"metadata\": \"read\",\n \"issues\": \"write\",\n \"contents\": \"read\"\n },\n \"repository_selection\": \"selected\",\n \"single_file_name\": \".github/workflow.yml\",\n \"repositories_url\": \"https://api.github.com/user/repos\",\n \"account\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"has_multiple_single_files\": false,\n \"single_file_paths\": []\n }\n}" }, { "httpStatusCode": "401", @@ -15905,6 +16002,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -15947,7 +16049,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" }, { "httpStatusCode": "404", @@ -15968,6 +16070,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -16010,7 +16117,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" } ] }, @@ -16026,6 +16133,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -16178,12 +16290,16 @@ "description": "

Determines whether the SSL certificate of the host for url will be verified when delivering payloads. Supported values include 0 (verification is performed) and 1 (verification is not performed). The default is 0. We strongly recommend not setting this to 1 as you are subject to man-in-the-middle and other attacks.

", "childParamsGroups": [] } - }, - "example": { - "content_type": "json", - "insecure_ssl": "0", - "secret": "********", - "url": "https://example.com/webhook" + } + }, + "examples": { + "default": { + "value": { + "content_type": "json", + "insecure_ssl": "0", + "secret": "********", + "url": "https://example.com/webhook" + } } } } @@ -22587,7 +22703,13 @@ "httpStatusCode": "201", "httpStatusMessage": "Created", "description": "Response for completed conclusion", - "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": \"2018-05-04T01:14:52Z\",\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" + "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"42\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": \"2018-05-04T01:14:52Z\",\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" + }, + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "Response for completed conclusion", + "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"42\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"in_progress\",\n \"conclusion\": null,\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": null,\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" } ], "bodyParameters": [ @@ -26025,8 +26147,12 @@ "head_sha" ] }, - "example": { - "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + "examples": { + "default": { + "value": { + "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + } + } } } } @@ -26045,7 +26171,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

when the suite already existed

", + "description": "

Response when the suite already exists

", "payload": "{\n \"id\": 5,\n \"node_id\": \"MDEwOkNoZWNrU3VpdGU1\",\n \"head_branch\": \"master\",\n \"head_sha\": \"d6fde92930d4715a2b49857d24b940956b26d2d3\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-suites/5\",\n \"before\": \"146e867f55c26428e5f9fade55a9bbf5e95a7912\",\n \"after\": \"d6fde92930d4715a2b49857d24b940956b26d2d3\",\n \"pull_requests\": [],\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"repository\": {\n \"id\": 1296269,\n \"node_id\": \"MDEwOlJlcG9zaXRvcnkxMjk2MjY5\",\n \"name\": \"Hello-World\",\n \"full_name\": \"octocat/Hello-World\",\n \"template_repository\": {\n \"id\": 1296269,\n \"node_id\": \"MDEwOlJlcG9zaXRvcnkxMjk2MjY5\",\n \"name\": \"Hello-World-Template\",\n \"full_name\": \"octocat/Hello-World-Template\",\n \"owner\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"private\": false,\n \"html_url\": \"https://github.com/octocat/Hello-World-Template\",\n \"description\": \"This your first repo!\",\n \"fork\": false,\n \"url\": \"https://api.github.com/repos/octocat/Hello-World-Template\",\n \"archive_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/{archive_format}{/ref}\",\n \"assignees_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/assignees{/user}\",\n \"blobs_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/blobs{/sha}\",\n \"branches_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/branches{/branch}\",\n \"collaborators_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/collaborators{/collaborator}\",\n \"comments_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/comments{/number}\",\n \"commits_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/commits{/sha}\",\n \"compare_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/compare/{base}...{head}\",\n \"contents_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/contents/{+path}\",\n \"contributors_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/contributors\",\n \"deployments_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/deployments\",\n \"downloads_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/downloads\",\n \"events_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/events\",\n \"forks_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/forks\",\n \"git_commits_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/commits{/sha}\",\n \"git_refs_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/refs{/sha}\",\n \"git_tags_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/tags{/sha}\",\n \"git_url\": \"git:github.com/octocat/Hello-World-Template.git\",\n \"issue_comment_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues/comments{/number}\",\n \"issue_events_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues/events{/number}\",\n \"issues_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues{/number}\",\n \"keys_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/keys{/key_id}\",\n \"labels_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/labels{/name}\",\n \"languages_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/languages\",\n \"merges_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/merges\",\n \"milestones_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/milestones{/number}\",\n \"notifications_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/notifications{?since,all,participating}\",\n \"pulls_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/pulls{/number}\",\n \"releases_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/releases{/id}\",\n \"ssh_url\": \"git@github.com:octocat/Hello-World-Template.git\",\n \"stargazers_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/stargazers\",\n \"statuses_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/statuses/{sha}\",\n \"subscribers_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/subscribers\",\n \"subscription_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/subscription\",\n \"tags_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/tags\",\n \"teams_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/teams\",\n \"trees_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/trees{/sha}\",\n \"clone_url\": \"https://github.com/octocat/Hello-World-Template.git\",\n \"mirror_url\": \"git:git.example.com/octocat/Hello-World-Template\",\n \"hooks_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/hooks\",\n \"svn_url\": \"https://svn.github.com/octocat/Hello-World-Template\",\n \"homepage\": \"https://github.com\",\n \"language\": null,\n \"forks\": 9,\n \"forks_count\": 9,\n \"stargazers_count\": 80,\n \"watchers_count\": 80,\n \"watchers\": 80,\n \"size\": 108,\n \"default_branch\": \"master\",\n \"open_issues\": 0,\n \"open_issues_count\": 0,\n \"is_template\": true,\n \"license\": {\n \"key\": \"mit\",\n \"name\": \"MIT License\",\n \"url\": \"https://api.github.com/licenses/mit\",\n \"spdx_id\": \"MIT\",\n \"node_id\": \"MDc6TGljZW5zZW1pdA==\",\n \"html_url\": \"https://api.github.com/licenses/mit\"\n },\n \"topics\": [\n \"octocat\",\n \"atom\",\n \"electron\",\n \"api\"\n ],\n \"has_issues\": true,\n \"has_projects\": true,\n \"has_wiki\": true,\n \"has_pages\": false,\n \"has_downloads\": true,\n \"archived\": false,\n \"disabled\": false,\n \"visibility\": \"public\",\n \"pushed_at\": \"2011-01-26T19:06:43Z\",\n \"created_at\": \"2011-01-26T19:01:12Z\",\n \"updated_at\": \"2011-01-26T19:14:43Z\",\n \"permissions\": {\n \"admin\": false,\n \"push\": false,\n \"pull\": true\n },\n \"allow_rebase_merge\": true,\n \"temp_clone_token\": \"ABTLWHOULUVAXGTRYU7OC2876QJ2O\",\n \"allow_squash_merge\": true,\n \"allow_auto_merge\": false,\n \"delete_branch_on_merge\": true,\n \"allow_merge_commit\": true,\n \"subscribers_count\": 42,\n \"network_count\": 0\n },\n \"owner\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"private\": false,\n \"html_url\": \"https://github.com/octocat/Hello-World\",\n \"description\": \"This your first repo!\",\n \"fork\": false,\n \"url\": \"https://api.github.com/repos/octocat/Hello-World\",\n \"archive_url\": \"https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}\",\n \"assignees_url\": \"https://api.github.com/repos/octocat/Hello-World/assignees{/user}\",\n \"blobs_url\": \"https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}\",\n \"branches_url\": \"https://api.github.com/repos/octocat/Hello-World/branches{/branch}\",\n \"collaborators_url\": \"https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}\",\n \"comments_url\": \"https://api.github.com/repos/octocat/Hello-World/comments{/number}\",\n \"commits_url\": \"https://api.github.com/repos/octocat/Hello-World/commits{/sha}\",\n \"compare_url\": \"https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}\",\n \"contents_url\": \"https://api.github.com/repos/octocat/Hello-World/contents/{+path}\",\n \"contributors_url\": \"https://api.github.com/repos/octocat/Hello-World/contributors\",\n \"deployments_url\": \"https://api.github.com/repos/octocat/Hello-World/deployments\",\n \"downloads_url\": \"https://api.github.com/repos/octocat/Hello-World/downloads\",\n \"events_url\": \"https://api.github.com/repos/octocat/Hello-World/events\",\n \"forks_url\": \"https://api.github.com/repos/octocat/Hello-World/forks\",\n \"git_commits_url\": \"https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}\",\n \"git_refs_url\": \"https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}\",\n \"git_tags_url\": \"https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}\",\n \"git_url\": \"git:github.com/octocat/Hello-World.git\",\n \"issue_comment_url\": \"https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}\",\n \"issue_events_url\": \"https://api.github.com/repos/octocat/Hello-World/issues/events{/number}\",\n \"issues_url\": \"https://api.github.com/repos/octocat/Hello-World/issues{/number}\",\n \"keys_url\": \"https://api.github.com/repos/octocat/Hello-World/keys{/key_id}\",\n \"labels_url\": \"https://api.github.com/repos/octocat/Hello-World/labels{/name}\",\n \"languages_url\": \"https://api.github.com/repos/octocat/Hello-World/languages\",\n \"merges_url\": \"https://api.github.com/repos/octocat/Hello-World/merges\",\n \"milestones_url\": \"https://api.github.com/repos/octocat/Hello-World/milestones{/number}\",\n \"notifications_url\": \"https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}\",\n \"pulls_url\": \"https://api.github.com/repos/octocat/Hello-World/pulls{/number}\",\n \"releases_url\": \"https://api.github.com/repos/octocat/Hello-World/releases{/id}\",\n \"ssh_url\": \"git@github.com:octocat/Hello-World.git\",\n \"stargazers_url\": \"https://api.github.com/repos/octocat/Hello-World/stargazers\",\n \"statuses_url\": \"https://api.github.com/repos/octocat/Hello-World/statuses/{sha}\",\n \"subscribers_url\": \"https://api.github.com/repos/octocat/Hello-World/subscribers\",\n \"subscription_url\": \"https://api.github.com/repos/octocat/Hello-World/subscription\",\n \"tags_url\": \"https://api.github.com/repos/octocat/Hello-World/tags\",\n \"teams_url\": \"https://api.github.com/repos/octocat/Hello-World/teams\",\n \"trees_url\": \"https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}\",\n \"clone_url\": \"https://github.com/octocat/Hello-World.git\",\n \"mirror_url\": \"git:git.example.com/octocat/Hello-World\",\n \"hooks_url\": \"https://api.github.com/repos/octocat/Hello-World/hooks\",\n \"svn_url\": \"https://svn.github.com/octocat/Hello-World\",\n \"homepage\": \"https://github.com\",\n \"language\": null,\n \"forks_count\": 9,\n \"stargazers_count\": 80,\n \"watchers_count\": 80,\n \"size\": 108,\n \"default_branch\": \"master\",\n \"open_issues_count\": 0,\n \"is_template\": false,\n \"topics\": [\n \"octocat\",\n \"atom\",\n \"electron\",\n \"api\"\n ],\n \"has_issues\": true,\n \"has_projects\": true,\n \"has_wiki\": true,\n \"has_pages\": false,\n \"has_downloads\": true,\n \"archived\": false,\n \"disabled\": false,\n \"visibility\": \"public\",\n \"pushed_at\": \"2011-01-26T19:06:43Z\",\n \"created_at\": \"2011-01-26T19:01:12Z\",\n \"updated_at\": \"2011-01-26T19:14:43Z\",\n \"permissions\": {\n \"admin\": false,\n \"push\": false,\n \"pull\": true\n },\n \"temp_clone_token\": \"ABTLWHOULUVAXGTRYU7OC2876QJ2O\",\n \"delete_branch_on_merge\": true,\n \"subscribers_count\": 42,\n \"network_count\": 0\n },\n \"head_commit\": {\n \"id\": \"7fd1a60b01f91b314f59955a4e4d4e80d8edf11d\",\n \"tree_id\": \"7fd1a60b01f91b314f59955a4e4d4e80d8edf11d\",\n \"message\": \"Merge pull request #6 from Spaceghost/patch-1\\n\\nNew line at end of file.\",\n \"timestamp\": \"2016-10-10T00:00:00Z\",\n \"author\": {\n \"name\": \"The Octocat\",\n \"email\": \"octocat@nowhere.com\"\n },\n \"committer\": {\n \"name\": \"The Octocat\",\n \"email\": \"octocat@nowhere.com\"\n }\n },\n \"latest_check_runs_count\": 1,\n \"check_runs_url\": \"https://api.github.com/repos/octocat/Hello-World/check-suites/5/check-runs\"\n}" }, { @@ -30050,6 +30176,350 @@ } ] }, + "deploy_keys": { + "deploy_keys": [ + { + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "per_page", + "description": "Results per page (max 100)", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + }, + "descriptionHTML": "

Results per page (max 100)

" + }, + { + "name": "page", + "description": "Page number of the results to fetch.", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + }, + "descriptionHTML": "

Page number of the results to fetch.

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world'\n})" + } + ], + "summary": "List deploy keys", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "list-deploy-keys", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "", + "bodyParameters": [], + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "[\n {\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n }\n]" + } + ] + }, + { + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/keys", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys \\\n -d '{\"key\":\"key\"}'" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('POST /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world',\n key: 'key'\n})" + } + ], + "summary": "Create a deploy key", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "title": { + "type": "string", + "description": "

A name for the key.

", + "name": "title", + "in": "body", + "rawType": "string", + "rawDescription": "A name for the key.", + "childParamsGroups": [] + }, + "key": { + "type": "string", + "description": "

Required. The contents of the key.

", + "name": "key", + "in": "body", + "rawType": "string", + "rawDescription": "The contents of the key.", + "childParamsGroups": [] + }, + "read_only": { + "type": "boolean", + "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", + "name": "read_only", + "in": "body", + "rawType": "boolean", + "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", + "childParamsGroups": [] + } + }, + "required": [ + "key" + ] + }, + "example": { + "title": "octocat@octomac", + "key": "ssh-rsa AAA...", + "read_only": true + } + } + } + }, + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "create-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "

You can create a read-only deploy key.

", + "responses": [ + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "

Response

", + "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" + }, + { + "httpStatusCode": "422", + "httpStatusMessage": "Unprocessable Entity", + "description": "

Validation failed

" + } + ], + "bodyParameters": [ + { + "type": "string", + "description": "

A name for the key.

", + "name": "title", + "in": "body", + "rawType": "string", + "rawDescription": "A name for the key.", + "childParamsGroups": [] + }, + { + "type": "string", + "description": "

Required. The contents of the key.

", + "name": "key", + "in": "body", + "rawType": "string", + "rawDescription": "The contents of the key.", + "childParamsGroups": [] + }, + { + "type": "boolean", + "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", + "name": "read_only", + "in": "body", + "rawType": "boolean", + "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", + "childParamsGroups": [] + } + ] + }, + { + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "key_id", + "description": "key_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

key_id parameter

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" + } + ], + "summary": "Get a deploy key", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "get-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "", + "bodyParameters": [], + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" + }, + { + "httpStatusCode": "404", + "httpStatusMessage": "Not Found", + "description": "

Resource not found

" + } + ] + }, + { + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "key_id", + "description": "key_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

key_id parameter

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X DELETE \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('DELETE /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" + } + ], + "summary": "Delete a deploy key", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "delete-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "bodyParameters": [], + "descriptionHTML": "

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

", + "responses": [ + { + "httpStatusCode": "204", + "httpStatusMessage": "No Content", + "description": "

Response

" + } + ] + } + ] + }, "deployments": { "deployments": [ { @@ -31192,348 +31662,6 @@ ] } ], - "keys": [ - { - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "per_page", - "description": "Results per page (max 100)", - "in": "query", - "schema": { - "type": "integer", - "default": 30 - }, - "descriptionHTML": "

Results per page (max 100)

" - }, - { - "name": "page", - "description": "Page number of the results to fetch.", - "in": "query", - "schema": { - "type": "integer", - "default": 1 - }, - "descriptionHTML": "

Page number of the results to fetch.

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('GET /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world'\n})" - } - ], - "summary": "List deploy keys", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "list-deploy-keys", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "", - "bodyParameters": [], - "responses": [ - { - "httpStatusCode": "200", - "httpStatusMessage": "OK", - "description": "

Response

", - "payload": "[\n {\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n }\n]" - } - ] - }, - { - "verb": "post", - "requestPath": "/repos/{owner}/{repo}/keys", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys \\\n -d '{\"key\":\"key\"}'" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('POST /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world',\n key: 'key'\n})" - } - ], - "summary": "Create a deploy key", - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "title": { - "type": "string", - "description": "

A name for the key.

", - "name": "title", - "in": "body", - "rawType": "string", - "rawDescription": "A name for the key.", - "childParamsGroups": [] - }, - "key": { - "type": "string", - "description": "

Required. The contents of the key.

", - "name": "key", - "in": "body", - "rawType": "string", - "rawDescription": "The contents of the key.", - "childParamsGroups": [] - }, - "read_only": { - "type": "boolean", - "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", - "name": "read_only", - "in": "body", - "rawType": "boolean", - "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", - "childParamsGroups": [] - } - }, - "required": [ - "key" - ] - }, - "example": { - "title": "octocat@octomac", - "key": "ssh-rsa AAA...", - "read_only": true - } - } - } - }, - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "create-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "

You can create a read-only deploy key.

", - "responses": [ - { - "httpStatusCode": "201", - "httpStatusMessage": "Created", - "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" - }, - { - "httpStatusCode": "422", - "httpStatusMessage": "Unprocessable Entity", - "description": "

Validation failed

" - } - ], - "bodyParameters": [ - { - "type": "string", - "description": "

A name for the key.

", - "name": "title", - "in": "body", - "rawType": "string", - "rawDescription": "A name for the key.", - "childParamsGroups": [] - }, - { - "type": "string", - "description": "

Required. The contents of the key.

", - "name": "key", - "in": "body", - "rawType": "string", - "rawDescription": "The contents of the key.", - "childParamsGroups": [] - }, - { - "type": "boolean", - "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", - "name": "read_only", - "in": "body", - "rawType": "boolean", - "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", - "childParamsGroups": [] - } - ] - }, - { - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "key_id", - "description": "key_id parameter", - "in": "path", - "required": true, - "schema": { - "type": "integer" - }, - "descriptionHTML": "

key_id parameter

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('GET /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" - } - ], - "summary": "Get a deploy key", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "get-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "", - "bodyParameters": [], - "responses": [ - { - "httpStatusCode": "200", - "httpStatusMessage": "OK", - "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" - }, - { - "httpStatusCode": "404", - "httpStatusMessage": "Not Found", - "description": "

Resource not found

" - } - ] - }, - { - "verb": "delete", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "key_id", - "description": "key_id parameter", - "in": "path", - "required": true, - "schema": { - "type": "integer" - }, - "descriptionHTML": "

key_id parameter

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -X DELETE \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('DELETE /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" - } - ], - "summary": "Delete a deploy key", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "delete-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "bodyParameters": [], - "descriptionHTML": "

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

", - "responses": [ - { - "httpStatusCode": "204", - "httpStatusMessage": "No Content", - "description": "

Response

" - } - ] - } - ], "statuses": [ { "verb": "get", @@ -33881,7 +34009,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" + "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"aqueduct jobs\",\n \"number\": 34\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" } ] }, @@ -33942,7 +34070,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" + "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"aqueduct jobs\",\n \"number\": 34\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" } ], "bodyParameters": [ @@ -47315,6 +47443,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -47516,6 +47649,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -48123,7 +48261,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "Default response", - "payload": "{\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"twitter_username\": \"github\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"updated_at\": \"2014-03-03T18:58:10Z\",\n \"type\": \"Organization\",\n \"total_private_repos\": 100,\n \"owned_private_repos\": 100,\n \"private_gists\": 81,\n \"disk_usage\": 10000,\n \"collaborators\": 8,\n \"billing_email\": \"mona@github.com\",\n \"plan\": {\n \"name\": \"Medium\",\n \"space\": 400,\n \"private_repos\": 20,\n \"filled_seats\": 4,\n \"seats\": 5\n },\n \"default_repository_permission\": \"read\",\n \"members_can_create_repositories\": true,\n \"two_factor_requirement_enabled\": true,\n \"members_allowed_repository_creation_type\": \"all\",\n \"members_can_create_public_repositories\": false,\n \"members_can_create_private_repositories\": false,\n \"members_can_create_internal_repositories\": false,\n \"members_can_create_pages\": true,\n \"members_can_fork_private_repositories\": false\n}" + "payload": "{\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"twitter_username\": \"github\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"updated_at\": \"2014-03-03T18:58:10Z\",\n \"type\": \"Organization\",\n \"total_private_repos\": 100,\n \"owned_private_repos\": 100,\n \"private_gists\": 81,\n \"disk_usage\": 10000,\n \"collaborators\": 8,\n \"billing_email\": \"mona@github.com\",\n \"plan\": {\n \"name\": \"Medium\",\n \"space\": 400,\n \"private_repos\": 20,\n \"filled_seats\": 4,\n \"seats\": 5\n },\n \"default_repository_permission\": \"read\",\n \"members_can_create_repositories\": true,\n \"two_factor_requirement_enabled\": true,\n \"members_allowed_repository_creation_type\": \"all\",\n \"members_can_create_public_repositories\": false,\n \"members_can_create_private_repositories\": false,\n \"members_can_create_internal_repositories\": false,\n \"members_can_create_pages\": true\n}" }, { "httpStatusCode": "404", @@ -48323,16 +48461,6 @@ "rawDescription": "Toggles whether organization members can create GitHub Pages sites. Can be one of: \n\\* `true` - all organization members can create GitHub Pages sites. \n\\* `false` - no organization members can create GitHub Pages sites. Existing published sites will not be impacted.", "childParamsGroups": [] }, - "members_can_fork_private_repositories": { - "type": "boolean", - "description": "

Toggles whether organization members can fork private organization repositories. Can be one of:
\n* true - all organization members can fork private repositories within the organization.
\n* false - no organization members can fork private repositories within the organization.

", - "default": false, - "name": "members_can_fork_private_repositories", - "in": "body", - "rawType": "boolean", - "rawDescription": "Toggles whether organization members can fork private organization repositories. Can be one of: \n\\* `true` - all organization members can fork private repositories within the organization. \n\\* `false` - no organization members can fork private repositories within the organization.", - "childParamsGroups": [] - }, "blog": { "type": "string", "example": "\"http://github.blog\"", @@ -48378,7 +48506,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"twitter_username\": \"github\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"type\": \"Organization\",\n \"total_private_repos\": 100,\n \"owned_private_repos\": 100,\n \"private_gists\": 81,\n \"disk_usage\": 10000,\n \"collaborators\": 8,\n \"billing_email\": \"mona@github.com\",\n \"plan\": {\n \"name\": \"Medium\",\n \"space\": 400,\n \"private_repos\": 20\n },\n \"default_repository_permission\": \"read\",\n \"members_can_create_repositories\": true,\n \"two_factor_requirement_enabled\": true,\n \"members_allowed_repository_creation_type\": \"all\",\n \"members_can_create_public_repositories\": false,\n \"members_can_create_private_repositories\": false,\n \"members_can_create_internal_repositories\": false,\n \"members_can_create_pages\": true,\n \"members_can_create_public_pages\": true,\n \"members_can_create_private_pages\": true,\n \"members_can_fork_private_repositories\": false,\n \"updated_at\": \"2014-03-03T18:58:10Z\"\n}" + "payload": "{\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"twitter_username\": \"github\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"type\": \"Organization\",\n \"total_private_repos\": 100,\n \"owned_private_repos\": 100,\n \"private_gists\": 81,\n \"disk_usage\": 10000,\n \"collaborators\": 8,\n \"billing_email\": \"mona@github.com\",\n \"plan\": {\n \"name\": \"Medium\",\n \"space\": 400,\n \"private_repos\": 20\n },\n \"default_repository_permission\": \"read\",\n \"members_can_create_repositories\": true,\n \"two_factor_requirement_enabled\": true,\n \"members_allowed_repository_creation_type\": \"all\",\n \"members_can_create_public_repositories\": false,\n \"members_can_create_private_repositories\": false,\n \"members_can_create_internal_repositories\": false,\n \"members_can_create_pages\": true,\n \"members_can_create_public_pages\": true,\n \"members_can_create_private_pages\": true,\n \"updated_at\": \"2014-03-03T18:58:10Z\"\n}" }, { "httpStatusCode": "409", @@ -48550,16 +48678,6 @@ "rawDescription": "Toggles whether organization members can create GitHub Pages sites. Can be one of: \n\\* `true` - all organization members can create GitHub Pages sites. \n\\* `false` - no organization members can create GitHub Pages sites. Existing published sites will not be impacted.", "childParamsGroups": [] }, - { - "type": "boolean", - "description": "

Toggles whether organization members can fork private organization repositories. Can be one of:
\n* true - all organization members can fork private repositories within the organization.
\n* false - no organization members can fork private repositories within the organization.

", - "default": false, - "name": "members_can_fork_private_repositories", - "in": "body", - "rawType": "boolean", - "rawDescription": "Toggles whether organization members can fork private organization repositories. Can be one of: \n\\* `true` - all organization members can fork private repositories within the organization. \n\\* `false` - no organization members can fork private repositories within the organization.", - "childParamsGroups": [] - }, { "type": "string", "example": "\"http://github.blog\"", @@ -56861,16 +56979,6 @@ ] }, "examples": { - "example-for-a-single-line-comment": { - "summary": "Example for a single-line comment", - "value": { - "body": "Let's add this deleted line back.", - "commit_id": "6dcb09b5b57875f334f61aebed695e2e4193db5e", - "path": "file1.txt", - "line": 5, - "side": "LEFT" - } - }, "example-for-a-multi-line-comment": { "summary": "Example for a multi-line comment", "value": { @@ -58981,8 +59089,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -59005,7 +59117,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

Response

", + "description": "

Response when the reaction type has already been added to this team discussion comment

", "payload": "{\n \"id\": 1,\n \"node_id\": \"MDg6UmVhY3Rpb24x\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"content\": \"heart\",\n \"created_at\": \"2016-05-20T20:09:31Z\"\n}" }, { @@ -59308,8 +59420,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -59704,7 +59820,11 @@ ] }, "example": { - "content": "heart" + "default": { + "value": { + "content": "heart" + } + } } } } @@ -60036,8 +60156,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -60369,8 +60493,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -60697,8 +60825,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -61026,8 +61158,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -70465,10 +70601,14 @@ "name" ] }, - "example": { - "name": "new team name", - "description": "new team description", - "privacy": "closed" + "examples": { + "default": { + "value": { + "name": "new team name", + "description": "new team description", + "privacy": "closed" + } + } } } } @@ -70489,7 +70629,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

Response

", + "description": "

Response when the updated information already exists

", "payload": "{\n \"id\": 1,\n \"node_id\": \"MDQ6VGVhbTE=\",\n \"url\": \"https://api.github.com/teams/1\",\n \"html_url\": \"https://github.com/orgs/github/teams/justice-league\",\n \"name\": \"Justice League\",\n \"slug\": \"justice-league\",\n \"description\": \"A great team.\",\n \"privacy\": \"closed\",\n \"permission\": \"admin\",\n \"members_url\": \"https://api.github.com/teams/1/members{/member}\",\n \"repositories_url\": \"https://api.github.com/teams/1/repos\",\n \"members_count\": 3,\n \"repos_count\": 10,\n \"created_at\": \"2017-07-14T16:53:42Z\",\n \"updated_at\": \"2017-08-17T12:37:15Z\",\n \"organization\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"updated_at\": \"2017-08-17T12:37:15Z\",\n \"type\": \"Organization\"\n },\n \"ldap_dn\": \"uid=asdf,ou=users,dc=github,dc=com\"\n}" }, { diff --git a/lib/rest/static/decorated/ghes-3.3.json b/lib/rest/static/decorated/ghes-3.3.json index 0fab584b6b..cabcc4ad29 100644 --- a/lib/rest/static/decorated/ghes-3.3.json +++ b/lib/rest/static/decorated/ghes-3.3.json @@ -10705,17 +10705,6 @@ } ], "summary": "Create a GitHub App from a manifest", - "requestBody": { - "required": false, - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false - } - } - } - }, "x-github": { "enabledForGitHubApps": false, "category": "apps", @@ -10834,6 +10823,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -10890,6 +10884,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -10940,6 +10939,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -11822,6 +11826,17 @@ ] } } + }, + "examples": { + "default": { + "value": { + "respoitory": "Hello-World", + "permissions": { + "issues": "write", + "contents": "read" + } + } + } } } } @@ -12744,6 +12759,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -12794,6 +12814,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -13404,6 +13429,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -13485,6 +13515,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -13554,6 +13589,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -13625,6 +13665,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -13712,6 +13757,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -13769,6 +13819,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -13803,6 +13858,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -13822,7 +13884,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" }, { "httpStatusCode": "404", @@ -13859,6 +13921,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -13893,6 +13960,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -13912,7 +13986,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" }, { "httpStatusCode": "422", @@ -13944,6 +14018,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -14031,6 +14110,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -14946,6 +15030,19 @@ "required": [ "access_token" ] + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a", + "target": "octocat", + "permissions": { + "metadata": "read", + "issues": "write", + "contents": "read" + } + } + } } } } @@ -14965,7 +15062,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"installation\": {\n \"permissions\": {\n \"metadata\": \"read\",\n \"issues\": \"write\",\n \"contents\": \"read\"\n },\n \"repository_selection\": \"selected\",\n \"single_file_name\": \".github/workflow.yml\",\n \"repositories_url\": \"https://api.github.com/user/repos\",\n \"account\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"has_multiple_single_files\": false,\n \"single_file_paths\": []\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"installation\": {\n \"permissions\": {\n \"metadata\": \"read\",\n \"issues\": \"write\",\n \"contents\": \"read\"\n },\n \"repository_selection\": \"selected\",\n \"single_file_name\": \".github/workflow.yml\",\n \"repositories_url\": \"https://api.github.com/user/repos\",\n \"account\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"has_multiple_single_files\": false,\n \"single_file_paths\": []\n }\n}" }, { "httpStatusCode": "401", @@ -15893,6 +15990,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -15935,7 +16037,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" }, { "httpStatusCode": "404", @@ -15956,6 +16058,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -15998,7 +16105,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" } ] }, @@ -16014,6 +16121,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -16166,12 +16278,16 @@ "description": "

Determines whether the SSL certificate of the host for url will be verified when delivering payloads. Supported values include 0 (verification is performed) and 1 (verification is not performed). The default is 0. We strongly recommend not setting this to 1 as you are subject to man-in-the-middle and other attacks.

", "childParamsGroups": [] } - }, - "example": { - "content_type": "json", - "insecure_ssl": "0", - "secret": "********", - "url": "https://example.com/webhook" + } + }, + "examples": { + "default": { + "value": { + "content_type": "json", + "insecure_ssl": "0", + "secret": "********", + "url": "https://example.com/webhook" + } } } } @@ -22634,7 +22750,13 @@ "httpStatusCode": "201", "httpStatusMessage": "Created", "description": "Response for completed conclusion", - "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": \"2018-05-04T01:14:52Z\",\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" + "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"42\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": \"2018-05-04T01:14:52Z\",\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" + }, + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "Response for completed conclusion", + "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"42\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"in_progress\",\n \"conclusion\": null,\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": null,\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" } ], "bodyParameters": [ @@ -26156,8 +26278,12 @@ "head_sha" ] }, - "example": { - "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + "examples": { + "default": { + "value": { + "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + } + } } } } @@ -26176,7 +26302,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

when the suite already existed

", + "description": "

Response when the suite already exists

", "payload": "{\n \"id\": 5,\n \"node_id\": \"MDEwOkNoZWNrU3VpdGU1\",\n \"head_branch\": \"master\",\n \"head_sha\": \"d6fde92930d4715a2b49857d24b940956b26d2d3\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-suites/5\",\n \"before\": \"146e867f55c26428e5f9fade55a9bbf5e95a7912\",\n \"after\": \"d6fde92930d4715a2b49857d24b940956b26d2d3\",\n \"pull_requests\": [],\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"repository\": {\n \"id\": 1296269,\n \"node_id\": \"MDEwOlJlcG9zaXRvcnkxMjk2MjY5\",\n \"name\": \"Hello-World\",\n \"full_name\": \"octocat/Hello-World\",\n \"template_repository\": {\n \"id\": 1296269,\n \"node_id\": \"MDEwOlJlcG9zaXRvcnkxMjk2MjY5\",\n \"name\": \"Hello-World-Template\",\n \"full_name\": \"octocat/Hello-World-Template\",\n \"owner\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"private\": false,\n \"html_url\": \"https://github.com/octocat/Hello-World-Template\",\n \"description\": \"This your first repo!\",\n \"fork\": false,\n \"url\": \"https://api.github.com/repos/octocat/Hello-World-Template\",\n \"archive_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/{archive_format}{/ref}\",\n \"assignees_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/assignees{/user}\",\n \"blobs_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/blobs{/sha}\",\n \"branches_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/branches{/branch}\",\n \"collaborators_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/collaborators{/collaborator}\",\n \"comments_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/comments{/number}\",\n \"commits_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/commits{/sha}\",\n \"compare_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/compare/{base}...{head}\",\n \"contents_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/contents/{+path}\",\n \"contributors_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/contributors\",\n \"deployments_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/deployments\",\n \"downloads_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/downloads\",\n \"events_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/events\",\n \"forks_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/forks\",\n \"git_commits_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/commits{/sha}\",\n \"git_refs_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/refs{/sha}\",\n \"git_tags_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/tags{/sha}\",\n \"git_url\": \"git:github.com/octocat/Hello-World-Template.git\",\n \"issue_comment_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues/comments{/number}\",\n \"issue_events_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues/events{/number}\",\n \"issues_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues{/number}\",\n \"keys_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/keys{/key_id}\",\n \"labels_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/labels{/name}\",\n \"languages_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/languages\",\n \"merges_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/merges\",\n \"milestones_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/milestones{/number}\",\n \"notifications_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/notifications{?since,all,participating}\",\n \"pulls_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/pulls{/number}\",\n \"releases_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/releases{/id}\",\n \"ssh_url\": \"git@github.com:octocat/Hello-World-Template.git\",\n \"stargazers_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/stargazers\",\n \"statuses_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/statuses/{sha}\",\n \"subscribers_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/subscribers\",\n \"subscription_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/subscription\",\n \"tags_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/tags\",\n \"teams_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/teams\",\n \"trees_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/trees{/sha}\",\n \"clone_url\": \"https://github.com/octocat/Hello-World-Template.git\",\n \"mirror_url\": \"git:git.example.com/octocat/Hello-World-Template\",\n \"hooks_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/hooks\",\n \"svn_url\": \"https://svn.github.com/octocat/Hello-World-Template\",\n \"homepage\": \"https://github.com\",\n \"language\": null,\n \"forks\": 9,\n \"forks_count\": 9,\n \"stargazers_count\": 80,\n \"watchers_count\": 80,\n \"watchers\": 80,\n \"size\": 108,\n \"default_branch\": \"master\",\n \"open_issues\": 0,\n \"open_issues_count\": 0,\n \"is_template\": true,\n \"license\": {\n \"key\": \"mit\",\n \"name\": \"MIT License\",\n \"url\": \"https://api.github.com/licenses/mit\",\n \"spdx_id\": \"MIT\",\n \"node_id\": \"MDc6TGljZW5zZW1pdA==\",\n \"html_url\": \"https://api.github.com/licenses/mit\"\n },\n \"topics\": [\n \"octocat\",\n \"atom\",\n \"electron\",\n \"api\"\n ],\n \"has_issues\": true,\n \"has_projects\": true,\n \"has_wiki\": true,\n \"has_pages\": false,\n \"has_downloads\": true,\n \"archived\": false,\n \"disabled\": false,\n \"visibility\": \"public\",\n \"pushed_at\": \"2011-01-26T19:06:43Z\",\n \"created_at\": \"2011-01-26T19:01:12Z\",\n \"updated_at\": \"2011-01-26T19:14:43Z\",\n \"permissions\": {\n \"admin\": false,\n \"push\": false,\n \"pull\": true\n },\n \"allow_rebase_merge\": true,\n \"temp_clone_token\": \"ABTLWHOULUVAXGTRYU7OC2876QJ2O\",\n \"allow_squash_merge\": true,\n \"allow_auto_merge\": false,\n \"delete_branch_on_merge\": true,\n \"allow_merge_commit\": true,\n \"subscribers_count\": 42,\n \"network_count\": 0\n },\n \"owner\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"private\": false,\n \"html_url\": \"https://github.com/octocat/Hello-World\",\n \"description\": \"This your first repo!\",\n \"fork\": false,\n \"url\": \"https://api.github.com/repos/octocat/Hello-World\",\n \"archive_url\": \"https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}\",\n \"assignees_url\": \"https://api.github.com/repos/octocat/Hello-World/assignees{/user}\",\n \"blobs_url\": \"https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}\",\n \"branches_url\": \"https://api.github.com/repos/octocat/Hello-World/branches{/branch}\",\n \"collaborators_url\": \"https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}\",\n \"comments_url\": \"https://api.github.com/repos/octocat/Hello-World/comments{/number}\",\n \"commits_url\": \"https://api.github.com/repos/octocat/Hello-World/commits{/sha}\",\n \"compare_url\": \"https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}\",\n \"contents_url\": \"https://api.github.com/repos/octocat/Hello-World/contents/{+path}\",\n \"contributors_url\": \"https://api.github.com/repos/octocat/Hello-World/contributors\",\n \"deployments_url\": \"https://api.github.com/repos/octocat/Hello-World/deployments\",\n \"downloads_url\": \"https://api.github.com/repos/octocat/Hello-World/downloads\",\n \"events_url\": \"https://api.github.com/repos/octocat/Hello-World/events\",\n \"forks_url\": \"https://api.github.com/repos/octocat/Hello-World/forks\",\n \"git_commits_url\": \"https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}\",\n \"git_refs_url\": \"https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}\",\n \"git_tags_url\": \"https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}\",\n \"git_url\": \"git:github.com/octocat/Hello-World.git\",\n \"issue_comment_url\": \"https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}\",\n \"issue_events_url\": \"https://api.github.com/repos/octocat/Hello-World/issues/events{/number}\",\n \"issues_url\": \"https://api.github.com/repos/octocat/Hello-World/issues{/number}\",\n \"keys_url\": \"https://api.github.com/repos/octocat/Hello-World/keys{/key_id}\",\n \"labels_url\": \"https://api.github.com/repos/octocat/Hello-World/labels{/name}\",\n \"languages_url\": \"https://api.github.com/repos/octocat/Hello-World/languages\",\n \"merges_url\": \"https://api.github.com/repos/octocat/Hello-World/merges\",\n \"milestones_url\": \"https://api.github.com/repos/octocat/Hello-World/milestones{/number}\",\n \"notifications_url\": \"https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}\",\n \"pulls_url\": \"https://api.github.com/repos/octocat/Hello-World/pulls{/number}\",\n \"releases_url\": \"https://api.github.com/repos/octocat/Hello-World/releases{/id}\",\n \"ssh_url\": \"git@github.com:octocat/Hello-World.git\",\n \"stargazers_url\": \"https://api.github.com/repos/octocat/Hello-World/stargazers\",\n \"statuses_url\": \"https://api.github.com/repos/octocat/Hello-World/statuses/{sha}\",\n \"subscribers_url\": \"https://api.github.com/repos/octocat/Hello-World/subscribers\",\n \"subscription_url\": \"https://api.github.com/repos/octocat/Hello-World/subscription\",\n \"tags_url\": \"https://api.github.com/repos/octocat/Hello-World/tags\",\n \"teams_url\": \"https://api.github.com/repos/octocat/Hello-World/teams\",\n \"trees_url\": \"https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}\",\n \"clone_url\": \"https://github.com/octocat/Hello-World.git\",\n \"mirror_url\": \"git:git.example.com/octocat/Hello-World\",\n \"hooks_url\": \"https://api.github.com/repos/octocat/Hello-World/hooks\",\n \"svn_url\": \"https://svn.github.com/octocat/Hello-World\",\n \"homepage\": \"https://github.com\",\n \"language\": null,\n \"forks_count\": 9,\n \"stargazers_count\": 80,\n \"watchers_count\": 80,\n \"size\": 108,\n \"default_branch\": \"master\",\n \"open_issues_count\": 0,\n \"is_template\": false,\n \"topics\": [\n \"octocat\",\n \"atom\",\n \"electron\",\n \"api\"\n ],\n \"has_issues\": true,\n \"has_projects\": true,\n \"has_wiki\": true,\n \"has_pages\": false,\n \"has_downloads\": true,\n \"archived\": false,\n \"disabled\": false,\n \"visibility\": \"public\",\n \"pushed_at\": \"2011-01-26T19:06:43Z\",\n \"created_at\": \"2011-01-26T19:01:12Z\",\n \"updated_at\": \"2011-01-26T19:14:43Z\",\n \"permissions\": {\n \"admin\": false,\n \"push\": false,\n \"pull\": true\n },\n \"temp_clone_token\": \"ABTLWHOULUVAXGTRYU7OC2876QJ2O\",\n \"delete_branch_on_merge\": true,\n \"subscribers_count\": 42,\n \"network_count\": 0\n },\n \"head_commit\": {\n \"id\": \"7fd1a60b01f91b314f59955a4e4d4e80d8edf11d\",\n \"tree_id\": \"7fd1a60b01f91b314f59955a4e4d4e80d8edf11d\",\n \"message\": \"Merge pull request #6 from Spaceghost/patch-1\\n\\nNew line at end of file.\",\n \"timestamp\": \"2016-10-10T00:00:00Z\",\n \"author\": {\n \"name\": \"The Octocat\",\n \"email\": \"octocat@nowhere.com\"\n },\n \"committer\": {\n \"name\": \"The Octocat\",\n \"email\": \"octocat@nowhere.com\"\n }\n },\n \"latest_check_runs_count\": 1,\n \"check_runs_url\": \"https://api.github.com/repos/octocat/Hello-World/check-suites/5/check-runs\"\n}" }, { @@ -30151,6 +30277,350 @@ } ] }, + "deploy_keys": { + "deploy_keys": [ + { + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "per_page", + "description": "Results per page (max 100)", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + }, + "descriptionHTML": "

Results per page (max 100)

" + }, + { + "name": "page", + "description": "Page number of the results to fetch.", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + }, + "descriptionHTML": "

Page number of the results to fetch.

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world'\n})" + } + ], + "summary": "List deploy keys", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "list-deploy-keys", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "", + "bodyParameters": [], + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "[\n {\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n }\n]" + } + ] + }, + { + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/keys", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys \\\n -d '{\"key\":\"key\"}'" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('POST /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world',\n key: 'key'\n})" + } + ], + "summary": "Create a deploy key", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "title": { + "type": "string", + "description": "

A name for the key.

", + "name": "title", + "in": "body", + "rawType": "string", + "rawDescription": "A name for the key.", + "childParamsGroups": [] + }, + "key": { + "type": "string", + "description": "

Required. The contents of the key.

", + "name": "key", + "in": "body", + "rawType": "string", + "rawDescription": "The contents of the key.", + "childParamsGroups": [] + }, + "read_only": { + "type": "boolean", + "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", + "name": "read_only", + "in": "body", + "rawType": "boolean", + "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", + "childParamsGroups": [] + } + }, + "required": [ + "key" + ] + }, + "example": { + "title": "octocat@octomac", + "key": "ssh-rsa AAA...", + "read_only": true + } + } + } + }, + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "create-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "

You can create a read-only deploy key.

", + "responses": [ + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "

Response

", + "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" + }, + { + "httpStatusCode": "422", + "httpStatusMessage": "Unprocessable Entity", + "description": "

Validation failed

" + } + ], + "bodyParameters": [ + { + "type": "string", + "description": "

A name for the key.

", + "name": "title", + "in": "body", + "rawType": "string", + "rawDescription": "A name for the key.", + "childParamsGroups": [] + }, + { + "type": "string", + "description": "

Required. The contents of the key.

", + "name": "key", + "in": "body", + "rawType": "string", + "rawDescription": "The contents of the key.", + "childParamsGroups": [] + }, + { + "type": "boolean", + "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", + "name": "read_only", + "in": "body", + "rawType": "boolean", + "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", + "childParamsGroups": [] + } + ] + }, + { + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "key_id", + "description": "key_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

key_id parameter

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" + } + ], + "summary": "Get a deploy key", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "get-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "", + "bodyParameters": [], + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" + }, + { + "httpStatusCode": "404", + "httpStatusMessage": "Not Found", + "description": "

Resource not found

" + } + ] + }, + { + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "key_id", + "description": "key_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

key_id parameter

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X DELETE \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('DELETE /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" + } + ], + "summary": "Delete a deploy key", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "delete-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "bodyParameters": [], + "descriptionHTML": "

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

", + "responses": [ + { + "httpStatusCode": "204", + "httpStatusMessage": "No Content", + "description": "

Response

" + } + ] + } + ] + }, "deployments": { "deployments": [ { @@ -31271,348 +31741,6 @@ ] } ], - "keys": [ - { - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "per_page", - "description": "Results per page (max 100)", - "in": "query", - "schema": { - "type": "integer", - "default": 30 - }, - "descriptionHTML": "

Results per page (max 100)

" - }, - { - "name": "page", - "description": "Page number of the results to fetch.", - "in": "query", - "schema": { - "type": "integer", - "default": 1 - }, - "descriptionHTML": "

Page number of the results to fetch.

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('GET /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world'\n})" - } - ], - "summary": "List deploy keys", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "list-deploy-keys", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "", - "bodyParameters": [], - "responses": [ - { - "httpStatusCode": "200", - "httpStatusMessage": "OK", - "description": "

Response

", - "payload": "[\n {\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n }\n]" - } - ] - }, - { - "verb": "post", - "requestPath": "/repos/{owner}/{repo}/keys", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys \\\n -d '{\"key\":\"key\"}'" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('POST /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world',\n key: 'key'\n})" - } - ], - "summary": "Create a deploy key", - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "title": { - "type": "string", - "description": "

A name for the key.

", - "name": "title", - "in": "body", - "rawType": "string", - "rawDescription": "A name for the key.", - "childParamsGroups": [] - }, - "key": { - "type": "string", - "description": "

Required. The contents of the key.

", - "name": "key", - "in": "body", - "rawType": "string", - "rawDescription": "The contents of the key.", - "childParamsGroups": [] - }, - "read_only": { - "type": "boolean", - "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", - "name": "read_only", - "in": "body", - "rawType": "boolean", - "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", - "childParamsGroups": [] - } - }, - "required": [ - "key" - ] - }, - "example": { - "title": "octocat@octomac", - "key": "ssh-rsa AAA...", - "read_only": true - } - } - } - }, - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "create-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "

You can create a read-only deploy key.

", - "responses": [ - { - "httpStatusCode": "201", - "httpStatusMessage": "Created", - "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" - }, - { - "httpStatusCode": "422", - "httpStatusMessage": "Unprocessable Entity", - "description": "

Validation failed

" - } - ], - "bodyParameters": [ - { - "type": "string", - "description": "

A name for the key.

", - "name": "title", - "in": "body", - "rawType": "string", - "rawDescription": "A name for the key.", - "childParamsGroups": [] - }, - { - "type": "string", - "description": "

Required. The contents of the key.

", - "name": "key", - "in": "body", - "rawType": "string", - "rawDescription": "The contents of the key.", - "childParamsGroups": [] - }, - { - "type": "boolean", - "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", - "name": "read_only", - "in": "body", - "rawType": "boolean", - "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", - "childParamsGroups": [] - } - ] - }, - { - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "key_id", - "description": "key_id parameter", - "in": "path", - "required": true, - "schema": { - "type": "integer" - }, - "descriptionHTML": "

key_id parameter

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('GET /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" - } - ], - "summary": "Get a deploy key", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "get-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "", - "bodyParameters": [], - "responses": [ - { - "httpStatusCode": "200", - "httpStatusMessage": "OK", - "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" - }, - { - "httpStatusCode": "404", - "httpStatusMessage": "Not Found", - "description": "

Resource not found

" - } - ] - }, - { - "verb": "delete", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "key_id", - "description": "key_id parameter", - "in": "path", - "required": true, - "schema": { - "type": "integer" - }, - "descriptionHTML": "

key_id parameter

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -X DELETE \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('DELETE /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" - } - ], - "summary": "Delete a deploy key", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "delete-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "bodyParameters": [], - "descriptionHTML": "

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

", - "responses": [ - { - "httpStatusCode": "204", - "httpStatusMessage": "No Content", - "description": "

Response

" - } - ] - } - ], "statuses": [ { "verb": "get", @@ -33966,7 +34094,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" + "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"aqueduct jobs\",\n \"number\": 34\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" } ] }, @@ -34027,7 +34155,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" + "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"aqueduct jobs\",\n \"number\": 34\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" } ], "bodyParameters": [ @@ -47189,6 +47317,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -47390,6 +47523,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -47992,7 +48130,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "Default response", - "payload": "{\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"twitter_username\": \"github\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"updated_at\": \"2014-03-03T18:58:10Z\",\n \"type\": \"Organization\",\n \"total_private_repos\": 100,\n \"owned_private_repos\": 100,\n \"private_gists\": 81,\n \"disk_usage\": 10000,\n \"collaborators\": 8,\n \"billing_email\": \"mona@github.com\",\n \"plan\": {\n \"name\": \"Medium\",\n \"space\": 400,\n \"private_repos\": 20,\n \"filled_seats\": 4,\n \"seats\": 5\n },\n \"default_repository_permission\": \"read\",\n \"members_can_create_repositories\": true,\n \"two_factor_requirement_enabled\": true,\n \"members_allowed_repository_creation_type\": \"all\",\n \"members_can_create_public_repositories\": false,\n \"members_can_create_private_repositories\": false,\n \"members_can_create_internal_repositories\": false,\n \"members_can_create_pages\": true,\n \"members_can_fork_private_repositories\": false\n}" + "payload": "{\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"twitter_username\": \"github\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"updated_at\": \"2014-03-03T18:58:10Z\",\n \"type\": \"Organization\",\n \"total_private_repos\": 100,\n \"owned_private_repos\": 100,\n \"private_gists\": 81,\n \"disk_usage\": 10000,\n \"collaborators\": 8,\n \"billing_email\": \"mona@github.com\",\n \"plan\": {\n \"name\": \"Medium\",\n \"space\": 400,\n \"private_repos\": 20,\n \"filled_seats\": 4,\n \"seats\": 5\n },\n \"default_repository_permission\": \"read\",\n \"members_can_create_repositories\": true,\n \"two_factor_requirement_enabled\": true,\n \"members_allowed_repository_creation_type\": \"all\",\n \"members_can_create_public_repositories\": false,\n \"members_can_create_private_repositories\": false,\n \"members_can_create_internal_repositories\": false,\n \"members_can_create_pages\": true\n}" }, { "httpStatusCode": "404", @@ -48192,16 +48330,6 @@ "rawDescription": "Toggles whether organization members can create GitHub Pages sites. Can be one of: \n\\* `true` - all organization members can create GitHub Pages sites. \n\\* `false` - no organization members can create GitHub Pages sites. Existing published sites will not be impacted.", "childParamsGroups": [] }, - "members_can_fork_private_repositories": { - "type": "boolean", - "description": "

Toggles whether organization members can fork private organization repositories. Can be one of:
\n* true - all organization members can fork private repositories within the organization.
\n* false - no organization members can fork private repositories within the organization.

", - "default": false, - "name": "members_can_fork_private_repositories", - "in": "body", - "rawType": "boolean", - "rawDescription": "Toggles whether organization members can fork private organization repositories. Can be one of: \n\\* `true` - all organization members can fork private repositories within the organization. \n\\* `false` - no organization members can fork private repositories within the organization.", - "childParamsGroups": [] - }, "blog": { "type": "string", "example": "\"http://github.blog\"", @@ -48242,7 +48370,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"twitter_username\": \"github\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"type\": \"Organization\",\n \"total_private_repos\": 100,\n \"owned_private_repos\": 100,\n \"private_gists\": 81,\n \"disk_usage\": 10000,\n \"collaborators\": 8,\n \"billing_email\": \"mona@github.com\",\n \"plan\": {\n \"name\": \"Medium\",\n \"space\": 400,\n \"private_repos\": 20\n },\n \"default_repository_permission\": \"read\",\n \"members_can_create_repositories\": true,\n \"two_factor_requirement_enabled\": true,\n \"members_allowed_repository_creation_type\": \"all\",\n \"members_can_create_public_repositories\": false,\n \"members_can_create_private_repositories\": false,\n \"members_can_create_internal_repositories\": false,\n \"members_can_create_pages\": true,\n \"members_can_create_public_pages\": true,\n \"members_can_create_private_pages\": true,\n \"members_can_fork_private_repositories\": false,\n \"updated_at\": \"2014-03-03T18:58:10Z\"\n}" + "payload": "{\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"twitter_username\": \"github\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"type\": \"Organization\",\n \"total_private_repos\": 100,\n \"owned_private_repos\": 100,\n \"private_gists\": 81,\n \"disk_usage\": 10000,\n \"collaborators\": 8,\n \"billing_email\": \"mona@github.com\",\n \"plan\": {\n \"name\": \"Medium\",\n \"space\": 400,\n \"private_repos\": 20\n },\n \"default_repository_permission\": \"read\",\n \"members_can_create_repositories\": true,\n \"two_factor_requirement_enabled\": true,\n \"members_allowed_repository_creation_type\": \"all\",\n \"members_can_create_public_repositories\": false,\n \"members_can_create_private_repositories\": false,\n \"members_can_create_internal_repositories\": false,\n \"members_can_create_pages\": true,\n \"members_can_create_public_pages\": true,\n \"members_can_create_private_pages\": true,\n \"updated_at\": \"2014-03-03T18:58:10Z\"\n}" }, { "httpStatusCode": "409", @@ -48414,16 +48542,6 @@ "rawDescription": "Toggles whether organization members can create GitHub Pages sites. Can be one of: \n\\* `true` - all organization members can create GitHub Pages sites. \n\\* `false` - no organization members can create GitHub Pages sites. Existing published sites will not be impacted.", "childParamsGroups": [] }, - { - "type": "boolean", - "description": "

Toggles whether organization members can fork private organization repositories. Can be one of:
\n* true - all organization members can fork private repositories within the organization.
\n* false - no organization members can fork private repositories within the organization.

", - "default": false, - "name": "members_can_fork_private_repositories", - "in": "body", - "rawType": "boolean", - "rawDescription": "Toggles whether organization members can fork private organization repositories. Can be one of: \n\\* `true` - all organization members can fork private repositories within the organization. \n\\* `false` - no organization members can fork private repositories within the organization.", - "childParamsGroups": [] - }, { "type": "string", "example": "\"http://github.blog\"", @@ -56640,16 +56758,6 @@ ] }, "examples": { - "example-for-a-single-line-comment": { - "summary": "Example for a single-line comment", - "value": { - "body": "Let's add this deleted line back.", - "commit_id": "6dcb09b5b57875f334f61aebed695e2e4193db5e", - "path": "file1.txt", - "line": 5, - "side": "LEFT" - } - }, "example-for-a-multi-line-comment": { "summary": "Example for a multi-line comment", "value": { @@ -58749,8 +58857,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -58768,7 +58880,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

Response

", + "description": "

Response when the reaction type has already been added to this team discussion comment

", "payload": "{\n \"id\": 1,\n \"node_id\": \"MDg6UmVhY3Rpb24x\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"content\": \"heart\",\n \"created_at\": \"2016-05-20T20:09:31Z\"\n}" }, { @@ -59061,8 +59173,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -59437,7 +59553,11 @@ ] }, "example": { - "content": "heart" + "default": { + "value": { + "content": "heart" + } + } } } } @@ -59754,8 +59874,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -60072,8 +60196,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -60385,8 +60513,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -60699,8 +60831,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -70835,10 +70971,14 @@ "name" ] }, - "example": { - "name": "new team name", - "description": "new team description", - "privacy": "closed" + "examples": { + "default": { + "value": { + "name": "new team name", + "description": "new team description", + "privacy": "closed" + } + } } } } @@ -70859,7 +70999,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

Response

", + "description": "

Response when the updated information already exists

", "payload": "{\n \"id\": 1,\n \"node_id\": \"MDQ6VGVhbTE=\",\n \"url\": \"https://api.github.com/teams/1\",\n \"html_url\": \"https://github.com/orgs/github/teams/justice-league\",\n \"name\": \"Justice League\",\n \"slug\": \"justice-league\",\n \"description\": \"A great team.\",\n \"privacy\": \"closed\",\n \"permission\": \"admin\",\n \"members_url\": \"https://api.github.com/teams/1/members{/member}\",\n \"repositories_url\": \"https://api.github.com/teams/1/repos\",\n \"members_count\": 3,\n \"repos_count\": 10,\n \"created_at\": \"2017-07-14T16:53:42Z\",\n \"updated_at\": \"2017-08-17T12:37:15Z\",\n \"organization\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"updated_at\": \"2017-08-17T12:37:15Z\",\n \"type\": \"Organization\"\n },\n \"ldap_dn\": \"uid=asdf,ou=users,dc=github,dc=com\"\n}" }, { diff --git a/lib/rest/static/decorated/ghes-3.4.json b/lib/rest/static/decorated/ghes-3.4.json index d93e88a35c..80959f32c3 100644 --- a/lib/rest/static/decorated/ghes-3.4.json +++ b/lib/rest/static/decorated/ghes-3.4.json @@ -12035,17 +12035,6 @@ } ], "summary": "Create a GitHub App from a manifest", - "requestBody": { - "required": false, - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false - } - } - } - }, "x-github": { "enabledForGitHubApps": false, "category": "apps", @@ -12164,6 +12153,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -12220,6 +12214,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -12270,6 +12269,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -13126,6 +13130,17 @@ ] } } + }, + "examples": { + "default": { + "value": { + "respoitory": "Hello-World", + "permissions": { + "issues": "write", + "contents": "read" + } + } + } } } } @@ -14022,6 +14037,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -14072,6 +14092,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -14519,6 +14544,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -14600,6 +14630,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -14669,6 +14704,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -14740,6 +14780,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -14827,6 +14872,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -14861,6 +14911,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -14880,7 +14937,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" }, { "httpStatusCode": "404", @@ -14917,6 +14974,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -14951,6 +15013,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -14970,7 +15039,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" }, { "httpStatusCode": "422", @@ -15002,6 +15071,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -15089,6 +15163,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -15978,6 +16057,19 @@ "required": [ "access_token" ] + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a", + "target": "octocat", + "permissions": { + "metadata": "read", + "issues": "write", + "contents": "read" + } + } + } } } } @@ -15997,7 +16089,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"installation\": {\n \"permissions\": {\n \"metadata\": \"read\",\n \"issues\": \"write\",\n \"contents\": \"read\"\n },\n \"repository_selection\": \"selected\",\n \"single_file_name\": \".github/workflow.yml\",\n \"repositories_url\": \"https://api.github.com/user/repos\",\n \"account\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"has_multiple_single_files\": false,\n \"single_file_paths\": []\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"installation\": {\n \"permissions\": {\n \"metadata\": \"read\",\n \"issues\": \"write\",\n \"contents\": \"read\"\n },\n \"repository_selection\": \"selected\",\n \"single_file_name\": \".github/workflow.yml\",\n \"repositories_url\": \"https://api.github.com/user/repos\",\n \"account\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"has_multiple_single_files\": false,\n \"single_file_paths\": []\n }\n}" }, { "httpStatusCode": "401", @@ -16994,12 +17086,16 @@ "description": "

Determines whether the SSL certificate of the host for url will be verified when delivering payloads. Supported values include 0 (verification is performed) and 1 (verification is not performed). The default is 0. We strongly recommend not setting this to 1 as you are subject to man-in-the-middle and other attacks.

", "childParamsGroups": [] } - }, - "example": { - "content_type": "json", - "insecure_ssl": "0", - "secret": "********", - "url": "https://example.com/webhook" + } + }, + "examples": { + "default": { + "value": { + "content_type": "json", + "insecure_ssl": "0", + "secret": "********", + "url": "https://example.com/webhook" + } } } } @@ -24098,7 +24194,13 @@ "httpStatusCode": "201", "httpStatusMessage": "Created", "description": "Response for completed conclusion", - "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": \"2018-05-04T01:14:52Z\",\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" + "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"42\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": \"2018-05-04T01:14:52Z\",\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" + }, + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "Response for completed conclusion", + "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"42\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"in_progress\",\n \"conclusion\": null,\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": null,\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" } ], "bodyParameters": [ @@ -27614,8 +27716,12 @@ "head_sha" ] }, - "example": { - "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + "examples": { + "default": { + "value": { + "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + } + } } } } @@ -27634,7 +27740,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

when the suite already existed

", + "description": "

Response when the suite already exists

", "payload": "{\n \"id\": 5,\n \"node_id\": \"MDEwOkNoZWNrU3VpdGU1\",\n \"head_branch\": \"master\",\n \"head_sha\": \"d6fde92930d4715a2b49857d24b940956b26d2d3\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-suites/5\",\n \"before\": \"146e867f55c26428e5f9fade55a9bbf5e95a7912\",\n \"after\": \"d6fde92930d4715a2b49857d24b940956b26d2d3\",\n \"pull_requests\": [],\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"repository\": {\n \"id\": 1296269,\n \"node_id\": \"MDEwOlJlcG9zaXRvcnkxMjk2MjY5\",\n \"name\": \"Hello-World\",\n \"full_name\": \"octocat/Hello-World\",\n \"template_repository\": {\n \"id\": 1296269,\n \"node_id\": \"MDEwOlJlcG9zaXRvcnkxMjk2MjY5\",\n \"name\": \"Hello-World-Template\",\n \"full_name\": \"octocat/Hello-World-Template\",\n \"owner\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"private\": false,\n \"html_url\": \"https://github.com/octocat/Hello-World-Template\",\n \"description\": \"This your first repo!\",\n \"fork\": false,\n \"url\": \"https://api.github.com/repos/octocat/Hello-World-Template\",\n \"archive_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/{archive_format}{/ref}\",\n \"assignees_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/assignees{/user}\",\n \"blobs_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/blobs{/sha}\",\n \"branches_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/branches{/branch}\",\n \"collaborators_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/collaborators{/collaborator}\",\n \"comments_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/comments{/number}\",\n \"commits_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/commits{/sha}\",\n \"compare_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/compare/{base}...{head}\",\n \"contents_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/contents/{+path}\",\n \"contributors_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/contributors\",\n \"deployments_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/deployments\",\n \"downloads_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/downloads\",\n \"events_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/events\",\n \"forks_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/forks\",\n \"git_commits_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/commits{/sha}\",\n \"git_refs_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/refs{/sha}\",\n \"git_tags_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/tags{/sha}\",\n \"git_url\": \"git:github.com/octocat/Hello-World-Template.git\",\n \"issue_comment_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues/comments{/number}\",\n \"issue_events_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues/events{/number}\",\n \"issues_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues{/number}\",\n \"keys_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/keys{/key_id}\",\n \"labels_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/labels{/name}\",\n \"languages_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/languages\",\n \"merges_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/merges\",\n \"milestones_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/milestones{/number}\",\n \"notifications_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/notifications{?since,all,participating}\",\n \"pulls_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/pulls{/number}\",\n \"releases_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/releases{/id}\",\n \"ssh_url\": \"git@github.com:octocat/Hello-World-Template.git\",\n \"stargazers_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/stargazers\",\n \"statuses_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/statuses/{sha}\",\n \"subscribers_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/subscribers\",\n \"subscription_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/subscription\",\n \"tags_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/tags\",\n \"teams_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/teams\",\n \"trees_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/trees{/sha}\",\n \"clone_url\": \"https://github.com/octocat/Hello-World-Template.git\",\n \"mirror_url\": \"git:git.example.com/octocat/Hello-World-Template\",\n \"hooks_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/hooks\",\n \"svn_url\": \"https://svn.github.com/octocat/Hello-World-Template\",\n \"homepage\": \"https://github.com\",\n \"language\": null,\n \"forks\": 9,\n \"forks_count\": 9,\n \"stargazers_count\": 80,\n \"watchers_count\": 80,\n \"watchers\": 80,\n \"size\": 108,\n \"default_branch\": \"master\",\n \"open_issues\": 0,\n \"open_issues_count\": 0,\n \"is_template\": true,\n \"license\": {\n \"key\": \"mit\",\n \"name\": \"MIT License\",\n \"url\": \"https://api.github.com/licenses/mit\",\n \"spdx_id\": \"MIT\",\n \"node_id\": \"MDc6TGljZW5zZW1pdA==\",\n \"html_url\": \"https://api.github.com/licenses/mit\"\n },\n \"topics\": [\n \"octocat\",\n \"atom\",\n \"electron\",\n \"api\"\n ],\n \"has_issues\": true,\n \"has_projects\": true,\n \"has_wiki\": true,\n \"has_pages\": false,\n \"has_downloads\": true,\n \"archived\": false,\n \"disabled\": false,\n \"visibility\": \"public\",\n \"pushed_at\": \"2011-01-26T19:06:43Z\",\n \"created_at\": \"2011-01-26T19:01:12Z\",\n \"updated_at\": \"2011-01-26T19:14:43Z\",\n \"permissions\": {\n \"admin\": false,\n \"push\": false,\n \"pull\": true\n },\n \"allow_rebase_merge\": true,\n \"temp_clone_token\": \"ABTLWHOULUVAXGTRYU7OC2876QJ2O\",\n \"allow_squash_merge\": true,\n \"allow_auto_merge\": false,\n \"delete_branch_on_merge\": true,\n \"allow_merge_commit\": true,\n \"subscribers_count\": 42,\n \"network_count\": 0\n },\n \"owner\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"private\": false,\n \"html_url\": \"https://github.com/octocat/Hello-World\",\n \"description\": \"This your first repo!\",\n \"fork\": false,\n \"url\": \"https://api.github.com/repos/octocat/Hello-World\",\n \"archive_url\": \"https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}\",\n \"assignees_url\": \"https://api.github.com/repos/octocat/Hello-World/assignees{/user}\",\n \"blobs_url\": \"https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}\",\n \"branches_url\": \"https://api.github.com/repos/octocat/Hello-World/branches{/branch}\",\n \"collaborators_url\": \"https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}\",\n \"comments_url\": \"https://api.github.com/repos/octocat/Hello-World/comments{/number}\",\n \"commits_url\": \"https://api.github.com/repos/octocat/Hello-World/commits{/sha}\",\n \"compare_url\": \"https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}\",\n \"contents_url\": \"https://api.github.com/repos/octocat/Hello-World/contents/{+path}\",\n \"contributors_url\": \"https://api.github.com/repos/octocat/Hello-World/contributors\",\n \"deployments_url\": \"https://api.github.com/repos/octocat/Hello-World/deployments\",\n \"downloads_url\": \"https://api.github.com/repos/octocat/Hello-World/downloads\",\n \"events_url\": \"https://api.github.com/repos/octocat/Hello-World/events\",\n \"forks_url\": \"https://api.github.com/repos/octocat/Hello-World/forks\",\n \"git_commits_url\": \"https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}\",\n \"git_refs_url\": \"https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}\",\n \"git_tags_url\": \"https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}\",\n \"git_url\": \"git:github.com/octocat/Hello-World.git\",\n \"issue_comment_url\": \"https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}\",\n \"issue_events_url\": \"https://api.github.com/repos/octocat/Hello-World/issues/events{/number}\",\n \"issues_url\": \"https://api.github.com/repos/octocat/Hello-World/issues{/number}\",\n \"keys_url\": \"https://api.github.com/repos/octocat/Hello-World/keys{/key_id}\",\n \"labels_url\": \"https://api.github.com/repos/octocat/Hello-World/labels{/name}\",\n \"languages_url\": \"https://api.github.com/repos/octocat/Hello-World/languages\",\n \"merges_url\": \"https://api.github.com/repos/octocat/Hello-World/merges\",\n \"milestones_url\": \"https://api.github.com/repos/octocat/Hello-World/milestones{/number}\",\n \"notifications_url\": \"https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}\",\n \"pulls_url\": \"https://api.github.com/repos/octocat/Hello-World/pulls{/number}\",\n \"releases_url\": \"https://api.github.com/repos/octocat/Hello-World/releases{/id}\",\n \"ssh_url\": \"git@github.com:octocat/Hello-World.git\",\n \"stargazers_url\": \"https://api.github.com/repos/octocat/Hello-World/stargazers\",\n \"statuses_url\": \"https://api.github.com/repos/octocat/Hello-World/statuses/{sha}\",\n \"subscribers_url\": \"https://api.github.com/repos/octocat/Hello-World/subscribers\",\n \"subscription_url\": \"https://api.github.com/repos/octocat/Hello-World/subscription\",\n \"tags_url\": \"https://api.github.com/repos/octocat/Hello-World/tags\",\n \"teams_url\": \"https://api.github.com/repos/octocat/Hello-World/teams\",\n \"trees_url\": \"https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}\",\n \"clone_url\": \"https://github.com/octocat/Hello-World.git\",\n \"mirror_url\": \"git:git.example.com/octocat/Hello-World\",\n \"hooks_url\": \"https://api.github.com/repos/octocat/Hello-World/hooks\",\n \"svn_url\": \"https://svn.github.com/octocat/Hello-World\",\n \"homepage\": \"https://github.com\",\n \"language\": null,\n \"forks_count\": 9,\n \"stargazers_count\": 80,\n \"watchers_count\": 80,\n \"size\": 108,\n \"default_branch\": \"master\",\n \"open_issues_count\": 0,\n \"is_template\": false,\n \"topics\": [\n \"octocat\",\n \"atom\",\n \"electron\",\n \"api\"\n ],\n \"has_issues\": true,\n \"has_projects\": true,\n \"has_wiki\": true,\n \"has_pages\": false,\n \"has_downloads\": true,\n \"archived\": false,\n \"disabled\": false,\n \"visibility\": \"public\",\n \"pushed_at\": \"2011-01-26T19:06:43Z\",\n \"created_at\": \"2011-01-26T19:01:12Z\",\n \"updated_at\": \"2011-01-26T19:14:43Z\",\n \"permissions\": {\n \"admin\": false,\n \"push\": false,\n \"pull\": true\n },\n \"temp_clone_token\": \"ABTLWHOULUVAXGTRYU7OC2876QJ2O\",\n \"delete_branch_on_merge\": true,\n \"subscribers_count\": 42,\n \"network_count\": 0\n },\n \"head_commit\": {\n \"id\": \"7fd1a60b01f91b314f59955a4e4d4e80d8edf11d\",\n \"tree_id\": \"7fd1a60b01f91b314f59955a4e4d4e80d8edf11d\",\n \"message\": \"Merge pull request #6 from Spaceghost/patch-1\\n\\nNew line at end of file.\",\n \"timestamp\": \"2016-10-10T00:00:00Z\",\n \"author\": {\n \"name\": \"The Octocat\",\n \"email\": \"octocat@nowhere.com\"\n },\n \"committer\": {\n \"name\": \"The Octocat\",\n \"email\": \"octocat@nowhere.com\"\n }\n },\n \"latest_check_runs_count\": 1,\n \"check_runs_url\": \"https://api.github.com/repos/octocat/Hello-World/check-suites/5/check-runs\"\n}" }, { @@ -32735,6 +32841,350 @@ } ] }, + "deploy_keys": { + "deploy_keys": [ + { + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "per_page", + "description": "Results per page (max 100)", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + }, + "descriptionHTML": "

Results per page (max 100)

" + }, + { + "name": "page", + "description": "Page number of the results to fetch.", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + }, + "descriptionHTML": "

Page number of the results to fetch.

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world'\n})" + } + ], + "summary": "List deploy keys", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "list-deploy-keys", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "", + "bodyParameters": [], + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "[\n {\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n }\n]" + } + ] + }, + { + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/keys", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys \\\n -d '{\"key\":\"key\"}'" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('POST /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world',\n key: 'key'\n})" + } + ], + "summary": "Create a deploy key", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "title": { + "type": "string", + "description": "

A name for the key.

", + "name": "title", + "in": "body", + "rawType": "string", + "rawDescription": "A name for the key.", + "childParamsGroups": [] + }, + "key": { + "type": "string", + "description": "

Required. The contents of the key.

", + "name": "key", + "in": "body", + "rawType": "string", + "rawDescription": "The contents of the key.", + "childParamsGroups": [] + }, + "read_only": { + "type": "boolean", + "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", + "name": "read_only", + "in": "body", + "rawType": "boolean", + "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", + "childParamsGroups": [] + } + }, + "required": [ + "key" + ] + }, + "example": { + "title": "octocat@octomac", + "key": "ssh-rsa AAA...", + "read_only": true + } + } + } + }, + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "create-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "

You can create a read-only deploy key.

", + "responses": [ + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "

Response

", + "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" + }, + { + "httpStatusCode": "422", + "httpStatusMessage": "Unprocessable Entity", + "description": "

Validation failed

" + } + ], + "bodyParameters": [ + { + "type": "string", + "description": "

A name for the key.

", + "name": "title", + "in": "body", + "rawType": "string", + "rawDescription": "A name for the key.", + "childParamsGroups": [] + }, + { + "type": "string", + "description": "

Required. The contents of the key.

", + "name": "key", + "in": "body", + "rawType": "string", + "rawDescription": "The contents of the key.", + "childParamsGroups": [] + }, + { + "type": "boolean", + "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", + "name": "read_only", + "in": "body", + "rawType": "boolean", + "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", + "childParamsGroups": [] + } + ] + }, + { + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "key_id", + "description": "key_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

key_id parameter

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" + } + ], + "summary": "Get a deploy key", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "get-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "", + "bodyParameters": [], + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" + }, + { + "httpStatusCode": "404", + "httpStatusMessage": "Not Found", + "description": "

Resource not found

" + } + ] + }, + { + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "key_id", + "description": "key_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

key_id parameter

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X DELETE \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('DELETE /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" + } + ], + "summary": "Delete a deploy key", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "delete-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "bodyParameters": [], + "descriptionHTML": "

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

", + "responses": [ + { + "httpStatusCode": "204", + "httpStatusMessage": "No Content", + "description": "

Response

" + } + ] + } + ] + }, "deployments": { "deployments": [ { @@ -33855,348 +34305,6 @@ ] } ], - "keys": [ - { - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "per_page", - "description": "Results per page (max 100)", - "in": "query", - "schema": { - "type": "integer", - "default": 30 - }, - "descriptionHTML": "

Results per page (max 100)

" - }, - { - "name": "page", - "description": "Page number of the results to fetch.", - "in": "query", - "schema": { - "type": "integer", - "default": 1 - }, - "descriptionHTML": "

Page number of the results to fetch.

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('GET /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world'\n})" - } - ], - "summary": "List deploy keys", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "list-deploy-keys", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "", - "bodyParameters": [], - "responses": [ - { - "httpStatusCode": "200", - "httpStatusMessage": "OK", - "description": "

Response

", - "payload": "[\n {\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n }\n]" - } - ] - }, - { - "verb": "post", - "requestPath": "/repos/{owner}/{repo}/keys", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys \\\n -d '{\"key\":\"key\"}'" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('POST /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world',\n key: 'key'\n})" - } - ], - "summary": "Create a deploy key", - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "title": { - "type": "string", - "description": "

A name for the key.

", - "name": "title", - "in": "body", - "rawType": "string", - "rawDescription": "A name for the key.", - "childParamsGroups": [] - }, - "key": { - "type": "string", - "description": "

Required. The contents of the key.

", - "name": "key", - "in": "body", - "rawType": "string", - "rawDescription": "The contents of the key.", - "childParamsGroups": [] - }, - "read_only": { - "type": "boolean", - "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", - "name": "read_only", - "in": "body", - "rawType": "boolean", - "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", - "childParamsGroups": [] - } - }, - "required": [ - "key" - ] - }, - "example": { - "title": "octocat@octomac", - "key": "ssh-rsa AAA...", - "read_only": true - } - } - } - }, - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "create-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "

You can create a read-only deploy key.

", - "responses": [ - { - "httpStatusCode": "201", - "httpStatusMessage": "Created", - "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" - }, - { - "httpStatusCode": "422", - "httpStatusMessage": "Unprocessable Entity", - "description": "

Validation failed

" - } - ], - "bodyParameters": [ - { - "type": "string", - "description": "

A name for the key.

", - "name": "title", - "in": "body", - "rawType": "string", - "rawDescription": "A name for the key.", - "childParamsGroups": [] - }, - { - "type": "string", - "description": "

Required. The contents of the key.

", - "name": "key", - "in": "body", - "rawType": "string", - "rawDescription": "The contents of the key.", - "childParamsGroups": [] - }, - { - "type": "boolean", - "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", - "name": "read_only", - "in": "body", - "rawType": "boolean", - "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", - "childParamsGroups": [] - } - ] - }, - { - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "key_id", - "description": "key_id parameter", - "in": "path", - "required": true, - "schema": { - "type": "integer" - }, - "descriptionHTML": "

key_id parameter

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('GET /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" - } - ], - "summary": "Get a deploy key", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "get-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "", - "bodyParameters": [], - "responses": [ - { - "httpStatusCode": "200", - "httpStatusMessage": "OK", - "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" - }, - { - "httpStatusCode": "404", - "httpStatusMessage": "Not Found", - "description": "

Resource not found

" - } - ] - }, - { - "verb": "delete", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "key_id", - "description": "key_id parameter", - "in": "path", - "required": true, - "schema": { - "type": "integer" - }, - "descriptionHTML": "

key_id parameter

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -X DELETE \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n http(s)://{hostname}/api/v3/repos/octocat/hello-world/keys/42" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('DELETE /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" - } - ], - "summary": "Delete a deploy key", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "delete-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "bodyParameters": [], - "descriptionHTML": "

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

", - "responses": [ - { - "httpStatusCode": "204", - "httpStatusMessage": "No Content", - "description": "

Response

" - } - ] - } - ], "statuses": [ { "verb": "get", @@ -36638,7 +36746,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" + "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"aqueduct jobs\",\n \"number\": 34\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" } ] }, @@ -36699,7 +36807,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" + "payload": "{\n \"status\": \"scheduled\",\n \"scheduled_time\": \"Tuesday, January 22 at 15:34 -0800\",\n \"connection_services\": [\n {\n \"name\": \"git operations\",\n \"number\": 0\n },\n {\n \"name\": \"mysql queries\",\n \"number\": 233\n },\n {\n \"name\": \"aqueduct jobs\",\n \"number\": 34\n },\n {\n \"name\": \"resque jobs\",\n \"number\": 54\n }\n ]\n}" } ], "bodyParameters": [ @@ -50672,6 +50780,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -50873,6 +50986,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -60185,16 +60303,6 @@ ] }, "examples": { - "example-for-a-single-line-comment": { - "summary": "Example for a single-line comment", - "value": { - "body": "Let's add this deleted line back.", - "commit_id": "6dcb09b5b57875f334f61aebed695e2e4193db5e", - "path": "file1.txt", - "line": 5, - "side": "LEFT" - } - }, "example-for-a-multi-line-comment": { "summary": "Example for a multi-line comment", "value": { @@ -62294,8 +62402,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -62313,7 +62425,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

Response

", + "description": "

Response when the reaction type has already been added to this team discussion comment

", "payload": "{\n \"id\": 1,\n \"node_id\": \"MDg6UmVhY3Rpb24x\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"content\": \"heart\",\n \"created_at\": \"2016-05-20T20:09:31Z\"\n}" }, { @@ -62606,8 +62718,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -62982,7 +63098,11 @@ ] }, "example": { - "content": "heart" + "default": { + "value": { + "content": "heart" + } + } } } } @@ -63299,8 +63419,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -63617,8 +63741,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -63930,8 +64058,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -64244,8 +64376,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -74584,10 +74720,14 @@ "name" ] }, - "example": { - "name": "new team name", - "description": "new team description", - "privacy": "closed" + "examples": { + "default": { + "value": { + "name": "new team name", + "description": "new team description", + "privacy": "closed" + } + } } } } @@ -74608,7 +74748,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

Response

", + "description": "

Response when the updated information already exists

", "payload": "{\n \"id\": 1,\n \"node_id\": \"MDQ6VGVhbTE=\",\n \"url\": \"https://api.github.com/teams/1\",\n \"html_url\": \"https://github.com/orgs/github/teams/justice-league\",\n \"name\": \"Justice League\",\n \"slug\": \"justice-league\",\n \"description\": \"A great team.\",\n \"privacy\": \"closed\",\n \"permission\": \"admin\",\n \"members_url\": \"https://api.github.com/teams/1/members{/member}\",\n \"repositories_url\": \"https://api.github.com/teams/1/repos\",\n \"members_count\": 3,\n \"repos_count\": 10,\n \"created_at\": \"2017-07-14T16:53:42Z\",\n \"updated_at\": \"2017-08-17T12:37:15Z\",\n \"organization\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"updated_at\": \"2017-08-17T12:37:15Z\",\n \"type\": \"Organization\"\n },\n \"ldap_dn\": \"uid=asdf,ou=users,dc=github,dc=com\"\n}" }, { diff --git a/lib/rest/static/decorated/github.ae.json b/lib/rest/static/decorated/github.ae.json index 1a25a07267..f8cb4c449e 100644 --- a/lib/rest/static/decorated/github.ae.json +++ b/lib/rest/static/decorated/github.ae.json @@ -9188,17 +9188,6 @@ } ], "summary": "Create a GitHub App from a manifest", - "requestBody": { - "required": false, - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false - } - } - } - }, "x-github": { "enabledForGitHubApps": false, "category": "apps", @@ -9317,6 +9306,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -9373,6 +9367,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -9423,6 +9422,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -10279,6 +10283,17 @@ ] } } + }, + "examples": { + "default": { + "value": { + "respoitory": "Hello-World", + "permissions": { + "issues": "write", + "contents": "read" + } + } + } } } } @@ -11175,6 +11190,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -11225,6 +11245,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" } ], @@ -11672,6 +11697,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -11753,6 +11783,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -11822,6 +11857,11 @@ "schema": { "type": "integer" }, + "examples": { + "default": { + "value": 1 + } + }, "descriptionHTML": "

installation_id parameter

" }, { @@ -11893,6 +11933,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -11980,6 +12025,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -12014,6 +12064,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -12033,7 +12090,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" }, { "httpStatusCode": "404", @@ -12070,6 +12127,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -12104,6 +12166,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -12123,7 +12192,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" }, { "httpStatusCode": "422", @@ -12155,6 +12224,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" } ], @@ -12242,6 +12316,11 @@ "schema": { "type": "string" }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } + }, "descriptionHTML": "

The client ID of your GitHub app.

" }, { @@ -12284,7 +12363,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"abcde12345fghij67890\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" + "payload": "{\n \"id\": 1,\n \"url\": \"https://api.github.com/authorizations/1\",\n \"scopes\": [\n \"public_repo\",\n \"user\"\n ],\n \"token\": \"ghu_16C7e42F292c6912E7710c838347Ae178B4a\",\n \"token_last_eight\": \"Ae178B4a\",\n \"hashed_token\": \"25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8\",\n \"app\": {\n \"url\": \"http://my-github-app.com\",\n \"name\": \"my github app\",\n \"client_id\": \"Iv1.8a61f9b3a7aba766\"\n },\n \"note\": \"optional note\",\n \"note_url\": \"http://optional/note/url\",\n \"updated_at\": \"2011-09-06T20:39:23Z\",\n \"created_at\": \"2011-09-06T17:26:27Z\",\n \"fingerprint\": \"jklmnop12345678\",\n \"expires_at\": \"2011-09-08T17:26:27Z\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n }\n}" } ] } @@ -12395,12 +12474,16 @@ "description": "

Determines whether the SSL certificate of the host for url will be verified when delivering payloads. Supported values include 0 (verification is performed) and 1 (verification is not performed). The default is 0. We strongly recommend not setting this to 1 as you are subject to man-in-the-middle and other attacks.

", "childParamsGroups": [] } - }, - "example": { - "content_type": "json", - "insecure_ssl": "0", - "secret": "********", - "url": "https://example.com/webhook" + } + }, + "examples": { + "default": { + "value": { + "content_type": "json", + "insecure_ssl": "0", + "secret": "********", + "url": "https://example.com/webhook" + } } } } @@ -19308,7 +19391,13 @@ "httpStatusCode": "201", "httpStatusMessage": "Created", "description": "Response for completed conclusion", - "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": \"2018-05-04T01:14:52Z\",\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" + "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"42\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": \"2018-05-04T01:14:52Z\",\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" + }, + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "Response for completed conclusion", + "payload": "{\n \"id\": 4,\n \"head_sha\": \"ce587453ced02b1526dfb4cb910479d431683101\",\n \"node_id\": \"MDg6Q2hlY2tSdW40\",\n \"external_id\": \"42\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-runs/4\",\n \"html_url\": \"https://github.com/github/hello-world/runs/4\",\n \"details_url\": \"https://example.com\",\n \"status\": \"in_progress\",\n \"conclusion\": null,\n \"started_at\": \"2018-05-04T01:14:52Z\",\n \"completed_at\": null,\n \"output\": {\n \"title\": \"Mighty Readme report\",\n \"summary\": \"There are 0 failures, 2 warnings, and 1 notice.\",\n \"text\": \"You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.\",\n \"annotations_count\": 2,\n \"annotations_url\": \"https://api.github.com/repos/github/hello-world/check-runs/4/annotations\"\n },\n \"name\": \"mighty_readme\",\n \"check_suite\": {\n \"id\": 5\n },\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"pull_requests\": [\n {\n \"url\": \"https://api.github.com/repos/github/hello-world/pulls/1\",\n \"id\": 1934,\n \"number\": 3956,\n \"head\": {\n \"ref\": \"say-hello\",\n \"sha\": \"3dca65fa3e8d4b3da3f3d056c59aee1c50f41390\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n },\n \"base\": {\n \"ref\": \"master\",\n \"sha\": \"e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f\",\n \"repo\": {\n \"id\": 526,\n \"url\": \"https://api.github.com/repos/github/hello-world\",\n \"name\": \"hello-world\"\n }\n }\n }\n ]\n}" } ], "bodyParameters": [ @@ -22824,8 +22913,12 @@ "head_sha" ] }, - "example": { - "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + "examples": { + "default": { + "value": { + "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + } + } } } } @@ -22844,7 +22937,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

when the suite already existed

", + "description": "

Response when the suite already exists

", "payload": "{\n \"id\": 5,\n \"node_id\": \"MDEwOkNoZWNrU3VpdGU1\",\n \"head_branch\": \"master\",\n \"head_sha\": \"d6fde92930d4715a2b49857d24b940956b26d2d3\",\n \"status\": \"completed\",\n \"conclusion\": \"neutral\",\n \"url\": \"https://api.github.com/repos/github/hello-world/check-suites/5\",\n \"before\": \"146e867f55c26428e5f9fade55a9bbf5e95a7912\",\n \"after\": \"d6fde92930d4715a2b49857d24b940956b26d2d3\",\n \"pull_requests\": [],\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"app\": {\n \"id\": 1,\n \"slug\": \"octoapp\",\n \"node_id\": \"MDExOkludGVncmF0aW9uMQ==\",\n \"owner\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": true\n },\n \"name\": \"Octocat App\",\n \"description\": \"\",\n \"external_url\": \"https://example.com\",\n \"html_url\": \"https://github.com/apps/octoapp\",\n \"created_at\": \"2017-07-08T16:18:44-04:00\",\n \"updated_at\": \"2017-07-08T16:18:44-04:00\",\n \"permissions\": {\n \"metadata\": \"read\",\n \"contents\": \"read\",\n \"issues\": \"write\",\n \"single_file\": \"write\"\n },\n \"events\": [\n \"push\",\n \"pull_request\"\n ]\n },\n \"repository\": {\n \"id\": 1296269,\n \"node_id\": \"MDEwOlJlcG9zaXRvcnkxMjk2MjY5\",\n \"name\": \"Hello-World\",\n \"full_name\": \"octocat/Hello-World\",\n \"template_repository\": {\n \"id\": 1296269,\n \"node_id\": \"MDEwOlJlcG9zaXRvcnkxMjk2MjY5\",\n \"name\": \"Hello-World-Template\",\n \"full_name\": \"octocat/Hello-World-Template\",\n \"owner\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"private\": false,\n \"html_url\": \"https://github.com/octocat/Hello-World-Template\",\n \"description\": \"This your first repo!\",\n \"fork\": false,\n \"url\": \"https://api.github.com/repos/octocat/Hello-World-Template\",\n \"archive_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/{archive_format}{/ref}\",\n \"assignees_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/assignees{/user}\",\n \"blobs_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/blobs{/sha}\",\n \"branches_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/branches{/branch}\",\n \"collaborators_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/collaborators{/collaborator}\",\n \"comments_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/comments{/number}\",\n \"commits_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/commits{/sha}\",\n \"compare_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/compare/{base}...{head}\",\n \"contents_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/contents/{+path}\",\n \"contributors_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/contributors\",\n \"deployments_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/deployments\",\n \"downloads_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/downloads\",\n \"events_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/events\",\n \"forks_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/forks\",\n \"git_commits_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/commits{/sha}\",\n \"git_refs_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/refs{/sha}\",\n \"git_tags_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/tags{/sha}\",\n \"git_url\": \"git:github.com/octocat/Hello-World-Template.git\",\n \"issue_comment_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues/comments{/number}\",\n \"issue_events_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues/events{/number}\",\n \"issues_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/issues{/number}\",\n \"keys_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/keys{/key_id}\",\n \"labels_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/labels{/name}\",\n \"languages_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/languages\",\n \"merges_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/merges\",\n \"milestones_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/milestones{/number}\",\n \"notifications_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/notifications{?since,all,participating}\",\n \"pulls_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/pulls{/number}\",\n \"releases_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/releases{/id}\",\n \"ssh_url\": \"git@github.com:octocat/Hello-World-Template.git\",\n \"stargazers_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/stargazers\",\n \"statuses_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/statuses/{sha}\",\n \"subscribers_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/subscribers\",\n \"subscription_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/subscription\",\n \"tags_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/tags\",\n \"teams_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/teams\",\n \"trees_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/git/trees{/sha}\",\n \"clone_url\": \"https://github.com/octocat/Hello-World-Template.git\",\n \"mirror_url\": \"git:git.example.com/octocat/Hello-World-Template\",\n \"hooks_url\": \"https://api.github.com/repos/octocat/Hello-World-Template/hooks\",\n \"svn_url\": \"https://svn.github.com/octocat/Hello-World-Template\",\n \"homepage\": \"https://github.com\",\n \"language\": null,\n \"forks\": 9,\n \"forks_count\": 9,\n \"stargazers_count\": 80,\n \"watchers_count\": 80,\n \"watchers\": 80,\n \"size\": 108,\n \"default_branch\": \"master\",\n \"open_issues\": 0,\n \"open_issues_count\": 0,\n \"is_template\": true,\n \"license\": {\n \"key\": \"mit\",\n \"name\": \"MIT License\",\n \"url\": \"https://api.github.com/licenses/mit\",\n \"spdx_id\": \"MIT\",\n \"node_id\": \"MDc6TGljZW5zZW1pdA==\",\n \"html_url\": \"https://api.github.com/licenses/mit\"\n },\n \"topics\": [\n \"octocat\",\n \"atom\",\n \"electron\",\n \"api\"\n ],\n \"has_issues\": true,\n \"has_projects\": true,\n \"has_wiki\": true,\n \"has_pages\": false,\n \"has_downloads\": true,\n \"archived\": false,\n \"disabled\": false,\n \"visibility\": \"public\",\n \"pushed_at\": \"2011-01-26T19:06:43Z\",\n \"created_at\": \"2011-01-26T19:01:12Z\",\n \"updated_at\": \"2011-01-26T19:14:43Z\",\n \"permissions\": {\n \"admin\": false,\n \"push\": false,\n \"pull\": true\n },\n \"allow_rebase_merge\": true,\n \"temp_clone_token\": \"ABTLWHOULUVAXGTRYU7OC2876QJ2O\",\n \"allow_squash_merge\": true,\n \"allow_auto_merge\": false,\n \"delete_branch_on_merge\": true,\n \"allow_merge_commit\": true,\n \"subscribers_count\": 42,\n \"network_count\": 0\n },\n \"owner\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"private\": false,\n \"html_url\": \"https://github.com/octocat/Hello-World\",\n \"description\": \"This your first repo!\",\n \"fork\": false,\n \"url\": \"https://api.github.com/repos/octocat/Hello-World\",\n \"archive_url\": \"https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}\",\n \"assignees_url\": \"https://api.github.com/repos/octocat/Hello-World/assignees{/user}\",\n \"blobs_url\": \"https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}\",\n \"branches_url\": \"https://api.github.com/repos/octocat/Hello-World/branches{/branch}\",\n \"collaborators_url\": \"https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}\",\n \"comments_url\": \"https://api.github.com/repos/octocat/Hello-World/comments{/number}\",\n \"commits_url\": \"https://api.github.com/repos/octocat/Hello-World/commits{/sha}\",\n \"compare_url\": \"https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}\",\n \"contents_url\": \"https://api.github.com/repos/octocat/Hello-World/contents/{+path}\",\n \"contributors_url\": \"https://api.github.com/repos/octocat/Hello-World/contributors\",\n \"deployments_url\": \"https://api.github.com/repos/octocat/Hello-World/deployments\",\n \"downloads_url\": \"https://api.github.com/repos/octocat/Hello-World/downloads\",\n \"events_url\": \"https://api.github.com/repos/octocat/Hello-World/events\",\n \"forks_url\": \"https://api.github.com/repos/octocat/Hello-World/forks\",\n \"git_commits_url\": \"https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}\",\n \"git_refs_url\": \"https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}\",\n \"git_tags_url\": \"https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}\",\n \"git_url\": \"git:github.com/octocat/Hello-World.git\",\n \"issue_comment_url\": \"https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}\",\n \"issue_events_url\": \"https://api.github.com/repos/octocat/Hello-World/issues/events{/number}\",\n \"issues_url\": \"https://api.github.com/repos/octocat/Hello-World/issues{/number}\",\n \"keys_url\": \"https://api.github.com/repos/octocat/Hello-World/keys{/key_id}\",\n \"labels_url\": \"https://api.github.com/repos/octocat/Hello-World/labels{/name}\",\n \"languages_url\": \"https://api.github.com/repos/octocat/Hello-World/languages\",\n \"merges_url\": \"https://api.github.com/repos/octocat/Hello-World/merges\",\n \"milestones_url\": \"https://api.github.com/repos/octocat/Hello-World/milestones{/number}\",\n \"notifications_url\": \"https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}\",\n \"pulls_url\": \"https://api.github.com/repos/octocat/Hello-World/pulls{/number}\",\n \"releases_url\": \"https://api.github.com/repos/octocat/Hello-World/releases{/id}\",\n \"ssh_url\": \"git@github.com:octocat/Hello-World.git\",\n \"stargazers_url\": \"https://api.github.com/repos/octocat/Hello-World/stargazers\",\n \"statuses_url\": \"https://api.github.com/repos/octocat/Hello-World/statuses/{sha}\",\n \"subscribers_url\": \"https://api.github.com/repos/octocat/Hello-World/subscribers\",\n \"subscription_url\": \"https://api.github.com/repos/octocat/Hello-World/subscription\",\n \"tags_url\": \"https://api.github.com/repos/octocat/Hello-World/tags\",\n \"teams_url\": \"https://api.github.com/repos/octocat/Hello-World/teams\",\n \"trees_url\": \"https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}\",\n \"clone_url\": \"https://github.com/octocat/Hello-World.git\",\n \"mirror_url\": \"git:git.example.com/octocat/Hello-World\",\n \"hooks_url\": \"https://api.github.com/repos/octocat/Hello-World/hooks\",\n \"svn_url\": \"https://svn.github.com/octocat/Hello-World\",\n \"homepage\": \"https://github.com\",\n \"language\": null,\n \"forks_count\": 9,\n \"stargazers_count\": 80,\n \"watchers_count\": 80,\n \"size\": 108,\n \"default_branch\": \"master\",\n \"open_issues_count\": 0,\n \"is_template\": false,\n \"topics\": [\n \"octocat\",\n \"atom\",\n \"electron\",\n \"api\"\n ],\n \"has_issues\": true,\n \"has_projects\": true,\n \"has_wiki\": true,\n \"has_pages\": false,\n \"has_downloads\": true,\n \"archived\": false,\n \"disabled\": false,\n \"visibility\": \"public\",\n \"pushed_at\": \"2011-01-26T19:06:43Z\",\n \"created_at\": \"2011-01-26T19:01:12Z\",\n \"updated_at\": \"2011-01-26T19:14:43Z\",\n \"permissions\": {\n \"admin\": false,\n \"push\": false,\n \"pull\": true\n },\n \"temp_clone_token\": \"ABTLWHOULUVAXGTRYU7OC2876QJ2O\",\n \"delete_branch_on_merge\": true,\n \"subscribers_count\": 42,\n \"network_count\": 0\n },\n \"head_commit\": {\n \"id\": \"7fd1a60b01f91b314f59955a4e4d4e80d8edf11d\",\n \"tree_id\": \"7fd1a60b01f91b314f59955a4e4d4e80d8edf11d\",\n \"message\": \"Merge pull request #6 from Spaceghost/patch-1\\n\\nNew line at end of file.\",\n \"timestamp\": \"2016-10-10T00:00:00Z\",\n \"author\": {\n \"name\": \"The Octocat\",\n \"email\": \"octocat@nowhere.com\"\n },\n \"committer\": {\n \"name\": \"The Octocat\",\n \"email\": \"octocat@nowhere.com\"\n }\n },\n \"latest_check_runs_count\": 1,\n \"check_runs_url\": \"https://api.github.com/repos/octocat/Hello-World/check-suites/5/check-runs\"\n}" }, { @@ -26819,6 +26912,350 @@ } ] }, + "deploy_keys": { + "deploy_keys": [ + { + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "per_page", + "description": "Results per page (max 100)", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + }, + "descriptionHTML": "

Results per page (max 100)

" + }, + { + "name": "page", + "description": "Page number of the results to fetch.", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + }, + "descriptionHTML": "

Page number of the results to fetch.

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://{hostname}/api/v3/repos/octocat/hello-world/keys" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world'\n})" + } + ], + "summary": "List deploy keys", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "list-deploy-keys", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "", + "bodyParameters": [], + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "[\n {\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n }\n]" + } + ] + }, + { + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/keys", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://{hostname}/api/v3/repos/octocat/hello-world/keys \\\n -d '{\"key\":\"key\"}'" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('POST /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world',\n key: 'key'\n})" + } + ], + "summary": "Create a deploy key", + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "title": { + "type": "string", + "description": "

A name for the key.

", + "name": "title", + "in": "body", + "rawType": "string", + "rawDescription": "A name for the key.", + "childParamsGroups": [] + }, + "key": { + "type": "string", + "description": "

Required. The contents of the key.

", + "name": "key", + "in": "body", + "rawType": "string", + "rawDescription": "The contents of the key.", + "childParamsGroups": [] + }, + "read_only": { + "type": "boolean", + "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", + "name": "read_only", + "in": "body", + "rawType": "boolean", + "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", + "childParamsGroups": [] + } + }, + "required": [ + "key" + ] + }, + "example": { + "title": "octocat@octomac", + "key": "ssh-rsa AAA...", + "read_only": true + } + } + } + }, + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "create-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "

You can create a read-only deploy key.

", + "responses": [ + { + "httpStatusCode": "201", + "httpStatusMessage": "Created", + "description": "

Response

", + "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" + }, + { + "httpStatusCode": "422", + "httpStatusMessage": "Unprocessable Entity", + "description": "

Validation failed

" + } + ], + "bodyParameters": [ + { + "type": "string", + "description": "

A name for the key.

", + "name": "title", + "in": "body", + "rawType": "string", + "rawDescription": "A name for the key.", + "childParamsGroups": [] + }, + { + "type": "string", + "description": "

Required. The contents of the key.

", + "name": "key", + "in": "body", + "rawType": "string", + "rawDescription": "The contents of the key.", + "childParamsGroups": [] + }, + { + "type": "boolean", + "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", + "name": "read_only", + "in": "body", + "rawType": "boolean", + "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", + "childParamsGroups": [] + } + ] + }, + { + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "key_id", + "description": "key_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

key_id parameter

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://{hostname}/api/v3/repos/octocat/hello-world/keys/42" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('GET /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" + } + ], + "summary": "Get a deploy key", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "get-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "descriptionHTML": "", + "bodyParameters": [], + "responses": [ + { + "httpStatusCode": "200", + "httpStatusMessage": "OK", + "description": "

Response

", + "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" + }, + { + "httpStatusCode": "404", + "httpStatusMessage": "Not Found", + "description": "

Resource not found

" + } + ] + }, + { + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + }, + "descriptionHTML": "" + }, + { + "name": "key_id", + "description": "key_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "descriptionHTML": "

key_id parameter

" + } + ], + "x-codeSamples": [ + { + "lang": "Shell", + "source": "curl \\\n -X DELETE \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://{hostname}/api/v3/repos/octocat/hello-world/keys/42" + }, + { + "lang": "JavaScript", + "source": "await octokit.request('DELETE /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" + } + ], + "summary": "Delete a deploy key", + "x-github": { + "enabledForGitHubApps": true, + "category": "repos", + "subcategory": "keys" + }, + "slug": "delete-a-deploy-key", + "category": "deploy_keys", + "subcategory": "deploy_keys", + "notes": [], + "bodyParameters": [], + "descriptionHTML": "

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

", + "responses": [ + { + "httpStatusCode": "204", + "httpStatusMessage": "No Content", + "description": "

Response

" + } + ] + } + ] + }, "deployments": { "deployments": [ { @@ -27390,348 +27827,6 @@ "subcategory": "deployments" } ], - "keys": [ - { - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "per_page", - "description": "Results per page (max 100)", - "in": "query", - "schema": { - "type": "integer", - "default": 30 - }, - "descriptionHTML": "

Results per page (max 100)

" - }, - { - "name": "page", - "description": "Page number of the results to fetch.", - "in": "query", - "schema": { - "type": "integer", - "default": 1 - }, - "descriptionHTML": "

Page number of the results to fetch.

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://{hostname}/api/v3/repos/octocat/hello-world/keys" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('GET /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world'\n})" - } - ], - "summary": "List deploy keys", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "list-deploy-keys", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "", - "bodyParameters": [], - "responses": [ - { - "httpStatusCode": "200", - "httpStatusMessage": "OK", - "description": "

Response

", - "payload": "[\n {\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n }\n]" - } - ] - }, - { - "verb": "post", - "requestPath": "/repos/{owner}/{repo}/keys", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -X POST \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://{hostname}/api/v3/repos/octocat/hello-world/keys \\\n -d '{\"key\":\"key\"}'" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('POST /repos/{owner}/{repo}/keys', {\n owner: 'octocat',\n repo: 'hello-world',\n key: 'key'\n})" - } - ], - "summary": "Create a deploy key", - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "title": { - "type": "string", - "description": "

A name for the key.

", - "name": "title", - "in": "body", - "rawType": "string", - "rawDescription": "A name for the key.", - "childParamsGroups": [] - }, - "key": { - "type": "string", - "description": "

Required. The contents of the key.

", - "name": "key", - "in": "body", - "rawType": "string", - "rawDescription": "The contents of the key.", - "childParamsGroups": [] - }, - "read_only": { - "type": "boolean", - "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", - "name": "read_only", - "in": "body", - "rawType": "boolean", - "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", - "childParamsGroups": [] - } - }, - "required": [ - "key" - ] - }, - "example": { - "title": "octocat@octomac", - "key": "ssh-rsa AAA...", - "read_only": true - } - } - } - }, - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "create-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "

You can create a read-only deploy key.

", - "responses": [ - { - "httpStatusCode": "201", - "httpStatusMessage": "Created", - "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" - }, - { - "httpStatusCode": "422", - "httpStatusMessage": "Unprocessable Entity", - "description": "

Validation failed

" - } - ], - "bodyParameters": [ - { - "type": "string", - "description": "

A name for the key.

", - "name": "title", - "in": "body", - "rawType": "string", - "rawDescription": "A name for the key.", - "childParamsGroups": [] - }, - { - "type": "string", - "description": "

Required. The contents of the key.

", - "name": "key", - "in": "body", - "rawType": "string", - "rawDescription": "The contents of the key.", - "childParamsGroups": [] - }, - { - "type": "boolean", - "description": "

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

\n

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"Repository permission levels for an organization\" and \"Permission levels for a user account repository.\"

", - "name": "read_only", - "in": "body", - "rawType": "boolean", - "rawDescription": "If `true`, the key will only be able to read repository contents. Otherwise, the key will be able to read and write. \n \nDeploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see \"[Repository permission levels for an organization](https://docs.github.com/articles/repository-permission-levels-for-an-organization/)\" and \"[Permission levels for a user account repository](https://docs.github.com/articles/permission-levels-for-a-user-account-repository/).\"", - "childParamsGroups": [] - } - ] - }, - { - "verb": "get", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "key_id", - "description": "key_id parameter", - "in": "path", - "required": true, - "schema": { - "type": "integer" - }, - "descriptionHTML": "

key_id parameter

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://{hostname}/api/v3/repos/octocat/hello-world/keys/42" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('GET /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" - } - ], - "summary": "Get a deploy key", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "get-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "descriptionHTML": "", - "bodyParameters": [], - "responses": [ - { - "httpStatusCode": "200", - "httpStatusMessage": "OK", - "description": "

Response

", - "payload": "{\n \"id\": 1,\n \"key\": \"ssh-rsa AAA...\",\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/keys/1\",\n \"title\": \"octocat@octomac\",\n \"verified\": true,\n \"created_at\": \"2014-12-10T15:53:42Z\",\n \"read_only\": true\n}" - }, - { - "httpStatusCode": "404", - "httpStatusMessage": "Not Found", - "description": "

Resource not found

" - } - ] - }, - { - "verb": "delete", - "requestPath": "/repos/{owner}/{repo}/keys/{key_id}", - "parameters": [ - { - "name": "owner", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "repo", - "in": "path", - "required": true, - "schema": { - "type": "string" - }, - "descriptionHTML": "" - }, - { - "name": "key_id", - "description": "key_id parameter", - "in": "path", - "required": true, - "schema": { - "type": "integer" - }, - "descriptionHTML": "

key_id parameter

" - } - ], - "x-codeSamples": [ - { - "lang": "Shell", - "source": "curl \\\n -X DELETE \\\n -H \"Accept: application/vnd.github.v3+json\" \\\n https://{hostname}/api/v3/repos/octocat/hello-world/keys/42" - }, - { - "lang": "JavaScript", - "source": "await octokit.request('DELETE /repos/{owner}/{repo}/keys/{key_id}', {\n owner: 'octocat',\n repo: 'hello-world',\n key_id: 42\n})" - } - ], - "summary": "Delete a deploy key", - "x-github": { - "enabledForGitHubApps": true, - "category": "repos", - "subcategory": "keys" - }, - "slug": "delete-a-deploy-key", - "category": "deployments", - "subcategory": "keys", - "notes": [], - "bodyParameters": [], - "descriptionHTML": "

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

", - "responses": [ - { - "httpStatusCode": "204", - "httpStatusMessage": "No Content", - "description": "

Response

" - } - ] - } - ], "statuses": [ { "verb": "get", @@ -50513,16 +50608,6 @@ ] }, "examples": { - "example-for-a-single-line-comment": { - "summary": "Example for a single-line comment", - "value": { - "body": "Let's add this deleted line back.", - "commit_id": "6dcb09b5b57875f334f61aebed695e2e4193db5e", - "path": "file1.txt", - "line": 5, - "side": "LEFT" - } - }, "example-for-a-multi-line-comment": { "summary": "Example for a multi-line comment", "value": { @@ -52627,8 +52712,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -52651,7 +52740,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

Response

", + "description": "

Response when the reaction type has already been added to this team discussion comment

", "payload": "{\n \"id\": 1,\n \"node_id\": \"MDg6UmVhY3Rpb24x\",\n \"user\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"content\": \"heart\",\n \"created_at\": \"2016-05-20T20:09:31Z\"\n}" }, { @@ -52954,8 +53043,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -53278,7 +53371,11 @@ ] }, "example": { - "content": "heart" + "default": { + "value": { + "content": "heart" + } + } } } } @@ -53610,8 +53707,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -53943,8 +54044,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -54271,8 +54376,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -54600,8 +54709,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -63902,10 +64015,14 @@ "name" ] }, - "example": { - "name": "new team name", - "description": "new team description", - "privacy": "closed" + "examples": { + "default": { + "value": { + "name": "new team name", + "description": "new team description", + "privacy": "closed" + } + } } } } @@ -63926,7 +64043,7 @@ { "httpStatusCode": "200", "httpStatusMessage": "OK", - "description": "

Response

", + "description": "

Response when the updated information already exists

", "payload": "{\n \"id\": 1,\n \"node_id\": \"MDQ6VGVhbTE=\",\n \"url\": \"https://api.github.com/teams/1\",\n \"html_url\": \"https://github.com/orgs/github/teams/justice-league\",\n \"name\": \"Justice League\",\n \"slug\": \"justice-league\",\n \"description\": \"A great team.\",\n \"privacy\": \"closed\",\n \"permission\": \"admin\",\n \"members_url\": \"https://api.github.com/teams/1/members{/member}\",\n \"repositories_url\": \"https://api.github.com/teams/1/repos\",\n \"parent\": null,\n \"members_count\": 3,\n \"repos_count\": 10,\n \"created_at\": \"2017-07-14T16:53:42Z\",\n \"updated_at\": \"2017-08-17T12:37:15Z\",\n \"organization\": {\n \"login\": \"github\",\n \"id\": 1,\n \"node_id\": \"MDEyOk9yZ2FuaXphdGlvbjE=\",\n \"url\": \"https://api.github.com/orgs/github\",\n \"repos_url\": \"https://api.github.com/orgs/github/repos\",\n \"events_url\": \"https://api.github.com/orgs/github/events\",\n \"hooks_url\": \"https://api.github.com/orgs/github/hooks\",\n \"issues_url\": \"https://api.github.com/orgs/github/issues\",\n \"members_url\": \"https://api.github.com/orgs/github/members{/member}\",\n \"public_members_url\": \"https://api.github.com/orgs/github/public_members{/member}\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"description\": \"A great organization\",\n \"name\": \"github\",\n \"company\": \"GitHub\",\n \"blog\": \"https://github.com/blog\",\n \"location\": \"San Francisco\",\n \"email\": \"octocat@github.com\",\n \"is_verified\": true,\n \"has_organization_projects\": true,\n \"has_repository_projects\": true,\n \"public_repos\": 2,\n \"public_gists\": 1,\n \"followers\": 20,\n \"following\": 0,\n \"html_url\": \"https://github.com/octocat\",\n \"created_at\": \"2008-01-14T04:33:35Z\",\n \"updated_at\": \"2017-08-17T12:37:15Z\",\n \"type\": \"Organization\"\n }\n}" }, { diff --git a/lib/rest/static/dereferenced/api.github.com.deref.json b/lib/rest/static/dereferenced/api.github.com.deref.json index 31fe3d0202..a4bec1c7ec 100644 --- a/lib/rest/static/dereferenced/api.github.com.deref.json +++ b/lib/rest/static/dereferenced/api.github.com.deref.json @@ -705,17 +705,6 @@ } } ], - "requestBody": { - "required": false, - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false - } - } - } - }, "responses": { "201": { "description": "Response", @@ -1231,12 +1220,16 @@ } ] } - }, - "example": { - "content_type": "json", - "insecure_ssl": "0", - "secret": "********", - "url": "https://example.com/webhook" + } + }, + "examples": { + "default": { + "value": { + "content_type": "json", + "insecure_ssl": "0", + "secret": "********", + "url": "https://example.com/webhook" + } } } } @@ -2942,6 +2935,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -3760,6 +3758,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -3822,6 +3825,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -4104,6 +4112,17 @@ } } } + }, + "examples": { + "default": { + "value": { + "respoitory": "Hello-World", + "permissions": { + "issues": "write", + "contents": "read" + } + } + } } } } @@ -5852,6 +5871,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -5912,6 +5936,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -6721,6 +6750,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -6848,6 +6882,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -6866,6 +6905,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -7522,7 +7568,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -7678,6 +7724,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -7696,6 +7747,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -8352,7 +8410,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -8482,6 +8540,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -8609,6 +8672,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -8909,6 +8977,19 @@ "required": [ "access_token" ] + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a", + "target": "octocat", + "permissions": { + "metadata": "read", + "issues": "write", + "contents": "read" + } + } + } } } } @@ -9564,7 +9645,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -11918,6 +11999,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -13467,6 +13553,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -16856,6 +16947,79 @@ } } }, + "/enterprises/{enterprise}/actions/cache/usage": { + "get": { + "summary": "Get GitHub Actions cache usage for an enterprise", + "description": "Gets the total GitHub Actions cache usage for an enterprise.\nThe data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.\nYou must authenticate using an access token with the `admin:enterprise` scope to use this endpoint.", + "operationId": "actions/get-actions-cache-usage-for-enterprise", + "tags": [ + "actions" + ], + "externalDocs": { + "description": "API method documentation", + "url": "https://docs.github.com/rest/reference/actions#get-github-actions-cache-usage-for-an-enterprise" + }, + "parameters": [ + { + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "Response", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "total_active_caches_count": { + "type": "integer", + "description": "The count of active caches across all repositories of an enterprise or an organization." + }, + "total_active_caches_size_in_bytes": { + "type": "integer", + "description": "The total size in bytes of all active cache items across all repositories of an enterprise or an organization." + } + }, + "required": [ + "total_active_caches_count", + "total_active_caches_size_in_bytes" + ] + }, + "examples": { + "default": { + "value": { + "total_active_caches_size_in_bytes": 3344284, + "total_active_caches_count": 5 + } + } + } + } + }, + "headers": { + "Link": { + "example": "; rel=\"next\", ; rel=\"last\"", + "schema": { + "type": "string" + } + } + } + } + }, + "x-github": { + "enabledForGitHubApps": true, + "githubCloudOnly": false, + "category": "actions", + "subcategory": "cache" + } + } + }, "/enterprises/{enterprise}/actions/permissions": { "get": { "summary": "Get GitHub Actions permissions for an enterprise", @@ -55391,6 +55555,204 @@ } } }, + "/orgs/{org}/actions/cache/usage": { + "get": { + "summary": "Get GitHub Actions cache usage for an organization", + "description": "Gets the total GitHub Actions cache usage for an organization.\nThe data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.\nYou must authenticate using an access token with the `read:org` scope to use this endpoint. GitHub Apps must have the `organization_admistration:read` permission to use this endpoint.", + "tags": [ + "actions" + ], + "operationId": "actions/get-actions-cache-usage-for-org", + "externalDocs": { + "description": "API method documentation", + "url": "https://docs.github.com/rest/reference/actions#get-github-actions-cache-usage-for-an-organization" + }, + "parameters": [ + { + "name": "org", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "Response", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "total_active_caches_count": { + "type": "integer", + "description": "The count of active caches across all repositories of an enterprise or an organization." + }, + "total_active_caches_size_in_bytes": { + "type": "integer", + "description": "The total size in bytes of all active cache items across all repositories of an enterprise or an organization." + } + }, + "required": [ + "total_active_caches_count", + "total_active_caches_size_in_bytes" + ] + }, + "examples": { + "default": { + "value": { + "total_active_caches_size_in_bytes": 3344284, + "total_active_caches_count": 5 + } + } + } + } + }, + "headers": { + "Link": { + "example": "; rel=\"next\", ; rel=\"last\"", + "schema": { + "type": "string" + } + } + } + } + }, + "x-github": { + "githubCloudOnly": false, + "enabledForGitHubApps": true, + "category": "actions", + "subcategory": "cache" + } + } + }, + "/orgs/{org}/actions/cache/usage-by-repository": { + "get": { + "summary": "List repositories with GitHub Actions cache usage for an organization", + "description": "Lists repositories and their GitHub Actions cache usage for an organization.\nThe data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.\nYou must authenticate using an access token with the `read:org` scope to use this endpoint. GitHub Apps must have the `organization_admistration:read` permission to use this endpoint.", + "tags": [ + "actions" + ], + "operationId": "actions/get-actions-cache-usage-by-repo-for-org", + "externalDocs": { + "description": "API method documentation", + "url": "https://docs.github.com/rest/reference/actions#list-repositories-with-github-actions-cache-usage-for-an-organization" + }, + "parameters": [ + { + "name": "org", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "Results per page (max 100)", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "Page number of the results to fetch.", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "responses": { + "200": { + "description": "Response", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "total_count", + "repository_cache_usages" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "repository_cache_usages": { + "type": "array", + "items": { + "title": "Actions Cache Usage by repository", + "description": "GitHub Actions Cache Usage by repository.", + "type": "object", + "properties": { + "full_name": { + "description": "The repository owner and name for the cache usage being shown.", + "type": "string", + "example": "octo-org/Hello-World" + }, + "active_caches_size_in_bytes": { + "description": "The sum of the size in bytes of all the active cache items in the repository.", + "type": "integer", + "example": 2322142 + }, + "active_caches_count": { + "description": "The number of active caches in the repository.", + "type": "integer", + "example": 3 + } + }, + "required": [ + "full_name", + "active_caches_size_in_bytes", + "active_caches_count" + ] + } + } + } + }, + "examples": { + "default": { + "value": { + "total_count": 2, + "repository_cache_usages": [ + { + "full_name": "octo-org/Hello-World", + "active_caches_size_in_bytes": 2322142, + "active_caches_count": 3 + }, + { + "full_name": "octo-org/server", + "active_caches_size_in_bytes": 1022142, + "active_caches_count": 2 + } + ] + } + } + } + } + }, + "headers": { + "Link": { + "example": "; rel=\"next\", ; rel=\"last\"", + "schema": { + "type": "string" + } + } + } + } + }, + "x-github": { + "githubCloudOnly": false, + "enabledForGitHubApps": true, + "category": "actions", + "subcategory": "cache" + } + } + }, "/orgs/{org}/actions/permissions": { "get": { "summary": "Get GitHub Actions permissions for an organization", @@ -111781,15 +112143,19 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } }, "responses": { "200": { - "description": "Response", + "description": "Response when the reaction type has already been added to this team discussion comment", "content": { "application/json": { "schema": { @@ -112624,8 +112990,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -135336,6 +135706,89 @@ } } }, + "/repos/{owner}/{repo}/actions/cache/usage": { + "get": { + "summary": "Get GitHub Actions cache usage for a repository", + "description": "Gets GitHub Actions cache usage for a repository.\nThe data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.\nAnyone with read access to the repository can use this endpoint. If the repository is private, you must use an access token with the `repo` scope. GitHub Apps must have the `actions:read` permission to use this endpoint.", + "tags": [ + "actions" + ], + "operationId": "actions/get-actions-cache-usage", + "externalDocs": { + "description": "API method documentation", + "url": "https://docs.github.com/rest/reference/actions#get-github-actions-cache-usage-for-a-repository" + }, + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "Response", + "content": { + "application/json": { + "schema": { + "title": "Actions Cache Usage by repository", + "description": "GitHub Actions Cache Usage by repository.", + "type": "object", + "properties": { + "full_name": { + "description": "The repository owner and name for the cache usage being shown.", + "type": "string", + "example": "octo-org/Hello-World" + }, + "active_caches_size_in_bytes": { + "description": "The sum of the size in bytes of all the active cache items in the repository.", + "type": "integer", + "example": 2322142 + }, + "active_caches_count": { + "description": "The number of active caches in the repository.", + "type": "integer", + "example": 3 + } + }, + "required": [ + "full_name", + "active_caches_size_in_bytes", + "active_caches_count" + ] + }, + "examples": { + "default": { + "value": { + "full_name": "octo-org/Hello-World", + "active_caches_size_in_bytes": 2322142, + "active_caches_count": 3 + } + } + } + } + } + } + }, + "x-github": { + "githubCloudOnly": false, + "enabledForGitHubApps": true, + "category": "actions", + "subcategory": "cache" + } + } + }, "/repos/{owner}/{repo}/actions/jobs/{job_id}": { "get": { "summary": "Get a job for a workflow run", @@ -135754,6 +136207,96 @@ } } }, + "/repos/{owner}/{repo}/actions/jobs/{job_id}/rerun": { + "post": { + "summary": "Re-run a job from a workflow run", + "description": "Re-run a job and its dependent jobs in a workflow run. You must authenticate using an access token with the `repo` scope to use this endpoint. GitHub Apps must have the `actions:write` permission to use this endpoint.", + "tags": [ + "actions" + ], + "operationId": "actions/re-run-job-for-workflow-run", + "externalDocs": { + "description": "API method documentation", + "url": "https://docs.github.com/rest/reference/actions#re-run-job-for-workflow-run" + }, + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "job_id", + "description": "job_id parameter", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + } + ], + "responses": { + "201": { + "description": "Response", + "content": { + "application/json": { + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": { + }, + "additionalProperties": false + } + } + } + }, + "403": { + "description": "Forbidden", + "content": { + "application/json": { + "schema": { + "title": "Basic Error", + "description": "Basic Error", + "type": "object", + "properties": { + "message": { + "type": "string" + }, + "documentation_url": { + "type": "string" + }, + "url": { + "type": "string" + }, + "status": { + "type": "string" + } + } + } + } + } + } + }, + "x-github": { + "githubCloudOnly": false, + "enabledForGitHubApps": true, + "category": "actions", + "subcategory": "workflow-runs" + } + } + }, "/repos/{owner}/{repo}/actions/permissions": { "get": { "summary": "Get GitHub Actions permissions for a repository", @@ -155747,6 +156290,70 @@ "deprecated": true } }, + "/repos/{owner}/{repo}/actions/runs/{run_id}/rerun-failed-jobs": { + "post": { + "summary": "Re-run failed jobs from a workflow run", + "description": "Re-run all of the failed jobs and their dependent jobs in a workflow run using the `id` of the workflow run. You must authenticate using an access token with the `repo` scope to use this endpoint.", + "tags": [ + "actions" + ], + "operationId": "actions/re-run-workflow-failed-jobs", + "externalDocs": { + "description": "API method documentation", + "url": "https://docs.github.com/rest/reference/actions#re-run-workflow-failed-jobs" + }, + "parameters": [ + { + "name": "owner", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "run_id", + "description": "The id of the workflow run.", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + } + ], + "responses": { + "201": { + "description": "Response", + "content": { + "application/json": { + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": { + }, + "additionalProperties": false + } + } + } + } + }, + "x-github": { + "githubCloudOnly": false, + "enabledForGitHubApps": true, + "category": "actions", + "subcategory": "workflow-runs" + } + } + }, "/repos/{owner}/{repo}/actions/runs/{run_id}/timing": { "get": { "summary": "Get workflow run usage", @@ -179314,7 +179921,7 @@ "id": 4, "head_sha": "ce587453ced02b1526dfb4cb910479d431683101", "node_id": "MDg6Q2hlY2tSdW40", - "external_id": "", + "external_id": "42", "url": "https://api.github.com/repos/github/hello-world/check-runs/4", "html_url": "https://github.com/github/hello-world/runs/4", "details_url": "https://example.com", @@ -179400,6 +180007,99 @@ } ] } + }, + "example-of-in-progress-conclusion": { + "summary": "Response for completed conclusion", + "value": { + "id": 4, + "head_sha": "ce587453ced02b1526dfb4cb910479d431683101", + "node_id": "MDg6Q2hlY2tSdW40", + "external_id": "42", + "url": "https://api.github.com/repos/github/hello-world/check-runs/4", + "html_url": "https://github.com/github/hello-world/runs/4", + "details_url": "https://example.com", + "status": "in_progress", + "conclusion": null, + "started_at": "2018-05-04T01:14:52Z", + "completed_at": null, + "output": { + "title": "Mighty Readme report", + "summary": "There are 0 failures, 2 warnings, and 1 notice.", + "text": "You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.", + "annotations_count": 2, + "annotations_url": "https://api.github.com/repos/github/hello-world/check-runs/4/annotations" + }, + "name": "mighty_readme", + "check_suite": { + "id": 5 + }, + "app": { + "id": 1, + "slug": "octoapp", + "node_id": "MDExOkludGVncmF0aW9uMQ==", + "owner": { + "login": "github", + "id": 1, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", + "url": "https://api.github.com/orgs/github", + "repos_url": "https://api.github.com/orgs/github/repos", + "events_url": "https://api.github.com/orgs/github/events", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": true + }, + "name": "Octocat App", + "description": "", + "external_url": "https://example.com", + "html_url": "https://github.com/apps/octoapp", + "created_at": "2017-07-08T16:18:44-04:00", + "updated_at": "2017-07-08T16:18:44-04:00", + "permissions": { + "metadata": "read", + "contents": "read", + "issues": "write", + "single_file": "write" + }, + "events": [ + "push", + "pull_request" + ] + }, + "pull_requests": [ + { + "url": "https://api.github.com/repos/github/hello-world/pulls/1", + "id": 1934, + "number": 3956, + "head": { + "ref": "say-hello", + "sha": "3dca65fa3e8d4b3da3f3d056c59aee1c50f41390", + "repo": { + "id": 526, + "url": "https://api.github.com/repos/github/hello-world", + "name": "hello-world" + } + }, + "base": { + "ref": "master", + "sha": "e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f", + "repo": { + "id": 526, + "url": "https://api.github.com/repos/github/hello-world", + "name": "hello-world" + } + } + } + ] + } } } } @@ -181944,15 +182644,19 @@ "head_sha" ] }, - "example": { - "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + "examples": { + "default": { + "value": { + "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + } + } } } } }, "responses": { "200": { - "description": "when the suite already existed", + "description": "Response when the suite already exists", "content": { "application/json": { "schema": { @@ -198803,9 +199507,13 @@ } } }, - "example": { - "repository_id": 1, - "ref": "main" + "examples": { + "default": { + "value": { + "repository_id": 1, + "ref": "main" + } + } } } } @@ -208316,7 +209024,11 @@ ] }, "example": { - "content": "heart" + "default": { + "value": { + "content": "heart" + } + } } } } @@ -249356,7 +250068,7 @@ }, "patch": { "summary": "Update an import", - "description": "An import can be updated with credentials or a project choice by passing in the appropriate parameters in this API\nrequest. If no parameters are provided, the import will be restarted.", + "description": "An import can be updated with credentials or a project choice by passing in the appropriate parameters in this API\nrequest. If no parameters are provided, the import will be restarted.\n\nSome servers (e.g. TFS servers) can have several projects at a single URL. In those cases the import progress will\nhave the status `detection_found_multiple` and the Import Progress response will include a `project_choices` array.\nYou can select the project to import by providing one of the objects in the `project_choices` array in the update request.", "tags": [ "migrations" ], @@ -249400,10 +250112,18 @@ }, "vcs": { "type": "string", + "description": "The type of version control system you are migrating from.", + "enum": [ + "subversion", + "tfvc", + "git", + "mercurial" + ], "example": "\"git\"" }, "tfvc_project": { "type": "string", + "description": "For a tfvc import, the name of the project that is being imported.", "example": "\"project1\"" } }, @@ -249411,11 +250131,22 @@ }, "examples": { "example-1": { - "summary": "Example 1", + "summary": "Update authentication for an import", "value": { "vcs_username": "octocat", "vcs_password": "secret" } + }, + "example-2": { + "summary": "Updating the project choice", + "value": { + "vcs": "tfvc", + "tfvc_project": "project1", + "human_name": "project1 (tfs)" + } + }, + "example-3": { + "summary": "Restarting an import" } } } @@ -249590,7 +250321,7 @@ "repository_url": "https://api.github.com/repos/octocat/socm" } }, - "response": { + "example-3": { "summary": "Response", "value": { "vcs": "subversion", @@ -263950,8 +264681,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -293714,8 +294449,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -325926,8 +326665,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -333255,9 +333998,13 @@ } } }, - "example": { - "repository_id": 1, - "ref": "main" + "examples": { + "default": { + "value": { + "repository_id": 1, + "ref": "main" + } + } } } } @@ -338656,16 +339403,6 @@ ] }, "examples": { - "example-for-a-single-line-comment": { - "summary": "Example for a single-line comment", - "value": { - "body": "Let's add this deleted line back.", - "commit_id": "6dcb09b5b57875f334f61aebed695e2e4193db5e", - "path": "file1.txt", - "line": 5, - "side": "LEFT" - } - }, "example-for-a-multi-line-comment": { "summary": "Example for a multi-line comment", "value": { @@ -360049,8 +360786,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -386001,17 +386742,21 @@ "name" ] }, - "example": { - "name": "new team name", - "description": "new team description", - "privacy": "closed" + "examples": { + "default": { + "value": { + "name": "new team name", + "description": "new team description", + "privacy": "closed" + } + } } } } }, "responses": { "200": { - "description": "Response", + "description": "Response when the updated information already exists", "content": { "application/json": { "schema": { @@ -403341,10 +404086,14 @@ } ] }, - "example": { - "repository_id": 1, - "ref": "main", - "location": "WestUs2" + "examples": { + "default": { + "value": { + "repository_id": 1, + "ref": "main", + "location": "WestUs2" + } + } } } } @@ -426076,6 +426825,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -427449,6 +428203,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -427546,6 +428305,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { diff --git a/lib/rest/static/dereferenced/ghes-3.1.deref.json b/lib/rest/static/dereferenced/ghes-3.1.deref.json index eebd7b6146..7d0e4739dc 100644 --- a/lib/rest/static/dereferenced/ghes-3.1.deref.json +++ b/lib/rest/static/dereferenced/ghes-3.1.deref.json @@ -6033,17 +6033,6 @@ } } ], - "requestBody": { - "required": false, - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false - } - } - } - }, "responses": { "201": { "description": "Response", @@ -6559,12 +6548,16 @@ } ] } - }, - "example": { - "content_type": "json", - "insecure_ssl": "0", - "secret": "********", - "url": "https://example.com/webhook" + } + }, + "examples": { + "default": { + "value": { + "content_type": "json", + "insecure_ssl": "0", + "secret": "********", + "url": "https://example.com/webhook" + } } } } @@ -7472,6 +7465,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -8298,6 +8296,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -8360,6 +8363,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -8650,6 +8658,17 @@ } } } + }, + "examples": { + "default": { + "value": { + "respoitory": "Hello-World", + "permissions": { + "issues": "write", + "contents": "read" + } + } + } } } } @@ -10396,6 +10415,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -10456,6 +10480,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -11265,6 +11294,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -11392,6 +11426,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -11439,6 +11478,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -11457,6 +11501,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -12272,6 +12323,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -12290,6 +12346,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -13079,6 +13142,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -13206,6 +13274,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -13514,6 +13587,19 @@ "required": [ "access_token" ] + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a", + "target": "octocat", + "permissions": { + "metadata": "read", + "issues": "write", + "contents": "read" + } + } + } } } } @@ -14416,6 +14502,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -15173,6 +15264,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -15903,6 +15999,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -18076,6 +18177,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -19629,6 +19735,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -55227,11 +55338,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -55315,8 +55421,7 @@ "members_can_create_public_repositories": false, "members_can_create_private_repositories": false, "members_can_create_internal_repositories": false, - "members_can_create_pages": true, - "members_can_fork_private_repositories": false + "members_can_create_pages": true } } } @@ -55468,11 +55573,6 @@ "description": "Toggles whether organization members can create GitHub Pages sites. Can be one of: \n\\* `true` - all organization members can create GitHub Pages sites. \n\\* `false` - no organization members can create GitHub Pages sites. Existing published sites will not be impacted.", "default": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "description": "Toggles whether organization members can fork private organization repositories. Can be one of: \n\\* `true` - all organization members can fork private repositories within the organization. \n\\* `false` - no organization members can fork private repositories within the organization.", - "default": false - }, "blog": { "type": "string", "example": "\"http://github.blog\"" @@ -55721,11 +55821,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -55808,7 +55903,6 @@ "members_can_create_pages": true, "members_can_create_public_pages": true, "members_can_create_private_pages": true, - "members_can_fork_private_repositories": false, "updated_at": "2014-03-03T18:58:10Z" } } @@ -82454,11 +82548,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -83088,11 +83177,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -83699,11 +83783,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -87514,15 +87593,19 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } }, "responses": { "200": { - "description": "Response", + "description": "Response when the reaction type has already been added to this team discussion comment", "content": { "application/json": { "schema": { @@ -88372,8 +88455,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -143275,7 +143362,7 @@ "id": 4, "head_sha": "ce587453ced02b1526dfb4cb910479d431683101", "node_id": "MDg6Q2hlY2tSdW40", - "external_id": "", + "external_id": "42", "url": "https://api.github.com/repos/github/hello-world/check-runs/4", "html_url": "https://github.com/github/hello-world/runs/4", "details_url": "https://example.com", @@ -143361,6 +143448,99 @@ } ] } + }, + "example-of-in-progress-conclusion": { + "summary": "Response for completed conclusion", + "value": { + "id": 4, + "head_sha": "ce587453ced02b1526dfb4cb910479d431683101", + "node_id": "MDg6Q2hlY2tSdW40", + "external_id": "42", + "url": "https://api.github.com/repos/github/hello-world/check-runs/4", + "html_url": "https://github.com/github/hello-world/runs/4", + "details_url": "https://example.com", + "status": "in_progress", + "conclusion": null, + "started_at": "2018-05-04T01:14:52Z", + "completed_at": null, + "output": { + "title": "Mighty Readme report", + "summary": "There are 0 failures, 2 warnings, and 1 notice.", + "text": "You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.", + "annotations_count": 2, + "annotations_url": "https://api.github.com/repos/github/hello-world/check-runs/4/annotations" + }, + "name": "mighty_readme", + "check_suite": { + "id": 5 + }, + "app": { + "id": 1, + "slug": "octoapp", + "node_id": "MDExOkludGVncmF0aW9uMQ==", + "owner": { + "login": "github", + "id": 1, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", + "url": "https://api.github.com/orgs/github", + "repos_url": "https://api.github.com/orgs/github/repos", + "events_url": "https://api.github.com/orgs/github/events", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": true + }, + "name": "Octocat App", + "description": "", + "external_url": "https://example.com", + "html_url": "https://github.com/apps/octoapp", + "created_at": "2017-07-08T16:18:44-04:00", + "updated_at": "2017-07-08T16:18:44-04:00", + "permissions": { + "metadata": "read", + "contents": "read", + "issues": "write", + "single_file": "write" + }, + "events": [ + "push", + "pull_request" + ] + }, + "pull_requests": [ + { + "url": "https://api.github.com/repos/github/hello-world/pulls/1", + "id": 1934, + "number": 3956, + "head": { + "ref": "say-hello", + "sha": "3dca65fa3e8d4b3da3f3d056c59aee1c50f41390", + "repo": { + "id": 526, + "url": "https://api.github.com/repos/github/hello-world", + "name": "hello-world" + } + }, + "base": { + "ref": "master", + "sha": "e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f", + "repo": { + "id": 526, + "url": "https://api.github.com/repos/github/hello-world", + "name": "hello-world" + } + } + } + ] + } } } } @@ -145765,15 +145945,19 @@ "head_sha" ] }, - "example": { - "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + "examples": { + "default": { + "value": { + "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + } + } } } } }, "responses": { "200": { - "description": "when the suite already existed", + "description": "Response when the suite already exists", "content": { "application/json": { "schema": { @@ -164094,7 +164278,11 @@ ] }, "example": { - "content": "heart" + "default": { + "value": { + "content": "heart" + } + } } } } @@ -214471,8 +214659,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -244225,8 +244417,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -276304,8 +276500,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -284255,16 +284455,6 @@ ] }, "examples": { - "example-for-a-single-line-comment": { - "summary": "Example for a single-line comment", - "value": { - "body": "Let's add this deleted line back.", - "commit_id": "6dcb09b5b57875f334f61aebed695e2e4193db5e", - "path": "file1.txt", - "line": 5, - "side": "LEFT" - } - }, "example-for-a-multi-line-comment": { "summary": "Example for a multi-line comment", "value": { @@ -323046,6 +323236,10 @@ "name": "mysql queries", "number": 233 }, + { + "name": "aqueduct jobs", + "number": 34 + }, { "name": "resque jobs", "number": 54 @@ -323124,6 +323318,10 @@ "name": "mysql queries", "number": 233 }, + { + "name": "aqueduct jobs", + "number": 34 + }, { "name": "resque jobs", "number": 54 @@ -324542,11 +324740,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -324756,17 +324949,21 @@ "name" ] }, - "example": { - "name": "new team name", - "description": "new team description", - "privacy": "closed" + "examples": { + "default": { + "value": { + "name": "new team name", + "description": "new team description", + "privacy": "closed" + } + } } } } }, "responses": { "200": { - "description": "Response", + "description": "Response when the updated information already exists", "content": { "application/json": { "schema": { @@ -325150,11 +325347,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -325648,11 +325840,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -341606,6 +341793,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -342975,6 +343167,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -343072,6 +343269,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -359654,11 +359856,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" diff --git a/lib/rest/static/dereferenced/ghes-3.2.deref.json b/lib/rest/static/dereferenced/ghes-3.2.deref.json index 0619a825c6..e620c96aa5 100644 --- a/lib/rest/static/dereferenced/ghes-3.2.deref.json +++ b/lib/rest/static/dereferenced/ghes-3.2.deref.json @@ -6044,17 +6044,6 @@ } } ], - "requestBody": { - "required": false, - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false - } - } - } - }, "responses": { "201": { "description": "Response", @@ -6570,12 +6559,16 @@ } ] } - }, - "example": { - "content_type": "json", - "insecure_ssl": "0", - "secret": "********", - "url": "https://example.com/webhook" + } + }, + "examples": { + "default": { + "value": { + "content_type": "json", + "insecure_ssl": "0", + "secret": "********", + "url": "https://example.com/webhook" + } } } } @@ -8289,6 +8282,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -9115,6 +9113,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -9177,6 +9180,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -9467,6 +9475,17 @@ } } } + }, + "examples": { + "default": { + "value": { + "respoitory": "Hello-World", + "permissions": { + "issues": "write", + "contents": "read" + } + } + } } } } @@ -11223,6 +11242,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -11283,6 +11307,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -12092,6 +12121,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -12219,6 +12253,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -12266,6 +12305,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -12284,6 +12328,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -12948,7 +12999,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -13104,6 +13155,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -13122,6 +13178,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -13786,7 +13849,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -13916,6 +13979,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -14043,6 +14111,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -14351,6 +14424,19 @@ "required": [ "access_token" ] + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a", + "target": "octocat", + "permissions": { + "metadata": "read", + "issues": "write", + "contents": "read" + } + } + } } } } @@ -15014,7 +15100,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -15258,6 +15344,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -15930,7 +16021,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -16020,6 +16111,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -16691,7 +16787,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -16755,6 +16851,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -18939,6 +19040,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -20504,6 +20610,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -56210,11 +56321,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -56298,8 +56404,7 @@ "members_can_create_public_repositories": false, "members_can_create_private_repositories": false, "members_can_create_internal_repositories": false, - "members_can_create_pages": true, - "members_can_fork_private_repositories": false + "members_can_create_pages": true } } } @@ -56451,11 +56556,6 @@ "description": "Toggles whether organization members can create GitHub Pages sites. Can be one of: \n\\* `true` - all organization members can create GitHub Pages sites. \n\\* `false` - no organization members can create GitHub Pages sites. Existing published sites will not be impacted.", "default": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "description": "Toggles whether organization members can fork private organization repositories. Can be one of: \n\\* `true` - all organization members can fork private repositories within the organization. \n\\* `false` - no organization members can fork private repositories within the organization.", - "default": false - }, "blog": { "type": "string", "example": "\"http://github.blog\"" @@ -56704,11 +56804,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -56791,7 +56886,6 @@ "members_can_create_pages": true, "members_can_create_public_pages": true, "members_can_create_private_pages": true, - "members_can_fork_private_repositories": false, "updated_at": "2014-03-03T18:58:10Z" } } @@ -84409,11 +84503,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -85043,11 +85132,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -85654,11 +85738,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -89469,15 +89548,19 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } }, "responses": { "200": { - "description": "Response", + "description": "Response when the reaction type has already been added to this team discussion comment", "content": { "application/json": { "schema": { @@ -90327,8 +90410,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -146930,7 +147017,7 @@ "id": 4, "head_sha": "ce587453ced02b1526dfb4cb910479d431683101", "node_id": "MDg6Q2hlY2tSdW40", - "external_id": "", + "external_id": "42", "url": "https://api.github.com/repos/github/hello-world/check-runs/4", "html_url": "https://github.com/github/hello-world/runs/4", "details_url": "https://example.com", @@ -147016,6 +147103,99 @@ } ] } + }, + "example-of-in-progress-conclusion": { + "summary": "Response for completed conclusion", + "value": { + "id": 4, + "head_sha": "ce587453ced02b1526dfb4cb910479d431683101", + "node_id": "MDg6Q2hlY2tSdW40", + "external_id": "42", + "url": "https://api.github.com/repos/github/hello-world/check-runs/4", + "html_url": "https://github.com/github/hello-world/runs/4", + "details_url": "https://example.com", + "status": "in_progress", + "conclusion": null, + "started_at": "2018-05-04T01:14:52Z", + "completed_at": null, + "output": { + "title": "Mighty Readme report", + "summary": "There are 0 failures, 2 warnings, and 1 notice.", + "text": "You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.", + "annotations_count": 2, + "annotations_url": "https://api.github.com/repos/github/hello-world/check-runs/4/annotations" + }, + "name": "mighty_readme", + "check_suite": { + "id": 5 + }, + "app": { + "id": 1, + "slug": "octoapp", + "node_id": "MDExOkludGVncmF0aW9uMQ==", + "owner": { + "login": "github", + "id": 1, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", + "url": "https://api.github.com/orgs/github", + "repos_url": "https://api.github.com/orgs/github/repos", + "events_url": "https://api.github.com/orgs/github/events", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": true + }, + "name": "Octocat App", + "description": "", + "external_url": "https://example.com", + "html_url": "https://github.com/apps/octoapp", + "created_at": "2017-07-08T16:18:44-04:00", + "updated_at": "2017-07-08T16:18:44-04:00", + "permissions": { + "metadata": "read", + "contents": "read", + "issues": "write", + "single_file": "write" + }, + "events": [ + "push", + "pull_request" + ] + }, + "pull_requests": [ + { + "url": "https://api.github.com/repos/github/hello-world/pulls/1", + "id": 1934, + "number": 3956, + "head": { + "ref": "say-hello", + "sha": "3dca65fa3e8d4b3da3f3d056c59aee1c50f41390", + "repo": { + "id": 526, + "url": "https://api.github.com/repos/github/hello-world", + "name": "hello-world" + } + }, + "base": { + "ref": "master", + "sha": "e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f", + "repo": { + "id": 526, + "url": "https://api.github.com/repos/github/hello-world", + "name": "hello-world" + } + } + } + ] + } } } } @@ -149420,15 +149600,19 @@ "head_sha" ] }, - "example": { - "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + "examples": { + "default": { + "value": { + "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + } + } } } } }, "responses": { "200": { - "description": "when the suite already existed", + "description": "Response when the suite already exists", "content": { "application/json": { "schema": { @@ -167828,7 +168012,11 @@ ] }, "example": { - "content": "heart" + "default": { + "value": { + "content": "heart" + } + } } } } @@ -221198,8 +221386,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -251006,8 +251198,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -283123,8 +283319,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -291074,16 +291274,6 @@ ] }, "examples": { - "example-for-a-single-line-comment": { - "summary": "Example for a single-line comment", - "value": { - "body": "Let's add this deleted line back.", - "commit_id": "6dcb09b5b57875f334f61aebed695e2e4193db5e", - "path": "file1.txt", - "line": 5, - "side": "LEFT" - } - }, "example-for-a-multi-line-comment": { "summary": "Example for a multi-line comment", "value": { @@ -312249,8 +312439,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -331412,6 +331606,10 @@ "name": "mysql queries", "number": 233 }, + { + "name": "aqueduct jobs", + "number": 34 + }, { "name": "resque jobs", "number": 54 @@ -331490,6 +331688,10 @@ "name": "mysql queries", "number": 233 }, + { + "name": "aqueduct jobs", + "number": 34 + }, { "name": "resque jobs", "number": 54 @@ -332908,11 +333110,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -333122,17 +333319,21 @@ "name" ] }, - "example": { - "name": "new team name", - "description": "new team description", - "privacy": "closed" + "examples": { + "default": { + "value": { + "name": "new team name", + "description": "new team description", + "privacy": "closed" + } + } } } } }, "responses": { "200": { - "description": "Response", + "description": "Response when the updated information already exists", "content": { "application/json": { "schema": { @@ -333516,11 +333717,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -334014,11 +334210,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -349999,6 +350190,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -351378,6 +351574,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -351475,6 +351676,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -368125,11 +368331,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" diff --git a/lib/rest/static/dereferenced/ghes-3.3.deref.json b/lib/rest/static/dereferenced/ghes-3.3.deref.json index 0b416ccd60..1a447dcf5f 100644 --- a/lib/rest/static/dereferenced/ghes-3.3.deref.json +++ b/lib/rest/static/dereferenced/ghes-3.3.deref.json @@ -5898,17 +5898,6 @@ } } ], - "requestBody": { - "required": false, - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false - } - } - } - }, "responses": { "201": { "description": "Response", @@ -6424,12 +6413,16 @@ } ] } - }, - "example": { - "content_type": "json", - "insecure_ssl": "0", - "secret": "********", - "url": "https://example.com/webhook" + } + }, + "examples": { + "default": { + "value": { + "content_type": "json", + "insecure_ssl": "0", + "secret": "********", + "url": "https://example.com/webhook" + } } } } @@ -8143,6 +8136,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -8969,6 +8967,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -9031,6 +9034,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -9321,6 +9329,17 @@ } } } + }, + "examples": { + "default": { + "value": { + "respoitory": "Hello-World", + "permissions": { + "issues": "write", + "contents": "read" + } + } + } } } } @@ -11077,6 +11096,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -11137,6 +11161,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -11946,6 +11975,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -12073,6 +12107,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -12120,6 +12159,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -12138,6 +12182,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -12802,7 +12853,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -12958,6 +13009,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -12976,6 +13032,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -13640,7 +13703,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -13770,6 +13833,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -13897,6 +13965,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -14205,6 +14278,19 @@ "required": [ "access_token" ] + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a", + "target": "octocat", + "permissions": { + "metadata": "read", + "issues": "write", + "contents": "read" + } + } + } } } } @@ -14868,7 +14954,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -15112,6 +15198,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -15784,7 +15875,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -15874,6 +15965,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -16545,7 +16641,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -16609,6 +16705,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -18793,6 +18894,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -20358,6 +20464,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -56445,11 +56556,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -56533,8 +56639,7 @@ "members_can_create_public_repositories": false, "members_can_create_private_repositories": false, "members_can_create_internal_repositories": false, - "members_can_create_pages": true, - "members_can_fork_private_repositories": false + "members_can_create_pages": true } } } @@ -56681,11 +56786,6 @@ "description": "Toggles whether organization members can create GitHub Pages sites. Can be one of: \n\\* `true` - all organization members can create GitHub Pages sites. \n\\* `false` - no organization members can create GitHub Pages sites. Existing published sites will not be impacted.", "default": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "description": "Toggles whether organization members can fork private organization repositories. Can be one of: \n\\* `true` - all organization members can fork private repositories within the organization. \n\\* `false` - no organization members can fork private repositories within the organization.", - "default": false - }, "blog": { "type": "string", "example": "\"http://github.blog\"" @@ -56934,11 +57034,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -57021,7 +57116,6 @@ "members_can_create_pages": true, "members_can_create_public_pages": true, "members_can_create_private_pages": true, - "members_can_fork_private_repositories": false, "updated_at": "2014-03-03T18:58:10Z" } } @@ -87478,11 +87572,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -88112,11 +88201,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -88723,11 +88807,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -92485,15 +92564,19 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } }, "responses": { "200": { - "description": "Response", + "description": "Response when the reaction type has already been added to this team discussion comment", "content": { "application/json": { "schema": { @@ -93328,8 +93411,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -149798,7 +149885,7 @@ "id": 4, "head_sha": "ce587453ced02b1526dfb4cb910479d431683101", "node_id": "MDg6Q2hlY2tSdW40", - "external_id": "", + "external_id": "42", "url": "https://api.github.com/repos/github/hello-world/check-runs/4", "html_url": "https://github.com/github/hello-world/runs/4", "details_url": "https://example.com", @@ -149884,6 +149971,99 @@ } ] } + }, + "example-of-in-progress-conclusion": { + "summary": "Response for completed conclusion", + "value": { + "id": 4, + "head_sha": "ce587453ced02b1526dfb4cb910479d431683101", + "node_id": "MDg6Q2hlY2tSdW40", + "external_id": "42", + "url": "https://api.github.com/repos/github/hello-world/check-runs/4", + "html_url": "https://github.com/github/hello-world/runs/4", + "details_url": "https://example.com", + "status": "in_progress", + "conclusion": null, + "started_at": "2018-05-04T01:14:52Z", + "completed_at": null, + "output": { + "title": "Mighty Readme report", + "summary": "There are 0 failures, 2 warnings, and 1 notice.", + "text": "You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.", + "annotations_count": 2, + "annotations_url": "https://api.github.com/repos/github/hello-world/check-runs/4/annotations" + }, + "name": "mighty_readme", + "check_suite": { + "id": 5 + }, + "app": { + "id": 1, + "slug": "octoapp", + "node_id": "MDExOkludGVncmF0aW9uMQ==", + "owner": { + "login": "github", + "id": 1, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", + "url": "https://api.github.com/orgs/github", + "repos_url": "https://api.github.com/orgs/github/repos", + "events_url": "https://api.github.com/orgs/github/events", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": true + }, + "name": "Octocat App", + "description": "", + "external_url": "https://example.com", + "html_url": "https://github.com/apps/octoapp", + "created_at": "2017-07-08T16:18:44-04:00", + "updated_at": "2017-07-08T16:18:44-04:00", + "permissions": { + "metadata": "read", + "contents": "read", + "issues": "write", + "single_file": "write" + }, + "events": [ + "push", + "pull_request" + ] + }, + "pull_requests": [ + { + "url": "https://api.github.com/repos/github/hello-world/pulls/1", + "id": 1934, + "number": 3956, + "head": { + "ref": "say-hello", + "sha": "3dca65fa3e8d4b3da3f3d056c59aee1c50f41390", + "repo": { + "id": 526, + "url": "https://api.github.com/repos/github/hello-world", + "name": "hello-world" + } + }, + "base": { + "ref": "master", + "sha": "e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f", + "repo": { + "id": 526, + "url": "https://api.github.com/repos/github/hello-world", + "name": "hello-world" + } + } + } + ] + } } } } @@ -152434,15 +152614,19 @@ "head_sha" ] }, - "example": { - "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + "examples": { + "default": { + "value": { + "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + } + } } } } }, "responses": { "200": { - "description": "when the suite already existed", + "description": "Response when the suite already exists", "content": { "application/json": { "schema": { @@ -170815,7 +170999,11 @@ ] }, "example": { - "content": "heart" + "default": { + "value": { + "content": "heart" + } + } } } } @@ -224075,8 +224263,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -253839,8 +254031,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -286058,8 +286254,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -293989,16 +294189,6 @@ ] }, "examples": { - "example-for-a-single-line-comment": { - "summary": "Example for a single-line comment", - "value": { - "body": "Let's add this deleted line back.", - "commit_id": "6dcb09b5b57875f334f61aebed695e2e4193db5e", - "path": "file1.txt", - "line": 5, - "side": "LEFT" - } - }, "example-for-a-multi-line-comment": { "summary": "Example for a multi-line comment", "value": { @@ -315292,8 +315482,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -334591,6 +334785,10 @@ "name": "mysql queries", "number": 233 }, + { + "name": "aqueduct jobs", + "number": 34 + }, { "name": "resque jobs", "number": 54 @@ -334669,6 +334867,10 @@ "name": "mysql queries", "number": 233 }, + { + "name": "aqueduct jobs", + "number": 34 + }, { "name": "resque jobs", "number": 54 @@ -336087,11 +336289,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -336301,17 +336498,21 @@ "name" ] }, - "example": { - "name": "new team name", - "description": "new team description", - "privacy": "closed" + "examples": { + "default": { + "value": { + "name": "new team name", + "description": "new team description", + "privacy": "closed" + } + } } } } }, "responses": { "200": { - "description": "Response", + "description": "Response when the updated information already exists", "content": { "application/json": { "schema": { @@ -336695,11 +336896,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -337193,11 +337389,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" @@ -353095,6 +353286,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -354468,6 +354664,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -354565,6 +354766,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -371201,11 +371407,6 @@ "type": "boolean", "example": true }, - "members_can_fork_private_repositories": { - "type": "boolean", - "example": false, - "nullable": true - }, "updated_at": { "type": "string", "format": "date-time" diff --git a/lib/rest/static/dereferenced/ghes-3.4.deref.json b/lib/rest/static/dereferenced/ghes-3.4.deref.json index 4a3c569c26..e1d0bc9793 100644 --- a/lib/rest/static/dereferenced/ghes-3.4.deref.json +++ b/lib/rest/static/dereferenced/ghes-3.4.deref.json @@ -5882,17 +5882,6 @@ } } ], - "requestBody": { - "required": false, - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false - } - } - } - }, "responses": { "201": { "description": "Response", @@ -6408,12 +6397,16 @@ } ] } - }, - "example": { - "content_type": "json", - "insecure_ssl": "0", - "secret": "********", - "url": "https://example.com/webhook" + } + }, + "examples": { + "default": { + "value": { + "content_type": "json", + "insecure_ssl": "0", + "secret": "********", + "url": "https://example.com/webhook" + } } } } @@ -8119,6 +8112,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -8937,6 +8935,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -8999,6 +9002,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -9281,6 +9289,17 @@ } } } + }, + "examples": { + "default": { + "value": { + "respoitory": "Hello-World", + "permissions": { + "issues": "write", + "contents": "read" + } + } + } } } } @@ -11029,6 +11048,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -11089,6 +11113,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -11898,6 +11927,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -12025,6 +12059,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -12043,6 +12082,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -12699,7 +12745,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -12855,6 +12901,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -12873,6 +12924,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -13529,7 +13587,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -13659,6 +13717,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -13786,6 +13849,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -14086,6 +14154,19 @@ "required": [ "access_token" ] + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a", + "target": "octocat", + "permissions": { + "metadata": "read", + "issues": "write", + "contents": "read" + } + } + } } } } @@ -14741,7 +14822,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -17106,6 +17187,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -18655,6 +18741,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -102709,15 +102800,19 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } }, "responses": { "200": { - "description": "Response", + "description": "Response when the reaction type has already been added to this team discussion comment", "content": { "application/json": { "schema": { @@ -103552,8 +103647,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -163206,7 +163305,7 @@ "id": 4, "head_sha": "ce587453ced02b1526dfb4cb910479d431683101", "node_id": "MDg6Q2hlY2tSdW40", - "external_id": "", + "external_id": "42", "url": "https://api.github.com/repos/github/hello-world/check-runs/4", "html_url": "https://github.com/github/hello-world/runs/4", "details_url": "https://example.com", @@ -163292,6 +163391,99 @@ } ] } + }, + "example-of-in-progress-conclusion": { + "summary": "Response for completed conclusion", + "value": { + "id": 4, + "head_sha": "ce587453ced02b1526dfb4cb910479d431683101", + "node_id": "MDg6Q2hlY2tSdW40", + "external_id": "42", + "url": "https://api.github.com/repos/github/hello-world/check-runs/4", + "html_url": "https://github.com/github/hello-world/runs/4", + "details_url": "https://example.com", + "status": "in_progress", + "conclusion": null, + "started_at": "2018-05-04T01:14:52Z", + "completed_at": null, + "output": { + "title": "Mighty Readme report", + "summary": "There are 0 failures, 2 warnings, and 1 notice.", + "text": "You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.", + "annotations_count": 2, + "annotations_url": "https://api.github.com/repos/github/hello-world/check-runs/4/annotations" + }, + "name": "mighty_readme", + "check_suite": { + "id": 5 + }, + "app": { + "id": 1, + "slug": "octoapp", + "node_id": "MDExOkludGVncmF0aW9uMQ==", + "owner": { + "login": "github", + "id": 1, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", + "url": "https://api.github.com/orgs/github", + "repos_url": "https://api.github.com/orgs/github/repos", + "events_url": "https://api.github.com/orgs/github/events", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": true + }, + "name": "Octocat App", + "description": "", + "external_url": "https://example.com", + "html_url": "https://github.com/apps/octoapp", + "created_at": "2017-07-08T16:18:44-04:00", + "updated_at": "2017-07-08T16:18:44-04:00", + "permissions": { + "metadata": "read", + "contents": "read", + "issues": "write", + "single_file": "write" + }, + "events": [ + "push", + "pull_request" + ] + }, + "pull_requests": [ + { + "url": "https://api.github.com/repos/github/hello-world/pulls/1", + "id": 1934, + "number": 3956, + "head": { + "ref": "say-hello", + "sha": "3dca65fa3e8d4b3da3f3d056c59aee1c50f41390", + "repo": { + "id": 526, + "url": "https://api.github.com/repos/github/hello-world", + "name": "hello-world" + } + }, + "base": { + "ref": "master", + "sha": "e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f", + "repo": { + "id": 526, + "url": "https://api.github.com/repos/github/hello-world", + "name": "hello-world" + } + } + } + ] + } } } } @@ -165836,15 +166028,19 @@ "head_sha" ] }, - "example": { - "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + "examples": { + "default": { + "value": { + "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + } + } } } } }, "responses": { "200": { - "description": "when the suite already existed", + "description": "Response when the suite already exists", "content": { "application/json": { "schema": { @@ -184323,7 +184519,11 @@ ] }, "example": { - "content": "heart" + "default": { + "value": { + "content": "heart" + } + } } } } @@ -237704,8 +237904,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -267468,8 +267672,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -299687,8 +299895,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -307618,16 +307830,6 @@ ] }, "examples": { - "example-for-a-single-line-comment": { - "summary": "Example for a single-line comment", - "value": { - "body": "Let's add this deleted line back.", - "commit_id": "6dcb09b5b57875f334f61aebed695e2e4193db5e", - "path": "file1.txt", - "line": 5, - "side": "LEFT" - } - }, "example-for-a-multi-line-comment": { "summary": "Example for a multi-line comment", "value": { @@ -328921,8 +329123,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -348417,6 +348623,10 @@ "name": "mysql queries", "number": 233 }, + { + "name": "aqueduct jobs", + "number": 34 + }, { "name": "resque jobs", "number": 54 @@ -348495,6 +348705,10 @@ "name": "mysql queries", "number": 233 }, + { + "name": "aqueduct jobs", + "number": 34 + }, { "name": "resque jobs", "number": 54 @@ -350127,17 +350341,21 @@ "name" ] }, - "example": { - "name": "new team name", - "description": "new team description", - "privacy": "closed" + "examples": { + "default": { + "value": { + "name": "new team name", + "description": "new team description", + "privacy": "closed" + } + } } } } }, "responses": { "200": { - "description": "Response", + "description": "Response when the updated information already exists", "content": { "application/json": { "schema": { @@ -366913,6 +367131,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -368286,6 +368509,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -368383,6 +368611,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { diff --git a/lib/rest/static/dereferenced/github.ae.deref.json b/lib/rest/static/dereferenced/github.ae.deref.json index e6e2d60cf6..443f7c51d8 100644 --- a/lib/rest/static/dereferenced/github.ae.deref.json +++ b/lib/rest/static/dereferenced/github.ae.deref.json @@ -4205,17 +4205,6 @@ } } ], - "requestBody": { - "required": false, - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false - } - } - } - }, "responses": { "201": { "description": "Response", @@ -4731,12 +4720,16 @@ } ] } - }, - "example": { - "content_type": "json", - "insecure_ssl": "0", - "secret": "********", - "url": "https://example.com/webhook" + } + }, + "examples": { + "default": { + "value": { + "content_type": "json", + "insecure_ssl": "0", + "secret": "********", + "url": "https://example.com/webhook" + } } } } @@ -6441,6 +6434,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -7259,6 +7257,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -7321,6 +7324,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -7603,6 +7611,17 @@ } } } + }, + "examples": { + "default": { + "value": { + "respoitory": "Hello-World", + "permissions": { + "issues": "write", + "contents": "read" + } + } + } } } } @@ -9351,6 +9370,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -9411,6 +9435,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } } ], @@ -9473,6 +9502,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -9600,6 +9634,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -9618,6 +9657,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -10274,7 +10320,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -10430,6 +10476,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -10448,6 +10499,13 @@ "access_token" ], "type": "object" + }, + "examples": { + "default": { + "value": { + "access_token": "e72e16c7e42f292c6912e7710c838347ae178b4a" + } + } } } } @@ -11104,7 +11162,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -11234,6 +11292,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } } ], @@ -11361,6 +11424,11 @@ "description": "The client ID of your GitHub app.", "schema": { "type": "string" + }, + "examples": { + "default": { + "value": "Iv1.8a61f9b3a7aba766" + } } }, { @@ -12024,7 +12092,7 @@ "app": { "url": "http://my-github-app.com", "name": "my github app", - "client_id": "abcde12345fghij67890" + "client_id": "Iv1.8a61f9b3a7aba766" }, "note": "optional note", "note_url": "http://optional/note/url", @@ -70505,15 +70573,19 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } }, "responses": { "200": { - "description": "Response", + "description": "Response when the reaction type has already been added to this team discussion comment", "content": { "application/json": { "schema": { @@ -71363,8 +71435,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -132858,7 +132934,7 @@ "id": 4, "head_sha": "ce587453ced02b1526dfb4cb910479d431683101", "node_id": "MDg6Q2hlY2tSdW40", - "external_id": "", + "external_id": "42", "url": "https://api.github.com/repos/github/hello-world/check-runs/4", "html_url": "https://github.com/github/hello-world/runs/4", "details_url": "https://example.com", @@ -132944,6 +133020,99 @@ } ] } + }, + "example-of-in-progress-conclusion": { + "summary": "Response for completed conclusion", + "value": { + "id": 4, + "head_sha": "ce587453ced02b1526dfb4cb910479d431683101", + "node_id": "MDg6Q2hlY2tSdW40", + "external_id": "42", + "url": "https://api.github.com/repos/github/hello-world/check-runs/4", + "html_url": "https://github.com/github/hello-world/runs/4", + "details_url": "https://example.com", + "status": "in_progress", + "conclusion": null, + "started_at": "2018-05-04T01:14:52Z", + "completed_at": null, + "output": { + "title": "Mighty Readme report", + "summary": "There are 0 failures, 2 warnings, and 1 notice.", + "text": "You may have some misspelled words on lines 2 and 4. You also may want to add a section in your README about how to install your app.", + "annotations_count": 2, + "annotations_url": "https://api.github.com/repos/github/hello-world/check-runs/4/annotations" + }, + "name": "mighty_readme", + "check_suite": { + "id": 5 + }, + "app": { + "id": 1, + "slug": "octoapp", + "node_id": "MDExOkludGVncmF0aW9uMQ==", + "owner": { + "login": "github", + "id": 1, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=", + "url": "https://api.github.com/orgs/github", + "repos_url": "https://api.github.com/orgs/github/repos", + "events_url": "https://api.github.com/orgs/github/events", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": true + }, + "name": "Octocat App", + "description": "", + "external_url": "https://example.com", + "html_url": "https://github.com/apps/octoapp", + "created_at": "2017-07-08T16:18:44-04:00", + "updated_at": "2017-07-08T16:18:44-04:00", + "permissions": { + "metadata": "read", + "contents": "read", + "issues": "write", + "single_file": "write" + }, + "events": [ + "push", + "pull_request" + ] + }, + "pull_requests": [ + { + "url": "https://api.github.com/repos/github/hello-world/pulls/1", + "id": 1934, + "number": 3956, + "head": { + "ref": "say-hello", + "sha": "3dca65fa3e8d4b3da3f3d056c59aee1c50f41390", + "repo": { + "id": 526, + "url": "https://api.github.com/repos/github/hello-world", + "name": "hello-world" + } + }, + "base": { + "ref": "master", + "sha": "e7fdf7640066d71ad16a86fbcbb9c6a10a18af4f", + "repo": { + "id": 526, + "url": "https://api.github.com/repos/github/hello-world", + "name": "hello-world" + } + } + } + ] + } } } } @@ -135488,15 +135657,19 @@ "head_sha" ] }, - "example": { - "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + "examples": { + "default": { + "value": { + "head_sha": "d6fde92930d4715a2b49857d24b940956b26d2d3" + } + } } } } }, "responses": { "200": { - "description": "when the suite already existed", + "description": "Response when the suite already exists", "content": { "application/json": { "schema": { @@ -154033,7 +154206,11 @@ ] }, "example": { - "content": "heart" + "default": { + "value": { + "content": "heart" + } + } } } } @@ -205092,8 +205269,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -234871,8 +235052,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -266724,8 +266909,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -274665,16 +274854,6 @@ ] }, "examples": { - "example-for-a-single-line-comment": { - "summary": "Example for a single-line comment", - "value": { - "body": "Let's add this deleted line back.", - "commit_id": "6dcb09b5b57875f334f61aebed695e2e4193db5e", - "path": "file1.txt", - "line": 5, - "side": "LEFT" - } - }, "example-for-a-multi-line-comment": { "summary": "Example for a multi-line comment", "value": { @@ -295859,8 +296038,12 @@ "content" ] }, - "example": { - "content": "heart" + "examples": { + "default": { + "value": { + "content": "heart" + } + } } } } @@ -314028,17 +314211,21 @@ "name" ] }, - "example": { - "name": "new team name", - "description": "new team description", - "privacy": "closed" + "examples": { + "default": { + "value": { + "name": "new team name", + "description": "new team description", + "privacy": "closed" + } + } } } } }, "responses": { "200": { - "description": "Response", + "description": "Response when the updated information already exists", "content": { "application/json": { "schema": { @@ -328984,6 +329171,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -330357,6 +330549,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { @@ -330454,6 +330651,11 @@ "required": true, "schema": { "type": "integer" + }, + "examples": { + "default": { + "value": 1 + } } }, { diff --git a/lib/schema-event.js b/lib/schema-event.js index 4d4e94a624..ec9564573e 100644 --- a/lib/schema-event.js +++ b/lib/schema-event.js @@ -146,7 +146,18 @@ const context = { }, application_preference: { type: 'string', - enum: ['webui', 'cli', 'desktop', 'curl', 'codespaces', 'vscode', 'importer_cli', 'graphql'], + enum: [ + 'webui', + 'cli', + 'desktop', + 'curl', + 'codespaces', + 'vscode', + 'importer_cli', + 'graphql', + 'powershell', + 'bash', + ], description: 'The application selected by the user.', }, color_mode_preference: { @@ -449,6 +460,8 @@ const preferenceSchema = { 'vscode', 'importer_cli', 'graphql', + 'powershell', + 'bash', 'dark', 'light', 'auto', diff --git a/lib/search/indexes/github-docs-3.1-cn-records.json.br b/lib/search/indexes/github-docs-3.1-cn-records.json.br index 386c42dc0b..af549b366d 100644 --- a/lib/search/indexes/github-docs-3.1-cn-records.json.br +++ b/lib/search/indexes/github-docs-3.1-cn-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:7197bec9d6e5ee4bb983d0bd32a2059248a0739901775252afa665bc282206c9 -size 653095 +oid sha256:c7ebcbefd93d8a2a0fa172a36835cfa979ec869b287e22cc0fef1a648a1053d6 +size 660091 diff --git a/lib/search/indexes/github-docs-3.1-cn.json.br b/lib/search/indexes/github-docs-3.1-cn.json.br index b04248d92c..31a8d995e7 100644 --- a/lib/search/indexes/github-docs-3.1-cn.json.br +++ b/lib/search/indexes/github-docs-3.1-cn.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:649aa3fed021255c9b57023516823e64b5255a002bd96a25abed62ec10c3c06c -size 1337404 +oid sha256:cedb646594b35c17dbb14c93c1d0c35d1af191276a72f482bd4e23513f1c1e03 +size 1338039 diff --git a/lib/search/indexes/github-docs-3.1-en-records.json.br b/lib/search/indexes/github-docs-3.1-en-records.json.br index b50a37d29d..36f7481edf 100644 --- a/lib/search/indexes/github-docs-3.1-en-records.json.br +++ b/lib/search/indexes/github-docs-3.1-en-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:08246a8fdb839cbcf3e2120229e27321d0c7685b65be7a309da51d6881c914c1 -size 875959 +oid sha256:b15fc2d5e8fb601847a784fb57851ae894a53a2fa7804dfe147cacfb0b49dce6 +size 881394 diff --git a/lib/search/indexes/github-docs-3.1-en.json.br b/lib/search/indexes/github-docs-3.1-en.json.br index cb0580f203..63556a7c94 100644 --- a/lib/search/indexes/github-docs-3.1-en.json.br +++ b/lib/search/indexes/github-docs-3.1-en.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:212e4f6ac8cf7366b065371e1e7b60a182f7508cf04996d8a698d4e0cfd526fa -size 3368586 +oid sha256:2c4086ed9a5099499162f8df73a0b34342872660115b381de0046e902c237e5a +size 3387617 diff --git a/lib/search/indexes/github-docs-3.1-es-records.json.br b/lib/search/indexes/github-docs-3.1-es-records.json.br index 8232ea08d9..27efff3d12 100644 --- a/lib/search/indexes/github-docs-3.1-es-records.json.br +++ b/lib/search/indexes/github-docs-3.1-es-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:dd19ec4b1e85682c3241d204a6fdc3f835b81e1465c551b017f34687187fea41 -size 603045 +oid sha256:5bbae6e18ddd5745c36dc61cf32eca8e3e14584c0a77f64c89590b6d10b056c1 +size 608773 diff --git a/lib/search/indexes/github-docs-3.1-es.json.br b/lib/search/indexes/github-docs-3.1-es.json.br index bd201f2681..e7ec40d1f2 100644 --- a/lib/search/indexes/github-docs-3.1-es.json.br +++ b/lib/search/indexes/github-docs-3.1-es.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:1b8f6445a4ff9efbbc9cc394a2148bf399bd4ce3c6139df1a17995b3a420c027 -size 2548212 +oid sha256:fc49e2bd15b8b0c96849f5a717cc5dd5e538fc784d1bbba72137b353583e0722 +size 2567282 diff --git a/lib/search/indexes/github-docs-3.1-ja-records.json.br b/lib/search/indexes/github-docs-3.1-ja-records.json.br index f1a9e35ac3..45639b1b3d 100644 --- a/lib/search/indexes/github-docs-3.1-ja-records.json.br +++ b/lib/search/indexes/github-docs-3.1-ja-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:6035be2fb7fdbb9e1c373fbae3d76f82c9c786f4fd614aa31a08fc7396657e34 -size 668098 +oid sha256:32e78f439b189631db26b41ba879db32e571b2f26b1740b7018fba8e883d9938 +size 674054 diff --git a/lib/search/indexes/github-docs-3.1-ja.json.br b/lib/search/indexes/github-docs-3.1-ja.json.br index 13ae53b154..706ed5ecc0 100644 --- a/lib/search/indexes/github-docs-3.1-ja.json.br +++ b/lib/search/indexes/github-docs-3.1-ja.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:0b2ccdb64495c3d134099cee941e37141f21fa4197a57c422dd53fe7a0c8aded -size 3548730 +oid sha256:328f624fde4c2f47135a6f38743c16b5c619b1115654a2d520c5e8c14eb6c097 +size 3573997 diff --git a/lib/search/indexes/github-docs-3.1-pt-records.json.br b/lib/search/indexes/github-docs-3.1-pt-records.json.br index 6ee0c5f289..eb84c4e5d3 100644 --- a/lib/search/indexes/github-docs-3.1-pt-records.json.br +++ b/lib/search/indexes/github-docs-3.1-pt-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:c15427924d6f4534b365d8ac91f11d2762e2e9eb91f73a46eac849a46504ae04 -size 594622 +oid sha256:3db85e6b024445b7d525a9a32d2bab8f0119852527e6207728775bafa8b3d610 +size 600049 diff --git a/lib/search/indexes/github-docs-3.1-pt.json.br b/lib/search/indexes/github-docs-3.1-pt.json.br index 2f30f071bf..a37c395d52 100644 --- a/lib/search/indexes/github-docs-3.1-pt.json.br +++ b/lib/search/indexes/github-docs-3.1-pt.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:9650412f59ee86d8b74f8af26543ef9b9a1752e3dd7bd4e9de7181da03f71764 -size 2425642 +oid sha256:f96d21dd420753b813762c2667e5c48adb34ed20d91e779f0399796e267cf684 +size 2447784 diff --git a/lib/search/indexes/github-docs-3.2-cn-records.json.br b/lib/search/indexes/github-docs-3.2-cn-records.json.br index 49a9975c06..59d384cfc1 100644 --- a/lib/search/indexes/github-docs-3.2-cn-records.json.br +++ b/lib/search/indexes/github-docs-3.2-cn-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:263c759e7773b25133b7b89aa58eb3f979ec340f6f464e5cfabcbf164f7a2dcf -size 669224 +oid sha256:7690f3082a73b79251d6cd07fd470c7306dd513f5c079e3caec1bac21b7f6ea4 +size 677088 diff --git a/lib/search/indexes/github-docs-3.2-cn.json.br b/lib/search/indexes/github-docs-3.2-cn.json.br index d9c8e705d2..514b9b237d 100644 --- a/lib/search/indexes/github-docs-3.2-cn.json.br +++ b/lib/search/indexes/github-docs-3.2-cn.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:c7c81147cd314b18e4d277f75b40a47db11ee218a807c561e76256719d6ff874 -size 1365868 +oid sha256:36b2de51db56aa775837c71e2ec09b37edb3d475d561dc26976a1997b19dacb0 +size 1368075 diff --git a/lib/search/indexes/github-docs-3.2-en-records.json.br b/lib/search/indexes/github-docs-3.2-en-records.json.br index a5710f6f44..5f8effe297 100644 --- a/lib/search/indexes/github-docs-3.2-en-records.json.br +++ b/lib/search/indexes/github-docs-3.2-en-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:590584293f2078dbf91b0deda35e99dccac36e6de6506dd028fe35f62691b60f -size 903936 +oid sha256:23a0f769a5b0982fb8de5a3ba4a7459651aa1d0ebfc23311ec1efb3af06e8b97 +size 910216 diff --git a/lib/search/indexes/github-docs-3.2-en.json.br b/lib/search/indexes/github-docs-3.2-en.json.br index 2a8d164168..960b26f119 100644 --- a/lib/search/indexes/github-docs-3.2-en.json.br +++ b/lib/search/indexes/github-docs-3.2-en.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:d2b9aeb3d35c08967d057747c60c90a4d29832f10ac63a4df2706bfb9303a452 -size 3481688 +oid sha256:0b544bebf6c78d3bfcf3889cd9cec72aa587b8b2a7f6f0c7d43bc76e2c26e899 +size 3503828 diff --git a/lib/search/indexes/github-docs-3.2-es-records.json.br b/lib/search/indexes/github-docs-3.2-es-records.json.br index 8ef2c8ed5b..ac7091ebdd 100644 --- a/lib/search/indexes/github-docs-3.2-es-records.json.br +++ b/lib/search/indexes/github-docs-3.2-es-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:8cbb3247eab25b73ab20527395f2033f7ae4ebf1d48bc25c2de1144e9b7f2ab0 -size 618095 +oid sha256:55ab34ba5a128ad2569f032da3bd3597ce06ce6c82676757759a2a336886bebf +size 625248 diff --git a/lib/search/indexes/github-docs-3.2-es.json.br b/lib/search/indexes/github-docs-3.2-es.json.br index ff79f08ac6..9607a88606 100644 --- a/lib/search/indexes/github-docs-3.2-es.json.br +++ b/lib/search/indexes/github-docs-3.2-es.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:e8807fe3bee0d1ef1cb7fd4405ecff8d5a10aba8dc00ddf7280067beb5e90a96 -size 2611324 +oid sha256:7186e9c508312737a491909c608425ce376caa934ac5efc1231c15f49bdccc4b +size 2636233 diff --git a/lib/search/indexes/github-docs-3.2-ja-records.json.br b/lib/search/indexes/github-docs-3.2-ja-records.json.br index d69c2f2ae8..49cd15c20d 100644 --- a/lib/search/indexes/github-docs-3.2-ja-records.json.br +++ b/lib/search/indexes/github-docs-3.2-ja-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:795d50c6c83a0c80dbd23c4cdd999c64e5aff6088a1234016472f79ac967a405 -size 682739 +oid sha256:2d9d3dc800c2a5c0c60f67abfe38aec284379186aa52b2a77b3cbaf16f189191 +size 690617 diff --git a/lib/search/indexes/github-docs-3.2-ja.json.br b/lib/search/indexes/github-docs-3.2-ja.json.br index 603b937b7f..1aef9dcd72 100644 --- a/lib/search/indexes/github-docs-3.2-ja.json.br +++ b/lib/search/indexes/github-docs-3.2-ja.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:dc46c2e45875609ead0ff3c882a5371e58d7d0b558c301f3ff8a6d0342e257b2 -size 3634457 +oid sha256:0768c302b3c7625da74f9c61f5905f0e8a4e17e9770cfc8f18ddd93681ac8dea +size 3668034 diff --git a/lib/search/indexes/github-docs-3.2-pt-records.json.br b/lib/search/indexes/github-docs-3.2-pt-records.json.br index a4a79c2e20..3b98dd1291 100644 --- a/lib/search/indexes/github-docs-3.2-pt-records.json.br +++ b/lib/search/indexes/github-docs-3.2-pt-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:04245c380f0bc2f11becb19589b86d7508a3956a24489735ea7d1e12d825d5f3 -size 608805 +oid sha256:32a1f411274c6c1f5920bd0bf2f4caef72bae7ce7f649bd538d8910c9638a8d7 +size 614495 diff --git a/lib/search/indexes/github-docs-3.2-pt.json.br b/lib/search/indexes/github-docs-3.2-pt.json.br index c7c945e717..fd9ecf27ff 100644 --- a/lib/search/indexes/github-docs-3.2-pt.json.br +++ b/lib/search/indexes/github-docs-3.2-pt.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:c438f0c82da39506307e8c7eb0ee99d5e87c051f22fc52cf03b4d9cd105cd330 -size 2483143 +oid sha256:5c9dc0a0276a8455356a14e1f1caab5a85f4f096bd44298fe51ed914d34dcead +size 2507577 diff --git a/lib/search/indexes/github-docs-3.3-cn-records.json.br b/lib/search/indexes/github-docs-3.3-cn-records.json.br index e0ddce1ff0..964b2e7614 100644 --- a/lib/search/indexes/github-docs-3.3-cn-records.json.br +++ b/lib/search/indexes/github-docs-3.3-cn-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:5db6613df96ceaa8e3cb28620d7ca3b68be23ad965466663387d506e6e07092c -size 691916 +oid sha256:1ebae1c432164fab2125626c0438b5aff75c7e8d65f632aa7c31ce8f195732d5 +size 699371 diff --git a/lib/search/indexes/github-docs-3.3-cn.json.br b/lib/search/indexes/github-docs-3.3-cn.json.br index c867f275af..8b9a2e44b8 100644 --- a/lib/search/indexes/github-docs-3.3-cn.json.br +++ b/lib/search/indexes/github-docs-3.3-cn.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:7ed26ead892d766649ead857ede17d4c86a79b019bb0688413d5d3af11ae2277 -size 1422208 +oid sha256:4acf995c65898c409a5cd188f20fa6a294384d91c5f13f3bf05a81d96800aa05 +size 1421849 diff --git a/lib/search/indexes/github-docs-3.3-en-records.json.br b/lib/search/indexes/github-docs-3.3-en-records.json.br index fdff4217a3..b914003d8a 100644 --- a/lib/search/indexes/github-docs-3.3-en-records.json.br +++ b/lib/search/indexes/github-docs-3.3-en-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:686067cacdf581869ec715aef140b951f41df1223dec38bf04989d40a5a5359a -size 938237 +oid sha256:f58c3b4577f9c8eee42a40fbdecd83ed429efda5dadf8580f438e0b3c9116691 +size 944891 diff --git a/lib/search/indexes/github-docs-3.3-en.json.br b/lib/search/indexes/github-docs-3.3-en.json.br index b1303614c8..c5d4700b99 100644 --- a/lib/search/indexes/github-docs-3.3-en.json.br +++ b/lib/search/indexes/github-docs-3.3-en.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:43e6fb05c204276a8b40b87414e9efcec559214509b6dc6d5a6685698368ee6a -size 3598841 +oid sha256:0a10d1eb1bd745fc3572eb724cb12a637add2555662d5b2375374bc3b9c5f8c1 +size 3619296 diff --git a/lib/search/indexes/github-docs-3.3-es-records.json.br b/lib/search/indexes/github-docs-3.3-es-records.json.br index af56498dd0..33c374e304 100644 --- a/lib/search/indexes/github-docs-3.3-es-records.json.br +++ b/lib/search/indexes/github-docs-3.3-es-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:dcc2a6ab3729da42ed840629909c67a1e835cd398c29e4cc1fa21544cfe2c5e5 -size 637924 +oid sha256:36ec86b80706dbc058b050dd07e49d17629c848b136a486e0f4838df7174da4e +size 643913 diff --git a/lib/search/indexes/github-docs-3.3-es.json.br b/lib/search/indexes/github-docs-3.3-es.json.br index 83011239e6..eec48e7297 100644 --- a/lib/search/indexes/github-docs-3.3-es.json.br +++ b/lib/search/indexes/github-docs-3.3-es.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:dd2c99bf853e973172b853cfe5c366ad2c52c252dd9fb81b4d5ba699fe69935b -size 2715331 +oid sha256:4c1a7315e1e6cc9bf4a5ab99a685c7c3862b804b46fe4d2d0de3f1fcf565637e +size 2721760 diff --git a/lib/search/indexes/github-docs-3.3-ja-records.json.br b/lib/search/indexes/github-docs-3.3-ja-records.json.br index 74478db562..c33147ab50 100644 --- a/lib/search/indexes/github-docs-3.3-ja-records.json.br +++ b/lib/search/indexes/github-docs-3.3-ja-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:99ce8ca4852e9faf1ca1a67e24dc4a37ce9f81c6f66666f5f457f1ea3d1047ab -size 706985 +oid sha256:b8e3d64ba350dd9c058dceb4726fc5a782b57cb4975beb68e77abee489ef2916 +size 713548 diff --git a/lib/search/indexes/github-docs-3.3-ja.json.br b/lib/search/indexes/github-docs-3.3-ja.json.br index f9f3ddb765..d9361717a5 100644 --- a/lib/search/indexes/github-docs-3.3-ja.json.br +++ b/lib/search/indexes/github-docs-3.3-ja.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:15823b3e145fd96a812acca46761a87c5ef11b3785c4f1ef6f377bdb54bf7bcd -size 3760331 +oid sha256:ebdaa2d6702271600ab40b3819c82a7fb4b6b5952753c44f8accd0fbedf59de4 +size 3787667 diff --git a/lib/search/indexes/github-docs-3.3-pt-records.json.br b/lib/search/indexes/github-docs-3.3-pt-records.json.br index 03ee3e878c..65abcab80b 100644 --- a/lib/search/indexes/github-docs-3.3-pt-records.json.br +++ b/lib/search/indexes/github-docs-3.3-pt-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:f421e183ca1aa654513d5015d5ac668a1b0d2707e8df581140d5adff0bf0b3d7 -size 627737 +oid sha256:d8483d4979467f772b2b693667eb36ac27e84cbb3faf97138f32ab1b5ab4cfe4 +size 634774 diff --git a/lib/search/indexes/github-docs-3.3-pt.json.br b/lib/search/indexes/github-docs-3.3-pt.json.br index 1df2b4fa5a..c84aa95791 100644 --- a/lib/search/indexes/github-docs-3.3-pt.json.br +++ b/lib/search/indexes/github-docs-3.3-pt.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:ee58b248d0b920476a0e635b3ff749342d0d03161f6d3f191a4e9e0bac4aeeef -size 2566358 +oid sha256:68a0f20f2bc00e7fec61b1fd7b616298dbc96ceb742ff8b34ba65d285e0139df +size 2592303 diff --git a/lib/search/indexes/github-docs-3.4-cn-records.json.br b/lib/search/indexes/github-docs-3.4-cn-records.json.br index 1fccf9959b..50a98b265a 100644 --- a/lib/search/indexes/github-docs-3.4-cn-records.json.br +++ b/lib/search/indexes/github-docs-3.4-cn-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:319a84e4e1a8bf6bf49f6a4b18de5f6b7ca2a709cb351a446e4b87672cca361e -size 695370 +oid sha256:0e66346dea058636aa000103171795548bd2742ec14ad21a3eb983e141be3436 +size 702741 diff --git a/lib/search/indexes/github-docs-3.4-cn.json.br b/lib/search/indexes/github-docs-3.4-cn.json.br index be34c1e956..6b619a0edc 100644 --- a/lib/search/indexes/github-docs-3.4-cn.json.br +++ b/lib/search/indexes/github-docs-3.4-cn.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:bfe8636d2983b8d1140873e199bcde78bbffdcad21b74ad9996edd6cd7dd5518 -size 1435452 +oid sha256:1d37761149634ca646ec089a747875a1f075f92c738cd8fe476b0c2ccfdec9d1 +size 1431502 diff --git a/lib/search/indexes/github-docs-3.4-en-records.json.br b/lib/search/indexes/github-docs-3.4-en-records.json.br index 3e82df2277..b1c49cf48b 100644 --- a/lib/search/indexes/github-docs-3.4-en-records.json.br +++ b/lib/search/indexes/github-docs-3.4-en-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:84fa1a25f69ebb1154f7d1999025715d7fa5840dbfa7db8135ecba7b06d082b4 -size 947113 +oid sha256:58d05c6f5e488ae6db66abedd0fc23b3d2f31ef2089066542e8b6d4664f27ee9 +size 955017 diff --git a/lib/search/indexes/github-docs-3.4-en.json.br b/lib/search/indexes/github-docs-3.4-en.json.br index 1afba7e1aa..21aad90aec 100644 --- a/lib/search/indexes/github-docs-3.4-en.json.br +++ b/lib/search/indexes/github-docs-3.4-en.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:064bce691515b54edb190d7f0157a9bd330f52f01b8b9772f1781a33a2914e43 -size 3633412 +oid sha256:9994a95cec0b2687b9730c5bd3d78375750b5476674e36396aa3f0de642a7abb +size 3655956 diff --git a/lib/search/indexes/github-docs-3.4-es-records.json.br b/lib/search/indexes/github-docs-3.4-es-records.json.br index bc4c8a27f0..fa4277d31d 100644 --- a/lib/search/indexes/github-docs-3.4-es-records.json.br +++ b/lib/search/indexes/github-docs-3.4-es-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:cbb3d311920661aeac9af98340eb6e232cebf64200a8ddba4fb02b2a1773fe08 -size 642394 +oid sha256:c96db6e9c6be7a79fd10eeed16e964555721d630d1f6fa197de28c047ebef70b +size 648883 diff --git a/lib/search/indexes/github-docs-3.4-es.json.br b/lib/search/indexes/github-docs-3.4-es.json.br index 2e057fe7ef..a39f1a0009 100644 --- a/lib/search/indexes/github-docs-3.4-es.json.br +++ b/lib/search/indexes/github-docs-3.4-es.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:9ea2caf7f6bc9dc1f50a4f428dec3c79ba4468a0a31bd9aee2b2faf488ea4f04 -size 2731577 +oid sha256:d8f51ddc7ca8e456df3a73204936d13daf57587ba8d42e764cbb353f72f62d6b +size 2738801 diff --git a/lib/search/indexes/github-docs-3.4-ja-records.json.br b/lib/search/indexes/github-docs-3.4-ja-records.json.br index 5409ee1885..f596aa5096 100644 --- a/lib/search/indexes/github-docs-3.4-ja-records.json.br +++ b/lib/search/indexes/github-docs-3.4-ja-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:66fdbf0d1e6047e698cf5c98bdf22cfb40b2e8b1d938b822a63538d785250e1a -size 710772 +oid sha256:947fa0a52b09b47117851a526f03445118820480b917df77371ee6ebbd7f4e0f +size 716535 diff --git a/lib/search/indexes/github-docs-3.4-ja.json.br b/lib/search/indexes/github-docs-3.4-ja.json.br index b1500bee47..4eefa7d5a7 100644 --- a/lib/search/indexes/github-docs-3.4-ja.json.br +++ b/lib/search/indexes/github-docs-3.4-ja.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:3f3548b93aba1edc58a135591c772e8901151e98f7df96de57a9109ed6ce8f8c -size 3782173 +oid sha256:a882ccf1869fd4efc7ae1c12899513966ebec736de157b41216cb39e30be37f4 +size 3810341 diff --git a/lib/search/indexes/github-docs-3.4-pt-records.json.br b/lib/search/indexes/github-docs-3.4-pt-records.json.br index c0687465a8..085fadde67 100644 --- a/lib/search/indexes/github-docs-3.4-pt-records.json.br +++ b/lib/search/indexes/github-docs-3.4-pt-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:65517ae1c14cfc0b21dcca8302d71d6753efb23f8daa295de841bbe161e35ca8 -size 632111 +oid sha256:2622231476be3959cad42a35af14c2b1c9379420ddf2b2c49c8c8fe17b25130b +size 638108 diff --git a/lib/search/indexes/github-docs-3.4-pt.json.br b/lib/search/indexes/github-docs-3.4-pt.json.br index f6990dec7f..e4afbbd9fd 100644 --- a/lib/search/indexes/github-docs-3.4-pt.json.br +++ b/lib/search/indexes/github-docs-3.4-pt.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:747a8df3d953c260644c7ea17794dcb6d7965ae7eb4d75d3e156d6f3186d7d5b -size 2581106 +oid sha256:018682b1be10372d14b22edace423bb85a9778165fc0b9d44739ac0c90c93d40 +size 2603273 diff --git a/lib/search/indexes/github-docs-dotcom-cn-records.json.br b/lib/search/indexes/github-docs-dotcom-cn-records.json.br index ae9416dd9f..74ec9d9e36 100644 --- a/lib/search/indexes/github-docs-dotcom-cn-records.json.br +++ b/lib/search/indexes/github-docs-dotcom-cn-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:2349200d9b2b0834a94545405be547251bbb5e48ff5a40969b8007076d280eb3 -size 895504 +oid sha256:dc544b549dcf0cb6302524c1ec926301b5097b1458af015c77b171ed5724ebe5 +size 907395 diff --git a/lib/search/indexes/github-docs-dotcom-cn.json.br b/lib/search/indexes/github-docs-dotcom-cn.json.br index 2d1e6274b5..105b116e1c 100644 --- a/lib/search/indexes/github-docs-dotcom-cn.json.br +++ b/lib/search/indexes/github-docs-dotcom-cn.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:a458d5e1ace087baf4d2c41cda3d8240e5f7ab164a632fa98f8363521e3fe0cf -size 1550646 +oid sha256:323ebeadfddeee813f824ccedf45ebcd41c971bd5d1dfe6c4ec1e4002c2a1290 +size 1571811 diff --git a/lib/search/indexes/github-docs-dotcom-en-records.json.br b/lib/search/indexes/github-docs-dotcom-en-records.json.br index bc3edf7cb3..101127d0da 100644 --- a/lib/search/indexes/github-docs-dotcom-en-records.json.br +++ b/lib/search/indexes/github-docs-dotcom-en-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:712989d5b29a51953deea43fb97988db4211c48f254e22cbbaca799fabd78884 -size 1217388 +oid sha256:d9fc9f41fd337566e1c195dc9a8ad08a7caaf3bd7ac0fb995d1a2146b6b9d131 +size 1224453 diff --git a/lib/search/indexes/github-docs-dotcom-en.json.br b/lib/search/indexes/github-docs-dotcom-en.json.br index e81772f5cb..3e745d8ad7 100644 --- a/lib/search/indexes/github-docs-dotcom-en.json.br +++ b/lib/search/indexes/github-docs-dotcom-en.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:621c196643036ccc67eb0e4799e70fd4d73a77ea38c1a20a76c4bae73e52979b -size 4386759 +oid sha256:26a334563c6e6a26e73f2d154b6959d6e18b61a8233e3ac51bd3b8166acdb8ae +size 4417870 diff --git a/lib/search/indexes/github-docs-dotcom-es-records.json.br b/lib/search/indexes/github-docs-dotcom-es-records.json.br index 3cc2f40f8e..5d5f6c19a0 100644 --- a/lib/search/indexes/github-docs-dotcom-es-records.json.br +++ b/lib/search/indexes/github-docs-dotcom-es-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:b1790a821e4edea3c7578fc4190e8d742ca8e11d4d9c69aa7dae8e1858a60fad -size 807047 +oid sha256:a060b6cddaa10c75d5259ea5a46eea1ef9fb297f2c5e1b5cd42afb02aff55148 +size 819319 diff --git a/lib/search/indexes/github-docs-dotcom-es.json.br b/lib/search/indexes/github-docs-dotcom-es.json.br index 5aeb55f13b..5f1c787a4b 100644 --- a/lib/search/indexes/github-docs-dotcom-es.json.br +++ b/lib/search/indexes/github-docs-dotcom-es.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:f208ee542f0ec4d4ff98811a32fb9ae2b3a5bfecee57932f989f3f40a9165663 -size 3240761 +oid sha256:08189d7bb2a6765341a51b8c7e56f9386c44ddc6506d07fec85e6d41cdedc789 +size 3273901 diff --git a/lib/search/indexes/github-docs-dotcom-ja-records.json.br b/lib/search/indexes/github-docs-dotcom-ja-records.json.br index 5952b496c0..93fe517824 100644 --- a/lib/search/indexes/github-docs-dotcom-ja-records.json.br +++ b/lib/search/indexes/github-docs-dotcom-ja-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:b1fafbb435c17b6bd93f048ba3830e9c5ffc437d8250364f28cc352430e32c39 -size 907941 +oid sha256:dc009ecabbb56310a244210e521a468884bcc61243b5cd3120ad0b21a2d7533e +size 919674 diff --git a/lib/search/indexes/github-docs-dotcom-ja.json.br b/lib/search/indexes/github-docs-dotcom-ja.json.br index a6cd07189e..af3a26dc03 100644 --- a/lib/search/indexes/github-docs-dotcom-ja.json.br +++ b/lib/search/indexes/github-docs-dotcom-ja.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:f6df3c2de28ba29ceb2d8342477d3416f6088ba4b750c34ae7162dc78ac665ae -size 4604380 +oid sha256:c1d24b88f9d01e9100cfd6d5327f7b23262c1221d408ef93aefd5fd867e2fe03 +size 4662214 diff --git a/lib/search/indexes/github-docs-dotcom-pt-records.json.br b/lib/search/indexes/github-docs-dotcom-pt-records.json.br index 6bc3a644c7..28a4c197b5 100644 --- a/lib/search/indexes/github-docs-dotcom-pt-records.json.br +++ b/lib/search/indexes/github-docs-dotcom-pt-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:f247ffae8b6b44e971640e8484653f1a5d5d6f5dce77ae0b258e0ea271e29765 -size 794360 +oid sha256:e82405d94265218a62b24f96461f7c42ab12c6d4a276380e4b908546f3f8ea88 +size 806263 diff --git a/lib/search/indexes/github-docs-dotcom-pt.json.br b/lib/search/indexes/github-docs-dotcom-pt.json.br index 60841801f8..5250747fe9 100644 --- a/lib/search/indexes/github-docs-dotcom-pt.json.br +++ b/lib/search/indexes/github-docs-dotcom-pt.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:a2de49312ffa6c12553623d4f9085e06de93b4444798899e6366badfb17cf709 -size 3075198 +oid sha256:f9bc0c287dc17cdb09db34463b3a90c0345d43e28c1e6022ee4414b1b66f6a7a +size 3120326 diff --git a/lib/search/indexes/github-docs-ghae-cn-records.json.br b/lib/search/indexes/github-docs-ghae-cn-records.json.br index ccb8d7d398..7483295b5b 100644 --- a/lib/search/indexes/github-docs-ghae-cn-records.json.br +++ b/lib/search/indexes/github-docs-ghae-cn-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:59c9b785122087c053a42b76dc5d23d452bdc51fdfe6b6a2377431fa02692a22 -size 535343 +oid sha256:acb882ba567d3c92c57abc5b3cccfa00972abf2b7950a07c00fe486732544eee +size 538314 diff --git a/lib/search/indexes/github-docs-ghae-cn.json.br b/lib/search/indexes/github-docs-ghae-cn.json.br index e816f2b5af..6f264853ec 100644 --- a/lib/search/indexes/github-docs-ghae-cn.json.br +++ b/lib/search/indexes/github-docs-ghae-cn.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:78fb2d72160e9df54702609d76543c2b09108df732e9dd617022dd5bc9f566ac -size 1028274 +oid sha256:69076567f195c087309e02db75ece772b5f45cde5c3d088d83cde0f1846fd8d5 +size 1012977 diff --git a/lib/search/indexes/github-docs-ghae-en-records.json.br b/lib/search/indexes/github-docs-ghae-en-records.json.br index 1c1866aeb7..837f4c3aa6 100644 --- a/lib/search/indexes/github-docs-ghae-en-records.json.br +++ b/lib/search/indexes/github-docs-ghae-en-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:bd10e51f239cb5b6c7f4c4c4211795eb771a57e7819ba35324af70a83109683d -size 736521 +oid sha256:11d05e7936af22563d01ec742d39fc38680e995541f8dd1fb51e71035a1153fd +size 739434 diff --git a/lib/search/indexes/github-docs-ghae-en.json.br b/lib/search/indexes/github-docs-ghae-en.json.br index 50883370b0..7ac1c6a107 100644 --- a/lib/search/indexes/github-docs-ghae-en.json.br +++ b/lib/search/indexes/github-docs-ghae-en.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:114df5ff062bbfbb99e88e6b3716a7530d53c7c29046a1e6789e2286831fef69 -size 2785058 +oid sha256:583226863f99bd763652f7251c044addda225a3745294b4e63e42c34538ac933 +size 2790804 diff --git a/lib/search/indexes/github-docs-ghae-es-records.json.br b/lib/search/indexes/github-docs-ghae-es-records.json.br index 5fe3b8e4a3..8e621d09b0 100644 --- a/lib/search/indexes/github-docs-ghae-es-records.json.br +++ b/lib/search/indexes/github-docs-ghae-es-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:497904c47147c329226a3941077266454cbee6f120b1b11f47e49256e3721dd3 -size 497443 +oid sha256:9b7b531d089684b1e9e9c1fce2a7662df62d15017768178e7b78ab045a5570c1 +size 496694 diff --git a/lib/search/indexes/github-docs-ghae-es.json.br b/lib/search/indexes/github-docs-ghae-es.json.br index 9e9b5a4e4e..5f132f3b14 100644 --- a/lib/search/indexes/github-docs-ghae-es.json.br +++ b/lib/search/indexes/github-docs-ghae-es.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:2e0ca92de495180b1a1a554a2b9038b89ca2c7b2a7f085e94d4cc6f8d21545b0 -size 2014771 +oid sha256:52ae211d3ba8bf0b240d39f89a5862887a0adc7c4f150e07a31ffb45ead97aab +size 2018759 diff --git a/lib/search/indexes/github-docs-ghae-ja-records.json.br b/lib/search/indexes/github-docs-ghae-ja-records.json.br index d4dbbfbb14..fcca954fef 100644 --- a/lib/search/indexes/github-docs-ghae-ja-records.json.br +++ b/lib/search/indexes/github-docs-ghae-ja-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:3a5d8daf9f24a3bf4f7dd30bf7c2ffa15abe0472b7d2c4f33cbde6aecb3567cf -size 546721 +oid sha256:1564b76f7a8dacd010f04ca670c62d4932a64922869d910aa289dbb9c362dd9c +size 548088 diff --git a/lib/search/indexes/github-docs-ghae-ja.json.br b/lib/search/indexes/github-docs-ghae-ja.json.br index cd554b3ab8..14130861d8 100644 --- a/lib/search/indexes/github-docs-ghae-ja.json.br +++ b/lib/search/indexes/github-docs-ghae-ja.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:d8eb183e92fb572728bcebf2d5ef8afa98080cc743106e3628c3342e1bf936ca -size 2777261 +oid sha256:4e9cc5d76be8526f162d2651309936a647b6dc6ac8c62db092b8ef3166013664 +size 2781451 diff --git a/lib/search/indexes/github-docs-ghae-pt-records.json.br b/lib/search/indexes/github-docs-ghae-pt-records.json.br index bdedc090b5..665bbc0e25 100644 --- a/lib/search/indexes/github-docs-ghae-pt-records.json.br +++ b/lib/search/indexes/github-docs-ghae-pt-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:989c54f69ca8f61c46611a9892bde7839a1a844507016a0d766114ed4619eba6 -size 487483 +oid sha256:66e2400fed52f4faa08aeedeaede7db696a7027f787abf302abd90b175decd5d +size 488463 diff --git a/lib/search/indexes/github-docs-ghae-pt.json.br b/lib/search/indexes/github-docs-ghae-pt.json.br index 3d91a7d21c..d913fd557a 100644 --- a/lib/search/indexes/github-docs-ghae-pt.json.br +++ b/lib/search/indexes/github-docs-ghae-pt.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:d9666cb5e5f998c4d5ac2b13be6c851d2c620c469ee3006c23f51fa3887f7826 -size 1894738 +oid sha256:cb87dc3b6f149602b5496c7d583adbcb92cc92616a5d95db8445a58b4d33f98e +size 1897002 diff --git a/lib/search/indexes/github-docs-ghec-cn-records.json.br b/lib/search/indexes/github-docs-ghec-cn-records.json.br index 0810d2443b..3d6bbce480 100644 --- a/lib/search/indexes/github-docs-ghec-cn-records.json.br +++ b/lib/search/indexes/github-docs-ghec-cn-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:bd9c56e5035de7c9f904886935893e00da7af1ef2c9ad859678de5c20eb42663 -size 828156 +oid sha256:e720545c594288b2d42f23c84055e91b91e2baa4888c8e1b071ec82adee186b4 +size 838775 diff --git a/lib/search/indexes/github-docs-ghec-cn.json.br b/lib/search/indexes/github-docs-ghec-cn.json.br index e3756ef4d6..f218d5b4b8 100644 --- a/lib/search/indexes/github-docs-ghec-cn.json.br +++ b/lib/search/indexes/github-docs-ghec-cn.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:8dea80ec87ae68058097b9863990aff85e2e09ebacd24ffe3d60d42286e47e33 -size 1642244 +oid sha256:7fc2e3eb79ff18806254844a14f91d3d836bd6599d2ae29c4de3e549915f33ee +size 1634448 diff --git a/lib/search/indexes/github-docs-ghec-en-records.json.br b/lib/search/indexes/github-docs-ghec-en-records.json.br index d0f9fe692e..05083123a9 100644 --- a/lib/search/indexes/github-docs-ghec-en-records.json.br +++ b/lib/search/indexes/github-docs-ghec-en-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:4571e931e445269fcf221f26acf5063c9f613f541eb3fd77639093f124992020 -size 1095111 +oid sha256:745b556987142abccaadfd137938ef68efa27aca8f407187c1307dcb867eb2dc +size 1105003 diff --git a/lib/search/indexes/github-docs-ghec-en.json.br b/lib/search/indexes/github-docs-ghec-en.json.br index 1f2a3bdc4e..28d4df178e 100644 --- a/lib/search/indexes/github-docs-ghec-en.json.br +++ b/lib/search/indexes/github-docs-ghec-en.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:81759e7150ad2a021ade2d709f35ae952d11057dd881e447688fde16ad28aa9b -size 4181285 +oid sha256:d5a24fa318425dc79ed01e2560a80689ea29ba222f49509a35a74cdab3187746 +size 4206993 diff --git a/lib/search/indexes/github-docs-ghec-es-records.json.br b/lib/search/indexes/github-docs-ghec-es-records.json.br index 3ff6f40765..203a891a79 100644 --- a/lib/search/indexes/github-docs-ghec-es-records.json.br +++ b/lib/search/indexes/github-docs-ghec-es-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:b3c6a7f339579cbae4af2c393c35c7e3961db1733ff67e4fc52c0a4737af2def -size 770501 +oid sha256:31825cf0d42cb76d194b3d139b9447899864a82615e2d3581ae3216329161186 +size 776284 diff --git a/lib/search/indexes/github-docs-ghec-es.json.br b/lib/search/indexes/github-docs-ghec-es.json.br index 07acac5495..37eb3505bd 100644 --- a/lib/search/indexes/github-docs-ghec-es.json.br +++ b/lib/search/indexes/github-docs-ghec-es.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:328f3ea524e4389828566f5be85610bfc937aa9c95add90c6d2cad1278ae78ac -size 3256320 +oid sha256:fc88f781e277234e425fa41497cd8a953b809189990e262375c61efe220f2ff2 +size 3266955 diff --git a/lib/search/indexes/github-docs-ghec-ja-records.json.br b/lib/search/indexes/github-docs-ghec-ja-records.json.br index a706f9cac0..f3ca68d82c 100644 --- a/lib/search/indexes/github-docs-ghec-ja-records.json.br +++ b/lib/search/indexes/github-docs-ghec-ja-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:3bbc2f39c247841b82758aeef56e3b07dbb17882af30b6ed6afd629b55ff7605 -size 845629 +oid sha256:f994577167e57831a068aba953a3c4253048b060ec1a8cd641ab69914e70566c +size 854392 diff --git a/lib/search/indexes/github-docs-ghec-ja.json.br b/lib/search/indexes/github-docs-ghec-ja.json.br index 554c976f9c..090b410fd7 100644 --- a/lib/search/indexes/github-docs-ghec-ja.json.br +++ b/lib/search/indexes/github-docs-ghec-ja.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:9c4c9e7b5959aee6f11ef759b0fc1da508782ce5fef39350886addd0e95e1d6f -size 4516088 +oid sha256:b81836667a86ccf1a6f082a22dec7f8ae4c5ddbdbf02c4eb7f9a3adacfb7a524 +size 4553982 diff --git a/lib/search/indexes/github-docs-ghec-pt-records.json.br b/lib/search/indexes/github-docs-ghec-pt-records.json.br index 3f0dbcca0b..3f8ec29f86 100644 --- a/lib/search/indexes/github-docs-ghec-pt-records.json.br +++ b/lib/search/indexes/github-docs-ghec-pt-records.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:19752f3967bed49eb396ec13b90b5e8c54b75500ad6e7d6e16aa9d3a20e8e120 -size 757740 +oid sha256:9ae58c209d322d75e81c7efc5068141bd468a5f7f448e12ca0715a95fe59a034 +size 765411 diff --git a/lib/search/indexes/github-docs-ghec-pt.json.br b/lib/search/indexes/github-docs-ghec-pt.json.br index bee51aeb01..1f43b6a159 100644 --- a/lib/search/indexes/github-docs-ghec-pt.json.br +++ b/lib/search/indexes/github-docs-ghec-pt.json.br @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:cc9561ab24baeedccdc33b98a58a9168df5b772e872eb990167ad0d103ae3d00 -size 3077918 +oid sha256:fa9559d53b55f9c454538799be28addf091f5c09475176b0dd8592fce96323b8 +size 3104241 diff --git a/lib/site-data.js b/lib/site-data.js index 7734f45f9c..b5a2a5bbbb 100755 --- a/lib/site-data.js +++ b/lib/site-data.js @@ -1,5 +1,3 @@ -import fs from 'fs' -import os from 'os' import path from 'path' import flat from 'flat' import { get, set } from 'lodash-es' @@ -7,30 +5,7 @@ import languages from './languages.js' import dataDirectory from './data-directory.js' import encodeBracketedParentheses from './encode-bracketed-parentheses.js' -const TEMP_DIRECTORY = process.env.RUNNER_TEMP || os.tmpdir() - -function diskMemoize(prefix, fn) { - const useCache = process.env.NODE_ENV !== 'development' - return (dir) => { - const cacheFileName = `${prefix}.${dir.replace(/[^\w]+/g, '-').toLowerCase() || 'en'}.json` - if (useCache) { - try { - return JSON.parse(fs.readFileSync(cacheFileName, 'utf-8')) - } catch (err) { - if (!(err.code === 'ENOENT' || err instanceof SyntaxError)) throw err - } - } - - const result = fn(dir) - if (useCache) { - fs.writeFileSync(cacheFileName, JSON.stringify(result), 'utf-8') - console.log(`Disk-cache miss on ${cacheFileName}`, new Date()) - } - return result - } -} - -const loadSiteDataFromDir = diskMemoize(path.join(TEMP_DIRECTORY, 'docs-site-data'), (dir) => { +const loadSiteDataFromDir = (dir) => { return { site: { data: dataDirectory(path.join(dir, 'data'), { @@ -39,7 +14,7 @@ const loadSiteDataFromDir = diskMemoize(path.join(TEMP_DIRECTORY, 'docs-site-dat }), }, } -}) +} export default function loadSiteData() { // load English site data diff --git a/middleware/index.js b/middleware/index.js index a523c64b6c..a2bdce7f11 100644 --- a/middleware/index.js +++ b/middleware/index.js @@ -9,6 +9,7 @@ import timeout from './timeout.js' import morgan from 'morgan' import datadog from './connect-datadog.js' import rateLimit from './rate-limit.js' +import slowDown from './slow-down.js' import cors from './cors.js' import helmet from 'helmet' import csp from './csp.js' @@ -212,6 +213,7 @@ export default function (app) { } // *** Early exits *** + app.use(slowDown) app.use(rateLimit) app.use(instrument(handleInvalidPaths, './handle-invalid-paths')) app.use(asyncMiddleware(instrument(handleNextDataPath, './handle-next-data-path'))) diff --git a/middleware/rate-limit.js b/middleware/rate-limit.js index 742eb549cb..2c037139ac 100644 --- a/middleware/rate-limit.js +++ b/middleware/rate-limit.js @@ -3,7 +3,7 @@ import statsd from '../lib/statsd.js' const EXPIRES_IN_AS_SECONDS = 60 -const MAX = process.env.RATE_LIMIT_MAX ? parseInt(process.env.RATE_LIMIT_MAX, 10) : 1000 +const MAX = process.env.RATE_LIMIT_MAX ? parseInt(process.env.RATE_LIMIT_MAX, 10) : 10000 if (isNaN(MAX)) { throw new Error(`process.env.RATE_LIMIT_MAX (${process.env.RATE_LIMIT_MAX}) not a number`) } diff --git a/middleware/slow-down.js b/middleware/slow-down.js new file mode 100644 index 0000000000..d9bc8cc81e --- /dev/null +++ b/middleware/slow-down.js @@ -0,0 +1,20 @@ +import slowDown from 'express-slow-down' +import statsd from '../lib/statsd.js' + +const MAX = process.env.SLOW_DOWN_MAX ? parseInt(process.env.SLOW_DOWN_MAX, 10) : 10000 +if (isNaN(MAX)) { + throw new Error(`process.env.SLOW_DOWN_MAX (${process.env.SLOW_DOWN_MAX}) not a number`) +} + +export default slowDown({ + windowMs: 1 * 60 * 1000, // 1 minute window + delayAfter: MAX, // allow MAX requests to go at full-speed, then... + delayMs: 100, // MAX+1 request has a 100ms delay, MAX+2 has a 200ms delay, MAX+3 has 300ms, etc. + maxDelayMs: 9 * 1000, // slightly less than our Express timeout handler + + // Function to listen the first time the limit is reached within windowMs. Defaults: + onLimitReached: (request) => { + const tags = [`url:${request.url}`, `ip:${request.ip}`] + statsd.increment('middleware.slow_down', 1, tags) + }, +}) diff --git a/next.config.js b/next.config.js index 2753771591..c2a44f89d8 100644 --- a/next.config.js +++ b/next.config.js @@ -19,7 +19,7 @@ module.exports = { }, i18n: { // locales: Object.values(languages).map(({ code }) => code), - locales: ['en', 'cn', 'ja', 'es', 'pt', 'de'], + locales: ['en', 'cn', 'ja', 'es', 'pt'], defaultLocale: 'en', }, sassOptions: { diff --git a/package-lock.json b/package-lock.json index 051eaf2d2e..30b32046b8 100644 --- a/package-lock.json +++ b/package-lock.json @@ -11,7 +11,7 @@ "@primer/css": "^19.4.0", "@primer/octicons": "17.0.0", "@primer/octicons-react": "17.0.0", - "@primer/react": "^34.6.0", + "@primer/react": "^34.7.1", "@react-aria/ssr": "^3.1.0", "accept-language-parser": "^1.5.0", "ajv": "^8.9.0", @@ -27,6 +27,7 @@ "dotenv": "^10.0.0", "express": "^4.17.2", "express-rate-limit": "^6.0.4", + "express-slow-down": "^1.4.0", "express-timeout-handler": "^2.2.2", "flat": "^5.0.2", "github-slugger": "^1.4.0", @@ -110,8 +111,8 @@ "@types/react-dom": "^17.0.11", "@types/react-syntax-highlighter": "^13.5.2", "@types/uuid": "^8.3.4", - "@typescript-eslint/eslint-plugin": "5.13.0", - "@typescript-eslint/parser": "5.13.0", + "@typescript-eslint/eslint-plugin": "5.15.0", + "@typescript-eslint/parser": "5.15.0", "async": "^3.2.3", "babel-loader": "^8.2.3", "babel-plugin-styled-components": "^2.0.2", @@ -123,7 +124,7 @@ "csp-parse": "0.0.2", "dedent": "^0.7.0", "domwaiter": "^1.3.0", - "eslint": "8.10.0", + "eslint": "8.11.0", "eslint-config-prettier": "^8.3.0", "eslint-config-standard": "^16.0.3", "eslint-plugin-import": "^2.25.4", @@ -139,9 +140,11 @@ "japanese-characters": "^1.1.0", "javascript-stringify": "^2.1.0", "jest": "^27.4.7", + "jest-environment-puppeteer": "5.0.4", "jest-fail-on-console": "^2.2.3", "jest-github-actions-reporter": "^1.0.3", "jest-slow-test-reporter": "^1.0.0", + "kill-port": "1.6.1", "linkinator": "^3.0.3", "lint-staged": "^12.3.3", "make-promises-safe": "^5.1.0", @@ -1996,16 +1999,16 @@ "integrity": "sha512-OWORNpfjMsSSUBVrRBVGECkhWcULOAJz9ZW8uK9qgxD+87M7jHRcvh/A96XXNhXTLmKcoYSQtBEX7lHMO7YRwg==" }, "node_modules/@eslint/eslintrc": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-1.2.0.tgz", - "integrity": "sha512-igm9SjJHNEJRiUnecP/1R5T3wKLEJ7pL6e2P+GUSfCd0dGjPYYZve08uzw8L2J8foVHFz+NGu12JxRcU2gGo6w==", + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-1.2.1.tgz", + "integrity": "sha512-bxvbYnBPN1Gibwyp6NrpnFzA3YtRL3BBAyEAFVIpNTm2Rn4Vy87GA5M4aSn3InRrlsbX5N0GW7XIx+U4SAEKdQ==", "dev": true, "dependencies": { "ajv": "^6.12.4", "debug": "^4.3.2", "espree": "^9.3.1", "globals": "^13.9.0", - "ignore": "^4.0.6", + "ignore": "^5.2.0", "import-fresh": "^3.2.1", "js-yaml": "^4.1.0", "minimatch": "^3.0.4", @@ -2042,9 +2045,9 @@ } }, "node_modules/@eslint/eslintrc/node_modules/globals": { - "version": "13.12.1", - "resolved": "https://registry.npmjs.org/globals/-/globals-13.12.1.tgz", - "integrity": "sha512-317dFlgY2pdJZ9rspXDks7073GpDmXdfbM3vYYp0HAMKGDh1FfWPleI2ljVNLQX5M5lXcAslTcPTrOrMEFOjyw==", + "version": "13.13.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-13.13.0.tgz", + "integrity": "sha512-EQ7Q18AJlPwp3vUDL4mKA0KXrXyNIQyWon6T6XQiBQF0XHvRsiCSrWmmeATpUzdJN2HhWZU6Pdl0a9zdep5p6A==", "dev": true, "dependencies": { "type-fest": "^0.20.2" @@ -2056,15 +2059,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@eslint/eslintrc/node_modules/ignore": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", - "integrity": "sha512-cyFDKrqc/YdcWFniJhzI42+AzS+gNwmUzOSFcRCQYwySuBBBy/KjuxWLZ/FHEH6Moq1NizMOBWyTcv8O4OZIMg==", - "dev": true, - "engines": { - "node": ">= 4" - } - }, "node_modules/@eslint/eslintrc/node_modules/json-schema-traverse": { "version": "0.4.1", "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", @@ -3609,9 +3603,9 @@ "integrity": "sha512-+Gwo89YK1OFi6oubTlah/zPxxzMNaMLy+inECAYI646KIFdzzhAsKWb3z5tSOu5Ff7no4isRV64rWfMSKLZclw==" }, "node_modules/@primer/react": { - "version": "34.6.0", - "resolved": "https://registry.npmjs.org/@primer/react/-/react-34.6.0.tgz", - "integrity": "sha512-a0Mh6YmpEyQF6ad0mnfOJoC+y1heDM4uuvBcQQKJQ28DVeif5mn+slCD2C9ZQvnhkl4qnh3iqXOTxmKN5fCHNQ==", + "version": "34.7.1", + "resolved": "https://registry.npmjs.org/@primer/react/-/react-34.7.1.tgz", + "integrity": "sha512-9OLRo3N1/B/jqb7aJPY7xmtyKM8afZlmWLnEOmT8LOCmuwPiRXI+4GsJjaV9RPx3h8rUXBQwpaYZGDDj9+/OjA==", "dependencies": { "@primer/behaviors": "1.1.0", "@primer/octicons-react": "16.1.1", @@ -3673,9 +3667,9 @@ } }, "node_modules/@sideway/address": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/@sideway/address/-/address-4.1.2.tgz", - "integrity": "sha512-idTz8ibqWFrPU8kMirL0CoPH/A29XOzzAzpyN3zQ4kAWnzmNfFmRaoMNN6VI8ske5M73HZyhIaW4OuSFIdM4oA==", + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/@sideway/address/-/address-4.1.3.tgz", + "integrity": "sha512-8ncEUtmnTsMmL7z1YPB47kPUq7LpKWJNFPsRzHiIajGC5uXlWGn+AmkYPcHNl8S4tcEGx+cnORnNYaw2wvL+LQ==", "devOptional": true, "dependencies": { "@hapi/hoek": "^9.0.0" @@ -4218,14 +4212,14 @@ } }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.13.0.tgz", - "integrity": "sha512-vLktb2Uec81fxm/cfz2Hd6QaWOs8qdmVAZXLdOBX6JFJDhf6oDZpMzZ4/LZ6SFM/5DgDcxIMIvy3F+O9yZBuiQ==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.15.0.tgz", + "integrity": "sha512-u6Db5JfF0Esn3tiAKELvoU5TpXVSkOpZ78cEGn/wXtT2RVqs2vkt4ge6N8cRCyw7YVKhmmLDbwI2pg92mlv7cA==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "5.13.0", - "@typescript-eslint/type-utils": "5.13.0", - "@typescript-eslint/utils": "5.13.0", + "@typescript-eslint/scope-manager": "5.15.0", + "@typescript-eslint/type-utils": "5.15.0", + "@typescript-eslint/utils": "5.15.0", "debug": "^4.3.2", "functional-red-black-tree": "^1.0.1", "ignore": "^5.1.8", @@ -4251,14 +4245,14 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.13.0.tgz", - "integrity": "sha512-GdrU4GvBE29tm2RqWOM0P5QfCtgCyN4hXICj/X9ibKED16136l9ZpoJvCL5pSKtmJzA+NRDzQ312wWMejCVVfg==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.15.0.tgz", + "integrity": "sha512-NGAYP/+RDM2sVfmKiKOCgJYPstAO40vPAgACoWPO/+yoYKSgAXIFaBKsV8P0Cc7fwKgvj27SjRNX4L7f4/jCKQ==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "5.13.0", - "@typescript-eslint/types": "5.13.0", - "@typescript-eslint/typescript-estree": "5.13.0", + "@typescript-eslint/scope-manager": "5.15.0", + "@typescript-eslint/types": "5.15.0", + "@typescript-eslint/typescript-estree": "5.15.0", "debug": "^4.3.2" }, "engines": { @@ -4278,13 +4272,13 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.13.0.tgz", - "integrity": "sha512-T4N8UvKYDSfVYdmJq7g2IPJYCRzwtp74KyDZytkR4OL3NRupvswvmJQJ4CX5tDSurW2cvCc1Ia1qM7d0jpa7IA==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.15.0.tgz", + "integrity": "sha512-EFiZcSKrHh4kWk0pZaa+YNJosvKE50EnmN4IfgjkA3bTHElPtYcd2U37QQkNTqwMCS7LXeDeZzEqnsOH8chjSg==", "dev": true, "dependencies": { - "@typescript-eslint/types": "5.13.0", - "@typescript-eslint/visitor-keys": "5.13.0" + "@typescript-eslint/types": "5.15.0", + "@typescript-eslint/visitor-keys": "5.15.0" }, "engines": { "node": "^12.22.0 || ^14.17.0 || >=16.0.0" @@ -4295,12 +4289,12 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.13.0.tgz", - "integrity": "sha512-/nz7qFizaBM1SuqAKb7GLkcNn2buRdDgZraXlkhz+vUGiN1NZ9LzkA595tHHeduAiS2MsHqMNhE2zNzGdw43Yg==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.15.0.tgz", + "integrity": "sha512-KGeDoEQ7gHieLydujGEFLyLofipe9PIzfvA/41urz4hv+xVxPEbmMQonKSynZ0Ks2xDhJQ4VYjB3DnRiywvKDA==", "dev": true, "dependencies": { - "@typescript-eslint/utils": "5.13.0", + "@typescript-eslint/utils": "5.15.0", "debug": "^4.3.2", "tsutils": "^3.21.0" }, @@ -4321,9 +4315,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.13.0.tgz", - "integrity": "sha512-LmE/KO6DUy0nFY/OoQU0XelnmDt+V8lPQhh8MOVa7Y5k2gGRd6U9Kp3wAjhB4OHg57tUO0nOnwYQhRRyEAyOyg==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.15.0.tgz", + "integrity": "sha512-yEiTN4MDy23vvsIksrShjNwQl2vl6kJeG9YkVJXjXZnkJElzVK8nfPsWKYxcsGWG8GhurYXP4/KGj3aZAxbeOA==", "dev": true, "engines": { "node": "^12.22.0 || ^14.17.0 || >=16.0.0" @@ -4334,13 +4328,13 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.13.0.tgz", - "integrity": "sha512-Q9cQow0DeLjnp5DuEDjLZ6JIkwGx3oYZe+BfcNuw/POhtpcxMTy18Icl6BJqTSd+3ftsrfuVb7mNHRZf7xiaNA==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.15.0.tgz", + "integrity": "sha512-Hb0e3dGc35b75xLzixM3cSbG1sSbrTBQDfIScqdyvrfJZVEi4XWAT+UL/HMxEdrJNB8Yk28SKxPLtAhfCbBInA==", "dev": true, "dependencies": { - "@typescript-eslint/types": "5.13.0", - "@typescript-eslint/visitor-keys": "5.13.0", + "@typescript-eslint/types": "5.15.0", + "@typescript-eslint/visitor-keys": "5.15.0", "debug": "^4.3.2", "globby": "^11.0.4", "is-glob": "^4.0.3", @@ -4361,15 +4355,15 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.13.0.tgz", - "integrity": "sha512-+9oHlPWYNl6AwwoEt5TQryEHwiKRVjz7Vk6kaBeD3/kwHE5YqTGHtm/JZY8Bo9ITOeKutFaXnBlMgSATMJALUQ==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.15.0.tgz", + "integrity": "sha512-081rWu2IPKOgTOhHUk/QfxuFog8m4wxW43sXNOMSCdh578tGJ1PAaWPsj42LOa7pguh173tNlMigsbrHvh/mtA==", "dev": true, "dependencies": { "@types/json-schema": "^7.0.9", - "@typescript-eslint/scope-manager": "5.13.0", - "@typescript-eslint/types": "5.13.0", - "@typescript-eslint/typescript-estree": "5.13.0", + "@typescript-eslint/scope-manager": "5.15.0", + "@typescript-eslint/types": "5.15.0", + "@typescript-eslint/typescript-estree": "5.15.0", "eslint-scope": "^5.1.1", "eslint-utils": "^3.0.0" }, @@ -4403,12 +4397,12 @@ } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.13.0.tgz", - "integrity": "sha512-HLKEAS/qA1V7d9EzcpLFykTePmOQqOFim8oCvhY3pZgQ8Hi38hYpHd9e5GN6nQBFQNecNhws5wkS9Y5XIO0s/g==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.15.0.tgz", + "integrity": "sha512-+vX5FKtgvyHbmIJdxMJ2jKm9z2BIlXJiuewI8dsDYMp5LzPUcuTT78Ya5iwvQg3VqSVdmxyM8Anj1Jeq7733ZQ==", "dev": true, "dependencies": { - "@typescript-eslint/types": "5.13.0", + "@typescript-eslint/types": "5.15.0", "eslint-visitor-keys": "^3.0.0" }, "engines": { @@ -4778,6 +4772,17 @@ "string-width": "^4.1.0" } }, + "node_modules/ansi-colors": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", + "integrity": "sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA==", + "dev": true, + "optional": true, + "peer": true, + "engines": { + "node": ">=6" + } + }, "node_modules/ansi-escapes": { "version": "4.3.2", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", @@ -4855,7 +4860,7 @@ "version": "3.1.0", "resolved": "https://registry.npmjs.org/arr-union/-/arr-union-3.1.0.tgz", "integrity": "sha1-45sJrqne+Gao8gbiiK9jkZuuOcQ=", - "optional": true, + "devOptional": true, "engines": { "node": ">=0.10.0" } @@ -6887,11 +6892,19 @@ "node": ">=8" } }, + "node_modules/clone": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/clone/-/clone-1.0.4.tgz", + "integrity": "sha1-2jCcwmPfFZlMaIypAheco8fNfH4=", + "engines": { + "node": ">=0.8" + } + }, "node_modules/clone-deep": { "version": "0.2.4", "resolved": "https://registry.npmjs.org/clone-deep/-/clone-deep-0.2.4.tgz", "integrity": "sha1-TnPdCen7lxzDhnDF3O2cGJZIHMY=", - "optional": true, + "devOptional": true, "dependencies": { "for-own": "^0.1.3", "is-plain-object": "^2.0.1", @@ -6907,13 +6920,13 @@ "version": "1.1.6", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", - "optional": true + "devOptional": true }, "node_modules/clone-deep/node_modules/is-plain-object": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz", "integrity": "sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==", - "optional": true, + "devOptional": true, "dependencies": { "isobject": "^3.0.1" }, @@ -6925,7 +6938,7 @@ "version": "3.2.2", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", - "optional": true, + "devOptional": true, "dependencies": { "is-buffer": "^1.1.5" }, @@ -7532,7 +7545,7 @@ "version": "0.10.0", "resolved": "https://registry.npmjs.org/cwd/-/cwd-0.10.0.tgz", "integrity": "sha1-FyQAaUBXwioTsM8WFix+S3p/5Wc=", - "optional": true, + "devOptional": true, "dependencies": { "find-pkg": "^0.1.2", "fs-exists-sync": "^0.1.0" @@ -7692,6 +7705,14 @@ "node": ">=0.10.0" } }, + "node_modules/defaults": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/defaults/-/defaults-1.0.3.tgz", + "integrity": "sha1-xlYFHpgX2f8I7YgUd/P+QBnz730=", + "dependencies": { + "clone": "^1.0.2" + } + }, "node_modules/defer-to-connect": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/defer-to-connect/-/defer-to-connect-2.0.1.tgz", @@ -8204,6 +8225,20 @@ "node": ">=10.13.0" } }, + "node_modules/enquirer": { + "version": "2.3.6", + "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.3.6.tgz", + "integrity": "sha512-yjNnPr315/FjS4zIsUxYguYUPP2e1NK4d7E7ZOLiyYCcbFBiTMyID+2wvm2w6+pZ/odMA7cRkjhsPbltwBOrLg==", + "dev": true, + "optional": true, + "peer": true, + "dependencies": { + "ansi-colors": "^4.1.1" + }, + "engines": { + "node": ">=8.6" + } + }, "node_modules/ensure-posix-path": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/ensure-posix-path/-/ensure-posix-path-1.1.1.tgz", @@ -8427,12 +8462,12 @@ } }, "node_modules/eslint": { - "version": "8.10.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.10.0.tgz", - "integrity": "sha512-tcI1D9lfVec+R4LE1mNDnzoJ/f71Kl/9Cv4nG47jOueCMBrCCKYXr4AUVS7go6mWYGFD4+EoN6+eXSrEbRzXVw==", + "version": "8.11.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.11.0.tgz", + "integrity": "sha512-/KRpd9mIRg2raGxHRGwW9ZywYNAClZrHjdueHcrVDuO3a6bj83eoTirCCk0M0yPwOjWYKHwRVRid+xK4F/GHgA==", "dev": true, "dependencies": { - "@eslint/eslintrc": "^1.2.0", + "@eslint/eslintrc": "^1.2.1", "@humanwhocodes/config-array": "^0.9.2", "ajv": "^6.10.0", "chalk": "^4.0.0", @@ -9219,7 +9254,7 @@ "version": "1.2.2", "resolved": "https://registry.npmjs.org/expand-tilde/-/expand-tilde-1.2.2.tgz", "integrity": "sha1-C4HrqJflo9MdHD0QL48BRB5VlEk=", - "optional": true, + "devOptional": true, "dependencies": { "os-homedir": "^1.0.1" }, @@ -9300,6 +9335,14 @@ "express": "^4" } }, + "node_modules/express-slow-down": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/express-slow-down/-/express-slow-down-1.4.0.tgz", + "integrity": "sha512-Tw5aa0plPj2STiuc2SyMw2VSjMvBgLGQHHoPhkIL4iPQcFZDueWBaiLxFZ3SrwrJhiu3b3sHNcsP6lXeWnbwAw==", + "dependencies": { + "defaults": "^1.0.3" + } + }, "node_modules/express-timeout-handler": { "version": "2.2.2", "resolved": "https://registry.npmjs.org/express-timeout-handler/-/express-timeout-handler-2.2.2.tgz", @@ -9581,7 +9624,7 @@ "version": "0.1.3", "resolved": "https://registry.npmjs.org/find-file-up/-/find-file-up-0.1.3.tgz", "integrity": "sha1-z2gJG8+fMApA2kEbN9pczlovvqA=", - "optional": true, + "devOptional": true, "dependencies": { "fs-exists-sync": "^0.1.0", "resolve-dir": "^0.1.0" @@ -9594,7 +9637,7 @@ "version": "0.1.2", "resolved": "https://registry.npmjs.org/find-pkg/-/find-pkg-0.1.2.tgz", "integrity": "sha1-G9wiwG42NlUy4qJIBGhUuXiNpVc=", - "optional": true, + "devOptional": true, "dependencies": { "find-file-up": "^0.1.2" }, @@ -9606,7 +9649,7 @@ "version": "1.4.7", "resolved": "https://registry.npmjs.org/find-process/-/find-process-1.4.7.tgz", "integrity": "sha512-/U4CYp1214Xrp3u3Fqr9yNynUrr5Le4y0SsJh2lMDDSbpwYSz3M2SMWQC+wqcx79cN8PQtHQIL8KnuY9M66fdg==", - "optional": true, + "devOptional": true, "dependencies": { "chalk": "^4.0.0", "commander": "^5.1.0", @@ -9620,7 +9663,7 @@ "version": "4.1.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "optional": true, + "devOptional": true, "dependencies": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" @@ -9636,7 +9679,7 @@ "version": "5.1.0", "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz", "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==", - "optional": true, + "devOptional": true, "engines": { "node": ">= 6" } @@ -9709,7 +9752,7 @@ "version": "1.0.2", "resolved": "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz", "integrity": "sha1-gQaNKVqBQuwKxybG4iAMMPttXoA=", - "optional": true, + "devOptional": true, "engines": { "node": ">=0.10.0" } @@ -9718,7 +9761,7 @@ "version": "0.1.5", "resolved": "https://registry.npmjs.org/for-own/-/for-own-0.1.5.tgz", "integrity": "sha1-UmXGgaTylNq78XyVCbZ2OqhFEM4=", - "optional": true, + "devOptional": true, "dependencies": { "for-in": "^1.0.1" }, @@ -9829,7 +9872,7 @@ "version": "0.1.0", "resolved": "https://registry.npmjs.org/fs-exists-sync/-/fs-exists-sync-0.1.0.tgz", "integrity": "sha1-mC1ok6+RjnLQjeyehnP/K1qNat0=", - "optional": true, + "devOptional": true, "engines": { "node": ">=0.10.0" } @@ -10013,6 +10056,12 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/get-them-args": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/get-them-args/-/get-them-args-1.3.2.tgz", + "integrity": "sha1-dKILqKSr7OWuGZrQPyvMaP38m6U=", + "dev": true + }, "node_modules/gifwrap": { "version": "0.9.2", "resolved": "https://registry.npmjs.org/gifwrap/-/gifwrap-0.9.2.tgz", @@ -10220,7 +10269,7 @@ "version": "0.2.3", "resolved": "https://registry.npmjs.org/global-modules/-/global-modules-0.2.3.tgz", "integrity": "sha1-6lo77ULG1s6ZWk+KEmm12uIjgo0=", - "optional": true, + "devOptional": true, "dependencies": { "global-prefix": "^0.1.4", "is-windows": "^0.2.0" @@ -10233,7 +10282,7 @@ "version": "0.1.5", "resolved": "https://registry.npmjs.org/global-prefix/-/global-prefix-0.1.5.tgz", "integrity": "sha1-jTvGuNo8qBEqFg2NSW/wRiv+948=", - "optional": true, + "devOptional": true, "dependencies": { "homedir-polyfill": "^1.0.0", "ini": "^1.3.4", @@ -10248,7 +10297,7 @@ "version": "1.3.1", "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", - "optional": true, + "devOptional": true, "dependencies": { "isexe": "^2.0.0" }, @@ -10806,7 +10855,7 @@ "version": "1.0.3", "resolved": "https://registry.npmjs.org/homedir-polyfill/-/homedir-polyfill-1.0.3.tgz", "integrity": "sha512-eSmmWE5bZTK2Nou4g0AI3zZ9rswp7GRKoKXS1BLUkvPviOqs4YTN1djQIqrXy9k5gEtdLPy86JjRwsNM9tnDcA==", - "optional": true, + "devOptional": true, "dependencies": { "parse-passwd": "^1.0.0" }, @@ -11702,7 +11751,7 @@ "version": "0.2.0", "resolved": "https://registry.npmjs.org/is-windows/-/is-windows-0.2.0.tgz", "integrity": "sha1-3hqm1j6indJIc3tp8f+LgALSEIw=", - "optional": true, + "devOptional": true, "engines": { "node": ">=0.10.0" } @@ -11750,7 +11799,7 @@ "version": "3.0.1", "resolved": "https://registry.npmjs.org/isobject/-/isobject-3.0.1.tgz", "integrity": "sha1-TkMekrEalzFjaqH5yNHMvP2reN8=", - "optional": true, + "devOptional": true, "engines": { "node": ">=0.10.0" } @@ -12065,7 +12114,7 @@ "version": "5.0.3", "resolved": "https://registry.npmjs.org/jest-dev-server/-/jest-dev-server-5.0.3.tgz", "integrity": "sha512-aJR3a5KdY18Lsz+VbREKwx2HM3iukiui+J9rlv9o6iYTwZCSsJazSTStcD9K1q0AIF3oA+FqLOKDyo/sc7+fJw==", - "optional": true, + "devOptional": true, "dependencies": { "chalk": "^4.1.1", "cwd": "^0.10.0", @@ -12080,7 +12129,7 @@ "version": "4.1.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "optional": true, + "devOptional": true, "dependencies": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" @@ -12206,7 +12255,7 @@ "version": "5.0.4", "resolved": "https://registry.npmjs.org/jest-environment-puppeteer/-/jest-environment-puppeteer-5.0.4.tgz", "integrity": "sha512-wd4EDOD4QRi11QZ1IV8WsL1wlnnMUtcqtU0BNm+REzRtg78K2XHn3jS6YxGeXIOnsgrJeHxsD7DlRZ/GkFteLg==", - "optional": true, + "devOptional": true, "dependencies": { "chalk": "^4.1.1", "cwd": "^0.10.0", @@ -12219,7 +12268,7 @@ "version": "4.1.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "optional": true, + "devOptional": true, "dependencies": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" @@ -12875,14 +12924,14 @@ } }, "node_modules/joi": { - "version": "17.4.2", - "resolved": "https://registry.npmjs.org/joi/-/joi-17.4.2.tgz", - "integrity": "sha512-Lm56PP+n0+Z2A2rfRvsfWVDXGEWjXxatPopkQ8qQ5mxCEhwHG+Ettgg5o98FFaxilOxozoa14cFhrE/hOzh/Nw==", + "version": "17.6.0", + "resolved": "https://registry.npmjs.org/joi/-/joi-17.6.0.tgz", + "integrity": "sha512-OX5dG6DTbcr/kbMFj0KGYxuew69HPcAE3K/sZpEV2nP6e/j/C0HV+HNiBPCASxdx5T7DMoa0s8UeHWMnb6n2zw==", "devOptional": true, "dependencies": { "@hapi/hoek": "^9.0.0", "@hapi/topo": "^5.0.0", - "@sideway/address": "^4.1.0", + "@sideway/address": "^4.1.3", "@sideway/formula": "^3.0.0", "@sideway/pinpoint": "^2.0.0" } @@ -13122,6 +13171,19 @@ "json-buffer": "3.0.1" } }, + "node_modules/kill-port": { + "version": "1.6.1", + "resolved": "https://registry.npmjs.org/kill-port/-/kill-port-1.6.1.tgz", + "integrity": "sha512-un0Y55cOM7JKGaLnGja28T38tDDop0AQ8N0KlAdyh+B1nmMoX8AnNmqPNZbS3mUMgiST51DCVqmbFT1gNJpVNw==", + "dev": true, + "dependencies": { + "get-them-args": "1.3.2", + "shell-exec": "1.0.2" + }, + "bin": { + "kill-port": "cli.js" + } + }, "node_modules/kind-of": { "version": "6.0.3", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", @@ -13178,7 +13240,7 @@ "version": "1.0.4", "resolved": "https://registry.npmjs.org/lazy-cache/-/lazy-cache-1.0.4.tgz", "integrity": "sha1-odePw6UEdMuAhF07O24dpJpEbo4=", - "optional": true, + "devOptional": true, "engines": { "node": ">=0.10.0" } @@ -13436,15 +13498,6 @@ "integrity": "sha512-hUewv7oMjCp+wkBv5Rm0v87eJhq4woh5rSR+42YSQJKecCqgIqNkZ6lAlQms/BwHPJA5NKMRlpxPRv0n8HQW6g==", "dev": true }, - "node_modules/listr2/node_modules/rxjs": { - "version": "7.5.2", - "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-7.5.2.tgz", - "integrity": "sha512-PwDt186XaL3QN5qXj/H9DGyHhP3/RYYgZZwqBv9Tv8rsAaiwFH1IsJJlcgD37J7UW5a6O67qX0KWKS3/pu0m4w==", - "dev": true, - "dependencies": { - "tslib": "^2.1.0" - } - }, "node_modules/listr2/node_modules/slice-ansi": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-3.0.0.tgz", @@ -14125,7 +14178,7 @@ "version": "3.0.3", "resolved": "https://registry.npmjs.org/merge-deep/-/merge-deep-3.0.3.tgz", "integrity": "sha512-qtmzAS6t6grwEkNrunqTBdn0qKwFgNWvlxUbAV8es9M7Ot1EbyApytCnvE0jALPa46ZpKDUo527kKiaWplmlFA==", - "optional": true, + "devOptional": true, "dependencies": { "arr-union": "^3.1.0", "clone-deep": "^0.2.4", @@ -14139,13 +14192,13 @@ "version": "1.1.6", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", - "optional": true + "devOptional": true }, "node_modules/merge-deep/node_modules/kind-of": { "version": "3.2.2", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", - "optional": true, + "devOptional": true, "dependencies": { "is-buffer": "^1.1.5" }, @@ -14857,7 +14910,7 @@ "version": "2.0.1", "resolved": "https://registry.npmjs.org/mixin-object/-/mixin-object-2.0.1.tgz", "integrity": "sha1-T7lJRB2rGCVA8f4DW6YOGUel5X4=", - "optional": true, + "devOptional": true, "dependencies": { "for-in": "^0.1.3", "is-extendable": "^0.1.1" @@ -14870,7 +14923,7 @@ "version": "0.1.8", "resolved": "https://registry.npmjs.org/for-in/-/for-in-0.1.8.tgz", "integrity": "sha1-2Hc5COMSVhCZUrH9ubP6hn0ndeE=", - "optional": true, + "devOptional": true, "engines": { "node": ">=0.10.0" } @@ -15960,7 +16013,7 @@ "version": "1.0.2", "resolved": "https://registry.npmjs.org/os-homedir/-/os-homedir-1.0.2.tgz", "integrity": "sha1-/7xJiDNuDoM94MFox+8VISGqf7M=", - "optional": true, + "devOptional": true, "engines": { "node": ">=0.10.0" } @@ -16995,7 +17048,7 @@ "version": "1.0.0", "resolved": "https://registry.npmjs.org/parse-passwd/-/parse-passwd-1.0.0.tgz", "integrity": "sha1-bVuTSkVpk7I9N/QKOC1vFmao5cY=", - "optional": true, + "devOptional": true, "engines": { "node": ">=0.10.0" } @@ -19059,7 +19112,7 @@ "version": "0.1.1", "resolved": "https://registry.npmjs.org/resolve-dir/-/resolve-dir-0.1.1.tgz", "integrity": "sha1-shklmlYC+sXFxJatiUpujMQwJh4=", - "optional": true, + "devOptional": true, "dependencies": { "expand-tilde": "^1.2.2", "global-modules": "^0.2.3" @@ -19202,23 +19255,14 @@ } }, "node_modules/rxjs": { - "version": "6.6.7", - "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.6.7.tgz", - "integrity": "sha512-hTdwr+7yYNIT5n4AMYp85KA6yw2Va0FLa3Rguvbpa4W3I5xynaBZo41cM3XM+4Q6fRMj3sBYIR1VAmZMXYJvRQ==", - "optional": true, + "version": "7.5.5", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-7.5.5.tgz", + "integrity": "sha512-sy+H0pQofO95VDmFLzyaw9xNJU4KTRSwQIGM6+iG3SypAtCiLDzpeG8sJrNCWn2Up9km+KhkvTdbkrdy+yzZdw==", + "dev": true, "dependencies": { - "tslib": "^1.9.0" - }, - "engines": { - "npm": ">=2.0.0" + "tslib": "^2.1.0" } }, - "node_modules/rxjs/node_modules/tslib": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", - "integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg==", - "optional": true - }, "node_modules/sade": { "version": "1.7.4", "resolved": "https://registry.npmjs.org/sade/-/sade-1.7.4.tgz", @@ -19555,7 +19599,7 @@ "version": "0.1.2", "resolved": "https://registry.npmjs.org/shallow-clone/-/shallow-clone-0.1.2.tgz", "integrity": "sha1-WQnodLp3EG1zrEFM/sH/yofZcGA=", - "optional": true, + "devOptional": true, "dependencies": { "is-extendable": "^0.1.1", "kind-of": "^2.0.1", @@ -19570,13 +19614,13 @@ "version": "1.1.6", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", - "optional": true + "devOptional": true }, "node_modules/shallow-clone/node_modules/kind-of": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-2.0.1.tgz", "integrity": "sha1-AY7HpM5+OobLkUG+UZ0kyPqpgbU=", - "optional": true, + "devOptional": true, "dependencies": { "is-buffer": "^1.0.2" }, @@ -19588,7 +19632,7 @@ "version": "0.2.7", "resolved": "https://registry.npmjs.org/lazy-cache/-/lazy-cache-0.2.7.tgz", "integrity": "sha1-f+3fLctu23fRHvHRF6tf/fCrG2U=", - "optional": true, + "devOptional": true, "engines": { "node": ">=0.10.0" } @@ -19619,6 +19663,12 @@ "node": ">=8" } }, + "node_modules/shell-exec": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/shell-exec/-/shell-exec-1.0.2.tgz", + "integrity": "sha512-jyVd+kU2X+mWKMmGhx4fpWbPsjvD53k9ivqetutVW/BQ+WIZoDoP4d8vUMGezV6saZsiNoW2f9GIhg9Dondohg==", + "dev": true + }, "node_modules/shell-quote": { "version": "1.7.2", "resolved": "https://registry.npmjs.org/shell-quote/-/shell-quote-1.7.2.tgz", @@ -19664,9 +19714,9 @@ } }, "node_modules/signal-exit": { - "version": "3.0.5", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.5.tgz", - "integrity": "sha512-KWcOiKeQj6ZyXx7zq4YxSMgHRlod4czeBQZrPb8OKcohcqAXShm7E20kEMle9WBt26hFcAf0qLOcp5zmY7kOqQ==", + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", "devOptional": true }, "node_modules/sisteransi": { @@ -19785,7 +19835,7 @@ "version": "5.0.0", "resolved": "https://registry.npmjs.org/spawnd/-/spawnd-5.0.0.tgz", "integrity": "sha512-28+AJr82moMVWolQvlAIv3JcYDkjkFTEmfDc503wxrF5l2rQ3dFz6DpbXp3kD4zmgGGldfM4xM4v1sFj/ZaIOA==", - "optional": true, + "devOptional": true, "dependencies": { "exit": "^0.1.2", "signal-exit": "^3.0.3", @@ -19917,21 +19967,6 @@ "node": ">=6" } }, - "node_modules/start-server-and-test/node_modules/rxjs": { - "version": "7.4.0", - "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-7.4.0.tgz", - "integrity": "sha512-7SQDi7xeTMCJpqViXh8gL/lebcwlp3d831F05+9B44A4B0WfsEwUQHR64gsH1kvJ+Ep/J9K2+n1hVl1CsGN23w==", - "dev": true, - "dependencies": { - "tslib": "~2.1.0" - } - }, - "node_modules/start-server-and-test/node_modules/tslib": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.1.0.tgz", - "integrity": "sha512-hcVC3wYEziELGGmEEXue7D75zbwIIVUMWAVbHItGPx0ziyXxrOMQx4rQEVEV45Ut/1IotuEvwqPopzIOkDMf0A==", - "dev": true - }, "node_modules/start-server-and-test/node_modules/wait-on": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/wait-on/-/wait-on-6.0.0.tgz", @@ -20897,7 +20932,7 @@ "version": "1.2.2", "resolved": "https://registry.npmjs.org/tree-kill/-/tree-kill-1.2.2.tgz", "integrity": "sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A==", - "optional": true, + "devOptional": true, "bin": { "tree-kill": "cli.js" } @@ -21760,7 +21795,7 @@ "version": "5.3.0", "resolved": "https://registry.npmjs.org/wait-on/-/wait-on-5.3.0.tgz", "integrity": "sha512-DwrHrnTK+/0QFaB9a8Ol5Lna3k7WvUR4jzSKmz0YaPBpuN2sACyiPVKVfj6ejnjcajAcvn3wlbTyMIn9AZouOg==", - "optional": true, + "devOptional": true, "dependencies": { "axios": "^0.21.1", "joi": "^17.3.0", @@ -21775,11 +21810,29 @@ "node": ">=8.9.0" } }, + "node_modules/wait-on/node_modules/rxjs": { + "version": "6.6.7", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.6.7.tgz", + "integrity": "sha512-hTdwr+7yYNIT5n4AMYp85KA6yw2Va0FLa3Rguvbpa4W3I5xynaBZo41cM3XM+4Q6fRMj3sBYIR1VAmZMXYJvRQ==", + "devOptional": true, + "dependencies": { + "tslib": "^1.9.0" + }, + "engines": { + "npm": ">=2.0.0" + } + }, + "node_modules/wait-on/node_modules/tslib": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg==", + "devOptional": true + }, "node_modules/wait-port": { "version": "0.2.9", "resolved": "https://registry.npmjs.org/wait-port/-/wait-port-0.2.9.tgz", "integrity": "sha512-hQ/cVKsNqGZ/UbZB/oakOGFqic00YAMM5/PEj3Bt4vKarv2jWIWzDbqlwT94qMs/exAQAsvMOq99sZblV92zxQ==", - "optional": true, + "devOptional": true, "dependencies": { "chalk": "^2.4.2", "commander": "^3.0.2", @@ -21796,7 +21849,7 @@ "version": "3.2.1", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "optional": true, + "devOptional": true, "dependencies": { "color-convert": "^1.9.0" }, @@ -21808,7 +21861,7 @@ "version": "2.4.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "optional": true, + "devOptional": true, "dependencies": { "ansi-styles": "^3.2.1", "escape-string-regexp": "^1.0.5", @@ -21822,7 +21875,7 @@ "version": "1.9.3", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "optional": true, + "devOptional": true, "dependencies": { "color-name": "1.1.3" } @@ -21831,19 +21884,19 @@ "version": "1.1.3", "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", - "optional": true + "devOptional": true }, "node_modules/wait-port/node_modules/commander": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.2.tgz", "integrity": "sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow==", - "optional": true + "devOptional": true }, "node_modules/wait-port/node_modules/escape-string-regexp": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", - "optional": true, + "devOptional": true, "engines": { "node": ">=0.8.0" } @@ -21852,7 +21905,7 @@ "version": "3.0.0", "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", - "optional": true, + "devOptional": true, "engines": { "node": ">=4" } @@ -21861,7 +21914,7 @@ "version": "5.5.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "optional": true, + "devOptional": true, "dependencies": { "has-flag": "^3.0.0" }, @@ -23842,16 +23895,16 @@ "integrity": "sha512-OWORNpfjMsSSUBVrRBVGECkhWcULOAJz9ZW8uK9qgxD+87M7jHRcvh/A96XXNhXTLmKcoYSQtBEX7lHMO7YRwg==" }, "@eslint/eslintrc": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-1.2.0.tgz", - "integrity": "sha512-igm9SjJHNEJRiUnecP/1R5T3wKLEJ7pL6e2P+GUSfCd0dGjPYYZve08uzw8L2J8foVHFz+NGu12JxRcU2gGo6w==", + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-1.2.1.tgz", + "integrity": "sha512-bxvbYnBPN1Gibwyp6NrpnFzA3YtRL3BBAyEAFVIpNTm2Rn4Vy87GA5M4aSn3InRrlsbX5N0GW7XIx+U4SAEKdQ==", "dev": true, "requires": { "ajv": "^6.12.4", "debug": "^4.3.2", "espree": "^9.3.1", "globals": "^13.9.0", - "ignore": "^4.0.6", + "ignore": "^5.2.0", "import-fresh": "^3.2.1", "js-yaml": "^4.1.0", "minimatch": "^3.0.4", @@ -23881,20 +23934,14 @@ } }, "globals": { - "version": "13.12.1", - "resolved": "https://registry.npmjs.org/globals/-/globals-13.12.1.tgz", - "integrity": "sha512-317dFlgY2pdJZ9rspXDks7073GpDmXdfbM3vYYp0HAMKGDh1FfWPleI2ljVNLQX5M5lXcAslTcPTrOrMEFOjyw==", + "version": "13.13.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-13.13.0.tgz", + "integrity": "sha512-EQ7Q18AJlPwp3vUDL4mKA0KXrXyNIQyWon6T6XQiBQF0XHvRsiCSrWmmeATpUzdJN2HhWZU6Pdl0a9zdep5p6A==", "dev": true, "requires": { "type-fest": "^0.20.2" } }, - "ignore": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", - "integrity": "sha512-cyFDKrqc/YdcWFniJhzI42+AzS+gNwmUzOSFcRCQYwySuBBBy/KjuxWLZ/FHEH6Moq1NizMOBWyTcv8O4OZIMg==", - "dev": true - }, "json-schema-traverse": { "version": "0.4.1", "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", @@ -25135,9 +25182,9 @@ "integrity": "sha512-+Gwo89YK1OFi6oubTlah/zPxxzMNaMLy+inECAYI646KIFdzzhAsKWb3z5tSOu5Ff7no4isRV64rWfMSKLZclw==" }, "@primer/react": { - "version": "34.6.0", - "resolved": "https://registry.npmjs.org/@primer/react/-/react-34.6.0.tgz", - "integrity": "sha512-a0Mh6YmpEyQF6ad0mnfOJoC+y1heDM4uuvBcQQKJQ28DVeif5mn+slCD2C9ZQvnhkl4qnh3iqXOTxmKN5fCHNQ==", + "version": "34.7.1", + "resolved": "https://registry.npmjs.org/@primer/react/-/react-34.7.1.tgz", + "integrity": "sha512-9OLRo3N1/B/jqb7aJPY7xmtyKM8afZlmWLnEOmT8LOCmuwPiRXI+4GsJjaV9RPx3h8rUXBQwpaYZGDDj9+/OjA==", "requires": { "@primer/behaviors": "1.1.0", "@primer/octicons-react": "16.1.1", @@ -25182,9 +25229,9 @@ } }, "@sideway/address": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/@sideway/address/-/address-4.1.2.tgz", - "integrity": "sha512-idTz8ibqWFrPU8kMirL0CoPH/A29XOzzAzpyN3zQ4kAWnzmNfFmRaoMNN6VI8ske5M73HZyhIaW4OuSFIdM4oA==", + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/@sideway/address/-/address-4.1.3.tgz", + "integrity": "sha512-8ncEUtmnTsMmL7z1YPB47kPUq7LpKWJNFPsRzHiIajGC5uXlWGn+AmkYPcHNl8S4tcEGx+cnORnNYaw2wvL+LQ==", "devOptional": true, "requires": { "@hapi/hoek": "^9.0.0" @@ -25715,14 +25762,14 @@ } }, "@typescript-eslint/eslint-plugin": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.13.0.tgz", - "integrity": "sha512-vLktb2Uec81fxm/cfz2Hd6QaWOs8qdmVAZXLdOBX6JFJDhf6oDZpMzZ4/LZ6SFM/5DgDcxIMIvy3F+O9yZBuiQ==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.15.0.tgz", + "integrity": "sha512-u6Db5JfF0Esn3tiAKELvoU5TpXVSkOpZ78cEGn/wXtT2RVqs2vkt4ge6N8cRCyw7YVKhmmLDbwI2pg92mlv7cA==", "dev": true, "requires": { - "@typescript-eslint/scope-manager": "5.13.0", - "@typescript-eslint/type-utils": "5.13.0", - "@typescript-eslint/utils": "5.13.0", + "@typescript-eslint/scope-manager": "5.15.0", + "@typescript-eslint/type-utils": "5.15.0", + "@typescript-eslint/utils": "5.15.0", "debug": "^4.3.2", "functional-red-black-tree": "^1.0.1", "ignore": "^5.1.8", @@ -25732,52 +25779,52 @@ } }, "@typescript-eslint/parser": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.13.0.tgz", - "integrity": "sha512-GdrU4GvBE29tm2RqWOM0P5QfCtgCyN4hXICj/X9ibKED16136l9ZpoJvCL5pSKtmJzA+NRDzQ312wWMejCVVfg==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.15.0.tgz", + "integrity": "sha512-NGAYP/+RDM2sVfmKiKOCgJYPstAO40vPAgACoWPO/+yoYKSgAXIFaBKsV8P0Cc7fwKgvj27SjRNX4L7f4/jCKQ==", "dev": true, "requires": { - "@typescript-eslint/scope-manager": "5.13.0", - "@typescript-eslint/types": "5.13.0", - "@typescript-eslint/typescript-estree": "5.13.0", + "@typescript-eslint/scope-manager": "5.15.0", + "@typescript-eslint/types": "5.15.0", + "@typescript-eslint/typescript-estree": "5.15.0", "debug": "^4.3.2" } }, "@typescript-eslint/scope-manager": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.13.0.tgz", - "integrity": "sha512-T4N8UvKYDSfVYdmJq7g2IPJYCRzwtp74KyDZytkR4OL3NRupvswvmJQJ4CX5tDSurW2cvCc1Ia1qM7d0jpa7IA==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.15.0.tgz", + "integrity": "sha512-EFiZcSKrHh4kWk0pZaa+YNJosvKE50EnmN4IfgjkA3bTHElPtYcd2U37QQkNTqwMCS7LXeDeZzEqnsOH8chjSg==", "dev": true, "requires": { - "@typescript-eslint/types": "5.13.0", - "@typescript-eslint/visitor-keys": "5.13.0" + "@typescript-eslint/types": "5.15.0", + "@typescript-eslint/visitor-keys": "5.15.0" } }, "@typescript-eslint/type-utils": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.13.0.tgz", - "integrity": "sha512-/nz7qFizaBM1SuqAKb7GLkcNn2buRdDgZraXlkhz+vUGiN1NZ9LzkA595tHHeduAiS2MsHqMNhE2zNzGdw43Yg==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.15.0.tgz", + "integrity": "sha512-KGeDoEQ7gHieLydujGEFLyLofipe9PIzfvA/41urz4hv+xVxPEbmMQonKSynZ0Ks2xDhJQ4VYjB3DnRiywvKDA==", "dev": true, "requires": { - "@typescript-eslint/utils": "5.13.0", + "@typescript-eslint/utils": "5.15.0", "debug": "^4.3.2", "tsutils": "^3.21.0" } }, "@typescript-eslint/types": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.13.0.tgz", - "integrity": "sha512-LmE/KO6DUy0nFY/OoQU0XelnmDt+V8lPQhh8MOVa7Y5k2gGRd6U9Kp3wAjhB4OHg57tUO0nOnwYQhRRyEAyOyg==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.15.0.tgz", + "integrity": "sha512-yEiTN4MDy23vvsIksrShjNwQl2vl6kJeG9YkVJXjXZnkJElzVK8nfPsWKYxcsGWG8GhurYXP4/KGj3aZAxbeOA==", "dev": true }, "@typescript-eslint/typescript-estree": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.13.0.tgz", - "integrity": "sha512-Q9cQow0DeLjnp5DuEDjLZ6JIkwGx3oYZe+BfcNuw/POhtpcxMTy18Icl6BJqTSd+3ftsrfuVb7mNHRZf7xiaNA==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.15.0.tgz", + "integrity": "sha512-Hb0e3dGc35b75xLzixM3cSbG1sSbrTBQDfIScqdyvrfJZVEi4XWAT+UL/HMxEdrJNB8Yk28SKxPLtAhfCbBInA==", "dev": true, "requires": { - "@typescript-eslint/types": "5.13.0", - "@typescript-eslint/visitor-keys": "5.13.0", + "@typescript-eslint/types": "5.15.0", + "@typescript-eslint/visitor-keys": "5.15.0", "debug": "^4.3.2", "globby": "^11.0.4", "is-glob": "^4.0.3", @@ -25786,15 +25833,15 @@ } }, "@typescript-eslint/utils": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.13.0.tgz", - "integrity": "sha512-+9oHlPWYNl6AwwoEt5TQryEHwiKRVjz7Vk6kaBeD3/kwHE5YqTGHtm/JZY8Bo9ITOeKutFaXnBlMgSATMJALUQ==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.15.0.tgz", + "integrity": "sha512-081rWu2IPKOgTOhHUk/QfxuFog8m4wxW43sXNOMSCdh578tGJ1PAaWPsj42LOa7pguh173tNlMigsbrHvh/mtA==", "dev": true, "requires": { "@types/json-schema": "^7.0.9", - "@typescript-eslint/scope-manager": "5.13.0", - "@typescript-eslint/types": "5.13.0", - "@typescript-eslint/typescript-estree": "5.13.0", + "@typescript-eslint/scope-manager": "5.15.0", + "@typescript-eslint/types": "5.15.0", + "@typescript-eslint/typescript-estree": "5.15.0", "eslint-scope": "^5.1.1", "eslint-utils": "^3.0.0" }, @@ -25811,12 +25858,12 @@ } }, "@typescript-eslint/visitor-keys": { - "version": "5.13.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.13.0.tgz", - "integrity": "sha512-HLKEAS/qA1V7d9EzcpLFykTePmOQqOFim8oCvhY3pZgQ8Hi38hYpHd9e5GN6nQBFQNecNhws5wkS9Y5XIO0s/g==", + "version": "5.15.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.15.0.tgz", + "integrity": "sha512-+vX5FKtgvyHbmIJdxMJ2jKm9z2BIlXJiuewI8dsDYMp5LzPUcuTT78Ya5iwvQg3VqSVdmxyM8Anj1Jeq7733ZQ==", "dev": true, "requires": { - "@typescript-eslint/types": "5.13.0", + "@typescript-eslint/types": "5.15.0", "eslint-visitor-keys": "^3.0.0" }, "dependencies": { @@ -26136,6 +26183,14 @@ "string-width": "^4.1.0" } }, + "ansi-colors": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", + "integrity": "sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA==", + "dev": true, + "optional": true, + "peer": true + }, "ansi-escapes": { "version": "4.3.2", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", @@ -26192,7 +26247,7 @@ "version": "3.1.0", "resolved": "https://registry.npmjs.org/arr-union/-/arr-union-3.1.0.tgz", "integrity": "sha1-45sJrqne+Gao8gbiiK9jkZuuOcQ=", - "optional": true + "devOptional": true }, "array-flatten": { "version": "1.1.1", @@ -27887,11 +27942,16 @@ } } }, + "clone": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/clone/-/clone-1.0.4.tgz", + "integrity": "sha1-2jCcwmPfFZlMaIypAheco8fNfH4=" + }, "clone-deep": { "version": "0.2.4", "resolved": "https://registry.npmjs.org/clone-deep/-/clone-deep-0.2.4.tgz", "integrity": "sha1-TnPdCen7lxzDhnDF3O2cGJZIHMY=", - "optional": true, + "devOptional": true, "requires": { "for-own": "^0.1.3", "is-plain-object": "^2.0.1", @@ -27904,13 +27964,13 @@ "version": "1.1.6", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", - "optional": true + "devOptional": true }, "is-plain-object": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz", "integrity": "sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==", - "optional": true, + "devOptional": true, "requires": { "isobject": "^3.0.1" } @@ -27919,7 +27979,7 @@ "version": "3.2.2", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", - "optional": true, + "devOptional": true, "requires": { "is-buffer": "^1.1.5" } @@ -28412,7 +28472,7 @@ "version": "0.10.0", "resolved": "https://registry.npmjs.org/cwd/-/cwd-0.10.0.tgz", "integrity": "sha1-FyQAaUBXwioTsM8WFix+S3p/5Wc=", - "optional": true, + "devOptional": true, "requires": { "find-pkg": "^0.1.2", "fs-exists-sync": "^0.1.0" @@ -28528,6 +28588,14 @@ "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.2.2.tgz", "integrity": "sha512-FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg==" }, + "defaults": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/defaults/-/defaults-1.0.3.tgz", + "integrity": "sha1-xlYFHpgX2f8I7YgUd/P+QBnz730=", + "requires": { + "clone": "^1.0.2" + } + }, "defer-to-connect": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/defer-to-connect/-/defer-to-connect-2.0.1.tgz", @@ -28925,6 +28993,17 @@ "tapable": "^2.2.0" } }, + "enquirer": { + "version": "2.3.6", + "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.3.6.tgz", + "integrity": "sha512-yjNnPr315/FjS4zIsUxYguYUPP2e1NK4d7E7ZOLiyYCcbFBiTMyID+2wvm2w6+pZ/odMA7cRkjhsPbltwBOrLg==", + "dev": true, + "optional": true, + "peer": true, + "requires": { + "ansi-colors": "^4.1.1" + } + }, "ensure-posix-path": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/ensure-posix-path/-/ensure-posix-path-1.1.1.tgz", @@ -29098,12 +29177,12 @@ } }, "eslint": { - "version": "8.10.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.10.0.tgz", - "integrity": "sha512-tcI1D9lfVec+R4LE1mNDnzoJ/f71Kl/9Cv4nG47jOueCMBrCCKYXr4AUVS7go6mWYGFD4+EoN6+eXSrEbRzXVw==", + "version": "8.11.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.11.0.tgz", + "integrity": "sha512-/KRpd9mIRg2raGxHRGwW9ZywYNAClZrHjdueHcrVDuO3a6bj83eoTirCCk0M0yPwOjWYKHwRVRid+xK4F/GHgA==", "dev": true, "requires": { - "@eslint/eslintrc": "^1.2.0", + "@eslint/eslintrc": "^1.2.1", "@humanwhocodes/config-array": "^0.9.2", "ajv": "^6.10.0", "chalk": "^4.0.0", @@ -29696,7 +29775,7 @@ "version": "1.2.2", "resolved": "https://registry.npmjs.org/expand-tilde/-/expand-tilde-1.2.2.tgz", "integrity": "sha1-C4HrqJflo9MdHD0QL48BRB5VlEk=", - "optional": true, + "devOptional": true, "requires": { "os-homedir": "^1.0.1" } @@ -29792,6 +29871,14 @@ "integrity": "sha512-TratTfxxTAFb6ZUAxPIigqhcS0e7ql9XDTorjD+SihV5ua5h6agoKyr45iKM6m5OzTppesh9o/RCuvf5eTiwCw==", "requires": {} }, + "express-slow-down": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/express-slow-down/-/express-slow-down-1.4.0.tgz", + "integrity": "sha512-Tw5aa0plPj2STiuc2SyMw2VSjMvBgLGQHHoPhkIL4iPQcFZDueWBaiLxFZ3SrwrJhiu3b3sHNcsP6lXeWnbwAw==", + "requires": { + "defaults": "^1.0.3" + } + }, "express-timeout-handler": { "version": "2.2.2", "resolved": "https://registry.npmjs.org/express-timeout-handler/-/express-timeout-handler-2.2.2.tgz", @@ -29975,7 +30062,7 @@ "version": "0.1.3", "resolved": "https://registry.npmjs.org/find-file-up/-/find-file-up-0.1.3.tgz", "integrity": "sha1-z2gJG8+fMApA2kEbN9pczlovvqA=", - "optional": true, + "devOptional": true, "requires": { "fs-exists-sync": "^0.1.0", "resolve-dir": "^0.1.0" @@ -29985,7 +30072,7 @@ "version": "0.1.2", "resolved": "https://registry.npmjs.org/find-pkg/-/find-pkg-0.1.2.tgz", "integrity": "sha1-G9wiwG42NlUy4qJIBGhUuXiNpVc=", - "optional": true, + "devOptional": true, "requires": { "find-file-up": "^0.1.2" } @@ -29994,7 +30081,7 @@ "version": "1.4.7", "resolved": "https://registry.npmjs.org/find-process/-/find-process-1.4.7.tgz", "integrity": "sha512-/U4CYp1214Xrp3u3Fqr9yNynUrr5Le4y0SsJh2lMDDSbpwYSz3M2SMWQC+wqcx79cN8PQtHQIL8KnuY9M66fdg==", - "optional": true, + "devOptional": true, "requires": { "chalk": "^4.0.0", "commander": "^5.1.0", @@ -30005,7 +30092,7 @@ "version": "4.1.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "optional": true, + "devOptional": true, "requires": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" @@ -30015,7 +30102,7 @@ "version": "5.1.0", "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz", "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==", - "optional": true + "devOptional": true } } }, @@ -30064,13 +30151,13 @@ "version": "1.0.2", "resolved": "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz", "integrity": "sha1-gQaNKVqBQuwKxybG4iAMMPttXoA=", - "optional": true + "devOptional": true }, "for-own": { "version": "0.1.5", "resolved": "https://registry.npmjs.org/for-own/-/for-own-0.1.5.tgz", "integrity": "sha1-UmXGgaTylNq78XyVCbZ2OqhFEM4=", - "optional": true, + "devOptional": true, "requires": { "for-in": "^1.0.1" } @@ -30156,7 +30243,7 @@ "version": "0.1.0", "resolved": "https://registry.npmjs.org/fs-exists-sync/-/fs-exists-sync-0.1.0.tgz", "integrity": "sha1-mC1ok6+RjnLQjeyehnP/K1qNat0=", - "optional": true + "devOptional": true }, "fs-extra": { "version": "10.0.1", @@ -30297,6 +30384,12 @@ "get-intrinsic": "^1.1.1" } }, + "get-them-args": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/get-them-args/-/get-them-args-1.3.2.tgz", + "integrity": "sha1-dKILqKSr7OWuGZrQPyvMaP38m6U=", + "dev": true + }, "gifwrap": { "version": "0.9.2", "resolved": "https://registry.npmjs.org/gifwrap/-/gifwrap-0.9.2.tgz", @@ -30468,7 +30561,7 @@ "version": "0.2.3", "resolved": "https://registry.npmjs.org/global-modules/-/global-modules-0.2.3.tgz", "integrity": "sha1-6lo77ULG1s6ZWk+KEmm12uIjgo0=", - "optional": true, + "devOptional": true, "requires": { "global-prefix": "^0.1.4", "is-windows": "^0.2.0" @@ -30478,7 +30571,7 @@ "version": "0.1.5", "resolved": "https://registry.npmjs.org/global-prefix/-/global-prefix-0.1.5.tgz", "integrity": "sha1-jTvGuNo8qBEqFg2NSW/wRiv+948=", - "optional": true, + "devOptional": true, "requires": { "homedir-polyfill": "^1.0.0", "ini": "^1.3.4", @@ -30490,7 +30583,7 @@ "version": "1.3.1", "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", - "optional": true, + "devOptional": true, "requires": { "isexe": "^2.0.0" } @@ -30912,7 +31005,7 @@ "version": "1.0.3", "resolved": "https://registry.npmjs.org/homedir-polyfill/-/homedir-polyfill-1.0.3.tgz", "integrity": "sha512-eSmmWE5bZTK2Nou4g0AI3zZ9rswp7GRKoKXS1BLUkvPviOqs4YTN1djQIqrXy9k5gEtdLPy86JjRwsNM9tnDcA==", - "optional": true, + "devOptional": true, "requires": { "parse-passwd": "^1.0.0" } @@ -31513,7 +31606,7 @@ "version": "0.2.0", "resolved": "https://registry.npmjs.org/is-windows/-/is-windows-0.2.0.tgz", "integrity": "sha1-3hqm1j6indJIc3tp8f+LgALSEIw=", - "optional": true + "devOptional": true }, "is-word-character": { "version": "1.0.4", @@ -31551,7 +31644,7 @@ "version": "3.0.1", "resolved": "https://registry.npmjs.org/isobject/-/isobject-3.0.1.tgz", "integrity": "sha1-TkMekrEalzFjaqH5yNHMvP2reN8=", - "optional": true + "devOptional": true }, "istanbul-lib-coverage": { "version": "3.2.0", @@ -31783,7 +31876,7 @@ "version": "5.0.3", "resolved": "https://registry.npmjs.org/jest-dev-server/-/jest-dev-server-5.0.3.tgz", "integrity": "sha512-aJR3a5KdY18Lsz+VbREKwx2HM3iukiui+J9rlv9o6iYTwZCSsJazSTStcD9K1q0AIF3oA+FqLOKDyo/sc7+fJw==", - "optional": true, + "devOptional": true, "requires": { "chalk": "^4.1.1", "cwd": "^0.10.0", @@ -31798,7 +31891,7 @@ "version": "4.1.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "optional": true, + "devOptional": true, "requires": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" @@ -31897,7 +31990,7 @@ "version": "5.0.4", "resolved": "https://registry.npmjs.org/jest-environment-puppeteer/-/jest-environment-puppeteer-5.0.4.tgz", "integrity": "sha512-wd4EDOD4QRi11QZ1IV8WsL1wlnnMUtcqtU0BNm+REzRtg78K2XHn3jS6YxGeXIOnsgrJeHxsD7DlRZ/GkFteLg==", - "optional": true, + "devOptional": true, "requires": { "chalk": "^4.1.1", "cwd": "^0.10.0", @@ -31910,7 +32003,7 @@ "version": "4.1.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "optional": true, + "devOptional": true, "requires": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" @@ -32430,14 +32523,14 @@ } }, "joi": { - "version": "17.4.2", - "resolved": "https://registry.npmjs.org/joi/-/joi-17.4.2.tgz", - "integrity": "sha512-Lm56PP+n0+Z2A2rfRvsfWVDXGEWjXxatPopkQ8qQ5mxCEhwHG+Ettgg5o98FFaxilOxozoa14cFhrE/hOzh/Nw==", + "version": "17.6.0", + "resolved": "https://registry.npmjs.org/joi/-/joi-17.6.0.tgz", + "integrity": "sha512-OX5dG6DTbcr/kbMFj0KGYxuew69HPcAE3K/sZpEV2nP6e/j/C0HV+HNiBPCASxdx5T7DMoa0s8UeHWMnb6n2zw==", "devOptional": true, "requires": { "@hapi/hoek": "^9.0.0", "@hapi/topo": "^5.0.0", - "@sideway/address": "^4.1.0", + "@sideway/address": "^4.1.3", "@sideway/formula": "^3.0.0", "@sideway/pinpoint": "^2.0.0" } @@ -32637,6 +32730,16 @@ "json-buffer": "3.0.1" } }, + "kill-port": { + "version": "1.6.1", + "resolved": "https://registry.npmjs.org/kill-port/-/kill-port-1.6.1.tgz", + "integrity": "sha512-un0Y55cOM7JKGaLnGja28T38tDDop0AQ8N0KlAdyh+B1nmMoX8AnNmqPNZbS3mUMgiST51DCVqmbFT1gNJpVNw==", + "dev": true, + "requires": { + "get-them-args": "1.3.2", + "shell-exec": "1.0.2" + } + }, "kind-of": { "version": "6.0.3", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", @@ -32681,7 +32784,7 @@ "version": "1.0.4", "resolved": "https://registry.npmjs.org/lazy-cache/-/lazy-cache-1.0.4.tgz", "integrity": "sha1-odePw6UEdMuAhF07O24dpJpEbo4=", - "optional": true + "devOptional": true }, "leven": { "version": "3.1.0", @@ -32852,15 +32955,6 @@ "integrity": "sha512-hUewv7oMjCp+wkBv5Rm0v87eJhq4woh5rSR+42YSQJKecCqgIqNkZ6lAlQms/BwHPJA5NKMRlpxPRv0n8HQW6g==", "dev": true }, - "rxjs": { - "version": "7.5.2", - "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-7.5.2.tgz", - "integrity": "sha512-PwDt186XaL3QN5qXj/H9DGyHhP3/RYYgZZwqBv9Tv8rsAaiwFH1IsJJlcgD37J7UW5a6O67qX0KWKS3/pu0m4w==", - "dev": true, - "requires": { - "tslib": "^2.1.0" - } - }, "slice-ansi": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-3.0.0.tgz", @@ -33381,7 +33475,7 @@ "version": "3.0.3", "resolved": "https://registry.npmjs.org/merge-deep/-/merge-deep-3.0.3.tgz", "integrity": "sha512-qtmzAS6t6grwEkNrunqTBdn0qKwFgNWvlxUbAV8es9M7Ot1EbyApytCnvE0jALPa46ZpKDUo527kKiaWplmlFA==", - "optional": true, + "devOptional": true, "requires": { "arr-union": "^3.1.0", "clone-deep": "^0.2.4", @@ -33392,13 +33486,13 @@ "version": "1.1.6", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", - "optional": true + "devOptional": true }, "kind-of": { "version": "3.2.2", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", - "optional": true, + "devOptional": true, "requires": { "is-buffer": "^1.1.5" } @@ -33834,7 +33928,7 @@ "version": "2.0.1", "resolved": "https://registry.npmjs.org/mixin-object/-/mixin-object-2.0.1.tgz", "integrity": "sha1-T7lJRB2rGCVA8f4DW6YOGUel5X4=", - "optional": true, + "devOptional": true, "requires": { "for-in": "^0.1.3", "is-extendable": "^0.1.1" @@ -33844,7 +33938,7 @@ "version": "0.1.8", "resolved": "https://registry.npmjs.org/for-in/-/for-in-0.1.8.tgz", "integrity": "sha1-2Hc5COMSVhCZUrH9ubP6hn0ndeE=", - "optional": true + "devOptional": true } } }, @@ -34681,7 +34775,7 @@ "version": "1.0.2", "resolved": "https://registry.npmjs.org/os-homedir/-/os-homedir-1.0.2.tgz", "integrity": "sha1-/7xJiDNuDoM94MFox+8VISGqf7M=", - "optional": true + "devOptional": true }, "p-cancelable": { "version": "2.1.1", @@ -35512,7 +35606,7 @@ "version": "1.0.0", "resolved": "https://registry.npmjs.org/parse-passwd/-/parse-passwd-1.0.0.tgz", "integrity": "sha1-bVuTSkVpk7I9N/QKOC1vFmao5cY=", - "optional": true + "devOptional": true }, "parse5": { "version": "6.0.1", @@ -37064,7 +37158,7 @@ "version": "0.1.1", "resolved": "https://registry.npmjs.org/resolve-dir/-/resolve-dir-0.1.1.tgz", "integrity": "sha1-shklmlYC+sXFxJatiUpujMQwJh4=", - "optional": true, + "devOptional": true, "requires": { "expand-tilde": "^1.2.2", "global-modules": "^0.2.3" @@ -37165,20 +37259,12 @@ } }, "rxjs": { - "version": "6.6.7", - "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.6.7.tgz", - "integrity": "sha512-hTdwr+7yYNIT5n4AMYp85KA6yw2Va0FLa3Rguvbpa4W3I5xynaBZo41cM3XM+4Q6fRMj3sBYIR1VAmZMXYJvRQ==", - "optional": true, + "version": "7.5.5", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-7.5.5.tgz", + "integrity": "sha512-sy+H0pQofO95VDmFLzyaw9xNJU4KTRSwQIGM6+iG3SypAtCiLDzpeG8sJrNCWn2Up9km+KhkvTdbkrdy+yzZdw==", + "dev": true, "requires": { - "tslib": "^1.9.0" - }, - "dependencies": { - "tslib": { - "version": "1.14.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", - "integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg==", - "optional": true - } + "tslib": "^2.1.0" } }, "sade": { @@ -37461,7 +37547,7 @@ "version": "0.1.2", "resolved": "https://registry.npmjs.org/shallow-clone/-/shallow-clone-0.1.2.tgz", "integrity": "sha1-WQnodLp3EG1zrEFM/sH/yofZcGA=", - "optional": true, + "devOptional": true, "requires": { "is-extendable": "^0.1.1", "kind-of": "^2.0.1", @@ -37473,13 +37559,13 @@ "version": "1.1.6", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", - "optional": true + "devOptional": true }, "kind-of": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-2.0.1.tgz", "integrity": "sha1-AY7HpM5+OobLkUG+UZ0kyPqpgbU=", - "optional": true, + "devOptional": true, "requires": { "is-buffer": "^1.0.2" } @@ -37488,7 +37574,7 @@ "version": "0.2.7", "resolved": "https://registry.npmjs.org/lazy-cache/-/lazy-cache-0.2.7.tgz", "integrity": "sha1-f+3fLctu23fRHvHRF6tf/fCrG2U=", - "optional": true + "devOptional": true } } }, @@ -37512,6 +37598,12 @@ "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", "dev": true }, + "shell-exec": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/shell-exec/-/shell-exec-1.0.2.tgz", + "integrity": "sha512-jyVd+kU2X+mWKMmGhx4fpWbPsjvD53k9ivqetutVW/BQ+WIZoDoP4d8vUMGezV6saZsiNoW2f9GIhg9Dondohg==", + "dev": true + }, "shell-quote": { "version": "1.7.2", "resolved": "https://registry.npmjs.org/shell-quote/-/shell-quote-1.7.2.tgz", @@ -37545,9 +37637,9 @@ } }, "signal-exit": { - "version": "3.0.5", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.5.tgz", - "integrity": "sha512-KWcOiKeQj6ZyXx7zq4YxSMgHRlod4czeBQZrPb8OKcohcqAXShm7E20kEMle9WBt26hFcAf0qLOcp5zmY7kOqQ==", + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", "devOptional": true }, "sisteransi": { @@ -37633,7 +37725,7 @@ "version": "5.0.0", "resolved": "https://registry.npmjs.org/spawnd/-/spawnd-5.0.0.tgz", "integrity": "sha512-28+AJr82moMVWolQvlAIv3JcYDkjkFTEmfDc503wxrF5l2rQ3dFz6DpbXp3kD4zmgGGldfM4xM4v1sFj/ZaIOA==", - "optional": true, + "devOptional": true, "requires": { "exit": "^0.1.2", "signal-exit": "^3.0.3", @@ -37740,21 +37832,6 @@ "wait-on": "6.0.0" }, "dependencies": { - "rxjs": { - "version": "7.4.0", - "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-7.4.0.tgz", - "integrity": "sha512-7SQDi7xeTMCJpqViXh8gL/lebcwlp3d831F05+9B44A4B0WfsEwUQHR64gsH1kvJ+Ep/J9K2+n1hVl1CsGN23w==", - "dev": true, - "requires": { - "tslib": "~2.1.0" - } - }, - "tslib": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.1.0.tgz", - "integrity": "sha512-hcVC3wYEziELGGmEEXue7D75zbwIIVUMWAVbHItGPx0ziyXxrOMQx4rQEVEV45Ut/1IotuEvwqPopzIOkDMf0A==", - "dev": true - }, "wait-on": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/wait-on/-/wait-on-6.0.0.tgz", @@ -38488,7 +38565,7 @@ "version": "1.2.2", "resolved": "https://registry.npmjs.org/tree-kill/-/tree-kill-1.2.2.tgz", "integrity": "sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A==", - "optional": true + "devOptional": true }, "trim-newlines": { "version": "4.0.2", @@ -39141,20 +39218,37 @@ "version": "5.3.0", "resolved": "https://registry.npmjs.org/wait-on/-/wait-on-5.3.0.tgz", "integrity": "sha512-DwrHrnTK+/0QFaB9a8Ol5Lna3k7WvUR4jzSKmz0YaPBpuN2sACyiPVKVfj6ejnjcajAcvn3wlbTyMIn9AZouOg==", - "optional": true, + "devOptional": true, "requires": { "axios": "^0.21.1", "joi": "^17.3.0", "lodash": "^4.17.21", "minimist": "^1.2.5", "rxjs": "^6.6.3" + }, + "dependencies": { + "rxjs": { + "version": "6.6.7", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.6.7.tgz", + "integrity": "sha512-hTdwr+7yYNIT5n4AMYp85KA6yw2Va0FLa3Rguvbpa4W3I5xynaBZo41cM3XM+4Q6fRMj3sBYIR1VAmZMXYJvRQ==", + "devOptional": true, + "requires": { + "tslib": "^1.9.0" + } + }, + "tslib": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz", + "integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg==", + "devOptional": true + } } }, "wait-port": { "version": "0.2.9", "resolved": "https://registry.npmjs.org/wait-port/-/wait-port-0.2.9.tgz", "integrity": "sha512-hQ/cVKsNqGZ/UbZB/oakOGFqic00YAMM5/PEj3Bt4vKarv2jWIWzDbqlwT94qMs/exAQAsvMOq99sZblV92zxQ==", - "optional": true, + "devOptional": true, "requires": { "chalk": "^2.4.2", "commander": "^3.0.2", @@ -39165,7 +39259,7 @@ "version": "3.2.1", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "optional": true, + "devOptional": true, "requires": { "color-convert": "^1.9.0" } @@ -39174,7 +39268,7 @@ "version": "2.4.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "optional": true, + "devOptional": true, "requires": { "ansi-styles": "^3.2.1", "escape-string-regexp": "^1.0.5", @@ -39185,7 +39279,7 @@ "version": "1.9.3", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "optional": true, + "devOptional": true, "requires": { "color-name": "1.1.3" } @@ -39194,31 +39288,31 @@ "version": "1.1.3", "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", - "optional": true + "devOptional": true }, "commander": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.2.tgz", "integrity": "sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow==", - "optional": true + "devOptional": true }, "escape-string-regexp": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", - "optional": true + "devOptional": true }, "has-flag": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", - "optional": true + "devOptional": true }, "supports-color": { "version": "5.5.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "optional": true, + "devOptional": true, "requires": { "has-flag": "^3.0.0" } diff --git a/package.json b/package.json index d031eef864..8a2cc8f526 100644 --- a/package.json +++ b/package.json @@ -11,9 +11,9 @@ "dependencies": { "@github/failbot": "0.8.0", "@primer/css": "^19.4.0", + "@primer/react": "^34.7.1", "@primer/octicons": "17.0.0", "@primer/octicons-react": "17.0.0", - "@primer/react": "^34.6.0", "@react-aria/ssr": "^3.1.0", "accept-language-parser": "^1.5.0", "ajv": "^8.9.0", @@ -29,6 +29,7 @@ "dotenv": "^10.0.0", "express": "^4.17.2", "express-rate-limit": "^6.0.4", + "express-slow-down": "^1.4.0", "express-timeout-handler": "^2.2.2", "flat": "^5.0.2", "github-slugger": "^1.4.0", @@ -112,8 +113,8 @@ "@types/react-dom": "^17.0.11", "@types/react-syntax-highlighter": "^13.5.2", "@types/uuid": "^8.3.4", - "@typescript-eslint/eslint-plugin": "5.13.0", - "@typescript-eslint/parser": "5.13.0", + "@typescript-eslint/eslint-plugin": "5.15.0", + "@typescript-eslint/parser": "5.15.0", "async": "^3.2.3", "babel-loader": "^8.2.3", "babel-plugin-styled-components": "^2.0.2", @@ -125,7 +126,7 @@ "csp-parse": "0.0.2", "dedent": "^0.7.0", "domwaiter": "^1.3.0", - "eslint": "8.10.0", + "eslint": "8.11.0", "eslint-config-prettier": "^8.3.0", "eslint-config-standard": "^16.0.3", "eslint-plugin-import": "^2.25.4", @@ -141,9 +142,11 @@ "japanese-characters": "^1.1.0", "javascript-stringify": "^2.1.0", "jest": "^27.4.7", + "jest-environment-puppeteer": "5.0.4", "jest-fail-on-console": "^2.2.3", "jest-github-actions-reporter": "^1.0.3", "jest-slow-test-reporter": "^1.0.0", + "kill-port": "1.6.1", "linkinator": "^3.0.3", "lint-staged": "^12.3.3", "make-promises-safe": "^5.1.0", @@ -185,9 +188,7 @@ "private": true, "repository": "https://github.com/github/docs", "scripts": { - "browser-test": "start-server-and-test browser-test-server 4001 browser-test-tests", - "browser-test-server": "cross-env NODE_ENV=production PORT=4001 ENABLED_LANGUAGES=en,ja node server.mjs", - "browser-test-tests": "cross-env BROWSER=1 NODE_OPTIONS=--experimental-vm-modules jest tests/browser/browser.js", + "browser-test": "cross-env BROWSER=1 NODE_OPTIONS=--experimental-vm-modules jest tests/browser/browser.js", "build": "next build", "debug": "cross-env NODE_ENV=development ENABLED_LANGUAGES='en,ja' nodemon --inspect server.mjs", "dev": "npm start", @@ -195,7 +196,6 @@ "lint-translation": "cross-env NODE_OPTIONS=--experimental-vm-modules TEST_TRANSLATION=true jest tests/linting/lint-files.js", "pa11y-ci": "pa11y-ci", "pa11y-test": "start-server-and-test browser-test-server 4001 pa11y-ci", - "prebrowser-test": "npm run build", "prepare": "husky install", "prettier": "prettier -w \"**/*.{ts,tsx,js,mjs,scss,yml,yaml}\"", "prettier-check": "prettier -c \"**/*.{ts,tsx,js,mjs,scss,yml,yaml}\"", diff --git a/pages/_app.tsx b/pages/_app.tsx index 2c5e47499a..5b5fd697b8 100644 --- a/pages/_app.tsx +++ b/pages/_app.tsx @@ -2,7 +2,7 @@ import React, { useEffect } from 'react' import App from 'next/app' import type { AppProps, AppContext } from 'next/app' import Head from 'next/head' -import { useTheme, ThemeProvider } from '@primer/react' +import { ThemeProvider, ThemeProviderProps } from '@primer/react' import { SSRProvider } from '@react-aria/ssr' import { defaultComponentThemeProps, getThemeProps } from 'components/lib/getThemeProps' @@ -14,7 +14,7 @@ import { LanguagesContext, LanguagesContextT } from 'components/context/Language type MyAppProps = AppProps & { csrfToken: string - themeProps: typeof defaultComponentThemeProps + themeProps: typeof defaultComponentThemeProps & Pick languagesContext: LanguagesContextT } const MyApp = ({ Component, pageProps, csrfToken, themeProps, languagesContext }: MyAppProps) => { @@ -51,9 +51,13 @@ const MyApp = ({ Component, pageProps, csrfToken, themeProps, languagesContext } - + - @@ -76,15 +80,4 @@ MyApp.getInitialProps = async (appContext: AppContext) => { } } -const SetTheme = ({ themeProps }: { themeProps: typeof defaultComponentThemeProps }) => { - // Cause primer/components to re-evaluate the 'auto' color mode on client side render - const { setColorMode } = useTheme() - useEffect(() => { - setTimeout(() => { - setColorMode(themeProps.colorMode as any) - }) - }, []) - return null -} - export default MyApp diff --git a/script/kill-server-for-jest.mjs b/script/kill-server-for-jest.mjs new file mode 100755 index 0000000000..6795d8fde4 --- /dev/null +++ b/script/kill-server-for-jest.mjs @@ -0,0 +1,24 @@ +#!/usr/bin/env node + +import teardownJestPuppeteer from 'jest-environment-puppeteer/teardown.js' + +import { START_JEST_SERVER, isServerHealthy, killServer } from './server-for-jest.mjs' + +export default async () => { + if (START_JEST_SERVER) { + global.__SERVER__.close() + + if (await isServerHealthy()) { + killServer() + } + } + + // The way jest-puppeteer works is that you add a preset in + // `jest.config.js` but that preset will clash with the execution + // of this script. So we have to manually do what we do normally + // do in `jest.config.js` + // Note, we can delete this when we migrate to Playwright. + if (process.env.BROWSER) { + await teardownJestPuppeteer() + } +} diff --git a/script/move-content.mjs b/script/move-content.mjs new file mode 100755 index 0000000000..ca943493a6 --- /dev/null +++ b/script/move-content.mjs @@ -0,0 +1,568 @@ +#!/usr/bin/env node + +// [start-readme] +// +// Helps you move (a.k.a. rename) a file or a folder and does what's +// needed with frontmatter redrect_from and equivalent in translations. +// +// [end-readme] + +import fs from 'fs' +import path from 'path' +import { execSync } from 'child_process' + +import program from 'commander' +import chalk from 'chalk' +import walk from 'walk-sync' +import yaml from 'js-yaml' + +import fm from '../lib/frontmatter.js' +import readFrontmatter from '../lib/read-frontmatter.js' + +const CONTENT_ROOT = path.resolve('content') +const DATA_ROOT = path.resolve('data') + +const REDIRECT_FROM_KEY = 'redirect_from' +const CHILDREN_KEY = 'children' +const CHILDGROUPS_KEY = 'childGroups' + +program + .description('Helps you move (rename) files or folders') + .option('-v, --verbose', 'Verbose outputs') + .option( + '--no-git', + "DON'T use 'git mv' and 'git commit' to move the file. Just regular file moves." + ) + .option('--undo', 'Reverse of moving. I.e. moving it back. Only applies to the last run.') + .arguments('old', 'old file or folder name') + .arguments('new', 'new file or folder name') + .parse(process.argv) + +main(program.opts(), program.args) + +async function main(opts, nameTuple) { + const { verbose, undo } = opts + if (nameTuple.length !== 2) { + console.error( + chalk.red(`Must be exactly 2 file paths as arguments. Not ${nameTuple.length} arguments.`) + ) + process.exit(1) + } + const [old, new_] = nameTuple + if (old === new_) { + throw new Error('old == new') + } + + const uppercases = new_.match(/[A-Z]+/g) || [] + if (uppercases.length > 0) { + throw new Error(`Uppercase in file name not allowed ('${uppercases}')`) + } + + let oldPath = old + let newPath = new_ + if (undo) { + oldPath = new_ + newPath = old + } else { + oldPath = old + newPath = new_ + } + + // The file you're about to move needs to exist + if (!fs.existsSync(oldPath)) { + console.error(chalk.red(`${oldPath} does not exist.`)) + process.exit(1) + } + + let isFolder = fs.lstatSync(oldPath).isDirectory() + + // Before validating, see if we need to fake that the newPath should be. + // This is to mimic how bash `mv` works where you can do: + // + // mv some/place/a/file.txt destin/ation/ + // + // which is implied to mean the same as; + // + // mv some/place/a/file.txt destin/ation/file.txt + // + if (undo) { + if (isFolder) { + const wouldBe = path.join(oldPath, path.basename(newPath)) + // We can't know if the `newPath` is a directory or file because + // whichever it is, it doesn't exist. + if (fs.existsSync(wouldBe) && !fs.lstatSync(wouldBe).isDirectory()) { + isFolder = false + oldPath = wouldBe + } + } + } else { + if (!isFolder) { + if (fs.existsSync(newPath) && fs.lstatSync(newPath).isDirectory()) { + newPath = path.join(newPath, path.basename(oldPath)) + } + } + } + + // This will exit non-zero if anything is wrong with these inputs + validateFileInputs(oldPath, newPath, isFolder) + + if (isFolder) { + // The folder must have an index.md file + const indexFilePath = path.join(oldPath, 'index.md') + if (!fs.existsSync(indexFilePath)) { + throw new Error(`${oldPath} does not have an index.md file`) + } + // Gather individual files by walking `oldPath` recursively + // The second argument is + const files = findFilesInFolder(oldPath, newPath, opts) + + // First take care of the `git mv` (or regular rename) part. + if (undo) { + undoFolder(oldPath, newPath, files, opts) + } else { + moveFolder(oldPath, newPath, files, opts) + } + + addToChildren(newPath, removeFromChildren(oldPath, opts), opts) + + if (undo) { + undoFiles(files, false, opts) + } else { + editFiles(files, false, opts) + } + } else { + // When it's just an individual file, it's easier. + const oldHref = makeHref(CONTENT_ROOT, undo ? newPath : oldPath) + const newHref = makeHref(CONTENT_ROOT, undo ? oldPath : newPath) + const files = [[oldPath, newPath, oldHref, newHref]] + + // First take care of the `git mv` (or regular rename) part. + moveFiles(files, opts) + + if (undo) { + undoFiles(files, true, opts) + } else { + editFiles(files, true, opts) + } + } + + if (!undo) { + if (verbose) { + console.log( + chalk.yellow( + 'To undo (reverse) what you just did, run the same exact command but with --undo added to the end' + ) + ) + } + } + + const redirectsCachingFile = 'lib/redirects/.redirects-cache.json' + if (fs.existsSync(redirectsCachingFile)) { + fs.unlinkSync(redirectsCachingFile) + if (verbose) { + console.log( + chalk.yellow( + `Deleted the redirects caching file ${redirectsCachingFile} to stale cache in local server testing.` + ) + ) + } + } +} + +function validateFileInputs(oldPath, newPath, isFolder) { + if (isFolder) { + // Make sure that only the last portion of the path is different + // and that all preceeding are equal. + const [oldBase, oldName] = splitDirectory(oldPath) + const [newBase] = splitDirectory(newPath) + if (oldBase !== newBase && !existsAndIsDirectory(newBase)) { + console.error( + chalk.red( + `When moving a directory, both bases need to be the same. '${oldBase}' != '${newBase}'` + ) + ) + console.warn(chalk.yellow(`Only the name (e.g. '${oldName}') can be different.`)) + process.exit(1) + } + } + + if (!path.resolve(newPath).startsWith(CONTENT_ROOT)) { + const relativeRoot = path.relative('.', CONTENT_ROOT) + console.error(chalk.red(`New path does not start with '${relativeRoot}'`)) + process.exit(1) + } + + if (!fs.existsSync(oldPath)) { + console.error(chalk.red(`${oldPath} does not resolve to an existing file or a folder`)) + process.exit(1) + } + if (path.basename(oldPath) === 'index.md') { + console.error( + chalk.red(`File path can't be 'index.md'. Refer to it by its foldername instead.`) + ) + process.exit(1) + } + if (path.basename(newPath) === 'index.md') { + console.error( + chalk.red(`File path can't be 'index.md'. Refer to it by its foldername instead.`) + ) + process.exit(1) + } + + if (fs.existsSync(newPath)) { + console.error(chalk.red(`Can't move to a ${isFolder ? 'folder' : 'file'} that already exists.`)) + process.exit(1) + } + + if (/\s/.test(newPath)) { + throw new Error(`New path (${newPath}) can't contain whitespace`) + } +} + +function existsAndIsDirectory(directory) { + return fs.existsSync(directory) && fs.lstatSync(directory).isDirectory() +} + +function splitDirectory(directory) { + return [path.dirname(directory), path.basename(directory)] +} + +function findFilesInFolder(oldPath, newPath, opts) { + const { undo, verbose } = opts + const files = [] + const allFiles = walk(oldPath, { includeBasePath: true, directories: false }) + for (const filePath of allFiles) { + const newFilePath = filePath.replace(oldPath, newPath) + const oldHref = makeHref(CONTENT_ROOT, undo ? newFilePath : filePath) + const newHref = makeHref(CONTENT_ROOT, undo ? filePath : newFilePath) + files.push([filePath, newFilePath, oldHref, newHref]) + } + if (verbose) { + console.log(chalk.yellow(`Found ${files.length} files within ${oldPath}`)) + } + return files +} + +function makeHref(root, filePath) { + const nameSplit = path.relative(root, filePath).split(path.sep) + if (nameSplit.slice(-1)[0] === 'index.md') { + nameSplit.pop() + } else { + nameSplit.push(nameSplit.pop().replace(/\.md$/, '')) + } + return '/' + nameSplit.join('/') +} + +function moveFolder(oldPath, newPath, files, opts) { + const { verbose, git: useGit } = opts + if (useGit) { + let cmd = `git mv ${oldPath} ${newPath}` + if (verbose) { + console.log(`git mv command: ${chalk.grey(cmd)}`) + } + execSync(cmd) + + cmd = `git commit -a -m "renamed ${files.length} files"` + if (verbose) { + console.log(`git commit command: ${chalk.grey(cmd)}`) + } + execSync(cmd) + } else { + fs.renameSync(oldPath, newPath) + if (verbose) { + console.log(`Renamed folder ${chalk.bold(oldPath)} to ${chalk.bold(newPath)}`) + } + } +} + +function undoFolder(oldPath, newPath, files, opts) { + const { verbose, git: useGit } = opts + + if (useGit) { + let cmd = `git mv ${oldPath} ${newPath}` + execSync(cmd) + if (verbose) { + console.log(`git mv command: ${chalk.grey(cmd)}`) + } + + cmd = `git commit -a -m "renamed ${files.length} files"` + execSync(cmd) + if (verbose) { + console.log(`git commit command: ${chalk.grey(cmd)}`) + } + } else { + fs.renameSync(oldPath, newPath) + if (verbose) { + console.log(`Renamed folder ${chalk.bold(oldPath)} to ${chalk.bold(newPath)}`) + } + } +} + +function getBasename(fileOrDirectory) { + // Note, can't use fs.lstatSync().isDirectory() because it's just a string + // at this point. It might not exist. + + if (fileOrDirectory.endsWith('index.md')) { + return path.basename(path.directory(fileOrDirectory)) + } + if (fileOrDirectory.endsWith('.md')) { + return path.basename(fileOrDirectory).replace(/\.md$/, '') + } + return path.basename(fileOrDirectory) +} + +function removeFromChildren(oldPath, opts) { + const { verbose } = opts + + const parentFilePath = path.join(path.dirname(oldPath), 'index.md') + const fileContent = fs.readFileSync(parentFilePath, 'utf-8') + const { content, data } = readFrontmatter(fileContent) + const oldName = getBasename(oldPath) + + let childrenPosition = -1 + if (CHILDREN_KEY in data) { + data[CHILDREN_KEY] = data[CHILDREN_KEY].filter((entry, i) => { + if (entry === oldName || entry === `/${oldName}`) { + childrenPosition = i + return false + } + return true + }) + if (data[CHILDREN_KEY].length === 0) { + delete data[CHILDREN_KEY] + } + } + + const childGroupPositions = [] + + ;(data[CHILDGROUPS_KEY] || []).forEach((group, i) => { + if (group.children) { + group.children = group.children.filter((entry, j) => { + if (entry === oldName || entry === `/${oldName}`) { + childGroupPositions.push([i, j]) + return false + } + return true + }) + } + }) + + fs.writeFileSync( + parentFilePath, + readFrontmatter.stringify(content, data, { lineWidth: 10000 }), + 'utf-8' + ) + if (verbose) { + console.log(`Removed 'children' (${oldName}) key in ${parentFilePath}`) + } + + return { childrenPosition, childGroupPositions } +} + +function addToChildren(newPath, positions, opts) { + const { verbose } = opts + const parentFilePath = path.join(path.dirname(newPath), 'index.md') + const fileContent = fs.readFileSync(parentFilePath, 'utf-8') + const { content, data } = readFrontmatter(fileContent) + const newName = getBasename(newPath) + + const { childrenPosition, childGroupPositions } = positions + if (childrenPosition > -1) { + const children = data[CHILDREN_KEY] || [] + let prefix = '' + if (children.every((entry) => entry.startsWith('/'))) { + prefix += '/' + } + if (childrenPosition > -1 && childrenPosition < children.length) { + children.splice(childrenPosition, 0, prefix + newName) + } else { + children.push(prefix + newName) + } + data[CHILDREN_KEY] = children + } + + if (CHILDGROUPS_KEY in data) { + for (const [groupIndex, childrenPosition] of childGroupPositions) { + if (groupIndex < data[CHILDGROUPS_KEY].length) { + const group = data[CHILDGROUPS_KEY][groupIndex] + if (childrenPosition < group.children.length) { + group.children.splice(childrenPosition, 0, newName) + } else { + group.children.push(newName) + } + } + } + } + + fs.writeFileSync( + parentFilePath, + readFrontmatter.stringify(content, data, { lineWidth: 10000 }), + 'utf-8' + ) + if (verbose) { + console.log(`Added 'children' (${newName}) key in ${parentFilePath}`) + } +} + +function moveFiles(files, opts) { + const { verbose, git: useGit } = opts + // Before we do anything, assert that the files are valid + for (const [oldPath] of files) { + const fileContent = fs.readFileSync(oldPath, 'utf-8') + const { errors } = fm(fileContent, { filepath: oldPath }) + errors.forEach((error, i) => { + if (!i) console.warn(chalk.yellow(`Error parsing file (${oldPath}) frontmatter:`)) + console.error(`${chalk.red(error.message)}: ${chalk.yellow(error.reason)}`) + }) + if (errors.length > 0) throw new Error('There were more than 0 parse errors') + } + + // In the first loop, we exclusively perform the rename. No file edits! + // The reason is that we don't want lump renaming and edits in the same + // git commit. + // By having a dedicated git commit that purely renames (without changing + // any content) is best practice to avoid complex 3-way diffs that + // `git merge` does when you later have to merge in the latest `main` + // into your ongoing renaming branch. + for (const [oldPath, newPath] of files) { + if (verbose) { + console.log(`Moving ${chalk.bold(oldPath)} to ${chalk.bold(newPath)}`) + } + + if (useGit) { + const cmd = `git mv ${oldPath} ${newPath}` + execSync(cmd) + if (verbose) { + console.log(`git mv command: ${chalk.grey(cmd)}`) + } + } else { + fs.renameSync(oldPath, newPath) + if (verbose) { + console.log(`Renamed ${chalk.bold(oldPath)} to ${chalk.bold(newPath)}`) + } + } + } + + if (useGit) { + const cmd = `git commit -a -m "renamed ${files.length} files"` + execSync(cmd) + if (verbose) { + console.log(`git commit command: ${chalk.grey(cmd)}`) + } + } +} + +function editFiles(files, updateParent, opts) { + const { verbose, git: useGit } = opts + + // Second loop. This time our only job is to edit the `redirects_from` + // frontmatter key. + // See comment in the first loop above for why we're looping over the files + // two times. + for (const [oldPath, newPath, oldHref, newHref] of files) { + const fileContent = fs.readFileSync(newPath, 'utf-8') + const { content, data } = readFrontmatter(fileContent) + if (!(REDIRECT_FROM_KEY in data)) { + data[REDIRECT_FROM_KEY] = [] + } + data[REDIRECT_FROM_KEY].push(oldHref) + fs.writeFileSync( + newPath, + readFrontmatter.stringify(content, data, { lineWidth: 10000 }), + 'utf-8' + ) + if (verbose) { + console.log(`Added ${oldHref} to 'redirects_from' in ${newPath}`) + } + + if (updateParent) { + addToChildren(newPath, removeFromChildren(oldPath, opts), opts) + } + + // Perhaps this was mentioned in a 'guide' in a learning track + for (const filePath of findInLearningTracks(oldHref)) { + changeLearningTracks(filePath, oldHref, newHref) + if (verbose) { + console.log(`Updated learning tracks in ${filePath}`) + } + } + } + + if (useGit) { + const cmd = `git commit -a -m "set ${REDIRECT_FROM_KEY} on ${files.length} files"` + execSync(cmd) + if (verbose) { + console.log(`git commit command: ${chalk.grey(cmd)}`) + } + } +} + +function undoFiles(files, updateParent, opts) { + const { verbose, git: useGit } = opts + + // First undo any edits to the file + for (const [oldPath, newPath, oldHref, newHref] of files) { + const fileContent = fs.readFileSync(newPath, 'utf-8') + const { content, data } = readFrontmatter(fileContent) + + data[REDIRECT_FROM_KEY] = (data[REDIRECT_FROM_KEY] || []).filter((entry) => entry !== oldHref) + if (data[REDIRECT_FROM_KEY].length === 0) { + delete data[REDIRECT_FROM_KEY] + } + + fs.writeFileSync( + newPath, + readFrontmatter.stringify(content, data, { lineWidth: 10000 }), + 'utf-8' + ) + if (updateParent) { + addToChildren(newPath, removeFromChildren(oldPath, opts), opts) + } + + // Perhaps this was mentioned in a 'guide' in a learning track + for (const filePath of findInLearningTracks(newHref)) { + changeLearningTracks(filePath, newHref, oldHref) + if (verbose) { + console.log(`Updated learning tracks in ${filePath}`) + } + } + } + if (useGit) { + const cmd = `git commit -a -m "unset ${REDIRECT_FROM_KEY} on ${files.length} files"` + execSync(cmd) + if (verbose) { + console.log(`git commit command: ${chalk.grey(cmd)}`) + } + } +} + +function findInLearningTracks(href) { + const allFiles = walk(path.join(DATA_ROOT, 'learning-tracks'), { + globs: ['*.yml'], + includeBasePath: true, + directories: false, + }) + const found = [] + for (const filePath of allFiles) { + const tracks = yaml.load(fs.readFileSync(filePath, 'utf-8')) + + if ( + Object.values(tracks).find((track) => { + const guides = track.guides || [] + return guides.includes(href) + }) + ) { + found.push(filePath) + } + } + return found +} + +function changeLearningTracks(filePath, oldHref, newHref) { + // Can't deserialize and serialize the Yaml because it would lose + // formatting and comments. So regex replace it. + const regex = new RegExp(`- ${oldHref}$`, 'gm') + const oldContent = fs.readFileSync(filePath, 'utf-8') + const newContent = oldContent.replace(regex, `- ${newHref}`) + fs.writeFileSync(filePath, newContent, 'utf-8') +} diff --git a/script/rest/update-files.js b/script/rest/update-files.js index 2833791bbe..1a819e46b5 100755 --- a/script/rest/update-files.js +++ b/script/rest/update-files.js @@ -140,10 +140,15 @@ async function updateRedirectOverrides() { const redirects = {} console.log('\n➡️ Updating REST API redirect exception list.\n') - for (const value of Object.values(overrides)) { + for (const [key, value] of Object.entries(overrides)) { const oldUrl = value.originalUrl const anchor = oldUrl.replace('/rest/reference', '').split('#')[1] - redirects[oldUrl] = `/rest/reference/${value.category}#${anchor}` + if (key.includes('#')) { + // We are updating a subcategory into a category + redirects[oldUrl] = `/rest/reference/${value.category}` + } else { + redirects[oldUrl] = `/rest/reference/${value.category}#${anchor}` + } } await writeFile( 'lib/redirects/static/client-side-rest-api-redirects.json', diff --git a/script/rest/utils/rest-api-overrides.json b/script/rest/utils/rest-api-overrides.json index b94d33c108..13e312dceb 100644 --- a/script/rest/utils/rest-api-overrides.json +++ b/script/rest/utils/rest-api-overrides.json @@ -130,25 +130,55 @@ "originalUrl": "/rest/reference/repos#delete-a-repository-invitation" }, "repos/list-deploy-keys": { - "category": "deployments", - "subcategory": "keys", + "category": "deploy_keys", + "subcategory": "deploy_keys", "originalUrl": "/rest/reference/repos#list-deploy-keys" }, "repos/create-deploy-key": { - "category": "deployments", - "subcategory": "keys", + "category": "deploy_keys", + "subcategory": "deploy_keys", "originalUrl": "/rest/reference/repos#create-a-deploy-key" }, "repos/get-deploy-key": { - "category": "deployments", - "subcategory": "keys", + "category": "deploy_keys", + "subcategory": "deploy_keys", "originalUrl": "/rest/reference/repos#get-a-deploy-key" }, "repos/delete-deploy-key": { - "category": "deployments", - "subcategory": "keys", + "category": "deploy_keys", + "subcategory": "deploy_keys", "originalUrl": "/rest/reference/repos#delete-a-deploy-key" }, + "repos#deploy-keys": { + "category": "deploy_keys", + "subcategory": "deploy_keys", + "originalUrl": "/rest/reference/repos#deploy-keys" + }, + "deployments/list-deploy-keys": { + "category": "deploy_keys", + "subcategory": "deploy_keys", + "originalUrl": "/rest/reference/deployments#list-deploy-keys" + }, + "deployments/create-deploy-key": { + "category": "deploy_keys", + "subcategory": "deploy_keys", + "originalUrl": "/rest/reference/deployments#create-a-deploy-key" + }, + "deployments/get-deploy-key": { + "category": "deploy_keys", + "subcategory": "deploy_keys", + "originalUrl": "/rest/reference/deployments#get-a-deploy-key" + }, + "deployments/delete-deploy-key": { + "category": "deploy_keys", + "subcategory": "deploy_keys", + "originalUrl": "/rest/reference/deployments#delete-a-deploy-key" + }, + "deployments#deploy-keys": { + "category": "deploy_keys", + "subcategory": "deploy_keys", + "originalUrl": "/rest/reference/deployments#deploy-keys" + }, "repos/get-pages": { "category": "pages", "subcategory": null, diff --git a/script/server-for-jest.mjs b/script/server-for-jest.mjs new file mode 100644 index 0000000000..73d28d86bb --- /dev/null +++ b/script/server-for-jest.mjs @@ -0,0 +1,35 @@ +import kill from 'kill-port' +import portUsed from 'port-used' +import got, { RequestError } from 'got' + +export const PORT = 4000 + +// By default it's on +export const START_JEST_SERVER = Boolean(JSON.parse(process.env.START_JEST_SERVER || 1)) + +export async function isServerHealthy() { + try { + const res = await got.head(`http://localhost:${PORT}/healthz`, { retry: { limit: 0 } }) + return res.statusCode === 200 + } catch (err) { + // This exception is thrown if you can't even connect. + if (err instanceof RequestError) { + return false + } + throw err + } +} + +export function killServer() { + kill(PORT, 'tcp') + .then(() => { + console.log(`Killed what was on :${PORT}`) + }) + .catch((error) => { + console.log(`Unable to kill whatever was on :${PORT}:`, error) + }) +} + +export async function isPortRunning() { + return await portUsed.check(PORT) +} diff --git a/script/start-server-for-jest.mjs b/script/start-server-for-jest.mjs new file mode 100755 index 0000000000..9f665af7ef --- /dev/null +++ b/script/start-server-for-jest.mjs @@ -0,0 +1,42 @@ +#!/usr/bin/env node + +import setupJestPuppeteer from 'jest-environment-puppeteer/setup.js' + +import { main } from '../start-server.mjs' + +import { PORT, START_JEST_SERVER, isServerHealthy, isPortRunning } from './server-for-jest.mjs' + +export default async () => { + if (START_JEST_SERVER) { + console.log(`Starting a server for jest on port :${PORT}.`) + + process.env.NODE_ENV = 'test' + // Has to be this because that's what the end-to-end tests expect + process.env.PORT = `${PORT}` + + if (await isPortRunning()) { + console.error(`Something's already running on :${PORT}`) + console.log( + 'If you intend to run jest tests with an existing server, set env var START_JEST_SERVER=false' + ) + process.exit(1) + } + + // So it can be accessed from the script that + // is set up by the jest config: `globalTeardown` + global.__SERVER__ = await main() + + console.assert(await isServerHealthy()) + } else { + console.warn(`jest is NOT automatically starting a server on port :${PORT}`) + } + + // The way jest-puppeteer works is that you add a preset in + // `jest.config.js` but that preset will clash with the execution + // of this script. So we have to manually do what we do normally + // do in `jest.config.js`. + // Note, we can delete this when we migrate to Playwright. + if (process.env.BROWSER) { + await setupJestPuppeteer() + } +} diff --git a/script/warm-before-tests.mjs b/script/warm-before-tests.mjs deleted file mode 100755 index 99bfc4ba03..0000000000 --- a/script/warm-before-tests.mjs +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env node - -// [start-readme] -// -// It runs the warmServer() function because that function can do things -// like writing to disk as a caching mechanism. -// When jest runs tests, it starts multiple concurrent processes, -// even if it runs it serially (`--runInBand`) so it's highly likely -// that two concurrent processes both attempt to writing to -// the same exact file. By running this script before anything -// begins, we can be certain that files that should have been created -// are created. -// -// [end-readme] - -import warmServer from '../lib/warm-server.js' - -main() - -async function main() { - await warmServer() -} diff --git a/server.mjs b/server.mjs index fa4bb2c0fe..ed58037d9d 100644 --- a/server.mjs +++ b/server.mjs @@ -1,55 +1,3 @@ -import dotenv from 'dotenv' -import './lib/feature-flags.js' -import './lib/check-node-version.js' -import './lib/handle-exceptions.js' -import portUsed from 'port-used' -import createApp from './lib/app.js' -import warmServer from './lib/warm-server.js' -import http from 'http' -dotenv.config() - -const { PORT, NODE_ENV } = process.env -const port = Number(PORT) || 4000 - -async function main() { - if (NODE_ENV !== 'production') { - await checkPortAvailability() - } - - await startServer() -} - -async function checkPortAvailability() { - // Check that the development server is not already running - const portInUse = await portUsed.check(port) - if (portInUse) { - console.log(`\n\n\nPort ${port} is not available. You may already have a server running.`) - console.log( - `Try running \`npx kill-port ${port}\` to shut down all your running node processes.\n\n\n` - ) - console.log('\x07') // system 'beep' sound - process.exit(1) - } -} - -async function startServer() { - const app = createApp() - - // Warm up as soon as possible. - // The `warmServer()` function is idempotent and it will soon be used - // by some middleware, but there's no point in having a started server - // without this warmed up. Besides, by starting this slow thing now, - // it can start immediately instead of waiting for the first request - // to trigger it to warm up. That way, when in development and triggering - // a `nodemon` restart, there's a good chance the warm up has come some - // way before you manage to reach for your browser to do a page refresh. - await warmServer() - - // Workaround for https://github.com/expressjs/express/issues/1101 - const server = http.createServer(app) - server - .listen(port, () => console.log(`app running on http://localhost:${port}`)) - .on('error', () => server.close()) -} +import { main } from './start-server.mjs' main() diff --git a/start-server.mjs b/start-server.mjs new file mode 100644 index 0000000000..170b5bf5d2 --- /dev/null +++ b/start-server.mjs @@ -0,0 +1,54 @@ +import dotenv from 'dotenv' +import './lib/feature-flags.js' +import './lib/check-node-version.js' +import './lib/handle-exceptions.js' +import portUsed from 'port-used' +import createApp from './lib/app.js' +import warmServer from './lib/warm-server.js' +import http from 'http' +dotenv.config() + +const { PORT, NODE_ENV } = process.env +const port = Number(PORT) || 4000 + +export async function main() { + if (NODE_ENV !== 'production') { + await checkPortAvailability() + } + + return await startServer() +} + +async function checkPortAvailability() { + // Check that the development server is not already running + const portInUse = await portUsed.check(port) + if (portInUse) { + console.log(`\n\n\nPort ${port} is not available. You may already have a server running.`) + console.log( + `Try running \`npx kill-port ${port}\` to shut down all your running node processes.\n\n\n` + ) + console.log('\x07') // system 'beep' sound + process.exit(1) + } +} + +async function startServer() { + const app = createApp() + + // Warm up as soon as possible. + // The `warmServer()` function is idempotent and it will soon be used + // by some middleware, but there's no point in having a started server + // without this warmed up. Besides, by starting this slow thing now, + // it can start immediately instead of waiting for the first request + // to trigger it to warm up. That way, when in development and triggering + // a `nodemon` restart, there's a good chance the warm up has come some + // way before you manage to reach for your browser to do a page refresh. + await warmServer() + + // Workaround for https://github.com/expressjs/express/issues/1101 + const server = http.createServer(app) + + return server + .listen(port, () => console.log(`app running on http://localhost:${port}`)) + .on('error', () => server.close()) +} diff --git a/tests/README.md b/tests/README.md index 496dc32a63..4377e7a779 100644 --- a/tests/README.md +++ b/tests/README.md @@ -76,3 +76,28 @@ run the linter: ```sh npm run lint ``` + +### Keeping the server running + +When you run `jest` tests, that depend on making real HTTP requests +to `localhost:4000`, the `jest` tests have a hook that starts the +server before running all/any tests, and stops the server when it's done. + +You can disable that, which might make it easier when debugging tests +since the server won't need to start and stop every time you run tests. + +In one terminal type: + +```sh +NODE_ENV=test PORT=4000 node server.mjs +``` + +and then, in another terminal type: + +```sh +START_JEST_SERVER=false jest tests/rendering/foo/bar.js +``` + +Or whatever the testing command you use. Note the `START_JEST_SERVER=false` +environment variable that needs to be set or else, `jest` will try to start +a server on `:4000` too. diff --git a/tests/browser/browser.js b/tests/browser/browser.js index 046ac81fa7..55eba3218f 100644 --- a/tests/browser/browser.js +++ b/tests/browser/browser.js @@ -9,7 +9,7 @@ describe('homepage', () => { jest.setTimeout(60 * 1000) test('should be titled "GitHub Documentation"', async () => { - await page.goto('http://localhost:4001') + await page.goto('http://localhost:4000') await expect(page.title()).resolves.toMatch('GitHub Documentation') }) }) @@ -18,7 +18,7 @@ describe('browser search', () => { jest.setTimeout(60 * 1000) it('works on the homepage', async () => { - await page.goto('http://localhost:4001/en') + await page.goto('http://localhost:4000/en') await page.click('[data-testid=site-search-input]') await page.type('[data-testid=site-search-input]', 'actions') await page.waitForSelector('[data-testid=search-results]') @@ -27,7 +27,7 @@ describe('browser search', () => { }) it('works on mobile landing pages', async () => { - await page.goto('http://localhost:4001/en/actions') + await page.goto('http://localhost:4000/en/actions') await page.click('[data-testid=mobile-menu-button]') await page.click('[data-testid=mobile-header] [data-testid=site-search-input]') await page.type('[data-testid=mobile-header] [data-testid=site-search-input]', 'workflows') @@ -39,7 +39,7 @@ describe('browser search', () => { it('works on desktop landing pages', async () => { const initialViewport = page.viewport() await page.setViewport({ width: 1024, height: 768 }) - await page.goto('http://localhost:4001/en/actions') + await page.goto('http://localhost:4000/en/actions') await page.click('[data-testid=desktop-header] [data-testid=site-search-input]') await page.type('[data-testid=desktop-header] [data-testid=site-search-input]', 'workflows') await page.waitForSelector('[data-testid=search-results]') @@ -50,7 +50,7 @@ describe('browser search', () => { // 404 page is statically generated with next, so search is not available, but may possibly be brought back // Docs Engineering issue: 961 it.skip('works on 404 error page', async () => { - await page.goto('http://localhost:4001/en/404') + await page.goto('http://localhost:4000/en/404') await page.click('[data-testid=search] input[type="search"]') await page.type('[data-testid=search] input[type="search"]', 'actions') await page.waitForSelector('[data-testid=search-results]') @@ -63,7 +63,7 @@ describe('browser search', () => { const newPage = await browser.newPage() await newPage.goto( - `http://localhost:4001/ja/enterprise-server@${oldestSupported}/admin/installation` + `http://localhost:4000/ja/enterprise-server@${oldestSupported}/admin/installation` ) await newPage.setRequestInterception(true) @@ -89,7 +89,7 @@ describe('browser search', () => { expect.assertions(2) const newPage = await browser.newPage() - await newPage.goto('http://localhost:4001/en/enterprise-cloud@latest/admin/overview') + await newPage.goto('http://localhost:4000/en/enterprise-cloud@latest/admin/overview') await newPage.setRequestInterception(true) newPage.on('request', (interceptedRequest) => { @@ -114,7 +114,7 @@ describe('browser search', () => { expect.assertions(2) const newPage = await browser.newPage() - await newPage.goto('http://localhost:4001/en/github-ae@latest/admin/overview') + await newPage.goto('http://localhost:4000/en/github-ae@latest/admin/overview') await newPage.setRequestInterception(true) newPage.on('request', (interceptedRequest) => { @@ -142,7 +142,7 @@ describe('survey', () => { it('sends an event to /events when submitting form', async () => { // Visit a page that displays the prompt await page.goto( - 'http://localhost:4001/en/actions/getting-started-with-github-actions/about-github-actions' + 'http://localhost:4000/en/actions/getting-started-with-github-actions/about-github-actions' ) // Track network requests @@ -177,7 +177,7 @@ describe('survey', () => { describe('csrf meta', () => { it('should have a csrf-token meta tag on the page', async () => { await page.goto( - 'http://localhost:4001/en/actions/getting-started-with-github-actions/about-github-actions' + 'http://localhost:4000/en/actions/getting-started-with-github-actions/about-github-actions' ) await page.waitForSelector('meta[name="csrf-token"]') }) @@ -204,10 +204,10 @@ describe('platform picker', () => { ] const linuxUserAgent = userAgents[2] const pageWithPlatformPicker = - 'http://localhost:4001/en/github/using-git/configuring-git-to-handle-line-endings' - const pageWithoutPlatformPicker = 'http://localhost:4001/en/github/using-git' + 'http://localhost:4000/en/github/using-git/configuring-git-to-handle-line-endings' + const pageWithoutPlatformPicker = 'http://localhost:4000/en/github/using-git' const pageWithDefaultPlatform = - 'http://localhost:4001/en/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service' + 'http://localhost:4000/en/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service' it('should have a platform picker', async () => { await page.goto(pageWithPlatformPicker) @@ -286,11 +286,11 @@ describe('platform picker', () => { describe('tool specific content', () => { const pageWithSingleSwitcher = - 'http://localhost:4001/en/actions/managing-workflow-runs/manually-running-a-workflow' + 'http://localhost:4000/en/actions/managing-workflow-runs/manually-running-a-workflow' const pageWithoutSwitcher = - 'http://localhost:4001/en/billing/managing-billing-for-github-sponsors/about-billing-for-github-sponsors' + 'http://localhost:4000/en/billing/managing-billing-for-github-sponsors/about-billing-for-github-sponsors' const pageWithMultipleSwitcher = - 'http://localhost:4001/en/issues/trying-out-the-new-projects-experience/using-the-api-to-manage-projects' + 'http://localhost:4000/en/issues/trying-out-the-new-projects-experience/using-the-api-to-manage-projects' it('should have a tool switcher if a tool switcher is included', async () => { await page.goto(pageWithSingleSwitcher) @@ -373,7 +373,7 @@ describe('tool specific content', () => { describe('code examples', () => { it('loads correctly', async () => { - await page.goto('http://localhost:4001/en/code-security') + await page.goto('http://localhost:4000/en/code-security') const shownCards = await page.$$('[data-testid=code-example-card]') const shownNoResult = await page.$('[data-testid=code-examples-no-results]') expect(shownCards.length).toBeGreaterThan(0) @@ -381,7 +381,7 @@ describe('code examples', () => { }) it('filters cards', async () => { - await page.goto('http://localhost:4001/en/code-security') + await page.goto('http://localhost:4000/en/code-security') await page.click('[data-testid=code-examples-input]') await page.type('[data-testid=code-examples-input]', 'policy') await page.click('[data-testid=code-examples-search-btn]') @@ -390,7 +390,7 @@ describe('code examples', () => { }) it('shows more cards', async () => { - await page.goto('http://localhost:4001/en/code-security') + await page.goto('http://localhost:4000/en/code-security') const initialCards = await page.$$('[data-testid=code-example-card]') await page.click('[data-testid=code-examples-show-more]') const moreCards = await page.$$('[data-testid=code-example-card]') @@ -398,7 +398,7 @@ describe('code examples', () => { }) it('displays no result message', async () => { - await page.goto('http://localhost:4001/en/code-security') + await page.goto('http://localhost:4000/en/code-security') await page.click('[data-testid=code-examples-input]') await page.type('[data-testid=code-examples-input]', 'this should not work') await page.click('[data-testid=code-examples-search-btn]') @@ -411,7 +411,7 @@ describe('code examples', () => { describe('filter cards', () => { it('works with select input', async () => { - await page.goto('http://localhost:4001/en/code-security/guides') + await page.goto('http://localhost:4000/en/code-security/guides') // 2nd element is 'Overview' await page.click('[data-testid=card-filter-types] button') await page.click('[data-testid=types-dropdown] > div > div:nth-child(2)') @@ -424,7 +424,7 @@ describe('filter cards', () => { }) it('works with select input on an Enterprise version', async () => { - await page.goto(`http://localhost:4001/en/enterprise-server@${latest}/code-security/guides`) + await page.goto(`http://localhost:4000/en/enterprise-server@${latest}/code-security/guides`) // 2nd element is 'Overview' await page.click('[data-testid=card-filter-types] button') await page.click('[data-testid=types-dropdown] > div > div:nth-child(2)') @@ -445,7 +445,7 @@ describe('language banner', () => { // run a reliable test. But hey, on the bright side, if we don't have a WIP // language then this code will never run anyway! if (wipLanguageKey) { - const res = await page.goto(`http://localhost:4001/${wipLanguageKey}/actions`) + const res = await page.goto(`http://localhost:4000/${wipLanguageKey}/actions`) expect(res.ok()).toBe(true) const href = await page.$eval('a#to-english-doc', (el) => el.href) expect(href.endsWith('/en/actions')).toBe(true) @@ -461,11 +461,11 @@ describe.skip('next/link client-side navigation', () => { it('should have 200 response to /_next/data when link is clicked', async () => { const initialViewport = page.viewport() await page.setViewport({ width: 1024, height: 768 }) - await page.goto('http://localhost:4001/en/actions/guides') + await page.goto('http://localhost:4000/en/actions/guides') const [response] = await Promise.all([ page.waitForResponse((response) => - response.url().startsWith('http://localhost:4001/_next/data') + response.url().startsWith('http://localhost:4000/_next/data') ), page.waitForNavigation({ waitUntil: 'networkidle2' }), page.click( @@ -496,7 +496,7 @@ describe('iframe pages', () => { }) // Hardcoded path to a page where we know we have a YouTube embed - const res = await newPage.goto('http://localhost:4001/en/codespaces') + const res = await newPage.goto('http://localhost:4000/en/codespaces') expect(res.ok()).toBeTruthy() expect(failedURLs.length, `Following URLs ${failedURLs.join(', ')} failed`).toBeFalsy() diff --git a/tests/content/featured-links.js b/tests/content/featured-links.js index dcfce7cd3b..dc1f434bfd 100644 --- a/tests/content/featured-links.js +++ b/tests/content/featured-links.js @@ -7,7 +7,7 @@ import nock from 'nock' import japaneseCharacters from 'japanese-characters' import '../../lib/feature-flags.js' -import { getDOM, getJSON } from '../helpers/supertest.js' +import { getDOM, getJSON } from '../helpers/e2etest.js' import enterpriseServerReleases from '../../lib/enterprise-server-releases.js' const __dirname = path.dirname(fileURLToPath(import.meta.url)) diff --git a/tests/content/graphql.js b/tests/content/graphql.js index b6d2be45e8..488611e695 100644 --- a/tests/content/graphql.js +++ b/tests/content/graphql.js @@ -1,5 +1,3 @@ -import fs from 'fs' -import path from 'path' import readJsonFile from '../../lib/read-json-file.js' import { schemaValidator, @@ -29,15 +27,21 @@ describe('graphql json files', () => { }) test('schemas object validation', () => { + // The typeObj is repeated thousands of times in each .json file + // so use a cache of which we've already validated to speed this + // test up significantly. + const typeObjsTested = new Set() graphqlVersions.forEach((version) => { - const schemaJsonPerVersion = JSON.parse( - fs.readFileSync(path.join(process.cwd(), `lib/graphql/static/schema-${version}.json`)) - ) + const schemaJsonPerVersion = readJsonFile(`lib/graphql/static/schema-${version}.json`) // all graphql types are arrays except for queries graphqlTypes .filter((type) => type !== 'queries') .forEach((type) => { schemaJsonPerVersion[type].forEach((typeObj) => { + const key = JSON.stringify(typeObj) + type + if (typeObjsTested.has(key)) return + typeObjsTested.add(key) + const { valid, errors } = revalidator.validate(typeObj, schemaValidator[type]) const errorMessage = JSON.stringify(errors, null, 2) expect(valid, errorMessage).toBe(true) diff --git a/tests/content/search.js b/tests/content/search.js index 5b0786b4b6..e42898d5c6 100644 --- a/tests/content/search.js +++ b/tests/content/search.js @@ -4,7 +4,7 @@ import { dates, supported } from '../../lib/enterprise-server-releases.js' import libLanguages from '../../lib/languages.js' import { namePrefix } from '../../lib/search/config.js' import lunrIndexNames from '../../script/search/lunr-get-index-names.js' -import { get } from '../helpers/supertest.js' +import { get } from '../helpers/e2etest.js' const languageCodes = Object.keys(libLanguages) diff --git a/tests/content/webhooks.js b/tests/content/webhooks.js index e5f13adc0b..0c7fe64887 100644 --- a/tests/content/webhooks.js +++ b/tests/content/webhooks.js @@ -1,5 +1,5 @@ import { difference } from 'lodash-es' -import { getJSON } from '../helpers/supertest.js' +import { getJSON } from '../helpers/e2etest.js' import { latest } from '../../lib/enterprise-server-releases.js' import { allVersions } from '../../lib/all-versions.js' import getWebhookPayloads from '../../lib/webhooks' diff --git a/tests/helpers/caching-headers.js b/tests/helpers/caching-headers.js new file mode 100644 index 0000000000..76a8b77bd6 --- /dev/null +++ b/tests/helpers/caching-headers.js @@ -0,0 +1,14 @@ +import { SURROGATE_ENUMS } from '../../middleware/set-fastly-surrogate-key.js' + +export function checkCachingHeaders(res, defaultSurrogateKey = false, minMaxAge = 60 * 60) { + expect(res.headers['set-cookie']).toBeUndefined() + expect(res.headers['cache-control']).toContain('public') + const maxAgeSeconds = parseInt(res.header['cache-control'].match(/max-age=(\d+)/)[1], 10) + // Let's not be too specific in the tests, just as long as it's testing + // that it's a reasonably large number of seconds. + expect(maxAgeSeconds).toBeGreaterThanOrEqual(minMaxAge) + // Because it doesn't have have a unique URL + expect(res.headers['surrogate-key']).toBe( + defaultSurrogateKey ? SURROGATE_ENUMS.DEFAULT : SURROGATE_ENUMS.MANUAL + ) +} diff --git a/tests/helpers/e2etest.js b/tests/helpers/e2etest.js new file mode 100644 index 0000000000..e666bd4d7f --- /dev/null +++ b/tests/helpers/e2etest.js @@ -0,0 +1,83 @@ +import cheerio from 'cheerio' +import got from 'got' + +export async function get( + route, + opts = { + method: 'get', + body: undefined, + followRedirects: false, + followAllRedirects: false, + headers: {}, + } +) { + const method = opts.method || 'get' + const fn = got[method] + if (!fn || typeof fn !== 'function') throw new Error(`No method function for '${method}'`) + const absURL = `http://localhost:4000${route}` + const res = await fn(absURL, { + body: opts.body, + headers: opts.headers, + retry: { limit: 0 }, + throwHttpErrors: false, + followRedirect: opts.followAllRedirects || opts.followRedirects, + }) + // follow all redirects, or just follow one + if (opts.followAllRedirects && [301, 302].includes(res.status)) { + // res = await get(res.headers.location, opts) + throw new Error('A') + } else if (opts.followRedirects && [301, 302].includes(res.status)) { + // res = await get(res.headers.location) + throw new Error('B') + } + + const text = res.body + const status = res.statusCode + const headers = res.headers + return { + text, + status, + statusCode: status, // Legacy + headers, + header: headers, // Legacy + url: res.url, + } +} + +export async function head(route, opts = { followRedirects: false }) { + const res = await get(route, { method: 'head', followRedirects: opts.followRedirects }) + return res +} + +export function post(route, opts) { + return get(route, Object.assign({}, opts, { method: 'post' })) +} + +export async function getDOM( + route, + { headers, allow500s, allow404 } = { headers: undefined, allow500s: false, allow404: false } +) { + const res = await get(route, { followRedirects: true, headers }) + if (!allow500s && res.status >= 500) { + throw new Error(`Server error (${res.status}) on ${route}`) + } + if (!allow404 && res.status === 404) { + throw new Error(`Page not found on ${route}`) + } + const $ = cheerio.load(res.text || '', { xmlMode: true }) + $.res = Object.assign({}, res) + return $ +} + +// For use with the ?json query param +// e.g. await getJSON('/en?json=breadcrumbs') +export async function getJSON(route) { + const res = await get(route, { followRedirects: true }) + if (res.status >= 500) { + throw new Error(`Server error (${res.status}) on ${route}`) + } + if (res.status >= 400) { + console.warn(`${res.status} on ${route} and the response might not be JSON`) + } + return JSON.parse(res.text) +} diff --git a/tests/rendering/breadcrumbs.js b/tests/rendering/breadcrumbs.js index b85fee737a..02e68b711a 100644 --- a/tests/rendering/breadcrumbs.js +++ b/tests/rendering/breadcrumbs.js @@ -1,6 +1,7 @@ -import { getDOM, getJSON } from '../helpers/supertest.js' import { jest } from '@jest/globals' +import { getDOM, getJSON } from '../helpers/e2etest.js' + // TODO: Use `describeViaActionsOnly` instead. See tests/rendering/server.js const describeInternalOnly = process.env.GITHUB_REPOSITORY === 'github/docs-internal' ? describe : describe.skip diff --git a/tests/rendering/curated-homepage-links.js b/tests/rendering/curated-homepage-links.js index 56f5780529..ccbba75c04 100644 --- a/tests/rendering/curated-homepage-links.js +++ b/tests/rendering/curated-homepage-links.js @@ -1,4 +1,4 @@ -import { getDOM } from '../helpers/supertest.js' +import { getDOM } from '../helpers/e2etest.js' import { jest } from '@jest/globals' describe('curated homepage links', () => { diff --git a/tests/rendering/favicons.js b/tests/rendering/favicons.js index 07268dee16..0d54429da6 100644 --- a/tests/rendering/favicons.js +++ b/tests/rendering/favicons.js @@ -1,7 +1,7 @@ import { expect } from '@jest/globals' import { SURROGATE_ENUMS } from '../../middleware/set-fastly-surrogate-key.js' -import { get } from '../helpers/supertest.js' +import { get } from '../helpers/e2etest.js' describe('favicon assets', () => { it('should serve a valid and aggressively caching /favicon.ico', async () => { diff --git a/tests/rendering/footer.js b/tests/rendering/footer.js index ff06162b2c..d5171f4f0a 100644 --- a/tests/rendering/footer.js +++ b/tests/rendering/footer.js @@ -1,7 +1,8 @@ -import { getDOM } from '../helpers/supertest.js' -import nonEnterpriseDefaultVersion from '../../lib/non-enterprise-default-version.js' import { jest } from '@jest/globals' +import { getDOM } from '../helpers/e2etest.js' +import nonEnterpriseDefaultVersion from '../../lib/non-enterprise-default-version.js' + describe('footer', () => { jest.setTimeout(10 * 60 * 1000) diff --git a/tests/rendering/head.js b/tests/rendering/head.js index 8d3fdfd1b3..1a117d8c60 100644 --- a/tests/rendering/head.js +++ b/tests/rendering/head.js @@ -1,4 +1,4 @@ -import { getDOM } from '../helpers/supertest.js' +import { getDOM } from '../helpers/e2etest.js' import languages from '../../lib/languages.js' import { jest } from '@jest/globals' diff --git a/tests/rendering/header.js b/tests/rendering/header.js index 5c7ffbb5ff..78c223a31d 100644 --- a/tests/rendering/header.js +++ b/tests/rendering/header.js @@ -1,7 +1,8 @@ -import { getDOM } from '../helpers/supertest.js' -import { oldestSupported } from '../../lib/enterprise-server-releases.js' import { jest } from '@jest/globals' +import { getDOM } from '../helpers/e2etest.js' +import { oldestSupported } from '../../lib/enterprise-server-releases.js' + describe('header', () => { jest.setTimeout(5 * 60 * 1000) diff --git a/tests/rendering/learning-tracks.js b/tests/rendering/learning-tracks.js index 2f9f2ce872..42a9f50a34 100644 --- a/tests/rendering/learning-tracks.js +++ b/tests/rendering/learning-tracks.js @@ -1,6 +1,7 @@ -import { getDOM } from '../helpers/supertest.js' import { jest } from '@jest/globals' +import { getDOM } from '../helpers/e2etest.js' + jest.setTimeout(3 * 60 * 1000) describe('learning tracks', () => { diff --git a/tests/rendering/page-titles.js b/tests/rendering/page-titles.js index 8877130fa3..8126587dbe 100644 --- a/tests/rendering/page-titles.js +++ b/tests/rendering/page-titles.js @@ -1,7 +1,8 @@ -import enterpriseServerReleases from '../../lib/enterprise-server-releases.js' -import { getDOM } from '../helpers/supertest.js' import { jest } from '@jest/globals' +import enterpriseServerReleases from '../../lib/enterprise-server-releases.js' +import { getDOM } from '../helpers/e2etest.js' + describe('page titles', () => { jest.setTimeout(300 * 1000) diff --git a/tests/rendering/pages-with-learning-tracks.js b/tests/rendering/pages-with-learning-tracks.js index 17a7311804..fb122ba9fe 100644 --- a/tests/rendering/pages-with-learning-tracks.js +++ b/tests/rendering/pages-with-learning-tracks.js @@ -1,6 +1,6 @@ import { jest, expect } from '@jest/globals' -import { getDOM } from '../helpers/supertest.js' +import { getDOM } from '../helpers/e2etest.js' import { loadPages } from '../../lib/page-data.js' describe('process learning tracks', () => { diff --git a/tests/rendering/rest.js b/tests/rendering/rest.js index 25641c6a76..4a6481ae84 100644 --- a/tests/rendering/rest.js +++ b/tests/rendering/rest.js @@ -1,6 +1,7 @@ -import { getDOM } from '../helpers/supertest.js' -import getRest, { getEnabledForApps } from '../../lib/rest/index.js' import { jest } from '@jest/globals' + +import { getDOM } from '../helpers/e2etest.js' +import getRest, { getEnabledForApps } from '../../lib/rest/index.js' import { allVersions } from '../../lib/all-versions.js' describe('REST references docs', () => { diff --git a/tests/rendering/robots-txt.js b/tests/rendering/robots-txt.js index c6010bb3e8..b74a1df82e 100644 --- a/tests/rendering/robots-txt.js +++ b/tests/rendering/robots-txt.js @@ -1,6 +1,6 @@ import languages from '../../lib/languages.js' import robotsParser from 'robots-parser' -import { get } from '../helpers/supertest.js' +import { get } from '../helpers/e2etest.js' import { jest } from '@jest/globals' describe('robots.txt', () => { @@ -8,7 +8,11 @@ describe('robots.txt', () => { let res, robots beforeAll(async () => { - res = await get('/robots.txt') + res = await get('/robots.txt', { + headers: { + Host: 'docs.github.com', + }, + }) robots = robotsParser('https://docs.github.com/robots.txt', res.text) }) diff --git a/tests/rendering/server.js b/tests/rendering/server.js index a44efa0b29..c5aab37023 100644 --- a/tests/rendering/server.js +++ b/tests/rendering/server.js @@ -1,6 +1,6 @@ import lodash from 'lodash-es' import enterpriseServerReleases from '../../lib/enterprise-server-releases.js' -import { get, getDOM, head, post } from '../helpers/supertest.js' +import { get, getDOM, head, post } from '../helpers/e2etest.js' import { describeViaActionsOnly } from '../helpers/conditional-runs.js' import { loadPages } from '../../lib/page-data.js' import CspParse from 'csp-parse' @@ -30,7 +30,7 @@ describe('server', () => { const res = await head('/en') expect(res.statusCode).toBe(200) expect(res.headers).not.toHaveProperty('content-length') - expect(res.text).toBeUndefined() + expect(res.text).toBe('') }) test('renders the homepage', async () => { @@ -155,7 +155,11 @@ describe('server', () => { expect($.res.statusCode).toBe(404) }) - test('renders a 400 for invalid paths', async () => { + // When using `got()` to send full end-to-end URLs, you can't use + // URLs like in this test because got will + // throw `RequestError: URI malformed`. + // So for now, this test is skipped. + test.skip('renders a 400 for invalid paths', async () => { const $ = await getDOM('/en/%7B%') expect($.res.statusCode).toBe(400) }) @@ -184,7 +188,12 @@ describe('server', () => { }) test('returns a 400 when POST-ed invalid JSON', async () => { - const res = await post('/').send('not real JSON').set('Content-Type', 'application/json') + const res = await post('/', { + body: 'not real JSON', + headers: { + 'content-type': 'application/json', + }, + }) expect(res.statusCode).toBe(400) }) @@ -607,7 +616,11 @@ describe('server', () => { expect(hiddenPageHrefs.length).toBeGreaterThan(0) }) - test('are not listed at /early-access in production', async () => { + // Test skipped because this test file is no longer able to + // change the `NODE_ENV` between tests because it depends on + // HTTP and not raw supertest. + // Idea: Move this one test somewhere into tests/unit/ + test.skip('are not listed at /early-access in production', async () => { const oldNodeEnv = process.env.NODE_ENV process.env.NODE_ENV = 'production' const res = await get('/early-access', { followRedirects: true }) diff --git a/tests/rendering/sidebar.js b/tests/rendering/sidebar.js index a6dd54617e..d1ea7d7619 100644 --- a/tests/rendering/sidebar.js +++ b/tests/rendering/sidebar.js @@ -1,7 +1,8 @@ -import '../../lib/feature-flags.js' -import { getDOM } from '../helpers/supertest.js' import { jest } from '@jest/globals' +import '../../lib/feature-flags.js' +import { getDOM } from '../helpers/e2etest.js' + describe('sidebar', () => { jest.setTimeout(3 * 60 * 1000) diff --git a/tests/rendering/static-assets.js b/tests/rendering/static-assets.js index 285c54336a..915d9b9556 100644 --- a/tests/rendering/static-assets.js +++ b/tests/rendering/static-assets.js @@ -1,11 +1,10 @@ import fs from 'fs' import path from 'path' -import nock from 'nock' -import { expect, jest } from '@jest/globals' +import { expect } from '@jest/globals' -import { SURROGATE_ENUMS } from '../../middleware/set-fastly-surrogate-key.js' -import { get } from '../helpers/supertest.js' +import { get } from '../helpers/e2etest.js' +import { checkCachingHeaders } from '../helpers/caching-headers.js' function getNextStaticAsset(directory) { const root = path.join('.next', 'static', directory) @@ -14,19 +13,6 @@ function getNextStaticAsset(directory) { return path.join(root, files[0]) } -function checkCachingHeaders(res, defaultSurrogateKey = false, minMaxAge = 60 * 60) { - expect(res.headers['set-cookie']).toBeUndefined() - expect(res.headers['cache-control']).toContain('public') - const maxAgeSeconds = parseInt(res.header['cache-control'].match(/max-age=(\d+)/)[1], 10) - // Let's not be too specific in the tests, just as long as it's testing - // that it's a reasonably large number of seconds. - expect(maxAgeSeconds).toBeGreaterThanOrEqual(minMaxAge) - // Because it doesn't have have a unique URL - expect(res.headers['surrogate-key']).toBe( - defaultSurrogateKey ? SURROGATE_ENUMS.DEFAULT : SURROGATE_ENUMS.MANUAL - ) -} - describe('static assets', () => { it('should serve /assets/cb-* with optimal headers', async () => { const res = await get('/assets/cb-1234/images/site/logo.png') @@ -70,99 +56,3 @@ describe('static assets', () => { checkCachingHeaders(res, true, 60) }) }) - -describe('archived enterprise static assets', () => { - // Sometimes static assets are proxied. The URL for the static asset - // might not indicate it's based on archived enterprise version. - - jest.setTimeout(60 * 1000) - - beforeAll(async () => { - // The first page load takes a long time so let's get it out of the way in - // advance to call out that problem specifically rather than misleadingly - // attributing it to the first test - // await get('/') - - const sampleCSS = '/* nice CSS */' - - nock('https://github.github.com') - .get('/help-docs-archived-enterprise-versions/2.21/_next/static/foo.css') - .reply(200, sampleCSS, { - 'content-type': 'text/css', - 'content-length': sampleCSS.length, - }) - nock('https://github.github.com') - .get('/help-docs-archived-enterprise-versions/2.21/_next/static/only-on-proxy.css') - .reply(200, sampleCSS, { - 'content-type': 'text/css', - 'content-length': sampleCSS.length, - }) - nock('https://github.github.com') - .get('/help-docs-archived-enterprise-versions/2.3/_next/static/only-on-2.3.css') - .reply(200, sampleCSS, { - 'content-type': 'text/css', - 'content-length': sampleCSS.length, - }) - nock('https://github.github.com') - .get('/help-docs-archived-enterprise-versions/2.3/_next/static/fourofour.css') - .reply(404, 'Not found', { - 'content-type': 'text/plain', - }) - nock('https://github.github.com') - .get('/help-docs-archived-enterprise-versions/2.3/assets/images/site/logo.png') - .reply(404, 'Not found', { - 'content-type': 'text/plain', - }) - }) - - afterAll(() => nock.cleanAll()) - - it('should proxy if the static asset is prefixed', async () => { - const res = await get('/enterprise/2.21/_next/static/foo.css', { - headers: { - Referrer: '/enterprise/2.21', - }, - }) - expect(res.statusCode).toBe(200) - checkCachingHeaders(res, true, 60) - }) - it('should proxy if the Referrer header indicates so', async () => { - const res = await get('/_next/static/only-on-proxy.css', { - headers: { - Referrer: '/enterprise/2.21', - }, - }) - expect(res.statusCode).toBe(200) - checkCachingHeaders(res, true, 60) - }) - it('should proxy if the Referrer header indicates so', async () => { - const res = await get('/_next/static/only-on-2.3.css', { - headers: { - Referrer: '/en/enterprise-server@2.3/some/page', - }, - }) - expect(res.statusCode).toBe(200) - checkCachingHeaders(res, true, 60) - }) - it('might still 404 even with the right referrer', async () => { - const res = await get('/_next/static/fourofour.css', { - headers: { - Referrer: '/en/enterprise-server@2.3/some/page', - }, - }) - expect(res.statusCode).toBe(404) - checkCachingHeaders(res, true, 60) - }) - - it('404 on the proxy but actually present here', async () => { - const res = await get('/assets/images/site/logo.png', { - headers: { - Referrer: '/en/enterprise-server@2.3/some/page', - }, - }) - // It tried to go via the proxy, but it wasn't there, but then it - // tried "our disk" and it's eventually there. - expect(res.statusCode).toBe(200) - checkCachingHeaders(res, true, 60) - }) -}) diff --git a/tests/rendering/webhooks.js b/tests/rendering/webhooks.js index af6fff4a9e..e418adbc9f 100644 --- a/tests/rendering/webhooks.js +++ b/tests/rendering/webhooks.js @@ -1,5 +1,5 @@ import { jest } from '@jest/globals' -import { getDOM } from '../helpers/supertest.js' +import { getDOM } from '../helpers/e2etest.js' import { allVersions } from '../../lib/all-versions.js' describe('webhooks events and payloads', () => { diff --git a/tests/routing/deprecated-enterprise-versions.js b/tests/routing/deprecated-enterprise-versions.js index affcd7df28..c5389e10f7 100644 --- a/tests/routing/deprecated-enterprise-versions.js +++ b/tests/routing/deprecated-enterprise-versions.js @@ -1,16 +1,12 @@ -import supertest from 'supertest' import { describe, jest, test } from '@jest/globals' -import createApp from '../../lib/app.js' import enterpriseServerReleases from '../../lib/enterprise-server-releases.js' -import { get, getDOM } from '../helpers/supertest.js' +import { get, getDOM } from '../helpers/e2etest.js' import { SURROGATE_ENUMS } from '../../middleware/set-fastly-surrogate-key.js' import { PREFERRED_LOCALE_COOKIE_NAME } from '../../middleware/detect-language.js' jest.useFakeTimers('legacy') -const app = createApp() - describe('enterprise deprecation', () => { jest.setTimeout(60 * 1000) @@ -60,9 +56,9 @@ describe('enterprise deprecation', () => { test('sets the expected headers for deprecated Enterprise pages', async () => { const res = await get('/en/enterprise/2.13/user/articles/about-branches') expect(res.statusCode).toBe(200) - expect(res.get('x-robots-tag')).toBe('noindex') - expect(res.get('surrogate-key')).toBe(SURROGATE_ENUMS.MANUAL) - expect(res.get('set-cookie')).toBeUndefined() + expect(res.headers['x-robots-tag']).toBe('noindex') + expect(res.headers['surrogate-key']).toBe(SURROGATE_ENUMS.MANUAL) + expect(res.headers['set-cookie']).toBeUndefined() }) test('handles requests for deprecated Enterprise pages ( <2.13 )', async () => { @@ -209,91 +205,103 @@ describe('does not render survey prompt or contribution button', () => { describe('JS and CSS assets', () => { it('returns the expected CSS file > 2.18', async () => { - const result = await supertest(app) - .get('/enterprise/2.18/dist/index.css') - .set('Referrer', '/en/enterprise/2.18') - + const result = await get('/enterprise/2.18/dist/index.css', { + headers: { + Referrer: '/en/enterprise/2.18', + }, + }) expect(result.statusCode).toBe(200) - expect(result.get('x-is-archived')).toBe('true') - expect(result.get('Content-Type')).toBe('text/css; charset=utf-8') + expect(result.headers['x-is-archived']).toBe('true') + expect(result.headers['content-type']).toBe('text/css; charset=utf-8') }) it('returns the expected CSS file', async () => { - const result = await supertest(app) - .get('/stylesheets/index.css') - .set('Referrer', '/en/enterprise/2.13') - + const result = await get('/stylesheets/index.css', { + headers: { + Referrer: '/en/enterprise/2.13', + }, + }) expect(result.statusCode).toBe(200) - expect(result.get('x-is-archived')).toBe('true') - expect(result.get('Content-Type')).toBe('text/css; charset=utf-8') + expect(result.headers['x-is-archived']).toBe('true') + expect(result.headers['content-type']).toBe('text/css; charset=utf-8') }) it('returns the expected JS file > 2.18', async () => { - const result = await supertest(app) - .get('/enterprise/2.18/dist/index.js') - .set('Referrer', '/en/enterprise/2.18') - + const result = await get('/enterprise/2.18/dist/index.js', { + headers: { + Referrer: '/en/enterprise/2.18', + }, + }) expect(result.statusCode).toBe(200) - expect(result.get('x-is-archived')).toBe('true') - expect(result.get('Content-Type')).toBe('application/javascript; charset=utf-8') + expect(result.headers['x-is-archived']).toBe('true') + expect(result.headers['content-type']).toBe('application/javascript; charset=utf-8') }) it('returns the expected JS file', async () => { - const result = await supertest(app) - .get('/javascripts/index.js') - .set('Referrer', '/en/enterprise/2.13') - + const result = await get('/javascripts/index.js', { + headers: { + Referrer: '/en/enterprise/2.13', + }, + }) expect(result.statusCode).toBe(200) - expect(result.get('x-is-archived')).toBe('true') - expect(result.get('Content-Type')).toBe('application/javascript; charset=utf-8') + expect(result.headers['x-is-archived']).toBe('true') + expect(result.headers['content-type']).toBe('application/javascript; charset=utf-8') }) it('returns the expected image', async () => { - const result = await supertest(app) - .get('/assets/images/octicons/hamburger.svg') - .set('Referrer', '/en/enterprise/2.17') - + const result = await get('/assets/images/octicons/hamburger.svg', { + headers: { + Referrer: '/en/enterprise/2.17', + }, + }) expect(result.statusCode).toBe(200) - expect(result.get('x-is-archived')).toBe('true') - expect(result.get('Content-Type')).toBe('image/svg+xml; charset=utf-8') + expect(result.headers['x-is-archived']).toBe('true') + expect(result.headers['content-type']).toBe('image/svg+xml; charset=utf-8') }) it('returns the expected node_modules', async () => { - const result = await supertest(app) - .get('/node_modules/instantsearch.js/dist/instantsearch.production.min.js') - .set('Referrer', '/en/enterprise/2.17') - + const result = await get( + '/node_modules/instantsearch.js/dist/instantsearch.production.min.js', + { + headers: { + Referrer: '/en/enterprise/2.17', + }, + } + ) expect(result.statusCode).toBe(200) - expect(result.get('x-is-archived')).toBe('true') - expect(result.get('Content-Type')).toBe('application/javascript; charset=utf-8') + expect(result.headers['x-is-archived']).toBe('true') + expect(result.headers['content-type']).toBe('application/javascript; charset=utf-8') }) it('returns the expected favicon', async () => { - const result = await supertest(app) - .get('/assets/images/site/favicon.svg') - .set('Referrer', '/en/enterprise/2.18') - + const result = await get('/assets/images/site/favicon.svg', { + headers: { + Referrer: '/en/enterprise/2.18', + }, + }) expect(result.statusCode).toBe(200) - expect(result.get('x-is-archived')).toBe('true') - expect(result.get('Content-Type')).toBe('image/svg+xml; charset=utf-8') + expect(result.headers['x-is-archived']).toBe('true') + expect(result.headers['content-type']).toBe('image/svg+xml; charset=utf-8') }) it('returns the expected CSS file ( <2.13 )', async () => { - const result = await supertest(app) - .get('/assets/stylesheets/application.css') - .set('Referrer', '/en/enterprise/2.12') - + const result = await get('/assets/stylesheets/application.css', { + headers: { + Referrer: '/en/enterprise/2.12', + }, + }) expect(result.statusCode).toBe(200) - expect(result.get('x-is-archived')).toBe('true') - expect(result.get('Content-Type')).toBe('text/css; charset=utf-8') + expect(result.headers['x-is-archived']).toBe('true') + expect(result.headers['content-type']).toBe('text/css; charset=utf-8') }) it('ignores invalid paths', async () => { - const result = await supertest(app) - .get('/pizza/index.css') - .set('Referrer', '/en/enterprise/2.13') - + const result = await get('/pizza/index.css', { + headers: { + Referrer: '/en/enterprise/2.13', + }, + }) expect(result.statusCode).toBe(404) - expect(result.get('x-is-archived')).toBeUndefined() + expect(result.headers['x-is-archived']).toBeUndefined() }) }) diff --git a/tests/routing/developer-site-redirects.js b/tests/routing/developer-site-redirects.js index ecb97dbe23..1deca75652 100644 --- a/tests/routing/developer-site-redirects.js +++ b/tests/routing/developer-site-redirects.js @@ -1,7 +1,7 @@ import { jest } from '@jest/globals' import path from 'path' import enterpriseServerReleases from '../../lib/enterprise-server-releases.js' -import { get } from '../helpers/supertest.js' +import { get } from '../helpers/e2etest.js' import readJsonFile from '../../lib/read-json-file.js' jest.useFakeTimers('legacy') @@ -27,7 +27,7 @@ describe('developer redirects', () => { test('graphql enterprise homepage', async () => { const res = await get('/enterprise/v4', { followAllRedirects: true }) expect(res.statusCode).toBe(200) - const finalPath = new URL(res.request.url).pathname + const finalPath = new URL(res.url).pathname const expectedFinalPath = `/en/enterprise-server@${enterpriseServerReleases.latest}/graphql` expect(finalPath).toBe(expectedFinalPath) }) @@ -41,7 +41,7 @@ describe('developer redirects', () => { const enterpriseRes = await get(`/enterprise${oldPath}`, { followAllRedirects: true }) expect(enterpriseRes.statusCode).toBe(200) - const finalPath = new URL(enterpriseRes.request.url).pathname + const finalPath = new URL(enterpriseRes.url).pathname const expectedFinalPath = path.join( '/', `enterprise-server@${enterpriseServerReleases.latest}`, diff --git a/tests/routing/language-code-redirects.js b/tests/routing/language-code-redirects.js index 492bb61370..585d2f3701 100644 --- a/tests/routing/language-code-redirects.js +++ b/tests/routing/language-code-redirects.js @@ -1,28 +1,27 @@ -import { get } from '../helpers/supertest.js' import { jest } from '@jest/globals' +import { get } from '../helpers/e2etest.js' + describe('language code redirects', () => { jest.setTimeout(5 * 60 * 1000) test('redirects accidental /jp* requests to /ja*', async () => { - let $ - $ = await get('/jp', { dom: false }) - expect($.res.statusCode).toBe(301) - expect($.res.headers.location).toBe('/ja') + let res = await get('/jp') + expect(res.statusCode).toBe(301) + expect(res.headers.location).toBe('/ja') - $ = await get('/jp/articles/about-your-personal-dashboard', { dom: false }) - expect($.res.statusCode).toBe(301) - expect($.res.headers.location).toBe('/ja/articles/about-your-personal-dashboard') + res = await get('/jp/articles/about-your-personal-dashboard') + expect(res.statusCode).toBe(301) + expect(res.headers.location).toBe('/ja/articles/about-your-personal-dashboard') }) test('redirects accidental /zh-CN* requests to /cn*', async () => { - let $ - $ = await get('/zh-CN', { dom: false }) - expect($.res.statusCode).toBe(301) - expect($.res.headers.location).toBe('/cn') + let res = await get('/zh-CN') + expect(res.statusCode).toBe(301) + expect(res.headers.location).toBe('/cn') - $ = await get('/zh-TW/articles/about-your-personal-dashboard', { dom: false }) - expect($.res.statusCode).toBe(301) - expect($.res.headers.location).toBe('/cn/articles/about-your-personal-dashboard') + res = await get('/zh-TW/articles/about-your-personal-dashboard') + expect(res.statusCode).toBe(301) + expect(res.headers.location).toBe('/cn/articles/about-your-personal-dashboard') }) }) diff --git a/tests/routing/redirects.js b/tests/routing/redirects.js index 46ecd5c671..23f4ed7661 100644 --- a/tests/routing/redirects.js +++ b/tests/routing/redirects.js @@ -1,13 +1,11 @@ import { fileURLToPath } from 'url' import path from 'path' import { isPlainObject } from 'lodash-es' -import supertest from 'supertest' import { jest } from '@jest/globals' -import createApp from '../../lib/app.js' import enterpriseServerReleases from '../../lib/enterprise-server-releases.js' import Page from '../../lib/page.js' -import { get } from '../helpers/supertest.js' +import { get, head } from '../helpers/e2etest.js' import versionSatisfiesRange from '../../lib/version-satisfies-range.js' import { PREFERRED_LOCALE_COOKIE_NAME } from '../../middleware/detect-language.js' @@ -114,7 +112,7 @@ describe('redirects', () => { }) test('are redirected for HEAD requests (not just GET requests)', async () => { - const res = await supertest(createApp()).head('/articles/closing-issues-via-commit-messages/') + const res = await head('/articles/closing-issues-via-commit-messages/') expect(res.statusCode).toBe(301) expect(res.headers.location).toBe('/articles/closing-issues-via-commit-messages') }) @@ -179,14 +177,14 @@ describe('redirects', () => { '/desktop/contributing-and-collaborating-using-github-desktop/working-with-your-remote-repository-on-github-or-github-enterprise/changing-a-remotes-url-from-github-desktop' test('redirect_from for renamed pages', async () => { - const { res } = await get(`/ja${redirectFrom}`) + const res = await get(`/ja${redirectFrom}`) expect(res.statusCode).toBe(301) const expected = `/ja${redirectTo}` expect(res.headers.location).toBe(expected) }) test('redirect_from for renamed pages by Accept-Language header', async () => { - const { res } = await get(redirectFrom, { + const res = await get(redirectFrom, { headers: { 'Accept-Language': 'ja', }, @@ -198,7 +196,7 @@ describe('redirects', () => { }) test('redirect_from for renamed pages but ignore Accept-Language header if not recognized', async () => { - const { res } = await get(redirectFrom, { + const res = await get(redirectFrom, { headers: { // None of these are recognized 'Accept-Language': 'sv,fr,gr', @@ -211,7 +209,7 @@ describe('redirects', () => { }) test('redirect_from for renamed pages but ignore unrecognized Accept-Language header values', async () => { - const { res } = await get(redirectFrom, { + const res = await get(redirectFrom, { headers: { // Only the last one is recognized 'Accept-Language': 'sv,ja', @@ -224,7 +222,7 @@ describe('redirects', () => { }) test('will inject the preferred language from cookie', async () => { - const { res } = await get(redirectFrom, { + const res = await get(redirectFrom, { headers: { Cookie: `${PREFERRED_LOCALE_COOKIE_NAME}=ja`, 'Accept-Language': 'es', // note how this is going to be ignored diff --git a/tests/routing/release-notes.js b/tests/routing/release-notes.js index 39e26b9dda..18598d81e8 100644 --- a/tests/routing/release-notes.js +++ b/tests/routing/release-notes.js @@ -1,7 +1,7 @@ import { jest } from '@jest/globals' import nock from 'nock' -import { get, getDOM } from '../helpers/supertest.js' +import { get, getDOM } from '../helpers/e2etest.js' import enterpriseServerReleases from '../../lib/enterprise-server-releases.js' jest.useFakeTimers('legacy') diff --git a/tests/routing/remote-ip.js b/tests/routing/remote-ip.js index 2a2878e3f0..79a964ba3a 100644 --- a/tests/routing/remote-ip.js +++ b/tests/routing/remote-ip.js @@ -1,4 +1,4 @@ -import { get } from '../helpers/supertest.js' +import { get } from '../helpers/e2etest.js' import { expect, jest } from '@jest/globals' describe('remote ip debugging', () => { diff --git a/tests/routing/top-developer-site-path-redirects.js b/tests/routing/top-developer-site-path-redirects.js index 2f971acf1b..8a09d15f94 100644 --- a/tests/routing/top-developer-site-path-redirects.js +++ b/tests/routing/top-developer-site-path-redirects.js @@ -1,6 +1,7 @@ -import { head } from '../helpers/supertest.js' import { jest } from '@jest/globals' +import { head } from '../helpers/e2etest.js' + jest.useFakeTimers('legacy') describe('developer.github.com redirects', () => { diff --git a/tests/rendering/events.js b/tests/unit/events.js similarity index 100% rename from tests/rendering/events.js rename to tests/unit/events.js diff --git a/tests/rendering/octicon.js b/tests/unit/octicon.js similarity index 100% rename from tests/rendering/octicon.js rename to tests/unit/octicon.js diff --git a/tests/unit/static-assets.js b/tests/unit/static-assets.js new file mode 100644 index 0000000000..a138d0429f --- /dev/null +++ b/tests/unit/static-assets.js @@ -0,0 +1,101 @@ +import nock from 'nock' +import { expect, jest } from '@jest/globals' + +import { get } from '../helpers/supertest.js' +import { checkCachingHeaders } from '../helpers/caching-headers.js' + +describe('archived enterprise static assets', () => { + // Sometimes static assets are proxied. The URL for the static asset + // might not indicate it's based on archived enterprise version. + + jest.setTimeout(60 * 1000) + + beforeAll(async () => { + // The first page load takes a long time so let's get it out of the way in + // advance to call out that problem specifically rather than misleadingly + // attributing it to the first test + // await get('/') + + const sampleCSS = '/* nice CSS */' + + nock('https://github.github.com') + .get('/help-docs-archived-enterprise-versions/2.21/_next/static/foo.css') + .reply(200, sampleCSS, { + 'content-type': 'text/css', + 'content-length': sampleCSS.length, + }) + nock('https://github.github.com') + .get('/help-docs-archived-enterprise-versions/2.21/_next/static/only-on-proxy.css') + .reply(200, sampleCSS, { + 'content-type': 'text/css', + 'content-length': sampleCSS.length, + }) + nock('https://github.github.com') + .get('/help-docs-archived-enterprise-versions/2.3/_next/static/only-on-2.3.css') + .reply(200, sampleCSS, { + 'content-type': 'text/css', + 'content-length': sampleCSS.length, + }) + nock('https://github.github.com') + .get('/help-docs-archived-enterprise-versions/2.3/_next/static/fourofour.css') + .reply(404, 'Not found', { + 'content-type': 'text/plain', + }) + nock('https://github.github.com') + .get('/help-docs-archived-enterprise-versions/2.3/assets/images/site/logo.png') + .reply(404, 'Not found', { + 'content-type': 'text/plain', + }) + }) + + afterAll(() => nock.cleanAll()) + + it('should proxy if the static asset is prefixed', async () => { + const res = await get('/enterprise/2.21/_next/static/foo.css', { + headers: { + Referrer: '/enterprise/2.21', + }, + }) + expect(res.statusCode).toBe(200) + checkCachingHeaders(res, true, 60) + }) + it('should proxy if the Referrer header indicates so', async () => { + const res = await get('/_next/static/only-on-proxy.css', { + headers: { + Referrer: '/enterprise/2.21', + }, + }) + expect(res.statusCode).toBe(200) + checkCachingHeaders(res, true, 60) + }) + it('should proxy if the Referrer header indicates so', async () => { + const res = await get('/_next/static/only-on-2.3.css', { + headers: { + Referrer: '/en/enterprise-server@2.3/some/page', + }, + }) + expect(res.statusCode).toBe(200) + checkCachingHeaders(res, true, 60) + }) + it('might still 404 even with the right referrer', async () => { + const res = await get('/_next/static/fourofour.css', { + headers: { + Referrer: '/en/enterprise-server@2.3/some/page', + }, + }) + expect(res.statusCode).toBe(404) + checkCachingHeaders(res, true, 60) + }) + + it('404 on the proxy but actually present here', async () => { + const res = await get('/assets/images/site/logo.png', { + headers: { + Referrer: '/en/enterprise-server@2.3/some/page', + }, + }) + // It tried to go via the proxy, but it wasn't there, but then it + // tried "our disk" and it's eventually there. + expect(res.statusCode).toBe(200) + checkCachingHeaders(res, true, 60) + }) +}) diff --git a/translations/es-ES/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md b/translations/es-ES/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md index 286b7b089f..066ef4eb97 100644 --- a/translations/es-ES/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md +++ b/translations/es-ES/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md @@ -134,7 +134,7 @@ Email notifications from {% data variables.product.product_location %} contain t | `To` field | This field connects directly to the thread.{% ifversion not ghae %} If you reply to the email, you'll add a new comment to the conversation.{% endif %} | | `Cc` address | {% data variables.product.product_name %} will `Cc` you if you're subscribed to a conversation. The second `Cc` email address matches the notification reason. The suffix for these notification reasons is {% data variables.notifications.cc_address %}. The possible notification reasons are:
  • `assign`: You were assigned to an issue or pull request.
  • `author`: You created an issue or pull request.
  • `ci_activity`: A {% data variables.product.prodname_actions %} workflow run that you triggered was completed.
  • `comment`: You commented on an issue or pull request.
  • `manual`: There was an update to an issue or pull request you manually subscribed to.
  • `mention`: You were mentioned on an issue or pull request.
  • `push`: Someone committed to a pull request you're subscribed to.
  • `review_requested`: You or a team you're a member of was requested to review a pull request.
    • {% ifversion fpt or ghes or ghae-issue-4864 or ghec %}
  • `security_alert`: {% data variables.product.prodname_dotcom %} detected a vulnerability in a repository you receive alerts for.
    • {% endif %}
  • `state_change`: An issue or pull request you're subscribed to was either closed or opened.
  • `subscribed`: There was an update in a repository you're watching.
  • `team_mention`: A team you belong to was mentioned on an issue or pull request.
  • `your_activity`: You opened, commented on, or closed an issue or pull request.
| | `mailing list` field | This field identifies the name of the repository and its owner. The format of this address is always `..{% data variables.command_line.backticks %}`. |{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} -| `X-GitHub-Severity` field | {% data reusables.repositories.security-alerts-x-github-severity %} The possible severity levels are:
  • `low`
  • `moderate`
  • `high`
  • `critical`
For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." |{% endif %} +| `X-GitHub-Severity` field | {% data reusables.repositories.security-alerts-x-github-severity %} The possible severity levels are:
  • `low`
  • `moderate`
  • `high`
  • `critical`
For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." |{% endif %} ## Choosing your notification settings diff --git a/translations/es-ES/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md b/translations/es-ES/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md index 0b8710d460..321b39c1ca 100644 --- a/translations/es-ES/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md +++ b/translations/es-ES/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md @@ -173,7 +173,7 @@ If you use {% data variables.product.prodname_dependabot %} to keep your depende - `reason:security_alert` to show notifications for {% data variables.product.prodname_dependabot_alerts %} and security update pull requests. - `author:app/dependabot` to show notifications generated by {% data variables.product.prodname_dependabot %}. This includes {% data variables.product.prodname_dependabot_alerts %}, security update pull requests, and version update pull requests. -For more information about {% data variables.product.prodname_dependabot %}, see "[About managing vulnerable dependencies](/github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies)." +For more information about {% data variables.product.prodname_dependabot %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." {% endif %} {% ifversion ghes < 3.3 or ghae-issue-4864 %} @@ -182,7 +182,7 @@ If you use {% data variables.product.prodname_dependabot %} to tell you about vu - `is:repository_vulnerability_alert` - `reason:security_alert` -For more information about {% data variables.product.prodname_dependabot %}, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +For more information about {% data variables.product.prodname_dependabot %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." {% endif %} {% endif %} diff --git a/translations/es-ES/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md b/translations/es-ES/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md index ec1dab67f4..eda7a7fcba 100644 --- a/translations/es-ES/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md +++ b/translations/es-ES/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md @@ -49,5 +49,5 @@ For an overview of repository-level security, see "[Securing your repository](/c ## Further reading - "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" -- "[Managing vulnerabilities in your project's dependencies](/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies)" +- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" - "[Keeping your dependencies updated automatically](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically)" diff --git a/translations/es-ES/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md b/translations/es-ES/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md index fadc98773a..e9b90a2b10 100644 --- a/translations/es-ES/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md +++ b/translations/es-ES/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md @@ -45,7 +45,7 @@ The repository owner has full control of the repository. In addition to the acti | Customize the repository's social media preview | "[Customizing your repository's social media preview](/github/administering-a-repository/customizing-your-repositorys-social-media-preview)" | | Create a template from the repository | "[Creating a template repository](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)" |{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} | Control access to {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies | "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)" |{% endif %}{% ifversion fpt or ghec %} -| Dismiss {% data variables.product.prodname_dependabot_alerts %} in the repository | "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" | +| Dismiss {% data variables.product.prodname_dependabot_alerts %} in the repository | "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" | | Manage data use for a private repository | "[Managing data use settings for your private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)"|{% endif %} | Define code owners for the repository | "[About code owners](/github/creating-cloning-and-archiving-repositories/about-code-owners)" | | Archive the repository | "[Archiving repositories](/repositories/archiving-a-github-repository/archiving-repositories)" |{% ifversion fpt or ghec %} diff --git a/translations/es-ES/content/actions/creating-actions/creating-a-javascript-action.md b/translations/es-ES/content/actions/creating-actions/creating-a-javascript-action.md index 693a37adeb..33d0fda72e 100644 --- a/translations/es-ES/content/actions/creating-actions/creating-a-javascript-action.md +++ b/translations/es-ES/content/actions/creating-actions/creating-a-javascript-action.md @@ -263,6 +263,6 @@ jobs: ``` {% endraw %} -Desde tu repositorio, da clic en la pestaña de **Acciones** y selecciona la última ejecución de flujo de trabajo. Under **Jobs** or in the visualization graph, click **A job to say hello**. Deberías ver "Hello Mona the Octocat" o el nombre que usaste para la entrada `who-to-greet` y la marcación de hora impresa en el registro. +Desde tu repositorio, da clic en la pestaña de **Acciones** y selecciona la última ejecución de flujo de trabajo. Debajo de **Jobs** o en la gráfica de visualización, haz clic en **A job to say hello**. Deberías ver "Hello Mona the Octocat" o el nombre que usaste para la entrada `who-to-greet` y la marcación de hora impresa en el registro. ![Captura de pantalla del uso de tu acción en un flujo de trabajo](/assets/images/help/repository/javascript-action-workflow-run-updated-2.png) diff --git a/translations/es-ES/content/actions/hosting-your-own-runners/about-self-hosted-runners.md b/translations/es-ES/content/actions/hosting-your-own-runners/about-self-hosted-runners.md index f2904902c9..472e15ed55 100644 --- a/translations/es-ES/content/actions/hosting-your-own-runners/about-self-hosted-runners.md +++ b/translations/es-ES/content/actions/hosting-your-own-runners/about-self-hosted-runners.md @@ -133,16 +133,30 @@ Some extra configuration might be required to use actions from {% data variables ## Communication between self-hosted runners and {% data variables.product.product_name %} -The self-hosted runner polls {% data variables.product.product_name %} to retrieve application updates and to check if any jobs are queued for processing. The self-hosted runner uses a HTTPS _long poll_ that opens a connection to {% data variables.product.product_name %} for 50 seconds, and if no response is received, it then times out and creates a new long poll. The application must be running on the machine to accept and run {% data variables.product.prodname_actions %} jobs. +The self-hosted runner connects to {% data variables.product.product_name %} to receive job assignments and to download new versions of the runner application. The self-hosted runner uses an {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} _long poll_ that opens a connection to {% data variables.product.product_name %} for 50 seconds, and if no response is received, it then times out and creates a new long poll. The application must be running on the machine to accept and run {% data variables.product.prodname_actions %} jobs. {% data reusables.actions.self-hosted-runner-ports-protocols %} -{% data reusables.actions.self-hosted-runner-communications-for-ghae %} +{% ifversion fpt or ghec %} +Since the self-hosted runner opens a connection to {% data variables.product.product_location %}, you do not need to allow {% data variables.product.prodname_dotcom %} to make inbound connections to your self-hosted runner. +{% elsif ghes or ghae %} +Only an outbound connection from the runner to {% data variables.product.product_location %} is required. There is no need for an inbound connection from {% data variables.product.product_location %} to the runner. +{%- endif %} + +{% ifversion ghes %} + +{% data variables.product.product_name %} must accept inbound connections from your runners over {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} at {% data variables.product.product_location %}'s hostname and API subdomain, and your runners must allow outbound connections over {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} to {% data variables.product.product_location %}'s hostname and API subdomain. + +{% elsif ghae %} + +You must ensure that the self-hosted runner has appropriate network access to communicate with your {% data variables.product.product_name %} URL and its subdomains. For example, if your subdomain for {% data variables.product.product_name %} is `octoghae`, then you will need to allow the self-hosted runner to access `octoghae.githubenterprise.com`, `api.octoghae.githubenterprise.com`, and `codeload.octoghae.githubenterprise.com`. + +If you use an IP address allow list, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)." + +{% endif %} {% ifversion fpt or ghec %} -Since the self-hosted runner opens a connection to {% data variables.product.prodname_dotcom %}, you do not need to allow {% data variables.product.prodname_dotcom %} to make inbound connections to your self-hosted runner. - You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} hosts listed below. Some hosts are required for essential runner operations, while other hosts are only required for certain functionality. {% note %} @@ -191,27 +205,25 @@ If you use an IP address allow list for your {% data variables.product.prodname_ {% else %} -You must ensure that the machine has the appropriate network access to communicate with {% data variables.product.product_location %}.{% ifversion ghes %} Self-hosted runners connect directly to {% data variables.product.product_location %} and do not require any external internet access in order to function. As a result, you can use network routing to direct communication between the self-hosted runner and {% data variables.product.product_location %}. For example, you can assign a private IP address to your self-hosted runner and configure routing to send traffic to {% data variables.product.product_location %}, with no need for traffic to traverse a public network.{% endif %} +{% ifversion ghes %}Self-hosted runners do not require any external internet access in order to function. As a result, you can use network routing to direct communication between the self-hosted runner and {% data variables.product.product_location %}. For example, you can assign a private IP address to your self-hosted runner and configure routing to send traffic to {% data variables.product.product_location %}, with no need for traffic to traverse a public network.{% endif %} {% endif %} +{% ifversion ghae %} +If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)." +{% endif %} + You can also use self-hosted runners with a proxy server. For more information, see "[Using a proxy server with self-hosted runners](/actions/automating-your-workflow-with-github-actions/using-a-proxy-server-with-self-hosted-runners)." For more information about troubleshooting common network connectivity issues, see "[Monitoring and troubleshooting self-hosted runners](/actions/hosting-your-own-runners/monitoring-and-troubleshooting-self-hosted-runners#troubleshooting-network-connectivity)." -{% ifversion ghes %} +{% ifversion ghes or ghae %} ## Communication between self-hosted runners and {% data variables.product.prodname_dotcom_the_website %} -Self-hosted runners do not need to connect to {% data variables.product.prodname_dotcom_the_website %} unless you have [enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect). +Self-hosted runners do not need to connect to {% data variables.product.prodname_dotcom_the_website %} unless you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions for {% data variables.product.product_location %}. For more information, see "[About using actions in your enterprise](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise)." -If you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}, then the self-hosted runner will connect directly to {% data variables.product.prodname_dotcom_the_website %} to download actions. You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} URLs listed below. - -{% note %} - -**Note:** Some of the domains listed below are configured using `CNAME` records. Some firewalls might require you to add rules recursively for all `CNAME` records. Note that the `CNAME` records might change in the future, and that only the domains listed below will remain constant. - -{% endnote %} +If you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions, then the self-hosted runner will connect directly to {% data variables.product.prodname_dotcom_the_website %} to download actions. You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} URLs listed below. ``` github.com @@ -219,6 +231,13 @@ api.github.com codeload.github.com ``` +{% note %} + +**Note:** Some of the domains listed above are configured using `CNAME` records. Some firewalls might require you to add rules recursively for all `CNAME` records. Note that the `CNAME` records might change in the future, and that only the domains listed above will remain constant. + +{% endnote %} + + {% endif %} ## Self-hosted runner security diff --git a/translations/es-ES/content/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service.md b/translations/es-ES/content/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service.md index 3a13506466..27d41fffa7 100644 --- a/translations/es-ES/content/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service.md +++ b/translations/es-ES/content/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service.md @@ -78,7 +78,7 @@ Puedes administrar el servicio de ejecutor en la aplicación de **Servicios** de ``` {% endmac %} -The command takes an optional `user` argument to install the service as a different user. +El comando toma un argumento de `user` opcional para instalar el servicio como un usuario diferente. ```shell ./svc.sh install --user USERNAME diff --git a/translations/es-ES/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md b/translations/es-ES/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md index cf04803576..827d0d646c 100644 --- a/translations/es-ES/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md +++ b/translations/es-ES/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md @@ -9,7 +9,7 @@ versions: ghae: '*' ghec: '*' type: tutorial -shortTitle: Manage access to runners +shortTitle: Administrar el acceso a los ejecutores --- {% data reusables.actions.enterprise-beta %} @@ -32,10 +32,10 @@ Si utilizas {% endif %} {% ifversion ghec or ghes or ghae %} -Los grupos de ejecutores auto-hospedados se utilizan para controlar el acceso a los ejecutores auto-hospedados a nivel de empresas y organizaciones. Enterprise owners can configure access policies that control which organizations -{% if restrict-groups-to-workflows %}and workflows {% endif %}in an enterprise have access to the runner group. Organization owners can configure access policies that control which repositories{% if restrict-groups-to-workflows %} and workflows{% endif %} in an organization have access to the runner group. +Los grupos de ejecutores auto-hospedados se utilizan para controlar el acceso a los ejecutores auto-hospedados a nivel de empresas y organizaciones. Los propietarios de empresas pueden configurar políticas de acceso que controlan qué organizaciones +{% if restrict-groups-to-workflows %}y flujos de trabajo {% endif %}en una empresa tienen acceso al grupo de ejecutores. Los propietarios de las organizaciones pueden configurar las políticas de acceso que controlan qué repositorios{% if restrict-groups-to-workflows %} y flujos de trabajo{% endif %} en una organización tienen aceso al grupo de ejecutores. -When an enterprise owner grants an organization access to a runner group, organization owners can see the runner group listed in the organization's self-hosted runner settings. The organization owners can then assign additional granular repository{% if restrict-groups-to-workflows %} and workflow{% endif %} access policies to the enterprise runner group. +Cuando un propietario de empresa otorga un acceso organizacional a un grupo de ejecutores, los propietarios de organizaciones pueden verlo listado en los ajustes del ejecutor auto-hospedado de la organización. Los propietarios organizacionales pueden entonces asignar políticas de acceso adicionales y granulares para los repositorios{% if restrict-groups-to-workflows %} y flujos de trabajo{% endif %} al grupo ejecutor de la empresa. Cuando se crean nuevos ejecutores, se asignan automáticamente al grupo predeterminado. Los ejecutores solo pueden estar en un grupo a la vez. Puedes mover los ejecutores del grupo predeterminado a otro grupo. Para obtener más información, consulta la sección "[Mover un ejecutor auto-hospedado a un grupo](#moving-a-self-hosted-runner-to-a-group)". @@ -45,14 +45,14 @@ Todas las organizaciones tienen un solo grupo predeterminado de ejecutores auto- Los ejecutores auto-hospedados se asignan automáticamente al grupo predeterminado cuando se crean y solo pueden ser mimebros de un grupo a la vez. Puedes mover un ejecutor del grupo predeterminado a cualquier grupo que crees. -When creating a group, you must choose a policy that defines which repositories{% if restrict-groups-to-workflows %} and workflows{% endif %} have access to the runner group. +Cuando creas un grupo, debes elegir la política que define qué reositorios{% if restrict-groups-to-workflows %} y flujos de trabajo{% endif %} tienen acceso al grupo ejecutor. {% ifversion ghec or ghes > 3.3 or ghae-issue-5091 %} {% data reusables.organizations.navigate-to-org %} {% data reusables.organizations.org_settings %} {% data reusables.actions.settings-sidebar-actions-runner-groups %} 1. En la sección de "Grupos de ejecutores", haz clic en **Grupo de ejecutores nuevo**. -1. Enter a name for your runner group. +1. Ingresa un nombre para tu grupo ejecutor. {% data reusables.actions.runner-group-assign-policy-repo %} {% warning %} @@ -62,7 +62,7 @@ When creating a group, you must choose a policy that defines which repositories{ Para obtener más información, consulta "[Acerca de los ejecutores autoalojados](/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories)." {% endwarning %} -{% data reusables.actions.runner-group-assign-policy-workflow %}{%- if restrict-groups-to-workflows %} Organization-owned runner groups cannot access workflows from a different organization in the enterprise; instead, you must create an enterprise-owned runner group.{% endif %} +{% data reusables.actions.runner-group-assign-policy-workflow %}{%- if restrict-groups-to-workflows %}Los grupos ejecutores que pertenecen a las organizaciones no pueden acceder a los flujos de trabajo de una organización diferente en la empresa. En vez de esto, debes crear un grupo de ejecutores que pertenezca a la empresa.{% endif %} {% data reusables.actions.self-hosted-runner-create-group %} {% elsif ghae or ghes < 3.4 %} {% data reusables.organizations.navigate-to-org %} @@ -73,12 +73,12 @@ When creating a group, you must choose a policy that defines which repositories{ ![Agregar un grupo de ejecutores](/assets/images/help/settings/actions-org-add-runner-group.png) 1. Ingresa un nombre para tu grupo de ejecutores y asigna una política para el acceso al repositorio. - You can configure a runner group to be accessible to a specific list of repositories, or to all repositories in the organization.{% ifversion ghec or ghes %} By default, only private repositories can access runners in a runner group, but you can override this. Esta configuración no puede anularse si se configura un grupo ejecutor de la organización que haya compartido una empresa.{% endif %} + Puedes configurar un grupo de ejecutores para que sea accesible a una lista específica de repositorios o a todos ellos en la organización.{% ifversion ghec or ghes %} Predeterminadamente, solo los repositorios privados pueden acceder a los ejecutores en un grupo ejecutor. Pero esto se puede anular. Esta configuración no puede anularse si se configura un grupo ejecutor de la organización que haya compartido una empresa.{% endif %} {%- ifversion ghes %} {% warning %} - **Warning**: + **Advertencia**: {% indented_data_reference reusables.actions.self-hosted-runner-security spaces=3 %} @@ -93,19 +93,19 @@ When creating a group, you must choose a policy that defines which repositories{ ## Crear un grupo de ejecutores auto-hospedados para una empresa -Las empresas pueden agregar sus ejecutores auto-hospedados a grupos para su administración de accesos. Enterprises can create groups of self-hosted runners that are accessible to specific organizations in the enterprise account{% if restrict-groups-to-workflows %} or to specific workflows{% endif %}. Organization owners can then assign additional granular repository{% if restrict-groups-to-workflows %} or workflow{% endif %} access policies to the enterprise runner groups. Para obtener más información sobre cómo crear un grupo de ejecutores auto-hospedados con la API de REST, consulta las terminales empresariales en la [API de REST de {% data variables.product.prodname_actions %}](/rest/reference/actions#self-hosted-runner-groups). +Las empresas pueden agregar sus ejecutores auto-hospedados a grupos para su administración de accesos. Las empresas pueden crear grupos de ejecutores auto-hospedados que son accesibles para organizaciones específicas en la cuenta empresarial{% if restrict-groups-to-workflows %} o para flujos de trabajo específicos{% endif %}. Los propietarios de organizaciones pueden entonces asignar políticas de acceso adicionales y granulares para los repositorios{% if restrict-groups-to-workflows %} o flujos de trabajo{% endif %} a los grupos de ejecutores empresariales. Para obtener más información sobre cómo crear un grupo de ejecutores auto-hospedados con la API de REST, consulta las terminales empresariales en la [API de REST de {% data variables.product.prodname_actions %}](/rest/reference/actions#self-hosted-runner-groups). Los ejecutores auto-hospedados se asignan automáticamente al grupo predeterminado cuando se crean y solo pueden ser mimebros de un grupo a la vez. Puedes asignar el ejecutor a un grupo específico durante el proceso de registro o puedes moverlo después desde el grupo predeterminado a un grupo personalizado. Cuando creas un grupo, debes elegir la política que defina qué organizaciones tienen acceso al grupo de ejecutores. {% data reusables.actions.self-hosted-runner-groups-add-to-enterprise-first-steps %} -1. To choose a policy for organization access, select the **Organization access** drop-down, and click a policy. You can configure a runner group to be accessible to a specific list of organizations, or all organizations in the enterprise.{% ifversion ghes %} By default, only private repositories can access runners in a runner group, but you can override this.{% endif %} +1. Para elegir una política para el acceso organizacional, selecciona el menú desplegable **Acceso organizacional** y haz clic en una política. Puedes configurar un grupo de ejecutores para que sea accesible a una lista de organizaciones específica o a todas las organizaciones en la empresa.{% ifversion ghes %} Predeterminadamente, solo los repositorios privados pueden acceder a los ejecutores en un grupo, pero esto se puede anular.{% endif %} {%- ifversion ghec or ghes %} {% warning %} - **Warning**: + **Advertencia**: {% indented_data_reference reusables.actions.self-hosted-runner-security spaces=3 %} @@ -127,19 +127,19 @@ Cuando creas un grupo, debes elegir la política que defina qué organizaciones ## Cambiar la política de acceso de un grupo de ejecutores auto-hospedados -For runner groups in an enterprise, you can change what organizations in the enterprise can access a runner group{% if restrict-groups-to-workflows %} or restrict what workflows a runner group can run{% endif %}. For runner groups in an organization, you can change what repositories in the organization can access a runner group{% if restrict-groups-to-workflows %} or restrict what workflows a runner group can run{% endif %}. +En el caso de los grupos de ejecutores en una empresa, puedes cambiar qué organizaciones dentro de ella pueden acceder a un grupo de ejecutores{% if restrict-groups-to-workflows %} o restringir qué flujos de trabajo puede ejecutar un grupo de ejecutores{% endif %}. En el caso de los grupos de ejecutores en una organización, puedes cambiar qué repositorios en ella pueden acceder a un grupo de ejecutores{% if restrict-groups-to-workflows %} o restringir qué flujos de trabajo puede ejecutar un grupo de ejecutores{% endif %}. -### Changing what organizations or repositories can access a runner group +### Cambiar qué organizaciones o repositorios pueden acceder a un grupo de ejecutores {% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5091 %} {% data reusables.actions.self-hosted-runner-groups-navigate-to-repo-org-enterprise %} {% data reusables.actions.settings-sidebar-actions-runner-groups-selection %} -1. For runner groups in an enterprise, under **Organization access**, modify what organizations can access the runner group. For runner groups in an organization, under **Repository access**, modify what repositories can access the runner group. +1. En el caso de los grupos de ejecutores en una empresa, debajo de **Acceso organizacional**, modifica qué organizaciones pueden acceder al grupo de ejecutores. En el caso de los grupos de ejecutores en una organización, debajo de **Acceso al repositorio**, modifica aquellos a los que puede acceder este grupo. {%- ifversion fpt or ghec or ghes %} {% warning %} - **Warning**: + **Advertencia**: {% indented_data_reference reusables.actions.self-hosted-runner-security spaces=3 %} @@ -152,32 +152,32 @@ For runner groups in an enterprise, you can change what organizations in the ent {% endif %} {% if restrict-groups-to-workflows %} -### Changing what workflows can access a runner group -You can configure a self-hosted runner group to run either selected workflows or all workflows. For example, you might use this setting to protect secrets that are stored on self-hosted runners or to standardize deployment workflows by restricting a runner group to run only a specific reusable workflow. This setting cannot be overridden if you are configuring an organization's runner group that was shared by an enterprise. +### Cambiar los flujos de trabajo a los cuales puede acceder un grupo de ejecutores +Puedes configurar un grupo de ejecutores auto-hospedado para que ejecute ya sea flujos selectos o todos ellos. Por ejemplo, podrías utilizar este ajuste para proteger secretos almacenados en los ejecutores auto-hospedados o estandarizar los flujos de trabajo de despliegue restringiendo un grupo de ellos para que ejecute solo un flujo de trabajo reutilizable específico. Este ajuste no se puede anular si estás configurando un grupo de ejecutores de una organización que haya compartido una empresa. {% data reusables.actions.self-hosted-runner-groups-navigate-to-repo-org-enterprise %} {% data reusables.actions.settings-sidebar-actions-runner-groups-selection %} -1. Under **Workflow access**, select the dropdown menu and click **Selected workflows**. +1. Debajo de **Acceso al flujo de trabajo**, selecciona el menú desplegable y haz clic en **Flujos de trabajo selectos**. 1. Da clic en {% octicon "gear" aria-label="the gear icon" %}. -1. Enter a comma separated list of the workflows that can access the runner group. Use the full path, including the repository name and owner. Pin the workflow to a branch, tag, or full SHA. For example: `octo-org/octo-repo/.github/workflows/build.yml@v2, octo-org/octo-repo/.github/workflows/deploy.yml@d6dc6c96df4f32fa27b039f2084f576ed2c5c2a5, monalisa/octo-test/.github/workflows/test.yml@main`. +1. Ingresa una lista separada por comas de los flujos de trabajo que pueden acceder al grupo de ejecutores. Utiliza la ruta completa, incluyendo el nombre y propietario del repositorio. Fija el flujo de trabajo a una rama, etiqueta o SHA completo. Por ejemplo: `octo-org/octo-repo/.github/workflows/build.yml@v2, octo-org/octo-repo/.github/workflows/deploy.yml@d6dc6c96df4f32fa27b039f2084f576ed2c5c2a5, monalisa/octo-test/.github/workflows/test.yml@main`. - Only jobs directly defined within the selected workflows will have access to the runner group. + Solo los jobs que se definan directamente dentro de los flujos de trabajo seleccionados tendrán acceso al grupo de ejecutores. - Organization-owned runner groups cannot access workflows from a different organization in the enterprise; instead, you must create an enterprise-owned runner group. + Los grupos de ejecutores que pertenecen a la organización no pueden acceder a los flujos de trabajo de otra organización de la empresa; en vez de esto, debes crear un grupo de ejecutores que pertenezca a la empresa. 1. Haz clic en **Save ** (guardar). {% endif %} -## Changing the name of a runner group +## Cambiar el nombre de un grupo de ejectuores {% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5091 %} {% data reusables.actions.self-hosted-runner-groups-navigate-to-repo-org-enterprise %} {% data reusables.actions.settings-sidebar-actions-runner-groups-selection %} -1. Change the runner group name. +1. Cambia el nombre del grupo de ejecutores. {% elsif ghae or ghes < 3.4 %} {% data reusables.actions.self-hosted-runner-configure-runner-group %} -1. Change the runner group name. +1. Cambia el nombre del grupo de ejecutores. {% endif %} {% ifversion ghec or ghes or ghae %} @@ -202,7 +202,7 @@ Si no especificas un grupo de ejecutores durante el proceso de registro, tus eje {% data reusables.actions.self-hosted-runner-navigate-to-org-enterprise %} {% ifversion ghec or ghes > 3.3 or ghae-issue-5091 %} 1. En la lista de "Ejecutores", haz clic en aquél que quieras configurar. -2. Select the **Runner group** drop-down. +2. Selecciona el menú desplegable de **Grupo de ejecutores**. 3. En "Mover el ejecutor al grupo", elige un grupo destino para el ejecutor. {% elsif ghae or ghes < 3.4 %} 1. En la sección de {% ifversion ghes > 3.1 or ghae %}"Grupos de ejecutores"{% elsif ghes < 3.2 %}"Ejecutores auto-hospedados"{% endif %} de la página de ajustes, ubica al grupo actual del ejecutor que quieres mover y expande la lista de sus miembros. ![Ver los miembros de un grupo de ejecutores](/assets/images/help/settings/actions-org-runner-group-members.png) diff --git a/translations/es-ES/content/actions/learn-github-actions/contexts.md b/translations/es-ES/content/actions/learn-github-actions/contexts.md index 49589a9d93..560b8883c8 100644 --- a/translations/es-ES/content/actions/learn-github-actions/contexts.md +++ b/translations/es-ES/content/actions/learn-github-actions/contexts.md @@ -76,7 +76,7 @@ The following table indicates where each context and special function can be use | concurrency | github, inputs | | | env | github, secrets, inputs | | | jobs.<job_id>.concurrency | github, needs, strategy, matrix, inputs | | -| jobs.<job_id>.container | github, needs, strategy, matrix, secrets, inputs | | +| jobs.<job_id>.container | github, needs, strategy, matrix, env, secrets, inputs | | | jobs.<job_id>.container.credentials | github, needs, strategy, matrix, env, secrets, inputs | | | jobs.<job_id>.container.env.<env_id> | github, needs, strategy, matrix, job, runner, env, secrets, inputs | | | jobs.<job_id>.continue-on-error | github, needs, strategy, matrix, inputs | | diff --git a/translations/es-ES/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md b/translations/es-ES/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md index 92859bfeea..2ff201e822 100644 --- a/translations/es-ES/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md +++ b/translations/es-ES/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md @@ -1,6 +1,6 @@ --- title: Volver a ejecutar flujos de trabajo y jobs -intro: Puedes volver a ejecutar una ejecución de flujo de trabajo hasta 30 días después de su ejecución inicial. +intro: 'You can re-run a workflow run{% if re-run-jobs %}, all failed jobs in a workflow run, or specific jobs in a workflow run{% endif %} up to 30 days after its initial run.' permissions: People with write permissions to a repository can re-run workflows in the repository. miniTocMaxHeadingLevel: 3 redirect_from: @@ -15,9 +15,11 @@ versions: {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -## Volver a ejecutar todos los jobs en un flujo de trabajo +## About re-running workflows and jobs -El volver a ejecutar un flujo de trabajo utiliza el mismo `GITHUB_SHA` (SHA de confirmación) y `GITHUB_REF` (ref de Git) del evento original que activó la ejecución de flujo de trabajo. Puedes volver a ejecutar un flujo de trabajo hasta por hasta 30 días después de la ejecución inicial. +Re-running a workflow{% if re-run-jobs %} or jobs in a workflow{% endif %} uses the same `GITHUB_SHA` (commit SHA) and `GITHUB_REF` (Git ref) of the original event that triggered the workflow run. You can re-run a workflow{% if re-run-jobs %} or jobs in a workflow{% endif %} for up to 30 days after the initial run. + +## Volver a ejecutar todos los jobs en un flujo de trabajo {% webui %} @@ -26,7 +28,9 @@ El volver a ejecutar un flujo de trabajo utiliza el mismo `GITHUB_SHA` (SHA de c {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} {% ifversion fpt or ghes > 3.2 or ghae-issue-4721 or ghec %} -1. En la esquina superior derecha del flujo de trabajo, utiliza el menú desplegable **Volver a ejecutar jobs** y selecciona **Volver a ejecutar todos los jobs** ![Menú desplegable de verificaciones de re-ejecución](/assets/images/help/repository/rerun-checks-drop-down.png) +1. En la esquina superior derecha del flujo de trabajo, utiliza el menú desplegable **Volver a ejecutar jobs** y selecciona **Volver a ejecutar todos los jobs**. + + If no jobs failed, you will not see the **Re-run jobs** drop-down menu. Instead, click **Re-run all jobs**. ![Menú desplegable de verificaciones de re-ejecución](/assets/images/help/repository/rerun-checks-drop-down.png) {% endif %} {% ifversion ghes < 3.3 or ghae %} 1. En la esquina superior derecha del flujo de trabajo, utiliza el menú desplegable **Volver a ejecutar jobs** y selecciona **Volver a ejecutar todos los jobs**. ![Volver a ejecutar el menú desplegable de verificaciones](/assets/images/help/repository/rerun-checks-drop-down-updated.png) @@ -52,8 +56,61 @@ gh run watch {% endcli %} +{% if re-run-jobs %} +## Re-running failed jobs in a workflow + +If any jobs in a workflow run failed, you can re-run just the jobs that failed. When you re-run failed jobs in a workflow, a new workflow run will start for all failed jobs and their dependents. Any outputs for any successful jobs in the previous workflow run will be used for the re-run. Any artifacts that were created in the initial run will be available in the re-run. Any environment protection rules that passed in the previous run will automatically pass in the re-run. + +{% webui %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.actions-tab %} +{% data reusables.repositories.navigate-to-workflow %} +{% data reusables.repositories.view-run %} +1. In the upper-right corner of the workflow, use the **Re-run jobs** drop-down menu, and select **Re-run failed jobs**. ![Re-run failed jobs drop-down menu](/assets/images/help/repository/rerun-failed-jobs-drop-down.png) + +{% endwebui %} + +{% cli %} + +To re-run failed jobs in a workflow run, use the `run rerun` subcommand with the `--failed` flag. Replace `run-id` with the ID of the run for which you want to re-run failed jobs. Si no especificas una `run-id`, {% data variables.product.prodname_cli %} devolverá un menú interactivo para que elijas una ejecución fallida reciente. + +```shell +gh run rerun run-id --failed +``` + +{% endcli %} + +## Re-running a specific job in a workflow + +When you re-run a specific job in a workflow, a new workflow run will start for the job and any dependents. Any outputs for any other jobs in the previous workflow run will be used for the re-run. Any artifacts that were created in the initial run will be available in the re-run. Any environment protection rules that passed in the previous run will automatically pass in the re-run. + +{% webui %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.actions-tab %} +{% data reusables.repositories.navigate-to-workflow %} +{% data reusables.repositories.view-run %} +1. Next to the job that you want to re-run, click {% octicon "sync" aria-label="The re-run icon" %}. ![Re-run selected job](/assets/images/help/repository/re-run-selected-job.png) + + Alternatively, click on a job to view the log. In the log, click {% octicon "sync" aria-label="The re-run icon" %}. ![Re-run selected job](/assets/images/help/repository/re-run-single-job-from-log.png) + +{% endwebui %} + +{% cli %} + +To re-run a specific job in a workflow run, use the `run rerun` subcommand with the `--job` flag. Replace `job-id` with the ID of the job that you want to re-run. + +```shell +gh run rerun --job job-id +``` + +{% endcli %} + +{% endif %} + {% ifversion fpt or ghes > 3.2 or ghae-issue-4721 or ghec %} -### Revisar las ejecuciones de flujo de trabajo anteriores +## Revisar las ejecuciones de flujo de trabajo anteriores Puedes ver los resultados desde tus intentos anteriores para ejecutar un flujo de trabajo. También puedes ver las ejecuciones de flujo de trabajo anteriores utilizando la API. Para obtener más información, consulta la sección "[Obtener una ejecución de flujo de trabajo](/rest/reference/actions#get-a-workflow-run)". @@ -61,7 +118,11 @@ Puedes ver los resultados desde tus intentos anteriores para ejecutar un flujo d {% data reusables.repositories.actions-tab %} {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} +{%- if re-run-jobs %} +1. Any previous run attempts are shown in the **Latest** drop-down menu. ![Previous run attempts](/assets/images/help/repository/previous-run-attempts.png) +{%- else %} 1. Cualquier intento de ejecución anterior se muestra en el panel izquierdo. ![Volver a ejecutar un flujo de trabajo](/assets/images/help/settings/actions-review-workflow-rerun.png) +{%- endif %} 1. Haz clic en una entrada para ver sus resultados. {% endif %} diff --git a/translations/es-ES/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md b/translations/es-ES/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md index 5c25ddf9a6..a721f757d0 100644 --- a/translations/es-ES/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md +++ b/translations/es-ES/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md @@ -62,6 +62,16 @@ Puedes descargar los archivos de bitácora desde tu ejecución de flujo de traba ![Menú desplegable para descargar registros](/assets/images/help/repository/download-logs-drop-down-updated-2.png) + {% if re-run-jobs %} + + {% note %} + + **Note**: When you download the log archive for a workflow that was partially re-run, the archive only includes the jobs that were re-run. To get a complete set of logs for jobs that were run from a workflow, you must download the log archives for the previous run attempts that ran the other jobs. + + {% endnote %} + + {% endif %} + ## Borrar bitácoras Puedes borrar los archivos de bitácora de tu ejecución de flujo de trabajo. {% data reusables.repositories.permissions-statement-write %} diff --git a/translations/es-ES/content/actions/publishing-packages/publishing-docker-images.md b/translations/es-ES/content/actions/publishing-packages/publishing-docker-images.md index f54f8528f3..29ae340dd4 100644 --- a/translations/es-ES/content/actions/publishing-packages/publishing-docker-images.md +++ b/translations/es-ES/content/actions/publishing-packages/publishing-docker-images.md @@ -131,7 +131,7 @@ Las opciones de `build-push-action` que se requieren para {% data variables.prod {% ifversion fpt or ghec %} {% data reusables.package_registry.publish-docker-image %} -El flujo de trabajo anterior se activa mediante una subida a la rama de "lanzamiento". Verifica el repositorio de GitHub y utiliza la `login-action` para ingresar en el {% data variables.product.prodname_container_registry %}. Luego extrae las etiquetas y marcas de la imagen de Docker. Finalmente, utiliza la acción `build-push-action` para crear la imagen y publicarla en el {% data variables.product.prodname_container_registry %}. +The above workflow is triggered by a push to the "release" branch. Verifica el repositorio de GitHub y utiliza la `login-action` para ingresar en el {% data variables.product.prodname_container_registry %}. Luego extrae las etiquetas y marcas de la imagen de Docker. Finalmente, utiliza la acción `build-push-action` para crear la imagen y publicarla en el {% data variables.product.prodname_container_registry %}. {% else %} ```yaml{:copy} diff --git a/translations/es-ES/content/actions/security-guides/automatic-token-authentication.md b/translations/es-ES/content/actions/security-guides/automatic-token-authentication.md index a6cdabb850..7399217ace 100644 --- a/translations/es-ES/content/actions/security-guides/automatic-token-authentication.md +++ b/translations/es-ES/content/actions/security-guides/automatic-token-authentication.md @@ -23,7 +23,7 @@ At the start of each workflow run, {% data variables.product.prodname_dotcom %} When you enable {% data variables.product.prodname_actions %}, {% data variables.product.prodname_dotcom %} installs a {% data variables.product.prodname_github_app %} on your repository. The `GITHUB_TOKEN` secret is a {% data variables.product.prodname_github_app %} installation access token. You can use the installation access token to authenticate on behalf of the {% data variables.product.prodname_github_app %} installed on your repository. The token's permissions are limited to the repository that contains your workflow. For more information, see "[Permissions for the `GITHUB_TOKEN`](#permissions-for-the-github_token)." -Before each job begins, {% data variables.product.prodname_dotcom %} fetches an installation access token for the job. The token expires when the job is finished. +Before each job begins, {% data variables.product.prodname_dotcom %} fetches an installation access token for the job. {% data reusables.actions.github-token-expiration %} The token is also available in the `github.token` context. For more information, see "[Contexts](/actions/learn-github-actions/contexts#github-context)." diff --git a/translations/es-ES/content/actions/security-guides/encrypted-secrets.md b/translations/es-ES/content/actions/security-guides/encrypted-secrets.md index 8edb2efe7d..745131560f 100644 --- a/translations/es-ES/content/actions/security-guides/encrypted-secrets.md +++ b/translations/es-ES/content/actions/security-guides/encrypted-secrets.md @@ -226,6 +226,10 @@ steps: ``` {% endraw %} +Secrets cannot be directly referenced in `if:` conditionals. Instead, consider setting secrets as job-level environment variables, then referencing the environment variables to conditionally run steps in the job. For more information, see "[Context availability](/actions/learn-github-actions/contexts#context-availability)" and [`jobs..steps[*].if`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsif). + +If a secret has not been set, the return value of an expression referencing the secret (such as {% raw %}`${{ secrets.SuperSecret }}`{% endraw %} in the example) will be an empty string. + Evita pasar secretos entre procesos desde la línea de comando, siempre que sea posible. Command-line processes may be visible to other users (using the `ps` command) or captured by [security audit events](https://docs.microsoft.com/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing). Para ayudar a proteger los secretos, considera usar variables de entorno, `STDIN` u otros mecanismos admitidos por el proceso de destino. Si debes pasar secretos dentro de una línea de comando, enciérralos usando las normas de uso de comillas adecuadas. Los secretos suelen contener caracteres especiales que pueden afectar involuntariamente a tu shell. Para evitar estos caracteres especiales, usa comillas en tus variables de entorno. Por ejemplo: diff --git a/translations/es-ES/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md b/translations/es-ES/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md index 2f707b7d52..b5c73e1c68 100644 --- a/translations/es-ES/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md +++ b/translations/es-ES/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md @@ -234,3 +234,11 @@ Por ejemplo, si una solicitud de cambios contiene una rama `feature` (el alcance ## Límites de uso y política de desalojo {% data variables.product.prodname_dotcom %} eliminará todas las entradas de caché a las que no se haya accedido en más de 7 días. There is no limit on the number of caches you can store, but the total size of all caches in a repository is limited to 10 GB. If you exceed this limit, {% data variables.product.prodname_dotcom %} will save your cache but will begin evicting caches until the total size is less than 10 GB. + +{% if actions-cache-management %} + +## Managing caches + +You can use the {% data variables.product.product_name %} REST API to manage your caches. At present, you can use the API to see your cache usage, with more functionality expected in future updates. For more information, see the "[Actions](/rest/reference/actions#cache)" REST API documentation. + +{% endif %} diff --git a/translations/es-ES/content/actions/using-workflows/workflow-commands-for-github-actions.md b/translations/es-ES/content/actions/using-workflows/workflow-commands-for-github-actions.md index 075ac683c5..f7d5b68915 100644 --- a/translations/es-ES/content/actions/using-workflows/workflow-commands-for-github-actions.md +++ b/translations/es-ES/content/actions/using-workflows/workflow-commands-for-github-actions.md @@ -2,6 +2,7 @@ title: Comandos de flujo de trabajo para Acciones de GitHub shortTitle: Comandos de flujo de trabajo intro: Puedes usar comandos de flujo de trabajo cuando ejecutas comandos de Shell en un flujo de trabajo o en el código de una acción. +defaultTool: bash redirect_from: - /articles/development-tools-for-github-actions - /github/automating-your-workflow-with-github-actions/development-tools-for-github-actions @@ -26,10 +27,24 @@ Las acciones pueden comunicarse con la máquina del ejecutor para establecer var La mayoría de los comandos de los flujos de trabajo utilizan el comando `echo` en un formato específico, mientras que otras se invocan si escribes a un archivo. Para obtener más información, consulta la sección ["Archivos de ambiente".](#environment-files) -``` bash +### Ejemplo + +{% bash %} + +```bash{:copy} echo ":: Workflow-Command Parameter1 ={data}, parameter2 ={data}::{command value}" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::workflow-command parameter1={data},parameter2={data}::{command value}" +``` + +{% endpowershell %} + {% note %} **Nota:** los nombres de comandos y parámetros de flujo de trabajo no distinguen mayúsculas de minúsculas. @@ -46,14 +61,18 @@ echo ":: Workflow-Command Parameter1 ={data}, parameter2 ={data}::{command value El [actions/toolkit](https://github.com/actions/toolkit) incluye varias funciones que se pueden ejecutar como comandos de flujo de trabajo. Utiliza la sintaxis `::` para ejecutar los comandos de flujo de trabajo dentro de tu archivo YAML; estos comandos se envían entonces a través de `stdout`. Por ejemplo, en vez de utilizar código para configurar una salida, como se muestra aquí: -```javascript +```javascript{:copy} core.setOutput('SELECTED_COLOR', 'green'); ``` +### Example: Setting a value + Puedes utilizar el comando `set-output` en tu flujo de trabajo para configurar el mismo valor: +{% bash %} + {% raw %} -``` yaml +```yaml{:copy} - name: Set selected color run: echo '::set-output name=SELECTED_COLOR::green' id: random-color-generator @@ -62,6 +81,22 @@ Puedes utilizar el comando `set-output` en tu flujo de trabajo para configurar e ``` {% endraw %} +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} + - name: Set selected color + run: Write-Output "::set-output name=SELECTED_COLOR::green" + id: random-color-generator + - name: Get color + run: Write-Output "The selected color is ${{ steps.random-color-generator.outputs.SELECTED_COLOR }}" +``` +{% endraw %} + +{% endpowershell %} + La siguiente tabla muestra qué funciones del toolkit se encuentran disponibles dentro de un flujo de trabajo: | Funcion del Toolkit | Comando equivalente del flujo de trabajo | @@ -86,186 +121,336 @@ La siguiente tabla muestra qué funciones del toolkit se encuentran disponibles ## Configurar un parámetro de salida -``` +Establece un parámetro de salida de la acción. + +```{:copy} ::set-output name={name}::{value} ``` -Establece un parámetro de salida de la acción. - Opcionalmente, también puedes declarar parámetros de salida en el archivo de metadatos de una acción. Para obtener más información, consulta la sección "[Sintaxis de metadatos para {% data variables.product.prodname_actions %}](/articles/metadata-syntax-for-github-actions#outputs-for-docker-container-and-javascript-actions)". -### Ejemplo +### Example: Setting an output parameter -``` bash +{% bash %} + +```bash{:copy} echo "::set-output name=action_fruit::strawberry" ``` -## Agregar un mensaje de depuración +{% endbash %} +{% powershell %} + +```pwsh{:copy} +Write-Output "::set-output name=action_fruit::strawberry" ``` -::debug::{message} -``` + +{% endpowershell %} + +## Agregar un mensaje de depuración Imprime un mensaje de depuración para el registro. Debes crear un archivo `ACTIONS_STEP_DEBUG` designado secretamente con el valor `true` para ver los mensajes de depuración establecidos por este comando en el registro. Para obtener más información, consulta la sección "[Habilitar el registro de depuración](/actions/managing-workflow-runs/enabling-debug-logging)." -### Ejemplo +```{:copy} +::debug::{message} +``` -``` bash +### Example: Setting a debug message + +{% bash %} + +```bash{:copy} echo "::debug::Set the Octocat variable" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::debug::Set the Octocat variable" +``` + +{% endpowershell %} + {% ifversion fpt or ghes > 3.2 or ghae-issue-4929 or ghec %} ## Configurar un mensaje de aviso -``` +Crea un mensaje de aviso e imprime el mensaje en la bitácora. {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::notice file={name},line={line},endLine={endLine},title={title}::{message} ``` -Crea un mensaje de aviso e imprime el mensaje en la bitácora. {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### Ejemplo +### Example: Setting a notice message -``` bash +{% bash %} + +```bash{:copy} echo "::notice file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::notice file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} {% endif %} ## Configurar un mensaje de advertencia -``` +Crea un mensaje de advertencia e imprime el mensaje en el registro. {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::warning file={name},line={line},endLine={endLine},title={title}::{message} ``` -Crea un mensaje de advertencia e imprime el mensaje en el registro. {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### Ejemplo +### Example: Setting a warning message -``` bash +{% bash %} + +```bash{:copy} echo "::warning file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::warning file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} ## Configurar un mensaje de error -``` +Crea un mensaje de error e imprime el mensaje en el registro {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::error file={name},line={line},endLine={endLine},title={title}::{message} ``` -Crea un mensaje de error e imprime el mensaje en el registro {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### Ejemplo +### Example: Setting an error message -``` bash +{% bash %} + +```bash{:copy} echo "::error file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::error file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} ## Agrupar líneas de las bitácoras -``` +Crea un grupo expansible en la bitácora. Para crear un grupo, utiliza el comando `group` y especifica un `title`. Todo lo que imprimas en la bitácora entre los comandos `group` y `endgroup` se anidará dentro de una entrada expansible en la misma. + +```{:copy} ::group::{title} ::endgroup:: ``` -Crea un grupo expansible en la bitácora. Para crear un grupo, utiliza el comando `group` y especifica un `title`. Todo lo que imprimas en la bitácora entre los comandos `group` y `endgroup` se anidará dentro de una entrada expansible en la misma. +### Example: Grouping log lines -### Ejemplo +{% bash %} -```bash -echo "::group::My title" -echo "Inside group" -echo "::endgroup::" +```yaml{:copy} +jobs: + bash-example: + runs-on: ubuntu-latest + steps: + - name: Group of log lines + run: | + echo "::group::My title" + echo "Inside group" + echo "::endgroup::" ``` +{% endbash %} + +{% powershell %} + +```yaml{:copy} +jobs: + powershell-example: + runs-on: windows-latest + steps: + - name: Group of log lines + run: | + Write-Output "::group::My title" + Write-Output "Inside group" + Write-Output "::endgroup::" +``` + +{% endpowershell %} + ![Grupo plegable en la bitácora de una ejecución de flujo de trabajo](/assets/images/actions-log-group.png) ## Enmascarar un valor en el registro -``` +```{:copy} ::add-mask::{value} ``` El enmascaramiento de un valor impide que una cadena o variable se imprima en el registro. Cada palabra enmascarada separada por un espacio en blanco se reemplaza con el carácter `*`. Puedes usar una variable de entorno o cadena para el `valor` de la máscara. -### Ejemplo de enmascaramiento de una cadena +### Example: Masking a string Cuando imprimas `"Mona The Octocat"` en el registro, verás `"***"`. -```bash +{% bash %} + +```bash{:copy} echo "::add-mask::Mona The Octocat" ``` -### Ejemplo de enmascaramiento de una variable de entorno +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::add-mask::Mona The Octocat" +``` + +{% endpowershell %} + +### Example: Masking an environment variable Cuando imprimes la variable `MY_NAME` o el valor `"Mona The Octocat"` en el registro, verás `"***"` en lugar de `"Mona The Octocat"`. -```bash -MY_NAME="Mona The Octocat" -echo "::add-mask::$MY_NAME" +{% bash %} + +```yaml{:copy} +jobs: + bash-example: + runs-on: ubuntu-latest + env: + MY_NAME: "Mona The Octocat" + steps: + - name: bash-version + run: echo "::add-mask::$MY_NAME" ``` +{% endbash %} + +{% powershell %} + +```yaml{:copy} +jobs: + powershell-example: + runs-on: windows-latest + env: + MY_NAME: "Mona The Octocat" + steps: + - name: powershell-version + run: Write-Output "::add-mask::$env:MY_NAME" +``` + +{% endpowershell %} + ## Detener e iniciar comandos de flujo de trabajo -`::stop-commands::{endtoken}` - Deja de procesar cualquier comando de flujo de trabajo. Este comando especial te permite registrar lo que sea sin ejecutar accidentalmente un comando de flujo de trabajo. Por ejemplo, podrías dejar de registrar para producir un script completo que tenga comentarios. +```{:copy} +::stop-commands::{endtoken} +``` + Para parar el procesamiento de los comandos de flujo de trabajo, pasa un token único a `stop-commands`. Para resumir los comandos de flujo de trabajo de procesamiento, pasa el mismo token que utilizaste para detener los comandos de flujo de trabajo. {% warning %} -**Advertencia:** Asegúrate de que el token que estás utilizando se genere aleatoriamente y sea único para cada ejecución. Tal como se demuestra en el siguiente ejemplo, puedes generar un hash único de tu `github.token` para cada ejecución. +**Advertencia:** Asegúrate de que el token que estás utilizando se genere aleatoriamente y sea único para cada ejecución. {% endwarning %} -``` +```{:copy} ::{endtoken}:: ``` -### Ejemplo deteniendo e iniciando los comandos de un flujo de trabajo +### Example: Stopping and starting workflow commands + +{% bash %} {% raw %} -```yaml +```yaml{:copy} jobs: workflow-command-job: runs-on: ubuntu-latest steps: - - name: disable workflow commands + - name: Disable workflow commands run: | - echo '::warning:: this is a warning' - echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" - echo '::warning:: this will NOT be a warning' - echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" - echo '::warning:: this is a warning again' + echo '::warning:: This is a warning message, to demonstrate that commands are being processed.' + stopMarker=$(uuidgen) + echo "::stop-commands::$stopMarker" + echo '::warning:: This will NOT be rendered as a warning, because stop-commands has been invoked.' + echo "::$stopMarker::" + echo '::warning:: This is a warning again, because stop-commands has been turned off.' +``` +{% endraw %} + +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} +jobs: + workflow-command-job: + runs-on: windows-latest + steps: + - name: Disable workflow commands + run: | + Write-Output '::warning:: This is a warning message, to demonstrate that commands are being processed.' + $stopMarker = New-Guid + Write-Output "::stop-commands::$stopMarker" + Write-Output '::warning:: This will NOT be rendered as a warning, because stop-commands has been invoked.' + Write-Output "::$stopMarker::" + Write-Output '::warning:: This is a warning again, because stop-commands has been turned off.' ``` {% endraw %} +{% endpowershell %} + ## Hacer eco en las salidas de comando -``` +Habilita o inhabilita el hacer eco en los comandos de los flujos de trabajo. Por ejemplo, si utilizas el comando `set-output` en un flujo de trabajo, este configura un parámetro de salida pero la bitácora de la ejecución del flujo de trabajo no muestra al comando mismo. Si habilitas el eco del comando, entonces la bitácora lo mostrará, tal como en `::set-output name={name}::{value}`. + +```{:copy} ::echo::on ::echo::off ``` -Habilita o inhabilita el hacer eco en los comandos de los flujos de trabajo. Por ejemplo, si utilizas el comando `set-output` en un flujo de trabajo, este configura un parámetro de salida pero la bitácora de la ejecución del flujo de trabajo no muestra al comando mismo. Si habilitas el eco del comando, entonces la bitácora lo mostrará, tal como en `::set-output name={name}::{value}`. - El eco de comando se encuentra inhabilitado predeterminadamente. Sin embargo, los comandos de flujo de trabajo hacen eco si existen errores para procesarlos. Los comandos `add-mask`, `debug`, `warning` y `error` no son compatibles con el eco porque sus salidas ya hicieron eco en la bitácora. También puedes habilitar el eco de comandos globalmente si activas la generación de bitácoras de depuración de pasos utilizando el secreto `ACTIONS_STEP_DEBUG`. Para obtener más información, consulta la sección "[Habilitar el registro de depuración](/actions/managing-workflow-runs/enabling-debug-logging)". Como contraste, el comando de flujo de trabajo `echo` te permite habilitar el eco de comandos en un nivel más granular en vez de habilitarlo para cada flujo de trabajo en un repositorio. -### Ejemplo de cómo alternar el eco de comandos +### Example: Toggling command echoing -```yaml +{% bash %} + +```yaml{:copy} jobs: workflow-command-job: runs-on: ubuntu-latest @@ -279,9 +464,29 @@ jobs: echo '::set-output name=action_echo::disabled' ``` -El paso anterior imprime las siguientes líneas en la bitácora: +{% endbash %} +{% powershell %} + +```yaml{:copy} +jobs: + workflow-command-job: + runs-on: windows-latest + steps: + - name: toggle workflow command echoing + run: | + write-output "::set-output name=action_echo::disabled" + write-output "::echo::on" + write-output "::set-output name=action_echo::enabled" + write-output "::echo::off" + write-output "::set-output name=action_echo::disabled" ``` + +{% endpowershell %} + +The example above prints the following lines to the log: + +```{:copy} ::set-output name=action_echo::enabled ::echo::off ``` @@ -298,13 +503,13 @@ El comando `save-state` solo puede ejecutarse dentro de una acción y no está d Este ejemplo utiliza JavaScript para ejecutar el comando `save-state`. La variable de ambiente resultante se nombra `STATE_processID` con el valor de `12345`: -``` javascript +```javascript{:copy} console.log('::save-state name=processID::12345') ``` La variable `STATE_processID` se encontrará entonces exclusivamente disponible para el script de limpieza que se ejecuta bajo la acción `main`. Este ejemplo se ejecuta en `main` y utiliza JavaScript para mostrar el valor asignado a la variable de ambiente `STATE_processID`: -``` javascript +```javascript{:copy} console.log("The running PID from the main action is: " + process.env.STATE_processID); ``` @@ -312,37 +517,70 @@ console.log("The running PID from the main action is: " + process.env.STATE_pro Durante la ejecución de un flujo de trabajo, el ejecutor genera archivos temporales que pueden utilizarse para llevar a cabo ciertas acciones. La ruta a estos archivos se expone a través de variables de ambiente. Necesitarás utilizar codificación UTF-8 cuando escribas en estos archivos para garantizar el procesamiento adecuado de los comandos. Se pueden escribir varios comandos en el mismo archivo, separados por líneas nuevas. -{% warning %} +{% powershell %} -**Advertencia:** en Windows, el PowerShell tradicional (`shell: powershell`) no utiliza el cifrado UTF-8 predeterminado. +{% note %} -When using `shell: powershell`, you must specify UTF-8 encoding. Por ejemplo: +**Note:** PowerShell versions 5.1 and below (`shell: powershell`) do not use UTF-8 by default, so you must specify the UTF-8 encoding. Por ejemplo: -```yaml +```yaml{:copy} jobs: legacy-powershell-example: - uses: windows-2019 + runs-on: windows-latest steps: - shell: powershell - run: echo "mypath" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append + run: | + "mypath" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append ``` -Alternatively, you can use PowerShell Core (`shell: pwsh`), which defaults to UTF-8. +PowerShell Core versions 6 and higher (`shell: pwsh`) use UTF-8 by default. Por ejemplo: -{% endwarning %} +```yaml{:copy} +jobs: + powershell-core-example: + runs-on: windows-latest + steps: + - shell: pwsh + run: | + "mypath" >> $env:GITHUB_PATH +``` + +{% endnote %} + +{% endpowershell %} ## Configurar una variable de ambiente -``` bash +{% bash %} + +```bash{:copy} echo "{environment_variable_name}={value}" >> $GITHUB_ENV ``` +{% endbash %} + +{% powershell %} + +- Using PowerShell version 6 and higher: +```pwsh{:copy} +"{environment_variable_name}={value}" >> $env:GITHUB_ENV +``` + +- Using PowerShell version 5.1 and below: +```powershell{:copy} +"{environment_variable_name}={value}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append +``` + +{% endpowershell %} + You can make an environment variable available to any subsequent steps in a workflow job by defining or updating the environment variable and writing this to the `GITHUB_ENV` environment file. El paso que crea o actualiza la variable de ambiente no tiene acceso al valor nuevo, pero todos los pasos subsecuentes en un job tendrán acceso. The names of environment variables are case-sensitive, and you can include punctuation. Para obtener más información, consulta "[Variables del entorno](/actions/learn-github-actions/environment-variables)". ### Ejemplo +{% bash %} + {% raw %} -``` +```yaml{:copy} steps: - name: Set the value id: step_one @@ -355,11 +593,31 @@ steps: ``` {% endraw %} +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} +steps: + - name: Set the value + id: step_one + run: | + "action_state=yellow" >> $env:GITHUB_ENV + - name: Use the value + id: step_two + run: | + Write-Output "${{ env.action_state }}" # This will output 'yellow' +``` +{% endraw %} + +{% endpowershell %} + ### Secuencias de línea múltiple Para las secuencias de lìnea mùltiple, puedes utilizar un delimitador con la siguiente sintaxis. -``` +```{:copy} {name}<<{delimiter} {value} {delimiter} @@ -367,29 +625,75 @@ Para las secuencias de lìnea mùltiple, puedes utilizar un delimitador con la s #### Ejemplo -En este ejemplo, utilizamos `EOF` como delimitador y configuramos la variable de ambiente `JSON_RESPONSE` para el valor de la respuesta de curl. -```yaml +This example uses `EOF` as a delimiter, and sets the `JSON_RESPONSE` environment variable to the value of the `curl` response. + +{% bash %} + +```yaml{:copy} steps: - - name: Set the value + - name: Set the value in bash id: step_one run: | echo 'JSON_RESPONSE<> $GITHUB_ENV - curl https://httpbin.org/json >> $GITHUB_ENV + curl https://example.lab >> $GITHUB_ENV echo 'EOF' >> $GITHUB_ENV ``` -## Agregar una ruta de sistema +{% endbash %} -``` bash -echo "{path}" >> $GITHUB_PATH +{% powershell %} + +```yaml{:copy} +steps: + - name: Set the value in pwsh + id: step_one + run: | + "JSON_RESPONSE<> $env:GITHUB_ENV + (Invoke-WebRequest -Uri "https://example.lab").Content >> $env:GITHUB_ENV + "EOF" >> $env:GITHUB_ENV + shell: pwsh ``` +{% endpowershell %} + +## Agregar una ruta de sistema + Antepone un directorio a la variable de sistema `PATH` y la hace disponible automáticamente para todas las acciones subsecuentes en el job actual; la acción que se está ejecutando actualmente no puede acceder a la variable de ruta actualizada. Para ver las rutas definidas actualmente para tu job, puedes utilizar `echo "$PATH"` en un paso o en una acción. +{% bash %} + +```bash{:copy} +echo "{path}" >> $GITHUB_PATH +``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +"{path}" >> $env:GITHUB_PATH +``` + +{% endpowershell %} + ### Ejemplo Este ejemplo demuestra cómo agregar el directorio `$HOME/.local/bin` del usuario al `PATH`: -``` bash +{% bash %} + +```bash{:copy} echo "$HOME/.local/bin" >> $GITHUB_PATH ``` + +{% endbash %} + + +This example demonstrates how to add the user `$env:HOMEPATH/.local/bin` directory to `PATH`: + +{% powershell %} + +```pwsh{:copy} +"$env:HOMEPATH/.local/bin" >> $env:GITHUB_PATH +``` + +{% endpowershell %} diff --git a/translations/es-ES/content/actions/using-workflows/workflow-syntax-for-github-actions.md b/translations/es-ES/content/actions/using-workflows/workflow-syntax-for-github-actions.md index 4623da349c..40e81f395f 100644 --- a/translations/es-ES/content/actions/using-workflows/workflow-syntax-for-github-actions.md +++ b/translations/es-ES/content/actions/using-workflows/workflow-syntax-for-github-actions.md @@ -342,6 +342,31 @@ steps: uses: actions/heroku@1.0.0 ``` +#### Example: Using secrets + +Secrets cannot be directly referenced in `if:` conditionals. Instead, consider setting secrets as job-level environment variables, then referencing the environment variables to conditionally run steps in the job. + +If a secret has not been set, the return value of an expression referencing the secret (such as {% raw %}`${{ secrets.SuperSecret }}`{% endraw %} in the example) will be an empty string. + +{% raw %} +```yaml +name: Run a step if a secret has been set +on: push +jobs: + my-jobname: + runs-on: ubuntu-latest + env: + super_secret: ${{ secrets.SuperSecret }} + steps: + - if: ${{ env.super_secret != '' }} + run: echo 'This step will only run if the secret has a value set.' + - if: ${{ env.super_secret == '' }} + run: echo 'This step will only run if the secret does not have a value set.' +``` +{% endraw %} + +For more information, see "[Context availability](/actions/learn-github-actions/contexts#context-availability)" and "[Encrypted secrets](/actions/security-guides/encrypted-secrets)." + ### `jobs..steps[*].name` A name for your step to display on {% data variables.product.prodname_dotcom %}. @@ -714,6 +739,12 @@ The maximum number of minutes to let a job run before {% data variables.product. If the timeout exceeds the job execution time limit for the runner, the job will be canceled when the execution time limit is met instead. For more information about job execution time limits, see {% ifversion fpt or ghec or ghes %}"[Usage limits and billing](/actions/reference/usage-limits-billing-and-administration#usage-limits)" for {% data variables.product.prodname_dotcom %}-hosted runners and {% endif %}"[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners/#usage-limits){% ifversion fpt or ghec or ghes %}" for self-hosted runner usage limits.{% elsif ghae %}."{% endif %} +{% note %} + +**Note:** {% data reusables.actions.github-token-expiration %} For self-hosted runners, the token may be the limiting factor if the job timeout is greater than 24 hours. For more information on the `GITHUB_TOKEN`, see "[About the `GITHUB_TOKEN` secret](/actions/security-guides/automatic-token-authentication#about-the-github_token-secret)." + +{% endnote %} + ## `jobs..strategy` {% data reusables.actions.jobs.section-using-a-build-matrix-for-your-jobs-strategy %} diff --git a/translations/es-ES/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md b/translations/es-ES/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md index b6cc0de3c5..2e1783d276 100644 --- a/translations/es-ES/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md +++ b/translations/es-ES/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md @@ -271,7 +271,7 @@ GitHub te permite evitar utilizar software de terceros que contenga vulnerabilid | Herramienta de administración de dependencias | Descripción | | ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Alertas del dependabot | Puedes rastrear las dependencias de tu repositorio y recibir las alertas del dependabot cuando tu empresa detecte dependencias vulnerables. Para obtener más información, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)". | +| Alertas del dependabot | Puedes rastrear las dependencias de tu repositorio y recibir las alertas del dependabot cuando tu empresa detecte dependencias vulnerables. Para obtener más información, consulta la sección "[Acerca de{% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)". | | Gráfica de dependencias | La gráfica de dependencias es un resumen de los archivos de bloqueo y de manifiesto que se almacenan en un repositorio. Te muestra los ecosistemas y paquetes de los cuales depende tu base de código (sus dependencias) y los repositorios y paquetes que dependen de tu proyecto (sus dependencias). Para obtener más información, consulta la sección "[Acerca de la gráfica de dependencias](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)". |{% ifversion ghes > 3.1 or ghec %} | Revisión de dependencias | Si una solicitud de cambios contiene cambios a las dependencias, puedes ver un resumen de lo que ha cambiado y si es que existen vulnerabilidades conocidas en cualquiera de estas dependencias. Para obtener más información, consulta la sección "[Acerca de la revisión de dependencias](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)" o "[Revisar los cambios de dependencias en una solicitud de cambios](/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)". |{% endif %} {% ifversion ghec or ghes > 3.2 %} | Actualziaciones de seguridad del dependabot | El dependabot puede corregir las dependencias vulnerables levantando solicitudes de cambios con actualizaciones de seguridad. Para obtener más información, consulta la sección "[Acerca de las actualizaciones de seguridad del dependabot](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)". | diff --git a/translations/es-ES/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md b/translations/es-ES/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md index b5c8cddcf2..cb46734bfe 100644 --- a/translations/es-ES/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md +++ b/translations/es-ES/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md @@ -49,7 +49,7 @@ También puedes elegir sincronizar manualmente los datos de vulnerabilidad en cu When {% data variables.product.product_location %} receives information about a vulnerability, it identifies repositories in {% data variables.product.product_location %} that use the affected version of the dependency and generates {% data variables.product.prodname_dependabot_alerts %}. Puedes elegir si quieres notificar a los usuarios automáticamente acerca de las {% data variables.product.prodname_dependabot_alerts %} nuevas o no. -Para los repositorios que cuenten con las {% data variables.product.prodname_dependabot_alerts %} habilitadas, el escaneo se activa en cualquier subida a la rama predeterminada. Additionally, when a new vulnerability record is added to {% data variables.product.product_location %}, {% data variables.product.product_name %} scans all existing repositories on {% data variables.product.product_location %} and generates alerts for any repository that is vulnerable. Para obtener más información, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". +Para los repositorios que cuenten con las {% data variables.product.prodname_dependabot_alerts %} habilitadas, el escaneo se activa en cualquier subida a la rama predeterminada. Additionally, when a new vulnerability record is added to {% data variables.product.product_location %}, {% data variables.product.product_name %} scans all existing repositories on {% data variables.product.product_location %} and generates alerts for any repository that is vulnerable. Para obtener más información, consulta la sección "[Acerca de{% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". {% ifversion ghes > 3.2 %} ### Acerca de {% data variables.product.prodname_dependabot_updates %} @@ -67,7 +67,7 @@ After you enable {% data variables.product.prodname_dependabot_alerts %}, you ca With {% data variables.product.prodname_dependabot_updates %}, {% data variables.product.company_short %} automatically creates pull requests to update dependencies in two ways. - **{% data variables.product.prodname_dependabot_version_updates %}**: Los usuarios agregan un archivo de configuración del {% data variables.product.prodname_dependabot %} al repositorio para habilitar el {% data variables.product.prodname_dependabot %} para que cree solicitudes de cambios cuando se lance una versión nueva de una dependencia rastreada. Para obtener más información, consulta la sección "[Acerca de las {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates)". -- **{% data variables.product.prodname_dependabot_security_updates %}**: Los usuarios pueden alternar un ajuste de repositorio para habilitar que el {% data variables.product.prodname_dependabot %} cree solicitudes de cambios cuando {% data variables.product.prodname_dotcom %} detecta una vulnerabilidad en una de las dependencias de la gráfica de dependencias del repositorio. Para obtener más información, consulta las secciones "[Acerca de las alertas para las dependencias vulnerables](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)" y "[Acerca de las {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)". +- **{% data variables.product.prodname_dependabot_security_updates %}**: Los usuarios pueden alternar un ajuste de repositorio para habilitar que el {% data variables.product.prodname_dependabot %} cree solicitudes de cambios cuando {% data variables.product.prodname_dotcom %} detecta una vulnerabilidad en una de las dependencias de la gráfica de dependencias del repositorio. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." {% endif %} ## Habilitar {% data variables.product.prodname_dependabot_alerts %} @@ -100,7 +100,7 @@ After you enable {% data variables.product.prodname_dependabot_alerts %} for you {% ifversion ghes %} Before you enable {% data variables.product.prodname_dependabot_updates %}, you must configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %} with self-hosted runners. Para obtener más información, consulta la sección "[Iniciar con las {% data variables.product.prodname_actions %} para GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)". -{% data variables.product.prodname_dependabot_updates %} are not supported on {% data variables.product.product_name %} if your enterprise uses clustering or a high-availability configuration. +{% data variables.product.prodname_dependabot_updates %} are not supported on {% data variables.product.product_name %} if your enterprise uses clustering. {% endif %} {% data reusables.enterprise_site_admin_settings.sign-in %} diff --git a/translations/es-ES/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md b/translations/es-ES/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md index b61937585b..8e82a3e45f 100644 --- a/translations/es-ES/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md +++ b/translations/es-ES/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md @@ -17,7 +17,11 @@ topics: Si configuras un nombre del host en lugar de una dirección IP codificada de forma rígida, podrás cambiar el hardware físico que ejecuta {% data variables.product.product_location %} sin afectar a los usuarios o al software del cliente. -La configuración del nombre de host en la {% data variables.enterprise.management_console %} debe ajustarse a un nombre de dominio adecuado y que cumpla con todos los requisitos (FQDN) el cual se pueda resolver en la internet o dentro de tu red interna. Por ejemplo, tu configuración de nombre del host podría ser `github.companyname.com.` También recomendamos habilitar el aislamiento de subdominio para el nombre del host elegido a fin de mitigar varias vulnerabilidades del estilo cross-site scripting. Para obtener más información, consulta [Sección 2.1 del HTTP RFC](https://tools.ietf.org/html/rfc1123#section-2). +La configuración del nombre de host en la {% data variables.enterprise.management_console %} debe ajustarse a un nombre de dominio adecuado y que cumpla con todos los requisitos (FQDN) el cual se pueda resolver en la internet o dentro de tu red interna. For example, your hostname setting could be `github.companyname.com.` Web and API requests will automatically redirect to the hostname configured in the {% data variables.enterprise.management_console %}. + +After you configure a hostname, you can enable subdomain isolation to further increase the security of {% data variables.product.product_location %}. Para obtener más información, consulta "[Habilitar el aislamiento de subdominio](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)." + +For more information on the supported hostname types, see [Section 2.1 of the HTTP RFC](https://tools.ietf.org/html/rfc1123#section-2). {% data reusables.enterprise_installation.changing-hostname-not-supported %} @@ -29,4 +33,4 @@ La configuración del nombre de host en la {% data variables.enterprise.manageme {% data reusables.enterprise_management_console.test-domain-settings-failure %} {% data reusables.enterprise_management_console.save-settings %} -Después de configurar un nombre del host, recomendamos que habilites el aislamiento de subdominio para {% data variables.product.product_location %}. Para obtener más información, consulta "[Habilitar el aislamiento de subdominio](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)." +To help mitigate various cross-site scripting vulnerabilities, we recommend that you enable subdomain isolation for {% data variables.product.product_location %} after you configure a hostname. Para obtener más información, consulta "[Habilitar el aislamiento de subdominio](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)." diff --git a/translations/es-ES/content/admin/configuration/configuring-network-settings/network-ports.md b/translations/es-ES/content/admin/configuration/configuring-network-settings/network-ports.md index dddba3a203..2c9bb5a2ca 100644 --- a/translations/es-ES/content/admin/configuration/configuring-network-settings/network-ports.md +++ b/translations/es-ES/content/admin/configuration/configuring-network-settings/network-ports.md @@ -26,7 +26,7 @@ Se requieren algunos puertos administrativos para configurar {% data variables.p | Port (Puerto) | Servicio | Descripción | | ------------- | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | 8443 | HTTPS | {% data variables.enterprise.management_console %} segura basada en la web. Requerida para la instalación y la configuración básicas. | -| 8080 | HTTP | {% data variables.enterprise.management_console %} basada en la web de texto simple. No se requiere excepto que el SSL esté inhabilitado de forma manual. | +| 8080 | HTTP | {% data variables.enterprise.management_console %} basada en la web de texto simple. No se requiere a menos de que el TLS se inhabilite manualmente. | | 122 | SSH | Acceso shell para {% data variables.product.product_location %}. Se necesita abierto a las conexiones entrantes entre todos los nodos en una configuración de disponibilidad alta. El puerto SSH predeterminado (22) está destinado al tráfico de red de la aplicación SSH y Git. | | 1194/UDP | VPN | Túnel de red de replicación segura en la configuración de alta disponibilidad. Se requiere abierto a las comunicaciones entre todos los nodos en la configuración. | | 123/UDP | NTP | Se requiere para operar el protocolo de tiempo. | @@ -39,7 +39,7 @@ Los puertos de la aplicación permiten que los usuarios finales accedan a Git y | Port (Puerto) | Servicio | Descripción | | ------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | 443 | HTTPS | Acceso a la aplicación web y a Git por HTTPS. | -| 80 | HTTP | Acceso a la aplicación web. Todas las solicitudes se redireccionan al puerto HTTPS cuando se habilita SSL. | +| 80 | HTTP | Acceso a la aplicación web. Todas las solicitudes se redirigen al puerto HTTPS si se configura el TLS. | | 22 | SSH | Acceso a Git por SSH. Admite las operaciones clonar, extraer y subir a los repositorios privados y públicos. | | 9418 | Git | El puerto de protocolo Git admite las operaciones clonar y extraer a los repositorios públicos con comunicación de red desencriptada. {% data reusables.enterprise_installation.when-9418-necessary %} @@ -52,3 +52,18 @@ Los puertos de correo electrónico deben ser accesibles directamente o por medio | Port (Puerto) | Servicio | Descripción | | ------------- | -------- | ---------------------------------------------- | | 25 | SMTP | Soporte para SMTP con encriptación (STARTTLS). | + +## Puertos de las {% data variables.product.prodname_actions %} + +Los puertos de las {% data variables.product.prodname_actions %} deben ser accesibles para que los ejecutores auto-hospedados se conecten a {% data variables.product.product_location %}. Para obtener más información, consulta la sección "[Acerca de los ejecutores auto-hospedados](/actions/hosting-your-own-runners/about-self-hosted-runners#communication-between-self-hosted-runners-and-github-enterprise-server)". + +| Port (Puerto) | Servicio | Descripción | +| ------------- | -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| 443 | HTTPS | Los ejecutores auto-hospedados se conectan a {% data variables.product.product_location %} para recibir asignaciones de jobs y para descargar versiones nuevas de la aplicación ejecutora. Requerido si se configura TLS. | +| 80 | HTTP | Los ejecutores auto-hospedados se conectan a {% data variables.product.product_location %} para recibir asignaciones de jobs y para descargar versiones nuevas de la aplicación ejecutora. Requerido si no se configura TLS. | + +If you enable automatic access to {% data variables.product.prodname_dotcom_the_website %} actions, {% data variables.product.prodname_actions %} will always search for an action on {% data variables.product.product_location %} first, via these ports, before checking {% data variables.product.prodname_dotcom_the_website %}. Para obtener más información, consulta la sección "[Habilitar el acceso automático a las acciones de {% data variables.product.prodname_dotcom_the_website %} utilizando{% data variables.product.prodname_github_connect %}](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect#about-resolution-for-actions-using-github-connect)". + +## Leer más + +- "[Configuring TLS](/admin/configuration/configuring-network-settings/configuring-tls)" diff --git a/translations/es-ES/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md b/translations/es-ES/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md index 791cac9739..16aecc8c6d 100644 --- a/translations/es-ES/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md +++ b/translations/es-ES/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md @@ -23,6 +23,8 @@ shortTitle: Acerca de la configuración {% endif %} {% ifversion ghae %} +To get started with {% data variables.product.product_name %}, you first need to deploy {% data variables.product.product_name %}. For more information, see "[Deploying {% data variables.product.product_name %}](/admin/configuration/configuring-your-enterprise/deploying-github-ae)." + La primera vez que accedes a tu empresa, completarás una configuración inicial para obtener {% data variables.product.product_name %} listo para utilizarse. La configuración inicial incluye la conexión de tu empresa con un proveedor de identidad (IdP), autenticarte con el SSO de SAML, configurar políticas para repositorios y organizaciones en tu empresa y configurar el SMTP para el correo electrónico externo. Para obtener más información, consulta la sección "[Inicializar {% data variables.product.prodname_ghe_managed %}](/admin/configuration/initializing-github-ae)". Posteriormente, puedes utilizar el panel de administrador de sitio y la configuración empresarial para seguir configurando tu empresa, administrar usuarios, organizaciones y repositorios, y para configurar políticas que reducen los riesgos e incrementan la calidad. diff --git a/translations/es-ES/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md b/translations/es-ES/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md new file mode 100644 index 0000000000..27895a23e2 --- /dev/null +++ b/translations/es-ES/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md @@ -0,0 +1,66 @@ +--- +title: Deploying GitHub AE +intro: 'You can deploy {% data variables.product.product_name %} to an available Azure region.' +versions: + ghae: '*' +topics: + - Accounts + - Enterprise +type: how_to +shortTitle: Deploy GitHub AE +redirect_from: + - /get-started/signing-up-for-github/setting-up-a-trial-of-github-ae +--- + +## About deployment of {% data variables.product.product_name %} + +{% data reusables.github-ae.github-ae-enables-you %} Para obtener más información, consulta la sección "[Acerca del {% data variables.product.prodname_ghe_managed %}](/admin/overview/about-github-ae)". + +After you purchase or start a trial of {% data variables.product.product_name %}, you can deploy {% data variables.product.product_name %} to an available Azure region. This guide refers to the Azure resource that contains the deployment of {% data variables.product.product_name %} as the {% data variables.product.product_name %} account. You'll use the Azure portal at [https://portal.azure.com](https://portal.azure.com) to deploy the {% data variables.product.product_name %} account. + +## Prerrequisitos + +- Before you can deploy {% data variables.product.product_name %}, you must request access from your {% data variables.product.company_short %} account team. {% data variables.product.company_short %} will enable deployment of {% data variables.product.product_name %} for your Azure subscription. If you haven't already purchased {% data variables.product.product_name %}, you can contact {% data variables.contact.contact_enterprise_sales %} to check your eligibility for a trial. + +- You must have permission to perform the `/register/action` operation for the resource provider in Azure. The permission is included in the `Contributor` and `Owner` roles. For more information, see [Azure resource providers and types](https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/resource-providers-and-types#register-resource-provider) in the Microsoft documentation. + +## Deploying {% data variables.product.product_name %} with the {% data variables.actions.azure_portal %} + +The {% data variables.actions.azure_portal %} allows you to deploy the {% data variables.product.product_name %} account in your Azure resource group. + +1. Click one of the following two links to begin deployment of {% data variables.product.product_name %}. The link you should click depends on the Azure cloud where you plan to deploy {% data variables.product.product_name %}. For more information about Azure Government, see [What is Azure Government?](https://docs.microsoft.com/en-us/azure/azure-government/documentation-government-welcome) in the Microsoft documentation. + + - [Deploy {% data variables.product.product_name %} to Azure Commercial](https://aka.ms/create-github-ae-instance) + - [Deploy {% data variables.product.product_name %} to Azure Government](https://aka.ms/create-github-ae-instance-gov) +1. To begin the process of adding a new {% data variables.product.product_name %} account, click **Create GitHub AE account**. +1. Complete the "Project details" and "Instance details" fields. ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-form.png) + - **Account name:** The hostname for your enterprise + - **Administrator username:** A username for the initial enterprise owner that will be created in {% data variables.product.product_name %} + - **Administrator email:** The email address that will receive the login information +1. To review a summary of the proposed changes, click **Review + create**. +1. After the validation process has completed, click **Create**. + +The email address you entered above will receive instructions on how to access your enterprise. After you have access, you can get started by following the initial setup steps. Para obtener más información, consulta la sección "[Inicializar {% data variables.product.product_name %}](/admin/configuration/initializing-github-ae)". + +{% note %} + +**Note:** Software updates for your {% data variables.product.product_name %} deployment are performed by {% data variables.product.prodname_dotcom %}. For more information, see "[About upgrades to new releases](/admin/overview/about-upgrades-to-new-releases)." + +{% endnote %} + +## Navigating to your enterprise + +You can use the {% data variables.actions.azure_portal %} to navigate to your {% data variables.product.product_name %} deployment. The resulting list includes all the {% data variables.product.product_name %} deployments in your Azure region. + +1. On the {% data variables.actions.azure_portal %}, in the left panel, click **All resources**. +1. From the available filters, click **All types**, then deselect **Select all** and select **GitHub AE**: ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-type-filter.png) + +## Pasos siguientes + +- Once your deployment has been provisioned, the next step is to initialize {% data variables.product.product_name %}. Para obtener más información, consulta la sección "[Inicializar {% data variables.product.product_name %}](/github-ae@latest/admin/configuration/configuring-your-enterprise/initializing-github-ae)". +- If you're trying {% data variables.product.product_name %}, you can upgrade to a full license at any time during the trial period by contacting contact {% data variables.contact.contact_enterprise_sales %}. If you haven't upgraded by the last day of your trial, then the deployment is automatically deleted. Si necesitas más tiempo para evaluar {% data variables.product.product_name %}, contacta a {% data variables.contact.contact_enterprise_sales %} para solicitar una extensión. + +## Leer más + +- "[Habilita las características de la {% data variables.product.prodname_advanced_security %} en {% data variables.product.product_name %}](/github/getting-started-with-github/about-github-advanced-security#enabling-advanced-security-features-on-github-ae)" +- "[{% data variables.product.product_name %} release notes](/github-ae@latest/admin/overview/github-ae-release-notes)" diff --git a/translations/es-ES/content/admin/configuration/configuring-your-enterprise/index.md b/translations/es-ES/content/admin/configuration/configuring-your-enterprise/index.md index 27b1020567..9d7200b0dc 100644 --- a/translations/es-ES/content/admin/configuration/configuring-your-enterprise/index.md +++ b/translations/es-ES/content/admin/configuration/configuring-your-enterprise/index.md @@ -16,6 +16,7 @@ topics: - Enterprise children: - /about-enterprise-configuration + - /deploying-github-ae - /initializing-github-ae - /accessing-the-management-console - /accessing-the-administrative-shell-ssh diff --git a/translations/es-ES/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md b/translations/es-ES/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md index 21ea21a4f7..a407bf95c8 100644 --- a/translations/es-ES/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md +++ b/translations/es-ES/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md @@ -19,25 +19,32 @@ El tiempo requerido para la tolerancia de fallos depende de cuánto le tome para {% data reusables.enterprise_installation.promoting-a-replica %} -1. Para permitir que la replicación finalice antes de cambiar aparatos, pon el aparato principal en modo mantenimiento: - - Para usar el administrador de consola, consulta "[Habilitar y programar el modo mantenimiento](/enterprise/admin/guides/installation/enabling-and-scheduling-maintenance-mode/)" - - También puedes usar el comando `ghe-maintenance -s`. +1. If the primary appliance is available, to allow replication to finish before you switch appliances, on the primary appliance, put the primary appliance into maintenance mode. + + - Put the appliance into maintenance mode. + + - Para usar el administrador de consola, consulta "[Habilitar y programar el modo mantenimiento](/enterprise/admin/guides/installation/enabling-and-scheduling-maintenance-mode/)" + + - También puedes usar el comando `ghe-maintenance -s`. + ```shell + $ ghe-maintenance -s + ``` + + - Cuando la cantidad de operaciones activas de Git, consultas de MySQL y jobs de Resque lleguen a cero, espera 30 segundos. + + {% note %} + + **Nota:** Nomad siempre tendrá jobs en ejecución, incluso si está en modo de mantenimiento, así que puedes ignorar estos jobs de forma segura. + + {% endnote %} + + - Para verificar que todos los canales de replicación informan `OK`, utiliza el comando `ghe-repl-status -vv`. + ```shell - $ ghe-maintenance -s + $ ghe-repl-status -vv ``` -2. Cuando la cantidad de operaciones activas de Git, consultas de MySQL y jobs de Resque lleguen a cero, espera 30 segundos. - {% note %} - - **Nota:** Nomad siempre tendrá jobs en ejecución, incluso si está en modo de mantenimiento, así que puedes ignorar estos jobs de forma segura. - - {% endnote %} - -3. Para verificar que todos los canales de replicación informan `OK`, utiliza el comando `ghe-repl-status -vv`. - ```shell - $ ghe-repl-status -vv - ``` -4. Para frenar la replicación e impulsar el aparato de réplica a un estado primario, utiliza el comando `ghe-repl-promote`. Esto también pondrá de forma automática al nodo primario en nodo mantenimiento si es accesible. +4. On the replica appliance, to stop replication and promote the replica appliance to primary status, use the `ghe-repl-promote` command. Esto también pondrá de forma automática al nodo primario en nodo mantenimiento si es accesible. ```shell $ ghe-repl-promote ``` diff --git a/translations/es-ES/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md b/translations/es-ES/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md index 3337006bd0..9d4e2026ec 100644 --- a/translations/es-ES/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md +++ b/translations/es-ES/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md @@ -33,7 +33,7 @@ topics: {% data variables.product.prodname_actions %} helps your team work faster at scale. When large repositories start using {% data variables.product.prodname_actions %}, teams merge significantly more pull requests per day, and the pull requests are merged significantly faster. For more information, see "[Writing and shipping code faster](https://octoverse.github.com/writing-code-faster/#scale-through-automation)" in the State of the Octoverse. -You can create your own unique automations, or you can use and adapt workflows from our ecosystem of over 10,000 actions built by industry leaders and the open source community. Para obtener más información, consulta la sección "[Encontrar y personalizar las acciones](/actions/learn-github-actions/finding-and-customizing-actions)". +You can create your own unique automations, or you can use and adapt workflows from our ecosystem of over 10,000 actions built by industry leaders and the open source community. {% ifversion ghec %}For more information, see "[Finding and customizing actions](/actions/learn-github-actions/finding-and-customizing-actions)."{% else %}You can restrict your developers to using actions that exist on {% data variables.product.product_location %}, or you can allow your developers to access actions on {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[About using actions in your enterprise](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise)."{% endif %} {% data variables.product.prodname_actions %} is developer friendly, because it's integrated directly into the familiar {% data variables.product.product_name %} experience. diff --git a/translations/es-ES/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise.md b/translations/es-ES/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise.md index 7dcab8d65c..052dd9d3cb 100644 --- a/translations/es-ES/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise.md +++ b/translations/es-ES/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-self-hosted-runners-for-your-enterprise.md @@ -88,7 +88,7 @@ You can create a runner group to manage access to the runner that you added to y {% warning %} - **Warning**: + **Advertencia**: {% indented_data_reference reusables.actions.self-hosted-runner-security spaces=3 %} diff --git a/translations/es-ES/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md b/translations/es-ES/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md index 321e4bb03f..0a688ba9f8 100644 --- a/translations/es-ES/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md +++ b/translations/es-ES/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md @@ -13,7 +13,7 @@ type: overview topics: - Actions - Enterprise -shortTitle: Agregar acciones en tu empresa +shortTitle: About actions in your enterprise --- {% data reusables.actions.enterprise-beta %} @@ -23,13 +23,24 @@ shortTitle: Agregar acciones en tu empresa Los flujos de trabajo de {% data variables.product.prodname_actions %} pueden utilizar _acciones_, las cuales son tareas individuales que puedes combinar para crear jobs y personalizar tu flujo de trabajo. Puedes crear tus propias acciones, o utilizar y personalizar a quellas que comparte la comunidad de {% data variables.product.prodname_dotcom %}. -{% data reusables.actions.enterprise-no-internet-actions %} +{% data reusables.actions.enterprise-no-internet-actions %} You can restrict your developers to using actions that are stored on {% data variables.product.product_location %}, which includes most official {% data variables.product.company_short %}-authored actions, as well as any actions your developers create. Alternatively, to allow your developers to benefit from the full ecosystem of actions built by industry leaders and the open source community, you can configure access to other actions from {% data variables.product.prodname_dotcom_the_website %}. + +We recommend allowing automatic access to all actions from {% data variables.product.prodname_dotcom_the_website %}. {% ifversion ghes %}However, this does require {% data variables.product.product_name %} to make outbound connections to {% data variables.product.prodname_dotcom_the_website %}. If you don't want to allow these connections, or{% else %}If{% endif %} you want to have greater control over which actions are used on your enterprise, you can manually sync specific actions from {% data variables.product.prodname_dotcom_the_website %}. ## Acciones oficiales que se incluyen en tu instancia empresarial {% data reusables.actions.actions-bundled-with-ghes %} -Las acciones agrupadas oficiales incluyen a `actions/checkout`, `actions/upload-artifact`, `actions/download-artifact`, `actions/labeler`, y varias acciones de `actions/setup-`, entre otras. Para ver todas las acciones oficiales que se incluyen en tu instancia empresarial, navega hasta la organización `actions` en tu instancia: https://HOSTNAME/actions. +The bundled official actions include the following, among others. +- `actions/checkout` +- `actions/upload-artifact` +- `actions/download-artifact` +- `actions/labeler` +- Various `actions/setup-` actions + +Para ver todas las acciones oficiales que se incluyen en tu instancia empresarial, navega hasta la organización `actions` en tu instancia: https://HOSTNAME/actions. + +There is no connection required between {% data variables.product.product_location %} and {% data variables.product.prodname_dotcom_the_website %} to use these actions. Cada acción es un repositorio en la organización `actions` y cada repositorio de acción incluye las etiquetas, ramas y SHA de confirmación necesarios que tu flujo de trabajo puede utilizar para referenciar la acción. Para obtener más información sobre cómo actualizar las acciones oficiales empaquetadas, consulta la sección "[Utilizar la versión más reciente de las acciones oficiales incluídas](/admin/github-actions/using-the-latest-version-of-the-official-bundled-actions)". @@ -43,14 +54,21 @@ Cada acción es un repositorio en la organización `actions` y cada repositorio ## Configurar el acceso a las acciones en {% data variables.product.prodname_dotcom_the_website %} -{% ifversion ghes %} -Antes de que puedas configurar el acceso a las acciones en {% data variables.product.prodname_dotcom_the_website %}, debes configurar {% data variables.product.product_location %} para que utilice {% data variables.product.prodname_actions %}. Para obtener más información, consulta la sección "[Iniciar con las {% data variables.product.prodname_actions %} para GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)". -{% endif %} - {% data reusables.actions.access-actions-on-dotcom %} El acercamiento recomendado es habilitar el acceso automático a todas las acciones desde {% data variables.product.prodname_dotcom_the_website %}. Puedes hacer esto si utilizas {% data variables.product.prodname_github_connect %} para integrar a {% data variables.product.product_name %} con {% data variables.product.prodname_ghe_cloud %}. Para obtener más información, consulta la sección "[Habilitar el acceso automático a las acciones de {% data variables.product.prodname_dotcom_the_website %} utilizando {% data variables.product.prodname_github_connect %}](/enterprise/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect)". +{% ifversion ghes %} +{% note %} + +**Note:** Before you can configure access to actions on {% data variables.product.prodname_dotcom_the_website %}, you must configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %}. Para obtener más información, consulta la sección "[Iniciar con las {% data variables.product.prodname_actions %} para GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)". + + +{% endnote %} +{% endif %} + +{% data reusables.actions.self-hosted-runner-networking-to-dotcom %} + {% data reusables.actions.enterprise-limit-actions-use %} -Como alternativa, si quieres tener un control más estricto sobre qué acciones se permiten en tu empresa, puedes descargar y sincronizar las acciones manualmente en tu instancia empresarial utilizando la herramienta `actions-sync`. Para obtener más información, consulta la sección "[Sincronizar acciones manualmente desde {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)". +Alternatively, if you want stricter control over which actions are allowed in your enterprise, or you do not want to allow outbound connections to {% data variables.product.prodname_dotcom_the_website %}, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. Para obtener más información, consulta la sección "[Sincronizar acciones manualmente desde {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)". diff --git a/translations/es-ES/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md b/translations/es-ES/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md index 3dc27dc3ff..f539aeca8d 100644 --- a/translations/es-ES/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md +++ b/translations/es-ES/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md @@ -21,11 +21,18 @@ shortTitle: Use GitHub Connect for actions ## About automatic access to {% data variables.product.prodname_dotcom_the_website %} actions -By default, {% data variables.product.prodname_actions %} workflows on {% data variables.product.product_name %} cannot use actions directly from {% data variables.product.prodname_dotcom_the_website %} or [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions). +By default, {% data variables.product.prodname_actions %} workflows on {% data variables.product.product_name %} cannot use actions directly from {% data variables.product.prodname_dotcom_the_website %} or [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions). To make all actions from {% data variables.product.prodname_dotcom_the_website %} available on your enterprise instance, you can use {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. -To make all actions from {% data variables.product.prodname_dotcom_the_website %} available on your enterprise instance, you can use {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. For other ways of accessing actions from {% data variables.product.prodname_dotcom_the_website %}, see "[About using actions in your enterprise](/admin/github-actions/about-using-actions-in-your-enterprise)." +{% data reusables.actions.self-hosted-runner-networking-to-dotcom %} -To use actions from {% data variables.product.prodname_dotcom_the_website %}, your self-hosted runners must be able to download public actions from `api.github.com`. +Alternatively, if you want stricter control over which actions are allowed in your enterprise, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. For more information, see "[Manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)." + +## About resolution for actions using {% data variables.product.prodname_github_connect %} + +{% data reusables.actions.github-connect-resolution %} + +If a user has already created an organization and repository in your enterprise that matches an organization and repository name on {% data variables.product.prodname_dotcom_the_website %}, the repository on your enterprise will be used instead of the {% data variables.product.prodname_dotcom_the_website %} repository. {% ifversion ghes < 3.3 or ghae %}A malicious user could take advantage of this behavior to run code as part of a workflow{% else %}For more information, see "[Automatic retirement of namespaces for actions accessed on {% data variables.product.prodname_dotcom_the_website%}](#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom)." +{% endif %} ## Enabling automatic access to all {% data variables.product.prodname_dotcom_the_website %} actions @@ -33,8 +40,6 @@ Before enabling access to all actions from {% data variables.product.prodname_do - Configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." - Enable{% else %} enable{% endif %} {% data variables.product.prodname_github_connect %}. For more information, see "[Managing {% data variables.product.prodname_github_connect %}](/admin/configuration/configuring-github-connect/managing-github-connect)." -{% data reusables.actions.enterprise-github-connect-warning %} - {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.github-connect-tab %} 1. Under "Users can utilize actions from GitHub.com in workflow runs", use the drop-down menu and select **Enabled**. diff --git a/translations/es-ES/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md b/translations/es-ES/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md index 38338d3517..0c1478dfd6 100644 --- a/translations/es-ES/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md +++ b/translations/es-ES/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md @@ -54,7 +54,7 @@ Se crea un mapeo entre la `NameID` y el nombre de usuario de {% data variables.p {% note %} -**Nota**: Si la `NameID` de un usuario sí cambia en el IdP, el usuario verá un mensaje de error cuando intente ingresar en tu instancia de {% data variables.product.prodname_ghe_server %}. {% ifversion ghes %}To restore the user's access, you'll need to update the user account's `NameID` mapping. Para obtener más información, consulta la sección "[Actualizar la `NameID`](#updating-a-users-saml-nameid) de SAML de un usuario.{% else %} Para obtener más información, consulta "[Error: 'Another user already owns the account'](#error-another-user-already-owns-the-account)".{% endif %} +**Note**: If the `NameID` for a user does change on the IdP, the user will see an error message when they try to sign into {% data variables.product.product_location %}. To restore the user's access, you'll need to update the user account's `NameID` mapping. For more information, see "[Updating a user's SAML `NameID`](#updating-a-users-saml-nameid)." {% endnote %} @@ -96,6 +96,14 @@ Para especificar más de un valor para un atributo, utiliza elementos múltiples ## Configurar parámetros SAML +You can enable or disable SAML authentication for {% data variables.product.product_location %}, or you can edit an existing configuration. You can view and edit authentication settings for {% data variables.product.product_name %} in the {% data variables.enterprise.management_console %}. Para obtener más información, consulta la sección "[Acceder a la consola de administración](/admin/configuration/configuring-your-enterprise/accessing-the-management-console)". + +{% note %} + +**Note**: {% data reusables.enterprise.test-in-staging %} + +{% endnote %} + {% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.management-console %} {% data reusables.enterprise_management_console.authentication %} @@ -118,19 +126,11 @@ Para especificar más de un valor para un atributo, utiliza elementos múltiples 1. Selecciona **Disable administrator demotion/promotion (Desactivar la degradación/promoción del administrador)** si **no** quieres que tu proveedor de SAML determine los derechos del administrador para los usuarios en {% data variables.product.product_location %}. ![Screenshot of option to enable option to respect the "administrator" attribute from the IdP to enable or disable administrative rights](/assets/images/enterprise/management-console/disable-admin-demotion-promotion.png) -1. Optionally, to allow {% data variables.product.product_location %} to send and receive encrypted assertions to and from your SAML IdP, select **Require encrypted assertions**. Para obtener más información, consulta la sección "[Habilitar las aserciones cifradas](#enabling-encrypted-assertions)". +{%- ifversion ghes > 3.3 %} +1. Optionally, to allow {% data variables.product.product_location %} to receive encrypted assertions from your SAML IdP, select **Require encrypted assertions**. You must ensure that your IdP supports encrypted assertions and that the encryption and key transport methods in the management console match the values configured on your IdP. You must also provide {% data variables.product.product_location %}'s public certificate to your IdP. Para obtener más información, consulta la sección "[Habilitar las aserciones cifradas](#enabling-encrypted-assertions)". ![Captura de pantalla de la casilla de verificación "Habilitar aserciones cifradas" dentro de la sección de "Autenticación"de la consola de administración](/assets/images/help/saml/management-console-enable-encrypted-assertions.png) - - {% warning %} - - **Advertencia**: El configurar aserciones cifradas incorrectamente puede causar que toda la autenticación a {% data variables.product.product_location %} falle. - - - You must ensure that your IdP supports encrypted assertions and that the encryption and key transport methods in the management console match the values configured on your IdP. You must also provide {% data variables.product.product_location %}'s public certificate to your IdP. Para obtener más información, consulta la sección "[Habilitar las aserciones cifradas](#enabling-encrypted-assertions)". - - - Before enabling encrypted assertions, {% data variables.product.company_short %} recommends testing encrypted assertions in a staging environment, and confirming that SAML authentication functions as you expect. Para obtener más información, consulta "[Configurar una instancia de preparación](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)." - - {% endwarning %} +{%- endif %} 1. In the **Single sign-on URL** field, type the HTTP or HTTPS endpoint on your IdP for single sign-on requests. Este valor lo provee la configuración de tu IdP. If the host is only available from your internal network, you may need to [configure {% data variables.product.product_location %} to use internal nameservers](/enterprise/{{ currentVersion }}/admin/guides/installation/configuring-dns-nameservers/). ![Screenshot of text field for single sign-on URL](/assets/images/enterprise/management-console/saml-single-sign-url.png) @@ -153,37 +153,38 @@ Para especificar más de un valor para un atributo, utiliza elementos múltiples To enable encrypted assertions, your SAML IdP must also support encrypted assertions. You must provide {% data variables.product.product_location %}'s public certificate to your IdP, and configure encryption settings that match your IdP. -{% warning %} +{% note %} -**Advertencia**: El configurar aserciones cifradas incorrectamente puede causar que toda la autenticación a {% data variables.product.product_location %} falle. {% data variables.product.company_short %} strongly recommends testing your SAML configuration in a staging environment. For more information about staging instances, see "[Setting up a staging instance](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)." +**Note**: {% data reusables.enterprise.test-in-staging %} -{% endwarning %} +{% endnote %} -1. Configure SAML for {% data variables.product.product_location %}. For more information, see "[Configuring SAML settings](#configuring-saml-settings)." -{% data reusables.enterprise_installation.ssh-into-instance %} -1. Run the following command to output {% data variables.product.product_location %}'s public certificate. - - openssl pkcs12 -in /data/user/common/saml-sp.p12 -nokeys -passin pass: -1. In the output, copy the text beginning with `-----BEGIN CERTIFICATE-----` and ending with `-----END CERTIFICATE-----`, and paste the output into a plaintext file. -1. Sign into your SAML IdP as an administrator. -1. In the application for {% data variables.product.product_location %}, enable encrypted assertions. - - Note the encryption method and key transport method. - - Provide the public certificate from step 3. +1. Optionally, enable SAML debugging. SAML debugging records verbose entries in {% data variables.product.product_name %}'s authentication log, and may help you troubleshoot failed authentication attempts. For more information, see "[Configuring SAML debugging](#configuring-saml-debugging)." {% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.management-console %} {% data reusables.enterprise_management_console.authentication %} 1. Select **Require encrypted assertions**. ![Captura de pantalla de la casilla de verificación "Habilitar aserciones cifradas" dentro de la sección de "Autenticación"de la consola de administración](/assets/images/help/saml/management-console-enable-encrypted-assertions.png) -1. To the right of "Encryption Method", select the encryption method for your IdP from step 5. +1. To the right of "Encryption Certificate", click **Download** to save a copy of {% data variables.product.product_location %}'s public certificate on your local machine. + + ![Screenshot of "Download" button for public certificate for encrypted assertions](/assets/images/help/saml/management-console-encrypted-assertions-download-certificate.png) +1. Sign into your SAML IdP as an administrator. +1. In the application for {% data variables.product.product_location %}, enable encrypted assertions. + - Note the encryption method and key transport method. + - Provide the public certificate you downloaded in step 7. +1. Return to the management console on {% data variables.product.product_location %}. +1. To the right of "Encryption Method", select the encryption method for your IdP from step 9. ![Screenshot of "Encryption Method" for encrypted assertions](/assets/images/help/saml/management-console-encrypted-assertions-encryption-method.png) -1. To the right of "Key Transport Method", select the key transport method for your IdP from step 5. +1. To the right of "Key Transport Method", select the key transport method for your IdP from step 9. ![Screenshot of "Key Transport Method" for encrypted assertions](/assets/images/help/saml/management-console-encrypted-assertions-key-transport-method.png) 1. Haz clic en **Guardar parámetros**. {% data reusables.enterprise_site_admin_settings.wait-for-configuration-run %} +If you enabled SAML debugging to test authentication with encrypted assertions, disable SAML debugging when you're done testing. For more information, see "[Configuring SAML debugging](#configuring-saml-debugging)." + {% endif %} ## Updating a user's SAML `NameID` @@ -240,11 +241,11 @@ Cuando el usuario vuelve a ingresar, {% data variables.product.prodname_ghe_serv > Another user already owns the account. Please have your administrator check the authentication log. -Este mensaje habitualmente indica que el nombre de usuario o dirección de correo electrónico cambió en el IdP. {% ifversion ghes %}Asegúrate de que el mapeo de la `NameID` para la cuenta de usuario en {% data variables.product.prodname_ghe_server %} empate con la `NameID` en tu IdP. Para obtener más información, consulta la sección "[Actualizar la `NameID` de SAML de un usuario](#updating-a-users-saml-nameid)".{% else %}Para encontrar ayuda para actualizar el mapeo de la `NameID`, contacta a {% data variables.contact.contact_ent_support %}.{% endif %} +Este mensaje habitualmente indica que el nombre de usuario o dirección de correo electrónico cambió en el IdP. Ensure that the `NameID` mapping for the user account on {% data variables.product.prodname_ghe_server %} matches the user's `NameID` on your IdP. For more information, see "[Updating a user's SAML `NameID`](#updating-a-users-saml-nameid)." ### Si la respuesta SAML no está firmada o la firma no coincide con los contenidos, se presentará el siguiente mensaje de error en el registro de autenticación: -Si el `Recipient` no coincide con la URL ACS para tu instancia de {% data variables.product.prodname_ghe_server %}, se presentará uno de los siguientes mensajes de error en el registro de autenticación cuando un usuario intente autenticarse. +If the `Recipient` does not match the ACS URL for {% data variables.product.product_location %}, one of the following two error messages will appear in the authentication log when a user attempts to authenticate. ``` El destinatario en la respuesta SAML no debe estar en blanco. @@ -254,7 +255,7 @@ El destinatario en la respuesta SAML no debe estar en blanco. El destinatario en la respuesta SAML no era válido. ``` -Asegúrate de que configuraste el valor para `Recipient` en tu IdP como la URL de ACS completa para tu instancia de {% data variables.product.prodname_ghe_server %}. Por ejemplo, `https://ghe.corp.example.com/saml/consume`. +Ensure that you set the value for `Recipient` on your IdP to the full ACS URL for {% data variables.product.product_location %}. Por ejemplo, `https://ghe.corp.example.com/saml/consume`. ### Error: "SAML Response is not signed or has been modified" @@ -274,4 +275,40 @@ Si la respuesta del IdP carece o tiene un valor incorrecto para `Audience`, se m La audiencia es no válida. Audience attribute does not match https://YOUR-INSTANCE-URL ``` -Asegúrate de haber configurado el valor para `Audience` en tu IdP como la `EntityId` para tu instancia de {% data variables.product.prodname_ghe_server %}, la cual es la URL completa para tu instancia de {% data variables.product.prodname_ghe_server %}. Por ejemplo, `https://ghe.corp.example.com`. +Ensure that you set the value for `Audience` on your IdP to the `EntityId` for {% data variables.product.product_location %}, which is the full URL to {% data variables.product.product_location %}. Por ejemplo, `https://ghe.corp.example.com`. + +### Configuring SAML debugging + +You can configure {% data variables.product.product_name %} to write verbose debug logs to _/var/log/github/auth.log_ for every SAML authentication attempt. You may be able to troubleshoot failed authentication attempts with this extra output. + +{% warning %} + +**Advertencias**: + +- Only enable SAML debugging temporarily, and disable debugging immediately after you finish troubleshooting. If you leave debugging enabled, the size of your log may increase much faster than usual, which can negatively impact the performance of {% data variables.product.product_name %}. +- Test new authentication settings for {% data variables.product.product_location %} in a staging environment before you apply the settings in your production environment. Para obtener más información, consulta "[Configurar una instancia de preparación](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)." + +{% endwarning %} + +{% data reusables.enterprise-accounts.access-enterprise %} +{% data reusables.enterprise-accounts.policies-tab %} +{% data reusables.enterprise-accounts.options-tab %} +1. Under "SAML debugging", select the drop-down and click **Enabled**. + + ![Screenshot of drop-down to enable SAML debugging](/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-enabled.png) + +1. Attempt to sign into {% data variables.product.product_location %} through your SAML IdP. + +1. Review the debug output in _/var/log/github/auth.log_ on {% data variables.product.product_location %}. + +1. When you're done troubleshooting, select the drop-down and click **Disabled**. + + ![Screenshot of drop-down to disable SAML debugging](/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-disabled.png) + +### Decoding responses in _auth.log_ + +Some output in _auth.log_ may be Base64-encoded. You can access the administrative shell and use the `base64` utility on {% data variables.product.product_location %} to decode these responses. For more information, see "[Accessing the administrative shell (SSH)](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh)." + +```shell +$ base64 --decode ENCODED OUTPUT +``` diff --git a/translations/es-ES/content/admin/index.md b/translations/es-ES/content/admin/index.md index 4c564e4ea5..2d68ddebfb 100644 --- a/translations/es-ES/content/admin/index.md +++ b/translations/es-ES/content/admin/index.md @@ -96,7 +96,7 @@ featuredLinks: - '{% ifversion ghae %}/admin/identity-and-access-management/configuring-authentication-and-provisioning-for-your-enterprise-using-azure-ad{% endif %}' - '{% ifversion ghae %}/billing/managing-billing-for-your-github-account/about-billing-for-your-enterprise{% endif %}' - '{% ifversion ghae %}/admin/overview/about-upgrades-to-new-releases{% endif %}' - - '{% ifversion ghae %}/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae{% endif %}' + - '{% ifversion ghae %}/admin/configuration/configuring-your-enterprise/deploying-github-ae{% endif %}' - '{% ifversion ghes %}/billing/managing-your-license-for-github-enterprise{% endif %}' - '{% ifversion ghes %}/admin/configuration/command-line-utilities{% endif %}' - '{% ifversion ghec %}/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise{% endif %}' diff --git a/translations/es-ES/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md b/translations/es-ES/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md index 330df79754..7dafac5db6 100644 --- a/translations/es-ES/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md +++ b/translations/es-ES/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md @@ -25,7 +25,7 @@ Existen tres tipos de migraciones que se pueden realizar: En una migración, todo gira en torno a un repositorio. La mayoría de los datos asociados con un repositorio se pueden migrar. Por ejemplo, un repositorio dentro de una organización migrará el repositorio *y* la organización, así como los usuarios, equipos, propuestas y solicitudes de extracción asociados con el repositorio. -Los elementos de la tabla a continuación se pueden migrar con un repositorio. Los elementos que no se muestren en la lista de datos migrados no se pueden migrar. +Los elementos de la tabla a continuación se pueden migrar con un repositorio. Any items not shown in the list of migrated data can not be migrated, including {% data variables.large_files.product_name_short %} assets. {% data reusables.enterprise_migrations.fork-persistence %} diff --git a/translations/es-ES/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md b/translations/es-ES/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md index bca81ac3c4..759d070755 100644 --- a/translations/es-ES/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md +++ b/translations/es-ES/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md @@ -25,7 +25,7 @@ shortTitle: Verificar la llave SSH existente # Lists the files in your .ssh directory, if they exist ``` -3. Comprueba la lista de directorio para ver si ya tiene una clave SSH pública. Predeterminadamente, {% ifversion ghae %}el nombre de archivo de una llave pública para {% data variables.product.product_name %} es *id_rsa.pub*.{% elsif fpt or ghes %}los nombres de archivo de las llaves públicas compatibles para {% data variables.product.product_name %} son una de las siguientes. +3. Comprueba la lista de directorio para ver si ya tiene una clave SSH pública. Predeterminadamente, {% ifversion ghae %}el nombre de archivo de una llave pública para {% data variables.product.product_name %} es *id_rsa.pub*.{% else %}los nombres de archivo de las llaves públicas compatibles para {% data variables.product.product_name %} son una de las siguientes. - *id_rsa.pub* - *id_ecdsa.pub* - *id_ed25519.pub*{% endif %} diff --git a/translations/es-ES/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md b/translations/es-ES/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md index 5c1e7b3895..af965ed795 100644 --- a/translations/es-ES/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md +++ b/translations/es-ES/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md @@ -37,7 +37,7 @@ Cuando pruebes tu conexión, tendrás que autenticar esta acción utilizando tu > ¿Estás seguro de que quieres continuar conectado (sí/no)? ``` -3. Verifica que la huella digital en el mensaje que ves empate con {% ifversion fpt or ghec %}[la huella digital de la llave pública de RSA de {% data variables.product.prodname_dotcom %}](/github/authenticating-to-github/githubs-ssh-key-fingerprints){% else %}la huella digital de la llave pública de tu empresa{% endif %}. Si lo hace, entonces teclea `yes`: +3. Verify that the fingerprint in the message you see matches {% ifversion fpt or ghec %}[{% data variables.product.prodname_dotcom %}'s public key fingerprint](/github/authenticating-to-github/githubs-ssh-key-fingerprints){% else %} your enterprise's public key fingerprint{% endif %}. Si lo hace, entonces teclea `yes`: ```shell > Hi username! You've successfully authenticated, but GitHub does not > provide shell access. diff --git a/translations/es-ES/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md b/translations/es-ES/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md index a810fd6fe6..c011c393f2 100644 --- a/translations/es-ES/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md +++ b/translations/es-ES/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md @@ -33,7 +33,7 @@ Si eso funcionó, ¡fantástico! De lo contrario, puede que debas [seguir nuestr Si puedes ingresar a `git@ssh.{% data variables.command_line.backticks %}` por SSH a través del puerto 443, podrás reemplazar los parámetros SSH para forzar que cualquier conexión a {% data variables.product.product_location %} se ejecute a través de ese servidor y puerto. -Para configurar esto en tu archivo de configuración SSH, edita el archivo en `~/.ssh/config` y agrega esta sección: +To set this in your SSH configuration file, edit the file at `~/.ssh/config`, and add this section: ``` Host {% data variables.command_line.codeblock %} diff --git a/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md b/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md index 3d628cfa43..60fc384867 100644 --- a/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md +++ b/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md @@ -27,7 +27,15 @@ By default, {% data variables.product.prodname_code_scanning %} analyzes your co Each alert highlights a problem with the code and the name of the tool that identified it. You can see the line of code that triggered the alert, as well as properties of the alert, such as the alert severity{% ifversion fpt or ghes > 3.1 or ghae or ghec %}, security severity,{% endif %} and the nature of the problem. Alerts also tell you when the issue was first introduced. For alerts identified by {% data variables.product.prodname_codeql %} analysis, you will also see information on how to fix the problem. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.alert-default-branch %} +{% endif %} + +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Example alert from {% data variables.product.prodname_code_scanning %}](/assets/images/help/repository/code-scanning-alert.png) +{% else %} +![Example alert from {% data variables.product.prodname_code_scanning %}](/assets/images/enterprise/3.4/repository/code-scanning-alert.png) +{% endif %} If you set up {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %}, you can also find data-flow problems in your code. Data-flow analysis finds potential security issues in code, such as: using data insecurely, passing dangerous arguments to functions, and leaking sensitive information. diff --git a/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md b/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md index d6ae1c8097..c8f214deae 100644 --- a/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md +++ b/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md @@ -46,9 +46,16 @@ By default, the code scanning alerts page is filtered to show alerts for the def {% else %} ![List of alerts from {% data variables.product.prodname_code_scanning %}](/assets/images/enterprise/3.1/help/repository/code-scanning-click-alert.png) {% endif %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} + {% data reusables.code-scanning.alert-default-branch %} + ![The "Affected branches" section in an alert](/assets/images/help/repository/code-scanning-affected-branches.png){% endif %} 1. Optionally, if the alert highlights a problem with data flow, click **Show paths** to display the path from the data source to the sink where it's used. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![The "Show paths" link on an alert](/assets/images/help/repository/code-scanning-show-paths.png) -1. Alerts from {% data variables.product.prodname_codeql %} analysis include a description of the problem. Click **Show more** for guidance on how to fix your code. + {% else %} + ![The "Show paths" link on an alert](/assets/images/enterprise/3.4/repository/code-scanning-show-paths.png) + {% endif %} +2. Alerts from {% data variables.product.prodname_codeql %} analysis include a description of the problem. Click **Show more** for guidance on how to fix your code. ![Details for an alert](/assets/images/help/repository/code-scanning-alert-details.png) For more information, see "[About {% data variables.product.prodname_code_scanning %} alerts](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts)." @@ -80,6 +87,10 @@ The benefit of using keyword filters is that only values with results are shown If you enter multiple filters, the view will show alerts matching _all_ these filters. For example, `is:closed severity:high branch:main` will only display closed high-severity alerts that are present on the `main` branch. The exception is filters relating to refs (`ref`, `branch` and `pr`): `is:open branch:main branch:next` will show you open alerts from both the `main` branch and the `next` branch. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.filter-non-default-branches %} +{% endif %} + {% ifversion fpt or ghes > 3.3 or ghec %} You can prefix the `tag` filter with `-` to exclude results with that tag. For example, `-tag:style` only shows alerts that do not have the `style` tag{% if codeql-ml-queries %} and `-tag:experimental` will omit all experimental alerts. For more information, see "[About {% data variables.product.prodname_code_scanning %} alerts](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts#about-experimental-alerts)."{% else %}.{% endif %} @@ -96,10 +107,12 @@ You can use the "Only alerts in application code" filter or `autofilter:true` ke You can search the list of alerts. This is useful if there is a large number of alerts in your repository, or if you don't know the exact name for an alert for example. {% data variables.product.product_name %} performs the free text search across: - The name of the alert -- The alert description - The alert details (this also includes the information hidden from view by default in the **Show more** collapsible section) - + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![The alert information used in searches](/assets/images/help/repository/code-scanning-free-text-search-areas.png) + {% else %} + ![The alert information used in searches](/assets/images/enterprise/3.4/repository/code-scanning-free-text-search-areas.png) + {% endif %} | Supported search | Syntax example | Results | | ---- | ---- | ---- | @@ -113,7 +126,7 @@ You can search the list of alerts. This is useful if there is a large number of **Tips:** - The multiple word search is equivalent to an OR search. -- The AND search will return results where the search terms are found _anywhere_, in any order in the alert name, description, or details. +- The AND search will return results where the search terms are found _anywhere_, in any order in the alert name or details. {% endtip %} @@ -143,7 +156,7 @@ If you have write permission for a repository, you can view fixed alerts by view You can use{% ifversion fpt or ghes > 3.1 or ghae or ghec %} the free text search or{% endif %} the filters to display a subset of alerts and then in turn mark all matching alerts as closed. -Alerts may be fixed in one branch but not in another. You can use the "Branch" drop-down menu, on the summary of alerts, to check whether an alert is fixed in a particular branch. +Alerts may be fixed in one branch but not in another. You can use the "Branch" filter, on the summary of alerts, to check whether an alert is fixed in a particular branch. {% ifversion fpt or ghes > 3.1 or ghae or ghec %} ![Filtering alerts by branch](/assets/images/help/repository/code-scanning-branch-filter.png) @@ -151,6 +164,9 @@ Alerts may be fixed in one branch but not in another. You can use the "Branch" d ![Filtering alerts by branch](/assets/images/enterprise/3.1/help/repository/code-scanning-branch-filter.png) {% endif %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.filter-non-default-branches %} +{% endif %} ## Dismissing or deleting alerts There are two ways of closing an alert. You can fix the problem in the code, or you can dismiss the alert. Alternatively, if you have admin permissions for the repository, you can delete alerts. Deleting alerts is useful in situations where you have set up a {% data variables.product.prodname_code_scanning %} tool and then decided to remove it, or where you have configured {% data variables.product.prodname_codeql %} analysis with a larger set of queries than you want to continue using, and you've then removed some queries from the tool. In both cases, deleting alerts allows you to clean up your {% data variables.product.prodname_code_scanning %} results. You can delete alerts from the summary list within the **Security** tab. diff --git a/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md b/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md index 66e2303aa0..8b32764582 100644 --- a/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md +++ b/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md @@ -39,7 +39,11 @@ You can use more than one issue to track the same {% data variables.product.prod - A "tracked in" section will also show in the corresponding alert page. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Tracked in section on code scanning alert page](/assets/images/help/repository/code-scanning-alert-tracked-in-pill.png) + {% else %} + ![Tracked in section on code scanning alert page](/assets/images/enterprise/3.4/repository/code-scanning-alert-tracked-in-pill.png) + {% endif %} - On the tracking issue, {% data variables.product.prodname_dotcom %} displays a security badge icon in the task list and on the hovercard. @@ -65,7 +69,11 @@ The status of the tracked alert won't change if you change the checkbox state of 1. Optionally, to find the alert to track, you can use the free-text search or the drop-down menus to filter and locate the alert. For more information, see "[Managing code scanning alerts for your repository](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#filtering-code-scanning-alerts)." {% endif %} 1. Towards the top of the page, on the right side, click **Create issue**. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Create a tracking issue for the code scanning alert](/assets/images/help/repository/code-scanning-create-issue-for-alert.png) + {% else %} + ![Create a tracking issue for the code scanning alert](/assets/images/enterprise/3.4/repository/code-scanning-create-issue-for-alert.png) + {% endif %} {% data variables.product.prodname_dotcom %} automatically creates an issue to track the alert and adds the alert as a task list item. {% data variables.product.prodname_dotcom %} prepopulates the issue: - The title contains the name of the {% data variables.product.prodname_code_scanning %} alert. diff --git a/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md b/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md index 66ae7d484f..29eaaa3ea7 100644 --- a/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md +++ b/translations/es-ES/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md @@ -74,10 +74,17 @@ If you have write permission for the repository, some annotations contain links To see more information about an alert, users with write permission can click the **Show more details** link shown in the annotation. This allows you to see all of the context and metadata provided by the tool in an alert view. In the example below, you can see tags showing the severity, type, and relevant common weakness enumerations (CWEs) for the problem. The view also shows which commit introduced the problem. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.alert-default-branch %} +{% endif %} + In the detailed view for an alert, some {% data variables.product.prodname_code_scanning %} tools, like {% data variables.product.prodname_codeql %} analysis, also include a description of the problem and a **Show more** link for guidance on how to fix your code. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Alert description and link to show more information](/assets/images/help/repository/code-scanning-pr-alert.png) - +{% else %} +![Alert description and link to show more information](/assets/images/enterprise/3.4/repository/code-scanning-pr-alert.png) +{% endif %} ## Fixing an alert on your pull request Anyone with push access to a pull request can fix a {% data variables.product.prodname_code_scanning %} alert that's identified on that pull request. If you commit changes to the pull request this triggers a new run of the pull request checks. If your changes fix the problem, the alert is closed and the annotation removed. diff --git a/translations/es-ES/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md b/translations/es-ES/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md new file mode 100644 index 0000000000..5d5a3dd9d7 --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md @@ -0,0 +1,101 @@ +--- +title: About Dependabot alerts +intro: '{% data variables.product.product_name %} envía {% data variables.product.prodname_dependabot_alerts %} cuando detectamos vulnerabilidades que afectan tu repositorio.' +redirect_from: + - /articles/about-security-alerts-for-vulnerable-dependencies + - /github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies + - /github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies + - /code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +type: overview +topics: + - Dependabot + - Alerts + - Vulnerabilities + - Repositories + - Dependencies +shortTitle: Las alertas del dependabot +--- + + + +## Acerca de las dependencias vulnerables + +{% data reusables.repositories.a-vulnerability-is %} + +Cuando tu código depende de un paquete que tiene una vulnerabilidad de seguridad, esta dependencia puede causar una serie de problemas para tu proyecto o para las personas que lo utilizan. + +## Detección de dependencias vulnerables + +{% data reusables.dependabot.dependabot-alerts-beta %} + +El {% data variables.product.prodname_dependabot %} lleva a cabo un escaneo para detectar las dependencias vulnerables y envía {% data variables.product.prodname_dependabot_alerts %} cuando: + +{% ifversion fpt or ghec %} +- Se agrega una vulnerabilidad nueva a la {% data variables.product.prodname_advisory_database %}. Para obtener más información, consulta las secciones "[Buscar vulnerabilidades de seguridad en la {% data variables.product.prodname_advisory_database %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database)" y [Acerca de las {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)".{% else %} +- Se sincronizan los datos de las asesorías nuevas en {% data variables.product.product_location %} cada hora desde {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.security-advisory.link-browsing-advisory-db %}{% endif %} + {% note %} + + **Nota:** Solo las asesorías que ha revisado {% data variables.product.company_short %} activarán las {% data variables.product.prodname_dependabot_alerts %}. + + {% endnote %} +- La gráfica de dependencias para los cambios a un repositorio. Por ejemplo, cuando un colaborador sube una confirmación para cambiar los paquetes o versiones de los cuales depende{% ifversion fpt or ghec %}, o cuando cambia el código de alguna de las dependencias{% endif %}. Para obtener más información, consulta la sección "[Acerca de la gráfica de dependencias](/code-security/supply-chain-security/about-the-dependency-graph)". + +{% data reusables.repositories.dependency-review %} + +Para encontrar una lista de ecosistemas para las cuales {% data variables.product.product_name %} puede detectar vulnerabilidades y dependencias, consulta la sección [ecosistemas de paquete compatibles](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)". + +{% note %} + +**Nota:** Es importante mantener actualizados tu manifiesto y tus archivos bloqueados. Si la gráfica de dependencias no refleja con exactitud tus versiones y dependencias actuales, entonces podrías dejar pasar las alertas de las dependencias vulnerables que utilizas. También podrías obtener alertas de las dependencias que ya no utilizas. + +{% endnote %} + +## {% data variables.product.prodname_dependabot_alerts %} para dependencias vulnerables + +{% data reusables.repositories.enable-security-alerts %} + +{% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom %} detecta las dependencias vulnerables en los repositorios _públicos_ y muestra la gráfica de dependencias, pero no genera {% data variables.product.prodname_dependabot_alerts %} predeterminadamente. Los propietarios de repositorios o las personas con acceso administrativo pueden habilitar las {% data variables.product.prodname_dependabot_alerts %} para los repositorios públicos. Los propietarios de los repositorios privados o las personas con acceso administrativo puede habilitar las {% data variables.product.prodname_dependabot_alerts %} si habilitan la gráfica de dependencias y las {% data variables.product.prodname_dependabot_alerts %} para sus repositorios. + +También puedes habilitar o inhabilitar las {% data variables.product.prodname_dependabot_alerts %} para todos los repositorios que pertenezcan atu cuenta de usuario u organización. Para obtener más información, consulta la sección "[Administrar la seguridad y la configuración de análisis para tu cuenta de usuario](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" o la sección "[Administrar la configuración de seguridad y análisis para tu organización](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)". + +Para obtener más información sobre los requisitos de acceso para las acciones que se relacionan con las {% data variables.product.prodname_dependabot_alerts %}, consulta la sección "[Roles de repositorio para una organización](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization#access-requirements-for-security-features)". + +{% data variables.product.product_name %} comienza a generar la gráfica de dependencias inmediatamente y genera alertas de cualquier dependencia vulnerable tan pronto como las identifique. La gráfica se llena en cuestión de minutos habitualmente, pero esto puede tardar más para los repositorios que tengan muchas dependencias. Para obtener más información, consulta la sección "[Administrar la configuración de uso de datos para tu repositorio privado](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)". +{% endif %} + +Cuando {% data variables.product.product_name %} identifica una dependencia vulnerable, generamos una alerta del {% data variables.product.prodname_dependabot %} y la mostramos {% ifversion fpt or ghec or ghes %}en la pestaña de Seguridad del repositorio y{% endif %} en la gráfica de dependencias del mismo. La alerta incluye {% ifversion fpt or ghec or ghes %}un enlace al archivo afectado en el proyecto e{% endif %}información sobre una versión corregida. {% data variables.product.product_name %} también podría notificar a los mantenedores de los repositorios afectados sobre la nueva alerta de acuerdo con sus preferencias de notificaciones. Para obtener más información, consulta la sección "[Configurar las notificaciones para las dependencias vulnerables](/code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies)". + +{% ifversion fpt or ghec or ghes > 3.2 %} +Para los repositorios en donde están habilitadas las {% data variables.product.prodname_dependabot_security_updates %}, la alerta también podría contener un enlace a una solicitud de cambios o a una actualización en el archivo de bloqueo o de manifiesto para la versión mínima que resuelva la vulnerabilidad. Para obtener más información, consulta la sección "[Acerca de las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)". +{% endif %} + +{% warning %} + +**Nota**: Las características de seguridad de {% data variables.product.product_name %} no aseguran que se detectarán todas las vulnerabilidades. Aunque siempre estamos tratando de actualizar nuestra base de datos de vulnerabilidades y de generar alertas con nuestra información más actualizada, no podremos atrapar todo o garantizar decirte acerca de las vulnerabilidades conocidas dentro de un periodo de tiempo determinado. Estas características no son sustitutos de la revisión humana de cada dependencia por posibles vulnerabilidades o cualquier otra cuestión. Te recomendamos consultar con un servicio de seguridad o realizar una revisión de vulnerabilidad exhaustiva cuando sea necesario. + +{% endwarning %} + +## Acceder a las {% data variables.product.prodname_dependabot_alerts %} + +Puedes ver todas las alertas que afectan un proyecto en particular{% ifversion fpt or ghec %} en la pestaña de Seguridad del repositorio o{% endif %} en la gráfica de dependencias del repositorio. For more information, see "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." + +Predeterminadamente, notificamos a las personas con permisos administrativos en los repositorios afectados sobre las {% data variables.product.prodname_dependabot_alerts %} nuevas. {% ifversion fpt or ghec %}{% data variables.product.product_name %} nunca divulga públicamente las vulnerabilidades identificadas de ningún repositorio. También puedes hacer que las {% data variables.product.prodname_dependabot_alerts %} sean visibles para más personas o equipos que trabajen en los repositorios que te pertenecen o para los cuales tienes permisos administrativos. Para obtener más información, consulta la sección "[Administrar la configuración de seguridad y análisis para tu repositorio](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)". +{% endif %} + +{% data reusables.notifications.vulnerable-dependency-notification-enable %} +{% data reusables.notifications.vulnerable-dependency-notification-delivery-method-customization2 %} Para obtener más información, consulta la sección "[Configurar las notificaciones para las dependencias vulnerables](/code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies)". + +También puedes ver todas las {% data variables.product.prodname_dependabot_alerts %} que corresponden a una vulnerabilidad en particular en la {% data variables.product.prodname_advisory_database %}. {% data reusables.security-advisory.link-browsing-advisory-db %} + +{% ifversion fpt or ghec or ghes > 3.2 %} +## Leer más + +- "[Acerca de las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/articles/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% endif %} +{% ifversion fpt or ghec %}- "[Privacidad en {% data variables.product.prodname_dotcom %}](/get-started/privacy-on-github)"{% endif %} diff --git a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md b/translations/es-ES/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md similarity index 92% rename from translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md rename to translations/es-ES/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md index 429a422217..b9fa1675b0 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md +++ b/translations/es-ES/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md @@ -6,6 +6,7 @@ miniTocMaxHeadingLevel: 3 redirect_from: - /github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database - /code-security/supply-chain-security/browsing-security-vulnerabilities-in-the-github-advisory-database + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database versions: fpt: '*' ghec: '*' @@ -36,7 +37,7 @@ Las asesorías que revisa {% data variables.product.company_short %} son vulnera Revisamos la validez de cada asesoría cuidadosamente. Cada asesoría que revisa {% data variables.product.company_short %} tiene una descripción completa y contiene información tanto del ecosistema como del paquete. -Si habilitas las {% data variables.product.prodname_dependabot_alerts %} para tus repositorios, se te notifica automáticamente cuando una asesoría que revisa {% data variables.product.company_short %} afecta a los paquetes de los que dependes. Para obtener más información, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)". +Si habilitas las {% data variables.product.prodname_dependabot_alerts %} para tus repositorios, se te notifica automáticamente cuando una asesoría que revisa {% data variables.product.company_short %} afecta a los paquetes de los que dependes. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." ### Acerca de las asesorías sin revisar @@ -76,7 +77,7 @@ También se puede acceder a la base de datos utilizando la API de GraphQL. Para {% endnote %} ## Editar una asesoría en la {% data variables.product.prodname_advisory_database %} -Puedes sugerir mejoras a cualquier asesoría en la {% data variables.product.prodname_advisory_database %}. Para obtener más información, consulta la sección "[Editar las asesorías de seguridad en la {% data variables.product.prodname_advisory_database %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)". +Puedes sugerir mejoras a cualquier asesoría en la {% data variables.product.prodname_advisory_database %}. For more information, see "[Editing security advisories in the {% data variables.product.prodname_advisory_database %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)." ## Buscar en la {% data variables.product.prodname_advisory_database %} por coincidencia exacta @@ -107,7 +108,7 @@ Puedes buscar la base de datos y utilizar los calificadores para definir más tu ## Visualizar tus repositorios vulnerables -Para cualquier asesoría que revise {% data variables.product.company_short %} en la {% data variables.product.prodname_advisory_database %}, puedes ver cuáles de tus repositorios se ven afectados por esa vulnerabilidad de seguridad. Para ver un repositorio vulnerable, debes tener acceso a las {% data variables.product.prodname_dependabot_alerts %} de este. Para obtener más información, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)". +Para cualquier asesoría que revise {% data variables.product.company_short %} en la {% data variables.product.prodname_advisory_database %}, puedes ver cuáles de tus repositorios se ven afectados por esa vulnerabilidad de seguridad. Para ver un repositorio vulnerable, debes tener acceso a las {% data variables.product.prodname_dependabot_alerts %} de este. Para obtener más información, consulta la sección "[Acerca de las {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)". 1. Navega hasta https://github.com/advisories. 2. Haz clic en una asesoría. diff --git a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md b/translations/es-ES/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md similarity index 87% rename from translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md rename to translations/es-ES/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md index 79451b4dcf..0387ee0927 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md +++ b/translations/es-ES/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md @@ -1,10 +1,11 @@ --- -title: Configurar las notificaciones para las dependencias vulnerables -shortTitle: Configurar notificaciones +title: Configuring notifications for Dependabot alerts +shortTitle: Configure notifications intro: 'Optimiza la forma en la que recibes notificaciones de {% data variables.product.prodname_dependabot_alerts %}.' redirect_from: - /github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies - /code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies versions: fpt: '*' ghes: '*' @@ -51,7 +52,7 @@ Puedes configurar los ajustes de notificaciones para ti mismo o para tu organiza {% note %} -**Nota:** Puedes filtrar tus notificaciones en {% data variables.product.company_short %} para mostrar las {% data variables.product.prodname_dependabot_alerts %}. Para recibir más información, consulta la sección "[Administrar las notificaciones desde tu bandeja de entrada](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#dependabot-custom-filters)". +**Nota:** Puedes filtrar tus notificaciones en {% data variables.product.company_short %} para mostrar las {% data variables.product.prodname_dependabot_alerts %}. Para obtener más información, consulta la sección "[Administrar notificación desde tu bandeja de entrada](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#dependabot-custom-filters)". {% endnote %} @@ -59,7 +60,7 @@ Puedes configurar los ajustes de notificaciones para ti mismo o para tu organiza ## Cómo reducir el ruido de las notificaciones para las dependencias vulnerables -Si te preocupa recibir demasiadas notificaciones para las {% data variables.product.prodname_dependabot_alerts %}, te recomendamos que te unas al resumen semanal por correo electrónico o que apagues las notificaciones mientras mantienes habilitadas las {% data variables.product.prodname_dependabot_alerts %}. Aún puedes navegar para ver tus {% data variables.product.prodname_dependabot_alerts %} en la pestaña de seguridad de tu repositorio. Para obtener más información, consulta la sección "[Visualizar y actualizar las dependencias vulnerables en tu repositiorio](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)". +Si te preocupa recibir demasiadas notificaciones para las {% data variables.product.prodname_dependabot_alerts %}, te recomendamos que te unas al resumen semanal por correo electrónico o que apagues las notificaciones mientras mantienes habilitadas las {% data variables.product.prodname_dependabot_alerts %}. Aún puedes navegar para ver tus {% data variables.product.prodname_dependabot_alerts %} en la pestaña de seguridad de tu repositorio. For more information, see "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." ## Leer más diff --git a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md b/translations/es-ES/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md similarity index 94% rename from translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md rename to translations/es-ES/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md index 2521a88f09..506b79db19 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md +++ b/translations/es-ES/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md @@ -3,6 +3,7 @@ title: Editing security advisories in the GitHub Advisory Database intro: 'You can submit improvements to any advisory published in the {% data variables.product.prodname_advisory_database %}.' redirect_from: - /code-security/security-advisories/editing-security-advisories-in-the-github-advisory-database + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database versions: fpt: '*' ghec: '*' diff --git a/translations/es-ES/content/code-security/dependabot/dependabot-alerts/index.md b/translations/es-ES/content/code-security/dependabot/dependabot-alerts/index.md new file mode 100644 index 0000000000..b6b5ef6627 --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/dependabot-alerts/index.md @@ -0,0 +1,24 @@ +--- +title: Identifying vulnerabilities in your project's dependencies with Dependabot alerts +shortTitle: Las alertas del dependabot +intro: '{% data variables.product.prodname_dependabot %} generates {% data variables.product.prodname_dependabot_alerts %} when known vulnerabilites are detected in dependencies that your project uses.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +topics: + - Dependabot + - Alerts + - Vulnerabilities + - Repositories + - Dependencies +children: + - /browsing-security-vulnerabilities-in-the-github-advisory-database + - /editing-security-advisories-in-the-github-advisory-database + - /about-dependabot-alerts + - /viewing-and-updating-dependabot-alerts + - /configuring-notifications-for-dependabot-alerts +--- + diff --git a/translations/es-ES/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md b/translations/es-ES/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md new file mode 100644 index 0000000000..ec69f49a52 --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md @@ -0,0 +1,106 @@ +--- +title: Viewing and updating Dependabot alerts +intro: 'Si {% data variables.product.product_name %} descubre una dependencia vulnerable en tu proyecto, podrás verla en la pestaña de alertas del Dependabot de tu repositorio. Posteriormente, podrás actualizar tu proyecto para resolver o descartar la vulnerabilidad.' +redirect_from: + - /articles/viewing-and-updating-vulnerable-dependencies-in-your-repository + - /github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository + - /code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository +permissions: Repository administrators and organization owners can view and update dependencies. +shortTitle: View Dependabot alerts +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +type: how_to +topics: + - Dependabot + - Security updates + - Alerts + - Dependencies + - Pull requests + - Repositories +--- + +{% data reusables.dependabot.beta-security-and-version-updates %} +{% data reusables.dependabot.enterprise-enable-dependabot %} + +La pestaña de {% data variables.product.prodname_dependabot_alerts %} de tu repositorio lista todas las{% data variables.product.prodname_dependabot_alerts %} abiertas y cerradas{% ifversion fpt or ghec or ghes > 3.2 %}, así como las {% data variables.product.prodname_dependabot_security_updates %} correspondientes{% endif %}. Puedes{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} filtrar las alertas por paquete, ecosistema o manifiesto. Tambén puedes{% endif %} clasificar la lista de alertas y hacer clic en ellas para obtener más detalles. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." + +{% ifversion fpt or ghec or ghes > 3.2 %} +Puedes habilitar las alertas de seguridad automáticas para cualquier repositorio que utilice {% data variables.product.prodname_dependabot_alerts %} y la gráfica de dependencias. Para obtener más información, consulta la sección "[Acerca de las {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)". +{% endif %} + +{% data reusables.repositories.dependency-review %} + +{% ifversion fpt or ghec or ghes > 3.2 %} +## Acerca de las actualizaciones para las dependencias vulnerables en tu repositorio + +{% data variables.product.product_name %} genera {% data variables.product.prodname_dependabot_alerts %} cuando detectamos que tu base de código está utilizando dependencias con vulnerabilidades conocidas. Para los repositorios en donde se habilitan las {% data variables.product.prodname_dependabot_security_updates %} cuando {% data variables.product.product_name %} detecta una dependencia vulnerable en la rama predeterminada, {% data variables.product.prodname_dependabot %} crea una solicitud de cambios para arreglarla. La solicitud de extracción mejorará la dependencia a la versión segura mínima que sea posible y necesaria para evitar la vulnerabilidad. + +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %}Puedes clasificar y filtrar las {% data variables.product.prodname_dependabot_alerts %} con los menús desplegables en la pestaña de {% data variables.product.prodname_dependabot_alerts %} o tecleando filtros tales como pares de `key:value` en la barra de búsqueda. Los filtros disponibles son los de repositorio (pro ejemplo, `repo:my-repository`), paquete (por ejemplo, `package:django`), ecosistema (por ejemplo, `ecosystem:npm`), manifiesto (por ejemplo, `manifest:webwolf/pom.xml`), estado (por ejemplo, `is:open`) y si la asesoría tiene un parche (por ejemplo, `has: patch`). + +Cada alerta del {% data variables.product.prodname_dependabot %} tiene un identificador numérico único y la pestaña de {% data variables.product.prodname_dependabot_alerts %} lista una alerta por cada vulnerabilidad detectada. Las {% data variables.product.prodname_dependabot_alerts %} tradicionales agrupan vulnerabilidades por dependencia y generan una sola alerta por dependencia. Si navegas a una alerta tradicional del {% data variables.product.prodname_dependabot %}, se te redirigirá a una pestaña de {% data variables.product.prodname_dependabot_alerts %} filtradas para este paquete. {% endif %} +{% endif %} + +## Ver y actualizar las dependencias vulnerables + +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-security %} +{% data reusables.repositories.sidebar-dependabot-alerts %} +1. Opcionalmente, para filtrar alertas, selecciona el menú desplegable de **Repositorio**, l **Paquete**, **Ecosistema** o **Manifiesto** y luego haz clic en el filtro que te gustaría aplicar. También puedes teclear filtros en la barra de búsqueda. Por ejemplo, `ecosystem:npm` o `has:patch`. Para ordenar las alertas, selecciona el menú desplegable **Ordenar** y luego haz clic en la opción por la cual te gustaría ordenarlas. ![Captura de pantalla del filtro y menús de clasificación en la pestaña de las {% data variables.product.prodname_dependabot_alerts %}](/assets/images/help/graphs/dependabot-alerts-filters.png) +1. Haz clic en la alerta que te gustaría ver. ![Alerta seleccionada en la lista de alertas](/assets/images/help/graphs/click-alert-in-alerts-list-ungrouped.png) +1. Revisa los detalles de la vulnerabilidad y, en caso de que esté disponible, la solicitud de extracción que contienen la actualización de seguridad automatizada. +1. Opcionalmente, si no existe ya una actualización de {% data variables.product.prodname_dependabot_security_updates %} para la alerta, para crear una solicitud de extracción o para resolver la vulnerabilidad, da clic en **Crear una actualización de eguridad del {% data variables.product.prodname_dependabot %}**. ![Crea un botón de actualización de seguridad del {% data variables.product.prodname_dependabot %}](/assets/images/help/repository/create-dependabot-security-update-button-ungrouped.png) +1. Cuando estés listo para actualizar tu dependencia y resolver la vulnerabilidad, fusiona la solicitud de extracción. Cada solicitud de extracción que levante el {% data variables.product.prodname_dependabot %} incluye información sobre los comandos que puedes utilizar para controlar el {% data variables.product.prodname_dependabot %}. Para obtener más información, consulta la sección "[Adminsitrar las solicitudes de extracción para las actualizaciones de las dependencias](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)". +1. Optionally, if the alert is being fixed, if it's incorrect, or located in unused code, select the "Dismiss" dropdown, and click a reason for dismissing the alert.{% if reopen-dependabot-alerts %} Unfixed dismissed alerts can be reopened later.{% endif %} ![Elegir una razón para descartar la alerta a través del menú desplegable de "Descartar"](/assets/images/help/repository/dependabot-alert-dismiss-drop-down-ungrouped.png) + +{% elsif ghes = 3.3 %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-security %} +{% data reusables.repositories.sidebar-dependabot-alerts %} +1. Haz clic en la alerta que quieres ver. ![Alerta seleccionada en la lista de alertas](/assets/images/help/graphs/click-alert-in-alerts-list.png) +1. Revisa los detalles de la vulnerabilidad y, en caso de que esté disponible, la solicitud de extracción que contienen la actualización de seguridad automatizada. +1. Opcionalmente, si no existe ya una actualización de {% data variables.product.prodname_dependabot_security_updates %} para la alerta, para crear una solicitud de extracción o para resolver la vulnerabilidad, da clic en **Crear una actualización de eguridad del {% data variables.product.prodname_dependabot %}**. ![Crea un botón de actualización de seguridad del {% data variables.product.prodname_dependabot %}](/assets/images/help/repository/create-dependabot-security-update-button.png) +1. Cuando estés listo para actualizar tu dependencia y resolver la vulnerabilidad, fusiona la solicitud de extracción. Cada solicitud de extracción que levante el {% data variables.product.prodname_dependabot %} incluye información sobre los comandos que puedes utilizar para controlar el {% data variables.product.prodname_dependabot %}. Para obtener más información, consulta la sección "[Adminsitrar las solicitudes de extracción para las actualizaciones de las dependencias](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)". +1. Opcionalmente, si se está arreglando la alerta, si es incorrecta o si se ubica en una sección de código sin utilizar, selecciona el menú desplegable de "Descartar" y haz clic en una razón para descartar la alerta. ![Elegir una razón para descartar la alerta a través del menú desplegable de "Descartar"](/assets/images/help/repository/dependabot-alert-dismiss-drop-down.png) + +{% elsif ghes = 3.1 or ghes = 3.2 or ghae-issue-4864 %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-security %} +{% data reusables.repositories.sidebar-dependabot-alerts %} +1. Haz clic en la alerta que quieres ver. ![Alerta seleccionada en la lista de alertas](/assets/images/enterprise/graphs/click-alert-in-alerts-list.png) +1. Revisa los detalles de la vulnerabilidad y determina si necesitas actualizar la dependencia o no. +1. Cuando fusionas una solicitud de cambios que actualice el archivo de manifiesto o de bloqueo a una versión segura de la dependencia, esto resolverá la alerta. Como alternativa, si decides no actualizar la dependencia, selecciona el menú desplegable **Descartar** y haz clic en una razón para descartar la alerta. ![Elegir una razón para descartar la alerta a través del menú desplegable de "Descartar"](/assets/images/enterprise/repository/dependabot-alert-dismiss-drop-down.png) + +{% else %} +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.accessing-repository-graphs %} +{% data reusables.repositories.click-dependency-graph %} +1. Haz clic en el número de versión de la dependencia vulnerable para mostrar la información detallada. ![Información detallada de la dependencia vulnerable](/assets/images/enterprise/3.0/dependabot-alert-info.png) +1. Revisa los detalles de la vulnerabilidad y determina si necesitas actualizar la dependencia o no. Cuando fusionas una solicitud de cambios que actualice el archivo de manifiesto o de bloqueo a una versión segura de la dependencia, esto resolverá la alerta. +1. El letrero en la parte superior de la pestaña de **Dependencias** se muestra hasta que todas las dependencias vulnerables se resuelven o hasta que lo descartes. Haz clic en **Descartar** en la esquina superior derecha del letrero y selecciona una razón para descartar la alerta. ![Descartar el letrero de seguridad](/assets/images/enterprise/3.0/dependabot-alert-dismiss.png) +{% endif %} + +{% if reopen-dependabot-alerts %} + +## Viewing and updating closed alerts + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-security %} +{% data reusables.repositories.sidebar-dependabot-alerts %} +1. To just view closed alerts, click **Closed**. ![Screenshot showing the "Closed" option](/assets/images/help/repository/dependabot-alerts-closed.png) +1. Click the alert that you would like to view or update. ![Screenshot showing a highlighted dependabot alert](/assets/images/help/repository/dependabot-alerts-select-closed-alert.png) +2. Optionally, if the alert was dismissed and you wish to reopen it, click **Reopen**. ![Screenshot showing the "Reopen" button](/assets/images/help/repository/reopen-dismissed-alert.png) + +{% endif %} + +## Leer más + +- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[Configurar las {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)"{% endif %} +- "[Administrar la configuración de seguridad y de análisis para tu organización](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" +- "[Solucionar problemas en la detección de dependencias vulnerables](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[Solucionar problemas de los errores del {% data variables.product.prodname_dependabot %}](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"{% endif %} diff --git a/translations/es-ES/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md b/translations/es-ES/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md new file mode 100644 index 0000000000..b71d247470 --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md @@ -0,0 +1,67 @@ +--- +title: Acerca de las actualizaciones de seguridad del Dependabot +intro: '{% data variables.product.prodname_dependabot %} puede arreglar tus dependencias vulnerables levantando solicitudes de extracción con actualizaciones de seguridad.' +shortTitle: Actualizaciones de seguridad del dependabot +redirect_from: + - /github/managing-security-vulnerabilities/about-github-dependabot-security-updates + - /github/managing-security-vulnerabilities/about-dependabot-security-updates + - /code-security/supply-chain-security/about-dependabot-security-updates + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates +versions: + fpt: '*' + ghec: '*' + ghes: '> 3.2' +type: overview +topics: + - Dependabot + - Security updates + - Vulnerabilities + - Repositories + - Dependencies + - Pull requests +--- + + + +{% data reusables.dependabot.beta-security-and-version-updates %} +{% data reusables.dependabot.enterprise-enable-dependabot %} + +## Acerca de {% data variables.product.prodname_dependabot_security_updates %} + +Las {% data variables.product.prodname_dependabot_security_updates %} te facilitan el arreglar las dependencias vulnerables en tu repositorio. Si habilitas esta característica, cuando se levante una alerta del {% data variables.product.prodname_dependabot %} para una dependencia vulnerable en la gráfica de dependencias de tu repositorio, {% data variables.product.prodname_dependabot %} intentará arreglarla automáticamente. Para obtener más información, consulta las secciones "[Acerca de las {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" y "[Configurar las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)". + +{% data variables.product.prodname_dotcom %} podría enviar {% data variables.product.prodname_dependabot_alerts %} a los repositorios que se vieron afectados por la vulnerabilidad que se divulgó en una asesoría de seguridad de {% data variables.product.prodname_dotcom %} publicada recientemente. {% data reusables.security-advisory.link-browsing-advisory-db %} + +{% data variables.product.prodname_dependabot %} verifica si es posible actualizar la dependencia vulnerable a una versión arreglada sin irrumpir en la gráfica de dependencias para el repositorio. Posteriormente, el {% data variables.product.prodname_dependabot %} levanta una solicitud de cambios para actualizar la dependencia a la versión mínima que incluye el parche y los enlaces a la solicitud de cambios para la alerta del {% data variables.product.prodname_dependabot %}, o reporta un error en la alerta. Para obtener más información, consulta la sección "[Solucionar problemas para los errores del {% data variables.product.prodname_dependabot %}](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)". + +{% note %} + +**Nota** + +La característica de {% data variables.product.prodname_dependabot_security_updates %} se encuentra disponible para los repositorios en donde hayas habilitado la gráfica de dependencias y las {% data variables.product.prodname_dependabot_alerts %}. Verás una alerta del {% data variables.product.prodname_dependabot %} por cada dependencia vulnerable que se haya identificado en toda tu gráfica de dependencias. Sin embargo, las actualizaciones de seguridad se activan únicamente para las dependencias que se especifican en un archivo de manifiesto o de bloqueo. El {% data variables.product.prodname_dependabot %} no puede actualizar una dependencia indirecta o transitoria si no se define explícitamente. Para obtener más información, consulta la sección "[Acerca de la gráfica de dependencias](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#dependencies-included)". + +{% endnote %} + +Puedes habilitar una característica relacionada, {% data variables.product.prodname_dependabot_version_updates %}, para que el {% data variables.product.prodname_dependabot %} levante solicitudes de cambio para actualizar el manifiesto a la última versión de la dependencia cuando detecte una que esté desactualizada. Para obtener más información, consulta la sección "[Acerca de las actualizaciones de versión del {% data variables.product.prodname_dependabot %}](/github/administering-a-repository/about-dependabot-version-updates)". + +{% data reusables.dependabot.pull-request-security-vs-version-updates %} + +## Acerca de las solicitudes de cambios para las actualizaciones de seguridad + +Cada solicitud de cambios contiene todo lo que necesitas para revisar y fusionar de forma rápida y segura un arreglo propuesto en tu proyecto. Esto incluye la información acerca de la vulnerabilidad, como las notas de lanzamiento, las entradas de bitácora de cambios, y los detalles de confirmación. Los detalles de qué vulnerabilidad resuelve una solicitud de cambios se encuentran ocultos para cualquiera que no tenga acceso a las {% data variables.product.prodname_dependabot_alerts %} del repositorio en cuestión. + +Cuando fusionas una solicitud de cambios que contiene una actualización de seguridad, la alerta correspondiente del {% data variables.product.prodname_dependabot %} se marca como resuelta en el repositorio. Para obtener más información acerca de las solicitudes de cambios del {% data variables.product.prodname_dependabot %}, consulta la sección "[Administrar las solicitudes de cambios para las actualizaciones de las dependencias](/github/administering-a-repository/managing-pull-requests-for-dependency-updates)". + +{% data reusables.dependabot.automated-tests-note %} + +{% ifversion fpt or ghec %} + +## Acerca de las puntuaciones de compatibilidad + +Las {% data variables.product.prodname_dependabot_security_updates %} podrían incluir puntuaciones de compatibilidad para hacerte saber si el actualizar una dependencia podría causar cambios sustanciales en tu proyecto. Estos se calculan de las pruebas de IC en otros repositorios públicos en donde se ha generado la misma actualización de seguridad. La puntuación de compatibilidad de una actualización es el porcentaje de ejecuciones de IC que pasaron cuando se hicieron actualizaciones en versiones específicas de la dependencia. + +{% endif %} + +## Acerca de las notificaciones para las actualizaciones de seguridad del {% data variables.product.prodname_dependabot %} + +Puedes filtrar tus notificaciones en {% data variables.product.company_short %} para mostrar las actualizaciones de seguridad del {% data variables.product.prodname_dependabot %}. Para obtener más información, consulta la sección "[Administrar notificación desde tu bandeja de entrada](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#dependabot-custom-filters)". diff --git a/translations/es-ES/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md b/translations/es-ES/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md new file mode 100644 index 0000000000..1295897dfa --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md @@ -0,0 +1,82 @@ +--- +title: Configurar las actualizaciones de seguridad del Dependabot +intro: 'Puedes utilizar las {% data variables.product.prodname_dependabot_security_updates %} o las solicitudes de extracción manuales para actualizar fácilmente las dependencias vulnerables.' +shortTitle: Configurar las actualizaciones de seguridad +redirect_from: + - /articles/configuring-automated-security-fixes + - /github/managing-security-vulnerabilities/configuring-automated-security-fixes + - /github/managing-security-vulnerabilities/configuring-automated-security-updates + - /github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates + - /github/managing-security-vulnerabilities/configuring-dependabot-security-updates + - /code-security/supply-chain-security/configuring-dependabot-security-updates + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +type: how_to +topics: + - Dependabot + - Security updates + - Alerts + - Dependencies + - Pull requests + - Repositories +--- + + + +{% data reusables.dependabot.beta-security-and-version-updates %} +{% data reusables.dependabot.enterprise-enable-dependabot %} + +## Acerca de la configuración de las {% data variables.product.prodname_dependabot_security_updates %} + +Puedes habilitar las {% data variables.product.prodname_dependabot_security_updates %} para cualquier repositorio que utilice {% data variables.product.prodname_dependabot_alerts %} y la gráfica de dependencias. Para obtener más información, consulta la sección "[Acerca de las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)". + +Puedes inhabilitar las {% data variables.product.prodname_dependabot_security_updates %} para un repositorio individual o para todos los repositorios que pertenezcan a tu organización o cuenta de usuario. Para obtener más información, consulta la sección "[Administrar las {% data variables.product.prodname_dependabot_security_updates %} para tus repositorios](#managing-dependabot-security-updates-for-your-repositories)" acontinuación. + +{% ifversion fpt or ghec %}{% data reusables.dependabot.dependabot-tos %}{% endif %} + +## Repositorios soportados + +{% data variables.product.prodname_dotcom %} habilita las {% data variables.product.prodname_dependabot_security_updates %} automáticamente para cada repositorio que cumpla con estos pre-requisitos. + +{% note %} + +**Nota**: Puedes habilitar manualmente las {% data variables.product.prodname_dependabot_security_updates %}, aún si el repositorio no cumple con alguno de los siguientes prerrequisitos. Por ejemplo, puedes habilitar las {% data variables.product.prodname_dependabot_security_updates %} en una bifurcación, o para un administrador de paquetes que no sea directamente compatible si sigues las instrucciones en la sección "[Administrar las {% data variables.product.prodname_dependabot_security_updates %} para tus repositorios](#managing-dependabot-security-updates-for-your-repositories)". + +{% endnote %} + +| Pre-requisito de habilitación automática | Más información | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Que el repositorio no sea una bifrucación | "[Acerca de las bifurcaciones](/github/collaborating-with-issues-and-pull-requests/about-forks)" | +| Que el repositorio no esté archivado | "[Archivar repositorios](/github/creating-cloning-and-archiving-repositories/archiving-repositories)" |{% ifversion fpt or ghec %} +| Que el repositorio sea público, o que sea privado y hayas habilitado un análisis de solo lectura por {% data variables.product.prodname_dotcom %}, gráfica de dependencias y alertas de vulnerabilidades en la configuración del mismo | "[Administrar los ajustes de uso de datos para tu repositorio privado](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)". +{% endif %} +| Que el repositorio contenga un archivo de manifiesto de dependencias de un ecosistema de paquete que sea compatible con {% data variables.product.prodname_dotcom %} | "[Ecosistemas de paquete compatibles](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)" | +| Las {% data variables.product.prodname_dependabot_security_updates %} no se han inhabilitado para el repositorio | "[Administrar las {% data variables.product.prodname_dependabot_security_updates %} para tu repositorio](#managing-dependabot-security-updates-for-your-repositories)" | + +Si no se habilitan las actualizaciones de seguridad para tu repositorio y no sabes por qué, intenta primero habilitarles de acuerdo con las instrucciones que se encuentran en los procedimientos siguientes. Si las actualizaciones de seguridad aún no funcionan, puedes contactar al {% data variables.contact.contact_support %}. + +## Administrar las {% data variables.product.prodname_dependabot_security_updates %} para tus repositorios + +Puedes habilitar o inhabilitar las {% data variables.product.prodname_dependabot_security_updates %} para un repositorio individual (ver a continuación). + +También puedes habilitar o inhabilitar las {% data variables.product.prodname_dependabot_security_updates %} para todos los repositorios que pertenezcan atu cuenta de usuario u organización. Para obtener más información, consulta la sección "[Administrar la seguridad y la configuración de análisis para tu cuenta de usuario](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" o la sección "[Administrar la configuración de seguridad y análisis para tu organización](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)". + +Las {% data variables.product.prodname_dependabot_security_updates %} requieren de configuraciones de repositorio específicas. Para obtener más información, consulta "[Repositorios soportados](#supported-repositories)". + +### Habilitar o inhabilitar las {% data variables.product.prodname_dependabot_security_updates %} para un repositorio individual. + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.repositories.navigate-to-security-and-analysis %} +1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot %} security updates", click **Enable** to enable the feature or **Disable** to disable it. {% ifversion fpt or ghec %}For public repositories, the button is disabled if the feature is always enabled.{% endif %} + {% ifversion fpt or ghec %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/help/repository/enable-dependabot-security-updates-button.png){% else %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/enterprise/3.3/repository/security-and-analysis-disable-or-enable-ghes.png){% endif %} + + +## Leer más + +- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec %} +- "[Administrar los ajustes de uso de datos para tu repositorio privado](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)"{% endif %} +- "[Ecosistemas de paquete compatibles](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)" diff --git a/translations/es-ES/content/code-security/dependabot/dependabot-security-updates/index.md b/translations/es-ES/content/code-security/dependabot/dependabot-security-updates/index.md new file mode 100644 index 0000000000..b60ab227be --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/dependabot-security-updates/index.md @@ -0,0 +1,20 @@ +--- +title: Automatically updating dependencies with known vulnerabilities with Dependabot security updates +intro: '{% data variables.product.prodname_dependabot %} can help you fix vulnerable dependencies by automatically raising pull requests to update dependencies to secure versions.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Security updates + - Dependencies + - Pull requests +shortTitle: Actualizaciones de seguridad del dependabot +children: + - /about-dependabot-security-updates + - /configuring-dependabot-security-updates +--- + diff --git a/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md b/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md new file mode 100644 index 0000000000..1343d6db2a --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md @@ -0,0 +1,69 @@ +--- +title: Acerca de las actualizaciones a la versión del Dependabot +intro: 'Puede utilizar el {% data variables.product.prodname_dependabot %} para mantener los paquetes que utilizas actualizados a su versión más reciente.' +redirect_from: + - /github/administering-a-repository/about-dependabot + - /github/administering-a-repository/about-github-dependabot + - /github/administering-a-repository/about-github-dependabot-version-updates + - /github/administering-a-repository/about-dependabot-version-updates + - /code-security/supply-chain-security/about-dependabot-version-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/upgrading-from-dependabotcom-to-github-native-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates +versions: + fpt: '*' + ghec: '*' + ghes: '> 3.2' +type: overview +topics: + - Dependabot + - Version updates + - Repositories + - Dependencies + - Pull requests +shortTitle: Actualizaciones de versión del dependabot +--- + +{% data reusables.dependabot.beta-security-and-version-updates %} +{% data reusables.dependabot.enterprise-enable-dependabot %} + +## Acerca de {% data variables.product.prodname_dependabot_version_updates %} + +El {% data variables.product.prodname_dependabot %} hace el esfuerzo de mantener tus dependencias. Puedes utilizarlo para garantizar que tu repositorio se mantenga automáticamente con los últimos lanzamientos de los paquetes y aplicaciones de los que depende. + +Se habilitan las {% data variables.product.prodname_dependabot_version_updates %} al registrar un archivo de configuración en tu repositorio. Este archivo de configuración especifica la ubicación del manifiesto o de otros archivos de definición de paquetes almacenados en tu repositorio. El {% data variables.product.prodname_dependabot %} utiliza esta información para revisar los paquetes y las aplicaciones desactualizadas. El {% data variables.product.prodname_dependabot %} determina si hay una versión nueva de una dependencia al buscar el versionamiento semántico ([semver](https://semver.org/)) de la dependencia para decidir si debería actualizarla a esa versión. Para ciertos administradores de paquetes, {% data variables.product.prodname_dependabot_version_updates %} también es compatible con su delegación a proveedores. Las dependencias delegadas (o almacenadas en caché) son aquellas que se registran en un directorio específico en un repositorio en vez de que se referencien en un manifiesto. Las dependencias delegadas a proveedores están disponibles desde el momento de su creación, incluso si los servidores de paquetes no se encuentran disponibles. Las {% data variables.product.prodname_dependabot_version_updates %} pueden configurarse para verificar las dependencias delegadas a proveedores para las nuevas versiones y también pueden actualizarse de ser necesario. + +Cuando el {% data variables.product.prodname_dependabot %} identifica una dependencia desactualizada, levanta una solicitud de extracción para actualizar el manifiesto a su última versión de la dependencia. Lara las dependencias delegadas a proveedores, el {% data variables.product.prodname_dependabot %} levanta una solicitud de cambios para reemplazar la dependencia desactualizada directamente con la versión nueva. Verificas que tu prueba pase, revisas el registro de cambios y notas de lanzamiento que se incluyan en el resumen de la solicitud de extracción y, posteriormente, lo fusionas. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." + +Si habilitas las _actualizaciones de seguridad_, el {% data variables.product.prodname_dependabot %} también levantará solicitudes de cambios para actualizar las dependencias vulnerables. Para obtener más información, consulta la sección "[Acerca de las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)". + +{% data reusables.dependabot.pull-request-security-vs-version-updates %} + +{% data reusables.dependabot.dependabot-tos %} + +## Frecuencia de las solicitudes de extracción del {% data variables.product.prodname_dependabot %} + +Tú eres quien especifica qué tan a menudo se revisa cada ecosistema para encontrar nuevas versiones en el archivo de configuración: diario, semanalmente, o mensualmente. + +{% data reusables.dependabot.initial-updates %} + +Si habilitaste las actualizaciones de seguridad, algunas veces verás solicitudes de extracción adicionales para actualizaciones de seguridad. Esto se activa con una alerta del {% data variables.product.prodname_dependabot %} para una dependencia en tu rama predeterminada. El {% data variables.product.prodname_dependabot %} levanta automáticamente una solicitud de extracción para actualizar la dependencia vulnerable. + +## Repositorios y ecosistemas compatibles + + +Puedes configurar las actualizaciones de versión para los repositorios que contengan un manifiesto de dependencias o un archivo fijado para alguno de los administradores de paquetes compatibles. Para algunos administradores de paquetes, también puedes configurar la delegación a proveedores para las dependencias. For more information, see "[Configuration options for the dependabot.yml file](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#vendor)." +{% note %} + +{% data reusables.dependabot.private-dependencies-note %} + +El {% data variables.product.prodname_dependabot %} no es compatible con dependencias privadas de {% data variables.product.prodname_dotcom %} para todos los administradores de paquetes. Consulta los detalles en la tabla a continuación. + +{% endnote %} + +{% data reusables.dependabot.supported-package-managers %} + +Si tu repositorio ya utiliza una integración para la administración de dependencias, necesitarás inhabilitarlo antes de habilitar el {% data variables.product.prodname_dependabot %}. {% ifversion fpt or ghec %}Para obtener más información, consulta la sección "[Acerca de las integraciones](/github/customizing-your-github-workflow/about-integrations)".{% endif %} + +## Acerca de las notificaciones para las actualizaciones de versión del {% data variables.product.prodname_dependabot %} + +Puedes filtrar tus notificaciones en {% data variables.product.company_short %} para mostrar notificaciones para las solicitudes de cambios que creó el {% data variables.product.prodname_dependabot %}. Para obtener más información, consulta la sección "[Administrar notificaciones desde tu bandeja de entrada](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox)". diff --git a/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md new file mode 100644 index 0000000000..28c43850c4 --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md @@ -0,0 +1,968 @@ +--- +title: Configuration options for the dependabot.yml file +intro: 'La información detallada para todas las opciones que puedes utilizar para personalizar como el {% data variables.product.prodname_dependabot %} mantiene tus repositorios.' +permissions: 'People with write permissions to a repository can configure {% data variables.product.prodname_dependabot %} for the repository.' +allowTitleToDifferFromFilename: true +redirect_from: + - /github/administering-a-repository/configuration-options-for-dependency-updates + - /code-security/supply-chain-security/configuration-options-for-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates +miniTocMaxHeadingLevel: 3 +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +type: reference +topics: + - Dependabot + - Version updates + - Repositories + - Dependencies + - Pull requests +shortTitle: Configure dependabot.yml +--- + +{% data reusables.dependabot.beta-security-and-version-updates %} +{% data reusables.dependabot.enterprise-enable-dependabot %} + +## Acerca del archivo *dependabot.yml* + +El archivo de configuración del {% data variables.product.prodname_dependabot %}, *dependabot.yml*, utiliza la sintaxis YAML. Si eres nuevo en YAML y deseas conocer más, consulta "[Aprender YAML en cinco minutos](https://www.codeproject.com/Articles/1214409/Learn-YAML-in-five-minutes)". + +Debes almacenar este archivo en el directorio `.github` de tu repositorio. Cuando agregas o actualizas el archivo *dependabot.yml*, esto activa una revisión inmediata de las actualizaciones de la versión. For more information and an example, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-dependabot-version-updates)." + +Cualquier opción que también afecte las actualizaciones de seguridad se utiliza en la siguiente ocasión en que una alerta de seguridad active una solicitud de cambios para una actualización de seguridad. Para obtener más información, consulta la sección "[Configurar las {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)". + +El archivo *dependabot.yml* tiene dos claves mandatorias de nivel superior: `version`, y `updates`. Opcionalmente, puedes incluir una clave de `registries` de nivel superior. El archivo debe comenzar con `version: 2`. + +## Opciones de configuración para las actualizaciones + +La clave `updates` de nivel superior es obligatoria. La utilizas para configurar la forma en que el {% data variables.product.prodname_dependabot %} actualiza las versiones o las dependencias de tu proyecto. Cada entrada configura los ajustes de actualización para un administrador de paquetes en particular. Puedes utilizar las siguientes opciones. + +| Opción | Requerido | Descripción | +|:-------------------------------------------------------------------------- |:---------:|:-------------------------------------------------------------------------------------------------- | +| [`package-ecosystem`](#package-ecosystem) | **X** | Administrador de paquetes a utilizar | +| [`directorio`](#directory) | **X** | Ubicación de los manifiestos del paquete | +| [`schedule.interval`](#scheduleinterval) | **X** | Qué tan a menudo se revisará si hay actualizaciones | +| [`allow`](#allow) | | Personalizar qué actualizaciones se permitirán | +| [`asignatarios`](#assignees) | | Los asignados a configurar en las solicitudes de extracción | +| [`commit-message`](#commit-message) | | Preferencias de mensaje de confirmación | +| [`ignore`](#ignore) | | Ignorar ciertas dependencias o versiones | +| [`insecure-external-code-execution`](#insecure-external-code-execution) | | Permite o rechaza la ejecución de código en los archivos de manifiesto | +| [`etiquetas`](#labels) | | Las etiquetas a configurar en las solicitudes de extracción | +| [`hito`](#milestone) | | Hito a configurar en las solicitudes de extracción | +| [`open-pull-requests-limit`](#open-pull-requests-limit) | | Limitar la cantidad de solicitudes de extracción abiertas para las actualizaciones de versión | +| [`pull-request-branch-name.separator`](#pull-request-branch-nameseparator) | | Cambiar el separador para los nombres de rama de la solicitud de extracción | +| [`rebase-strategy`](#rebase-strategy) | | Inhabilitar el rebase automático | +| [`registries`](#registries) | | Los registros privados a los que puede acceder el {% data variables.product.prodname_dependabot %} +| [`revisores`](#reviewers) | | Los revisores a configurar en las solicitudes de extracción | +| [`schedule.day`](#scheduleday) | | Día de la semana para revisar si hay actualizaciones | +| [`schedule.time`](#scheduletime) | | Hora del día para revisar si hay actualizaciones (hh:mm) | +| [`schedule.timezone`](#scheduletimezone) | | Huso horario para la hora del día (identificador de zona) | +| [`target-branch`](#target-branch) | | Rama contra la cual se creará la solicitud de extracción | +| [`vendor`](#vendor) | | Actualiza las dependencias delegadas a proveedores o almacenadas en caché | +| [`versioning-strategy`](#versioning-strategy) | | Cómo actualizar los requisitos de la versión del manifiesto | + +Estas opciones caen a groso modo en las siguientes categorías. + +- Opciones de configuración esenciales que debes incluir en todas las configuraciones: [`package-ecosystem`](#package-ecosystem), [`directory`](#directory),[`schedule.interval`](#scheduleinterval). +- Opciones para personalizar el calendario de actualización: [`schedule.time`](#scheduletime), [`schedule.timezone`](#scheduletimezone), [`schedule.day`](#scheduleday). +- Las opciones para controlar qué dependencias se actualizarán: [`allow`](#allow), [`ignore`](#ignore), [`vendor`](#vendor). +- Opciones para agregar metadatos a las solicitudes de extracción: [`reviewers`](#reviewers), [`assignees`](#assignees), [`labels`](#labels), [`milestone`](#milestone). +- Opciones para cambiar el comportamiento de las solicitudes de extracción: [`target-branch`](#target-branch), [`versioning-strategy`](#versioning-strategy), [`commit-message`](#commit-message), [`rebase-strategy`](#rebase-strategy), [`pull-request-branch-name.separator`](#pull-request-branch-nameseparator). + +Adicionalmente, la opción [`open-pull-requests-limit`](#open-pull-requests-limit) cambia la cantidad máxima de solicitudes de extracción para las actualizaciones de versión que puede abrir el {% data variables.product.prodname_dependabot %}. + +{% note %} + +**Nota:** Algunas de estas opciones de configuración también pueden afectar a las solicitudes de extracción que se levantan para las actualizaciones de seguridad de los manifiestos delos paquetes vulnerables. + +Las actualizaciones de seguridad se levantan para los manifiestos de paquetes vulnerables únicamente en la rama predeterminada. Cuando se establecen las opciones de configuración para la misma rama (como "true" a menos de que utilices `target-branch`), y se especifica un `package-ecosystem` y `directory` para el manifiesto vulnerable, entonces las solicitudes de extracción para las actualizaciones de seguridad utilizan las opciones relevantes. + +En general, las actualizaciones de seguridad utilizan cualquier opción de configuración que afecte las solicitudes de extracción, por ejemplo, agregar metadatos o cambiar su comportamiento. Para obtener más información acerca de las actualizaciones de seguridad, consulta la sección "[Configurar {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)". + +{% endnote %} + +### `package-ecosystem` + +**Requerido**. Agregarás un elemento de `package-ecosystem` para cada administrador de paquetes que quieras que monitoree el {% data variables.product.prodname_dependabot %} para encontrar versiones nuevas. El repositorio también debe contener un archivo bloqueado o de manifiesto de dependencias para cada uno de estos administradores de paquetes. Si quieres habilitar la delegación a proveedores para un administrador de paquetes que sea compatible con ella, las dependencias delegadas a proveedores deben ubicarse en el directorio requerido. Para obtener más información, consulta la sección [`vendor`](#vendor) a continuación. + +{% data reusables.dependabot.supported-package-managers %} + +```yaml +# Basic set up for three package managers + +version: 2 +updates: + + # Maintain dependencies for GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + + # Maintain dependencies for npm + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + + # Maintain dependencies for Composer + - package-ecosystem: "composer" + directory: "/" + schedule: + interval: "daily" +``` + +### `directorio` + +**Requerido**. Debes definir la ubicación de los manifiestos de los paquetes para cada administrador de paquetes (por ejemplo, el *package.json* o *Gemfile*). Tú definierás el directorio relativo a la raíz del repositorio para todos los ecosistemas, menos para GitHub Actions. Para GitHub Actions, configura el directorio para que sea `/` y así revisar los archivos de flujo de trabajo en `.github/workflows`. + +```yaml +# Specify location of manifest files for each package manager + +version: 2 +updates: + - package-ecosystem: "composer" + # Files stored in repository root + directory: "/" + schedule: + interval: "daily" + + - package-ecosystem: "npm" + # Files stored in `app` directory + directory: "/app" + schedule: + interval: "daily" + + - package-ecosystem: "github-actions" + # Workflow files stored in the + # default location of `.github/workflows` + directory: "/" + schedule: + interval: "daily" +``` + +### `schedule.interval` + +**Requerido**. Debes definir la frecuencia en la que se verificará si hay versiones nuevas para cada administrador de paquetes. Predeterminadamente, el {% data variables.product.prodname_dependabot %} asigna una hora aleatoria para aplicar todas las actualizaciones en el archivo de configuración. Para configurar una hora específica, puedes utilizar [`schedule.time`](#scheduletime) y [`schedule.timezone`](#scheduletimezone). + +- `daily`—se ejecuta en cada día de la semana, de Lunes a Viernes. +- `weekly`—se ejecuta una vez cada semana. Predeterminadamente, esto ocurre los lunes. Para modificar esto, utiliza [`schedule.day`](#scheduleday). +- `monthly`—se ejecuta una vez al mes. Esto ocurre en el primer día de cada mes. + +```yaml +# Set update schedule for each package manager + +version: 2 +updates: + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + # Check for updates to GitHub Actions every weekday + interval: "daily" + + - package-ecosystem: "composer" + directory: "/" + schedule: + # Check for updates managed by Composer once a week + interval: "weekly" +``` + +{% note %} + +**Note**: `schedule` define cuando el {% data variables.product.prodname_dependabot %} intenta hacer una actualización nueva. Sin embargo, no es la única ocasión en la que podrías recibir solilcitudes de cambio. Las actualizaciones pueden activarse con base en los cambios a tu archivo de `dependabot.yml`, los cambios a tus archivo(s) de manifiesto después de una actualización fallida, o las {% data variables.product.prodname_dependabot_security_updates %}. Para obtener más información, consulta las secciones "[Frecuencia de las solicitudes de cambio del {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates#frequency-of-dependabot-pull-requests)" y "[Acerca de las {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)". + +{% endnote %} + +### `allow` + +{% data reusables.dependabot.default-dependencies-allow-ignore %} + +Utiliza la opción `allow` para personalizar qué dependencias se actualizan. Esto aplica tanto a la versión como a las actualizaciones de seguridad. Puedes utilizar las siguientes opciones: + +- `dependency-name`—se utiliza para permitir actualizaciones para las dependencias con nombres coincidentes, opcionalmente, utiliza `*` para empatar cero o más caracteres. Para las dependencias de Java, el formato del atributo `dependency-name` es: `groupId:artifactId`, por ejemplo: `org.kohsuke:github-api`. +- `dependency-type`—utilízalo para permitir actualizaciones para dependencias de tipos específicos. + + | Tipos de dependencia | Administradores de paquete compatibles | Permitir actualizaciones | + | -------------------- | --------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | + | `direct` | Todas | Todas las dependencias definidas explícitamente. | + | `indirect` | `bundler`, `pip`, `composer`, `cargo` | Las dependencias de las dependencias directas (también conocidas como sub-dependencias, o dependencias transitorias). | + | `all` | Todas | Todas las dependencias definidas explícitamente. Para `bundler`, `pip`, `composer`, `cargo`, también las dependencias de las dependencias directas. | + | `production` | `bundler`, `composer`, `mix`, `maven`, `npm`, `pip` | Solo las dependencias en el "Grupo de dependencias de producción". | + | `development` | `bundler`, `composer`, `mix`, `maven`, `npm`, `pip` | Únicamente las dependencias en el "Grupo de dependencias de desarrollo". | + +```yaml +# Use `allow` to specify which dependencies to maintain + +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + allow: + # Allow updates for Lodash + - dependency-name: "lodash" + # Allow updates for React and any packages starting "react" + - dependency-name: "react*" + + - package-ecosystem: "composer" + directory: "/" + schedule: + interval: "daily" + allow: + # Allow both direct and indirect updates for all packages + - dependency-type: "all" + + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "daily" + allow: + # Allow only direct updates for + # Django and any packages starting "django" + - dependency-name: "django*" + dependency-type: "direct" + # Allow only production updates for Sphinx + - dependency-name: "sphinx" + dependency-type: "production" +``` + +### `asignatarios` + +Utiliza `assignees` para especificar a los asignados individuales para todas las solicitudes de extracción levantadas para un administrador de paquete. + +{% data reusables.dependabot.option-affects-security-updates %} + +```yaml +# Specify assignees for pull requests + +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + # Add assignees + assignees: + - "octocat" +``` + +### `commit-message` + +Predeterminadamente, el {% data variables.product.prodname_dependabot %} intenta detectar tus preferencias de mensajes de confirmación y utiliza patrones similares. Utiliza la opción`commit-message` para especificar tus preferencias explícitamente. + +Opciones compatibles + +- `prefix` especifica un prefijo para todos los mensajes de confirmación. +- `prefix-development` especifica un prefijo separado para todos los mensajes de confirmación que actualizan dependencias en el grupo de dependencias de desarrollo. Cuando especificas un valor para esta opción, `prefix` se utiliza únicamente para las actualizaciones a las dependencias en el grupo de dependencias de producción. Esto es compatible con: `bundler`, `composer`, `mix`, `maven`, `npm`, y `pip`. +- `include: "scope"` especifica que cualquier prefijo es sucedido por una lista de dependencias actualizadas en la confirmación. + +{% data reusables.dependabot.option-affects-security-updates %} + +```yaml +# Customize commit messages + +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + commit-message: + # Prefix all commit messages with "npm" + prefix: "npm" + + - package-ecosystem: "composer" + directory: "/" + schedule: + interval: "daily" + # Prefix all commit messages with "Composer" + # include a list of updated dependencies + commit-message: + prefix: "Composer" + include: "scope" + + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "daily" + # Include a list of updated dependencies + # with a prefix determined by the dependency group + commit-message: + prefix: "pip prod" + prefix-development: "pip dev" + include: "scope" +``` + +### `ignore` + +{% data reusables.dependabot.default-dependencies-allow-ignore %} + +Las dependencias pueden ignorarse ya sea agregándolas a `ignore` o utilizando el comando `@dependabot ignore` en una solicitud de cambios que haya abierto el {% data variables.product.prodname_dependabot %}. + +#### Crear condiciones de `ignore` desde `@dependabot ignore` + +Las dependencias que se ignoran utilizando el comando `@dependabot ignore` se almacenan centralmente para cada administrador de paquete. Si comienzas a ignorar las dependencias en el archivo `dependabot.yml`, estas preferencias existentes se consideran junto con las dependencias de `ignore` en la configuración. + +Puedes verificar si un repositorio tiene preferencias de `ignore` almacenadas si buscas `"@dependabot ignore" in:comments` en este. Si quieres dejar de ignorar una dependencia que se haya ignorado de esta forma, vuelve a abrir la solicitud de cambios. + +Para obtener más información acerca de los comandos de `@dependabot ignore`, consulta la sección "[Administrar las solicitudes de extracción para las actualizaciones de dependencias](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)". + +#### Especificar dependencias y versiones para ignorar + +Puedes utilizar la opción `ignore` para personalizar qué dependencias se actualizarán. La opción `ignore` es compatible con las siguientes opciones. + +- `dependency-name`—se utiliza para ignorar actualizaciones para las dependencias con nombres coincidentes, opcionalmente, utiliza `*` para empatar cero o más caracteres. Para las dependencias de Java, el formato del atributo `dependency-name` es: `groupId:artifactId` (por ejemplo: `org.kohsuke:github-api`). +- `versions`—se utiliza para ignorar versiones o rangos específicos de las versiones. Si quieres definir un rango, utiliza el patrón estándar del administrador de paquetes (por ejemplo: `^1.0.0` para npm, o `~> 2.0` para Bundler). +- `update-types`—Se utiliza para ignorar tipos de actualizaciones tales como las de tipo `major`, `minor`, o `patch` en actualizaciones de versión (por ejemplo: `version-update:semver-patch` ignorará las actualizaciones de parche). Puedes combinar esto con `dependency-name: "*"` para ignorar algún `update-types` en particular en todas las dependencias. Actualmente, `version-update:semver-major`, `version-update:semver-minor`, y `version-update:semver-patch` son las únicas opciones compatibles. Este ajuste no afectará a las actualizaciones de seguridad. + +Si las `versions` y los `update-types` se utilizan juntos, el {% data variables.product.prodname_dependabot %} ignorará todas las actualizaciones en cualquiera que se configure. + +{% data reusables.dependabot.option-affects-security-updates %} + +```yaml +# Use `ignore` to specify dependencies that should not be updated + +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + ignore: + - dependency-name: "express" + # For Express, ignore all updates for version 4 and 5 + versions: ["4.x", "5.x"] + # For Lodash, ignore all updates + - dependency-name: "lodash" + # For AWS SDK, ignore all patch updates + - dependency-name: "aws-sdk" + update-types: ["version-update:semver-patch"] +``` + +{% note %} + +**Nota**: El {% data variables.product.prodname_dependabot %} solo puede ejecutar actualizaciones de versión en los archivos de bloqueo o de manifiesto si puede acceder a todas las dependencias en estos archivos, aún si agregas dependencias inaccesibles a la opción `ignore` de tu archivo de configuración. Para obtener más información, consulta las secciones "[Administrar los ajustes de seguridad y análisis de tu organización](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)" y "[Solución de errores del {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors#dependabot-cant-resolve-your-dependency-files)". + + +{% endnote %} + +### `insecure-external-code-execution` + +Los administradores de paquetes con los valores `bundler`, `mix`, y `pip` de `package-ecosystem` pueden ejecutar el código externo en el manifiesto como parte del proceso de actualización de la versión. Esto podría permitir que un paquete que se haya puesto en riesgo borre las credenciales u obtenga acceso a los registros configurados. Cuando agregas un ajuste de [`registries`](#registries) dentro de una configuración de `updates`, el {% data variables.product.prodname_dependabot %} prevendrá automáticamente la ejecución de código externo, en cuyo caso, la actualización de versión podría fallar. Puedes elegir ignorar este comportamiento y permitir la ejecución de código externo para los administradores de paquetes `bundler`, `mix`, y `pip` si configuras a `insecure-external-code-execution` en `allow`. + +Puedes negar explícitamente la ejecución de código externo, sin importar si es que hay un ajuste de `registries` para esta configuración de actualización, configurando a `insecure-external-code-execution` en `deny`. + +{% raw %} +```yaml +# Allow external code execution when updating dependencies from private registries + +version: 2 +registries: + ruby-github: + type: rubygems-server + url: https://rubygems.pkg.github.com/octocat/github_api + token: ${{secrets.MY_GITHUB_PERSONAL_TOKEN}} +updates: + - package-ecosystem: "bundler" + directory: "/rubygems-server" + insecure-external-code-execution: allow + registries: "*" + schedule: + interval: "monthly" +``` +{% endraw %} + +### `etiquetas` + +{% data reusables.dependabot.default-labels %} + +Utiliza `labels` para anular las etiquetas predeterminadas y especificar las etiquetas alternas para todas las solicitudes de extracción que se levante para un administrador de paquete. Si ninguna de estas etiquetas se define en el repositorio, entonces se ha ignorado. Para inhabilitar todas las etiquetas, incluyendo aquellas predeterminadas, utiliza `labels: [ ]`. + +{% data reusables.dependabot.option-affects-security-updates %} + +```yaml +# Specify labels for pull requests + +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + # Specify labels for npm pull requests + labels: + - "npm" + - "dependencies" +``` + +### `hito` + +Utiliza `milestone` para asociar todas las solicitudes de extracción que se han levantado para un administrador de paquete con un hito. Necesitas especificar el identificador numérico del hito y, no así, su etiqueta. Si ves un hito, la parte final de la URL de la página, después de `milestone`, es el identificador. Por ejemplo: `https://github.com///milestone/3`. + +{% data reusables.dependabot.option-affects-security-updates %} + +```yaml +# Specify a milestone for pull requests + +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + # Associate pull requests with milestone "4" + milestone: 4 +``` + +### `open-pull-requests-limit` + +Predeterminadamente, {% data variables.product.prodname_dependabot %} abre un máximo de cinco solicitudes de extracción para las actualizaciones de versión. Una vez que hayan cinco solicitudes de cambio abiertas, las solicitudes nuevas se bloquearán hasta que fusiones o cierres algunas de las sollicitudes abiertas, después de lo cual, las solicitudes de cambiso nuevas pueden abrirse en actualizaciones subsecuentes. Utiliza `open-pull-requests-limit` para cambiar este límite. Esto también proporciona una forma simple de inhabilitar temporalmente las actualizaciones de versión para un administrador de paquete. + +Esta opción no tiene impacto en las actualizaciones de seguridad que tienen un límite separado e interno de diez solicitudes de extracción abiertas. + +```yaml +# Specify the number of open pull requests allowed + +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + # Disable version updates for npm dependencies + open-pull-requests-limit: 0 + + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "daily" + # Allow up to 10 open pull requests for pip dependencies + open-pull-requests-limit: 10 +``` + +### `pull-request-branch-name.separator` + +El {% data variables.product.prodname_dependabot %} genera una rama para cada solicitud de extracción. Cada nombre de rama incluye `dependabot`, y el administrador de paquete y la dependencia que se actualizaron. Predeterminadamente, estas partes están separadas por un símbolo de `/`, por ejemplo: `dependabot/npm_and_yarn/next_js/acorn-6.4.1`. + +Utiliza `pull-request-branch-name.separator` para especificar un separador diferente. Este puede ser alguno de entre: `"-"`, `_` o `/`. El símbolo de guión debe estar entre comillas porque, de lo contrario, se interpretará como que está declarando una lista YAML vacía. + +{% data reusables.dependabot.option-affects-security-updates %} + +```yaml +# Specify a different separator for branch names + +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + pull-request-branch-name: + # Separate sections of the branch name with a hyphen + # for example, `dependabot-npm_and_yarn-next_js-acorn-6.4.1` + separator: "-" +``` + +### `rebase-strategy` + +Predeterminadamente, el{% data variables.product.prodname_dependabot %} rebasa automáticamente las solicitudes de cambios abiertas y detecta cualquier cambio en ellas. Utiliza `rebase-strategy` para inhabilitar este comportamiento. + +Estrategias de rebase disponibles + +- `disabled` para inhabilitar el rebase automático. +- `auto` para utilizar el comportamiento predeterminado y rebasar las solicitudes de cambios abiertas cuando se detecten cambios. + +{% data reusables.dependabot.option-affects-security-updates %} + +```yaml +# Disable automatic rebasing + +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + # Disable rebasing for npm pull requests + rebase-strategy: "disabled" +``` + +### `registries` + +Para permitir que el {% data variables.product.prodname_dependabot %} acceda a un registro de paquete privado cuando esté realizando una actualización de versión, debes incluir un ajuste de `registries` dentro de la configuración relevante de `updates`. Puedes permitir que se utilicen todos los registros definidos si configuras a `registries` en `"*"`. Como alternativa, puedes listar los registros que puede utilizar la actualización. Para hacerlo, utiliza el nombre del registro como se define en la sección `registries` de nivel superior en el archivo _dependabot.yml_. Para obtener más información, consulta la sección "[Opciones de configuración para los registros privados](#configuration-options-for-private-registries)" a continuación. + +Para permitir que el {% data variables.product.prodname_dependabot %} utilice los administradores de paquetes `bundler`, `mix`, y `pip` para actualizar dependencias en los registros privados, puedes elegir el permitir la ejecución de código externo. Para obtener más información, consulta [`insecure-external-code-execution`](#insecure-external-code-execution) anteriormente. + +```yaml +# Allow {% data variables.product.prodname_dependabot %} to use one of the two defined private registries +# when updating dependency versions for this ecosystem + +{% raw %} +version: 2 +registries: + maven-github: + type: maven-repository + url: https://maven.pkg.github.com/octocat + username: octocat + password: ${{secrets.MY_ARTIFACTORY_PASSWORD}} + npm-npmjs: + type: npm-registry + url: https://registry.npmjs.org + username: octocat + password: ${{secrets.MY_NPM_PASSWORD}} +updates: + - package-ecosystem: "gitsubmodule" + directory: "/" + registries: + - maven-github + schedule: + interval: "monthly" +{% endraw %} +``` + +### `revisores` + +Utiliza `reviewers` para especificar los revisores o equipos individuales de revisores para las solicitudes de extracción que se levantaron para un administrador de paquete. Debes utilizar el nombre completo del equipo, incluyendo la organización, como si lo estuvieras @mencionando. + +{% data reusables.dependabot.option-affects-security-updates %} + +```yaml +# Specify reviewers for pull requests + +version: 2 +updates: + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "daily" + # Add reviewers + reviewers: + - "octocat" + - "my-username" + - "my-org/python-team" +``` + +### `schedule.day` + +Cuando configuras una programación de actualizaciones en `weekly`, predeterminadamente, {% data variables.product.prodname_dependabot %} revisa si hay versiones nuevas los lunes en alguna hora aleatoria para el repositorio. Utiliza `schedule.day` para especificar un día alterno para revisar si hay actualizaciones. + +Valores compatibles + +- `monday` +- `tuesday` +- `wednesday` +- `thursday` +- `friday` +- `saturday` +- `sunday` + +```yaml +# Specify the day for weekly checks + +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "weekly" + # Check for npm updates on Sundays + day: "sunday" +``` + +### `schedule.time` + +Predeterminadamente, el {% data variables.product.prodname_dependabot %} revisa si hay nuevas versiones en una hora aleatoria para el repositorio. Utiliza `schedule.time` para especificar una hora alterna para revisar si hay actualizaciones (formato: `hh:mm`). + +```yaml +# Set a time for checks +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + # Check for npm updates at 9am UTC + time: "09:00" +``` + +### `schedule.timezone` + +Predeterminadamente, el {% data variables.product.prodname_dependabot %} revisa si hay nuevas versiones en una hora aleatoria para el repositorio. Utiliza `schedule.timezone` para especificar un huso horario alternativo. El identificador de zona debe ser tomado de la base de datos de Husos Horarios que mantiene [iana](https://www.iana.org/time-zones). Para obtener más información, consulta la [Lista de bases de datos tz para husos horarios](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). + +```yaml +# Specify the timezone for checks + +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + time: "09:00" + # Use Japan Standard Time (UTC +09:00) + timezone: "Asia/Tokyo" +``` + +### `target-branch` + +Predeterminadamente, el {% data variables.product.prodname_dependabot %} revisa si hay archivos de manifiesto en las ramas predeterminadas y levanta solicitudes de extracción para las actualizaciones de versión contra dicha rama. Utiliza `target-branch` para especificar una rama diferente para los archivos de manifiesto y para las solicitudes de extracción. Cuando utilizas esta opción, la configuración para este administrador de paquete ya no afectará ninguna solicitud de extracción que se haya levantado para las actualizaciones de seguridad. + +```yaml +# Specify a non-default branch for pull requests for pip + +version: 2 +updates: + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "daily" + # Raise pull requests for version updates + # to pip against the `develop` branch + target-branch: "develop" + # Labels on pull requests for version updates only + labels: + - "pip dependencies" + + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "weekly" + # Check for npm updates on Sundays + day: "sunday" + # Labels on pull requests for security and version updates + labels: + - "npm dependencies" +``` + +### `vendor` + +Utiliza la opción `vendor` para indicar al {% data variables.product.prodname_dependabot %} delegar las dependencias a los proveedores cuando se actualicen. No utilices esta opción si estás usando `gomod`, ya que el {% data variables.product.prodname_dependabot %} detecta la delegación a vendedores automáticamente para esta herramienta. + +```yaml +# Configure version updates for both dependencies defined in manifests and vendored dependencies + +version: 2 +updates: + - package-ecosystem: "bundler" + # Raise pull requests to update vendored dependencies that are checked in to the repository + vendor: true + directory: "/" + schedule: + interval: "weekly" +``` + +El {% data variables.product.prodname_dependabot %} solo actualiza las dependencias delegadas a proveedores que se ubiquen en directorios específicos en un repositorio. + +| Administración de paquetes | Ruta de archivo requerida para las dependencias delegadas | Más información | +| -------------------------- | ------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------- | +| `bundler` | Las dependencias deben estar en el directorio _vendor/cache_.
Otras rutas de archivo no son compatibles. | [documentación de `bundle cache`](https://bundler.io/man/bundle-cache.1.html) | +| `gomod` | No hay requisitos de ruta (las dependencias se ubican habitualmente en el directorio _vendor_) | [documentación de `go mod vendor`](https://golang.org/ref/mod#go-mod-vendor) | + + +### `versioning-strategy` + +Cuando el {% data variables.product.prodname_dependabot %} edita un archivo de manifiesto para actualizar una versión, utiliza las siguientes estrategias generales: + +- Para las apps, los requisitos de versión se incrementan, por ejemplo: npm, pip y Composer. +- Para las bibliotecas, el rango de versiones se amplía, por ejemplo: Bundler y Cargo. + +Utiliza la opción `versioning-strategy` para cambiar este comportamiento para los administradores de paquete compatibles. + +{% data reusables.dependabot.option-affects-security-updates %} + +Estrategias de actualización disponibles + +| Opción | Compatible con | Acción | +| ----------------------- | --------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `lockfile-only` | `bundler`, `cargo`, `composer`, `mix`, `npm`, `pip` | Crear únicamente solicitudes de cambios para actualizar archivos de bloqueo. Ignorar cualquier versión nueva que pudiera requerir cambios en el paquete del manifiesto. | +| `auto` | `bundler`, `cargo`, `composer`, `mix`, `npm`, `pip` | Seguir la estrategia predeterminada descrita anteriormente. | +| `widen` | `composer`, `npm` | Relajar el requisito de versión para que incluya tanto la versión nueva como la anterior, cuando sea posible. | +| `increase` | `bundler`, `composer`, `npm` | Siempre incrementar el requisito de versión para que empate con la versión nueva. | +| `increase-if-necessary` | `bundler`, `composer`, `npm` | Incrementar el requisito de versión únicamente cuando lo requiera la versión nueva. | + +```yaml +# Customize the manifest version strategy + +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + # Update the npm manifest file to relax + # the version requirements + versioning-strategy: widen + + - package-ecosystem: "composer" + directory: "/" + schedule: + interval: "daily" + # Increase the version requirements for Composer + # only when required + versioning-strategy: increase-if-necessary + + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "daily" + # Only allow updates to the lockfile for pip and + # ignore any version updates that affect the manifest + versioning-strategy: lockfile-only +``` + +## Opciones de configuración para los registros privados + +La clave de nivel superior `registries` es opcional. Esta te permite especificar los detalles de autenticación que el {% data variables.product.prodname_dependabot %} puede utilizar para acceder a los registros de paquetes privados. + +{% note %} + +**Nota:** Los registros privados detras de los cortafuegos en las redes privadas no son compatibles. + +{% endnote %} + +El valor de la clave `registries` es un arreglo asociativo, del cual cada elemento consiste de una clave que identifica un registro en particular y un valor que es un arreglo asociativo que especifica la configuración que se requiere para acceder a dicho registro. El siguiente archivo de *dependabot.yml* configura un registro que se identifica como `dockerhub` en la sección de `registries` del archivo y luego lo referencia en la sección de `updates` del mismo. + +{% raw %} +```yaml +# Minimal settings to update dependencies in one private registry + +version: 2 +registries: + dockerhub: # Define access for a private registry + type: docker-registry + url: registry.hub.docker.com + username: octocat + password: ${{secrets.DOCKERHUB_PASSWORD}} +updates: + - package-ecosystem: "docker" + directory: "/docker-registry/dockerhub" + registries: + - dockerhub # Allow version updates for dependencies in this registry + schedule: + interval: "monthly" +``` +{% endraw %} + +Utilizarás las siguientes opciones para especificar la configuración de acceso. La configuración del registro debe contener un `type` y una `url` y, habitualmente, ya sea una combinación de `username` y `password` o un `token`. + +| Opción                 | Descripción | +|:------------------------------------------------------------------------------------------------------ |:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `type` | Identifica el tipo de registro. Consulta la lista completa de tipos más adelante. | +| `url` | La URL a utilizar para acceder a las dependencias en el registro. El protocolo es opcional. Si no se especifica, se asumirá que es `https://`. El {% data variables.product.prodname_dependabot %} agrega o ignora las diagonales iniciales conforme sea necesario. | +| `nombre de usuario` | El nombre de usuario que utilizará el {% data variables.product.prodname_dependabot %} para acceder al registro. | +| `contraseña` | Una referencia a un secreto del {% data variables.product.prodname_dependabot %} que contenga la contraseña del usuario específico. Para obtener más información, consulta la sección "[Administrar los secretos cifrados del Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)". | +| `clave` | Una referencia a un secreto del {% data variables.product.prodname_dependabot %} que contenga una clave de acceso para este registro. Para obtener más información, consulta la sección "[Administrar los secretos cifrados del Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)". | +| `token` | Una referencia a un secreto del {% data variables.product.prodname_dependabot %} que contenga un token de acceso para este registro. Para obtener más información, consulta la sección "[Administrar los secretos cifrados del Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)". | +| `replaces-base` | Para los registros con `type: python-index`, si el valor booleano es `true`, pip resuleve las dependencias utilizando la URL especificada en vez de la URL base del Índice de Paquetes de Python (que predeterminadamente es `https://pypi.org/simple`). | + + +Cada `type` de configuración requiere que proporciones ajustes en particular. Algunos tipos permiten más de una forma de conectarse. Las siguientes secciones proporcionan detalles de las configuraciones que deberías utilizar para cada `type`. + +### `composer-repository` + +El tipo `composer-repository` es compatible con nombre de usuario y contraseña. + +{% raw %} +```yaml +registries: + composer: + type: composer-repository + url: https://repo.packagist.com/example-company/ + username: octocat + password: ${{secrets.MY_PACKAGIST_PASSWORD}} +``` +{% endraw %} + +### `docker-registry` + +El tipo `docker-registry` es compatible con nombre de usuario y contraseña. + +{% raw %} +```yaml +registries: + dockerhub: + type: docker-registry + url: https://registry.hub.docker.com + username: octocat + password: ${{secrets.MY_DOCKERHUB_PASSWORD}} +``` +{% endraw %} + +El tipo `docker-registry` también se puede utilizar para extraer información de Amazon ECR utilizando las credenciales estáticas de AWS. + +{% raw %} +```yaml +registries: + ecr-docker: + type: docker-registry + url: https://1234567890.dkr.ecr.us-east-1.amazonaws.com + username: ${{secrets.ECR_AWS_ACCESS_KEY_ID}} + password: ${{secrets.ECR_AWS_SECRET_ACCESS_KEY}} +``` +{% endraw %} + +### `git` + +El tipo `git` es compatible con nombre de usuario y contraseña. + +{% raw %} +```yaml +registries: + github-octocat: + type: git + url: https://github.com + username: x-access-token + password: ${{secrets.MY_GITHUB_PERSONAL_TOKEN}} +``` +{% endraw %} + +### `hex-organization` + +El tipo `hex-organization` es compatible con organizaciones y claves. + +{% raw %} +```yaml +registries: + github-hex-org: + type: hex-organization + organization: github + key: ${{secrets.MY_HEX_ORGANIZATION_KEY}} +``` +{% endraw %} + +### `maven-repository` + +El tipo `maven-repository` es compatible con usuario y contraseña. + +{% raw %} +```yaml +registries: + maven-artifactory: + type: maven-repository + url: https://artifactory.example.com + username: octocat + password: ${{secrets.MY_ARTIFACTORY_PASSWORD}} +``` +{% endraw %} + +### `npm-registry` + +El tipo `npm-registry` es compatible con nombre de usuario y contraseña, o token. + +Cuando utilizas un nombre de usuario y contraseña, tu token de autorización de `.npmrc` podría contener un `_password` cifrado en `base64`; sin embargo, la contraseña referenciada en tu archivo de configuración del {% data variables.product.prodname_dependabot %} podría ser la contraseña original (descifrada). + +{% raw %} +```yaml +registries: + npm-npmjs: + type: npm-registry + url: https://registry.npmjs.org + username: octocat + password: ${{secrets.MY_NPM_PASSWORD}} # Must be an unencoded password +``` +{% endraw %} + +{% raw %} +```yaml +registries: + npm-github: + type: npm-registry + url: https://npm.pkg.github.com + token: ${{secrets.MY_GITHUB_PERSONAL_TOKEN}} +``` +{% endraw %} + +### `nuget-feed` + +El tipo `nuget-feed` es compatible con nombre de usuario y contraseña, o token. + +{% raw %} +```yaml +registries: + nuget-example: + type: nuget-feed + url: https://nuget.example.com/v3/index.json + username: octocat@example.com + password: ${{secrets.MY_NUGET_PASSWORD}} +``` +{% endraw %} + +{% raw %} +```yaml +registries: + nuget-azure-devops: + type: nuget-feed + url: https://pkgs.dev.azure.com/.../_packaging/My_Feed/nuget/v3/index.json + token: ${{secrets.MY_AZURE_DEVOPS_TOKEN}} +``` +{% endraw %} + +### `python-index` + +El tipo `python-index` es compatible con nombre de usuario y contraseña, o token. + +{% raw %} +```yaml +registries: + python-example: + type: python-index + url: https://example.com/_packaging/my-feed/pypi/example + username: octocat + password: ${{secrets.MY_BASIC_AUTH_PASSWORD}} + replaces-base: true +``` +{% endraw %} + +{% raw %} +```yaml +registries: + python-azure: + type: python-index + url: https://pkgs.dev.azure.com/octocat/_packaging/my-feed/pypi/example + token: ${{secrets.MY_AZURE_DEVOPS_TOKEN}} + replaces-base: true +``` +{% endraw %} + +### `rubygems-server` + +El tipo `rubygems-server` es compatible con nombre de usuario y contraseña, o token. + +{% raw %} +```yaml +registries: + ruby-example: + type: rubygems-server + url: https://rubygems.example.com + username: octocat@example.com + password: ${{secrets.MY_RUBYGEMS_PASSWORD}} +``` +{% endraw %} + +{% raw %} +```yaml +registries: + ruby-github: + type: rubygems-server + url: https://rubygems.pkg.github.com/octocat/github_api + token: ${{secrets.MY_GITHUB_PERSONAL_TOKEN}} +``` +{% endraw %} + +### `terraform-registry` + +El tipo `terraform-registry` es comatible con un token. + +{% raw %} +```yaml +registries: + terraform-example: + type: terraform-registry + url: https://terraform.example.com + token: ${{secrets.MY_TERRAFORM_API_TOKEN}} +``` +{% endraw %} diff --git a/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md b/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md new file mode 100644 index 0000000000..cddf88ee09 --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md @@ -0,0 +1,142 @@ +--- +title: Configuring Dependabot version updates +intro: 'Puedes configurar tu repositorio para que el {% data variables.product.prodname_dependabot %} actualice automáticamente los paquetes que utilizas.' +permissions: 'People with write permissions to a repository can enable or disable {% data variables.product.prodname_dependabot_version_updates %} for the repository.' +redirect_from: + - /github/administering-a-repository/enabling-and-disabling-version-updates + - /code-security/supply-chain-security/enabling-and-disabling-version-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-version-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates +versions: + fpt: '*' + ghec: '*' + ghes: '> 3.2' +type: how_to +topics: + - Dependabot + - Version updates + - Repositories + - Dependencies + - Pull requests +shortTitle: Configure version updates +--- + + +{% data reusables.dependabot.beta-security-and-version-updates %} +{% data reusables.dependabot.enterprise-enable-dependabot %} + +## Acerca de las actualizaciones de versión para las dependencias + +Habilitarás {% data variables.product.prodname_dependabot_version_updates %} mediante la selección de un archivo de configuración de *dependabot.yml* en el directorio `.github` dentro de tu repositorio. El {% data variables.product.prodname_dependabot %} levanta entonces las solicitudes de extracción para mantener actualizadas las dependencias que configures. Para cada dependencia del administrador de paquete que quieras actualizar, debes especificar la ubicación de los archivos de manifiesto de dicho paquete, así como la periodicidad en la que quieres buscar actualizaciones para las dependencias listadas en esos archivos. Para obtener más información sobre habilitar las actualizaciones de seguridad, consulta la sección "[Configurar las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)". + +{% data reusables.dependabot.initial-updates %} Para obtener más información, consulta la sección "[Personalizar las actualizaciones de las dependencias](/github/administering-a-repository/customizing-dependency-updates)". + +{% data reusables.dependabot.private-dependencies-note %} Adicionalmente, el {% data variables.product.prodname_dependabot %} no es compatible con dependencias privadas de {% data variables.product.prodname_dotcom %} para todos los administradores de paquetes. Para obtener más información, consulta las secciones "[Acerca de las actualizaciones de versión del Dependabot](/github/administering-a-repository/about-dependabot-version-updates#supported-repositories-and-ecosystems)" y "[Soporte para idiomas de {% data variables.product.prodname_dotcom %}](/github/getting-started-with-github/github-language-support)". + +## Habilitar las {% data variables.product.prodname_dependabot_version_updates %} + +{% data reusables.dependabot.create-dependabot-yml %} For information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates)." +1. Agrega una `version`. +1. Opcionalmente, si tienes dependencias en un registro privado, agrega una sección de `registries` que contenga los detalles de autenticación. +1. Agrega una sección de `updates` con una entrada para cada administrador de paquetes que quieras que monitoree el {% data variables.product.prodname_dependabot %}. +1. Para cada administrador de paquete, utiliza: + - `package-ecosystem` para especificar el administrador de paquetes. + - `directory` para especificar la ubicación del manifiesto u otros archivos de definición. + - `schedule.interval` para especificar qué tan a menudo se debe revisar si hay nuevas versiones. +{% data reusables.dependabot.check-in-dependabot-yml %} + +### Archivo *dependabot.yml* de ejemplo + +El archivo de ejemplo *dependabot.yml* que se muestra a continuación actualiza dos administradores de paquetes: npm y Docker. Cuando se registra este archivo, el {% data variables.product.prodname_dependabot %} revisa los archivos de manifiesto en la rama predeterminada par ver si hay dependencias desactualizadas. Si encuentra dependencias desactualizadas, levantará solicitudes de extracción contra la rama predeterminada para actualizar estas dependencias. + +```yaml +# Basic dependabot.yml file with +# minimum configuration for two package managers + +version: 2 +updates: + # Enable version updates for npm + - package-ecosystem: "npm" + # Look for `package.json` and `lock` files in the `root` directory + directory: "/" + # Check the npm registry for updates every day (weekdays) + schedule: + interval: "daily" + + # Enable version updates for Docker + - package-ecosystem: "docker" + # Look for a `Dockerfile` in the `root` directory + directory: "/" + # Check for updates once a week + schedule: + interval: "weekly" +``` + +En el ejemplo anterior, si las dependencias de Docker estuvieran muy desactualizadas, tal vez quisieras comenzar con una programación de tipo `daily` hasta que las dependencias estén bien actualizadas y, posteriormente, tomar una programación semanal. + +### Habilitar las actualizaciones de versión en las bifurcaciones + +Si quieres habilitar las actualizaciones de versión en las bifurcaciones, hay un paso extra que debes tomar. Las actualizaciones de versión no se habilitan automáticamente en las bifurcaciones cuando existe un archivo de configuración *dependabot.yml*. Esto garantiza que los dueños de la bifurcación no habiliten las actualizaciones de versión accidentalmente cuando suben cambios, incluyendo el archivo de configuración *dependabot.yml* del repositorio original. + +En una bifurcación, también necesitas habilitar explícitamente el {% data variables.product.prodname_dependabot %}. + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.accessing-repository-graphs %} +{% data reusables.repositories.click-dependency-graph %} +{% data reusables.dependabot.click-dependabot-tab %} +5. Debajo de "Habilitar el Dependabot", da clic en **Enable Dependabot**. + +## Revisar el estado de las actualizaciones de versión + +Después de que habilitas las actualizaciones de versión, se llena la pestaña del **Dependabot** en la gráfica de dependencias del repositorio. This tab shows which package managers {% data variables.product.prodname_dependabot %} is configured to monitor and when {% data variables.product.prodname_dependabot %} last checked for new versions. + +![Pestaña de perspectivas de repositorio, gráfica de dependencias, pestaña de dependabot](/assets/images/help/dependabot/dependabot-tab-view.png) + +Para obtener más información, consulta la sección "[Listar las dependencias configuradas para las actualizaciones de versión](/github/administering-a-repository/listing-dependencies-configured-for-version-updates)". + +## Inhabilitar las {% data variables.product.prodname_dependabot_version_updates %} + +Puedes inhabilitar las actualizaciones de versión completamente si eliminas el archivo *dependabot.yml* de tu repositorio. Normalmente, tal vez quieras inhabilitar las actualizaciones temporalmente para una o más dependencias o administradores de paquete. + +- Administradores de paquete: inhabilítalas configurando `open-pull-requests-limit: 0` o dejando de comentar el `package-ecosystem` relevante en el archivo de configuración. +- Dependencias específicas: inhabilítalas agregando los atributos de `ignore` para los paquetes o aplicaciones que quieras excluir de las actualizaciones. + +Cuando inhabilitas las dependencias, puedes utilizar comodines para empatar con un conjunto de bibliotecas relacionadas. También puedes especificar qué versiones excluir. Esto es particularmente útil si necesitas bloquear actualizaciones en una biblioteca, el trabajo pendiente para apoyar un cambio sustancial en su API, pero quieres quieres obtener cualquier arreglo de seguridad para la versión que utilices. + +### Ejemplo de inhabilitar las actualizaciones de versión para algunas dependencias + +En este archivo de *dependabot.yml* de ejemplo se incluyen ejemplos de las formas diferentes para inhabilitar las actualizaciones en algunas dependencias, mientras que se permite que otras actualizaciones continuen. + +```yaml +# dependabot.yml file with updates +# disabled for Docker and limited for npm + +version: 2 +updates: + # Configuration for Dockerfile + - package-ecosystem: "docker" + directory: "/" + schedule: + interval: "weekly" + # Disable all pull requests for Docker dependencies + open-pull-requests-limit: 0 + + # Configuration for npm + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + ignore: + # Ignore updates to packages that start with 'aws' + # Wildcards match zero or more arbitrary characters + - dependency-name: "aws*" + # Ignore some updates to the 'express' package + - dependency-name: "express" + # Ignore only new versions for 4.x and 5.x + versions: ["4.x", "5.x"] + # For all packages, ignore all patch updates + - dependency-name: "*" + update-types: ["version-update:semver-patch"] +``` + +For more information about checking for existing ignore preferences, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)." diff --git a/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md b/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md new file mode 100644 index 0000000000..5e17ccc409 --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md @@ -0,0 +1,144 @@ +--- +title: Personalizar las actualizaciones de las dependencias +intro: 'Puedes personalizar cómo el {% data variables.product.prodname_dependabot %} mantiene tus dependencias.' +permissions: 'People with write permissions to a repository can configure {% data variables.product.prodname_dependabot %} for the repository.' +redirect_from: + - /github/administering-a-repository/customizing-dependency-updates + - /code-security/supply-chain-security/customizing-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +type: how_to +topics: + - Dependabot + - Version updates + - Security updates + - Repositories + - Dependencies + - Pull requests + - Vulnerabilities +shortTitle: Pesonalizar las actualizaciones +--- + +{% data reusables.dependabot.beta-security-and-version-updates %} +{% data reusables.dependabot.enterprise-enable-dependabot %} + +## Acerca de personalizar las actualizaciones de las dependencias + +Después de que hayas habilitado la actualización de versiones, puedes personalizar como el {% data variables.product.prodname_dependabot %} mantiene tus dependencias si agregas más opciones al archivo *dependabot.yml*. Por ejemplo, podrías: + +- Especifica en qué día de la semana se abrirán las solicitudes de extracción para la actualización de versiones: `schedule.day` +- Establece revisores, asignados y etiquetas para cada administrador de paquete: `reviewers`, `assignees`, y `labels` +- Define una estrategia de versionamiento para los cambios que se realicen en cada archivo de manifiesto: `versioning-strategy` +- Cambia la cantidad máxima de solicitudes de extracción abiertas para actualizaciones de versión del valor predeterminado que es 5: `open-pull-requests-limit` +- Abre solicitudes de extracción para actualizaciones de versión para seleccionar una rama específica en vez de la rama predeterminada: `target-branch` + +For more information about the configuration options, see "[Configuration options for the dependabot.yml file](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)." + +Cuando actualizas el archivo *dependabot.yml* en tu repositorio, el {% data variables.product.prodname_dependabot %} ejecuta una revisión inmediata con la nueva configuración. Verás una lista de dependencias actualizada en cuestión de minutos en la pestaña de **{% data variables.product.prodname_dependabot %}**, esto podría tomar más tiempo si el reposiorio tiene muchas dependencias. También puedes ver las solicitudes de extracción nuevas para las actualizaciones de versión. Para obtener más información, consulta la sección "[Listar dependencias configuradas para actualizaciones de versión](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates)". + +## Impacto de los cambios de configuración en las actualizaciones de seguridad + +Si personalizas el archivo *dependabot.yml*, podrías notar algunos cambios en las solicitudes de extracción que se levantan para las actualizaciones de seguridad. Estas solicitudes de extracción siempre se activan mediante una asesoría de seguridad para una dependencia en vez de mediante un calendario de programación del {% data variables.product.prodname_dependabot %}. Sin embargo, estas heredan la configuración de ajustes relevante del archivo *dependabot.yml* a menos de que especifiques una rama destino diferente para las actualizaciones de versión. + +Por ejemplo, consulta la sección "[Configurar etiquetas personalizadas](#setting-custom-labels)" a más adelante. + +## Modificar la programación + +Cuando configuras una actualización de tipo `daily`, predeterminadamente, el {% data variables.product.prodname_dependabot %} revisa si hay nuevas versiones a las 05:00 UTC. Puedes utilizar `schedule.time` para especificar una hora alterna para que revise actualizaciones (en formato: `hh:mm`). + +El archivo *dependabot.yml* de ejemplo a continuación expande la configuración de npm para especificar cuándo el {% data variables.product.prodname_dependabot %} debería revisar si hay actualizaciones de versión para las dependencias. + +```yaml +# dependabot.yml file with +# customized schedule for version updates + +version: 2 +updates: + # Keep npm dependencies up to date + - package-ecosystem: "npm" + directory: "/" + # Check the npm registry for updates at 2am UTC + schedule: + interval: "daily" + time: "02:00" +``` + +## Configurar los revisores y asignados + +Predeterminadamente, el {% data variables.product.prodname_dependabot %} levanta solicitudes de extracción sin ningún revisor o asignado. + +Puedes utilizar `reviewers` y `assignees` para especificar los revisores y asignados para todas las solicitudes de extracción que se levanten para un administrador de paquete. Cuando especificas un equipo, debes utilizar el nombre completo de éste, como si estuvieras @mencionándolo (incluyendo la organización). + +El ejemplo de archivo *dependabot.yml* mostrado a continuación cambia las configuraciones npm para que todas las solicitudes de extracción que se hayan abierto con actualizaciones de versión y de seguridad para npm tengan dos revisores y un asignado. + +```yaml +# dependabot.yml file with +# reviews and an assignee for all npm pull requests + +version: 2 +updates: + # Keep npm dependencies up to date + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + # Raise all npm pull requests with reviewers + reviewers: + - "my-org/team-name" + - "octocat" + # Raise all npm pull requests with an assignee + assignees: + - "user-name" +``` + +## Configurar las etiquetas personalizadas + +{% data reusables.dependabot.default-labels %} + +Puedes utilizar `labels` para anular las etiquetas predeterminadas y especificar etiquetas alternas para todas las solicitudes de extracción que se han levantado para un administrador de paquete. No puedes crear etiquetas nuevas en el archivo *dependabot.yml*, así que las etiquetas alternas ya deben existir en el repositorio. + +El siguiente ejemplo de archivo *dependabot.yml* cambia la configuración de npm para que las solicitudes de extracción abiertas con actualizaciones de versión y de seguridad para npm tengan etiquetas personalizadas. También cambia la configuración de Docker para revisar las actualizaciones de versión contra una rama personalizada y para levantar solicitudes de extracción con etiquetas personalizadas contra dicha rama personalizada. Los cambios en Docker no afectarán las solicitudes de extracción para actualizaciones de seguridad, ya que dichas actualizaciones de seguridad siempre se hacen contra la rama predeterminada. + +{% note %} + +**Nota:** La nueva `target-branch` deberá contener un Dockerfile para actualizar, de lo contrario, este cambio tendrá el efecto de inhabilitar las actualizaciones de versión para Docker. + +{% endnote %} + +```yaml +# dependabot.yml file with +# customized npm configuration + +version: 2 +updates: + # Keep npm dependencies up to date + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + # Raise all npm pull requests with custom labels + labels: + - "npm dependencies" + - "triage-board" + + # Keep Docker dependencies up to date + - package-ecosystem: "docker" + directory: "/" + schedule: + interval: "daily" + # Raise pull requests for Docker version updates + # against the "develop" branch. The Docker configuration + # no longer affects security update pull requests. + target-branch: "develop" + # Use custom labels on pull requests for Docker version updates + labels: + - "Docker dependencies" + - "triage-board" +``` + +## Más ejemplos + +For more examples, see "[Configuration options for the dependabot.yml file](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)." diff --git a/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/index.md b/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/index.md new file mode 100644 index 0000000000..a15c2fb8c9 --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/index.md @@ -0,0 +1,26 @@ +--- +title: Keeping your dependencies updated automatically with Dependabot version updates +intro: 'You can use {% data variables.product.prodname_dependabot %} to automatically keep the dependencies and packages used in your repository updated to the latest version, even when they don’t have any known vulnerabilities.' +allowTitleToDifferFromFilename: true +redirect_from: + - /github/administering-a-repository/keeping-your-dependencies-updated-automatically + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Version updates + - Dependencies + - Pull requests +children: + - /about-dependabot-version-updates + - /configuring-dependabot-version-updates + - /listing-dependencies-configured-for-version-updates + - /customizing-dependency-updates + - /configuration-options-for-the-dependabot.yml-file +shortTitle: Actualizaciones de versión del dependabot +--- + diff --git a/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md b/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md new file mode 100644 index 0000000000..b3f534f6c6 --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md @@ -0,0 +1,39 @@ +--- +title: Listar dependencias configuradas para las actualizaciones de versión +intro: 'Puedes ver las dependencias que monitorea el {% data variables.product.prodname_dependabot %} pára encontrar actualizaciones.' +redirect_from: + - /github/administering-a-repository/listing-dependencies-configured-for-version-updates + - /code-security/supply-chain-security/listing-dependencies-configured-for-version-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +type: how_to +topics: + - Repositories + - Dependabot + - Version updates + - Dependencies +shortTitle: Dependencias configuradas en la lista +--- + +{% data reusables.dependabot.beta-security-and-version-updates %} +{% data reusables.dependabot.enterprise-enable-dependabot %} + +## Visualizar dependencias que monitorea el {% data variables.product.prodname_dependabot %} + +Después de que habilites las actualizaciones de versión, puedes confirmar que tu configuración es la correcta si utilizas la pestaña de **{% data variables.product.prodname_dependabot %}** en la gráfica de dependencias para el repositorio. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.accessing-repository-graphs %} +{% data reusables.repositories.click-dependency-graph %} +{% data reusables.dependabot.click-dependabot-tab %} +1. Opcionalmente, para ver los archivos que se monitorean para un administrador de paquete, da clic en el {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} asociado. ![Archivos de dependencia monitoreados](/assets/images/help/dependabot/monitored-dependency-files.png) + +Si no encuentras alguna dependencia, revisa los archivos de bitácora para ver los errores. En caso de que no encuentres algún administrador de paquete, revisa el archivo de configuración. + +## Visualizar los archivos de bitácora del {% data variables.product.prodname_dependabot %} + +1. En la **pestaña de {% data variables.product.prodname_dependabot %}**, da clic en **Revisado por última vez hace *TIME*** para ver el archivo de bitácora que generó el {% data variables.product.prodname_dependabot %} durante su última verificación de actualizaciones de versión. ![Ver el archivo de bitácora](/assets/images/help/dependabot/last-checked-link.png) +2. Opcionalmente, para volver a ejecutar la revisión de versión, da clic en **Revisar si hay actualizaciones**. ![Revisar si hay actualizaciones](/assets/images/help/dependabot/check-for-updates.png) diff --git a/translations/es-ES/content/code-security/dependabot/index.md b/translations/es-ES/content/code-security/dependabot/index.md new file mode 100644 index 0000000000..cb1f4984f9 --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/index.md @@ -0,0 +1,23 @@ +--- +title: Keeping your supply chain secure with Dependabot +shortTitle: Dependabot +intro: 'Monitor vulnerabilities in dependencies used in your project{% ifversion fpt or ghec or ghes > 3.2 %} and keep your dependencies up-to-date{% endif %} with {% data variables.product.prodname_dependabot %}.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +topics: + - Dependabot + - Alerts + - Vulnerabilities + - Repositories + - Dependencies +children: + - /dependabot-alerts + - /dependabot-security-updates + - /dependabot-version-updates + - /working-with-dependabot +--- + diff --git a/translations/es-ES/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md new file mode 100644 index 0000000000..3fa452941f --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md @@ -0,0 +1,557 @@ +--- +title: Automatizar al Dependabot con las GitHub Actions +intro: 'Ejemplos de cómo puedes utilizar las {% data variables.product.prodname_actions %} para automatizar las tareas comunes relacionadas con el {% data variables.product.prodname_dependabot %}.' +permissions: 'People with write permissions to a repository can configure {% data variables.product.prodname_actions %} to respond to {% data variables.product.prodname_dependabot %}-created pull requests.' +miniTocMaxHeadingLevel: 3 +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +type: how_to +topics: + - Actions + - Dependabot + - Version updates + - Security updates + - Repositories + - Dependencies + - Pull requests +shortTitle: Utiliza el Dependabot con las acciones +redirect_from: + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions +--- + +{% data reusables.dependabot.beta-security-and-version-updates %} +{% data reusables.dependabot.enterprise-enable-dependabot %} + +## Acerca del {% data variables.product.prodname_dependabot %} y de las {% data variables.product.prodname_actions %} + +El {% data variables.product.prodname_dependabot %} crea las solicitudes de cambios para mantener actualizadas tus dependencias y puedes utilizar las {% data variables.product.prodname_actions %} para llevar a cabo tareas automatizadas cuando se creen estas solicitudes de cambios. Por ejemplo, recupera artefactos adicionales, agrega etiquetas, ejecuta pruebas o modifica la solicitud de cambios de cualquier otra forma. + +## Responder a los eventos + +El {% data variables.product.prodname_dependabot %} puede activar flujos de trabajo de las {% data variables.product.prodname_actions %} en sus solicitudes de cambios y comentarios; sin embargo, algunos eventos se tratan de forma distinta. + +{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5792 %} +Para el caso de los flujos de trabajo que inicia el {% data variables.product.prodname_dependabot %} (`github.actor == "dependabot[bot]"`) y que utilizan los eventos `pull_request`, `pull_request_review`, `pull_request_review_comment`, `push`, `create`, `deployment` y `deployment_status`, aplican las siguientes restricciones: +{% endif %} + +- {% ifversion ghes = 3.3 %} El `GITHUB_TOKEN` tiene permisos de solo lectura, a menos de que tu adminsitrador haya eliminado las restricciones.{% else %} El `GITHUB_TOKEN` tiene permisos de solo lectura predeterminadamente.{% endif %} +- {% ifversion ghes = 3.3 %}No se puede acceder a los secretos a menos de que tu administrador haya eliminado las restricciones.{% else %}Los secretos se llenan desde los secretos del {% data variables.product.prodname_dependabot %}. Los secretos de las {% data variables.product.prodname_actions %} no están disponibles.{% endif %} + +{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5792 %} +Para el caso de los flujos de trabajo que inicia el {% data variables.product.prodname_dependabot %}(`github.actor == "dependabot[bot]"`) y utilizan el evento `pull_request_target`, si {% data variables.product.prodname_dependabot %} (`github.actor == "dependabot[bot]"`) creó la ref base de la solicitud de cambios, entonces el `GITHUB_TOKEN` será de solo lectura y los secretos no estarán disponibles. +{% endif %} + +Para obtener màs informaciòn, consulta la secciòn "[Mantener seguras tus GitHub Actions y flujos de trabajo: Prevenir solicitudes de tipo pwn](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)". + +{% ifversion fpt or ghec or ghes > 3.3 %} + +### Cambiar los permisos de `GITHUB_TOKEN` + +Predeterminadamente, los flujos de trabajo de las {% data variables.product.prodname_actions %} que activa el {% data variables.product.prodname_dependabot %} obtendrán un `GITHUB_TOKEN` con permisos de solo lectura. Puedes utilizar la llave de `permissions` en tu flujo de trabajo para incrementar el acceso del token: + +{% raw %} + +```yaml +name: CI +on: pull_request + +# Set the access for individual scopes, or use permissions: write-all +permissions: + pull-requests: write + issues: write + repository-projects: write + ... + +jobs: + ... +``` + +{% endraw %} + +Para obtener màs informaciòn, consulta la secciòn "[Modificar los permisos para el GITHUB_TOKEN](/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token)". + +### Acceder a los secretos + +Cuando un evento del {% data variables.product.prodname_dependabot %} activa un flujo de trabajo, los únicos secretos disponibles para dicho flujo de trabajo son los del {% data variables.product.prodname_dependabot %}. Los secretos de las {% data variables.product.prodname_actions %} no están disponibles. Por lo tanto, debes almacenar cualquier secreto que utilice un flujo de trabajo activado mediante los eventos del {% data variables.product.prodname_dependabot %} como secretos del {% data variables.product.prodname_dependabot %}. Para obtener más información, consulta la sección "[Administrar los secretos cifrados del Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)". + +Los secretos del {% data variables.product.prodname_dependabot %} se agregan al contexto de `secrets` y se referencian utilizando exactamente la misma sintaxis que la de los secretos para las {% data variables.product.prodname_actions %}. Para obtener más información, consulta la sección "[Secretos cifrados](/actions/security-guides/encrypted-secrets#using-encrypted-secrets-in-a-workflow)". + +Si tienes un flujo de trabajo que se activará mediante el {% data variables.product.prodname_dependabot %} y también mediante otros actores, la solución más simple es almacenar el token con los permisos requeridos en una acción y en un secreto del {% data variables.product.prodname_dependabot %} con nombres idénticos. Entonces, el flujo de trabajo puede incluir una llamada simple a estos secretos. Si el secreto del {% data variables.product.prodname_dependabot %} tiene un nombre diferente, utiliza condiciones para especificar los secretos correctos para que los utilicen los diferentes actores. Para ver ejemplos que utilizan condiciones, consulta la sección de "[Automatizaciones comunes](#common-dependabot-automations)" a continuación. + +Para acceder a un registro de contenedor privado en AWS con un nombre de usuario y contraseña, un flujo de trabajo deberá incluir un secreto para el `username` y la `password`. En el siguiente ejemplo, cuando el {% data variables.product.prodname_dependabot %} activa el flujo de trabajo, se utilizan los secretos del {% data variables.product.prodname_dependabot %} con los nombres `READONLY_AWS_ACCESS_KEY_ID` y `READONLY_AWS_ACCESS_KEY`. Si otro actor activa el flujo de trabajo, se utilizarán los secretos de las acciones con estos nombres. + +{% raw %} + +```yaml +name: CI +on: + pull_request: + branches: [ main ] + +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Login to private container registry for dependencies + uses: docker/login-action@v1 + with: + registry: https://1234567890.dkr.ecr.us-east-1.amazonaws.com + username: ${{ secrets.READONLY_AWS_ACCESS_KEY_ID }} + password: ${{ secrets.READONLY_AWS_ACCESS_KEY }} + + - name: Build the Docker image + run: docker build . --file Dockerfile --tag my-image-name:$(date +%s) +``` + +{% endraw %} + +{% endif %} + +{% ifversion ghes = 3.3 %} + +{% note %} + +**Nota:** Tu administrador de sitio puede anular estas restricciones para {% data variables.product.product_location %}. Para obtener más información, consulta la sección "[Solucionar los problemas de las {% data variables.product.prodname_actions %} en tu empresa](/admin/github-actions/advanced-configuration-and-troubleshooting/troubleshooting-github-actions-for-your-enterprise#troubleshooting-failures-when-dependabot-triggers-existing-workflows)". + +Si se eliminan las restricciones, cuando el {% data variables.product.prodname_dependabot %} active un flujo de trabajo, este tendrá acceso a los secretos de las {% data variables.product.prodname_actions %} y podrá utilizar el término `permissions` para incrementar el alcance predeterminado del `GITHUB_TOKEN` desde el acceso de solo lectura. Puedes ignorar los pasos específicos en las secciones de "Eventos de manejo de `pull_request`" y de "Eventos de manejo de `push`", ya que esto ya no aplica. + +{% endnote %} + +### Manejar los eventos de `pull_request` + +Si tu flujo de trabajo necesita acceso a los secretos o a un `GITHUB_TOKEN` con permisos de escritura, tienes dos opciones: utilizar `pull_request_target`, o utilizar dos flujos de trabajo separados. En esta sección, describiremos a detalle cómo utilizar `pull_request_target` y utilizaremos los dos siguientes flujos de trabajo en cómo "[Manejar eventos `push`](#handling-push-events)". + +Debajo hay un ejemplo simple de un flujo de trabajo de una `pull_request` que podría estar fallando ahora: + +{% raw %} + +```yaml +### This workflow now has no secrets and a read-only token +name: Dependabot Workflow +on: + pull_request + +jobs: + dependabot: + runs-on: ubuntu-latest + # Always check the actor is Dependabot to prevent your workflow from failing on non-Dependabot PRs + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - uses: actions/checkout@v2 +``` + +{% endraw %} + +Puedes reemplazar a `pull_request` con `pull_request_target`, el cual se utiliza para las solicitudes de cambio de las bifurcaciones y revisar explícitamente el `HEAD` de la solicitud de cambios. + +{% warning %} + +**Advertencia:** El utilizar `pull_request_target` como sustituto de `pull_request` de expone a un comportamiento inseguro. Te recomendamos utilizar el método de dos flujos de trabajo de acuerdo con lo que se describe a continuación en "[Administrar eventos `push`](#handling-push-events)". + +{% endwarning %} + +{% raw %} + +```yaml +### This workflow has access to secrets and a read-write token +name: Dependabot Workflow +on: + pull_request_target + +permissions: + # Downscope as necessary, since you now have a read-write token + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - uses: actions/checkout@v2 + with: + # Check out the pull request HEAD + ref: ${{ github.event.pull_request.head.sha }} + github-token: ${{ secrets.GITHUB_TOKEN }} +``` + +{% endraw %} + +También se recomienda fuertemente que bajes el alcance de los permisos que otorgas al `GITHUB_TOKEN` para poder evitar que se fugue un token con más privilegios de lo necesario. Para obtener más información, consulta ña sección "[Permisos del `GITHUB_TOKEN`](/actions/reference/authentication-in-a-workflow#permissions-for-the-github_token)". + +### Manejar eventos `push` + +Ya que no hay un equivalente de `pull_request_target` para los eventos `push`, tendrás que utilizar dos flujos de trabajo: uno no confiable que termine cargando artefactos, el cual activará un segundo flujo de trabajo que descargará los artefactos y seguirá procesándose. + +El primer flujo de trabajo lleva a cabo cualquier trabajo no confiable: + +{% raw %} + +```yaml +### This workflow doesn't have access to secrets and has a read-only token +name: Dependabot Untrusted Workflow +on: + push + +jobs: + check-dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - uses: ... +``` + +{% endraw %} + +El segundo flujo de trabajo llevará a cabo el trabajo confiable después de que el primero se complete exitosamente: + +{% raw %} + +```yaml +### This workflow has access to secrets and a read-write token +name: Dependabot Trusted Workflow +on: + workflow_run: + workflows: ["Dependabot Untrusted Workflow"] + types: + - completed + +permissions: + # Downscope as necessary, since you now have a read-write token + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.event.workflow_run.conclusion == 'success' }} + steps: + - uses: ... +``` + +{% endraw %} + +{% endif %} + +### Volver a ejecutar un flujo de trabajo manualmente + +También puedes volver a ejecutar un flujo de trabajo fallido del Dependabot manualmente y este seguirá ejecutándose con un token de lectura-escritura y con acceso a los secretos. Antes de volver a ejecutar los flujos de trabajo fallidos manualmente, siempre debes verificar la dependencia que se está actualizando para asegurarte de que el cambio no introduzca ningún comportamiento imprevisto o malicioso. + +## Automatizaciones comunes del Dependabot + +Aquí mostramos varios escenarios comunes que pueden automatizarse utilizando las {% data variables.product.prodname_actions %}. + +{% ifversion ghes = 3.3 %} + +{% note %} + +**Nota:** Si tu administrador de sitio anuló las restricciones del {% data variables.product.prodname_dependabot %} en {% data variables.product.product_location %}, puedes utilizar `pull_request` en vez de `pull_request_target` en los siguientes flujos de trabajo. + +{% endnote %} + +{% endif %} + +### Recuperar metadatos de una solicitud de cambios + +Automatizar mucho requiere saber información del contenido de la solicitud de cambios: cuál era el nombre de la dependencia, si es una dependencia productva y si es una actualización de parche menor o mayor. + +La acción `dependabot/fetch-metadata` te proporciona toda esta información: + +{% ifversion ghes = 3.3 %} + +{% raw %} + +```yaml +name: Dependabot fetch metadata +on: pull_request_target + +permissions: + pull-requests: write + issues: write + repository-projects: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - name: Dependabot metadata + id: dependabot-metadata + uses: dependabot/fetch-metadata@v1.1.1 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + # The following properties are now available: + # - steps.dependabot-metadata.outputs.dependency-names + # - steps.dependabot-metadata.outputs.dependency-type + # - steps.dependabot-metadata.outputs.update-type +``` + +{% endraw %} + +{% else %} + +{% raw %} + +```yaml +name: Dependabot fetch metadata +on: pull_request + +permissions: + pull-requests: write + issues: write + repository-projects: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v1.1.1 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + # The following properties are now available: + # - steps.metadata.outputs.dependency-names + # - steps.metadata.outputs.dependency-type + # - steps.metadata.outputs.update-type +``` + +{% endraw %} + +{% endif %} + +Para obtener más información, consulta el repositorio [`dependabot/fetch-metadata`](https://github.com/dependabot/fetch-metadata). + +### Etiquetar una solicitud de cambios + +Si tienes otros flujos de trabajo de automatización o clasificación que se basen en etiquetas de {% data variables.product.prodname_dotcom %}, puedes configurar una acción para asignar etiquetas con base en los metadatos proporcionados. + +Por ejemplo, si quieres etiquetar todas las actualizaciones de las dependencias de producción con una etiqueta: + +{% ifversion ghes = 3.3 %} + +{% raw %} + +```yaml +name: Dependabot auto-label +on: pull_request_target + +permissions: + pull-requests: write + issues: write + repository-projects: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - name: Dependabot metadata + id: dependabot-metadata + uses: dependabot/fetch-metadata@v1.1.1 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Add a label for all production dependencies + if: ${{ steps.dependabot-metadata.outputs.dependency-type == 'direct:production' }} + run: gh pr edit "$PR_URL" --add-label "production" + env: + PR_URL: ${{github.event.pull_request.html_url}} +``` + +{% endraw %} + +{% else %} + +{% raw %} + +```yaml +name: Dependabot auto-label +on: pull_request + +permissions: + pull-requests: write + issues: write + repository-projects: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v1.1.1 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Add a label for all production dependencies + if: ${{ steps.metadata.outputs.dependency-type == 'direct:production' }} + run: gh pr edit "$PR_URL" --add-label "production" + env: + PR_URL: ${{github.event.pull_request.html_url}} +``` + +{% endraw %} + +{% endif %} + +### Aprobar una solicitud de cambios + +Si quieres aprobar las solicitudes de cambios del Dependabot automáticamente, puedes utilizar el {% data variables.product.prodname_cli %} en un flujo de trabajo: + +{% ifversion ghes = 3.3 %} + +{% raw %} + +```yaml +name: Dependabot auto-approve +on: pull_request_target + +permissions: + pull-requests: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - name: Dependabot metadata + id: dependabot-metadata + uses: dependabot/fetch-metadata@v1.1.1 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Approve a PR + run: gh pr review --approve "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} +``` + +{% endraw %} + +{% else %} + +{% raw %} + +```yaml +name: Dependabot auto-approve +on: pull_request + +permissions: + pull-requests: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v1.1.1 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Approve a PR + run: gh pr review --approve "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} +``` + +{% endraw %} + +{% endif %} + +### Habilita la fusión automática en una solicitud de cambios + +Si quieres fusionar tus solicitudes de cambios automáticamente, puedes utilizar la funcionalidad de fusión automática de {% data variables.product.prodname_dotcom %}. Esto habilita a la solicitud de cambios para que se fusione cuando se cumpla con todas las pruebas y aprobaciones requeridas. Para obtener más información sobre la fusión automática, consulta la sección "[Fusionar una solicitud de cambios automáticamente](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)". + +Aquí tienes un ejemplo de cómo habilitar la fusión automática para todas las actualizaciones de parche en `my-dependency`: + +{% ifversion ghes = 3.3 %} + +{% raw %} + +```yaml +name: Dependabot auto-merge +on: pull_request_target + +permissions: + pull-requests: write + contents: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - name: Dependabot metadata + id: dependabot-metadata + uses: dependabot/fetch-metadata@v1.1.1 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Enable auto-merge for Dependabot PRs + if: ${{contains(steps.dependabot-metadata.outputs.dependency-names, 'my-dependency') && steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch'}} + run: gh pr merge --auto --merge "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} +``` + +{% endraw %} + +{% else %} + +{% raw %} + +```yaml +name: Dependabot auto-merge +on: pull_request + +permissions: + pull-requests: write + contents: write + +jobs: + dependabot: + runs-on: ubuntu-latest + if: ${{ github.actor == 'dependabot[bot]' }} + steps: + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@v1.1.1 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Enable auto-merge for Dependabot PRs + if: ${{contains(steps.metadata.outputs.dependency-names, 'my-dependency') && steps.metadata.outputs.update-type == 'version-update:semver-patch'}} + run: gh pr merge --auto --merge "$PR_URL" + env: + PR_URL: ${{github.event.pull_request.html_url}} + GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} +``` + +{% endraw %} + +{% endif %} + +## Solucionar los problemas de las ejecuciones de flujo de trabajo fallidas + +Si tu ejecución de flujo de trabajo falla, verifica lo siguiente: + +{% ifversion ghes = 3.3 %} + +- Estás ejecutando el flujo de trabajo únicamente cuando el actor adecuado lo activa. +- Estás verificando la `ref` de tu `pull_request`. +- No estás intentando acceder a los secretos desde un evento de `pull_request`, `pull_request_review`, `pull_request_review_comment`, o `push` activado por el Dependabot. +- No estás intentando llevar a cabo ninguna acción de `write` desde dentro de un evento de tipo `pull_request`, `pull_request_review`, `pull_request_review_comment`, o `push` que haya activado el Dependabot. + +{% else %} + +- Estás ejecutando el flujo de trabajo únicamente cuando el actor adecuado lo activa. +- Estás verificando la `ref` de tu `pull_request`. +- Tus secretos están disponibles en los secretos del {% data variables.product.prodname_dependabot %}, en vez de como secretos de las {% data variables.product.prodname_actions %}. +- Si tienes un `GITHUB_TOKEN` con los permisos correctos. + +{% endif %} + +Para obtener más información sobre cómo escribir y depurar las {% data variables.product.prodname_actions %}, consulta la sección "[Aprender sobre las Acciones de GitHub](/actions/learn-github-actions)". diff --git a/translations/es-ES/content/code-security/dependabot/working-with-dependabot/index.md b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/index.md new file mode 100644 index 0000000000..2ff0dbc0da --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/index.md @@ -0,0 +1,24 @@ +--- +title: Working with Dependabot +shortTitle: Work with Dependabot +intro: 'Guidance and recommendations for working with {% data variables.product.prodname_dependabot %}, such as managing pull requests raised by {% data variables.product.prodname_dependabot %}, using {% data variables.product.prodname_actions %} with {% data variables.product.prodname_dependabot %}, and troubleshooting {% data variables.product.prodname_dependabot %} errors.' +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Version updates + - Security updates + - Dependencies + - Pull requests +children: + - /managing-pull-requests-for-dependency-updates + - /automating-dependabot-with-github-actions + - /keeping-your-actions-up-to-date-with-dependabot + - /managing-encrypted-secrets-for-dependabot + - /troubleshooting-the-detection-of-vulnerable-dependencies + - /troubleshooting-dependabot-errors +--- + diff --git a/translations/es-ES/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md new file mode 100644 index 0000000000..15b1f0c5c3 --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md @@ -0,0 +1,65 @@ +--- +title: Mantener tus acciones actualizadas con el Dependabot +intro: 'Puedes utilizar el {% data variables.product.prodname_dependabot %} para mantener las acciones que utilizas actualizadas en sus versiones más recientes.' +redirect_from: + - /github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot + - /github/administering-a-repository/keeping-your-actions-up-to-date-with-dependabot + - /code-security/supply-chain-security/keeping-your-actions-up-to-date-with-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +type: how_to +topics: + - Repositories + - Dependabot + - Version updates + - Actions +shortTitle: Acciones de actualización automática +--- + +{% data reusables.dependabot.beta-security-and-version-updates %} + +{% data reusables.dependabot.enterprise-enable-dependabot %} + +## Acerca de {% data variables.product.prodname_dependabot_version_updates %} para las acciones + +Las acciones a menudo se actualizan con correcciones de errores y con nuevas características para que los procesos automatizados sean más confiables, rápidos y seguros. Cundo habilitas las {% data variables.product.prodname_dependabot_version_updates %} para {% data variables.product.prodname_actions %}, {% data variables.product.prodname_dependabot %} te ayudará a asegurarte de que las referencias para las acciones en el archivo *workflow.yml* de un repositorio se mantengan actualizadas. El {% data variables.product.prodname_dependabot %} verifica la referencia de la acción para cada una de ellas en el archivo (habitualmente un número de versión o identificador de confirmación que se asocie con la acción) contra la última versión. Si alguna versión más reciente de la acción está disponible, el {% data variables.product.prodname_dependabot %} te enviará una solicitud de extracción que actualice la referencia en el archivo de flujo de trabajo a su última versión. Para obtener más información acerca de las {% data variables.product.prodname_dependabot_version_updates %}, consulta la sección "[Acerca del {% data variables.product.prodname_dependabot_version_updates %}](/github/administering-a-repository/about-dependabot-version-updates)". Para obtener más información acerca de configurar flujos de trabajo para las {% data variables.product.prodname_actions %}, consulta la sección "[Aprende sobre las {% data variables.product.prodname_actions %}](/actions/learn-github-actions)". + +{% data reusables.actions.workflow-runs-dependabot-note %} + +## Habilitar las {% data variables.product.prodname_dependabot_version_updates %} para las acciones + +{% data reusables.dependabot.create-dependabot-yml %}Si ya habilitaste las {% data variables.product.prodname_dependabot_version_updates %} para otros ecosistemas o administradores de paquetes, simplemente abre el archivo *dependabot.yml* existente. +1. Especifica `"github-actions"` como el `package-ecosystem` a monitorear. +1. Configura el `directory` como `"/"` para verificar los archivos de flujo de trabajo en `.github/workflows`. +1. Configura un `schedule.interval` para especificar la frecuencia en la que se revisará si hay versiones nuevas. +{% data reusables.dependabot.check-in-dependabot-yml %}Si editaste un archivo existente, guarda tus cambios. + +También puedes habilitar las {% data variables.product.prodname_dependabot_version_updates %} en las bifurcaciones. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-version-updates-on-forks)." + +### Archivo de ejemplo de *dependabot.yml* para {% data variables.product.prodname_actions %} + +El siguiente ejemplo de archivo de *dependabot.yml* configura las actualizaciones de versión para {% data variables.product.prodname_actions %}. El `directory` debe configurarse como `"/"` para verificar los archivos de flujo de trabajo en `.github/workflows`. El `schedule.interval` se configura en `"daily"`. Después de que se verifique o actualice este archivo, el {% data variables.product.prodname_dependabot %} revisará si hay versiones nuevas de tus acciones. El {% data variables.product.prodname_dependabot %} levantará solicitudes de extracción para las actualizaciones de versión de cualquier acción desactualizada que encuentre. Después de las actualizaciones de versión iniciales, el {% data variables.product.prodname_dependabot %} seguirá buscando versiones desactualizadas para las acciones una vez por día. + +```yaml +# Set update schedule for GitHub Actions + +version: 2 +updates: + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + # Check for updates to GitHub Actions every weekday + interval: "daily" +``` + +## Configurar las {% data variables.product.prodname_dependabot_version_updates %} para las acciones + +Cuando habilitas las {% data variables.product.prodname_dependabot_version_updates %} para las acciones, debes especificar los valores de `package-ecosystem`, `directory`, y `schedule.interval`. Hay muchas más propiedades opcionales que puedes configurar para personalizar tus actualizaciones de versión aún más. For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates)." + +## Leer más + +- "[Acerca de GitHub Actions](/actions/getting-started-with-github-actions/about-github-actions)" diff --git a/translations/es-ES/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md new file mode 100644 index 0000000000..a1e0968781 --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md @@ -0,0 +1,91 @@ +--- +title: Administrar los secretos cifrados para el Dependabot +intro: 'Puedes almacenar la información sensible, como las contraseñas y tokens de acceso, como secretos cifrados y luego referenciarlos en el archivo de configuración del {% data variables.product.prodname_dependabot %}.' +redirect_from: + - /github/administering-a-repository/managing-encrypted-secrets-for-dependabot + - /code-security/supply-chain-security/managing-encrypted-secrets-for-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +type: how_to +topics: + - Dependabot + - Version updates + - Secret store + - Repositories + - Dependencies +shortTitle: Administrar los secretos cifrados +--- + +{% data reusables.dependabot.beta-security-and-version-updates %} + +## Acerca de los secretos cifrados para los {% data variables.product.prodname_dependabot %} + +Los secretos del {% data variables.product.prodname_dependabot %} son credenciales cifradas que creas ya sea a nivel de la organización o del repositorio. +Cuando agregas un secreto a nivel de la organización, puedes especificar qué repositorios pueden acceder a éste. Puedes utilizar secretos para permitir que el {% data variables.product.prodname_dependabot %} actualice las dependencias que se ubiquen en los registros del paquete. Cuando agregas un secreto que está cifrado antes de llegar a {% data variables.product.prodname_dotcom %} y permanece cifrado hasta que lo utiliza el {% data variables.product.prodname_dependabot %} para acceder a un registro de paquetes privado. + +Después de que agregas un secreto del {% data variables.product.prodname_dependabot %}, puedes referenciarlo en el archivo de configuración _dependabot.yml_ de esta forma: {% raw %}`${{secrets.NAME}}`{% endraw %}, en donde "NAME" es el nombre que eliges para el secreto. Por ejemplo: + +{% raw %} +```yaml +password: ${{secrets.MY_ARTIFACTORY_PASSWORD}} +``` +{% endraw %} + +For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." + +### Nombrar tus secretos + +El nombre de un secreto del {% data variables.product.prodname_dependabot %}: +* Solo puede contener caracteres alfanuméricos (`[A-Z]`, `[0-9]`) o guiones bajos (`_`). No se permiten espacios. Si escribes en minúscula, se cambiará todo a mayúsculas. +* No puede iniciar con el prefijo `GITHUB_`. +* No puede iniciar con un número. + +## Agregar un secreto de repositorio para el {% data variables.product.prodname_dependabot %} + +{% data reusables.actions.permissions-statement-secrets-repository %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +{% data reusables.actions.sidebar-secret %} +{% data reusables.dependabot.dependabot-secrets-button %} +1. Da clic en **Secreto de repositorio nuevo**. +1. Teclea un nombre para tu secreto en el cuadro de entrada **Name**. +1. Ingresa el valor de tu secreto. +1. Haz clic en **Agregar secreto** (Agregar secreto). + + El nombre del secreto se lista en la página de secretos del Dependabot. Puedes hacer clic en **Actualizar** para cambiar el valor del secreto. Puedes hacer clic en **Eliminar** para borrar el secreto. + + ![Actualizar o eliminar un secreto del repositorio](/assets/images/help/dependabot/update-remove-repo-secret.png) + +## Agregar un secreto de organización para el {% data variables.product.prodname_dependabot %} + +Cuando creas un secreto en una organización, puedes utilizar una política para limitar el acceso de los repositorios a este. Por ejemplo, puedes otorgar acceso a todos los repositorios, o limitarlo a solo los repositorios privados o a una lista específica de estos. + +{% data reusables.actions.permissions-statement-secrets-organization %} + +{% data reusables.organizations.navigate-to-org %} +{% data reusables.organizations.org_settings %} +{% data reusables.actions.sidebar-secret %} +{% data reusables.dependabot.dependabot-secrets-button %} +1. Da clic en **Secreto de organización nuevo**. +1. Teclea un nombre para tu secreto en el cuadro de entrada **Name**. +1. Ingresa el **Valor** para tu secreto. +1. Desde la lista desplegable **Acceso de los repositorios**, elige una política de acceso. +1. Si eliges **Repositorios seleccionados**: + + * Da clic en {% octicon "gear" aria-label="The Gear icon" %}. + * Elige los repositorios que pueden acceder a este secreto. ![Selecciona los repositorios para este secreto](/assets/images/help/dependabot/secret-repository-access.png) + * Haz clic en **Actualizar selección**. + +1. Haz clic en **Agregar secreto** (Agregar secreto). + + El nombre del secreto se lista en la página de secretos del Dependabot. Puedes hacer clic en **Actualizar** para cambiar el valor del secreto o su política de acceso. Puedes hacer clic en **Eliminar** para borrar el secreto. + + ![Actualiza o elimina un secreto de organización](/assets/images/help/dependabot/update-remove-org-secret.png) + +## Agregar al {% data variables.product.prodname_dependabot %} a tu lista de direcciones IP permitidas de tus registros + +Si tu registro privado se configura con una lista de direcciones IP permitidas, puedes encontrar las direcciones IP que utiliza el {% data variables.product.prodname_dependabot %} para acceder al registro en la terminal API del meta, bajo la clave `dependabot`. Para obtener más información, consulta la sección "[Meta](/rest/reference/meta)". diff --git a/translations/es-ES/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md new file mode 100644 index 0000000000..2d6833e15f --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md @@ -0,0 +1,66 @@ +--- +title: Administrar las solicitudes de extracción para las actualizaciones de dependencia +intro: 'Administrarás las solicitudes de extracción que levante el {% data variables.product.prodname_dependabot %} de casi la misma forma que cualquier otra solicitud de extracción, pero hay algunas opciones adicionales.' +redirect_from: + - /github/administering-a-repository/managing-pull-requests-for-dependency-updates + - /code-security/supply-chain-security/managing-pull-requests-for-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates +versions: + fpt: '*' + ghec: '*' + ghes: '> 3.2' +type: how_to +topics: + - Repositories + - Version updates + - Security updates + - Pull requests + - Dependencies + - Vulnerabilities +shortTitle: Administrar las solicitudes de cambios del Dependabot +--- + +{% data reusables.dependabot.beta-security-and-version-updates %} +{% data reusables.dependabot.enterprise-enable-dependabot %} + +## Acerca de las solicitudes de extracción del {% data variables.product.prodname_dependabot %} + +{% data reusables.dependabot.pull-request-introduction %} + +Cuando el {% data variables.product.prodname_dependabot %} levanta una solicitud de extracción, se te notificará con el método que hayas escogido para el repositorio. Cada solicitud de cambios contiene información detallada sobre el cambio propusto, que se toma del administrador de paquetes. Estas solicitudes de extracción siguen las revisiones y pruebas normales que se definieron en tu repositorio. +{% ifversion fpt or ghec %}Adicionalmente, cuando haya suficiente información disponible, verás una puntuación de compatibilidad. Esto también podría ayudarte a decidir si quieres fusionar el cambio o no. Para obtener información sobre esta puntuación, consulta la sección "[Acerca de las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)".{% endif %} + +Si tienes muchas dependencias para administrar, tal vez quieras personalizar la configuración para cada administrador de paquete y que así, las solicitudes de extracción tengan revisores, asignados, y etiquetas específicos. Para obtener más información, consulta la sección "[Personalizar actualizaciones de dependencias](/github/administering-a-repository/customizing-dependency-updates)". + +## Visualizar las solicitudes de extracción del {% data variables.product.prodname_dependabot %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-pr %} +1. Cualquier solicitud de cambio de actualizaciones de versión o de seguridad se puede identificar fácilmente. + - El autor es {% ifversion fpt or ghec %}[dependabot](https://github.com/dependabot){% else %}dependabot{% endif %}, la cuenta bot que utiliza el {% data variables.product.prodname_dependabot %}. + - Predeterminadamente, tienen la etiqueta `dependencies`. + +## Cambiar la estrategia de rebase para las solicitudes de extracción del {% data variables.product.prodname_dependabot %} + +Predeterminadamente, el {% data variables.product.prodname_dependabot %} rebasa automáticamente las solicitudes de extracción para resolver cualquier conflicto. Si prefieres manejar los conflictos de fusión manualmente, puedes inhabilitar esta opción utilizando la opción de `rebase-strategy`. For details, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#rebase-strategy)." + +## Administrar las solicitudes de extracción del {% data variables.product.prodname_dependabot %} con comandos de comentario + +El {% data variables.product.prodname_dependabot %} responde a comandos simples en los comentarios. Cada solicitud de cambios contiene detalles de los comandos que puedes utilizar para procesarla (por ejemplo: para fusionarla, combinarla, reabrirla, cerrarla o rebasarla) bajo la sección de "comandos y opciones del {% data variables.product.prodname_dependabot %}". El objetivo es facilitar tanto como sea posible el que se pueda clasificar automáticamente las solicitudes de extracción generadas. + +Puedes utilizar cualquiera de los siguientes comandos en una solicitud de cambios del {% data variables.product.prodname_dependabot %}. + +- `@dependabot cancel merge` cancela una fusión previamente solicitada. +- `@dependabot close` cierra la solicitud de cambios y previene que el {% data variables.product.prodname_dependabot %} vuelva a crearla. Puedes lograr el mismo resultado si cierras la solicitud de cambios manualmente. +- `@dependabot ignore this dependency` cierra la solicitud de cambios y previene que {% data variables.product.prodname_dependabot %} cree más solicitudes de cambios para esta dependencia (a menos de que vuelvas a abrir la solicitud de cambios para mejorarla a la versión sugerida de la dependencia tú mismo). +- `@dependabot ignore this major version` cierra la solicitud de cambios y previene que el {% data variables.product.prodname_dependabot %} cree más solicitudes de cambio para esta versión mayor (a menos de que vuelvas a abrir la solicitud de cambios o de que tú mismo mejores a esta versión mayor). +- `@dependabot ignore this minor version` cierra la solicitud de cambios y previene que el {% data variables.product.prodname_dependabot %} cree más solicitudes de cambio para esta versión menor (a menos de que vuelvas a abrir la solicitud de cambios o que tú mismo mejores a esta versión menor). +- `@dependabot merge` fusiona la solicitud de cambios una vez que tus pruebas de IC hayan pasado. +- `@dependabot rebase` rebasa la solicitud de cambios. +- `@dependabot recreate` vuelve a crear la solicitud de cambios, sobreescribiendo cualquier edición que se le haya hecho. +- `@dependabot reopen` vuelve a abrir la solicitud de cambios si es que se había cerrado. +- `@dependabot squash and merge` combina y fusiona la solicitud de cambios una vez que hayan pasado tus pruebas de IC. + +El {% data variables.product.prodname_dependabot %} reaccionará con un emoji de "pulgares arriba" para reconocer el comando y podrá responder con un comentario de la solicitud de cambios. Si bien el {% data variables.product.prodname_dependabot %} a menudo responde rápidamente, algunos comandos podrían tardar varios minutos para completarse si el {% data variables.product.prodname_dependabot %} está ocupado procesando otras actualizaciones o comandos. + +Si ejecutas cualquiera de los comandos para ignorar las dependencias o las versiones, el {% data variables.product.prodname_dependabot %} almacena las preferencias para el repositorio centralmente. Si bien esta es una solución rápida, para aquellos repositorios con más de un colaborador, es mejor definir explícitamente las dependencias y versiones a ignorar en el archivo de configuración. Esto hace que todos los colaboradores puedan ver más fácilmente por qué una dependencia en particular no se está actualizando automáticamente. For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)." diff --git a/translations/es-ES/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md new file mode 100644 index 0000000000..0566e72e6b --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md @@ -0,0 +1,129 @@ +--- +title: Solucionar problemas de los errores del Dependabot +intro: 'Algunas veces, el {% data variables.product.prodname_dependabot %} no puede levantar solicitudes de cambios para actualizar tus dependencias. Puedes revisar el error y desbloquear al {% data variables.product.prodname_dependabot %}.' +shortTitle: Solución de errores +redirect_from: + - /github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors + - /github/managing-security-vulnerabilities/troubleshooting-dependabot-errors + - /code-security/supply-chain-security/troubleshooting-dependabot-errors + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +type: how_to +topics: + - Dependabot + - Security updates + - Version updates + - Repositories + - Pull requests + - Troubleshooting + - Errors + - Dependencies +--- + +{% data reusables.dependabot.beta-security-and-version-updates %} + +{% data reusables.dependabot.enterprise-enable-dependabot %} + +## Acerca de los errores del {% data variables.product.prodname_dependabot %} + +{% data reusables.dependabot.pull-request-introduction %} + +Si existe algo que impida que el {% data variables.product.prodname_dependabot %} levante una solicitud de cambios, esto se reporta como un error. + +## Investigar los errores de las {% data variables.product.prodname_dependabot_security_updates %} + +Cuando se bloquea al {% data variables.product.prodname_dependabot %} y no puede crear una solicitud de cambios para arreglar una alerta del {% data variables.product.prodname_dependabot %}, éste publica el mensaje de error en la alerta. La vista de {% data variables.product.prodname_dependabot_alerts %} muestra una lista de cualquier alerta que aún no se haya resuelto. Para acceder a la vista de alertas, da clic en **{% data variables.product.prodname_dependabot_alerts %}** en la pestaña de **Seguridad** del repositorio. Donde sea que se genere una solicitud de cambios que arregle una dependencia vulnerable, la alerta incluirá un enlace a dicha solicitud. + +![Vista de las {% data variables.product.prodname_dependabot_alerts %} que muestra un enlace a una solicitud de cambios](/assets/images/help/dependabot/dependabot-alert-pr-link.png) + +Hay tres razones por las cuales una alerta pudiera no tener un enlace a una solicitud de cambios: + +1. No se han habilitado las {% data variables.product.prodname_dependabot_security_updates %} en el repositorio. +1. La alerta es para una dependencia transitoria o indirecta que no se definió explícitamente en un archivo de bloqueo. +1. Un error bloqueó al {% data variables.product.prodname_dependabot %} y éste no puede crear una solicitud de cambios. + +Si existe un error que bloqueó al {% data variables.product.prodname_dependabot %} y éste no puede crear una solicitud de cambios, puedes mostrar los detalles del error si das clic en la alerta. + +## Investigar los errores de las {% data variables.product.prodname_dependabot_version_updates %} + +Cuando el {% data variables.product.prodname_dependabot %} se bloquea y no puede crear una solicitud de cambios para actualizar una dependencia en un ecosistema, éste publica el icono de error en el archivo de manifiesto. Los archivos de manifiesto que administra el {% data variables.product.prodname_dependabot %} se listan en la pestaña de {% data variables.product.prodname_dependabot %}. Para acceder a esta pestaña, en la pestaña de **perspectivas** del repositorio, da clic en **Gráfica de dependencias**, y luego en la pestaña **{% data variables.product.prodname_dependabot %}**. + +![vista del {% data variables.product.prodname_dependabot %} que muestra un error](/assets/images/help/dependabot/dependabot-tab-view-error.png) + +{% ifversion fpt or ghec %} + +Para ver el archivo de bitácora de cualquier archivo de manifiesto, da clic en el enlace de **Última revisión hace TIEMPO**. Cuando muestras el archivo de bitácora de un manifiesto que se muestra con un símbolo de error (por ejemplo, Maven en la impresión de pantalla anterior), cualquier error se mostrará también. + +![Error y bitácora de una actualizacón de versión del {% data variables.product.prodname_dependabot %} ](/assets/images/help/dependabot/dependabot-version-update-error.png) + +{% else %} + +Para ver las bitácoras de cualquier archivo de manifiesto, haz clic en el enlace de **Verificado por última vez HACE** y luego en **Ver bitácoras**. + +![Error y bitácora de una actualizacón de versión del {% data variables.product.prodname_dependabot %} ](/assets/images/enterprise/3.3/dependabot/dependabot-version-update-error.png) + +{% endif %} + +## Entender los errores del {% data variables.product.prodname_dependabot %} + +Las solicitudes de cambios para las actualizaciones de seguridad actúan para mejorar una dependencia vulnerable a la versión mínima que incluya un arreglo de la vulnerabilidad. Por el contrario, las solicitudes de cambios para las actualizaciones de versión actúan para mejorar una dependencia a la última versión que permite el paquete de archivos de manifiesto y de configuración del {% data variables.product.prodname_dependabot %}. Como consecuencia, algunos errores son específicos de un tipo de actualización. + +### El {% data variables.product.prodname_dependabot %} no puede actualizar la DEPENDENCIA a una versión no-vulnerable + +**Únicamente actualizaciones de seguridad.** El {% data variables.product.prodname_dependabot %} no puede crear una solicitud de cambios para actualizar la dependencia vulnerable a una versión segura sin afectar otras dependencias en la gráfica de dependencias de este repositorio. + +Cada aplicación que tenga dependencias tiene una gráfica de dependencias, esto es, una gráfica acíclica dirigida de cada versión de paquete de la cual depende la aplicación directa o indirectamente. Cada vez que se actualiza una dependencia, esta gráfica debe resolverse o la aplicación no se compilará. Cuando un ecosistema tiene una gráfica de dependencias profunda y compleja, por ejemplo, npm y RubyGems, es a menudo imposible mejorar una sola dependencia sin mejorar todo el ecosistema. + +La mejor forma de evitar este problema es mantenerse actualizado con los lanzamientos de versiones más recientes, por ejemplo, habilitando las actualizaciones de versión. Esto aumenta la probabilidad de que una vulnerabilidad en alguna dependencia pueda resolverse con una mejora simple que no afecte la gráfica de dependencias. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." + +### El {% data variables.product.prodname_dependabot %} no puede actualizar a la versión requerida porque ya existe una solicitud de cambios abierta para la última versión + +**Únicamente actualizaciones de seguridad.** El {% data variables.product.prodname_dependabot %}no creará una solicitud de cambios para actualizar la dependencia vulnerable a una versión segura porque ya existe una solicitud de cambios abierta para actualizar dicha dependencia. Verás éste error cuando se detecte una vulnerabilidad en una dependencia específica y ya exista una solicitud de cambios abierta para actualizar dicha dependencia a la última versión disponible. + +Existen dos opciones: puedes revisar la solicitud de cambios abierta y fusionarla tan pronto como puedas garantizar que el cambio es seguro, o cerrar la solicitud de cambios y activar una solicitud nueva de actualización de seguridad. Para obtener más información, consulta la sección "[Activar una solicitud de cambios del {% data variables.product.prodname_dependabot %} manualmente](#triggering-a-dependabot-pull-request-manually)". + +### El {% data variables.product.prodname_dependabot %} agotó el tiempo de espera durante su actualización + +El {% data variables.product.prodname_dependabot %} tardó más del límite de tiempo máximo permitido para valorar la actualización requerida y preparar una solicitud de cambios. Este error a menudo se ve únicamente en los repositorios grandes con muchos archivos de manifiesto, por ejemplo, en los proyectos de npm o yarn monorepo, que tienen cientos de archivos *package.json*. Las actualizaciones en el ecosistema de Composer también llevan más tiempo para su valoración y podrían exceder el tiempo de espera. + +Es difícil tratar a este error. Si una actualización de versión excede el tiempo de espera, podrías especificar las dependencias más importantes a actualizar utilizando el parámetro `allow` o, como alternativa, utilizar el parámetro `ignore` para excluir algunas de las dependencias de estas actualizaciones. El actualizar tu configuración podría permitir que el {% data variables.product.prodname_dependabot %} revise la actualización de versión y genere la solicitud de cambios en el tiempo disponible. + +Si una actualización de seguridad excede el tiempo de espera, puedes reducir la probabilidad de que esto suceda si mantienes las dependencias actualizadas, por ejemplo, habilitando las actualizaciones de versión. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." + +### El {% data variables.product.prodname_dependabot %} no puede abrir más solicitudes de cambios + +Hay un límite en la cantidad de solicitudes de cambios abiertas que el {% data variables.product.prodname_dependabot %} puede generar. Cuando se llega a éste límite, no se podrán abrir más solicitudes de cambios y se reportará este error. La mejor forma de resolver este error es revisar y fusionar algunas de las solicitudes de cambios abiertas. + +Hay límites separados para las solicitudes de cambios de actualización de seguridad y de versión, y esto es para que aquellas de actualización de versión no bloqueen la creación de las de actualización de seguridad. El límite para las solicitudes de cambios de actualizaciones de seguridad es de 10. Predeterminadamente, el límite para las actualizaciones de versión es de 5, pero puedes cambiar ésto utilizando el parámetro `open-pull-requests-limit` en el archivo de configuración. For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit)." + +La mejor forma de resolver este error es fusionar o cerrar algunas de las solicitudes de cambios existentes y activar una solicitud de cambios nueva manualmente. Para obtener más información, consulta la sección "[Activar una solicitud de cambios del {% data variables.product.prodname_dependabot %} manualmente](#triggering-a-dependabot-pull-request-manually)". + +### El {% data variables.product.prodname_dependabot %} no puede resolver o acceder a tus dependencias + +Si el {% data variables.product.prodname_dependabot %} intenta verificar si las referencias de la dependencia necesitan actualizarse en un repositorio, pero no puede acceder a uno o más de los archivos referenciados, la operación fallará con el mensaje de error "{% data variables.product.prodname_dependabot %} can't resolve your LANGUAGE dependency files". El tipo de error de la API es `git_dependencies_not_reachable`. + +De forma similar, si el {% data variables.product.prodname_dependabot %} no puede acceder a un registro de un paquete privado en el cual se ubica la dependencia, se generará alguno de los siguientes errores: + +* "El dependabot no puede llegar a la dependencia en un registro de paquete privado"
(Tipo de error de la API: `private_source_not_reachable`) +* "El Dependabot no puede autenticarse en un registro de paquete privado"
(Tipo de error de la API:`private_source_authentication_failure`) +* "El Dependabot llegó al límite de tiempo de espera para un registro de paquete privado"
(Tipo de error de la API:`private_source_timed_out`) +* "El Dependabot no pudo validar el certificado para un registro de paquete privado"
(Tipo de error de la API:`private_source_certificate_failure`) + +Para permitir añ {% data variables.product.prodname_dependabot %} actualizar las referencias de dependencia exitosamente, asegúrate que todas las dependencias referencias se hospeden en ubicaciones accesibles. + +**Únicamente actualizaciones de versión** {% data reusables.dependabot.private-dependencies-note %} Adicionalmente, el {% data variables.product.prodname_dependabot %} no es compatible con dependencias de {% data variables.product.prodname_dotcom %} privadas para todos los administradores de paquetes. Para obtener más información, consulta la sección "[Acerca de las actualizaciones de versión del Dependabot](/github/administering-a-repository/about-dependabot-version-updates#supported-repositories-and-ecosystems)". + +## Activar una solicitud de cambios del {% data variables.product.prodname_dependabot %} manualmente + +Si desbloqueas al {% data variables.product.prodname_dependabot %}, puedes activar manualmente un nuevo intento de crear una solicitud de cambios. + +- **Actualizaciones de seguridad**—muestra la alerta del {% data variables.product.prodname_dependabot %} que presente el error que arreglaste y da clic en **Crear una actualización de seguridad del {% data variables.product.prodname_dependabot %}**. +- **Actualizaciones de versión**—en la pestaña de **Perspectivas** del repositorio, da clic en **Gráfica de dependencias** y luego en la pestaña de **Dependabot**. Da clic en **Verificado hace *TIME*** para ver el archivo de bitácora que generó el {% data variables.product.prodname_dependabot %} durante la última verificación de actualizaciones de versión. Da clic en **Verificar actualizaciones**. + +## Leer más + +- "[Troubleshooting the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)" +- "[Solucionar problemas en la detección de dependencias vulnerables](/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies)" diff --git a/translations/es-ES/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md new file mode 100644 index 0000000000..f74b635180 --- /dev/null +++ b/translations/es-ES/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md @@ -0,0 +1,93 @@ +--- +title: Solucionar problemas en la detección de dependencias vulnerables +intro: 'Si la información de la dependencia que reportó {% data variables.product.product_name %} no es lo que esperabas, hay varios puntos a considerar y varias cosas que puedes revisar.' +shortTitle: Troubleshoot vulnerability detection +redirect_from: + - /github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies + - /code-security/supply-chain-security/troubleshooting-the-detection-of-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +type: how_to +topics: + - Dependabot + - Alerts + - Troubleshooting + - Errors + - Security updates + - Dependencies + - Vulnerabilities + - CVEs + - Repositories +--- + +{% data reusables.dependabot.beta-security-and-version-updates %} +{% data reusables.dependabot.result-discrepancy %} + +## ¿Por qué parece que faltan algunas dependencias? + +{% data variables.product.prodname_dotcom %} genera y muestra los datos de las dependencias de forma diferente a otras herramientas. En consecuencia, si has estado utilizando otra herramienta para identificar dependencias, muy probablemente encuentres resultados diferentes. Considera lo sigueinte: + +* {% data variables.product.prodname_advisory_database %} es una de las fuentes de datos que utiliza {% data variables.product.prodname_dotcom %} para identificar las dependencias vulnerables. Es una base de datos de información de vulnerabilidades orgtanizada y gratuita para los ecosistemas de paquetes comunes en {% data variables.product.prodname_dotcom %}. Esta incluye tanto los datos reportados directamente a {% data variables.product.prodname_dotcom %} desde {% data variables.product.prodname_security_advisories %}, así como las fuentes oficiales y las comunitarias. {% data variables.product.prodname_dotcom %} revisa y organiza estos datos para garantizar que la información falsa o inprocesable no se comparta con la comunidad de desarrollo. {% data reusables.security-advisory.link-browsing-advisory-db %} +* La gráfica de dependencias analiza todos los archivos de manifiesto de paquetes conocidos en un repositorio de usuario. Por ejemplo, para npm analizará el archivo _package-lock.json_. Construye una gráfica de todas las dependencias del repositorio y de los dependientes públicos. Esto sucede cuando habilitas la gráfica de dependencias y cuando alguien hace cargas a la rama predeterminada, y esto incluye a las confirmaciones que hacen cambios a un formato de manifiesto compatible. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" and "[Troubleshooting the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)." +* {% data variables.product.prodname_dependabot %} escanea cualquier subida a la rama predeterminada que contenga un archivo de manifiesto. Cuando se agrega un registro de vulnerabilidad nuevo, este escanea todos los repositorios existentes y genera una alerta para cada repositorio vulnerable. Las {% data variables.product.prodname_dependabot_alerts %} se agregan a nivel del repositorio, en vez de crear una alerta por cada vulnerabilidad. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." +* {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} se activa cuando recibes una alerta sobre una dependencia vulnerable en tu repositorio. Cuando sea posible, el {% data variables.product.prodname_dependabot %} creará una solicitud de cambios en tu repositorio para actualizar la dependencia vulnerable a la versión segura mínima posible que se requiere para evitar la vulnerabilidad. Para obtener más información, consulta las secciones "[Acerca de las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" y "[Solucionar problemas en los errores del {% data variables.product.prodname_dependabot %}](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)". + + {% endif %}El {% data variables.product.prodname_dependabot %} no escanea los repositorios para encontrar dependencias vulnerables en horarios específicos, sino cuando algo cambia. Por ejemplo, se activará un escaneo cuando se agregue una dependencia nueva ({% data variables.product.prodname_dotcom %} verifica esto en cada subida) o cuando se agrega una vulnerabilidad a la base de datos de las asesorías {% ifversion ghes or ghae-issue-4864 %} y se sincroniza con {% data variables.product.product_location %}{% endif %}. Para obtener más información, consulta la sección "[Acerca de las {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)". + +## Do {% data variables.product.prodname_dependabot_alerts %} only relate to vulnerable dependencies in manifests and lockfiles? + +Las {% data variables.product.prodname_dependabot_alerts %} te asesoran sobre las dependencias que debes actualizar, incluyendo aquellas transitivas en donde la versión se puede determinar desde un manifiesto o lockfile. {% ifversion fpt or ghec or ghes > 3.2 %}Las {% data variables.product.prodname_dependabot_security_updates %} solo sugieren un cambio donde el {% data variables.product.prodname_dependabot %} pueda "arreglar" la dependencia directamente, es decir, cuando estas son: +* Dependencias directas declaradas explícitamente en un manifiesto o lockfile +* Dependencias transitorias declaradas en un archivo de bloqueo{% endif %} + +**Verifica**; ¿Acaso no se especifica la vulnerabilidad no detectada para un componente en el manifiesto o lockfile del repositorio? + +## ¿Por qué no me llegan alertas de vulnerabilidades de algunos ecosistemas? + +{% data variables.product.prodname_dotcom %} limita su soporte para alertas de vulnerabilidades a un conjunto de ecosistemas donde podemos proporcionar datos procesables de alta calidad. Las vulnerabilidades que se seleccionan para la {% data variables.product.prodname_advisory_database %}, la gráfica de dependencias, las actualizaciones de seguridad del {% ifversion fpt or ghec %}{% data variables.product.prodname_dependabot %} {% endif %}y las {% data variables.product.prodname_dependabot_alerts %} se proporcionan para diversos ecosistemas, incluyendo Maven de Java, Yarn y npm de Javascript, NuGet de .NET, pip de Python, RubyGems de Ruby y Composer de PHP. Seguiremos agregando soporte para más ecosistemas a la larga. Para obtener una vista general de los ecosistemas de paquete que soportamos, consulta la sección "[Acerca del gráfico de dependencias](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)". + +No vale de nada que las Asesorías de Seguridad de {% data variables.product.prodname_dotcom %} pudiese existir para otros ecosistemas. La información en una asesoría de seguridad la porporcionan los mantenedores de un repositorio específico. Estos datos no se organizan de la misma forma que la información para los ecosistemas compatibles. {% ifversion fpt or ghec %}Para obtener más información, consulta la sección "[Acerca de las Asesorías de Seguridad de {% data variables.product.prodname_dotcom %}](/github/managing-security-vulnerabilities/about-github-security-advisories)."{% endif %} + +**Verifica**: ¿Acaso la vulnerabilidad que no se detectó aplica a algún ecosistema no compatible? + +## ¿Acaso el {% data variables.product.prodname_dependabot %} genera alertas para vulnerabilidades que se han conocido por muchos años? + +La {% data variables.product.prodname_advisory_database %} se lanzó en noviembre de 2019 e incialmente rellenó la inclusión de vulnerabilidades informáticas para los ecosistemas compatibles, comenzando en 2017. Cuando agregas CVE a la base de datos, priorizamos la organización de CVE nuevos y los CVE que afecten las versiones nuevas del software. + +Alguna información sobre las vulnerabilidades antiguas se encuentra disponible, especialmente en donde estos CVE se diseminan específicamente, sin embargo, algunas vulnerabilidades no se incluyen en la {% data variables.product.prodname_advisory_database %}. Si hay una vulnerabilidad antigua específica la cual necesites incluir en la base de datos, contacta a {% data variables.contact.contact_support %}. + +**Verifica**: ¿Acaso la vulnerabilidad no detectada tiene una fecha depublicación más antigua de 2017 en la Base de Datos de Vulnerabilidades Nacional? + +## Por qué la {% data variables.product.prodname_advisory_database %} utiliza un subconjunto de datos de vulnerabilidades publicados? + +Algunas herramientas de terceros utilizan datos de CVE sin organizar y no las verificó ni filtró un humano. Esto significa que los CVE con errores de etiquetado o de severidad, o con cualquier problema de calidad, causarán alertas más frecuentes, ruidosas y menos útiles. + +Ya que {% data variables.product.prodname_dependabot %} utiliza datos organizado en la {% data variables.product.prodname_advisory_database %}, la cantidad de alertas podría ser menor, pero las alertas que sí recibas serán exactas y relevantes. + +{% ifversion fpt or ghec %} +## ¿Acaso cada vulnerabilidad de la dependencia genera una alerta separada? + +Cuando una dependencia tiene vulnerabilidades múltiples, se genera una alerta para cada una de ellas a nivel de la asesoría más el manifiesto. + +![Captura de pantalla de la pestaña de {% data variables.product.prodname_dependabot_alerts %} que muestra dos alertas del mismo paquete con diferentes manifiestos.](/assets/images/help/repository/dependabot-alerts-view.png) + +Las {% data variables.product.prodname_dependabot_alerts %} tradicionales se agruparon en una sola alerta agregada con todas las vulnerabilidades de la misma dependencia. Si navegas a un enlace a una alerta tradicional del {% data variables.product.prodname_dependabot %}, se te redirigirá a la pestaña de {% data variables.product.prodname_dependabot_alerts %} filtrada para mostrar vulnerabilidades de ese paquete y manifiesto dependientes. + +![Captura de pantalla de la pestaña de {% data variables.product.prodname_dependabot_alerts %} que muestra las alertas filtradas cuando se navega desde una alerta tradicional del {% data variables.product.prodname_dependabot %}.](/assets/images/help/repository/legacy-dependabot-alerts-view.png) + +El conteo de {% data variables.product.prodname_dependabot_alerts %} en {% data variables.product.prodname_dotcom %} muestra el total de la cantidad de alertas, el cual es el número de vulnerabilidades y no la cantidad de dependencias. + +**Verifica**: Si hay alguna discrepancia en los totales que ves, verifica que no estés comparando números de alerta con números de dependencia. También, verifica que estés viendo todas las alertas y no solo un subconjunto de alertas filtradas. +{% endif %} + +## Leer más + +- "[Acerca de las {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Administrar la configuración de seguridad y de análisis para tu organización](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" +- "[Troubleshooting the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[Solucionar problemas de los errores del {% data variables.product.prodname_dependabot %}](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"{% endif %} diff --git a/translations/es-ES/content/code-security/getting-started/github-security-features.md b/translations/es-ES/content/code-security/getting-started/github-security-features.md index 19655b0a18..21c6e0e3f7 100644 --- a/translations/es-ES/content/code-security/getting-started/github-security-features.md +++ b/translations/es-ES/content/code-security/getting-started/github-security-features.md @@ -37,7 +37,7 @@ Privately discuss and fix security vulnerabilities in your repository's code. Yo ### {% data variables.product.prodname_dependabot_alerts %} and security updates -View alerts about dependencies that are known to contain security vulnerabilities, and choose whether to have pull requests generated automatically to update these dependencies. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" +View alerts about dependencies that are known to contain security vulnerabilities, and choose whether to have pull requests generated automatically to update these dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." {% endif %} @@ -46,7 +46,7 @@ and "[About {% data variables.product.prodname_dependabot_security_updates %}](/ {% data reusables.dependabot.dependabot-alerts-beta %} -View alerts about dependencies that are known to contain security vulnerabilities, and manage these alerts. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +View alerts about dependencies that are known to contain security vulnerabilities, and manage these alerts. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." {% endif %} {% ifversion fpt or ghec or ghes > 3.2 %} diff --git a/translations/es-ES/content/code-security/getting-started/securing-your-organization.md b/translations/es-ES/content/code-security/getting-started/securing-your-organization.md index bd40761fce..667abbef44 100644 --- a/translations/es-ES/content/code-security/getting-started/securing-your-organization.md +++ b/translations/es-ES/content/code-security/getting-started/securing-your-organization.md @@ -48,7 +48,7 @@ You can create a default security policy that will display in any of your organi {% data reusables.dependabot.dependabot-alerts-beta %} {% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} -For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)," "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)," and "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." +For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)," "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)," and "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." {% endif %} {% ifversion fpt or ghes > 3.1 or ghae-issue-4864 or ghec %} @@ -79,7 +79,7 @@ For more information, see "[About {% data variables.product.prodname_dependabot_ You can enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/about-dependabot-version-updates)." -To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." {% endif %} @@ -135,7 +135,7 @@ For more information, see "[Managing security and analysis settings for your org ## Next steps {% ifversion fpt or ghes > 3.1 or ghec %}You can view, filter, and sort security alerts for repositories owned by your organization in the security overview. For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)."{% endif %} -You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing and updating vulnerable dependencies in your repository](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." +You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." {% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)." {% endif %} diff --git a/translations/es-ES/content/code-security/getting-started/securing-your-repository.md b/translations/es-ES/content/code-security/getting-started/securing-your-repository.md index 293eb3185b..1073b342f8 100644 --- a/translations/es-ES/content/code-security/getting-started/securing-your-repository.md +++ b/translations/es-ES/content/code-security/getting-started/securing-your-repository.md @@ -75,7 +75,7 @@ For more information, see "[Exploring the dependencies of a repository](/code-se {% data reusables.dependabot.dependabot-alerts-beta %} {% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} -For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt or ghec %}" and "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account){% endif %}." +For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt or ghec %}" and "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account){% endif %}." {% endif %} @@ -111,7 +111,7 @@ For more information, see "[About {% data variables.product.prodname_dependabot_ You can enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/about-dependabot-version-updates)." -To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." {% endif %} @@ -132,7 +132,7 @@ You can set up {% data variables.product.prodname_code_scanning %} to automatica {% endif %} ## Next steps -You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing and updating vulnerable dependencies in your repository](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." +You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." {% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)." {% endif %} diff --git a/translations/es-ES/content/code-security/guides.md b/translations/es-ES/content/code-security/guides.md index 99bf070513..f039f78ff4 100644 --- a/translations/es-ES/content/code-security/guides.md +++ b/translations/es-ES/content/code-security/guides.md @@ -18,6 +18,7 @@ learningTracks: - code_security_actions - code_security_ci - code_security_integration + - end_to_end_supply_chain includeGuides: - /code-security/getting-started/adding-a-security-policy-to-your-repository - /code-security/getting-started/github-security-features @@ -74,7 +75,6 @@ includeGuides: - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates diff --git a/translations/es-ES/content/code-security/index.md b/translations/es-ES/content/code-security/index.md index ec13e102f5..e7248afec2 100644 --- a/translations/es-ES/content/code-security/index.md +++ b/translations/es-ES/content/code-security/index.md @@ -19,6 +19,7 @@ featuredLinks: - '{% ifversion ghes < 3.3 or ghae %}/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories{% endif %}' - '{% ifversion ghae %}/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github{% endif %}' - '{% ifversion ghae %}/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system{% endif %}' + - /code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview popular: - '{% ifversion ghes %}/admin/release-notes{% endif %}' - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies @@ -53,6 +54,7 @@ children: - /code-scanning - /repository-security-advisories - /supply-chain-security + - /dependabot - /security-overview - /guides --- diff --git a/translations/es-ES/content/code-security/secret-scanning/about-secret-scanning.md b/translations/es-ES/content/code-security/secret-scanning/about-secret-scanning.md index 884e8b3e26..9549eaaae2 100644 --- a/translations/es-ES/content/code-security/secret-scanning/about-secret-scanning.md +++ b/translations/es-ES/content/code-security/secret-scanning/about-secret-scanning.md @@ -31,9 +31,9 @@ If your project communicates with an external service, you might use a token or {% ifversion fpt or ghec %} {% data variables.product.prodname_secret_scanning_caps %} is available on {% data variables.product.prodname_dotcom_the_website %} in two forms: -1. **{% data variables.product.prodname_secret_scanning_partner_caps %}.** Runs automatically on all public repositories. Any strings that match patterns that were provided by secret scanning partners are reported directly to the relvant partner. +1. **{% data variables.product.prodname_secret_scanning_partner_caps %}.** Runs automatically on all public repositories. Any strings that match patterns that were provided by secret scanning partners are reported directly to the relevant partner. -2. **{% data variables.product.prodname_secret_scanning_GHAS_caps %}.** You can enable and configure additional scanning for repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. Any strings that match patterns provided by secret scannng partners, by other service providers, or defined by your organization are reported as alerts in the "Security" tab of repositories. If a string in a public repository matches a partner pattern, it is also reported to the partner. +2. **{% data variables.product.prodname_secret_scanning_GHAS_caps %}.** You can enable and configure additional scanning for repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. Any strings that match patterns provided by secret scanning partners, by other service providers, or defined by your organization, are reported as alerts in the "Security" tab of repositories. If a string in a public repository matches a partner pattern, it is also reported to the partner. {% endif %} Service providers can partner with {% data variables.product.company_short %} to provide their secret formats for scanning. {% data reusables.secret-scanning.partner-program-link %} @@ -48,11 +48,12 @@ You cannot change the configuration of {% data variables.product.prodname_secret {% ifversion fpt %} {% note %} -**Note:** Organizations using {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_GH_advanced_security %} can also enable {% data variables.product.prodname_secret_scanning_GHAS %} on any repository they own, including private repositories. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/secret-security/about-secret-scanning#about-secret-scanning-for-advanced-security). +{% data reusables.secret-scanning.fpt-GHAS-scans %} {% endnote %} {% endif %} + {% endif %} {% ifversion not fpt %} diff --git a/translations/es-ES/content/code-security/security-overview/about-the-security-overview.md b/translations/es-ES/content/code-security/security-overview/about-the-security-overview.md index caac5c1400..5f830ae100 100644 --- a/translations/es-ES/content/code-security/security-overview/about-the-security-overview.md +++ b/translations/es-ES/content/code-security/security-overview/about-the-security-overview.md @@ -28,7 +28,7 @@ shortTitle: Acerca del resumen de seguridad Puedes utilizar el resumen de seguirdad para tener una vista de nivel alto del estado de seguridad de tu organización o para identificar repositorios problemáticos que requieren intervención. You can view aggregate or repository-specific security information in the security overview. You can also use the security overview to see which security features are enabled for your repositories and to configure any available security features that are not currently in use. -El resumen de seguridad indica si se encuentran habilitadas las características de {% ifversion fpt or ghes > 3.1 or ghec %}seguridad{% endif %}{% ifversion ghae %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} para los repositorios que pertenecen a tu organización y consolida las alertas para cada característica.{% ifversion fpt or ghes > 3.1 or ghec %} Las características de seguridad incluyen aquellas de {% data variables.product.prodname_GH_advanced_security %}, como el {% data variables.product.prodname_code_scanning %} y el {% data variables.product.prodname_secret_scanning %}, así como las {% data variables.product.prodname_dependabot_alerts %}.{% endif %} Para obtener más información sobre las características de la {% data variables.product.prodname_GH_advanced_security %}, consulta la sección "[Acerca de la {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)".{% ifversion fpt or ghes > 3.1 or ghec %} Para obtener más información sobre las {% data variables.product.prodname_dependabot_alerts %}, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)".{% endif %} +The security overview indicates whether {% ifversion fpt or ghes > 3.1 or ghec %}security{% endif %}{% ifversion ghae %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} features are enabled for repositories owned by your organization and consolidates alerts for each feature.{% ifversion fpt or ghes > 3.1 or ghec %} Security features include {% data variables.product.prodname_GH_advanced_security %} features, such as {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_secret_scanning %}, as well as {% data variables.product.prodname_dependabot_alerts %}.{% endif %} For more information about {% data variables.product.prodname_GH_advanced_security %} features, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)."{% ifversion fpt or ghes > 3.1 or ghec %} For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)."{% endif %} Para obtener más información sobre cómo proteger tu código a nivel de repositorio u organización, consulta las secciones "[Proteger tu repositorio](/code-security/getting-started/securing-your-repository)" y "[Proteger tu organización](/code-security/getting-started/securing-your-organization)". @@ -54,7 +54,7 @@ Para cada repositorio en el resumen de seguridad, verás iconos de cada tipo de | ------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | {% octicon "code-square" aria-label="Code scanning alerts" %} | Alertas de {% data variables.product.prodname_code_scanning_capc %}. Para obtener más información, consulta la sección "[Acerca del {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/about-code-scanning)". | | {% octicon "key" aria-label="Secret scanning alerts" %} | alertas del {% data variables.product.prodname_secret_scanning_caps %}. Para obtener más información, consulta la sección "[Acerca del {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/about-secret-scanning)". | -| {% octicon "hubot" aria-label="Dependabot alerts" %} | {% data variables.product.prodname_dependabot_alerts %}. Para obtener más información, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)". | +| {% octicon "hubot" aria-label="Dependabot alerts" %} | {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." | | {% octicon "check" aria-label="Check" %} | La característica de seguridad se habilitó pero no levanta alertas en este repositorio. | | {% octicon "x" aria-label="x" %} | La característica de seguridad no es compatible con este repositorio. | diff --git a/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md b/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md new file mode 100644 index 0000000000..f0f2a0cba4 --- /dev/null +++ b/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md @@ -0,0 +1,38 @@ +--- +title: Securing your end-to-end supply chain +shortTitle: Resumen +allowTitleToDifferFromFilename: true +intro: 'Introducing best practice guides on complete end-to-end supply chain security including personal accounts, code, and build processes.' +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Organizations + - Teams + - Dependencies + - Advanced Security +--- + +## What is the end-to-end supply chain? + +At its core, end-to-end software supply chain security is about making sure the code you distribute hasn't been tampered with. Previously, attackers focused on targeting dependencies you use, for example libraries and frameworks. Attackers have now expanded their focus to include targeting user accounts and build processes, and so those systems must be defended as well. + +## About these guides + +This series of guides explains how to think about securing your end-to-end supply chain: personal account, code, and build processes. Each guide explains the risk to that area, and introduces the {% data variables.product.product_name %} features that can help you address that risk. + +Everyone's needs are different, so each guide starts with the highest impact change, and continues from there with additional improvements you should consider. You should feel free to skip around and focus on improvements you think will have the biggest benefit. The goal isn't to do everything at once but to continuously improve security in your systems over time. + +- "[Best practices for securing accounts](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)" + +- "[Best practices for securing code in your supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)" + +- "[Best practices for securing your build system](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)" + +## Leer más + +- [Safeguarding artifact integrity across any software supply chain](https://slsa.dev/) +- [Microsoft Supply Chain Integrity Model](https://github.com/microsoft/scim) +- [Software Supply Chain Security Paper - CNCF Security Technical Advisory Group](https://github.com/cncf/tag-security/blob/main/supply-chain-security/supply-chain-security-paper/CNCF_SSCP_v1.pdf) diff --git a/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md b/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md new file mode 100644 index 0000000000..0cf0b8d7ad --- /dev/null +++ b/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md @@ -0,0 +1,20 @@ +--- +title: End-to-end supply chain +intro: 'How to think about securing your user accounts, your code, and your build process' +versions: + fpt: '*' + ghec: '*' + ghes: '*' +topics: + - Security overview + - Organizations + - Teams + - Dependencies + - Advanced Security +children: + - /end-to-end-supply-chain-overview + - /securing-accounts + - /securing-code + - /securing-builds +--- + diff --git a/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md b/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md new file mode 100644 index 0000000000..4cf0a69f55 --- /dev/null +++ b/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md @@ -0,0 +1,137 @@ +--- +title: Best practices for securing accounts +shortTitle: Securing accounts +allowTitleToDifferFromFilename: true +intro: Guidance on how to protect accounts with access to your software supply chain. +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Organizations + - Teams + - SSH + - Security + - Accounts +--- + +## About this guide + +This guide describes the highest impact changes you can make to increase account security. Each section outlines a change you can make to your processes to improve the security. The highest impact changes are listed first. + +## What's the risk? + +Account security is fundamental to the security of your supply chain. If an attacker can take over your account on {% data variables.product.product_name %}, they can then make malicious changes to your code or build process. So your first goal should be to make it difficult for someone to take over your account and the accounts of other {% ifversion ghes %}users{% else %}members{% endif %} of {% ifversion fpt %}your organization{% elsif ghec or ghae %}your organization or enterprise{% elsif ghes %}{% data variables.product.product_location %}{% endif %}. + +{% ifversion ghec or ghes %} +## Centralize authentication +{% endif %} + +{% ifversion ghec %} +If you're an enterprise or organization owner, you can configure centralized authentication with SAML. While you can add or remove members manually, it's simpler and more secure to set up single sign-on (SSO) and SCIM between {% data variables.product.product_name %} and your SAML identity provider (IdP). This also simplifies the authentication process for all members of your enterprise. + +You can configure SAML authentication for an enterprise or organization account. With SAML, you can grant access to the personal accounts of members of your enterprise or organization on {% data variables.product.product_location %} through your IdP, or you can create and control the accounts that belong to your enterprise by using {% data variables.product.prodname_emus %}. For more information, see "[About identity and access management with SAML single sign-on](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)". + +After you configure SAML authentication, when members request access to your resources, they'll be directed to your SSO flow to ensure they are still recognized by your IdP. If they are unrecognized, their request is declined. + +Some IdPs support a protocol called SCIM, which can automatically provision or deprovision access on {% data variables.product.product_name %} when you make changes on your IdP. With SCIM, you can simplify administration as your team grows, and you can quickly revoke access to accounts. SCIM is available for individual organizations on {% data variables.product.product_name %}, or for enterprises that use {% data variables.product.prodname_emus %}. Para obtener más información, consulta la sección "[Acerca de SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)". +{% endif %} + +{% ifversion ghes %} +If you're the site administrator for {% data variables.product.product_location %}, you can simplify the login experience for users by choosing an authentication method that connects with your existing identity provider (IdP), like CAS, SAML, or LDAP. This means that they no longer need to remember an extra password for {% data variables.product.prodname_dotcom %}. + +Some authentication methods also support communicating additional information to {% data variables.product.product_name %}, for example, what groups the user is a member of, or synchronizing cryptographic keys for the user. This is a great way to simplify your administration as your organization grows. + +For more information on these authentication methods, see "[Using CAS](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-cas)," "[Using SAML](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml)," and "[Using LDAP](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-ldap)." +{% endif %} + +## Configure two-factor authentication + +The best way to improve the security of {% ifversion fpt %}your personal account{% elsif ghes %}your personal account or {% data variables.product.product_location %}{% elsif ghec %}your accounts{% elsif ghae %}your enterprise on {% data variables.product.product_name %}{% endif %} is to configure two-factor authentication (2FA){% ifversion ghae %} on your SAML identity provider (IdP){% endif %}. Passwords by themselves can be compromised by being guessable, by being reused on another site that's been compromised, or by social engineering, like phishing. 2FA makes it much more difficult for your accounts to be compromised, even if an attacker has your password. + +{% ifversion not ghae %} + +{% ifversion ghec %} +If you're an enterprise owner, you may be able to configure a policy to require 2FA for all organizations owned by your enterprise. +{% endif %} + +{% ifversion ghes %} +If you're the site administrator for {% data variables.product.product_location %}, you may be able to configure 2FA for all users of your instance. The availability of 2FA on {% data variables.product.product_name %} depends on the authentication method that you use. For more information, see "[Centralize user authentication](#centralize-user-authentication)." +{% endif %} + +If you're an organization owner, then you {% ifversion fpt %}can{% else %}may be able to{% endif %} require that all members of the organization enable 2FA. + +{% ifversion ghec or ghes %} + +### Configure your enterprise account + +Enterprise owners may be able to require 2FA for all {% ifversion ghes %}users on{% elsif ghec %}members of{% endif %} the {% ifversion ghes %}instance{% elsif ghec %}enterprise{% endif %}. The availability of 2FA policies on {% data variables.product.product_name %} depends on how {% ifversion ghes %}users{% else %}members{% endif %} authenticate to access your {% ifversion ghes %}instance{% elsif ghec %}enterprise's resources{% endif %}. + +{% ifversion ghes %} +- If you sign into {% data variables.product.product_location %} through an external IdP using CAS or SAML SSO, you +{% elsif ghec %} +If your enterprise uses {% data variables.product.prodname_emus %} or SAML authentication is enforced for your enterprise, you +{%- endif %} cannot configure 2FA on {% data variables.product.product_name %}. Someone with administrative access to your IdP must configure 2FA for the IdP. + +{% ifversion ghes %} + +- If you sign into {% data variables.product.product_location %} through an external LDAP directory, you can require 2FA for your enterprise on {% data variables.product.product_name %}. If you allow built-in authentication for users outside of your directory, individual users can enable 2FA, but you cannot require 2FA for your enterprise. + +{% endif %} + +For more information, see {% ifversion ghec %}"[About identity and access management for your enterprise](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-identity-and-access-management-for-your-enterprise)" and {% endif %}"[Enforcing policies for security settings in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#requiring-two-factor-authentication-for-organizations-in-your-enterprise)." + +{% endif %} + +### Configure your personal account + +{% ifversion ghec or ghes %} +{% note %} + +**Note**: Depending on the authentication method that {% ifversion ghec %}an enterprise owner{% elsif ghes %}a site administrator{% endif %} has configured for {% ifversion ghec %}your enterprise on {% endif %}{% data variables.product.product_location %}, you may not be able to enable 2FA for your personal account. + +{% endnote %} +{% endif %} + +{% data variables.product.product_name %} supports several options for 2FA, and while any of them is better than nothing, the most secure option is WebAuthn. WebAuthn requires either a hardware security key or a device that supports it through things like Windows Hello or Mac TouchID. It's possible, although difficult, to phish other forms of 2FA (for example, someone asking you to read them your 6 digit one-time password). However WebAuthn isn't phishable, because domain scoping is built into the protocol, which prevents credentials from a website impersonating a login page from being used on {% data variables.product.product_name %}. + +When you set up 2FA, you should always download the recovery codes and set up more than one factor. This ensures that access to your account doesn't depend on a single device. For more information, see "[Configuring two-factor authentication](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication)," "[Configuring two-factor authentication recovery methods](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication-recovery-methods)," and [GitHub Branded hardware security keys](https://thegithubshop.com/products/github-branded-yubikey) in the GitHub shop. + +### Configure your organization account + +{% ifversion ghec or ghes %} +{% note %} + +**Note**: Depending on the authentication method that {% ifversion ghec %}an enterprise owner{% elsif ghes %}a site administrator{% endif %} has configured for {% ifversion ghec %}your enterprise on {% endif %}{% data variables.product.product_location %}, you may not be able to require 2FA for your organization. + +{% endnote %} +{% endif %} + +If you're an organization owner, you can see which users don't have 2FA enabled, help them get set up, and then require 2FA for your organization. To guide you through that process, see: + +1. "[Viewing whether users in your organization have 2FA enabled](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled)" +2. "[Preparing to require two-factor authentication in your organization](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/preparing-to-require-two-factor-authentication-in-your-organization)" +3. "[Requiring two-factor authentication in your organization](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization)" + +{% endif %} + +## Connect to {% data variables.product.product_name %} using SSH keys + +There are other ways to interact with {% data variables.product.product_name %} beyond signing into the website. Many people authorize the code they push to {% data variables.product.prodname_dotcom %} with an SSH private key. For more information, see "[About SSH](/authentication/connecting-to-github-with-ssh/about-ssh)." + +Just like your account password, if an attacker were able to get your SSH private key, they could impersonate you and push malicious code to any repository you have write access for. If you store your SSH private key on a disk drive, it's a good idea to protect it with a passphrase. For more information, see "[Working with SSH key passphrases](/authentication/connecting-to-github-with-ssh/working-with-ssh-key-passphrases)." + +Another option is to generate SSH keys on a hardware security key. You could use the same key you're using for 2FA. Hardware security keys are very difficult to compromise remotely, because the private SSH key remains on the hardware, and is not directly accessible from software. For more information, see "[Generating a new SSH key for a hardware security key](/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent#generating-a-new-ssh-key-for-a-hardware-security-key)." + +{% ifversion ghec or ghes or ghae %} +Hardware-backed SSH keys are quite secure, but the hardware requirement might not work for some organizations. An alternative approach is to use SSH keys that are only valid for a short period of time, so even if the private key is compromised it can't be exploited for very long. This is the concept behind running your own SSH certificate authority. While this approach gives you a lot of control over how users authenticate, it also comes with the responsibility of maintaining an SSH certificate authority yourself. For more information, see "[About SSH certificate authorities](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities)." +{% endif %} + +## Pasos siguientes + +- "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)" + +- "[Best practices for securing code in your supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)" + +- "[Best practices for securing your build system](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)" diff --git a/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md b/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md new file mode 100644 index 0000000000..1b0b3d5891 --- /dev/null +++ b/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md @@ -0,0 +1,62 @@ +--- +title: Best practices for securing your build system +shortTitle: Securing builds +allowTitleToDifferFromFilename: true +intro: Guidance on how to protect the end of your supply chain—the systems you use to build and distribute artifacts. +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Fundamentals + - Security + - CI + - CD +--- + +## About this guide + +This guide describes the highest impact changes you can make to improve the security of your build systems. Each section outlines a change you can make to your processes to improve security. The highest impact changes are listed first. + +## What's the risk? + +Some attacks on software supply chains target the build system directly. If an attacker can modify the build process, they can exploit your system without the effort of compromising personal accounts or code. It's important to make sure that you don't forget to protect the build system as well as personal accounts and code. + +## Secure your build system + +There are several security capabilities a build system should have: + +1. The build steps should be clear and repeatable. + +2. You should know exactly what was running during the build process. + +3. Each build should start in a fresh environment, so a compromised build doesn't persist to affect future builds. + +{% data variables.product.prodname_actions %} can help you meet these capabilities. Build instructions are stored in your repository, alongside your code. You choose what environment your build runs on, including Windows, Mac, Linux, or runners you host yourself. Each build starts with a fresh virtual environment, making it difficult for an attack to persist in your build environment. + +In addition to the security benefits, {% data variables.product.prodname_actions %} lets you trigger builds manually, periodically, or on git events in your repository for frequent and fast builds. + +{% data variables.product.prodname_actions %} is a big topic, but a good place to get started is "[Understanding GitHub Actions](/actions/learn-github-actions/understanding-github-actions)," as well as "[Choosing GitHub-hosted runners](/actions/using-workflows/workflow-syntax-for-github-actions#choosing-github-hosted-runners)," and "[Triggering a workflow](/actions/using-workflows/triggering-a-workflow)." + +## Sign your builds + +After your build process is secure, you want to prevent someone from tampering with the end result of your build process. A great way to do this is to sign your builds. When distributing software publicly, this is often done with a public/private cryptographic key pair. You use the private key to sign the build, and you publish your public key so users of your software can verify the signature on the build before they use it. If the bytes of the build are modified, the signature will not verify. + +How exactly you sign your build will depend on what sort of code you're writing, and who your users are. Often it's difficult to know how to securely store the private key. One basic option here is to use {% data variables.product.prodname_actions %} encrypted secrets, although you'll need to be careful to limit who has access to those {% data variables.product.prodname_actions %} workflows. {% ifversion fpt or ghec %}If your private key is stored in another system accessible over the public internet (like Microsoft Azure, or HashiCorp Vault), a more advanced option is to authenticate with OpenID Connect, so you don't have to share secrets across systems.{% endif %} If your private key is only accessible from a private network, another option is to use self-hosted runners for {% data variables.product.prodname_actions %}. + +For more information, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)"{% ifversion fpt or ghec %}, "[About security hardening with OpenID Connect](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)",{% endif %} and "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners)." + +## Harden security for {% data variables.product.prodname_actions %} + +There are many further steps you can take to additionally secure {% data variables.product.prodname_actions %}. In particular, be careful when evaluating third-party workflows, and consider using `CODEOWNERS` to limit who can make changes to your workflows. + +For more information, see "[Security hardening for GitHub Actions](/actions/security-guides/security-hardening-for-github-actions);" particularly "[Using third-party actions](/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions)" and "[Using `CODEOWNERS` to monitor changes](/actions/security-guides/security-hardening-for-github-actions#using-codeowners-to-monitor-changes)." + +## Pasos siguientes + +- "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)" + +- "[Best practices for securing accounts](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)" + +- "[Best practices for securing code in your supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)" diff --git a/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md b/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md new file mode 100644 index 0000000000..ba683a586d --- /dev/null +++ b/translations/es-ES/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md @@ -0,0 +1,119 @@ +--- +title: Best practices for securing code in your supply chain +shortTitle: Securing code +allowTitleToDifferFromFilename: true +intro: Guidance on how to protect the center of your supply chain—the code you write and the code you depend on. +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Dependabot + - Security updates + - Vulnerabilities + - Advanced Security + - Secret scanning +--- + +## About this guide + +This guide describes the highest impact changes you can make to improve the security of your code. Each section outlines a change you can make to your processes to improve security. The highest impact changes are listed first. + +## What's the risk? + +Key risks in the development process include: + +- Using dependencies with security vulnerabilities that an attacker could exploit. +- Leaking authentication credentials or a token that an attacker could use to access your resources. +- Introducing a vulnerability to your own code that an attacker could exploit. + +These risks open your resources and projects to attack and those risks are passed directly on to anyone who uses a package that you create. The following sections explain how you can protect yourself and your users from these risks. + +## Create a vulnerability management program for dependencies + +You can secure the code you depend on by creating a vulnerability management program for dependencies. At a high level this should include processes to ensure that you: + +1. Create an inventory of your dependencies. + +2. Know when there is a security vulnerability in a dependency. + +3. Assess the impact of that vulnerability on your code and decide what action to take. + +### Automatic inventory generation + +As a first step, you want to make a complete inventory of your dependencies. The dependency graph for a repository shows you dependencies for supported ecosystems. If you check in your dependencies, or use other ecosystems, you will need to supplement this with data from 3rd party tools or by listing dependencies manually. Para obtener más información, consulta la sección "[Acerca de la gráfica de dependencias](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)". + +### Automatic detection of vulnerabilities in dependencies + +{% data variables.product.prodname_dependabot %} can help you by monitoring your dependencies and notifying you when they contain a known vulnerability. {% ifversion fpt or ghec or ghes > 3.2 %}You can even enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests that update the dependency to a secure version.{% endif %} For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} and "[About Dependabot security updates](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)"{% endif %}. + +### Assessment of exposure to risk from a vulnerable dependency + +When you discover you are using a vulnerable dependency, for example, a library or a framework, you must assess your project's level of exposure and determine what action to take. Vulnerabilities are usually reported with a severity score to show how severe their impact could be. The severity score is a useful guide but cannot tell you the full impact of the vulnerability on your code. + +To assess the impact of a vulnerability on your code, you also need to consider how you use the library and determine how much risk that actually poses to your system. Maybe the vulnerability is part of a feature that you don't use, and you can update the affected library and continue with your normal release cycle. Or maybe your code is badly exposed to risk, and you need to update the affected library and ship an updated build right away. This decision depends on how you're using the library in your system, and is a decision that only you have the knowledge to make. + +## Secure your communication tokens + +Code often needs to communicate with other systems over a network, and requires secrets (like a password, or an API key) to authenticate. Your system needs access to those secrets to run, but it's best practice to not include them in your source code. This is especially important for public repositories, but also for private repositories to which many people might have access. + +### Automatic detection of secrets committed to a repository + +{% note %} + +**Note:** {% data reusables.gated-features.secret-scanning-partner %} + +{% endnote %} + +{% data reusables.secret-scanning.enterprise-enable-secret-scanning %} + +{% ifversion fpt or ghec %} +{% data variables.product.prodname_dotcom %} partners with many providers to automatically detect when secrets are committed to or stored in your public repositories, and will notify the provider so they can take appropriate actions to ensure your account remains secure. For more information, see "[About {% data variables.product.prodname_secret_scanning %} for partner patterns](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-partner-patterns)." +{% endif %} + +{% ifversion fpt %} +{% data reusables.secret-scanning.fpt-GHAS-scans %} +{% elsif ghec %} +If your organization uses {% data variables.product.prodname_GH_advanced_security %}, you can enable {% data variables.product.prodname_secret_scanning_GHAS %} on any repository owned by the organization. You can also define custom patterns to detect additional secrets at the repository, organization, or enterprise level. For more information, see "[About {% data variables.product.prodname_secret_scanning_GHAS %}](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-advacned-security)." +{% else %} +You can configure {% data variables.product.prodname_secret_scanning %} to check for secrets issued by many service providers and to notify you when any are detected. You can also define custom patterns to detect additional secrets at the repository, organization, or enterprise level. For more information, see "[About secret scanning](/code-security/secret-scanning/about-secret-scanning)" and "[Secret scanning patterns](/code-security/secret-scanning/secret-scanning-patterns)." +{% endif %} + +{% ifversion fpt or ghec or ghes > 3.2 %} +### Secure storage of secrets you use in {% data variables.product.product_name %} +{% endif %} + +{% ifversion fpt or ghec %} +Besides your code, you probably need to use secrets in other places. For example, to allow {% data variables.product.prodname_actions %} workflows, {% data variables.product.prodname_dependabot %}, or your {% data variables.product.prodname_codespaces %} development environment to communicate with other systems. For more information on how to securely store and use secrets, see "[Encrypted secrets in Actions](/actions/security-guides/encrypted-secrets)," "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)," and "[Managing encrypted secrets for your codespaces](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)." +{% endif %} + +{% ifversion ghes > 3.2 %} +Besides your code, you probably need to use secrets in other places. For example, to allow {% data variables.product.prodname_actions %} workflows or {% data variables.product.prodname_dependabot %} to communicate with other systems. For more information on how to securely store and use secrets, see "[Encrypted secrets in Actions](/actions/security-guides/encrypted-secrets)", and "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)." +{% endif %} + +## Keep vulnerable coding patterns out of your repository + +{% note %} + +**Note:** {% data reusables.gated-features.code-scanning %} + +{% endnote %} + +{% data reusables.code-scanning.enterprise-enable-code-scanning %} + +### Create a pull request review process + +You can improve the quality and security of your code by ensuring that all pull requests are reviewed and tested before they are merged. {% data variables.product.prodname_dotcom %} has many features you can use to control the review and merge process. To get started, see "[About protected branches](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches)." + +### Scan your code for vulnerable patterns + +Insecure code patterns are often difficult for reviewers to spot unaided. In addition to scanning your code for secrets, you can check it for patterns that are associated with security vulnerabilities. For example, a function that isn't memory-safe, or failing to escaping user input that could lead to an injection vulnerability. {% data variables.product.prodname_dotcom %} offers several different ways to approach both how and when you scan your code. To get started, see "[About code scanning](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning)." + +## Pasos siguientes + +- "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)" + +- "[Best practices for securing accounts](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)" + +- "[Best practices for securing your build system](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)" diff --git a/translations/es-ES/content/code-security/supply-chain-security/index.md b/translations/es-ES/content/code-security/supply-chain-security/index.md index c43a6c4620..25c7cbfb69 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/index.md +++ b/translations/es-ES/content/code-security/supply-chain-security/index.md @@ -16,7 +16,6 @@ topics: - Repositories children: - /understanding-your-software-supply-chain - - /keeping-your-dependencies-updated-automatically - - /managing-vulnerabilities-in-your-projects-dependencies + - /end-to-end-supply-chain --- diff --git a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md b/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md deleted file mode 100644 index 0a2e98654a..0000000000 --- a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md +++ /dev/null @@ -1,68 +0,0 @@ ---- -title: About Dependabot version updates -intro: 'You can use {% data variables.product.prodname_dependabot %} to keep the packages you use updated to the latest versions.' -redirect_from: - - /github/administering-a-repository/about-dependabot - - /github/administering-a-repository/about-github-dependabot - - /github/administering-a-repository/about-github-dependabot-version-updates - - /github/administering-a-repository/about-dependabot-version-updates - - /code-security/supply-chain-security/about-dependabot-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/upgrading-from-dependabotcom-to-github-native-dependabot -versions: - fpt: '*' - ghec: '*' - ghes: '> 3.2' -type: overview -topics: - - Dependabot - - Version updates - - Repositories - - Dependencies - - Pull requests -shortTitle: Dependabot version updates ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} -{% data reusables.dependabot.enterprise-enable-dependabot %} - -## About {% data variables.product.prodname_dependabot_version_updates %} - -{% data variables.product.prodname_dependabot %} takes the effort out of maintaining your dependencies. You can use it to ensure that your repository automatically keeps up with the latest releases of the packages and applications it depends on. - -You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. Vendored (or cached) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary. - -When {% data variables.product.prodname_dependabot %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. For vendored dependencies, {% data variables.product.prodname_dependabot %} raises a pull request to replace the outdated dependency with the new version directly. You check that your tests pass, review the changelog and release notes included in the pull request summary, and then merge it. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." - -If you enable _security updates_, {% data variables.product.prodname_dependabot %} also raises pull requests to update vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." - -{% data reusables.dependabot.pull-request-security-vs-version-updates %} - -{% data reusables.dependabot.dependabot-tos %} - -## Frequency of {% data variables.product.prodname_dependabot %} pull requests - -You specify how often to check each ecosystem for new versions in the configuration file: daily, weekly, or monthly. - -{% data reusables.dependabot.initial-updates %} - -If you've enabled security updates, you'll sometimes see extra pull requests for security updates. These are triggered by a {% data variables.product.prodname_dependabot %} alert for a dependency on your default branch. {% data variables.product.prodname_dependabot %} automatically raises a pull request to update the vulnerable dependency. - -## Supported repositories and ecosystems - - -You can configure version updates for repositories that contain a dependency manifest or lock file for one of the supported package managers. For some package managers, you can also configure vendoring for dependencies. For more information, see "[Configuration options for dependency updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#vendor)." -{% note %} - -{% data reusables.dependabot.private-dependencies-note %} - -{% data variables.product.prodname_dependabot %} doesn't support private {% data variables.product.prodname_dotcom %} dependencies for all package managers. See the details in the table below. - -{% endnote %} - -{% data reusables.dependabot.supported-package-managers %} - -If your repository already uses an integration for dependency management, you will need to disable this before enabling {% data variables.product.prodname_dependabot %}. {% ifversion fpt or ghec %}For more information, see "[About integrations](/github/customizing-your-github-workflow/about-integrations)."{% endif %} - -## About notifications for {% data variables.product.prodname_dependabot %} version updates - -You can filter your notifications on {% data variables.product.company_short %} to show notifications for pull requests created by {% data variables.product.prodname_dependabot %}. For more information, see "[Managing notifications from your inbox](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox)." diff --git a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md b/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md deleted file mode 100644 index e01e8e1116..0000000000 --- a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md +++ /dev/null @@ -1,29 +0,0 @@ ---- -title: Keeping your dependencies updated automatically -intro: '{% data variables.product.prodname_dependabot %} can maintain your repository''s dependencies automatically.' -redirect_from: - - /github/administering-a-repository/keeping-your-dependencies-updated-automatically -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -topics: - - Repositories - - Dependabot - - Version updates - - Dependencies - - Pull requests -children: - - /about-dependabot-version-updates - - /enabling-and-disabling-dependabot-version-updates - - /listing-dependencies-configured-for-version-updates - - /managing-pull-requests-for-dependency-updates - - /automating-dependabot-with-github-actions - - /managing-encrypted-secrets-for-dependabot - - /customizing-dependency-updates - - /configuration-options-for-dependency-updates - - /keeping-your-actions-up-to-date-with-dependabot -shortTitle: Auto-update dependencies ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} diff --git a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md b/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md deleted file mode 100644 index 7261cc6b3b..0000000000 --- a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md +++ /dev/null @@ -1,64 +0,0 @@ ---- -title: Keeping your actions up to date with Dependabot -intro: 'You can use {% data variables.product.prodname_dependabot %} to keep the actions you use updated to the latest versions.' -redirect_from: - - /github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot - - /github/administering-a-repository/keeping-your-actions-up-to-date-with-dependabot - - /code-security/supply-chain-security/keeping-your-actions-up-to-date-with-dependabot -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -type: how_to -topics: - - Repositories - - Dependabot - - Version updates - - Actions -shortTitle: Auto-update actions ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} - -{% data reusables.dependabot.enterprise-enable-dependabot %} - -## About {% data variables.product.prodname_dependabot_version_updates %} for actions - -Actions are often updated with bug fixes and new features to make automated processes more reliable, faster, and safer. When you enable {% data variables.product.prodname_dependabot_version_updates %} for {% data variables.product.prodname_actions %}, {% data variables.product.prodname_dependabot %} will help ensure that references to actions in a repository's *workflow.yml* file are kept up to date. For each action in the file, {% data variables.product.prodname_dependabot %} checks the action's reference (typically a version number or commit identifier associated with the action) against the latest version. If a more recent version of the action is available, {% data variables.product.prodname_dependabot %} will send you a pull request that updates the reference in the workflow file to the latest version. For more information about {% data variables.product.prodname_dependabot_version_updates %}, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/github/administering-a-repository/about-dependabot-version-updates)." For more information about configuring workflows for {% data variables.product.prodname_actions %}, see "[Learn {% data variables.product.prodname_actions %}](/actions/learn-github-actions)." - -{% data reusables.actions.workflow-runs-dependabot-note %} - -## Enabling {% data variables.product.prodname_dependabot_version_updates %} for actions - -{% data reusables.dependabot.create-dependabot-yml %} If you have already enabled {% data variables.product.prodname_dependabot_version_updates %} for other ecosystems or package managers, simply open the existing *dependabot.yml* file. -1. Specify `"github-actions"` as a `package-ecosystem` to monitor. -1. Set the `directory` to `"/"` to check for workflow files in `.github/workflows`. -1. Set a `schedule.interval` to specify how often to check for new versions. -{% data reusables.dependabot.check-in-dependabot-yml %} If you have edited an existing file, save your changes. - -You can also enable {% data variables.product.prodname_dependabot_version_updates %} on forks. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-version-updates-on-forks)." - -### Example *dependabot.yml* file for {% data variables.product.prodname_actions %} - -The example *dependabot.yml* file below configures version updates for {% data variables.product.prodname_actions %}. The `directory` must be set to `"/"` to check for workflow files in `.github/workflows`. The `schedule.interval` is set to `"daily"`. After this file has been checked in or updated, {% data variables.product.prodname_dependabot %} checks for new versions of your actions. {% data variables.product.prodname_dependabot %} will raise pull requests for version updates for any outdated actions that it finds. After the initial version updates, {% data variables.product.prodname_dependabot %} will continue to check for outdated versions of actions once a day. - -```yaml -# Set update schedule for GitHub Actions - -version: 2 -updates: - - - package-ecosystem: "github-actions" - directory: "/" - schedule: - # Check for updates to GitHub Actions every weekday - interval: "daily" -``` - -## Configuring {% data variables.product.prodname_dependabot_version_updates %} for actions - -When enabling {% data variables.product.prodname_dependabot_version_updates %} for actions, you must specify values for `package-ecosystem`, `directory`, and `schedule.interval`. There are many more optional properties that you can set to further customize your version updates. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates)." - -## Further reading - -- "[About GitHub Actions](/actions/getting-started-with-github-actions/about-github-actions)" diff --git a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md b/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md deleted file mode 100644 index 99176596b7..0000000000 --- a/translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md +++ /dev/null @@ -1,65 +0,0 @@ ---- -title: Managing pull requests for dependency updates -intro: 'You manage pull requests raised by {% data variables.product.prodname_dependabot %} in much the same way as other pull requests, but there are some extra options.' -redirect_from: - - /github/administering-a-repository/managing-pull-requests-for-dependency-updates - - /code-security/supply-chain-security/managing-pull-requests-for-dependency-updates -versions: - fpt: '*' - ghec: '*' - ghes: '> 3.2' -type: how_to -topics: - - Repositories - - Version updates - - Security updates - - Pull requests - - Dependencies - - Vulnerabilities -shortTitle: Manage Dependabot PRs ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} -{% data reusables.dependabot.enterprise-enable-dependabot %} - -## About {% data variables.product.prodname_dependabot %} pull requests - -{% data reusables.dependabot.pull-request-introduction %} - -When {% data variables.product.prodname_dependabot %} raises a pull request, you're notified by your chosen method for the repository. Each pull request contains detailed information about the proposed change, taken from the package manager. These pull requests follow the normal checks and tests defined in your repository. -{% ifversion fpt or ghec %}In addition, where enough information is available, you'll see a compatibility score. This may also help you decide whether or not to merge the change. For information about this score, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."{% endif %} - -If you have many dependencies to manage, you may want to customize the configuration for each package manager so that pull requests have specific reviewers, assignees, and labels. For more information, see "[Customizing dependency updates](/github/administering-a-repository/customizing-dependency-updates)." - -## Viewing {% data variables.product.prodname_dependabot %} pull requests - -{% data reusables.repositories.navigate-to-repo %} -{% data reusables.repositories.sidebar-pr %} -1. Any pull requests for security or version updates are easy to identify. - - The author is {% ifversion fpt or ghec %}[dependabot](https://github.com/dependabot){% else %}dependabot{% endif %}, the bot account used by {% data variables.product.prodname_dependabot %}. - - By default, they have the `dependencies` label. - -## Changing the rebase strategy for {% data variables.product.prodname_dependabot %} pull requests - -By default, {% data variables.product.prodname_dependabot %} automatically rebases pull requests to resolve any conflicts. If you'd prefer to handle merge conflicts manually, you can disable this using the `rebase-strategy` option. For details, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#rebase-strategy)." - -## Managing {% data variables.product.prodname_dependabot %} pull requests with comment commands - -{% data variables.product.prodname_dependabot %} responds to simple commands in comments. Each pull request contains details of the commands you can use to process the pull request (for example: to merge, squash, reopen, close, or rebase the pull request) under the "{% data variables.product.prodname_dependabot %} commands and options" section. The aim is to make it as easy as possible for you to triage these automatically generated pull requests. - -You can use any of the following commands on a {% data variables.product.prodname_dependabot %} pull request. - -- `@dependabot cancel merge` cancels a previously requested merge. -- `@dependabot close` closes the pull request and prevents {% data variables.product.prodname_dependabot %} from recreating that pull request. You can achieve the same result by closing the pull request manually. -- `@dependabot ignore this dependency` closes the pull request and prevents {% data variables.product.prodname_dependabot %} from creating any more pull requests for this dependency (unless you reopen the pull request or upgrade to the suggested version of the dependency yourself). -- `@dependabot ignore this major version` closes the pull request and prevents {% data variables.product.prodname_dependabot %} from creating any more pull requests for this major version (unless you reopen the pull request or upgrade to this major version yourself). -- `@dependabot ignore this minor version` closes the pull request and prevents {% data variables.product.prodname_dependabot %} from creating any more pull requests for this minor version (unless you reopen the pull request or upgrade to this minor version yourself). -- `@dependabot merge` merges the pull request once your CI tests have passed. -- `@dependabot rebase` rebases the pull request. -- `@dependabot recreate` recreates the pull request, overwriting any edits that have been made to the pull request. -- `@dependabot reopen` reopens the pull request if the pull request is closed. -- `@dependabot squash and merge` squashes and merges the pull request once your CI tests have passed. - -{% data variables.product.prodname_dependabot %} will react with a "thumbs up" emoji to acknowledge the command, and may respond with a comment on the pull request. While {% data variables.product.prodname_dependabot %} usually responds quickly, some commands may take several minutes to complete if {% data variables.product.prodname_dependabot %} is busy processing other updates or commands. - -If you run any of the commands for ignoring dependencies or versions, {% data variables.product.prodname_dependabot %} stores the preferences for the repository centrally. While this is a quick solution, for repositories with more than one contributor it is better to explicitly define the dependencies and versions to ignore in the configuration file. This makes it easy for all contributors to see why a particular dependency isn't being updated automatically. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)." diff --git a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md b/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md deleted file mode 100644 index ee0c826d03..0000000000 --- a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md +++ /dev/null @@ -1,46 +0,0 @@ ---- -title: About managing vulnerable dependencies -intro: '{% data variables.product.product_name %} helps you to avoid using third-party software that contains known vulnerabilities.' -redirect_from: - - /github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies - - /code-security/supply-chain-security/about-managing-vulnerable-dependencies -versions: - fpt: '*' - ghes: '>=3.2' - ghae: issue-4864 - ghec: '*' -type: overview -topics: - - Dependabot - - Dependency graph - - Dependency review - - Vulnerabilities - - Repositories - - Dependencies - - Pull requests -shortTitle: Vulnerable dependencies ---- - - -{% data variables.product.product_name %} provides the following tools for removing and avoiding vulnerable dependencies. - -## Dependency graph -The dependency graph is a summary of the manifest and lock files stored in a repository. It shows you the ecosystems and packages your codebase depends on (its dependencies) and the repositories and packages that depend on your project (its dependents). The information in the dependency graph is used by dependency review and {% data variables.product.prodname_dependabot %}. -For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)." - -## Dependency review - -{% data reusables.dependency-review.beta %} - -By checking the dependency reviews on pull requests you can avoid introducing vulnerabilities from dependencies into your codebase. If the pull requests adds a vulnerable dependency, or changes a dependency to a vulnerable version, this is highlighted in the dependency review. You can change the dependency to a patched version before merging the pull request. For more information, see "[About dependency review](/code-security/supply-chain-security/about-dependency-review)." - -## {% data variables.product.prodname_dependabot_alerts %} -{% data variables.product.product_name %} can create {% data variables.product.prodname_dependabot_alerts %} when it detects vulnerable dependencies in your repository. The alert is displayed on the Security tab for the repository. The alert includes a link to the affected file in the project, and information about a fixed version. {% data variables.product.product_name %} also notifies the maintainers of the repository, according to their notification preferences. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." - -{% ifversion fpt or ghec or ghes > 3.2 %} -## {% data variables.product.prodname_dependabot_security_updates %} -When {% data variables.product.product_name %} generates a {% data variables.product.prodname_dependabot %} alert for a vulnerable dependency in your repository, {% data variables.product.prodname_dependabot %} can automatically try to fix it for you. {% data variables.product.prodname_dependabot_security_updates %} are automatically generated pull requests that update a vulnerable dependency to a fixed version. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." - -## {% data variables.product.prodname_dependabot_version_updates %} -Enabling {% data variables.product.prodname_dependabot_version_updates %} takes the effort out of maintaining your dependencies. With {% data variables.product.prodname_dependabot_version_updates %}, whenever {% data variables.product.prodname_dotcom %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. By contrast, {% data variables.product.prodname_dependabot_security_updates %} only raises pull requests to fix vulnerable dependencies. For more information, see "[About Dependabot version updates](/github/administering-a-repository/about-dependabot-version-updates)." -{% endif %} diff --git a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md b/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md deleted file mode 100644 index 69351ec479..0000000000 --- a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md +++ /dev/null @@ -1,36 +0,0 @@ ---- -title: Administrar vulnerabilidades en las dependencias de tus proyectos -intro: 'Puedes rastrear las dependencias de tu repositorio y recibir {% data variables.product.prodname_dependabot_alerts %} cuando {% data variables.product.product_name %} detecte dependencias vulnerables.' -redirect_from: - - /articles/updating-your-project-s-dependencies - - /articles/updating-your-projects-dependencies - - /articles/managing-security-vulnerabilities-in-your-projects-dependencies - - /articles/managing-vulnerabilities-in-your-projects-dependencies - - /github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies -versions: - fpt: '*' - ghes: '*' - ghae: issue-4864 - ghec: '*' -topics: - - Repositories - - Dependabot - - Version updates - - Dependencies - - Pull requests - - Vulnerabilities - - Alerts -children: - - /about-managing-vulnerable-dependencies - - /browsing-security-vulnerabilities-in-the-github-advisory-database - - /editing-security-advisories-in-the-github-advisory-database - - /about-alerts-for-vulnerable-dependencies - - /configuring-notifications-for-vulnerable-dependencies - - /about-dependabot-security-updates - - /configuring-dependabot-security-updates - - /viewing-and-updating-vulnerable-dependencies-in-your-repository - - /troubleshooting-the-detection-of-vulnerable-dependencies - - /troubleshooting-dependabot-errors -shortTitle: Arreglar dependencias vulnerables ---- - diff --git a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md b/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md deleted file mode 100644 index f0e5dc57aa..0000000000 --- a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md +++ /dev/null @@ -1,127 +0,0 @@ ---- -title: Troubleshooting Dependabot errors -intro: 'Sometimes {% data variables.product.prodname_dependabot %} is unable to raise a pull request to update your dependencies. You can review the error and unblock {% data variables.product.prodname_dependabot %}.' -shortTitle: Troubleshoot errors -redirect_from: - - /github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors - - /github/managing-security-vulnerabilities/troubleshooting-dependabot-errors - - /code-security/supply-chain-security/troubleshooting-dependabot-errors -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -type: how_to -topics: - - Dependabot - - Security updates - - Version updates - - Repositories - - Pull requests - - Troubleshooting - - Errors - - Dependencies ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} - -{% data reusables.dependabot.enterprise-enable-dependabot %} - -## About {% data variables.product.prodname_dependabot %} errors - -{% data reusables.dependabot.pull-request-introduction %} - -If anything prevents {% data variables.product.prodname_dependabot %} from raising a pull request, this is reported as an error. - -## Investigating errors with {% data variables.product.prodname_dependabot_security_updates %} - -When {% data variables.product.prodname_dependabot %} is blocked from creating a pull request to fix a {% data variables.product.prodname_dependabot %} alert, it posts the error message on the alert. The {% data variables.product.prodname_dependabot_alerts %} view shows a list of any alerts that have not been resolved yet. To access the alerts view, click **{% data variables.product.prodname_dependabot_alerts %}** on the **Security** tab for the repository. Where a pull request that will fix the vulnerable dependency has been generated, the alert includes a link to that pull request. - -![{% data variables.product.prodname_dependabot_alerts %} view showing a pull request link](/assets/images/help/dependabot/dependabot-alert-pr-link.png) - -There are three reasons why an alert may have no pull request link: - -1. {% data variables.product.prodname_dependabot_security_updates %} are not enabled for the repository. -1. The alert is for an indirect or transitive dependency that is not explicitly defined in a lock file. -1. An error blocked {% data variables.product.prodname_dependabot %} from creating a pull request. - -If an error blocked {% data variables.product.prodname_dependabot %} from creating a pull request, you can display details of the error by clicking the alert. - -## Investigating errors with {% data variables.product.prodname_dependabot_version_updates %} - -When {% data variables.product.prodname_dependabot %} is blocked from creating a pull request to update a dependency in an ecosystem, it posts the error icon on the manifest file. The manifest files that are managed by {% data variables.product.prodname_dependabot %} are listed on the {% data variables.product.prodname_dependabot %} tab. To access this tab, on the **Insights** tab for the repository click **Dependency graph**, and then click the **{% data variables.product.prodname_dependabot %}** tab. - -![{% data variables.product.prodname_dependabot %} view showing an error](/assets/images/help/dependabot/dependabot-tab-view-error.png) - -{% ifversion fpt or ghec %} - -To see the log file for any manifest file, click the **Last checked TIME ago** link. When you display the log file for a manifest that's shown with an error symbol (for example, Maven in the screenshot above), any errors are also displayed. - -![{% data variables.product.prodname_dependabot %} version update error and log ](/assets/images/help/dependabot/dependabot-version-update-error.png) - -{% else %} - -To see the logs for any manifest file, click the **Last checked TIME ago** link, and then click **View logs**. - -![{% data variables.product.prodname_dependabot %} version update error and log ](/assets/images/enterprise/3.3/dependabot/dependabot-version-update-error.png) - -{% endif %} - -## Understanding {% data variables.product.prodname_dependabot %} errors - -Pull requests for security updates act to upgrade a vulnerable dependency to the minimum version that includes a fix for the vulnerability. In contrast, pull requests for version updates act to upgrade a dependency to the latest version allowed by the package manifest and {% data variables.product.prodname_dependabot %} configuration files. Consequently, some errors are specific to one type of update. - -### {% data variables.product.prodname_dependabot %} cannot update DEPENDENCY to a non-vulnerable version - -**Security updates only.** {% data variables.product.prodname_dependabot %} cannot create a pull request to update the vulnerable dependency to a secure version without breaking other dependencies in the dependency graph for this repository. - -Every application that has dependencies has a dependency graph, that is, a directed acyclic graph of every package version that the application directly or indirectly depends on. Every time a dependency is updated, this graph must resolve otherwise the application won't build. When an ecosystem has a deep and complex dependency graph, for example, npm and RubyGems, it is often impossible to upgrade a single dependency without upgrading the whole ecosystem. - -The best way to avoid this problem is to stay up to date with the most recently released versions, for example, by enabling version updates. This increases the likelihood that a vulnerability in one dependency can be resolved by a simple upgrade that doesn't break the dependency graph. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." - -### {% data variables.product.prodname_dependabot %} cannot update to the required version as there is already an open pull request for the latest version - -**Security updates only.** {% data variables.product.prodname_dependabot %} will not create a pull request to update the vulnerable dependency to a secure version because there is already an open pull request to update this dependency. You will see this error when a vulnerability is detected in a single dependency and there's already an open pull request to update the dependency to the latest version. - -There are two options: you can review the open pull request and merge it as soon as you are confident that the change is safe, or close that pull request and trigger a new security update pull request. For more information, see "[Triggering a {% data variables.product.prodname_dependabot %} pull request manually](#triggering-a-dependabot-pull-request-manually)." - -### {% data variables.product.prodname_dependabot %} timed out during its update - -{% data variables.product.prodname_dependabot %} took longer than the maximum time allowed to assess the update required and prepare a pull request. This error is usually seen only for large repositories with many manifest files, for example, npm or yarn monorepo projects with hundreds of *package.json* files. Updates to the Composer ecosystem also take longer to assess and may time out. - -This error is difficult to address. If a version update times out, you could specify the most important dependencies to update using the `allow` parameter or, alternatively, use the `ignore` parameter to exclude some dependencies from updates. Updating your configuration might allow {% data variables.product.prodname_dependabot %} to review the version update and generate the pull request in the time available. - -If a security update times out, you can reduce the chances of this happening by keeping the dependencies updated, for example, by enabling version updates. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." - -### {% data variables.product.prodname_dependabot %} cannot open any more pull requests - -There's a limit on the number of open pull requests {% data variables.product.prodname_dependabot %} will generate. When this limit is reached, no new pull requests are opened and this error is reported. The best way to resolve this error is to review and merge some of the open pull requests. - -There are separate limits for security and version update pull requests, so that open version update pull requests cannot block the creation of a security update pull request. The limit for security update pull requests is 10. By default, the limit for version updates is 5 but you can change this using the `open-pull-requests-limit` parameter in the configuration file. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit)." - -The best way to resolve this error is to merge or close some of the existing pull requests and trigger a new pull request manually. For more information, see "[Triggering a {% data variables.product.prodname_dependabot %} pull request manually](#triggering-a-dependabot-pull-request-manually)." - -### {% data variables.product.prodname_dependabot %} can't resolve or access your dependencies - -If {% data variables.product.prodname_dependabot %} attempts to check whether dependency references need to be updated in a repository, but can't access one or more of the referenced files, the operation will fail with the error message "{% data variables.product.prodname_dependabot %} can't resolve your LANGUAGE dependency files." The API error type is `git_dependencies_not_reachable`. - -Similarly, if {% data variables.product.prodname_dependabot %} can't access a private package registry in which a dependency is located, one of the following errors is generated: - -* "Dependabot can't reach a dependency in a private package registry"
- (API error type: `private_source_not_reachable`) -* "Dependabot can't authenticate to a private package registry"
- (API error type:`private_source_authentication_failure`) -* "Dependabot timed out while waiting for a private package registry"
- (API error type:`private_source_timed_out`) -* "Dependabot couldn't validate the certificate for a private package registry"
- (API error type:`private_source_certificate_failure`) - -To allow {% data variables.product.prodname_dependabot %} to update the dependency references successfully, make sure that all of the referenced dependencies are hosted at accessible locations. - -**Version updates only.** {% data reusables.dependabot.private-dependencies-note %} Additionally, {% data variables.product.prodname_dependabot %} doesn't support private {% data variables.product.prodname_dotcom %} dependencies for all package managers. For more information, see "[About Dependabot version updates](/github/administering-a-repository/about-dependabot-version-updates#supported-repositories-and-ecosystems)." - -## Triggering a {% data variables.product.prodname_dependabot %} pull request manually - -If you unblock {% data variables.product.prodname_dependabot %}, you can manually trigger a fresh attempt to create a pull request. - -- **Security updates**—display the {% data variables.product.prodname_dependabot %} alert that shows the error you have fixed and click **Create {% data variables.product.prodname_dependabot %} security update**. -- **Version updates**—on the **Insights** tab for the repository click **Dependency graph**, and then click the **Dependabot** tab. Click **Last checked *TIME* ago** to see the log file that {% data variables.product.prodname_dependabot %} generated during the last check for version updates. Click **Check for updates**. diff --git a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md b/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md deleted file mode 100644 index ce51732a37..0000000000 --- a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md +++ /dev/null @@ -1,119 +0,0 @@ ---- -title: Viewing and updating vulnerable dependencies in your repository -intro: 'If {% data variables.product.product_name %} discovers vulnerable dependencies in your project, you can view them on the Dependabot alerts tab of your repository. Then, you can update your project to resolve or dismiss the vulnerability.' -redirect_from: - - /articles/viewing-and-updating-vulnerable-dependencies-in-your-repository - - /github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository - - /code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository -permissions: Repository administrators and organization owners can view and update dependencies. -shortTitle: View vulnerable dependencies -versions: - fpt: '*' - ghes: '*' - ghae: issue-4864 - ghec: '*' -type: how_to -topics: - - Dependabot - - Security updates - - Alerts - - Dependencies - - Pull requests - - Repositories ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} -{% data reusables.dependabot.enterprise-enable-dependabot %} - -Your repository's {% data variables.product.prodname_dependabot_alerts %} tab lists all open and closed {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt or ghec or ghes > 3.2 %} and corresponding {% data variables.product.prodname_dependabot_security_updates %}{% endif %}. You can{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} filter alerts by package, ecosystem, or manifest. You can also{% endif %} sort the list of alerts, and you can click into specific alerts for more details. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." - -{% ifversion fpt or ghec or ghes > 3.2 %} -You can enable automatic security updates for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." -{% endif %} - -{% data reusables.repositories.dependency-review %} - -{% ifversion fpt or ghec or ghes > 3.2 %} -## About updates for vulnerable dependencies in your repository - -{% data variables.product.product_name %} generates {% data variables.product.prodname_dependabot_alerts %} when we detect that your codebase is using dependencies with known vulnerabilities. For repositories where {% data variables.product.prodname_dependabot_security_updates %} are enabled, when {% data variables.product.product_name %} detects a vulnerable dependency in the default branch, {% data variables.product.prodname_dependabot %} creates a pull request to fix it. The pull request will upgrade the dependency to the minimum possible secure version needed to avoid the vulnerability. - -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %}You can sort and filter {% data variables.product.prodname_dependabot_alerts %} with the dropdown menus in the {% data variables.product.prodname_dependabot_alerts %} tab or by typing filters as `key:value` pairs into the search bar. The available filters are repository (for example, `repo:my-repository`), package (for example, `package:django`), ecosystem (for example, `ecosystem:npm`), manifest (for example, `manifest:webwolf/pom.xml`), state (for example, `is:open`), and whether an advisory has a patch (for example, `has: patch`). - -Each {% data variables.product.prodname_dependabot %} alert has a unique numeric identifier and the {% data variables.product.prodname_dependabot_alerts %} tab lists an alert for every detected vulnerability. Legacy {% data variables.product.prodname_dependabot_alerts %} grouped vulnerabilities by dependency and generated a single alert per dependency. If you navigate to a legacy {% data variables.product.prodname_dependabot %} alert, you will be redirected to a {% data variables.product.prodname_dependabot_alerts %} tab filtered for that package. {% endif %} -{% endif %} - -## Viewing and updating vulnerable dependencies - -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} -{% data reusables.repositories.navigate-to-repo %} -{% data reusables.repositories.sidebar-security %} -{% data reusables.repositories.sidebar-dependabot-alerts %} -1. Optionally, to filter alerts, select the **Repository**, **Package**, **Ecosystem**, or **Manifest** dropdown menu then click the filter that you would like to apply. You can also type filters into the search bar. For example, `ecosystem:npm` or `has:patch`. To sort alerts, select the **Sort** dropdown menu then click the option that you would like to sort by. - ![Screenshot of the filter and sort menus in the {% data variables.product.prodname_dependabot_alerts %} tab](/assets/images/help/graphs/dependabot-alerts-filters.png) -1. Click the alert that you would like to view. - ![Alert selected in list of alerts](/assets/images/help/graphs/click-alert-in-alerts-list-ungrouped.png) -1. Review the details of the vulnerability and, if available, the pull request containing the automated security update. -1. Optionally, if there isn't already a {% data variables.product.prodname_dependabot_security_updates %} update for the alert, to create a pull request to resolve the vulnerability, click **Create {% data variables.product.prodname_dependabot %} security update**. - ![Create {% data variables.product.prodname_dependabot %} security update button](/assets/images/help/repository/create-dependabot-security-update-button-ungrouped.png) -1. When you're ready to update your dependency and resolve the vulnerability, merge the pull request. Each pull request raised by {% data variables.product.prodname_dependabot %} includes information on commands you can use to control {% data variables.product.prodname_dependabot %}. For more information, see "[Managing pull requests for dependency updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)." -1. Optionally, if the alert is being fixed, if it's incorrect, or located in unused code, select the "Dismiss" dropdown, and click a reason for dismissing the alert.{% if reopen-dependabot-alerts %} Unfixed dismissed alerts can be reopened later.{% endif %} - ![Choosing reason for dismissing the alert via the "Dismiss" drop-down](/assets/images/help/repository/dependabot-alert-dismiss-drop-down-ungrouped.png) - -{% elsif ghes = 3.3 %} -{% data reusables.repositories.navigate-to-repo %} -{% data reusables.repositories.sidebar-security %} -{% data reusables.repositories.sidebar-dependabot-alerts %} -1. Click the alert you'd like to view. - ![Alert selected in list of alerts](/assets/images/help/graphs/click-alert-in-alerts-list.png) -1. Review the details of the vulnerability and, if available, the pull request containing the automated security update. -1. Optionally, if there isn't already a {% data variables.product.prodname_dependabot_security_updates %} update for the alert, to create a pull request to resolve the vulnerability, click **Create {% data variables.product.prodname_dependabot %} security update**. - ![Create {% data variables.product.prodname_dependabot %} security update button](/assets/images/help/repository/create-dependabot-security-update-button.png) -1. When you're ready to update your dependency and resolve the vulnerability, merge the pull request. Each pull request raised by {% data variables.product.prodname_dependabot %} includes information on commands you can use to control {% data variables.product.prodname_dependabot %}. For more information, see "[Managing pull requests for dependency updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)." -1. Optionally, if the alert is being fixed, if it's incorrect, or located in unused code, select the "Dismiss" drop-down, and click a reason for dismissing the alert. - ![Choosing reason for dismissing the alert via the "Dismiss" drop-down](/assets/images/help/repository/dependabot-alert-dismiss-drop-down.png) - -{% elsif ghes = 3.1 or ghes = 3.2 or ghae-issue-4864 %} -{% data reusables.repositories.navigate-to-repo %} -{% data reusables.repositories.sidebar-security %} -{% data reusables.repositories.sidebar-dependabot-alerts %} -1. Click the alert you'd like to view. - ![Alert selected in list of alerts](/assets/images/enterprise/graphs/click-alert-in-alerts-list.png) -1. Review the details of the vulnerability and determine whether or not you need to update the dependency. -1. When you merge a pull request that updates the manifest or lock file to a secure version of the dependency, this will resolve the alert. Alternatively, if you decide not to update the dependency, select the **Dismiss** drop-down, and click a reason for dismissing the alert. - ![Choosing reason for dismissing the alert via the "Dismiss" drop-down](/assets/images/enterprise/repository/dependabot-alert-dismiss-drop-down.png) - -{% else %} -{% data reusables.repositories.navigate-to-repo %} -{% data reusables.repositories.accessing-repository-graphs %} -{% data reusables.repositories.click-dependency-graph %} -1. Click the version number of the vulnerable dependency to display detailed information. - ![Detailed information on the vulnerable dependency](/assets/images/enterprise/3.0/dependabot-alert-info.png) -1. Review the details of the vulnerability and determine whether or not you need to update the dependency. When you merge a pull request that updates the manifest or lock file to a secure version of the dependency, this will resolve the alert. -1. The banner at the top of the **Dependencies** tab is displayed until all the vulnerable dependencies are resolved or you dismiss it. Click **Dismiss** in the top right corner of the banner and select a reason for dismissing the alert. - ![Dismiss security banner](/assets/images/enterprise/3.0/dependabot-alert-dismiss.png) -{% endif %} - -{% if reopen-dependabot-alerts %} - -## Viewing and updating closed alerts - -{% data reusables.repositories.navigate-to-repo %} -{% data reusables.repositories.sidebar-security %} -{% data reusables.repositories.sidebar-dependabot-alerts %} -1. To just view closed alerts, click **Closed**. - ![Screenshot showing the "Closed" option](/assets/images/help/repository/dependabot-alerts-closed.png) -1. Click the alert that you would like to view or update. - ![Screenshot showing a highlighted dependabot alert](/assets/images/help/repository/dependabot-alerts-select-closed-alert.png) -2. Optionally, if the alert was dismissed and you wish to reopen it, click **Reopen**. - ![Screenshot showing the "Reopen" button](/assets/images/help/repository/reopen-dismissed-alert.png) - -{% endif %} - -## Further reading - -- "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} -- "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)"{% endif %} -- "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" -- "[Troubleshooting the detection of vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} -- "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"{% endif %} diff --git a/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md b/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md index a6b5986909..fdc3d5e35b 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md +++ b/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md @@ -41,7 +41,7 @@ Sometimes you might just want to update the version of one dependency in a manif By checking the dependency reviews in a pull request, and changing any dependencies that are flagged as vulnerable, you can avoid vulnerabilities being added to your project. For more information about how dependency review works, see "[Reviewing dependency changes in a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)." -{% data variables.product.prodname_dependabot_alerts %} will find vulnerabilities that are already in your dependencies, but it's much better to avoid introducing potential problems than to fix problems at a later date. For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)." +{% data variables.product.prodname_dependabot_alerts %} will find vulnerabilities that are already in your dependencies, but it's much better to avoid introducing potential problems than to fix problems at a later date. For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)." Dependency review supports the same languages and package management ecosystems as the dependency graph. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)." @@ -49,4 +49,4 @@ Dependency review supports the same languages and package management ecosystems ## Enabling dependency review The dependency review feature becomes available when you enable the dependency graph. {% ifversion ghec %}For more information, see "[Enabling the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#enabling-the-dependency-graph)."{% endif %}{% ifversion ghes or ghae %}For more information, see "[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)."{% endif %} -{% endif %} \ No newline at end of file +{% endif %} diff --git a/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md b/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md new file mode 100644 index 0000000000..a23eb06134 --- /dev/null +++ b/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md @@ -0,0 +1,154 @@ +--- +title: About supply chain security +intro: '{% data variables.product.product_name %} helps you secure your supply chain, from understanding the dependencies in your environment, to knowing about vulnerabilities in those dependencies{% ifversion fpt or ghec or ghes > 3.2 %}, and patching them{% endif %}.' +miniTocMaxHeadingLevel: 3 +shortTitle: Seguridad de la cadena de suministro +redirect_from: + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +type: overview +topics: + - Advanced Security + - Dependency review + - Dependency graph + - Vulnerabilities + - Dependencies + - Pull requests + - Repositories +--- + +## About supply chain security at GitHub + +With the accelerated use of open source, most projects depend on hundreds of open-source dependencies. This poses a security problem: what if the dependencies you're using are vulnerable? You could be putting your users at risk of a supply chain attack. One of the most important things you can do to protect your supply chain is to patch your vulnerabilities. + +You add dependencies directly to your supply chain when you specify them in a manifest file or a lockfile. Dependencies can also be included transitively, that is, even if you don’t specify a particular dependency, but a dependency of yours uses it, then you’re also dependent on that dependency. + +{% data variables.product.product_name %} offers a range of features to help you understand the dependencies in your environment{% ifversion ghes < 3.3 or ghae %} and know about vulnerabilities in those dependencies{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %}, know about vulnerabilities in those dependencies, and patch them{% endif %}. + +The supply chain features on {% data variables.product.product_name %} are: +- **Gráfica de dependencias** +{% ifversion fpt or ghec or ghes > 3.1 or ghae %}- **Dependency review**{% endif %} +- **{% data variables.product.prodname_dependabot_alerts %} ** +{% ifversion fpt or ghec or ghes > 3.2 %}- **{% data variables.product.prodname_dependabot_updates %}** + - **{% data variables.product.prodname_dependabot_security_updates %}** + - **{% data variables.product.prodname_dependabot_version_updates %}**{% endif %} + +The dependency graph is central to supply chain security. The dependency graph identifies all upstream dependencies and public downstream dependents of a repository or package. You can see your repository’s dependencies and some of their properties, like vulnerability information, on the dependency graph for the repository. + +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +Other supply chain features on {% data variables.product.prodname_dotcom %} rely on the information provided by the dependency graph. + +- Dependency review uses the dependency graph to identify dependency changes and help you understand the security impact of these changes when you review pull requests. +- {% data variables.product.prodname_dependabot %} cross-references dependency data provided by the dependency graph with the list of known vulnerabilities published in the {% data variables.product.prodname_advisory_database %}, scans your dependecies and generates {% data variables.product.prodname_dependabot_alerts %} when a potential vulnerability is detected. +{% ifversion fpt or ghec or ghes > 3.2 %}- {% data variables.product.prodname_dependabot_security_updates %} use the dependency graph and {% data variables.product.prodname_dependabot_alerts %} to help you update dependencies with known vulnerabilities in your repository. + +{% data variables.product.prodname_dependabot_version_updates %} don't use the dependency graph and rely on the semantic versioning of dependencies instead. {% data variables.product.prodname_dependabot_version_updates %} help you keep your dependencies updated, even when they don’t have any vulnerabilities. +{% endif %} +{% endif %} + +{% ifversion ghes < 3.2 %} +{% data variables.product.prodname_dependabot %} cross-references dependency data provided by the dependency graph with the list of known vulnerabilities published in the {% data variables.product.prodname_advisory_database %}, scans your dependencies and generates {% data variables.product.prodname_dependabot_alerts %} when a potential vulnerability is detected. + {% endif %} + +## Feature overview + +### What is the dependency graph + +To generate the dependency graph, {% data variables.product.company_short %} looks at a repository’s explicit dependencies declared in the manifest and lockfiles. When enabled, the dependency graph automatically parses all known package manifest files in the repository, and uses this to construct a graph with known dependency names and versions. + +- The dependency graph includes information on your _direct_ dependencies and _transitive_ dependencies. +- The dependency graph is automatically updated when you push a commit to {% data variables.product.company_short %} that changes or adds a supported manifest or lock file to the default branch, and when anyone pushes a change to the repository of one of your dependencies. +- You can see the dependency graph by opening the repository's main page on {% data variables.product.product_name %}, and navigating to the **Insights** tab. + +For more information about the dependency graph, see "[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)." + +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +### What is dependency review + +Dependency review helps reviewers and contributors understand dependency changes and their security impact in every pull request. + +- Dependency review tells you which dependencies were added, removed, or updated, in a pull request. You can use the release dates, popularity of dependencies, and vulnerability information to help you decide whether to accept the change. +- You can see the dependency review for a pull request by showing the rich diff on the **Files Changed** tab. + +For more information about dependency review, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)." + +{% endif %} + +### What is Dependabot + +{% data variables.product.prodname_dependabot %} keeps your dependencies up to date by informing you of any security vulnerabilities in your dependencies{% ifversion fpt or ghec or ghes > 3.2 or ghae %}, and automatically opens pull requests to upgrade your dependencies to the next available secure version when a {% data variables.product.prodname_dependabot %} alert is triggered, or to the latest version when a release is published{% else %} so that you can update that dependency{% endif %}. + +{% ifversion fpt or ghec or ghes > 3.2 %} +The term "{% data variables.product.prodname_dependabot %}" encompasses the following features: +- {% data variables.product.prodname_dependabot_alerts %}—Displayed notification on the **Security** tab for the repository, and in the repository's dependency graph. La alerta incluye un enlace al archivo afectado en el proyecto e información acerca de la versión arreglada. +- {% data variables.product.prodname_dependabot_updates %}: + - {% data variables.product.prodname_dependabot_security_updates %}—Triggered updates to upgrade your dependencies to a secure version when an alert is triggered. + - {% data variables.product.prodname_dependabot_version_updates %}—Scheduled updates to keep your dependencies up to date with the latest version. +{% endif %} + +#### What are Dependabot alerts + +{% data variables.product.prodname_dependabot_alerts %} highlight repositories affected by a newly discovered vulnerability based on the dependency graph and the {% data variables.product.prodname_advisory_database %}, which contains the versions on known vulnerability lists. + +- El {% data variables.product.prodname_dependabot %} lleva a cabo un escaneo para detectar las dependencias vulnerables y envía {% data variables.product.prodname_dependabot_alerts %} cuando: +{% ifversion fpt or ghec %} + - A new vulnerability is added to the {% data variables.product.prodname_advisory_database %}.{% else %} + - Se sincronizan los datos de las asesorías nuevas en {% data variables.product.product_location %} cada hora desde {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.security-advisory.link-browsing-advisory-db %}{% endif %} + - The dependency graph for the repository changes. +- {% data variables.product.prodname_dependabot_alerts %} are displayed {% ifversion fpt or ghec or ghes > 3.0 %} on the **Security** tab for the repository and{% endif %} in the repository's dependency graph. La alerta incluye {% ifversion fpt or ghec or ghes > 3.0 %}un enlace al archivo afectado en el proyecto e{% endif %}información sobre una versión corregida. + +For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)." + +{% ifversion fpt or ghec or ghes > 3.2 %} +#### What are Dependabot updates + +There are two types of {% data variables.product.prodname_dependabot_updates %}: {% data variables.product.prodname_dependabot %} _security_ updates and _version_ updates. {% data variables.product.prodname_dependabot %} generates automatic pull requests to update your dependencies in both cases, but there are several differences. + +{% data variables.product.prodname_dependabot_security_updates %}: + - Triggered by a {% data variables.product.prodname_dependabot %} alert + - Update dependencies to the minimum version that resolves a known vulnerability + - Supported for ecosystems the dependency graph supports + +{% data variables.product.prodname_dependabot_version_updates %}: + - Run on a schedule you configure + - Update dependencies to the latest version that matches the configuration + - Supported for a different group of ecosystems + +For more information about {% data variables.product.prodname_dependabot_updates %}, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)" and "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates)." +{% endif %} + +## Feature availability + +{% ifversion fpt or ghec %} + +Public repositories: +- **Dependency graph**—enabled by default and cannot be disabled. +- **Dependency review**—enabled by default and cannot be disabled. +- **{% data variables.product.prodname_dependabot_alerts %}**—not enabled by default. {% data variables.product.prodname_dotcom %} detects vulnerable dependencies and displays information in the dependency graph, but does not generate {% data variables.product.prodname_dependabot_alerts %} by default. Repository owners or people with admin access can enable {% data variables.product.prodname_dependabot_alerts %}. You can also enable or disable Dependabot alerts for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)." + +Private repositories: +- **Dependency graph**—not enabled by default. The feature can be enabled by repository administrators. Para obtener más información, consulta la sección "[Explorar las dependencias de un repositorio](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)". +{% ifversion fpt %} +- **Dependency review**—available in private repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. Para obtener más información, consulta la [documentación de {% data variables.product.prodname_ghe_cloud %}](/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review). +{% elsif ghec %} +- **Dependency review**—available in private repositories owned by organizations provided you have a license for {% data variables.product.prodname_GH_advanced_security %} and the dependency graph enabled. For more information, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)" and "[Exploring the dependencies of a repository](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." +{% endif %} +- **{% data variables.product.prodname_dependabot_alerts %}**—not enabled by default. Los propietarios de los repositorios privados o las personas con acceso administrativo puede habilitar las {% data variables.product.prodname_dependabot_alerts %} si habilitan la gráfica de dependencias y las {% data variables.product.prodname_dependabot_alerts %} para sus repositorios. You can also enable or disable Dependabot alerts for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)." + +Any repository type: +- **{% data variables.product.prodname_dependabot_security_updates %}**—not enabled by default. Puedes habilitar las {% data variables.product.prodname_dependabot_security_updates %} para cualquier repositorio que utilice {% data variables.product.prodname_dependabot_alerts %} y la gráfica de dependencias. Para obtener más información, consulta la sección "[Acerca de las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)". +- **{% data variables.product.prodname_dependabot_version_updates %}**—not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. Para obtener más información sobre habilitar las actualizaciones de seguridad, consulta la sección "[Configurar las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)". +{% endif %} + +{% ifversion ghes or ghae %} +- **Dependency graph** and **{% data variables.product.prodname_dependabot_alerts %}**—not enabled by default. Both features are configured at an enterprise level by the enterprise owner. Para obtener más información, consulta la sección {% ifversion ghes %}"[Habilitar la gráfica de dependencias para tu empresa](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)" y {% endif %}"[Habilitar el {% data variables.product.prodname_dependabot %} para tu empresa](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)". +- **Dependency review**—available when dependency graph is enabled for {% data variables.product.product_location %} and {% data variables.product.prodname_advanced_security %} is enabled for the organization or repository. For more information, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)." +{% endif %} +{% ifversion ghes > 3.2 %} +- **{% data variables.product.prodname_dependabot_security_updates %}**—not enabled by default. Puedes habilitar las {% data variables.product.prodname_dependabot_security_updates %} para cualquier repositorio que utilice {% data variables.product.prodname_dependabot_alerts %} y la gráfica de dependencias. Para obtener más información, consulta la sección "[Acerca de las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)". +- **{% data variables.product.prodname_dependabot_version_updates %}**—not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. Para obtener más información sobre habilitar las actualizaciones de seguridad, consulta la sección "[Configurar las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)". +{% endif %} diff --git a/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md b/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md index de81712e37..91b871b9ef 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md +++ b/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md @@ -55,7 +55,7 @@ You can use the dependency graph to: - Explore the repositories your code depends on{% ifversion fpt or ghec %}, and those that depend on it{% endif %}. For more information, see "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)." {% ifversion fpt or ghec %} - View a summary of the dependencies used in your organization's repositories in a single dashboard. For more information, see "[Viewing insights for your organization](/articles/viewing-insights-for-your-organization#viewing-organization-dependency-insights)."{% endif %} -- View and update vulnerable dependencies for your repository. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."{% ifversion fpt or ghes > 3.1 or ghec %} +- View and update vulnerable dependencies for your repository. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."{% ifversion fpt or ghes > 3.1 or ghec %} - See information about vulnerable dependencies in pull requests. For more information, see "[Reviewing dependency changes in a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)."{% endif %} ## Enabling the dependency graph @@ -84,7 +84,7 @@ The recommended formats explicitly define which versions are used for all direct {%- endif %} | Maven | Java, Scala | `pom.xml` | `pom.xml` | | npm | JavaScript | `package-lock.json` | `package-lock.json`, `package.json`| -| Python PIP | Python | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`{% if github-actions-in-dependency-graph %}[2]{% else %}[1]{% endif %} | +| pip | Python | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`{% if github-actions-in-dependency-graph %}[2]{% else %}[1]{% endif %} | {%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-4752 %} | Python Poetry | Python | `poetry.lock` | `poetry.lock`, `pyproject.toml` |{% endif %} | RubyGems | Ruby | `Gemfile.lock` | `Gemfile.lock`, `Gemfile`, `*.gemspec` | @@ -111,5 +111,5 @@ The recommended formats explicitly define which versions are used for all direct - "[Dependency graph](https://en.wikipedia.org/wiki/Dependency_graph)" on Wikipedia - "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)"{% ifversion fpt or ghec %} - "[Viewing insights for your organization](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)"{% endif %} -- "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" - "[Troubleshooting the detection of vulnerable dependencies](/github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies)" diff --git a/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md b/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md index a9acbfc377..8b1c81aaf8 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md +++ b/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md @@ -40,7 +40,7 @@ Enterprise owners can configure the dependency graph at an enterprise level. For ### Dependencies view {% ifversion fpt or ghec %} -Dependencies are grouped by ecosystem. You can expand a dependency to view its dependencies. For dependencies on public repositories hosted on {% data variables.product.product_name %}, you can also click a dependency to view the repository. Dependencies on private repositories, private packages, or unrecognized files are shown in plain text. +Dependencies are grouped by ecosystem. You can expand a dependency to view its dependencies. Dependencies on private repositories, private packages, or unrecognized files are shown in plain text. If the package manager for the dependency is in a public repository, {% data variables.product.product_name %} will display a link to that repository. If vulnerabilities have been detected in the repository, these are shown at the top of the view for users with access to {% data variables.product.prodname_dependabot_alerts %}. @@ -84,7 +84,10 @@ You can disable the dependency graph at any time by clicking **Disable** next to ## Changing the "Used by" package -If the dependency graph is enabled, and your repository contains a package that's published on a supported package ecosystem, {% data variables.product.prodname_dotcom %} displays a "Used by" section in the sidebar of the **Code** tab of your repository. For more information about the supported package ecosystems, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)." +You may notice some repositories have a "Used by" section in the sidebar of the **Code** tab. Your repository will have a "Used by" section if: + * The dependency graph is enabled for the repository (see the above section for more details). + * Your repository contains a package that is published on a [supported package ecosystem](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems). + * Within the ecosystem, your package has a link to a _public_ repository where the source is stored. The "Used by" section shows the number of public references to the package that were found, and displays the avatars of some of the owners of the dependent projects. @@ -114,7 +117,7 @@ If a manifest or lock file is not processed, its dependencies are omitted from t ## Further reading - "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" -- "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% ifversion fpt or ghec %} +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% ifversion fpt or ghec %} - "[Viewing insights for your organization](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)" - "[Understanding how {% data variables.product.prodname_dotcom %} uses and protects your data](/get-started/privacy-on-github)" {% endif %} diff --git a/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md b/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md index 0e1e4f1579..646c4e30f1 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md +++ b/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md @@ -9,10 +9,12 @@ topics: - Dependency graph - Dependencies - Repositories -children: - - /about-the-dependency-graph - - /exploring-the-dependencies-of-a-repository - - /about-dependency-review shortTitle: Understand your supply chain +children: + - /about-supply-chain-security + - /about-the-dependency-graph + - /about-dependency-review + - /exploring-the-dependencies-of-a-repository + - /troubleshooting-the-dependency-graph --- diff --git a/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md b/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md new file mode 100644 index 0000000000..f4e8203720 --- /dev/null +++ b/translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md @@ -0,0 +1,62 @@ +--- +title: Solución de problemas del gráfico de dependencias +intro: 'If the dependency information reported by the dependency graph is not what you expected, there are a number of points to consider, and various things you can check.' +shortTitle: Troubleshoot dependency graph +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +type: how_to +topics: + - Troubleshooting + - Errors + - Dependencies + - Vulnerabilities + - Dependency graph + - CVEs + - Repositories +--- + +{% data reusables.dependabot.result-discrepancy %} + +## ¿Acaso la gráfica de dependencias solo encuentra depedencias en los manifiestos y lockfiles? + +La gráfica de dependencias incluye información sobre las dependencias, la cual se declara explícitamente en tu ambiente. Esto es, dependencias que se especifican en un manifiesto o en un lockfile. La gráfica de dependencias también incluye dependencias transitivas generalmente, aún cuando no se especifican en un lockfile, mediante la revisión de las dependencias de las dependencias en un archivo de manifiesto. + +La gráfica de dependencias no incluye dependencias "sueltas". Las dependencias "sueltas" son archivos individuales que se copian de otra fuernte y se revisan directamente en el repositorio o dentro de un archivo (tal como un archivo ZIP o JAR) en ves de que se referencien en un manifiesto de paquete de administrador o en un lockfile. + +**Check**: Is the missing dependency for a component that's not specified in the repository's manifest or lockfile? + +## ¿Acaso la gráfica de dependencias detecta dependencias que se especifican utilizando variables? + +La gráfica de dependencias analiza los manifiestos mientras se suben a {% data variables.product.prodname_dotcom %}. Por lo tanto, la gráfica de dependencias no tiene acceso al ambiente de compilación del proyecto, así que no puede resolver variables que se utilizan dentro de los manifiestos. Si utilizas variables dentro de un manifiesto para especificar el nombre, o más comunmente la versión de una dependencia, entonces dicha dependencia no se incluirá en la gráfica de dependencias. + +**Verifica**: ¿Acaso la dependencia faltante se declara en el manifiesto utilizando una variable para su nombre o versión? + +## ¿Existen límites que afecten los datos de la gráfica de dependencias? + +Sí, la gráfica de dependencias tiene dos categorías de límites: + +1. **Límites de procesamiento** + + Estos afectan la gráfica de dependencias que se muestra dentro de {% data variables.product.prodname_dotcom %} y también previenen la creación de {% data variables.product.prodname_dependabot_alerts %}. + + Los manifiestos mayores a 0.5 MB solo se procesan para las cuentas empresariales. En el caso de otras cuentas, los manifiestos mayores a 0.5 MB se ingoran y no crearán {% data variables.product.prodname_dependabot_alerts %}. + + Predeterminadamente, {% data variables.product.prodname_dotcom %} no procesará más de 20 manifiestos por repositorio. Las {% data variables.product.prodname_dependabot_alerts %} no se crean para los manifiestos más allá de este límite. Si necesitas incrementar el límite, contacta a {% data variables.contact.contact_support %}. + +2. **Límites de visualización** + + Estos afectan a lo que se muestra en la gráfica de dependencias dentro de {% data variables.product.prodname_dotcom %}. Sin embargo, estos no afectan las {% data variables.product.prodname_dependabot_alerts %} que se crean. + + La vista de dependencias de la gráfica de dependencias para un repositorio solo muestra 1000 manifiestos. Habitualmente, esto es tan adecuado como es significativamente más alto que el límite de procesamiento descrito anteriormente. En situaciones en donde le límite de procesamiento es mayor a 100, las {% data variables.product.prodname_dependabot_alerts %} se crearán aún para cualquier manifiesto que no se muestre dentro de {% data variables.product.prodname_dotcom %}. + +**Verifica**: ¿La dependencia faltante está en un archivo de manifiesto que tiene más de 0.5 MB, o en un repositorio con una gran cantidad de manifiesto? + +## Leer más + +- "[Acerca de la gráfica de dependencias](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)" +- "[Administrar la configuración de seguridad y de análisis para tu organización](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" +- "[Solucionar problemas en la detección de dependencias vulnerables](/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[Solucionar problemas de los errores del {% data variables.product.prodname_dependabot %}](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"{% endif %} diff --git a/translations/es-ES/content/developers/apps/building-github-apps/creating-a-github-app-from-a-manifest.md b/translations/es-ES/content/developers/apps/building-github-apps/creating-a-github-app-from-a-manifest.md index caf538d658..da096bda77 100644 --- a/translations/es-ES/content/developers/apps/building-github-apps/creating-a-github-app-from-a-manifest.md +++ b/translations/es-ES/content/developers/apps/building-github-apps/creating-a-github-app-from-a-manifest.md @@ -61,7 +61,7 @@ Se redirigirá al creador de la app a una página de GitHub en donde encontrará | `name (nombre)` | `secuencia` | El nombre dela GitHub App. | | `url` | `secuencia` | **Requerido.** La página principal de tu GitHub App. | | `hook_attributes` | `objeto` | La configuración del webhook de la GitHub App. | - | `redirect_url` | `secuencia` | The full URL to redirect to after a user initiates the creation of a GitHub App from a manifest. | + | `redirect_url` | `secuencia` | La URL completa a la cual redireccionar después de que un usuario inicie la creación de una GitHub App desde un manifiesto. | | `callback_urls` | `conjunto de secuencias` | Una URL completa a la cual redirigir cuando alguien autorice una instalación. Puedes proporcionar hasta 10 URL de rellamado. | | `descripción` | `secuencia` | Una descripción de la GitHub App. | | `public` | `boolean` | Configúralo como `true` cuando tu GitHub App esté disponible al público o como `false` si solo puede acceder el propietario de la misma. | diff --git a/translations/es-ES/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md b/translations/es-ES/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md index f0a7fb41f4..d2d0c30d06 100644 --- a/translations/es-ES/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md +++ b/translations/es-ES/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md @@ -59,39 +59,39 @@ La lista completa de parámetros de consulta, permisos y eventos disponibles se Puedes seleccionar los permisos en una secuencia de consulta utilizando los nombres de permiso conforme en la siguiente tabla a manera de nombres de parámetro de consulta y usando el tipo de permiso como el valor de la consulta. Por ejemplo, para seleccionar los permisos de `Read & write` en la interface de usuario para `contents`, tu secuencia de consulta incluiría `&contents=write`. Para seleccionar los permisos de `Read-only` en la interface de usuario para `blocking`, tu secuencia de consulta incluiría `&blocking=read`. Para seleccionar `no-access` en la interface de usuario para las `checks`, tu secuencia de consulta no incluiría el permiso `checks`. -| Permiso | Descripción | -| -------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Permiso | Descripción | +| -------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [`administration`](/rest/reference/permissions-required-for-github-apps/#permission-on-administration) | Otorga acceso a diversas terminales para la administración de organizaciones y repositorios. Puede ser uno de entre `none`, `read`, o `write`.{% ifversion fpt or ghec %} | [`blocking`](/rest/reference/permissions-required-for-github-apps/#permission-on-blocking) | Otorga acceso a la [API de Bloqueo de Usuarios](/rest/reference/users#blocking). Puede ser uno de entre `none`, `read`, o `write`.{% endif %} | [`verificaciones`](/rest/reference/permissions-required-for-github-apps/#permission-on-checks) | Otorga acceso a la [API de verificaciones](/rest/reference/checks). Puede ser uno de entre `none`, `read`, o `write`.{% ifversion ghes < 3.4 %} | `content_references` | Otorga acceso a la terminal "[Crear un adjunto de contenido](/rest/reference/apps#create-a-content-attachment)". Puede ser uno de entre `none`, `read`, o `write`.{% endif %} -| [`contenidos`](/rest/reference/permissions-required-for-github-apps/#permission-on-contents) | Otorga acceso a diversas terminales que te permiten modificar el contenido de los repositorios. Puede ser uno de entre `none`, `read`, o `write`. | +| [`contenidos`](/rest/reference/permissions-required-for-github-apps/#permission-on-contents) | Otorga acceso a diversas terminales que te permiten modificar el contenido de los repositorios. Puede ser uno de entre `none`, `read`, o `write`. | | [`implementaciones`](/rest/reference/permissions-required-for-github-apps/#permission-on-deployments) | Otorga acceso a la [API de despliegues](/rest/reference/repos#deployments). Puede ser uno de entre `none`, `read`, o `write`.{% ifversion fpt or ghes or ghec %} | [`emails`](/rest/reference/permissions-required-for-github-apps/#permission-on-emails) | Otorga acceso a la [API de Correos electrónicos](/rest/reference/users#emails). Puede ser uno de entre `none`, `read`, o `write`.{% endif %} -| [`followers`](/rest/reference/permissions-required-for-github-apps/#permission-on-followers) | Otorga acceso a la [API de Seguidores](/rest/reference/users#followers). Puede ser uno de entre `none`, `read`, o `write`. | -| [`gpg_keys`](/rest/reference/permissions-required-for-github-apps/#permission-on-gpg-keys) | Otorga acceso a la [API de Llaves GPG](/rest/reference/users#gpg-keys). Puede ser uno de entre `none`, `read`, o `write`. | -| [`propuestas`](/rest/reference/permissions-required-for-github-apps/#permission-on-issues) | Otorga acceso a la [API de Informe de problemas](/rest/reference/issues). Puede ser uno de entre `none`, `read`, o `write`. | -| [`keys`](/rest/reference/permissions-required-for-github-apps/#permission-on-keys) | Otorga acceso a la [API de Llaves Públicas](/rest/reference/users#keys). Puede ser uno de entre `none`, `read`, o `write`. | +| [`followers`](/rest/reference/permissions-required-for-github-apps/#permission-on-followers) | Otorga acceso a la [API de Seguidores](/rest/reference/users#followers). Puede ser uno de entre `none`, `read`, o `write`. | +| [`gpg_keys`](/rest/reference/permissions-required-for-github-apps/#permission-on-gpg-keys) | Otorga acceso a la [API de Llaves GPG](/rest/reference/users#gpg-keys). Puede ser uno de entre `none`, `read`, o `write`. | +| [`propuestas`](/rest/reference/permissions-required-for-github-apps/#permission-on-issues) | Otorga acceso a la [API de Informe de problemas](/rest/reference/issues). Puede ser uno de entre `none`, `read`, o `write`. | +| [`keys`](/rest/reference/permissions-required-for-github-apps/#permission-on-keys) | Otorga acceso a la [API de Llaves Públicas](/rest/reference/users#keys). Puede ser uno de entre `none`, `read`, o `write`. | | [`members`](/rest/reference/permissions-required-for-github-apps/#permission-on-members) | Otorga acceso para administrar los miembros de una organización. Puede ser uno de entre `none`, `read`, o `write`.{% ifversion fpt or ghec %} -| [`metadatos`](/rest/reference/permissions-required-for-github-apps/#metadata-permissions) | Otorga acceso a las terminales de solo lectura que no filtran datos sensibles. Puede ser `read` o `none`. Su valor predeterminado es `read` cuando configuras cualquier permiso, o bien, `none` cuando no especificas ningún permiso para la {% data variables.product.prodname_github_app %}. | +| [`metadatos`](/rest/reference/permissions-required-for-github-apps/#metadata-permissions) | Otorga acceso a las terminales de solo lectura que no filtran datos sensibles. Puede ser `read` o `none`. Su valor predeterminado es `read` cuando configuras cualquier permiso, o bien, `none` cuando no especificas ningún permiso para la {% data variables.product.prodname_github_app %}. | | [`organization_administration`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-administration) | Otorga acceso a la terminal "[Actualizar una organización](/rest/reference/orgs#update-an-organization)" y a la [API de Restricciones de Interacción en la Organización](/rest/reference/interactions#set-interaction-restrictions-for-an-organization). Puede ser uno de entre `none`, `read`, o `write`.{% endif %} -| [`organization_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-hooks) | Otorga acceso a la [API de Webhooks de la Organización](/rest/reference/orgs#webhooks/). Puede ser uno de entre `none`, `read`, o `write`. | -| `organization_plan` | Otorga acceso para obtener información acerca del plan de una organización que utilice la terminal "[Obtener una organización](/rest/reference/orgs#get-an-organization)". Puede ser uno de entre `none` o `read`. | +| [`organization_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-hooks) | Otorga acceso a la [API de Webhooks de la Organización](/rest/reference/orgs#webhooks/). Puede ser uno de entre `none`, `read`, o `write`. | +| `organization_plan` | Otorga acceso para obtener información acerca del plan de una organización que utilice la terminal "[Obtener una organización](/rest/reference/orgs#get-an-organization)". Puede ser uno de entre `none` o `read`. | | [`organization_projects`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-projects) | Otorga acceso a la [API de Proyectos](/rest/reference/projects). Puede ser uno de entre: `none`, `read`, `write`, o `admin`.{% ifversion fpt or ghec %} | [`organization_user_blocking`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-projects) | Otorga acceso a la [API de Bloqueo de Usuarios de la Organización](/rest/reference/orgs#blocking). Puede ser uno de entre `none`, `read`, o `write`.{% endif %} -| [`páginas`](/rest/reference/permissions-required-for-github-apps/#permission-on-pages) | Otorga acceso a la [API de páginas](/rest/reference/repos#pages). Puede ser uno de entre `none`, `read`, o `write`. | -| `plan` | Otorga acceso para obtener información acerca del plan de GitHub de un usuario que utilice la terminal "[Obtener un usuario](/rest/reference/users#get-a-user)". Puede ser uno de entre `none` o `read`. | -| [`pull_requests`](/rest/reference/permissions-required-for-github-apps/#permission-on-pull-requests) | Otorga acceso a varias terminales de solicitud de extracción. Puede ser uno de entre `none`, `read`, o `write`. | -| [`repository_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-hooks) | Otorga acceso a la [API de Webhooks del Repositorio](/rest/reference/repos#hooks). Puede ser uno de entre `none`, `read`, o `write`. | +| [`páginas`](/rest/reference/permissions-required-for-github-apps/#permission-on-pages) | Otorga acceso a la [API de páginas](/rest/reference/repos#pages). Puede ser uno de entre `none`, `read`, o `write`. | +| `plan` | Otorga acceso para obtener información acerca del plan de GitHub de un usuario que utilice la terminal "[Obtener un usuario](/rest/reference/users#get-a-user)". Puede ser uno de entre `none` o `read`. | +| [`pull_requests`](/rest/reference/permissions-required-for-github-apps/#permission-on-pull-requests) | Otorga acceso a varias terminales de solicitud de extracción. Puede ser uno de entre `none`, `read`, o `write`. | +| [`repository_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-hooks) | Otorga acceso a la [API de Webhooks del Repositorio](/rest/reference/repos#hooks). Puede ser uno de entre `none`, `read`, o `write`. | | [`repository_projects`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-projects) | Otorga acceso a la [API de Proyectos](/rest/reference/projects). Puede ser uno de entre: `none`, `read`, `write`, o `admin`.{% ifversion fpt or ghes or ghec %} | [`secret_scanning_alerts`](/rest/reference/permissions-required-for-github-apps/#permission-on-secret-scanning-alerts) | Otorga acceso a la [API de escaneo de secretos](/rest/reference/secret-scanning). Puede ser uno de entre: `none`, `read`, o `write`.{% endif %}{% ifversion fpt or ghes or ghec %} | [`security_events`](/rest/reference/permissions-required-for-github-apps/#permission-on-security-events) | Otorga acceso a la [API de escaneo de código](/rest/reference/code-scanning/). Puede ser uno de entre `none`, `read`, o `write`.{% endif %} -| [`single_file`](/rest/reference/permissions-required-for-github-apps/#permission-on-single-file) | Otorga acceso a la [API de Contenidos](/rest/reference/repos#contents). Puede ser uno de entre `none`, `read`, o `write`. | -| [`starring`](/rest/reference/permissions-required-for-github-apps/#permission-on-starring) | Otorga acceso a la [API de marcar con estrella](/rest/reference/activity#starring). Puede ser uno de entre `none`, `read`, o `write`. | -| [`estados`](/rest/reference/permissions-required-for-github-apps/#permission-on-statuses) | Otorga acceso a la [API de Estados](/rest/reference/commits#commit-statuses). Puede ser uno de entre `none`, `read`, o `write`. | +| [`single_file`](/rest/reference/permissions-required-for-github-apps/#permission-on-single-file) | Otorga acceso a la [API de Contenidos](/rest/reference/repos#contents). Puede ser uno de entre `none`, `read`, o `write`. | +| [`starring`](/rest/reference/permissions-required-for-github-apps/#permission-on-starring) | Otorga acceso a la [API de marcar con estrella](/rest/reference/activity#starring). Puede ser uno de entre `none`, `read`, o `write`. | +| [`estados`](/rest/reference/permissions-required-for-github-apps/#permission-on-statuses) | Otorga acceso a la [API de Estados](/rest/reference/commits#commit-statuses). Puede ser uno de entre `none`, `read`, o `write`. | | [`team_discussions`](/rest/reference/permissions-required-for-github-apps/#permission-on-team-discussions) | Otorga acceso a la [API de debates de equipo](/rest/reference/teams#discussions) y a la [API de comentarios en debates de equipo](/rest/reference/teams#discussion-comments). Puede ser uno de entre `none`, `read`, o `write`.{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} -| `vulnerability_alerts` | Otorga acceso para recibir alertas de seguridad para las dependencias vulnerables en un repositorio. Consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)" para aprender más. Puede ser uno de entre: `none` o `read`.{% endif %} -| `observando` | Otorga acceso a la lista y cambia los repositorios a los que un usuario está suscrito. Puede ser uno de entre `none`, `read`, o `write`. | +| `vulnerability_alerts` | Grants access to receive {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies in a repository. See "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)" to learn more. Puede ser uno de entre: `none` o `read`.{% endif %} +| `observando` | Otorga acceso a la lista y cambia los repositorios a los que un usuario está suscrito. Puede ser uno de entre `none`, `read`, o `write`. | ## Eventos de webhook de {% data variables.product.prodname_github_app %} diff --git a/translations/es-ES/content/developers/apps/building-github-apps/creating-a-github-app.md b/translations/es-ES/content/developers/apps/building-github-apps/creating-a-github-app.md index 5f197fdb65..5d79ff297e 100644 --- a/translations/es-ES/content/developers/apps/building-github-apps/creating-a-github-app.md +++ b/translations/es-ES/content/developers/apps/building-github-apps/creating-a-github-app.md @@ -46,7 +46,8 @@ topics: {% endif %} 1. Predeterminadamente, para mejorar la seguridad de tu app, ésta utilizará un token de autorización de usuario con una vida útil limitada. Para elegir no utilizar estos tokens de usuario, debes deseleccionar la opción "Limitar la vida útil de los tokens de autorización de usuario". Para conocer más acerca de configurar un flujo de rehabilitación de tokens y acerca de los beeficios de que éstos tenga una vida útil limitada, consulta la sección "[Rehabilitar los tokens de acceso de usuario a servidor](/apps/building-github-apps/refreshing-user-to-server-access-tokens/)". ![Opción para unirse a los tokens de usuario con caducidad durante la configuración de las GitHub Apps](/assets/images/github-apps/expire-user-tokens-selection.png) -1. Si tu app autoriza a los usuarios que utilizan el flujo de OAuth, puedes seleccionar la opción **Solicitar la autorización del usuario (OAuth) durante la instalación** para permitir que las personas den autorización a la app cuando la instalen, lo cual te ahorra un paso. Si seleccionas esta opción, la "URL de configuración" dejará de estar disponible y se redirigirá a los usuarios a tu "URL de rellamado para autorización del usuario" después de que instalen la app. Consulta la sección "[Autorizar a los usuarios durante la instalación](/apps/installing-github-apps/#authorizing-users-during-installation)" para obtener más información. ![Solicitar una autorización de usuario durante la instalación](/assets/images/github-apps/github_apps_request_auth_upon_install.png) +1. Si tu app autoriza a los usuarios que utilizan el flujo de OAuth, puedes seleccionar la opción **Solicitar la autorización del usuario (OAuth) durante la instalación** para permitir que las personas den autorización a la app cuando la instalen, lo cual te ahorra un paso. Si seleccionas esta opción, la "URL de configuración" dejará de estar disponible y se redirigirá a los usuarios a tu "URL de rellamado para autorización del usuario" después de que instalen la app. Consulta la sección "[Autorizar a los usuarios durante la instalación](/apps/installing-github-apps/#authorizing-users-during-installation)" para obtener más información. ![Request user authorization during installation](/assets/images/github-apps/github_apps_request_auth_upon_install.png){% if device-flow-is-opt-in %} +1. If your GitHub App will use the device flow to identify and authorize users, click **Enable Device Flow**. Para obtener más información sobre el flujo de dispositivos, consulta la sección "[Autorizar las Apps de OAuth](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)". ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} 1. Si se requiere hacer ajustes adicionales después de la instalación, agrega una "URL de configuración" para redireccionar a los usuarios después de que instalen tu app. ![Campo para configurar la URL de tu GitHub App ](/assets/images/github-apps/github_apps_setup_url.png) {% note %} diff --git a/translations/es-ES/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md b/translations/es-ES/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md index d9f0e337b8..2889288c1a 100644 --- a/translations/es-ES/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md +++ b/translations/es-ES/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md @@ -71,9 +71,9 @@ Si el usuario acepta tu solicitud, GitHub te redirecciona de regreso a tu sitio {% endnote %} -Exchange this `code` for an access token. Cuando se habilita el vencimiento de tokens, el token de acceso vence en 8 horas y el token de actualización en 6 meses. Cada que actualizas el token, obtienes un nuevo token de actualización. For more information, see "[Refreshing user-to-server access tokens](/developers/apps/refreshing-user-to-server-access-tokens)." +Exchange this `code` for an access token. Cuando se habilita el vencimiento de tokens, el token de acceso vence en 8 horas y el token de actualización en 6 meses. Cada que actualizas el token, obtienes un nuevo token de actualización. Para obtener más información, consulta la sección "[Actualziar los tokens de acceso usuario-servidor](/developers/apps/refreshing-user-to-server-access-tokens)". -Los tokens de usuario con vigencia determinada son una característica opcional actualmente y están sujetos a cambios. To opt-in to the user-to-server token expiration feature, see "[Activating optional features for apps](/developers/apps/activating-optional-features-for-apps)." +Los tokens de usuario con vigencia determinada son una característica opcional actualmente y están sujetos a cambios. Para decidir participar en la característica de vencimiento de tokens usuario-servidor, consulta la sección "[Activar las características opcionales para las apps](/developers/apps/activating-optional-features-for-apps)". Haz una solicitud a la siguiente terminal para recibir un token de acceso: @@ -91,7 +91,7 @@ Haz una solicitud a la siguiente terminal para recibir un token de acceso: #### Respuesta -By default, the response takes the following form. Los parámetros de respuesta `expires_in`, `refresh_token`, y `refresh_token_expires_in` solo se devuelven cuando habilitas la vigencia determinada para los tokens de acceso de usuario a servidor. +Predeterminadametne, la respuesta lleva el siguiente formato. Los parámetros de respuesta `expires_in`, `refresh_token`, y `refresh_token_expires_in` solo se devuelven cuando habilitas la vigencia determinada para los tokens de acceso de usuario a servidor. ```json { @@ -127,7 +127,7 @@ curl -H "Authorization: token OAUTH-TOKEN" {% data variables.product.api_url_pre Este flujo de dispositivos te permite autorizar usuarios para una app sin encabezado, tal como una herramienta de CLI o un administrador de credenciales de Git. -Para obtener más información acerca de autorizar a usuarios utilizando el flujo de dispositivos, consulta la sección "[Autorizar Apps de OAuth](/developers/apps/authorizing-oauth-apps#device-flow)". +{% if device-flow-is-opt-in %}Antes de que puedas utilizar el flujo de dispositivos para identificar y autorizar usuarios, primero debes habilitarlo en los ajustes de tu app. Para obtener más información sobre cómo habilitar el flujo de dispositivos, consulta la sección "[Modificar una GitHub App](/developers/apps/managing-github-apps/modifying-a-github-app)". {% endif %}Para obtener más información sobre cómo autorizar usuarios utilizando el flujo de dispositivos, consulta la sección "[Autorizar las Apps de OAuth](/developers/apps/authorizing-oauth-apps#device-flow)". ## Revisar a qué recursos de instalación puede acceder un usuario diff --git a/translations/es-ES/content/developers/apps/building-github-apps/refreshing-user-to-server-access-tokens.md b/translations/es-ES/content/developers/apps/building-github-apps/refreshing-user-to-server-access-tokens.md index b2d0050f07..5bfc78103e 100644 --- a/translations/es-ES/content/developers/apps/building-github-apps/refreshing-user-to-server-access-tokens.md +++ b/translations/es-ES/content/developers/apps/building-github-apps/refreshing-user-to-server-access-tokens.md @@ -59,7 +59,7 @@ Puedes habilitar o inhabilitar los tokens de autorización de usuario a servidor {% data reusables.user-settings.developer_settings %} {% data reusables.user-settings.github_apps %} 4. Da clic en la opción**Editar** junto a la {% data variables.product.prodname_github_app %} que escogiste. ![Configuración para editar una GitHub App](/assets/images/github-apps/edit-test-app.png) -5. In the left sidebar, click **Optional Features**. ![Optional features tab](/assets/images/github-apps/optional-features-option.png) +5. En la barra lateral izquierda, haz clic en **Características opcionales**. ![Pestaña de características opcionales](/assets/images/github-apps/optional-features-option.png) 6. Junto a "caducidad de token de usuario a servidor", da clic en **Unirse** o en **No unirse**. Esta característica podría tardar un par de segundos para su aplicación. ## Decidir no unirse a los tokens con caducidad para las GitHub Apps nuevas diff --git a/translations/es-ES/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md b/translations/es-ES/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md index 96b600f597..fefdaa8441 100644 --- a/translations/es-ES/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md +++ b/translations/es-ES/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md @@ -126,6 +126,12 @@ curl -H "Authorization: token OAUTH-TOKEN" {% data variables.product.api_url_pre Este flujo de dispositivos te permite autorizar usuarios para una app sin encabezado, tal como una herramienta de CLI o un administrador de credenciales de Git. +{% if device-flow-is-opt-in %} + +Before you can use the device flow to authorize and identify users, you must first enable it in your app's settings. For more information about enabling the device flow in your app, see "[Modifying an OAuth App](/developers/apps/managing-oauth-apps/modifying-an-oauth-app)" for OAuth Apps and "[Modifying a GitHub App](/developers/apps/managing-github-apps/modifying-a-github-app)" for GitHub Apps. + +{% endif %} + ### Resumen del flujo de dispositivos 1. Tu app solicita el dispositivo y los códigos de verificación de usuario y obtiene una URL de autoización en donde el usuario ignresará su código de verificación de usuario. @@ -255,10 +261,12 @@ Si realizas más de una solicitud de acceso con token (`POST {% data variables.p | `unsupported_grant_type` | El tipo de otorgamiento debe ser `urn:ietf:params:oauth:grant-type:device_code` y se debe incluir como un parámetro de entrada cuando sondeas la solicitud de token de OAuth `POST {% data variables.product.oauth_host_code %}/login/oauth/access_token`. | | `incorrect_client_credentials` | Para el flujo de dispositivos, debes pasar la ID de cliente de tu app, la cual puedes encontrar en la página de configuración de la misma. No se necesita el `client_secret` para el flujo del dispositivo. | | `incorrect_device_code` | El device_code que se proporcionó es inválido. | -| `access_denied` | Cuando un usuario da clic en cancelar durante el proceso de autorización, recibirás un error de `access_denied` y el usuario no podrá utilizar el código de verificación nuevamente. | +| `access_denied` | When a user clicks cancel during the authorization process, you'll receive a `access_denied` error and the user won't be able to use the verification code again.{% if device-flow-is-opt-in %} +| `device_flow_disabled` | Device flow has not been enabled in the app's settings. For more information, see "[Device flow](#device-flow)."{% endif %} Para obtener más información, consulta la sección "[Otorgamiento de Autorización de Dispositivo de OAuth 2.0](https://tools.ietf.org/html/rfc8628#section-3.5)". + ## Flujo de aplicaciónes no web La autenticación no web está disponible para situaciones limitadas, como las pruebas. Si lo necesitas, puedes utilizar la [Autenticación Básica](/rest/overview/other-authentication-methods#basic-authentication) para crear un token de acceso personal utilizando tu [página de configuración de los tokens de acceso personal](/articles/creating-an-access-token-for-command-line-use). Esta técnica le permite al usuario revocar el acceso en cualquier momento. diff --git a/translations/es-ES/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md b/translations/es-ES/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md index 622513cb43..cdf62c3a11 100644 --- a/translations/es-ES/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md +++ b/translations/es-ES/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md @@ -49,5 +49,6 @@ topics: **Nota:** Las apps de OAuth no puede tener URL de rellamado múltiples, a diferencia de las {% data variables.product.prodname_github_apps %}. {% endnote %} -{% endif %} -10. Haz clic en **Register application** (Registrar aplicación). ![Botón para registrar una aplicación](/assets/images/oauth-apps/oauth_apps_register_application.png) +{% endif %}{% if device-flow-is-opt-in %} +1. If your OAuth App will use the device flow to identify and authorize users, click **Enable Device Flow**. Para obtener más información sobre el flujo de dispositivos, consulta la sección "[Autorizar las Apps de OAuth](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)". ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} +2. Haz clic en **Register application** (Registrar aplicación). ![Botón para registrar una aplicación](/assets/images/oauth-apps/oauth_apps_register_application.png) diff --git a/translations/es-ES/content/developers/apps/managing-github-apps/modifying-a-github-app.md b/translations/es-ES/content/developers/apps/managing-github-apps/modifying-a-github-app.md index 8551ea83bf..59c799c6dd 100644 --- a/translations/es-ES/content/developers/apps/managing-github-apps/modifying-a-github-app.md +++ b/translations/es-ES/content/developers/apps/managing-github-apps/modifying-a-github-app.md @@ -18,5 +18,6 @@ topics: {% data reusables.user-settings.developer_settings %} {% data reusables.user-settings.github_apps %} {% data reusables.user-settings.modify_github_app %} -5. En "Información básica", modifica la información que quieras cambiar para la GitHub App. ![Sección de información básica para tu GitHub App](/assets/images/github-apps/github_apps_basic_information.png) +5. En "Información básica", modifica la información que quieras cambiar para la GitHub App. ![Basic information section for your GitHub App](/assets/images/github-apps/github_apps_basic_information.png){% if device-flow-is-opt-in %} +1. Si tu GitHub App utilizará el flujo de dispositivos para identificar y autorizar usuarios, haz clic en **Habilitar flujo de dispositivos**. Para obtener más información sobre el flujo de dispositivos, consulta la sección "[Autorizar las Apps de OAuth](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)". ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} 6. Haz clic en **Guardar cambios**. ![Botón para guardar los cambios en tu GitHub App](/assets/images/github-apps/github_apps_save_changes.png) diff --git a/translations/es-ES/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md b/translations/es-ES/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md index a0208e9461..4cef3402ec 100644 --- a/translations/es-ES/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md +++ b/translations/es-ES/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md @@ -50,7 +50,7 @@ Cuando termines de crear tu app, puedes compartirla con otros usuarios si la pub 1. Agrega un plan de precios. Para obtener más información, consulta la sección "[Configurar planes de precios para tu listado](/developers/github-marketplace/setting-pricing-plans-for-your-listing)". -1. Lee y acepta las condiciones del "\[Acuerdo de Desarrollador de {% data variables.product.prodname_marketplace %}\](/free-pro-team@latest/github/site-policy/github-marketplace-developer-agreement". +1. Lee y acepta las condiciones del "[Acuerdo de Desarrollador de {% data variables.product.prodname_marketplace %}](/free-pro-team@latest/github/site-policy/github-marketplace-developer-agreement)". 1. Emite tu listado para que se publique en {% data variables.product.prodname_marketplace %}. Para obtener más información, consulta la sección "[Emitir tu lista para su publicación](/developers/github-marketplace/submitting-your-listing-for-publication)". diff --git a/translations/es-ES/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md b/translations/es-ES/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md index 23bdc8a97e..31074674ab 100644 --- a/translations/es-ES/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md +++ b/translations/es-ES/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md @@ -46,17 +46,17 @@ El objeto `marketplace_purchase` tiene las siguientes claves: El objeto `plan` tiene las siguientes claves: -| Clave | Tipo | Descripción | -| ------------------------ | ------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | `número` | El identificador único para este plan. | -| `name (nombre)` | `secuencia` | El nombre del plan. | -| `descripción` | `secuencia` | La descripción de este plan. | -| `monthly_price_in_cents` | `número` | El precio mensual de este plan en centavos (Divisa de los EEUU). Por ejemplo, un listado que cuesta 10 dólares de EEUU por mes sería de 1000 centavos. | -| `yearly_price_in_cents` | `número` | El precio anual para este plan en centavos (Divisa de los EEUU). Por ejemplo, un listado que cuesta 100 dólares de EEUU por mes sería de 10000 centavos. | -| `price_model` | `secuencia` | El modelo de precios para este listado. Puede ser alguno de entre `flat-rate`, `per-unit`, o `free`. | -| `has_free_trial` | `boolean` | es `true` cuando este listado ofrece un periodo de prueba gratuito. | -| `unit_name` | `secuencia` | El nombre de la unidad. Si el modelo de precios no es `per-unit`, éste será `nil`. | -| `bullet` | `conjunto de secuencias` | Los nombres de los puntos configurados en el plan de precios. | +| Clave | Tipo | Descripción | +| ------------------------ | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `id` | `número` | El identificador único para este plan. | +| `name (nombre)` | `secuencia` | El nombre del plan. | +| `descripción` | `secuencia` | La descripción de este plan. | +| `monthly_price_in_cents` | `número` | El precio mensual de este plan en centavos (Divisa de los EEUU). Por ejemplo, un listado que cuesta 10 dólares de EEUU por mes sería de 1000 centavos. | +| `yearly_price_in_cents` | `número` | El precio anual para este plan en centavos (Divisa de los EEUU). Por ejemplo, un listado que cuesta 100 dólares de EEUU por mes sería de 120000 centavos. | +| `price_model` | `secuencia` | El modelo de precios para este listado. Puede ser alguno de entre `flat-rate`, `per-unit`, o `free`. | +| `has_free_trial` | `boolean` | es `true` cuando este listado ofrece un periodo de prueba gratuito. | +| `unit_name` | `secuencia` | El nombre de la unidad. Si el modelo de precios no es `per-unit`, éste será `nil`. | +| `bullet` | `conjunto de secuencias` | Los nombres de los puntos configurados en el plan de precios. |
diff --git a/translations/es-ES/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md b/translations/es-ES/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md index a9784b5ada..f7674ed0db 100644 --- a/translations/es-ES/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md +++ b/translations/es-ES/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md @@ -1246,7 +1246,7 @@ Este evento ocurre cuando una {% data variables.product.prodname_github_app %} e La actividad relacionada con una asesoría de seguridad que revisó {% data variables.product.company_short %}. Una asesoría de seguridad que haya revisado {% data variables.product.company_short %} proporciona información sobre las vulnerabilidades relacionadas con la seguridad en el software de {% data variables.product.prodname_dotcom %}. -El conjunto de datos de asesoría de seguridad también impulsa las {% data variables.product.prodname_dependabot_alerts %} de GitHub. Para obtener más información, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)". +El conjunto de datos de asesoría de seguridad también impulsa las {% data variables.product.prodname_dependabot_alerts %} de GitHub. Para obtener más información, consulta la sección "[Acerca de{% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)". ### Disponibilidad diff --git a/translations/es-ES/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md b/translations/es-ES/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md index a43d48e1c9..4d7dd3edd0 100644 --- a/translations/es-ES/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md +++ b/translations/es-ES/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md @@ -20,7 +20,7 @@ shortTitle: Cómo utiliza tus datos GitHub {% data reusables.repositories.about-github-archive-program %} Para obtener más información, consulta la sección "[Acerca de archivar contenido y datos en {% data variables.product.prodname_dotcom %}](/github/creating-cloning-and-archiving-repositories/about-archiving-content-and-data-on-github#about-the-github-archive-program)". -{% data reusables.user-settings.export-data %} For more information, see "[Requesting an archive of your personal account's data](/articles/requesting-an-archive-of-your-personal-account-s-data)." +{% data reusables.user-settings.export-data %} Para obtener más información, consulta "[Solicitar un archivo de los datos de tu cuenta personal](/articles/requesting-an-archive-of-your-personal-account-s-data)". Si decides utilizar datos para un repositorio privado, seguiremos tratando tus datos privados, código abierto, o secretos comerciales como confidenciales y privados de acuerdo con nuestras [Condiciones de Servicio](/free-pro-team@latest/github/site-policy/github-terms-of-service). La información que obtenemos viene solo de los datos agregados. Para obtener más información, consulta la sección "[Administrar la configuración de uso de datos para tu repositorio privado](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)". @@ -28,7 +28,7 @@ Anunciaremos nuevas funciones sustanciales que usen metadatos o datos agregados ## Cómo mejoran los datos las recomendaciones de seguridad -Como ejemplo de cómo deberían usarse tus datos, podemos detectar y alertarte sobre una vulnerabilidad de seguridad en las dependencias de tu repositorio público. Para obtener más información, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". +Como ejemplo de cómo deberían usarse tus datos, podemos detectar y alertarte sobre una vulnerabilidad de seguridad en las dependencias de tu repositorio público. Para obtener más información, consulta la sección "[Acerca de{% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". Para detectar posibles vulnerabilidades de seguridad {% data variables.product.product_name %} escanea los contenidos del archivo de manifiesto de dependencias para hacer una lista de las dependencias de tu proyecto. diff --git a/translations/es-ES/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md b/translations/es-ES/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md index 3931df21cb..8225f20512 100644 --- a/translations/es-ES/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md +++ b/translations/es-ES/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md @@ -16,7 +16,7 @@ shortTitle: Administrar el uso de datos para un repositorio privado ## Acerca del uso de datos para tu repositorio privado -Cuando habilitas el uso de datos para tu repositorio privado, podrás acceder a la gráfica de dependencias, en donde puedes rastrear las dependencias de tus repositorios y recibir las {% data variables.product.prodname_dependabot_alerts %} cuando {% data variables.product.product_name %} detecte las dependencias vulnerables. Para obtener más información, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)". +Cuando habilitas el uso de datos para tu repositorio privado, podrás acceder a la gráfica de dependencias, en donde puedes rastrear las dependencias de tus repositorios y recibir las {% data variables.product.prodname_dependabot_alerts %} cuando {% data variables.product.product_name %} detecte las dependencias vulnerables. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)." ## Habilitar o inhabilitar las características para el uso de datos @@ -31,5 +31,5 @@ Cuando habilitas el uso de datos para tu repositorio privado, podrás acceder a ## Leer más - "[Acerca del uso de tus datos de {% data variables.product.prodname_dotcom %}](/articles/about-github-s-use-of-your-data)" -- "[Ver y actualizar las dependencias vulnerables en tu repositorio](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" - "[Administrar la configuración de seguridad y de análisis para tu organización](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" diff --git a/translations/es-ES/content/get-started/quickstart/fork-a-repo.md b/translations/es-ES/content/get-started/quickstart/fork-a-repo.md index 145314eb1f..bce507d4c9 100644 --- a/translations/es-ES/content/get-started/quickstart/fork-a-repo.md +++ b/translations/es-ES/content/get-started/quickstart/fork-a-repo.md @@ -21,7 +21,7 @@ topics: --- ## About forks -Most commonly, forks are used to either propose changes to someone else's project or to use someone else's project as a starting point for your own idea. You can fork a repository to create a copy of the repository and make changes without affecting the upstream repository. For more information, see "[Working with forks](/github/collaborating-with-issues-and-pull-requests/working-with-forks)." +Most commonly, forks are used to either propose changes to someone else's project to which you don't have write access, or to use someone else's project as a starting point for your own idea. You can fork a repository to create a copy of the repository and make changes without affecting the upstream repository. For more information, see "[Working with forks](/github/collaborating-with-issues-and-pull-requests/working-with-forks)." ### Propose changes to someone else's project diff --git a/translations/es-ES/content/get-started/signing-up-for-github/index.md b/translations/es-ES/content/get-started/signing-up-for-github/index.md index 069f1da6d6..c71e5a69c4 100644 --- a/translations/es-ES/content/get-started/signing-up-for-github/index.md +++ b/translations/es-ES/content/get-started/signing-up-for-github/index.md @@ -16,6 +16,5 @@ children: - /verifying-your-email-address - /setting-up-a-trial-of-github-enterprise-cloud - /setting-up-a-trial-of-github-enterprise-server - - /setting-up-a-trial-of-github-ae --- diff --git a/translations/es-ES/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae.md b/translations/es-ES/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae.md deleted file mode 100644 index 5789072dd7..0000000000 --- a/translations/es-ES/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae.md +++ /dev/null @@ -1,66 +0,0 @@ ---- -title: Setting up a trial of GitHub AE -intro: 'Puedes probar {% data variables.product.prodname_ghe_managed %} de manera gratuita.' -versions: - ghae: '*' -topics: - - Accounts -shortTitle: GitHub AE trial ---- - -## About the {% data variables.product.prodname_ghe_managed %} trial - -Puedes configurar un periodo de 90 días para evaluar {% data variables.product.prodname_ghe_managed %}. This process allows you to deploy a {% data variables.product.prodname_ghe_managed %} account in your existing Azure region. - -- **{% data variables.product.prodname_ghe_managed %} account**: The Azure resource that contains the deployment of {% data variables.product.prodname_ghe_managed %}. -- **{% data variables.product.prodname_ghe_managed %} portal**: The Azure management tool at [https://portal.azure.com](https://portal.azure.com). This is used to deploy the {% data variables.product.prodname_ghe_managed %} account. - -## Configurar tu prueba de {% data variables.product.prodname_ghe_managed %} - - -Before you can start your trial of {% data variables.product.prodname_ghe_managed %}, you must request access by contacting your {% data variables.product.prodname_dotcom %} account team. {% data variables.product.prodname_dotcom %} will enable the {% data variables.product.prodname_ghe_managed %} trial for your Azure subscription. - -Contact {% data variables.contact.contact_enterprise_sales %} to check your eligibility for a {% data variables.product.prodname_ghe_managed %} trial. - -## Deploying {% data variables.product.prodname_ghe_managed %} with the {% data variables.actions.azure_portal %} - -The {% data variables.actions.azure_portal %} allows you to deploy the {% data variables.product.prodname_ghe_managed %} account in your Azure resource group. - -1. On the {% data variables.actions.azure_portal %}, type `GitHub AE` in the search field. Then, under _Services_, click {% data variables.product.prodname_ghe_managed %}. ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-search.png) -1. To begin the process of adding a new {% data variables.product.prodname_ghe_managed %} account, click **Create GitHub AE account**. -1. Complete the "Project details" and "Instance details" fields. ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-form.png) - - **Account name:** The hostname for your enterprise - - **Administrator username:** A username for the initial enterprise owner that will be created in {% data variables.product.prodname_ghe_managed %} - - **Administrator email:** The email address that will receive the login information -1. To review a summary of the proposed changes, click **Review + create**. -1. After the validation process has completed, click **Create**. - -The email address you entered above will receive instructions on how to access your enterprise. After you have access, you can get started by following the initial setup steps. Para obtener más información, consulta la sección "[Inicializar {% data variables.product.prodname_ghe_managed %}](/admin/configuration/initializing-github-ae)". - -{% note %} - -**Note:** Software updates for your {% data variables.product.prodname_ghe_managed %} deployment are performed by {% data variables.product.prodname_dotcom %}. For more information, see "[About upgrades to new releases](/admin/overview/about-upgrades-to-new-releases)." - -{% endnote %} - -## Navigating to your enterprise - -You can use the {% data variables.actions.azure_portal %} to navigate to your {% data variables.product.prodname_ghe_managed %} deployment. The resulting list includes all the {% data variables.product.prodname_ghe_managed %} deployments in your Azure region. - -1. On the {% data variables.actions.azure_portal %}, in the left panel, click **All resources**. -1. From the available filters, click **All types**, then deselect **Select all** and select **GitHub AE**: ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-type-filter.png) - -## Pasos siguientes - -Once your deployment has been provisioned, the next step is to initialize {% data variables.product.prodname_ghe_managed %}. Para obtener más información, consulta la sección "[Inicializar {% data variables.product.prodname_ghe_managed %}](/github-ae@latest/admin/configuration/configuring-your-enterprise/initializing-github-ae)". - -## Finalizar tu prueba - -You can upgrade to a full license at any time during the trial period by contacting contact {% data variables.contact.contact_enterprise_sales %}. If you haven't upgraded by the last day of your trial, then the deployment is automatically deleted. - -Si necesitas más tiempo para evaluar {% data variables.product.prodname_ghe_managed %}, contacta a {% data variables.contact.contact_enterprise_sales %} para solicitar una extensión. - -## Leer más - -- "[Habilita las características de la {% data variables.product.prodname_advanced_security %} en {% data variables.product.prodname_ghe_managed %}](/github/getting-started-with-github/about-github-advanced-security#enabling-advanced-security-features-on-github-ae)" -- "[{% data variables.product.prodname_ghe_managed %} release notes](/github-ae@latest/admin/overview/github-ae-release-notes)" diff --git a/translations/es-ES/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md b/translations/es-ES/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md index 1328f54580..7e14e81eae 100644 --- a/translations/es-ES/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md +++ b/translations/es-ES/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md @@ -18,7 +18,7 @@ shortTitle: Enterprise Server trial You can request a 45-day trial to evaluate {% data variables.product.prodname_ghe_server %}. Your trial will be installed as a virtual appliance, with options for on-premises or cloud deployment. For a list of supported visualization platforms, see "[Setting up a GitHub Enterprise Server instance](/enterprise-server@latest/admin/installation/setting-up-a-github-enterprise-server-instance)." -{% ifversion ghes %}{% data variables.product.prodname_dependabot %}{% else %}Security{% endif %} alerts and {% data variables.product.prodname_github_connect %} are not currently available in trials of {% data variables.product.prodname_ghe_server %}. For a demonstration of these features, contact {% data variables.contact.contact_enterprise_sales %}. For more information about these features, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" and "[Connecting your enterprise account to {% data variables.product.prodname_ghe_cloud %}](/enterprise-server@latest/admin/configuration/managing-connections-between-your-enterprise-accounts/connecting-your-enterprise-account-to-github-enterprise-cloud)." +{% ifversion ghes %}{% data variables.product.prodname_dependabot %}{% else %}Security{% endif %} alerts and {% data variables.product.prodname_github_connect %} are not currently available in trials of {% data variables.product.prodname_ghe_server %}. For a demonstration of these features, contact {% data variables.contact.contact_enterprise_sales %}. For more information about these features, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" and "[Connecting your enterprise account to {% data variables.product.prodname_ghe_cloud %}](/enterprise-server@latest/admin/configuration/managing-connections-between-your-enterprise-accounts/connecting-your-enterprise-account-to-github-enterprise-cloud)." Trials are also available for {% data variables.product.prodname_ghe_cloud %}. For more information, see "[Setting up a trial of {% data variables.product.prodname_ghe_cloud %}](/articles/setting-up-a-trial-of-github-enterprise-cloud)." diff --git a/translations/es-ES/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md b/translations/es-ES/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md index 70a8e87988..86c868920b 100644 --- a/translations/es-ES/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md +++ b/translations/es-ES/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md @@ -70,10 +70,9 @@ Usamos [Lingüista](https://github.com/github/linguist) para realizar la detecci {% if mermaid %} ## Crear diagramas -You can use Mermaid syntax to add diagrams. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams)." +You can also use code blocks to create diagrams in Markdown. GitHub supports Mermaid, geoJSON, topoJSON, and ASCII STL syntax. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams)." {% endif %} - ## Leer más - [{% data variables.product.prodname_dotcom %} Especificaciones del formato Markdown](https://github.github.com/gfm/) diff --git a/translations/es-ES/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md b/translations/es-ES/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md index 4f4f1a2e26..15392c84d0 100644 --- a/translations/es-ES/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md +++ b/translations/es-ES/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md @@ -1,12 +1,18 @@ --- -title: Creating diagrams +title: Crear diagramas intro: Create diagrams to convey information through charts and graphs versions: feature: mermaid shortTitle: Create diagrams --- -You can use Mermaid syntax to create diagrams. Mermaid is a Markdown-inspired tool that renders text into diagrams. For example, Mermaid can render flow charts, sequence diagrams, pie charts and more. For more information, see the [Mermaid documentation](https://mermaid-js.github.io/mermaid/#/). +## About creating diagrams + +You can create diagrams in Markdown using three different syntaxes: mermaid, geoJSON and topoJSON, and ASCII STL. + +## Creating Mermaid diagrams + +Mermaid is a Markdown-inspired tool that renders text into diagrams. For example, Mermaid can render flow charts, sequence diagrams, pie charts and more. For more information, see the [Mermaid documentation](https://mermaid-js.github.io/mermaid/#/). To create a Mermaid diagram, add Mermaid syntax inside a fenced code block with the `mermaid` language identifier. For more information about creating code blocks, see "[Creating and highlighting code blocks](/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks)." @@ -31,3 +37,122 @@ graph TD; **Note:** You may observe errors if you run a third-party Mermaid plugin when using Mermaid syntax on {% data variables.product.company_short %}. {% endnote %} + +## Creating geoJSON and topoJSON maps + +You can use geo/topoJSON syntax to create interactive maps. To create a map, add geoJSON or topoJSON inside a fenced code block with the `geojson` or `topojson` syntax identifier. Para obtener más información, consulta "[Crear y resaltar bloques de código](/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks)". + +### Using geoJSON + +For example, you can create a simple map: + +
+```geojson
+{
+  "type": "Polygon",
+  "coordinates": [
+      [
+          [-90,30],
+          [-90,35],
+          [-90,35],
+          [-85,35],
+          [-85,30]
+      ]
+  ]
+}
+```
+
+ +![Rendered map](/assets/images/help/writing/fenced-geojson-rendered-map.png) + +### Using topoJSON + +For example, you can create a simple topoJSON map: + +
+```topojson
+{
+  "type": "Topology",
+  "transform": {
+    "scale": [0.0005000500050005, 0.00010001000100010001],
+    "translate": [100, 0]
+  },
+  "objects": {
+    "example": {
+      "type": "GeometryCollection",
+      "geometries": [
+        {
+          "type": "Point",
+          "properties": {"prop0": "value0"},
+          "coordinates": [4000, 5000]
+        },
+        {
+          "type": "LineString",
+          "properties": {"prop0": "value0", "prop1": 0},
+          "arcs": [0]
+        },
+        {
+          "type": "Polygon",
+          "properties": {"prop0": "value0",
+            "prop1": {"this": "that"}
+          },
+          "arcs": [[1]]
+        }
+      ]
+    }
+  },
+  "arcs": [[[4000, 0], [1999, 9999], [2000, -9999], [2000, 9999]],[[0, 0], [0, 9999], [2000, 0], [0, -9999], [-2000, 0]]]
+}
+```
+
+ +![Rendered topojson map](/assets/images/help/writing/fenced-topojson-rendered-map.png) + +For more information on working with `.geojson` and `.topojson` files, see "[Working with non-code files](/repositories/working-with-files/using-files/working-with-non-code-files#mapping-geojson-files-on-github)." + + +## Creating STL 3D models + +You can use ASCII STL syntax directly in markdown to create interactive 3D models. To display a model, add ASCII STL syntax inside a fenced code block with the `stl` syntax identifier. Para obtener más información, consulta "[Crear y resaltar bloques de código](/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks)". + +For example, you can create a simple 3D model: + +
+```stl
+solid cube_corner
+  facet normal 0.0 -1.0 0.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 1.0 0.0 0.0
+      vertex 0.0 0.0 1.0
+    endloop
+  endfacet
+  facet normal 0.0 0.0 -1.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 0.0 1.0 0.0
+      vertex 1.0 0.0 0.0
+    endloop
+  endfacet
+  facet normal -1.0 0.0 0.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 0.0 0.0 1.0
+      vertex 0.0 1.0 0.0
+    endloop
+  endfacet
+  facet normal 0.577 0.577 0.577
+    outer loop
+      vertex 1.0 0.0 0.0
+      vertex 0.0 1.0 0.0
+      vertex 0.0 0.0 1.0
+    endloop
+  endfacet
+endsolid
+```
+
+ +![Rendered 3D model](/assets/images/help/writing/fenced-stl-rendered-object.png) + +For more information on working with `.stl` files, see "[Working with non-code files](/repositories/working-with-files/using-files/working-with-non-code-files#3d-file-viewer)." + diff --git a/translations/es-ES/content/github/index.md b/translations/es-ES/content/github/index.md index 4451d46f00..3f90906c79 100644 --- a/translations/es-ES/content/github/index.md +++ b/translations/es-ES/content/github/index.md @@ -12,7 +12,6 @@ versions: ghae: '*' children: - /copilot - - /site-policy - /site-policy-deprecated --- diff --git a/translations/es-ES/content/github/site-policy/coordinated-disclosure-of-security-vulnerabilities.md b/translations/es-ES/content/github/site-policy/coordinated-disclosure-of-security-vulnerabilities.md deleted file mode 100644 index 3bfef628dd..0000000000 --- a/translations/es-ES/content/github/site-policy/coordinated-disclosure-of-security-vulnerabilities.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -title: Coordinated Disclosure of Security Vulnerabilities -redirect_from: - - /responsible-disclosure - - /coordinated-disclosure - - /articles/responsible-disclosure-of-security-vulnerabilities - - /site-policy/responsible-disclosure-of-security-vulnerabilities -versions: - fpt: '*' -topics: - - Policy - - Legal ---- -We want to keep GitHub safe for everyone. If you've discovered a security vulnerability in GitHub, we appreciate your help in disclosing it to us in a coordinated manner. - -## Bounty Program - -Like several other large software companies, GitHub provides a bug bounty to better engage with security researchers. The idea is simple: hackers and security researchers (like you) find and report vulnerabilities through our coordinated disclosure process. Then, to recognize the significant effort that these researchers often put forth when hunting down bugs, we reward them with some cold hard cash. - -Check out the [GitHub Bug Bounty](https://bounty.github.com) site for bounty details, review our comprehensive [Legal Safe Harbor Policy](/articles/github-bug-bounty-program-legal-safe-harbor) terms as well, and happy hunting! diff --git a/translations/es-ES/content/github/site-policy/github-bug-bounty-program-legal-safe-harbor.md b/translations/es-ES/content/github/site-policy/github-bug-bounty-program-legal-safe-harbor.md deleted file mode 100644 index 687fba4885..0000000000 --- a/translations/es-ES/content/github/site-policy/github-bug-bounty-program-legal-safe-harbor.md +++ /dev/null @@ -1,37 +0,0 @@ ---- -title: GitHub Bug Bounty Program Legal Safe Harbor -redirect_from: - - /articles/github-bug-bounty-program-legal-safe-harbor -versions: - fpt: '*' -topics: - - Policy - - Legal ---- - -## Summary -1. We want you to coordinate disclosure through our bug bounty program, and don't want researchers put in fear of legal consequences because of their good faith attempts to comply with our bug bounty policy. We cannot bind any third party, so do not assume this protection extends to any third party. If in doubt, ask us before engaging in any specific action you think _might_ go outside the bounds of our policy. -2. Because both identifying and non-identifying information can put a researcher at risk, we limit what we share with third parties. We may provide non-identifying substantive information from your report to an affected third party, but only after notifying you and receiving a commitment that the third party will not pursue legal action against you. We will only share identifying information (name, email address, phone number, etc.) with a third party if you give your written permission. -3. If your security research as part of the bug bounty program violates certain restrictions in our site policies, the safe harbor terms permit a limited exemption. - -## 1. Safe Harbor Terms - -To encourage research and coordinated disclosure of security vulnerabilities, we will not pursue civil or criminal action, or send notice to law enforcement for accidental or good faith violations of this policy. We consider security research and vulnerability disclosure activities conducted consistent with this policy to be “authorized” conduct under the Computer Fraud and Abuse Act, the DMCA, and other applicable computer use laws such as Cal. Penal Code 502(c). We waive any potential DMCA claim against you for circumventing the technological measures we have used to protect the applications in this bug bounty program's scope. - -Please understand that if your security research involves the networks, systems, information, applications, products, or services of a third party (which is not us), we cannot bind that third party, and they may pursue legal action or law enforcement notice. We cannot and do not authorize security research in the name of other entities, and cannot in any way offer to defend, indemnify, or otherwise protect you from any third party action based on your actions. - -You are expected, as always, to comply with all laws applicable to you, and not to disrupt or compromise any data beyond what this bug bounty program permits. - -Please contact us before engaging in conduct that may be inconsistent with or unaddressed by this policy. We reserve the sole right to make the determination of whether a violation of this policy is accidental or in good faith, and proactive contact to us before engaging in any action is a significant factor in that decision. If in doubt, ask us first! - -## 2. Third Party Safe Harbor - -If you submit a report through our bug bounty program which affects a third party service, we will limit what we share with any affected third party. We may share non-identifying content from your report with an affected third party, but only after notifying you that we intend to do so and getting the third party's written commitment that they will not pursue legal action against you or initiate contact with law enforcement based on your report. We will not share your identifying information with any affected third party without first getting your written permission to do so. - -Please note that we cannot authorize out-of-scope testing in the name of third parties, and such testing is beyond the scope of our policy. Refer to that third party's bug bounty policy, if they have one, or contact the third party either directly or through a legal representative before initiating any testing on that third party or their services. This is not, and should not be understood as, any agreement on our part to defend, indemnify, or otherwise protect you from any third party action based on your actions. - -That said, if legal action is initiated by a third party, including law enforcement, against you because of your participation in this bug bounty program, and you have sufficiently complied with our bug bounty policy (i.e. have not made intentional or bad faith violations), we will take steps to make it known that your actions were conducted in compliance with this policy. While we consider submitted reports both confidential and potentially privileged documents, and protected from compelled disclosure in most circumstances, please be aware that a court could, despite our objections, order us to share information with a third party. - -## 3. Limited Waiver of Other Site Polices - -To the extent that your security research activities are inconsistent with certain restrictions in our [relevant site policies](/categories/site-policy/) but consistent with the terms of our bug bounty program, we waive those restrictions for the sole and limited purpose of permitting your security research under this bug bounty program. Just like above, if in doubt, ask us first! diff --git a/translations/es-ES/content/github/site-policy/github-community-guidelines.md b/translations/es-ES/content/github/site-policy/github-community-guidelines.md deleted file mode 100644 index 5362358508..0000000000 --- a/translations/es-ES/content/github/site-policy/github-community-guidelines.md +++ /dev/null @@ -1,108 +0,0 @@ ---- -title: Pautas de la comunidad GitHub -redirect_from: - - /community-guidelines - - /articles/github-community-guidelines -versions: - fpt: '*' -topics: - - Policy - - Legal ---- - -Millones de desarrolladores albergan millones de proyectos en GitHub — tanto de código abierto como de código cerrado — y tenemos el honor de participar en la colaboración de toda la comunidad todos los días. Juntos tenemos una emocionante oportunidad y responsabilidad de hacer de esta una comunidad de la que podemos estar orgullosos. - -Los usuarios de GitHub en todo el mundo ofrecen perspectivas, ideas y experiencias diferentes y van desde personas que crearon su primer proyecto "Hola Mundo" la semana pasada hasta los desarrolladores de software más conocidos del mundo. Estamos comprometidos a hacer de GitHub un ambiente acogedor para todas las diferentes voces y perspectivas de nuestra comunidad, manteniendo un espacio donde la gente sea libre de expresarse. - -Dependemos de nuestros miembros de la comunidad para que comuniquen las expectativas, [moderen](#what-if-something-or-someone-offends-you) sus proyectos, y {% data variables.contact.report_abuse %} o {% data variables.contact.report_content %}. Al esbozar lo que esperamos ver dentro de nuestra comunidad, esperamos ayudarte a entender cómo colaborar de mejor forma en GitHub y qué tipo de acciones o contenido pueden violar nuestros [Términos de servicio](#legal-notices), que incluyen nuestras [Políticas de uso aceptables](/github/site-policy/github-acceptable-use-policies). Investigaremos cualquier reporte de abuso y podremos moderar el contenido público en nuestro sitio que determinemos que infringe nuestros Términos de Servicio. - -## Construir una comunidad sólida - -El propósito principal de la comunidad de GitHub es colaborar en proyectos de software. Deseamos que la gente trabaje mejor juntos. Aunque mantenemos el sitio, esta es una comunidad que construimos *juntos* y necesitamos tu ayuda para que sea lo mejor. - -* **Se cordial y de mentalidad abierta** - Otros colaboradores pueden no tener el mismo nivel de experiencia o antecedentes que tú, pero eso no significa que no tengan buenas ideas para aportar. Te invitamos a dar la bienvenida a los nuevos miembros y a los que están empezando a trabajar. - -* **Respeto mutuo** - Lo que más sabotea a una conversación sana, es la descortesía. Se cortés y profesional y no publiques nada que una persona razonable consideraría ofensivo, abusivo o un discurso de odio. No acoses ni molestes a nadie. Trato mutuo con dignidad y consideración en todas las interacciones. - - Es probable que desees responder a algo discrepándolo. Está bien. Pero recuerda criticar las ideas, no a las personas. Evita ataques usando el nombre, ad hominem, respondiendo al tono de un post en lugar de su contenido real y contradicción reactiva. En lugar de ello, proporciona contra-argumentos razonados que mejoran la conversación. - -* **Comunícate con empatía.** Los desacuerdos o diferencias de opinión son un hecho de la vida. Formar parte de una comunidad significa interactuar con personas de diferentes orígenes y perspectivas, muchas de las cuales pueden no ser propias. Si no estás de acuerdo con alguien, trata de entender y compartir sus sentimientos antes de abordarlos. Esto promoverá un ambiente respetuoso y amistoso donde la gente se sienta cómoda haciendo preguntas, participando en discusiones y haciendo contribuciones. - -* **Se claro y permanece en el tema** -Las personas usan GitHub para hacer el trabajo y ser más productivos. Los comentarios fuera del tema son una distracción (en ocasiones bien recibido, pero generalmente no) sobre realizar el trabajo y ser productivo. Mantener el tema ayuda a producir discusiones positivas y productivas. - - Además, comunicarse con extraños en Internet puede ser incómodo. Es difícil transmitir o leer el tono y el sarcasmo es frecuentemente mal entendido. Intenta usar un lenguaje claro y piensa cómo será recibido por la otra persona. - -## ¿Qué pasa si algo o alguien te ofende? - -Confiamos en que la comunidad nos comunique cuándo sea necesario abordar una cuestión. No monitoreamos activamente el sitio por contenido ofensivo. Si encuentras algo o alguien en el sitio que sea censurable, aquí hay algunas herramientas que proporciona GitHub para ayudarte a tomar acción inmediatamente: - -* **Comunica las expectativas** - Si participas en una comunidad que no haya establecido sus propias pautas específicas de la comunidad, invítalos a realizarlo en el archivo README o [CONTRIBUTING](/articles/setting-guidelines-for-repository-contributors/), o en [un código de conducta dedicado](/articles/adding-a-code-of-conduct-to-your-project/), enviando una solicitud de extracción. - -* **Modera comentarios** - Si tienes [privilegios de acceso de escritura](/articles/repository-permission-levels-for-an-organization/) para un repositorio, puedes editar, eliminar u ocultar los comentarios de cualquier persona sobre confirmaciones, solicitudes de extracción y propuestas. Cualquier persona con acceso de lectura a un repositorio puede ver el historial de edición del comentario. Los autores del comentario y las personas con acceso de escritura a un repositorio pueden eliminar información confidencial del historial de edición de un comentario. Para obtener más información, consulta "[Seguimiento de cambios en un comentario](/articles/tracking-changes-in-a-comment)" y "[Gestión de comentarios perturbadores](/articles/managing-disruptive-comments)." - -* **Bloquea Conversaciones**- Si una discusión en una propuesta o solicitud de extracción sale de control, puedes [bloquear la conversación](/articles/locking-conversations/). - -* **Bloquea usuarios** - Si encuentras a un usuario que continúa presentando un mal comportamiento, puedes [bloquear al usuario desde su cuenta personal](/articles/blocking-a-user-from-your-personal-account/) o [bloquear al usuario desde su organización](/articles/blocking-a-user-from-your-organization/). - -Claro que siempre podrás contactarnos en {% data variables.contact.report_abuse %} si necesitas más ayuda con alguna situación. - -## ¿Qué no está permitido? - -Estamos comprometidos a mantener una comunidad donde los usuarios sean libres de expresarse y desafiar las ideas de los demás, tanto técnicas como de otro tipo. Sin embargo, es poco probable que dichos debates fomenten un diálogo fructífero cuando se silencian las ideas porque los miembros de la comunidad están siendo bloqueados o tienen miedo de hablar. Esto significa que deberías ser respetuoso y civil en todo momento y que deberías esforzarse por no atacar a los demás considerando quiénes son. No toleramos un comportamiento que cruce la línea de lo siguiente: - -- #### Amenaza de violencia - No puedes amenazar con violencia a otros ni usar el sitio para organizar, promover o incitar a actos de violencia o terrorismo en el mundo real. Piensa detenidamente en las palabras que usas, las imágenes que publicas e incluso el software que escribas y cómo lo pueden interpretar otros. Incluso si dices algo como una broma, es posible que no se reciba de esa forma. Si crees que alguien más *podría* interpretar el contenido que publicas como una amenaza o como una promoción de la violencia o el terrorismo, detente. No lo publiques en GitHub. En casos extraordinarios podemos denunciar amenazas de violencia a la aplicación de la ley si creemos que puede haber un verdadero riesgo de daños físicos o una amenaza para la seguridad pública. - -- #### Discurso de odio y discriminación - Aunque no está prohibido abordar temas como edad, complexión corporal, discapacidad, etnia, identidad de género y expresión, nivel de experiencia, nacionalidad, apariencia personal, raza, religión e identidad y orientación sexual, no toleramos el discurso que ataque a una persona o grupo de personas en función de quiénes son. Sólo date cuenta de que cuando se trata de una forma agresiva o insultante, estos (y otros) temas delicados pueden hacer que otros se sientan no deseados o incluso inseguros. Aunque siempre existe la posibilidad de malentendidos, esperamos que los miembros de nuestra comunidad continúen siendo respetuosos y corteses cuando discutan temas delicados. - -- #### Acosamiento y acoso No toleramos la intimidación o acoso. Esto significa cualquier acoso o intimidación habitual dirigida a una persona o grupo específico de personas. En general, si tus acciones son indeseables y continúas participando en ellas, hay una buena posibilidad de que te dirijas a territorio de intimidación o acoso. - -- #### Interrumpir la experiencia de otros usuarios Ser parte de una comunidad incluye reconocer cómo afecta tu comportamiento a los demás y tu participación en interacciones significativas y productivas con las personas y la plataforma en la que confían. No están permitidos los comportamientos tales como publicar repetidamente comentarios fuera del tema, abrir asuntos sin contenido o sin sentido o solicitudes de extracción o usar cualquier otra característica de la plataforma de una manera que interrumpa continuamente la experiencia de otros usuarios. Mientras animamos a los mantenedores a moderar sus propios proyectos de forma individual. El personal de GitHub puede tomar medidas más restrictivas contra las cuentas que están participando en este tipo de comportamientos. - -- #### Personificación No puedes personificar a alguien más copiando su avatar, publicando contenido bajo su dirección de correo electrónico, utilizando un nombre de usuario similar ni haciéndote pasar por alguien más de cualquier otra forma. La suplantación es una forma de acoso. - -- #### Doxing e invasión de privacidad - No publiques información personal de otras personas, como números de teléfono, direcciones de correo electrónico privadas, direcciones físicas, números de tarjetas de crédito, números de seguridad social o de identificación nacional o contraseñas. Dependiendo del contexto, como en el caso de intimidación o acoso, podemos considerar otra información, tales como fotos o vídeos que fueron tomados o distribuidos sin el consentimiento de la persona, una invasión de la privacidad, especialmente cuando dicho material representa un riesgo para la seguridad del sujeto. - -- #### Contenido sexualmente obsceno - No publiques contenido pornográfico. Esto no significa que toda la desnudez o todo el código y contenido relacionados con la sexualidad, esté prohibido. Reconocemos que la sexualidad es parte de la vida y que el contenido sexual no pornográfico puede ser parte de su proyecto o puede presentarse con fines educativos o artísticos. No permitimos contenidos sexuales obscenos que puedan implicar la explotación o la sexualización de menores. - -- #### Contenido violento injustificadamente - No publiques imágenes, texto u otro contenido sin un contexto o advertencias razonables. Aunque a menudo es correcto incluir contenido violento en videojuegos, reportes de noticias y descripciones de acontecimientos históricos, no permitimos contenido violento que se publique de forma indiscriminada o que se publique de una manera que dificulte a otros usuarios evitarlo (por ejemplo, un avatar de perfil o un comentario sobre una propuesta). Una clara advertencia o renuncia de responsabilidad en otros contextos ayuda a los usuarios a tomar una decisión educada sobre si quieren participar en dichos contenidos o no. - -- #### Información errónea y desinformación - No puedes publicar contenido que presente una visión distorsionada de la realidad, ya sea inexacta o falsa (información errónea) o que sea intencionalmente engañosa (desinformación) donde dicho contenido probablemente resulte en daño al público o que interfiera con oportunidades justas y equitativas para que todos participen en la vida pública. Por ejemplo, no permitimos contenido que pueda poner el bienestar de grupos de personas en riesgo o limitar su capacidad de participar en una sociedad libre y abierta. Fomentamos la participación activa en la expresión de ideas, perspectivas y experiencias y podríamos no estar en posición de disputar cuentas personales u observaciones. Por lo general, permitimos la parodia y la sátira que está en línea con nuestras políticas de uso aceptable y consideramos que el contexto es importante en la manera en que se recibe y se entiende la información; por lo tanto, puede ser adecuado aclarar tus intenciones mediante renuncias u otros medios, así como la fuente(s) de tu información. - -- #### Exploits de malware activos El ser parte de una comunidad incluye el no abusar del resto de sus miembros. No permitimos que nadie utilice nuestra plataforma para apoyar directamente los ataques ilícitos que causan daño técnico, tales como utilizar GitHub como medio para entregar ejecutables malintencionados o como infraestructura de ataque, por ejemplo, para organizar ataques de negación del servicio o administrar servidores de control y comando. Los daños técnicos significan el sobreconsumo de recursos, daño físico, tiempo de inactividad, negación del servicio o pérdidad de datos, sin propósito implícito o explícito para uso dual antes de que ocurra el abuso. - - Toma en cuenta que GitHub permite el contenido de uso dual y apoya la publicación de contenido que se utilice para la investigación de vulnerabilidades, malware o exploits, ya que el publicar o distribuir este tipo de contenido tiene un valor educativo y pñroporciona un beneficio real a la comunidad de seguridad. Asumimos un uso de estos proyectos e intención positivos para promover e impulsar mejoras a lo largo del ecosistema. - - En casos extraordinarios de abuso amplio del contenido de uso dual, podríamos restringir el acceso a esta instancia específica de contenido para parar un ataque ilícito o campaña de malware en curso que esté tomando provecho de la plataforma de GitHub como un exploit o CDN de malware. En la mayoría de estos casos, la restricción toma la forma de poner el contenido bajo autenticación, pero podría, como último recurso, invlucrar la inhabilitación de accesos o la eliminación por completo en donde esto no fuese posible (por ejemplo, cuando se publica como un gist). También contactaremos a los propietarios del proyecto para conocer las restricciones que se pusieron en marcha, cuando sea posible. - - Las restricciones son temporales cuando sea posible y no tienen el propósito de purgar o restringir ningun contenido de uso dual específico ni copias de dicho contenido desde la plataforma perpetuamente. Si bien nos enfocamos en que estos casos extraordinarios de restricción sean un proceso colaborativo con los propietarios de los proyectos, en caso de que sientas que tu contenido se restringió sin razón alguna, tenemos un [proceso de apelación](#appeal-and-reinstatement) instaurado. - - Para facilitar una ruta de resolución de abuso con los mismos mantenedores de proyecto, antes de escalar a un reporte de abuso de GitHub, te recomendamos, mas no requerimos, que los propietarios de los repositorios lleven a cabo los siguientes pasos al publicar contenido de investigación de seguridad potencialmente dañino: - - * Identifica y describe claramente cualquier contenido dañino en un aviso legal en el archivo README.md del proyecto o en los comentarios del código fuente. - * Proporciona un método de contacto preferido para cualquier consultas de abuso de terceros a través de un archivo de SECURITY.md en el repositorio (por ejemplo, "Por favor, crea una propuesta en este repositorio para dirigir cualquier pregunta o preocupación"). Dicho método de contacto permite que los terceros contacten a los mantenedores de proyecto directamente y que así resuelvan las preocupaciones potencialmente sin necesidad de emitir reportes de abuso. - - *GitHub considera que el registro de npm es una plataforma que se utiliza principalmente para la instalación y uso de tiempo de ejecución del código y no para investigación.* - - -## ¿Qué sucede si alguien no comple con las reglas? - -Hay una serie de acciones que podemos tomar cuando un usuario reporta un comportamiento o contenido inadecuado. Por lo general, depende de las circunstancias exactas de un caso en particular. Reconocemos que en ocasiones la gente puede decir o hacer cosas inadecuadas por diversas razones. Tal vez no se dieron cuenta de cómo se percibirían sus palabras. O tal vez sólo dejan que sus emociones saquen lo mejor de ellos. Por supuesto, en ocasiones, hay gente que sólo quiere hacer spam o causar problemas. - -Cada caso requiere un enfoque diferente e intentamos adaptar nuestra respuesta para satisfacer las necesidades de la situación que se ha informado. Revisaremos cada informe de abuso caso por caso. En cada caso, tendremos un equipo diverso que investigue el contenido y los hechos relacionados y responda según corresponda, utilizando estas directrices para guiar nuestra decisión. - -Las acciones que podemos emprender en respuesta a un informe de abuso incluyen, pero no se limitan a: - -* Eliminación de contenido -* Bloqueo de contenido -* Suspensión de la cuenta -* Terminación de la cuenta - -## Apelación y reinstauración - -En algunos casos, podría haber una razón para revertir una acción, por ejempl, con base en la información adicional que proporcionó el usuario o cuando un usuario aborda la violación y acuerda regisrse por nuestras Políticas de Uso Aceptable en lo subsecuente. Si quieres apelar una acción de cumplimiento, por favor, contacta a [soporte](https://support.github.com/contact?tags=docs-policy). - -## Avisos legales - -Dedicamos estas Pautas de la Comunidad al dominio público para que cualquiera pueda usar, reutilizar, adaptar o lo que sea, bajo los términos de [CC0-1.0](https://creativecommons.org/publicdomain/zero/1.0/). - -Estas son solo directrices; no modifican nuestros [Términos de Servicio](/articles/github-terms-of-service/) y no pretenden ser una lista completa. GitHub mantiene total discreción bajo los [Términos de Servicio](/articles/github-terms-of-service/#c-acceptable-use) para eliminar cualquier contenido o cancelar cualquier cuenta por actividad que infrinja nuestros Términos del Uso Aceptable. Estas directrices describen en qué situaciones ejerceremos dicha discreción. diff --git a/translations/es-ES/content/github/site-policy/github-terms-for-additional-products-and-features.md b/translations/es-ES/content/github/site-policy/github-terms-for-additional-products-and-features.md deleted file mode 100644 index 609d46e161..0000000000 --- a/translations/es-ES/content/github/site-policy/github-terms-for-additional-products-and-features.md +++ /dev/null @@ -1,117 +0,0 @@ ---- -title: GitHub Terms for Additional Products and Features -redirect_from: - - /github/site-policy/github-additional-product-terms -versions: - fpt: '*' -topics: - - Policy - - Legal ---- - -Version Effective Date: August 10, 2021 - -When you use GitHub, you may be given access to lots of additional products and features ("Additional Products and Features"). Because many of the Additional Products and Features offer different functionality, specific terms for that product or feature may apply in addition to your main agreement with us—the GitHub Terms of Service, GitHub Corporate Terms of Service, GitHub General Terms, or Microsoft volume licensing agreement (each, the "Agreement"). Below, we've listed those products and features, along with the corresponding additional terms that apply to your use of them. - -By using the Additional Products and Features, you also agree to the applicable GitHub Terms for Additional Products and Features listed below. A violation of these GitHub terms for Additional Product and Features is a violation of the Agreement. Capitalized terms not defined here have the meaning given in the Agreement. - -**For Enterprise users** -- **GitHub Enterprise Cloud** users may have access to the following Additional Products and Features: Actions, Advanced Security, Advisory Database, Codespaces, Dependabot Preview, GitHub Enterprise Importer, Learning Lab, Packages, and Pages. - -- **GitHub Enterprise Server** users may have access to the following Additional Products and Features: Actions, Advanced Security, Advisory Database, Connect, Dependabot Preview, GitHub Enterprise Importer, Learning Lab, Packages, Pages, and SQL Server Images. - -- **GitHub AE** users may have access to the following Additional Products and Features: Actions, Advanced Security, Advisory Database, Connect, Dependabot Preview, GitHub Enterprise Importer, Packages and Pages. - -## Actions -GitHub Actions enables you to create custom software development lifecycle workflows directly in your GitHub repository. Actions is billed on a usage basis. The [Actions documentation](/actions) includes details, including compute and storage quantities (depending on your Account plan), and how to monitor your Actions minutes usage and set usage limits. - -Actions and any elements of the Actions product or service may not be used in violation of the Agreement, the [GitHub Acceptable Use Polices](/github/site-policy/github-acceptable-use-policies), or the GitHub Actions service limitations set forth in the [Actions documentation](/actions/reference/usage-limits-billing-and-administration). Additionally, regardless of whether an Action is using self-hosted runners, Actions should not be used for: -- cryptomining; -- disrupting, gaining, or attempting to gain unauthorized access to, any service, device, data, account, or network (other than those authorized by the [GitHub Bug Bounty program](https://bounty.github.com)); -- the provision of a stand-alone or integrated application or service offering the Actions product or service, or any elements of the Actions product or service, for commercial purposes; -- any activity that places a burden on our servers, where that burden is disproportionate to the benefits provided to users (for example, don't use Actions as a content delivery network or as part of a serverless application, but a low benefit Action could be ok if it’s also low burden); or -- if using GitHub-hosted runners, any other activity unrelated to the production, testing, deployment, or publication of the software project associated with the repository where GitHub Actions are used. - -In order to prevent violations of these limitations and abuse of GitHub Actions, GitHub may monitor your use of GitHub Actions. Misuse of GitHub Actions may result in termination of jobs, restrictions in your ability to use GitHub Actions, or the disabling of repositories created to run Actions in a way that violates these Terms. - - -## Advanced Security -GitHub makes extra security features available to customers under an Advanced Security license. These features include code scanning, secret scanning, and dependency review. The [Advanced Security documentation](/github/getting-started-with-github/about-github-advanced-security) provides more details. - -Advanced Security is licensed on a "Unique Committer" basis. A "Unique Committer" is a licensed user of GitHub Enterprise, GitHub Enterprise Cloud, GitHub Enterprise Server, or GitHub AE, who has made a commit in the last 90 days to any repository with any GitHub Advanced Security functionality activated. You must acquire a GitHub Advanced Security User license for each of your Unique Committers. You may only use GitHub Advanced Security on codebases that are developed by or for you. For GitHub Enterprise Cloud users, some Advanced Security features also require the use of GitHub Actions. - -## Advisory Database -The GitHub Advisory Database allows you to browse or search for vulnerabilities that affect open source projects on GitHub. - -_License Grant to Us_ - -We need the legal right to submit your contributions to the GitHub Advisory Database into public domain datasets such as the [National Vulnerability Database](https://nvd.nist.gov/) and to license the GitHub Advisory Database under open terms for use by security researchers, the open source community, industry, and the public. You agree to release your contributions to the GitHub Advisory Database under the [Creative Commons Zero license](https://creativecommons.org/publicdomain/zero/1.0/). - -_License to the GitHub Advisory Database_ - -The GitHub Advisory Database is licensed under the [Creative Commons Attribution 4.0 license](https://creativecommons.org/licenses/by/4.0/). The attribution term may be fulfilled by linking to the GitHub Advisory Database at or to individual GitHub Advisory Database records used, prefixed by . - -## Codespaces -_Note: The github.dev service, available by pressing `.` on a repo or navigating directly to github.dev, is governed by [GitHub's Beta Terms of service](/github/site-policy/github-terms-of-service#j-beta-previews)._ - -GitHub Codespaces enables you to develop code directly from your browser using the code within your GitHub repository. Codespaces and any elements of the Codespaces service may not be used in violation of the Agreement or the Acceptable Use Policies. Additionally, Codespaces should not be used for: -- cryptomining; -- using our servers to disrupt, or to gain or to attempt to gain unauthorized access to any service, device, data, account or network (other than those authorized by the GitHub Bug Bounty program); -- the provision of a stand-alone or integrated application or service offering Codespaces or any elements of Codespaces for commercial purposes; -- any activity that places a burden on our servers, where that burden is disproportionate to the benefits provided to users (for example, don't use Codespaces as a content delivery network, as part of a serverless application, or to host any kind of production-facing application); or -- any other activity unrelated to the development or testing of the software project associated with the repository where GitHub Codespaces is initiated. - -In order to prevent violations of these limitations and abuse of GitHub Codespaces, GitHub may monitor your use of GitHub Codespaces. Misuse of GitHub Codespaces may result in termination of your access to Codespaces, restrictions in your ability to use GitHub Codespaces, or the disabling of repositories created to run Codespaces in a way that violates these Terms. - -Codespaces allows you to load extensions from the Microsoft Visual Studio Marketplace (“Marketplace Extensions”) for use in your development environment, for example, to process the programming languages that your code is written in. Marketplace Extensions are licensed under their own separate terms of use as noted in the Visual Studio Marketplace, and the terms of use located at https://aka.ms/vsmarketplace-ToU. GitHub makes no warranties of any kind in relation to Marketplace Extensions and is not liable for actions of third-party authors of Marketplace Extensions that are granted access to Your Content. Codespaces also allows you to load software into your environment through devcontainer features. Such software is provided under the separate terms of use accompanying it. Your use of any third-party applications is at your sole risk. - -The generally available version of Codespaces is not currently available for U.S. government customers. U.S. government customers may continue to use the Codespaces Beta Preview under separate terms. See [Beta Preview terms](/github/site-policy/github-terms-of-service#j-beta-previews). - -## Connect -With GitHub Connect, you can share certain features and data between your GitHub Enterprise Server or GitHub AE instance and your GitHub Enterprise Cloud organization or enterprise account on GitHub.com. In order to enable GitHub Connect, you must have at least one (1) account on GitHub Enterprise Cloud or GitHub.com, and one (1) licensed instance of GitHub Enterprise Server or GitHub AE. Your use of GitHub Enterprise Cloud or GitHub.com through Connect is governed by the terms under which you license GitHub Enterprise Cloud or GitHub.com. Use of Personal Data is governed by the [GitHub Privacy Statement](/github/site-policy/github-privacy-statement). - -## GitHub Enterprise Importer -Importer is a framework for exporting data from other sources to be imported to the GitHub platform. Importer is provided “AS-IS”. - -## Learning Lab -GitHub Learning Lab offers free interactive courses that are built into GitHub with instant automated feedback and help. - -*Course Materials.* GitHub owns course materials that it provides and grants you a worldwide, non-exclusive, limited-term, non-transferable, royalty-free license to copy, maintain, use and run such course materials for your internal business purposes associated with Learning Lab use. - -Open source license terms may apply to portions of source code provided in the course materials. - -You own course materials that you create and grant GitHub a worldwide, non-exclusive, perpetual, non-transferable, royalty-free license to copy, maintain, use, host, and run such course materials. - -The use of GitHub course materials and creation and storage of your own course materials do not constitute joint ownership to either party's respective intellectual property. - -Use of Personal Data is governed by the [GitHub Privacy Statement](/github/site-policy/github-privacy-statement). - -## npm -npm is a software package hosting service that allows you to host your software packages privately or publicly and use packages as dependencies in your projects. npm is the registry of record for the JavaScript ecosystem. The npm public registry is free to use but customers are billed if they want to publish private packages or manage private packages using teams. The [npm documentation](https://docs.npmjs.com/) includes details about the limitation of account types and how to manage [private packages](https://docs.npmjs.com/about-private-packages) and [organizations](https://docs.npmjs.com/organizations). Acceptable use of the npm registry is outlined in the [open-source terms](https://www.npmjs.com/policies/open-source-terms). There are supplementary terms for both the npm [solo](https://www.npmjs.com/policies/solo-plan) and [org](https://www.npmjs.com/policies/orgs-plan) plans. The npm [Terms of Use](https://www.npmjs.com/policies/terms) apply to your use of npm. - -## Packages -GitHub Packages is a software package hosting service that allows you to host your software packages privately or publicly and use packages as dependencies in your projects. GitHub Packages is billed on a usage basis. The [Packages documentation](/packages/learn-github-packages/introduction-to-github-packages) includes details, including bandwidth and storage quantities (depending on your Account plan), and how to monitor your Packages usage and set usage limits. Packages bandwidth usage is limited by the [GitHub Acceptable Use Polices](/github/site-policy/github-acceptable-use-policies). - -## Pages - -Each Account comes with access to the [GitHub Pages static hosting service](/github/working-with-github-pages/about-github-pages). GitHub Pages is intended to host static web pages, but primarily as a showcase for personal and organizational projects. - -GitHub Pages is not intended for or allowed to be used as a free web hosting service to run your online business, e-commerce site, or any other website that is primarily directed at either facilitating commercial transactions or providing commercial software as a service (SaaS). Some monetization efforts are permitted on Pages, such as donation buttons and crowdfunding links. - -_Bandwidth and Usage Limits_ - -GitHub Pages are subject to some specific bandwidth and usage limits, and may not be appropriate for some high-bandwidth uses. Please see our [GitHub Pages limits](/github/working-with-github-pages/about-github-pages) for more information. - -_Prohibited Uses_ - -GitHub Pages may not be used in violation of the Agreement, the GitHub [Acceptable Use Policies](/github/site-policy/github-acceptable-use-policies), or the GitHub Pages service limitations set forth in the [Pages documentation](/pages/getting-started-with-github-pages/about-github-pages#guidelines-for-using-github-pages). - -If you have questions about whether your use or intended use falls into these categories, please contact [GitHub Support](https://support.github.com/contact?tags=docs-policy). GitHub reserves the right at all times to reclaim any GitHub subdomain without liability. - -## Sponsors Program - -GitHub Sponsors allows the developer community to financially support the people and organizations who design, build, and maintain the open source projects they depend on, directly on GitHub. In order to become a Sponsored Developer, you must agree to the [GitHub Sponsors Program Additional Terms](/github/site-policy/github-sponsors-additional-terms). - -## SQL Server Images - -You may download Microsoft SQL Server Standard Edition container image for Linux files ("SQL Server Images"). You must uninstall the SQL Server Images when your right to use the Software ends. Microsoft Corporation may disable SQL Server Images at any time. diff --git a/translations/es-ES/content/github/site-policy/index.md b/translations/es-ES/content/github/site-policy/index.md deleted file mode 100644 index 1496ee8035..0000000000 --- a/translations/es-ES/content/github/site-policy/index.md +++ /dev/null @@ -1,52 +0,0 @@ ---- -title: Site policy -redirect_from: - - /categories/61/articles - - /categories/site-policy -versions: - fpt: '*' -topics: - - Policy - - Legal -children: - - /github-terms-of-service - - /github-corporate-terms-of-service - - /github-privacy-statement - - /github-data-protection-agreement - - /global-privacy-practices - - /github-sponsors-additional-terms - - /github-codespaces-privacy-statement - - /github-terms-for-additional-products-and-features - - /github-logo-policy - - /github-username-policy - - /submitting-content-removal-requests - - /dmca-takedown-policy - - /guide-to-submitting-a-dmca-takedown-notice - - /guide-to-submitting-a-dmca-counter-notice - - /github-trademark-policy - - /github-private-information-removal-policy - - /github-subprocessors-and-cookies - - /github-bug-bounty-program-legal-safe-harbor - - /coordinated-disclosure-of-security-vulnerabilities - - /guidelines-for-legal-requests-of-user-data - - /github-government-takedown-policy - - /github-acceptable-use-policies - - /githubs-notice-about-the-california-consumer-privacy-act - - /github-community-guidelines - - /github-community-forum-code-of-conduct - - /github-registered-developer-agreement - - /github-marketplace-terms-of-service - - /github-marketplace-developer-agreement - - /github-research-program-terms - - /github-open-source-applications-terms-and-conditions - - /github-and-trade-controls - - /github-deceased-user-policy - - /github-statement-against-modern-slavery-and-child-labor - - /github-anti-bribery-statement - - /github-candidate-privacy-policy - - /github-gifts-and-entertainment-policy - - /github-event-terms - - /github-event-code-of-conduct - - /github-gpl-cooperation-commitment ---- - diff --git a/translations/es-ES/content/index.md b/translations/es-ES/content/index.md index 61b7d3ab13..a51076c805 100644 --- a/translations/es-ES/content/index.md +++ b/translations/es-ES/content/index.md @@ -21,6 +21,7 @@ children: - github - admin - billing + - site-policy - organizations - code-security - pull-requests @@ -49,6 +50,7 @@ childGroups: - account-and-profile - authentication - billing + - site-policy - name: Collaborative coding octicon: CommentDiscussionIcon children: diff --git a/translations/es-ES/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md b/translations/es-ES/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md index 8ab97ff1d0..46c89e36fa 100644 --- a/translations/es-ES/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md +++ b/translations/es-ES/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md @@ -18,7 +18,11 @@ shortTitle: Transferir una propuesta Para transferir una propuesta abierta a otro repositorio, debes tener acceso de escritura en el repositorio en el cual se encuentra la propuesta y en el que la recibirá cuando la transfieras. Para obtener más información, consulta la sección "[Roles de repositorio para una organización](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)". -Solo puedes transferir propuestas entre repositorios que son propiedad del mismo usuario o de la misma cuenta de la organización. {% ifversion fpt or ghes or ghec %}No puedes transferir una propuesta desde un repositorio privado hacia un repositorio público.{% endif %} +{% note %} + +**Note**: You can only transfer issues between repositories owned by the same user or organization account. {% ifversion fpt or ghes or ghec %}A private repository issue cannot be transferred to a public repository.{% endif %} + +{% endnote %} Cuando transfieres una propuesta, los comentarios, etiquetas y asignados se retienen. Los hitos de la propuesta no se retienen. Esta propuesta se mantendrá en cualquier tablero de proyecto que pertenezca al usuario o que se encuentre en la organización y se eliminará de cualquier tablero de proyecto de los repositorios. Para obtener más información, consulta "[Acerca de los tableros de proyectos](/articles/about-project-boards)." diff --git a/translations/es-ES/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md b/translations/es-ES/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md index a51f09e2eb..8627e20aec 100644 --- a/translations/es-ES/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md +++ b/translations/es-ES/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md @@ -122,7 +122,7 @@ El {% data variables.product.prodname_dependabot %} puede verificar si hay refer Predeterminadamente, el {% data variables.product.prodname_dependabot %} no puede actualizar las dependencias que se ubican en los repositorios o en los registros de paquetes privados. Sin embargo, si una dependencia se encuentra en un repositorio privado de {% data variables.product.prodname_dotcom %} dentro de la misma organización que el proyecto que la utiliza, puedes permitir al {% data variables.product.prodname_dependabot %} actualizar la versión exitosamente si le otorgas acceso al repositorio en el que se hospeda. -Si tu código depende de paquetes en un registro privado, puedes permitir que el {% data variables.product.prodname_dependabot %} actualice las versiones de estas dependencias si configuras esto a nivel del repositorio. Puedes hacer esto si agregas los detalles de autenticación al archivo _dependabot.yml_ para el repositorio. Para obtener más información, consulta la sección "[Opciones de configuración para las actualizaciones de dependencias](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)". +Si tu código depende de paquetes en un registro privado, puedes permitir que el {% data variables.product.prodname_dependabot %} actualice las versiones de estas dependencias si configuras esto a nivel del repositorio. Puedes hacer esto si agregas los detalles de autenticación al archivo _dependabot.yml_ para el repositorio. For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." Para permitir que el {% data variables.product.prodname_dependabot %} acceda a un repositorio privado de {% data variables.product.prodname_dotcom %}: @@ -157,6 +157,5 @@ Puedes administrar el acceso a las características de la {% data variables.prod - "[Asegurar tu repositorio](/code-security/getting-started/securing-your-repository)"{% ifversion not fpt %} - "[Acerca del escaneo de secretos](/github/administering-a-repository/about-secret-scanning)"{% endif %}{% ifversion not ghae %} -- "[Acerca de la gráfica de dependencias](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" -- "[Administrar las vulnerabilidades en las dependencias de tus proyectos](/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies)"{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %} -- "[Mantener tus dependencias actualizacas automáticamente](/github/administering-a-repository/keeping-your-dependencies-updated-automatically)"{% endif %} +- "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)"{% endif %}{% ifversion fpt or ghec or ghes or ghae-issue-4864 %} +- "[About supply chain security](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)"{% endif %} diff --git a/translations/es-ES/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md b/translations/es-ES/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md index 9f47d8c856..f2d6133d98 100644 --- a/translations/es-ES/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md +++ b/translations/es-ES/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md @@ -42,7 +42,7 @@ Para buscar eventos específicos, utiliza el calificador `action` en tu consulta | [`facturación`](#billing-category-actions) | Contiene todas las actividades relacionadas con la facturación de tu organización. | | [`business`](#business-category-actions) | Contiene actividades relacionadas con los ajustes de negocios para una empresa. | | [`codespaces`](#codespaces-category-actions) | Contiene todas las actividades relacionadas con los codespaces de tu organización. |{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %} -| [`dependabot_alerts`](#dependabot_alerts-category-actions) | Contiene actividades de configuración a nivel organizacional para las {% data variables.product.prodname_dependabot_alerts %} en los repositorios existentes. Para obtener más información, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". | +| [`dependabot_alerts`](#dependabot_alerts-category-actions) | Contiene actividades de configuración a nivel organizacional para las {% data variables.product.prodname_dependabot_alerts %} en los repositorios existentes. Para obtener más información, consulta la sección "[Acerca de{% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". | | [`dependabot_alerts_new_repos`](#dependabot_alerts_new_repos-category-actions) | Contiene las actividades de configuración a nivel de organización para las {% data variables.product.prodname_dependabot_alerts %} en los repositorios nuevos que se crearon en la organización. | | [`dependabot_security_updates`](#dependabot_security_updates-category-actions) | Contiene las actividades de configuración a nivel organizacional para las {% data variables.product.prodname_dependabot_security_updates %} en los repositorios existentes. Para obtener más información, consulta la sección "[Configurar las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)". | | [`dependabot_security_updates_new_repos`](#dependabot_security_updates_new_repos-category-actions) | Contiene las actividades de configuración a nivel de organización para las {% data variables.product.prodname_dependabot_security_updates %} para los repositorios nuevos que se crean en ella.{% endif %}{% ifversion fpt or ghec %} @@ -507,13 +507,13 @@ Para obtener más información, consulta la sección "[Administrar la publicaci {% ifversion fpt or ghes or ghec %} ### Acciones de la categoría `packages` -| Acción | Descripción | -| --------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `package_version_published` | Se activa cuando se publica una versión del paquete. | -| `package_version_deleted` | Se activa cuando se borra una versión de paquete específica. Para obtener más información, consulta la sección "[Borrar y restablecer un paquete](/packages/learn-github-packages/deleting-and-restoring-a-package)". | -| `package_deleted` | Se activa cuando se borra un paquete completo. Para obtener más información, consulta la sección "[Borrar y restablecer un paquete](/packages/learn-github-packages/deleting-and-restoring-a-package)". | -| `package_version_restored` | Se activa cuando se borra una versión de paquete específica. Para obtener más información, consulta la sección "[Borrar y restablecer un paquete](/packages/learn-github-packages/deleting-and-restoring-a-package)". | -| `package_restored` | Se activa cuando se restablece un paquete completo. Para obtener más información, consulta la sección "[Borrar y restablecer un paquete](/packages/learn-github-packages/deleting-and-restoring-a-package)". | +| Acción | Descripción | +| --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `package_version_published` | Se activa cuando se publica una versión del paquete. | +| `package_version_deleted` | Triggered when a specific package version is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_deleted` | Triggered when an entire package is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_version_restored` | Triggered when a specific package version is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_restored` | Triggered when an entire package is restored.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} {% endif %} @@ -680,11 +680,11 @@ Para obtener más información, consulta la sección "[Administrar la publicaci {% endif %}{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} ### acciones de la categoría `repository_vulnerability_alert` -| Acción | Descripción | -| ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| `create (crear)` | Se activa cuando {% data variables.product.product_name %} crea una alerta del {% data variables.product.prodname_dependabot %} para un repositorio que utiliza una dependencia vulnerable. Para obtener más información, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". | -| `descartar` | Se activa cuando un propietario de organización o persona con acceso administrativo al repositorio descarta una alerta del {% data variables.product.prodname_dependabot %} sobre una dependencia vulnerable. | -| `resolver` | Se activa cuando alguien con acceso de escritura en un repositorio sube cambios para actualizar y resolver una vulnerabilidad en una dependencia de proyecto. | +| Acción | Descripción | +| ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `create (crear)` | Se activa cuando {% data variables.product.product_name %} crea una alerta del {% data variables.product.prodname_dependabot %} para un repositorio que utiliza una dependencia vulnerable. Para obtener más información, consulta la sección "[Acerca de{% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". | +| `descartar` | Se activa cuando un propietario de organización o persona con acceso administrativo al repositorio descarta una alerta del {% data variables.product.prodname_dependabot %} sobre una dependencia vulnerable. | +| `resolver` | Se activa cuando alguien con acceso de escritura en un repositorio sube cambios para actualizar y resolver una vulnerabilidad en una dependencia de proyecto. | {% endif %}{% ifversion fpt or ghec %} ### acciones de la categoría `repository_vulnerability_alerts` diff --git a/translations/es-ES/content/organizations/managing-membership-in-your-organization/removing-a-member-from-your-organization.md b/translations/es-ES/content/organizations/managing-membership-in-your-organization/removing-a-member-from-your-organization.md index 99c14b1007..0b32f562f6 100644 --- a/translations/es-ES/content/organizations/managing-membership-in-your-organization/removing-a-member-from-your-organization.md +++ b/translations/es-ES/content/organizations/managing-membership-in-your-organization/removing-a-member-from-your-organization.md @@ -62,5 +62,5 @@ Para ayudar con la transición de la persona que estás eliminando de tu organiz ## Leer más -- "[Removing organization members from a team](/articles/removing-organization-members-from-a-team)"{% if remove-enterprise-members %} -- "[Removing a member from your enterprise](/admin/user-management/managing-users-in-your-enterprise/removing-a-member-from-your-enterprise)"{% endif %} +- "[Eliminar a los miembros organizacionales de un equipo](/articles/removing-organization-members-from-a-team)"{% if remove-enterprise-members %} +- "[Eliminar a um miembro de tu empresa](/admin/user-management/managing-users-in-your-enterprise/removing-a-member-from-your-enterprise)"{% endif %} diff --git a/translations/es-ES/content/organizations/managing-organization-settings/deleting-an-organization-account.md b/translations/es-ES/content/organizations/managing-organization-settings/deleting-an-organization-account.md index 5f13e4f882..193fecde5f 100644 --- a/translations/es-ES/content/organizations/managing-organization-settings/deleting-an-organization-account.md +++ b/translations/es-ES/content/organizations/managing-organization-settings/deleting-an-organization-account.md @@ -12,7 +12,7 @@ versions: topics: - Organizations - Teams -shortTitle: Delete organization +shortTitle: Borrar organización --- {% ifversion fpt or ghec %} @@ -26,12 +26,12 @@ shortTitle: Delete organization ## 1. Haz una copia de respaldo del contenido de tu organización -{% ifversion not ghes %} After you delete an organization, {% data variables.product.company_short %} **cannot restore your content**. Therefore, before{% else %}Before{% endif %} you delete your organization, make sure you have a copy of all repositories, wikis, issues, and project boards from the account. +{% ifversion not ghes %} Después de borrar una organización, {% data variables.product.company_short %} **no puede restablecer tu contenido**. Por lo tanto, antes{% else %}Anes{% endif %} de que borres tu organización, asegúrate de que tienes una copia de todos los repositorios, wikis, propuestas y tableros de proyecto de la cuenta. {% ifversion ghes %} {% note %} -**Note:** If necessary, a site administrator for {% data variables.product.product_location %} may be able to partially restore a deleted organization. For more information, see "[Restoring a deleted organization](/admin/user-management/managing-organizations-in-your-enterprise/restoring-a-deleted-organization)." +**Nota:** De ser necesario, un administrador de sitio de {% data variables.product.product_location %} podría restablecer parcialmente una organización borrada. Para obtener más información, consulta la sección "[Restablecer una organización borrada](/admin/user-management/managing-organizations-in-your-enterprise/restoring-a-deleted-organization)". {% endnote %} {% endif %} diff --git a/translations/es-ES/content/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization.md b/translations/es-ES/content/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization.md index 0165c96d3c..303c85fe0e 100644 --- a/translations/es-ES/content/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization.md +++ b/translations/es-ES/content/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization.md @@ -32,7 +32,7 @@ Los propietarios de una organización tienen acceso administrativo completo a la {% endnote %} {% if enterprise-owner-join-org %} -If your organization is owned by an enterprise account, any enterprise owner can make themself an owner of your organization. For more information, see "[Managing your role in an organization owned by your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise)." +Si tu organización le pertenece a una cuenta empresarial, cualquier propietario de empresa podrá hacerse propietario de esta. For more information, see "[Managing your role in an organization owned by your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise)." {% endif %} ## Designar un propietario de organización diff --git a/translations/es-ES/content/packages/learn-github-packages/about-permissions-for-github-packages.md b/translations/es-ES/content/packages/learn-github-packages/about-permissions-for-github-packages.md index 5ea8a7f909..2d7815addb 100644 --- a/translations/es-ES/content/packages/learn-github-packages/about-permissions-for-github-packages.md +++ b/translations/es-ES/content/packages/learn-github-packages/about-permissions-for-github-packages.md @@ -47,8 +47,7 @@ Para utilizar o administrar un paquete que hospede un registro de paquete, debes Por ejemplo: - Para descargar e instalar los paquetes desde un repositorio, tu token debe tener el alcance de `read:packages` y tu cuenta de usuario debe tener permisos de lectura. -- {% ifversion fpt or ghes or ghec %}Para borrar un paquete en {% data variables.product.product_name %}, tu token deberá tener por lo menos los alcances de `delete:packages` y `read:packages`. The `repo` scope is also required for repo-scoped packages.{% elsif ghae %}To delete a specified version of a package on {% data variables.product.product_name %}, your token must have the `delete:packages` and `repo` scope.{% endif %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." - +- |{% ifversion fpt or ghes > 3.1 or ghec %}Para borrar un paquete en {% data variables.product.product_name %}, tu token deberá tener por lo menos los alcances de `delete:packages` y `read:packages`. The `repo` scope is also required for repo-scoped packages. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% elsif ghae %}To delete a specified version of a package on {% data variables.product.product_name %}, your token must have the `delete:packages` and `repo` scope. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} | Ámbito | Descripción | Permiso requerido | | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------ | ----------------- | | `read:packages` | Descarga e instala paquetes de {% data variables.product.prodname_registry %} | lectura | diff --git a/translations/es-ES/content/packages/learn-github-packages/deleting-and-restoring-a-package.md b/translations/es-ES/content/packages/learn-github-packages/deleting-and-restoring-a-package.md index 4a64a1bdc8..5c3da7dcb8 100644 --- a/translations/es-ES/content/packages/learn-github-packages/deleting-and-restoring-a-package.md +++ b/translations/es-ES/content/packages/learn-github-packages/deleting-and-restoring-a-package.md @@ -9,7 +9,7 @@ redirect_from: - /packages/guides/deleting-a-container-image versions: fpt: '*' - ghes: '*' + ghes: '>=3.2' ghec: '*' ghae: '*' shortTitle: Delete & restore a package @@ -27,7 +27,7 @@ On {% data variables.product.prodname_dotcom %} if you have the required access, {% note %} -**Note:** +**Note:** - You cannot delete a public package if any version of the package has more than 5000 downloads. In this scenario, contact [GitHub support](https://support.github.com/contact?tags=docs-packages) for further assistance. - When deleting public packages, be aware that you may break projects that depend on your package. diff --git a/translations/es-ES/content/packages/learn-github-packages/introduction-to-github-packages.md b/translations/es-ES/content/packages/learn-github-packages/introduction-to-github-packages.md index 1292276a7b..2f92adc46d 100644 --- a/translations/es-ES/content/packages/learn-github-packages/introduction-to-github-packages.md +++ b/translations/es-ES/content/packages/learn-github-packages/introduction-to-github-packages.md @@ -108,7 +108,7 @@ You can delete a private or public package in the {% data variables.product.prod You can delete a version of a package in the {% data variables.product.product_name %} user interface or using the GraphQL API. {% endif %} -When you use the GraphQL API to query and delete private packages, you must use the same token you use to authenticate to {% data variables.product.prodname_registry %}. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" and "[Forming calls with GraphQL]({% ifversion ghec %}/free-pro-team@latest{% endif %}/graphql/guides/forming-calls-with-graphql)." +When you use the GraphQL API to query and delete private packages, you must use the same token you use to authenticate to {% data variables.product.prodname_registry %}. For more information, see {% ifversion fpt or ghec or ghes > 3.1 or ghae %}"[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" and {% endif %}"[Forming calls with GraphQL]({% ifversion ghec %}/free-pro-team@latest{% endif %}/graphql/guides/forming-calls-with-graphql)." You can configure webhooks to subscribe to package-related events, such as when a package is published or updated. For more information, see the "[`package` webhook event](/webhooks/event-payloads/#package)." diff --git a/translations/es-ES/content/packages/quickstart.md b/translations/es-ES/content/packages/quickstart.md index 65f3200932..e83cb3abaa 100644 --- a/translations/es-ES/content/packages/quickstart.md +++ b/translations/es-ES/content/packages/quickstart.md @@ -18,7 +18,7 @@ En esta guía, crearás un flujo de trabajo de {% data variables.product.prodnam ## Publicar tu paquete -1. Crea un repositorio nuevo en {% data variables.product.prodname_dotcom %}, agregando el `.gitignore` para Node. For more information, see "[Creating a new repository](/github/creating-cloning-and-archiving-repositories/creating-a-new-repository)." +1. Crea un repositorio nuevo en {% data variables.product.prodname_dotcom %}, agregando el `.gitignore` para Node. Para obtener más información, consulta la sección "[Crear un repositorio nuevo](/github/creating-cloning-and-archiving-repositories/creating-a-new-repository)". 2. Clona el repositorio en tu máquina local. ```shell $ git clone https://{% ifversion ghae %}YOUR-HOSTNAME{% else %}github.com{% endif %}/YOUR-USERNAME/YOUR-REPOSITORY.git diff --git a/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md b/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md index 724f57e18d..c18396b6fa 100644 --- a/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md +++ b/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md @@ -190,5 +190,5 @@ To install an Apache Maven package from {% data variables.product.prodname_regis ## Further reading -- "[Working with the Gradle registry](/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry)" -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +- "[Working with the Gradle registry](/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry)"{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)"{% endif %} diff --git a/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md b/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md index dc433c384c..f114ecd455 100644 --- a/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md +++ b/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md @@ -261,8 +261,12 @@ $ docker pull HOSTNAME/OWNER/REPOSITORY/IMAGE_NAME:TAG_NAME {% endnote %} +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} + ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +{% endif %} + {% endif %} diff --git a/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md b/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md index 7ff16231a5..62c520c70b 100644 --- a/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md +++ b/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md @@ -215,5 +215,5 @@ To use a published package from {% data variables.product.prodname_registry %}, ## Further reading -- "[Working with the Apache Maven registry](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)" -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +- "[Working with the Apache Maven registry](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)"{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)"{% endif %} diff --git a/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md b/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md index b7d14dcd6a..f34f6977a1 100644 --- a/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md +++ b/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md @@ -27,7 +27,7 @@ If you publish over 1,000 npm package versions to {% data variables.product.prod In the future, to improve performance of the service, you won't be able to publish more than 1,000 versions of a package on {% data variables.product.prodname_dotcom %}. Any versions published before hitting this limit will still be readable. -If you reach this limit, consider deleting package versions or contact Support for help. When this limit is enforced, our documentation will be updated with a way to work around this limit. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" or "[Contacting Support](/packages/learn-github-packages/about-github-packages#contacting-support)." +If you reach this limit, consider deleting package versions or contact Support for help. When this limit is enforced, our documentation will be updated with a way to work around this limit. For more information, see {% ifversion fpt or ghec or ghes > 3.1 or ghae %}"[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" or {% endif %}"[Contacting Support](/packages/learn-github-packages/about-github-packages#contacting-support)." ## Authenticating to {% data variables.product.prodname_registry %} @@ -212,7 +212,3 @@ If your instance has subdomain isolation disabled: {% data variables.product.prodname_registry %} allows you to access the official NPM registry at `registry.npmjs.com`, if your {% data variables.product.prodname_ghe_server %} administrator has enabled this feature. For more information, see [Connecting to the official NPM registry](/admin/packages/configuring-packages-support-for-your-enterprise#connecting-to-the-official-npm-registry). {% endif %} - -## Further reading - -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" diff --git a/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md b/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md index 0fb8b99987..cd835bf35f 100644 --- a/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md +++ b/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md @@ -232,6 +232,8 @@ Your NuGet package may fail to push if the `RepositoryUrl` in *.csproj* is not s If you're using a nuspec file, ensure that it has a `repository` element with the required `type` and `url` attributes. +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +{% endif %} diff --git a/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md b/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md index c17c6eaa13..01a56b4478 100644 --- a/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md +++ b/translations/es-ES/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md @@ -136,7 +136,7 @@ You can use gems from {% data variables.product.prodname_registry %} much like y end ``` -3. For Bundler versions earlier than 1.7.0, you need to add a new global `source`. For more information on using Bundler, see the [bundler.io documentation](http://bundler.io/v1.5/gemfile.html). +3. For Bundler versions earlier than 1.7.0, you need to add a new global `source`. For more information on using Bundler, see the [bundler.io documentation](https://bundler.io/gemfile.html). ```ruby source "https://{% ifversion fpt or ghec %}rubygems.pkg.github.com{% else %}REGISTRY-URL{% endif %}/OWNER" @@ -151,6 +151,10 @@ You can use gems from {% data variables.product.prodname_registry %} much like y $ gem install octo-gem --version "0.1.1" ``` +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} + ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" + +{% endif %} diff --git a/translations/es-ES/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md b/translations/es-ES/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md index 3a41bb01bb..60fc4f2778 100644 --- a/translations/es-ES/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md +++ b/translations/es-ES/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md @@ -50,6 +50,12 @@ Antes de que puedas usar Jekyll para probar un sitio, debes hacer lo siguiente: ``` 3. Para previsualizar tu sitio, en tu navegador web, navega hasta `http://localhost:4000`. +{% note %} + +**Nota:** Si estás utilizando Ruby 3.0 y Jekyll 4.2.x o anterior, necesitarás agregar la gema de `webrick` al Gemfile de tu proyecto antes de ejecutar `bundle install`. + +{% endnote %} + ## Actualizar la gema de {% data variables.product.prodname_pages %} Jekyll es un proyecto de código abierto activo que se actualiza de manera frecuente. Si la gema de `github-pages` de tu computadora está desactualizada con respecto a la gema de `github-pages` del servidor de {% data variables.product.prodname_pages %}, tu sitio puede verse diferente cuando se compile localmente en comparación a cómo se vea cuando se publique en {% data variables.product.product_name %}. Para evitar esto, actualiza de manera regular la gema de `github-pages` en tu computadora. diff --git a/translations/es-ES/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md b/translations/es-ES/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md index 0d8f54b35a..2e1c7f916a 100644 --- a/translations/es-ES/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md +++ b/translations/es-ES/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md @@ -16,9 +16,11 @@ topics: - Pull requests shortTitle: Request a PR review --- -Owners and collaborators on a repository owned by a user account can assign pull request reviews. Organization members with triage permissions to a repository can assign a pull request review. +Repositories belong to a personal account (a single individual owner) or an organization account (a shared account with numerous collaborators or maintainers). For more information, see "[Types of {% data variables.product.prodname_dotcom %} accounts](/get-started/learning-about-github/types-of-github-accounts)." Owners and collaborators on a repository owned by a personal account can assign pull request reviews. Organization members with triage permissions can also assign a reviewer for a pull request. -Owners or collaborators can assign a pull request review to any person that has been explicitly granted [read access](/articles/access-permissions-on-github) to a user-owned repository. Organization members can assign a pull request review to any person or team with read access to a repository. The requested reviewer or team will receive a notification that you asked them to review the pull request. {% ifversion fpt or ghae or ghes or ghec %}If you request a review from a team and code review assignment is enabled, specific members will be requested and the team will be removed as a reviewer. For more information, see "[Managing code review settings for your team](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)."{% endif %} +To assign a reviewer to a pull request, you will need write access to the repository. For more information about repository access, see "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)." If you have write access, you can assign anyone who has read access to the repository as a reviewer. + +Organization members with write access can also assign a pull request review to any person or team with read access to a repository. The requested reviewer or team will receive a notification that you asked them to review the pull request. {% ifversion fpt or ghae or ghes or ghec %}If you request a review from a team and code review assignment is enabled, specific members will be requested and the team will be removed as a reviewer. For more information, see "[Managing code review settings for your team](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)."{% endif %} {% note %} diff --git a/translations/es-ES/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md b/translations/es-ES/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md index 647063b1ee..a4bef4079e 100644 --- a/translations/es-ES/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md +++ b/translations/es-ES/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md @@ -37,7 +37,7 @@ Each CODEOWNERS file assigns the code owners for a single branch in the reposito For code owners to receive review requests, the CODEOWNERS file must be on the base branch of the pull request. For example, if you assign `@octocat` as the code owner for *.js* files on the `gh-pages` branch of your repository, `@octocat` will receive review requests when a pull request with changes to *.js* files is opened between the head branch and `gh-pages`. -{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-9273 %} +{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4675 %} ## CODEOWNERS file size CODEOWNERS files must be under 3 MB in size. A CODEOWNERS file over this limit will not be loaded, which means that code owner information is not shown and the appropriate code owners will not be requested to review changes in a pull request. diff --git a/translations/es-ES/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md b/translations/es-ES/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md index c9dc9ab4fd..ab03d6def8 100644 --- a/translations/es-ES/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md +++ b/translations/es-ES/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md @@ -7,7 +7,7 @@ versions: fpt: '*' ghec: '*' ghes: '>3.2' - ghae-issue-4974: '*' + ghae: issue-4974 topics: - Repositories --- diff --git a/translations/es-ES/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md b/translations/es-ES/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md index ae41d1224e..3e35c0e7b2 100644 --- a/translations/es-ES/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md +++ b/translations/es-ES/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md @@ -73,5 +73,5 @@ Casi todo el software depende de el código que otros desarrolladores mantienen La gráfica de dependencias proporciona una forma genial de visualizar y explorar las depdendencias para un repositorio. Para obtener más información, consulta las secciones "[Acerca de la gráfica de dependencias](/code-security/supply-chain-security/about-the-dependency-graph)" y "[Explorar las dependencias de un repositorio](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository)". -También puedes configurar tu repositorio para que {% data variables.product.company_short %} te alerte automáticamente en cualquier momento en el que se encuentre una vulnerabilidad de seguridad en alguna de tus dependencias. Para obtener más información, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". +También puedes configurar tu repositorio para que {% data variables.product.company_short %} te alerte automáticamente en cualquier momento en el que se encuentre una vulnerabilidad de seguridad en alguna de tus dependencias. Para obtener más información, consulta la sección "[Acerca de{% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". {% endif %} diff --git a/translations/es-ES/content/repositories/working-with-files/using-files/working-with-non-code-files.md b/translations/es-ES/content/repositories/working-with-files/using-files/working-with-non-code-files.md index d2e6c666bc..63c5ea85d9 100644 --- a/translations/es-ES/content/repositories/working-with-files/using-files/working-with-non-code-files.md +++ b/translations/es-ES/content/repositories/working-with-files/using-files/working-with-non-code-files.md @@ -130,6 +130,12 @@ Por defecto, la representación insertada es de 420 píxeles de ancho por 620 de {% endtip %} +{% if mermaid %} +### Rendering in Markdown + +You can embed ASCII STL syntax directly in Markdown. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-stl-3d-models)." +{% endif %} + ## Representar datos CSV y TSV GitHub admite la representación de datos tabulares en la forma de archivos *.csv* (separados por coma) y .*tsv* (separados por pestaña). @@ -233,7 +239,7 @@ Cuando haces clic en el ícono de papel a la derecha, también verás los cambio ![Captura de pantalla de conmutación de representación de fuente](/assets/images/help/repository/source-render-toggle-geojson.png) -### Tipos de Geometry +### Geometry types Los mapas en {% data variables.product.product_name %} utilizan [Leaflet.js](http://leafletjs.com) y admiten todos los tipos de Geometry indicados en [las especificaciones de geoJSON](http://www.geojson.org/geojson-spec.html) (Point, LineString, Polygon, MultiPoint, MultiLineString, MultiPolygon y GeometryCollection). Los archivos TopoJSON deberían ser del tipo "Topology" y adherir a las especificaciones [topoJSON](https://github.com/mbostock/topojson/wiki/Specification). @@ -274,6 +280,12 @@ Por defecto, el mapa incrustado es 420px x 620px, pero puedes personalizar el re {% endtip %} +{% if mermaid %} +### Mapping in Markdown + +You can embed geoJSON and topoJSON directly in Markdown. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-geojson-and-topojson-maps)." +{% endif %} + ### Agrupación Si tu mapa contiende una gran cantidad de marcadores (aproximadamente más de 750), GitHub automáticamente agrupará marcadores cercanos en niveles superiores de zoom. Simplemente haz clic la agrupación o el zoom de acercamiento para ver los marcadores individuales. @@ -292,7 +304,7 @@ Por otra parte, si tu archivo `.geojson` es particularmente grande (superior a 1 Todavía se podrían representar los datos al convertir el archivo `.geojson` a [TopoJSON](https://github.com/mbostock/topojson), un formato de compresión que, en algunos casos, puede reducir el tamaño del archivo hasta un 80 %. Por supuesto, siempre puedes partir el archivo en fragmentos más pequeños (como por estado o por año), y almacenar los datos como archivos múltiples dentro del repositorio. -### Recursos adicionales +### Leer más * [Documentación Leaflet.js geojson](http://leafletjs.com/examples/geojson.html) * [Documentación de estilización de marcador MapBox](http://www.mapbox.com/developers/simplestyle/) @@ -320,3 +332,44 @@ $ jupyter nbconvert --to html NOTEBOOK-NAME.ipynb - [Repositorio GitHub de notebook Jupyter](https://github.com/jupyter/jupyter_notebook) - [Galería de notebooks Jupyter](https://github.com/jupyter/jupyter/wiki/A-gallery-of-interesting-Jupyter-Notebooks) + +{% if mermaid %} +## Displaying Mermaid files on {% data variables.product.prodname_dotcom %} + +{% data variables.product.product_name %} supports rendering Mermaid files within repositories. Commit the file as you would normally using a `.mermaid` or `.mmd` extension. Then, navigate to the path of the Mermaid file on {% data variables.product.prodname_dotcom %}. + +For example, if you add a `.mmd` file with the following content to your repository: + +``` +graph TD + A[Friend's Birthday] -->|Get money| B(Go shopping) + B --> C{Let me think} + C -->|One| D["Cool
Laptop"] + C -->|Two| E[iPhone] + C -->|Three| F[fa:fa-car Car] +``` + +When you view the file in the repository, it is rendered as a flow chart. ![Rendered mermaid file diagram](/assets/images/help/repository/mermaid-file-diagram.png) + +### Solución de problemas + +If your chart does not render at all, verify that it contains valid Mermaid Markdown syntax by checking your chart with the [Mermaid live editor](https://mermaid.live/edit). + +If the chart displays, but does not appear as you'd expect, you can create a new [feedback discussion](https://github.com/github/feedback/discussions/categories/general-feedback), and add the `mermaid` tag. + +#### Problemas conocidos + +* Sequence diagram charts frequently render with additional padding below the chart, with more padding added as the chart size increases. This is a known issue with the Mermaid library. +* Actor nodes with popover menus do not work as expected within sequence diagram charts. This is due to a discrepancy in how JavaScript events are added to a chart when the Mermaid library's API is used to render a chart. +* Not all charts are a11y compliant. This may affect users who rely on a screen reader. + +### Mermaid in Markdown + +You can embed Mermaid syntax directly in Markdown. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-mermaid-diagrams)." + +### Leer más + +* [Mermaid.js documentation](https://mermaid-js.github.io/mermaid/#/) +* [Mermaid.js live editor](https://mermaid.live/edit) +{% endif %} + diff --git a/translations/es-ES/content/rest/overview/permissions-required-for-github-apps.md b/translations/es-ES/content/rest/overview/permissions-required-for-github-apps.md index bb8b1e802c..fa8ec2542b 100644 --- a/translations/es-ES/content/rest/overview/permissions-required-for-github-apps.md +++ b/translations/es-ES/content/rest/overview/permissions-required-for-github-apps.md @@ -121,6 +121,9 @@ _Buscar_ - [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#get-an-artifact) (:read) - [`DELETE /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#delete-an-artifact) (:write) - [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id/zip`](/rest/reference/actions#download-an-artifact) (:read) +{% if actions-cache-management -%} +- [`GET /repos/:owner/:repo/actions/cache/usage`](/rest/reference/actions#get-github-actions-cache-usage-for-a-repository) (:read) +{% endif -%} - [`GET /repos/:owner/:repo/actions/jobs/:job_id`](/rest/reference/actions#get-a-job-for-a-workflow-run) (:read) - [`GET /repos/:owner/:repo/actions/jobs/:job_id/logs`](/rest/reference/actions#download-job-logs-for-a-workflow-run) (:read) - [`GET /repos/:owner/:repo/actions/runs`](/rest/reference/actions#list-workflow-runs-for-a-repository) (:read) @@ -644,6 +647,10 @@ _Equipos_ ### Permiso sobre la "administración de la oprganización" - [`PATCH /orgs/:org`](/rest/reference/orgs#update-an-organization) (:write) +{% if actions-cache-management -%} +- [`GET /orgs/:org/actions/cache/usage`](/rest/reference/actions#get-github-actions-cache-usage-for-an-organization) (:read) +- [`GET /orgs/:org/actions/cache/usage-by-repository`](/rest/reference/actions#list-repositories-with-github-actions-cache-usage-for-an-organization) (:read) +{% endif -%} {% ifversion fpt -%} - [`GET /orgs/:org/interaction-limits`](/rest/reference/interactions#get-interaction-restrictions-for-an-organization) (:read) {% endif -%} diff --git a/translations/es-ES/content/rest/reference/deploy_keys.md b/translations/es-ES/content/rest/reference/deploy_keys.md new file mode 100644 index 0000000000..6c6e6d3f37 --- /dev/null +++ b/translations/es-ES/content/rest/reference/deploy_keys.md @@ -0,0 +1,17 @@ +--- +title: Deploy Keys +intro: The Deploy Keys API allows to create an SSH key that is stored on your server and grants access to a GitHub repository. +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: '*' + ghec: '*' +topics: + - API +miniTocMaxHeadingLevel: 3 +--- + + diff --git a/translations/es-ES/content/rest/reference/deployments.md b/translations/es-ES/content/rest/reference/deployments.md index 58fa4aca8e..be49557e51 100644 --- a/translations/es-ES/content/rest/reference/deployments.md +++ b/translations/es-ES/content/rest/reference/deployments.md @@ -1,6 +1,6 @@ --- title: Implementaciones -intro: 'The deployments API allows you to create and delete deploy keys, deployments, and deployment environments.' +intro: The deployments API allows you to create and delete deployments and deployment environments. allowTitleToDifferFromFilename: true versions: fpt: '*' diff --git a/translations/es-ES/content/rest/reference/index.md b/translations/es-ES/content/rest/reference/index.md index a61999b339..7a273eb814 100644 --- a/translations/es-ES/content/rest/reference/index.md +++ b/translations/es-ES/content/rest/reference/index.md @@ -22,6 +22,7 @@ children: - /collaborators - /commits - /dependabot + - /deploy_keys - /deployments - /emojis - /enterprise-admin diff --git a/translations/es-ES/content/rest/reference/secret-scanning.md b/translations/es-ES/content/rest/reference/secret-scanning.md index 07419944d5..ffdc5f95b9 100644 --- a/translations/es-ES/content/rest/reference/secret-scanning.md +++ b/translations/es-ES/content/rest/reference/secret-scanning.md @@ -1,6 +1,6 @@ --- title: Escaneo de secretos -intro: Use the secret scanning API to retrieve and update secret alerts from a repository. +intro: Utiliza la API de escaneo de secretos para recuperar y actualizar las alertas secretas de un repositorio. versions: fpt: '*' ghes: '*' diff --git a/translations/es-ES/content/github/site-policy/github-acceptable-use-policies.md b/translations/es-ES/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md similarity index 56% rename from translations/es-ES/content/github/site-policy/github-acceptable-use-policies.md rename to translations/es-ES/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md index 5109b01f80..f218c5c8f8 100644 --- a/translations/es-ES/content/github/site-policy/github-acceptable-use-policies.md +++ b/translations/es-ES/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md @@ -2,6 +2,7 @@ title: Políticas de uso aceptable de GitHub redirect_from: - /articles/github-acceptable-use-policies + - /github/site-policy/github-acceptable-use-policies versions: fpt: '*' topics: @@ -9,66 +10,70 @@ topics: - Legal --- -**Versión simplificada:** _Presentamos una amplia variedad de proyectos en equipo en todo el mundo y dicha cooperación solamente funciona cuando nuestros usuarios pueden trabajar juntos con buenas intenciones. Mientras usas el Servicio, debes cumplir con nuestras políticas de uso aceptable, que incluyen algunas restricciones sobre el contenido que puedes publicar o gestionar en el servicio y otras limitaciones. En síntesis, la idea es que sean geniales entre sí._ +**Versión simplificada:** _Presentamos una amplia variedad de proyectos en equipo en todo el mundo y dicha cooperación solamente funciona cuando nuestros usuarios pueden trabajar juntos con buenas intenciones. While using the Service, you must comply with our Acceptable Use Policies, which include some restrictions on content and conduct on GitHub related to user safety, intellectual property, privacy, authenticity, and other limitations. En síntesis, la idea es que sean geniales entre sí._ Los términos en mayúsculas que se utilizan, pero no se definen en estas Políticas de uso aceptable tienen significados asignados en nuestros [Términos de servicio](/articles/github-terms-of-service), [Términos de servicio corporativos](/articles/github-corporate-terms-of-service) y [Declaración de privacidad](/articles/github-privacy-statement). Para los clientes sujetos a los [Términos de servicio corporativos](/articles/github-corporate-terms-of-service), "tú" y "tu/tus" se refieren al "Cliente" o los "Usuarios". "Nosotros", "nuestro", "nuestros" se refieren a "GitHub". ## 1. Cumplimiento con las leyes y regulaciones Eres responsable de usar el Servicio de conformidad con todas las leyes, regulaciones y con todas nuestras Políticas de uso aceptable que correspondan. Estas políticas se pueden actualizar cada cierto tiempo y se presentan a continuación. También se puede acceder a ellas en nuestros [Términos de servicio](/articles/github-terms-of-service) y [Términos de servicio corporativos](/articles/github-corporate-terms-of-service). -## 2. Restricciones de contenido -Bajo ninguna circunstancia se permitirá que los usuarios carguen, publiquen, hospeden, ejecuten o transmitan ningún contenido que: +## 2. User Safety +We do not allow content or activity on GitHub that: - que sea ilícito o promueva actividades ilícitas; -- sea o albergue [contenido sexualmente obsceno](/github/site-policy/github-community-guidelines#sexually-obscene-content); +- is [sexually obscene](/github/site-policy/github-sexually-obscene-content) or relates to sexual exploitation or abuse, including of minors; - que sea calumnioso, difamatorio o fraudulento; -- sea [discriminatorio o abusivo](/github/site-policy/github-community-guidelines#hate-speech-and-discrimination) hacia cualquier individuo o grupo; +- sea [discriminatorio o abusivo](/github/site-policy/github-hate-speech-and-discrimination) hacia cualquier individuo o grupo; -- [describa o glorifique la violencia injustificadamente](/github/site-policy/github-community-guidelines#gratuitously-violent-content), incluyendo las imágenes violentas; +- is [false, inaccurate, or intentionally deceptive information](/github/site-policy/github-misinformation-and-disinformation) and likely to adversely affect the public interest (including health, safety, election integrity, and civic participation); -- sea o contenga [información intencionalmente engañosa, inadecuada o falsa](/github/site-policy/github-community-guidelines#misinformation-and-disinformation) que pueda afectar el interés público de manera adversa (incluyendo la salud, seguridad, integridad de elección y participación cívica); +- [harasses or abuses](/github/site-policy/github-bullying-and-harassment) another individual or group, including our employees, officers, and agents, or other users; -- apoye directamente [el ataque ilegal o campañas de malware](/github/site-policy/github-community-guidelines#active-malware-or-exploits) que estén causando daños técnicos — tales como utilizar nuestra plataforma para entregar ejecutables malintencionados o como ataque de infraestructura, por ejemplo, organizando ataques de negación de servicio o administrando servidores de control y comando — sin propósitos implícitos o explícitos de uso dual previos a que suceda el abuso; o +- [threatens or incites violence](/github/site-policy/github-threats-of-violence-and-gratuitously-violent-content) toward any individual or group, especially on the basis of who they are; -- comparta llaves de licencia de productos no autorizadas, software para generarlas o software para saltarse las verificaciones de estas, incluyendo las extensiones de licencias gratuitas más allá de su periodo de prueba; o +- [gratuitously depicts or glorifies violence](/github/site-policy/github-threats-of-violence-and-gratuitously-violent-content), including violent images; or -- que infrinja algún derecho de propiedad de cualquiera de las partes, incluidos la patente, el nombre comercial, el secreto comercial, la propiedad intelectual, el derecho a publicidad o cualquier otro derecho. +- is off-topic, or interacts with platform features in a way that significantly or repeatedly [disrupts the experience of other users](/github/site-policy/github-disrupting-the-experience-of-other-users). -Por favor, consulta nuestros [Lineamientos comunitarios](/github/site-policy/github-community-guidelines#what-is-not-allowed) para obtener más detalles. -## 3. Restricciones de conducta -Mientras usas el Servicio, en ninguna circunstancia puedes hacer lo siguiente: +## 3. Intellectual Property, Authenticity, and Private Information +We do not allow content or activity on GitHub that: -- [acosar, abusar](/github/site-policy/github-community-guidelines#bullying-and-harassment), [amenazar, o incitar a la violencia](/github/site-policy/github-community-guidelines#threats-of-violence) en contra de algún grupo o individuo, incluyendo nuestros empleados, oficiales y agentes u otros usuarios; +- que infrinja algún derecho de propiedad de cualquiera de las partes, incluidos la patente, el nombre comercial, el secreto comercial, la propiedad intelectual, el derecho a publicidad o cualquier otro derecho; -- publicar contenido fuera de contexto o interactuar con las características de la plataforma de manera que esto [ perturbe la experiencia de otros usuarios](/github/site-policy/github-community-guidelines#disrupting-the-experience-of-other-users) significativa o repetidamente; +- unlawfully shares unauthorized product licensing keys, software for generating unauthorized product licensing keys, or software for bypassing checks for product licensing keys, including extension of a free license beyond its trial period; -- utilizar nuestros servidores para cualquier forma de [actividad excesiva automatizada por lotes](/github/site-policy/github-acceptable-use-policies#4-spam-and-inauthentic-activity-on-github) (por ejemplo, spamming o minería de cirptodivisas), para colocar cargas indebidas en nuestros servidores para fines de automatización o generar cualquier forma de propaganda no solicitada u otro tipo de solicitudes a través de nuestros servidores, tal como planes para enriquecerse rápidamente; +- [impersonates any person or entity](/github/site-policy/github-impersonation), including any of our employees or representatives, including through false association with GitHub, or by fraudulently misrepresenting your identity or site's purpose; or -- usar nuestros servidores para interrumpir o intentar interrumpir, obtener o intentar obtener acceso no autorizado a cualquier servicio, dispositivo, datos, cuenta o red (a menos que lo autorice el [programa Bug Bounty GitHub](https://bounty.github.com)); - -- [hacerte pasar por cualquier otra persona o entidad](/github/site-policy/github-community-guidelines#impersonation), incluyendo a cualquiera de nuestros empleados o representante o pretender que existe una asociación falsa con GitHub o malinterpretar tu identidad o el propósito del sitio fraudulentamente; o - -- [violar la privacidad de cualquier tercero](/github/site-policy/github-community-guidelines#doxxing-and-invasion-of-privacy), tal como publicar la información personal de alguien más sin su consentimiento. - -Por favor, consulta nuestros [Lineamientos comunitarios](/github/site-policy/github-community-guidelines#what-is-not-allowed) para obtener más detalles. +- [violates the privacy of any third party](/github/site-policy/github-doxxing-and-invasion-of-privacy), such as by posting another person's personal information without consent. ## 4. Spam y actividad falsa en GitHub -En GitHub se prohíbe la actividad excesiva automatizada y la actividad coordinada falsa, como el spamming. Las actividades prohibidas incluyen: -* distribución masiva de promociones y publicidad prohibida por los términos y políticas de GitHub -* interacciones falsas, tales como cuentas falsas y la actividad automatizada falsa -* abuso de rango, por ejemplo, protagonización automática o la -* creación o participación posterior en los mercados secundarios con la intención de la proliferación de actividades falsas -* usar a GitHub como una plataforma para propagar abusos en otras plataformas -* phishing o intento de phishing +We do not allow content or activity on GitHub that is: +- automated excessive bulk activity and coordinated inauthentic activity, such as + * spamming + * cryptocurrency mining; +* distribución masiva de promociones y publicidad prohibida por los términos y políticas de GitHub; +* inauthentic interactions, such as fake accounts and automated inauthentic activity; +* rank abuse, such as automated starring or following; +* creation of or participation in secondary markets for the purpose of the proliferation of inauthentic activity; +* usar a GitHub como una plataforma para propagar abusos en otras plataformas; +* phishing or attempted phishing; or +* using our servers for any form of excessive automated bulk activity, to place undue burden on our servers through automated means, or to relay any form of unsolicited advertising or solicitation through our servers, such as get-rich-quick schemes. -## 5. Límites de uso de los servicios +## 5. Site Access and Safety +We do not allow content or activity on GitHub that: + +- apoye directamente [el ataque ilegal o campañas de malware](/github/site-policy/github-active-malware-or-exploits) que estén causando daños técnicos — tales como utilizar nuestra plataforma para entregar ejecutables malintencionados o como ataque de infraestructura, por ejemplo, organizando ataques de negación de servicio o administrando servidores de control y comando — sin propósitos implícitos o explícitos de uso dual previos a que suceda el abuso; o +- uses our servers to disrupt or to attempt to disrupt, or to gain or to attempt to gain unauthorized access to, any service, device, data, account or network. Please note, activities permitted under bug bounty programs, such as the [GitHub Bug Bounty program](https://bounty.github.com), are not considered “unauthorized.” + + +## 6. Límites de uso de los servicios No reproducirás, duplicarás, copiarás, venderás, revenderás o aprovecharás ninguna parte del Servicio, el uso del Servicio o el acceso al Servicio sin autorización expresa por escrito. -## 6. Restricciones de uso de información +## 7. Restricciones de uso de información Puedes utilizar la información de nuestro Servicio por las siguientes razones, independientemente de si se eliminó la información, se recopiló través de nuestra API o se obtuvo de otra forma: - Los investigadores pueden utilizar información pública y no personal del Servicio con fines de investigación, solo si cualquier publicación resultante de dicha investigación es [de acceso abierto](https://en.wikipedia.org/wiki/Open_access). @@ -80,24 +85,28 @@ No puedes utilizar la información del Servicio (ya sea eliminada, recopilada a Tu uso de la información del Servicio debe cumplir con la [Declaración de privacidad de GitHub](/github/site-policy/github-privacy-statement). -## 7. Privacidad +## 8. Privacidad Está prohibido el uso indebido de la Información personal del Usuario. Cualquier persona, entidad o servicio que recopile datos del Servicio debe cumplir con la [Declaración de privacidad de GitHub](/articles/github-privacy-statement), en particular, al respecto de la recopilación de Información personal del Usuario. Si recopilas cualquier Información personal del Usuario desde el Servicio, debes aceptar que solo usarás esa Información personal del Usuario para los fines que ese Usuario autorizó. Aceptas que asegurarás de manera razonable cualquier Información personal del Usuario que hayas reunido desde el Servicio y responderás de inmediato a las quejas, las solicitudes de eliminación y las solicitudes de "no contactar" que hagamos nosotros u otros usuarios. -## 8. Uso del ancho de banda excesivo +## 9. Uso del ancho de banda excesivo Las limitaciones de ancho de banda del servicio varían en función de las características que utilices. Si determinamos que tu uso del ancho de banda es significativamente excesivo en relación con el de otros usuarios, nos reservamos el derecho a suspender tu Cuenta o limitar el alojamiento de tu archivo o, de otra forma, limitar tu actividad hasta que puedas reducir tu consumo de ancho de banda. Tambien nos reservamos los derechos—después de proporcionar una notificación por adelantado—de borrar repositorios que creamos están colocando una tensión indebida en nuestra infraestructura. Para obtener orientación sobre el uso aceptado de almacenamiento de objetos en los repositorios, refiérete a la sección "[¿Cuál es mi cuota de disco?](/github/managing-large-files/what-is-my-disk-quota)". Para obtener más detalles sobre las limitaciones de ancho de banda de características especiales, consulta la sección [Condiciones Adicionales de Producto de GitHub](/github/site-policy/github-additional-product-terms). -## 9. Hacer publicidad en GitHub +## 10. Hacer publicidad en GitHub **Versión simplificada:** *Generalmente no prohibimos el uso de GitHub para publicidad. Sin embargo, esperamos que nuestros usuarios sigan ciertas limitaciones, por lo que GitHub no se convierta en un espacio lleno de spam. Nadie desea eso.* Aunque entendemos que tal vez deseas promover tu Contenido publicando los nombres o logos de los seguidores de tu Cuenta, el enfoque principal del Contenido publicado en o a través de tu Cuenta al Servicio no debe ser publicidad o marketing promocional. Esto incluye Contenido publicado en o a través de Páginas, Paquetes, repositorios y todas las demás partes del Servicio. Puedes incluir imágenes estáticas, enlaces y textos promocionales en los documentos README o secciones de descripción del proyecto asociadas con tu Cuenta, pero deben estar relacionados con el proyecto que estás alojando en GitHub. No puedes publicitar en las Cuentas de otros Usuarios, por ejemplo, mediante la publicación de contenido monetizado o excesivo en masa. -No puedes promover o distribuir contenido o actividad ilegal o prohibida por nuestros [Términos de servicio](/github/site-policy/github-terms-of-service/), [Directrices de la comunidad](/github/site-policy/github-community-guidelines/), o [Política de Uso Aceptable](/github/site-policy/github-acceptable-use-policies/), incluyendo una actividad masiva automatizada excesiva (por ejemplo, spamming), esquemas "hazte rico rápidamente" y distorsión o engaño relacionados con tu promoción. +You may not promote or distribute content or activity that is illegal or otherwise prohibited by our [Terms of Service](/github/site-policy/github-terms-of-service/)or [Acceptable Use Policies](/github/site-policy/github-acceptable-use-policies/), including excessive automated bulk activity (for example, spamming), get-rich-quick schemes, and misrepresentation or deception related to your promotion. Si decides alojar cualquier material publicitario o promocional en tu Cuenta, eres el único responsable de cumplir con todas las leyes y regulaciones correspondientes, incluyendo, entre otras, las Directrices sobre Endosos y Testimonios de la Comisión Federal de Comercio de los EE. UU. Directrices de la Comisión Federal de Comercio sobre los respaldos y testimonios. Nos reservamos el derecho de eliminar cualquier material promocional o publicidad que, a nuestra entera discreción, viole cualquier término o política de GitHub. -GitHub se reserva el derecho de eliminar cualquier Contenido que viole esta política. +## 11. Protección del Usuario +No debes participar de actividades que dañen de manera significativa a otros usuarios. -## 10. Protección del Usuario -No debes participar de actividades que dañen de manera significativa a otros usuarios. Resolveremos las disputas en favor de la protección de los usuarios como totalidad. +We will interpret our policies and resolve disputes in favor of protecting users as a whole. + +--- + +GitHub retains full discretion to [take action](/github/site-policy/github-community-guidelines#what-happens-if-someone-violates-githubs-policies) in response to a violation of these policies, including account suspension, account [termination](/github/site-policy/github-terms-of-service#3-github-may-terminate), or [removal](/github/site-policy/github-terms-of-service#2-github-may-remove-content) of content. diff --git a/translations/es-ES/content/site-policy/acceptable-use-policies/github-active-malware-or-exploits.md b/translations/es-ES/content/site-policy/acceptable-use-policies/github-active-malware-or-exploits.md new file mode 100644 index 0000000000..f913f2e775 --- /dev/null +++ b/translations/es-ES/content/site-policy/acceptable-use-policies/github-active-malware-or-exploits.md @@ -0,0 +1,27 @@ +--- +title: GitHub Active Malware or Exploits +shortTitle: Active Malware or Exploits +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-active-malware-or-exploits + - /github/site-policy/github-community-guidelines#active-malware-or-exploits +--- + +Being part of a community includes not taking advantage of other members of the community. No permitimos que nadie utilice nuestra plataforma para apoyar directamente los ataques ilícitos que causan daño técnico, tales como utilizar GitHub como medio para entregar ejecutables malintencionados o como infraestructura de ataque, por ejemplo, para organizar ataques de negación del servicio o administrar servidores de control y comando. Los daños técnicos significan el sobreconsumo de recursos, daño físico, tiempo de inactividad, negación del servicio o pérdidad de datos, sin propósito implícito o explícito para uso dual antes de que ocurra el abuso. + + Toma en cuenta que GitHub permite el contenido de uso dual y apoya la publicación de contenido que se utilice para la investigación de vulnerabilidades, malware o exploits, ya que el publicar o distribuir este tipo de contenido tiene un valor educativo y pñroporciona un beneficio real a la comunidad de seguridad. Asumimos un uso de estos proyectos e intención positivos para promover e impulsar mejoras a lo largo del ecosistema. + + En casos extraordinarios de abuso amplio del contenido de uso dual, podríamos restringir el acceso a esta instancia específica de contenido para parar un ataque ilícito o campaña de malware en curso que esté tomando provecho de la plataforma de GitHub como un exploit o CDN de malware. En la mayoría de estos casos, la restricción toma la forma de poner el contenido bajo autenticación, pero podría, como último recurso, invlucrar la inhabilitación de accesos o la eliminación por completo en donde esto no fuese posible (por ejemplo, cuando se publica como un gist). También contactaremos a los propietarios del proyecto para conocer las restricciones que se pusieron en marcha, cuando sea posible. + + Las restricciones son temporales cuando sea posible y no tienen el propósito de purgar o restringir ningun contenido de uso dual específico ni copias de dicho contenido desde la plataforma perpetuamente. Si bien nos enfocamos en que estos casos extraordinarios de restricción sean un proceso colaborativo con los propietarios de los proyectos, en caso de que sientas que tu contenido se restringió sin razón alguna, tenemos un [proceso de apelación](/github/site-policy/github-community-guidelines#appeal-and-reinstatement) instaurado. + + Para facilitar una ruta de resolución de abuso con los mismos mantenedores de proyecto, antes de escalar a un reporte de abuso de GitHub, te recomendamos, mas no requerimos, que los propietarios de los repositorios lleven a cabo los siguientes pasos al publicar contenido de investigación de seguridad potencialmente dañino: + +* Identifica y describe claramente cualquier contenido dañino en un aviso legal en el archivo README.md del proyecto o en los comentarios del código fuente. +* Proporciona un método de contacto preferido para cualquier consultas de abuso de terceros a través de un archivo de SECURITY.md en el repositorio (por ejemplo, "Por favor, crea una propuesta en este repositorio para dirigir cualquier pregunta o preocupación"). Dicho método de contacto permite que los terceros contacten a los mantenedores de proyecto directamente y que así resuelvan las preocupaciones potencialmente sin necesidad de emitir reportes de abuso. + + *GitHub considera que el registro de npm es una plataforma que se utiliza principalmente para la instalación y uso de tiempo de ejecución del código y no para investigación.* diff --git a/translations/es-ES/content/site-policy/acceptable-use-policies/github-appeal-and-reinstatement.md b/translations/es-ES/content/site-policy/acceptable-use-policies/github-appeal-and-reinstatement.md new file mode 100644 index 0000000000..93a26db0ee --- /dev/null +++ b/translations/es-ES/content/site-policy/acceptable-use-policies/github-appeal-and-reinstatement.md @@ -0,0 +1,38 @@ +--- +title: GitHub Appeal and Reinstatement +versions: + fpt: '*' +topics: + - Policy + - Legal +--- + +## Apelación y reinstauración + +While the majority of interactions between individuals in GitHub’s community fall within our Acceptable Use Policies and Community Guidelines, violations of those policies do occur at times. When they do, GitHub staff may need to take enforcement action to address the violations. However, in some cases there may be a basis to reverse a moderation action taken by GitHub Staff. + +## What are appeals and reinstatements? + +Both appeals and reinstatements arise in relation to disabling of content or restrictions to access an account. + +**Reinstatement**: The user wishes to regain access to their account or content and is willing to make any necessary changes to address the violation and must agree not to violate our terms going forward. + +**Appeal**: The user disputes that a violation occurred and can provide additional information to show that a different decision should have been reached. + +## How this works + +If you seek reinstatement or wish to appeal an enforcement action, please fill out our [Appeal and Reinstatement form](https://support.github.com/contact/reinstatement). + +GitHub staff will review the information provided in the form to determine whether there is sufficient information to warrant reinstatement or granting of an appeal. + +* **Reinstatement**: Where a user can agree to abide by our Acceptable Use Policies moving forward and has made the changes necessary to address the violation(s), we may choose to reinstate their account or content depending on the circumstances and severity of the initial violation. + +All legitimate reinstatement requests will be reviewed initially by GitHub staff and will be answered with a decision. + +* **Appeal**: Where a user seeks to dispute a decision, they can use the form to explain their basis for disputing the decision and to provide any additional information regarding the alleged violation that they believe should have led to a different decision. If the information provided demonstrates that a different conclusion should have been reached, we may be able to grant an appeal. + +If the GitHub staff reviewer is the same person who made the initial determination and that staff member believes their initial conclusion was correct (and thus would be inclined to deny the appeal), a different member of GitHub’s staff will independently review the appeal. All legitimate appeals will be answered with a final decision. + +## Transparencia + +We track appeals and reinstatements in our [transparency reports](https://github.blog/2022-01-27-2021-transparency-report/#Appeals_and_other_reinstatements). diff --git a/translations/es-ES/content/site-policy/acceptable-use-policies/github-bullying-and-harassment.md b/translations/es-ES/content/site-policy/acceptable-use-policies/github-bullying-and-harassment.md new file mode 100644 index 0000000000..4bd6614844 --- /dev/null +++ b/translations/es-ES/content/site-policy/acceptable-use-policies/github-bullying-and-harassment.md @@ -0,0 +1,23 @@ +--- +title: GitHub Bullying and Harassment +shortTitle: Bullying and Harassment +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-bullying-and-harassment + - /github/site-policy/github-community-guidelines#bullying-and-harassment +--- + +We do not tolerate harassment, bullying, or abuse of any kind, whether directly or by encouraging others to take part in the prohibited conduct. Esto incluye: + +- Targeted personal attacks +- Piling on to or orchestrating [disruptive](/github/site-policy/github-disrupting-the-experience-of-other-users) activity in a way that amounts to abuse +- Following another user around the platform in a manner that causes intimidation +- Making sexual advances or comments directed at another individual +- Disingenuously participating in conversation in a way that instigates conflict or undermines sincere discussion +- Creating alternative accounts specifically to evade moderation action taken by GitHub staff or users + +Please note, not all unwelcome conduct is necessarily considered harassment. For example, disagreeing with another user or downvoting their comments may not rise to the level of harassment on our platform. In addition, sharing criticism of public figures or projects, or topics of public interest, does not necessarily fall under this policy. However, we encourage you to be mindful in how you engage with other users and the platform, as this activity may still violate our restriction on disrupting the experience of other users. diff --git a/translations/es-ES/content/site-policy/acceptable-use-policies/github-disrupting-the-experience-of-other-users.md b/translations/es-ES/content/site-policy/acceptable-use-policies/github-disrupting-the-experience-of-other-users.md new file mode 100644 index 0000000000..ed463c3282 --- /dev/null +++ b/translations/es-ES/content/site-policy/acceptable-use-policies/github-disrupting-the-experience-of-other-users.md @@ -0,0 +1,27 @@ +--- +title: GitHub Disrupting the Experience of Other Users +shortTitle: Disrupting the Experience of Other Users +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-disrupting-the-experience-of-other-users + - /github/site-policy/github-community-guidelines#disrupting-the-experience-of-other-users +--- + +Being part of a community includes recognizing how your behavior affects others and engaging in meaningful and productive interactions with people and the platform they rely on. + +We do not allow behavior that significantly or continually disrupts the experience of other users. Esto incluye: + +- Posting off-topic comments +- Opening empty or meaningless issues or pull requests +- Starring and/or following accounts or repositories in large volume in a short period of time +- Creating nonsensical or irrelevant code reviews +- Engaging with platform features in a way that causes excessive notifications for other users +- Using any other platform feature in a way that creates disruption + +Mientras animamos a los mantenedores a moderar sus propios proyectos de forma individual. El personal de GitHub puede tomar medidas más restrictivas contra las cuentas que están participando en este tipo de comportamientos. + +Please note that the above conduct may also violate other restrictions in our [Acceptable Use Policies](/github/site-policy/github-acceptable-use-policies). For example, depending on the nature and severity of the activity, it may rise to the level of [bullying and harassment](/github/site-policy/github-bullying-and-harassment). diff --git a/translations/es-ES/content/site-policy/acceptable-use-policies/github-doxxing-and-invasion-of-privacy.md b/translations/es-ES/content/site-policy/acceptable-use-policies/github-doxxing-and-invasion-of-privacy.md new file mode 100644 index 0000000000..4a39fbc6dd --- /dev/null +++ b/translations/es-ES/content/site-policy/acceptable-use-policies/github-doxxing-and-invasion-of-privacy.md @@ -0,0 +1,30 @@ +--- +title: GitHub Doxxing and Invasion of Privacy +shortTitle: Doxxing and Invasion of Privacy +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-doxxing-and-invasion-of-privacy + - /github/site-policy/github-community-guidelines#doxxing-and-invasion-of-privacy +--- + +Don't post other people's personal information. Esto incluye: + +- Personal, private email addresses +- Phone numbers +- Physical addresses or other private location information +- Bank account information or credit card numbers +- Social Security/National Identity numbers +- Contraseñas +- Voter information +- Medical information and personal biometric data +- Other private information that may pose a safety or security risk + +We may consider other information, such as photos or videos that were taken or distributed without the subject's consent, to be an invasion of privacy, especially when such material presents a safety risk to the subject, such as in the case of intimidation or harassment. + +GitHub will take context into account as well as whether the reported content is publicly available elsewhere. Please note, however, that while sharing publicly available content may not be a violation of this policy, if the information is shared with the intent to harass or incite other abusive behavior, it may violate our prohibition against [bullying and harassment](/github/site-policy/github-bullying-and-harassment). + +For more information, or to learn how to report a violation, see our [Private Information Removal Policy](/github/site-policy/github-private-information-removal-policy) and our instructions for [Reporting Abuse](/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam). diff --git a/translations/es-ES/content/site-policy/acceptable-use-policies/github-hate-speech-and-discrimination.md b/translations/es-ES/content/site-policy/acceptable-use-policies/github-hate-speech-and-discrimination.md new file mode 100644 index 0000000000..d430f6ead2 --- /dev/null +++ b/translations/es-ES/content/site-policy/acceptable-use-policies/github-hate-speech-and-discrimination.md @@ -0,0 +1,24 @@ +--- +title: GitHub Hate Speech and Discrimination +shortTitle: Hate Speech and Discrimination +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-hate-speech-and-discrimination + - /github/site-policy/github-community-guidelines#hate-speech-and-discrimination +--- + +GitHub does not tolerate speech that attacks or promotes hate toward an individual or group of people on the basis of who they are, including age, body size, ability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, sexual identity, or sexual orientation. Esto incluye: + +- Mocking, attacking, or excluding a person or group based on their beliefs or the characteristics listed above +- Displaying clear affiliation or identification with known terrorist or violent extremist organizations +- Supporting or promoting hate groups or hate-based conspiracy theories +- Sharing symbols or images synonymous with hate +- Using harmful stereotypes, slurs, or dehumanizing speech +- Attacking an individual based on their perceived gender +- Dog whistling; or using coded or suggestive language and/or symbols to promote abuse or hate + +While GitHub takes all instances of abuse and harassment on the platform seriously, we are especially committed to fighting hate-based abuse where it disproportionately affects communities that have historically been targeted by such abuse. We aim to make GitHub a place where all individuals feel welcome and safe. diff --git a/translations/es-ES/content/site-policy/acceptable-use-policies/github-impersonation.md b/translations/es-ES/content/site-policy/acceptable-use-policies/github-impersonation.md new file mode 100644 index 0000000000..32cf270aef --- /dev/null +++ b/translations/es-ES/content/site-policy/acceptable-use-policies/github-impersonation.md @@ -0,0 +1,23 @@ +--- +title: GitHub Impersonation +shortTitle: Impersonation +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-impersonation + - /github/site-policy/github-community-guidelines#impersonation +--- + +You may not misrepresent your identity or your association with another person or organization. This includes doing any of the following in a way that misleads or deceives others: + +- Copying another user's avatar or other personal profile information +- Posting content under another user's email address +- Using a deceptively similar username, organization name, or other namespace +- Otherwise posing as another individual or organization + +Impersonation is a form of harassment and violation of this policy may lead to loss of access to your account. + +Please note, having a username similar to another is not necessarily impersonation. GitHub will take context into account. For example, as in cases involving claims of [misinformation or disinformation](/github/site-policy/github-misinformation-and-disinformation), we generally allow parody and satire that is in line with our [Acceptable Use Polices](/github/site-policy/github-acceptable-use-policies). diff --git a/translations/es-ES/content/site-policy/acceptable-use-policies/github-misinformation-and-disinformation.md b/translations/es-ES/content/site-policy/acceptable-use-policies/github-misinformation-and-disinformation.md new file mode 100644 index 0000000000..4c2c5f81ff --- /dev/null +++ b/translations/es-ES/content/site-policy/acceptable-use-policies/github-misinformation-and-disinformation.md @@ -0,0 +1,21 @@ +--- +title: GitHub Misinformation and Disinformation +shortTitle: Misinformation and Disinformation +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-misinformation-and-disinformation + - /github/site-policy/github-community-guidelines#misinformation-and-disinformation +--- + +You may not post content that presents a distorted view of reality, whether it is inaccurate or false (misinformation) or is intentionally deceptive (disinformation), where such content is likely to result in harm to the public or to interfere with fair and equal opportunities for all to take part in a free and open society. Puede incluir: +- Inaccurate or scientifically unsupported medical claims that endanger public health or safety +- Manipulated media, whether audio or visual, likely to mislead or deceive in a way that may harm the public interest +- False or misleading content likely to interfere with an individual's ability to participate in civic activities +- Unsubstantiated claims that could promote hate or targeted harassment of specific groups of people + +Fomentamos la participación activa en la expresión de ideas, perspectivas y experiencias y podríamos no estar en posición de disputar cuentas personales u observaciones. We generally allow parody and satire that is in line with our [Acceptable Use Polices](/github/site-policy/github-acceptable-use-policies), and we consider context to be important in how information is received and understood. When reviewing content under this policy, GitHub will consider the impact of various factors that may help to orient the viewer, such as whether the content has been provided with clear disclaimers, citations to credible sources, or includes other details that clarify the accuracy of the information being shared. + diff --git a/translations/es-ES/content/site-policy/acceptable-use-policies/github-sexually-obscene-content.md b/translations/es-ES/content/site-policy/acceptable-use-policies/github-sexually-obscene-content.md new file mode 100644 index 0000000000..43619d97fd --- /dev/null +++ b/translations/es-ES/content/site-policy/acceptable-use-policies/github-sexually-obscene-content.md @@ -0,0 +1,20 @@ +--- +title: GitHub Sexually Obscene Content +shortTitle: Sexually Obscene Content +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-sexually-obscene-content + - /github/site-policy/github-community-guidelines#sexually-obscene-content +--- + +We do not tolerate content associated with sexual exploitation or abuse of another individual, including where minors are concerned. We do not allow sexually themed or suggestive content that serves little or no purpose other than to solicit an erotic or shocking response, particularly where that content is amplified by its placement in profiles or other social contexts. Esto incluye: + +- Pornographic content +- Non-consensual intimate imagery +- Graphic depictions of sexual acts including photographs, video, animation, drawings, computer-generated images, or text-based content + +We recognize that not all nudity or content related to sexuality is obscene. We may allow visual and/or textual depictions in artistic, educational, historical or journalistic contexts, or as it relates to victim advocacy. In some cases a disclaimer can help communicate the context of the project. However, please understand that we may choose to limit the content by giving users the option to opt in before viewing. diff --git a/translations/es-ES/content/site-policy/acceptable-use-policies/github-threats-of-violence-and-gratuitously-violent-content.md b/translations/es-ES/content/site-policy/acceptable-use-policies/github-threats-of-violence-and-gratuitously-violent-content.md new file mode 100644 index 0000000000..9c5d384fac --- /dev/null +++ b/translations/es-ES/content/site-policy/acceptable-use-policies/github-threats-of-violence-and-gratuitously-violent-content.md @@ -0,0 +1,22 @@ +--- +title: GitHub Threats of Violence and Gratuitously Violent Content +shortTitle: Threats of Violence and Gratuitously Violent Content +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-threats-of-violence-and-gratuitously-violent-content + - /github/site-policy/github-community-guidelines#threats-of-violence + - /github/site-policy/github-community-guidelines#gratuitously-violent-content +--- + + +You may not use GitHub to organize, promote, encourage, threaten, or incite acts of violence. You may not post content that depicts or glorifies violence or physical harm against human beings or animals. Esto incluye: + +- Threatening another individual or group with abuse, harm, sexual violence, or death +- Posting text, imagery, or audio content glorifying or containing a graphic depiction of violence toward oneself, another individual, group, or animal +- Encouraging another individual to engage in self harm + +We do not allow violent content to be posted indiscriminately or in a way that is difficult for other users to avoid, such as a profile avatar or an issue comment. However, we understand there may be legitimate reasons to post violent content, such as for educational or documentary purposes, creative works, or depictions of historical events. In those cases, a clear warning or disclaimer can help users make an educated decision as to whether or not they want to engage with such content. Still, GitHub may decide to limit the visibility of such content to those who choose to opt in. diff --git a/translations/es-ES/content/site-policy/acceptable-use-policies/index.md b/translations/es-ES/content/site-policy/acceptable-use-policies/index.md new file mode 100644 index 0000000000..72c402ca30 --- /dev/null +++ b/translations/es-ES/content/site-policy/acceptable-use-policies/index.md @@ -0,0 +1,21 @@ +--- +title: Políticas de uso aceptable +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - github-sexually-obscene-content + - github-disrupting-the-experience-of-other-users + - github-doxxing-and-invasion-of-privacy + - github-hate-speech-and-discrimination + - github-acceptable-use-policies + - github-bullying-and-harassment + - github-active-malware-or-exploits + - github-threats-of-violence-and-gratuitously-violent-content + - github-impersonation + - github-misinformation-and-disinformation + - github-appeal-and-reinstatement +--- + diff --git a/translations/es-ES/content/github/site-policy/dmca-takedown-policy.md b/translations/es-ES/content/site-policy/content-removal-policies/dmca-takedown-policy.md similarity index 97% rename from translations/es-ES/content/github/site-policy/dmca-takedown-policy.md rename to translations/es-ES/content/site-policy/content-removal-policies/dmca-takedown-policy.md index 05cee74f72..e98b1ff46a 100644 --- a/translations/es-ES/content/github/site-policy/dmca-takedown-policy.md +++ b/translations/es-ES/content/site-policy/content-removal-policies/dmca-takedown-policy.md @@ -6,6 +6,7 @@ redirect_from: - /dmca-takedown-policy - /articles/dmca-takedown - /articles/dmca-takedown-policy + - /github/site-policy/dmca-takedown-policy versions: fpt: '*' topics: @@ -64,7 +65,7 @@ Aquí están los pasos básicos en el proceso. ## B. ¿Qué hay de las bifurcaciones? (o ¿Qué es una bifurcación?) -Una de las mejores características de GitHub es la capacidad de los usuarios de "bifurcar" los repositorios de otros. ¿Qué significa esto? En esencia, significa que los usuarios pueden hacer una copia de un proyecto en GitHub en sus propios repositorios. Como la licencia o la ley permite, los usuarios pueden hacer cambios en esa bifurcación para volver al proyecto principal o simplemente mantener como su propia variación de un proyecto. Cada una de estas copias es una "[bifurcación](/articles/github-glossary#fork)" del repositorio original, que a su vez también se puede llamar la "matriz" de la bifurcación. +Una de las mejores características de GitHub es la capacidad de los usuarios de "bifurcar" los repositorios de otros. ¿Qué significa eso? Básicamente, significa que los usuarios pueden hacer una copia de un proyecto en GitHub en sus propios repositorios. Según lo permita la licencia o la ley, los usuarios pueden hacer cambios en esa bifurcación para volver al proyecto principal o simplemente mantener como la propia variación de su proyecto. Cada una de estas copias es una "[bifurcación](/articles/github-glossary#fork)" del repositorio original, que a su vez también se puede llamar la "matriz" de la bifurcación. GitHub *no deshabilitará automáticamente* las bifurcaciones cuando se deshabilite un repositorio matriz. Esto se debe a que las bifurcaciones pertenecen a diferentes usuarios, pueden haber sido alteradas de manera significativa y pueden ser licenciadas o utilizada de una manera diferente que estén protegidas por la doctrina de uso leal. GitHub no lleva a cabo ninguna investigación independiente sobre las bifucaciones. Esperamos que los propietarios de los derechos de autor lleven a cabo esa investigación y, si creen que las bifurcaciones también están infringiendo, incluyan expresamente bifurcaciones en su notificación de retiro. diff --git a/translations/es-ES/content/github/site-policy/github-private-information-removal-policy.md b/translations/es-ES/content/site-policy/content-removal-policies/github-private-information-removal-policy.md similarity index 94% rename from translations/es-ES/content/github/site-policy/github-private-information-removal-policy.md rename to translations/es-ES/content/site-policy/content-removal-policies/github-private-information-removal-policy.md index 1e3c285f7e..7546785153 100644 --- a/translations/es-ES/content/github/site-policy/github-private-information-removal-policy.md +++ b/translations/es-ES/content/site-policy/content-removal-policies/github-private-information-removal-policy.md @@ -3,6 +3,7 @@ title: Política de Eliminación de Información Privada de GitHub redirect_from: - /articles/github-sensitive-data-removal-policy - /github/site-policy/github-sensitive-data-removal-policy + - /github/site-policy/github-private-information-removal-policy versions: fpt: '*' topics: @@ -62,7 +63,7 @@ Para los propósitos de este documento, "información privada" se refiere al con 7. **Los usuarios podrían solicitar una ventana de tiempo adicional para realizar los cambios.** Si el usuario no aprovechó la oportunidad para eliminar la información privada que se especifica en la notificación, podremos permitirles una ventana de tiempo adicional de aproximadamente 1 día laboral, bajo solicitud, para realizar los cambios pertinentes. En ese caso, GitHub notificará al demandante. ### ¿Qué hay de las bifurcaciones? (o ¿Qué es una bifurcación?) -Una de las mejores características de GitHub es la capacidad de los usuarios de "bifurcar" los repositorios de otros. ¿Qué significa esto? En esencia, significa que los usuarios pueden hacer una copia de un proyecto en GitHub en sus propios repositorios. Como la licencia o la ley permite, los usuarios pueden hacer cambios en esa bifurcación para volver al proyecto principal o simplemente mantener como su propia variación de un proyecto. Cada una de estas copias es una "[bifurcación](/articles/github-glossary/#fork)" del repositorio original, que a su vez también se puede llamar la "matriz" de la bifurcación. +Una de las mejores características de GitHub es la capacidad de los usuarios de "bifurcar" los repositorios de otros. ¿Qué significa eso? Básicamente, significa que los usuarios pueden hacer una copia de un proyecto en GitHub en sus propios repositorios. Según lo permita la licencia o la ley, los usuarios pueden hacer cambios en esa bifurcación para volver al proyecto principal o simplemente mantener como la propia variación de su proyecto. Cada una de estas copias es una "[bifurcación](/articles/github-glossary/#fork)" del repositorio original, que a su vez también se puede llamar la "matriz" de la bifurcación. GitHub no deshabilitará automáticamente las bifurcaciones cuando se deshabilite un repositorio matriz. Esto se debe a que las bifurcaciones pertenecen a diferentes usuarios y pueden haber sido alteradas de manera significativa. GitHub no lleva a cabo ninguna investigación independiente sobre las bifucaciones. Esperamos que aquellos que envían solicitudes de eliminación de información privada lleven a cabo esta investigación y, en caso de que crean que las bifurcaciones también contienen información privada, las incluyan expresamente en su solicitud. @@ -70,7 +71,7 @@ Si en el momento en el que emitiste tu notificación identificaste todas las bif ## Enviar una solicitud de eliminación de información privada -Debido al tipo de contenido de los hosts de GitHub (principalmente de código de software) y a la forma en que se gestiona el contenido (con Git), necesitamos que las demandas sean lo más específicas posible. Para que podamos verificar que un usuario eliminó integralmente la información privada que se reportó, necesitamos saber exactamente en dónde buscar. +Debido al tipo de contenido de los hosts de GitHub (principalmente de código de software) y a la forma en que se gestiona el contenido (con Git), necesitamos que las quejas sean lo más específicas posible. Para que podamos verificar que un usuario eliminó integralmente la información privada que se reportó, necesitamos saber exactamente en dónde buscar. Estos lineamientos se diseñan para hacer el procesamiento de las solicitudes para eliminar la información privada tan sencillamente como sea posible. diff --git a/translations/es-ES/content/github/site-policy/github-trademark-policy.md b/translations/es-ES/content/site-policy/content-removal-policies/github-trademark-policy.md similarity index 97% rename from translations/es-ES/content/github/site-policy/github-trademark-policy.md rename to translations/es-ES/content/site-policy/content-removal-policies/github-trademark-policy.md index 2b359c8dd8..e79cf20005 100644 --- a/translations/es-ES/content/github/site-policy/github-trademark-policy.md +++ b/translations/es-ES/content/site-policy/content-removal-policies/github-trademark-policy.md @@ -2,6 +2,7 @@ title: Política de marca registrada de GitHub redirect_from: - /articles/github-trademark-policy + - /github/site-policy/github-trademark-policy versions: fpt: '*' topics: @@ -43,7 +44,7 @@ Para investigar las violaciones de la política de marcas, por favor proporciona * Acción solicitada (por ejemplo, eliminación de una cuenta en violación o transferencia de un nombre de usuario con marca a una cuenta de empresa existente) * Incluye la siguiente declaración: "Tengo la creencia de buena fe de que el uso de la marca descrita anteriormente no está autorizado por el propietario de la marca, o su agente, o la ley. He considerado los usos nominativos y otros usos legítimos". * También incluye la siguiente declaración: "Juro, bajo pena de perjurio, que la información de esta notificación es fiel y que soy el propietario de los derechos de autor o estoy autorizado para actuar en nombre del propietario, de un derecho exclusivo que se infringe presuntamente." -* Incluye tu firma física o electrónica. +* Incluir tu firma física o electrónica. * Nota: Se requiere un número de registro federal o internacional de marcas registradas. Si el nombre que estás reportando no es **** una marca registrada (por ejemplo, una agencia gubernamental u organización sin fines de lucro), comunícanos: * Tu nombre y apellido diff --git a/translations/es-ES/content/github/site-policy/guide-to-submitting-a-dmca-counter-notice.md b/translations/es-ES/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-counter-notice.md similarity index 98% rename from translations/es-ES/content/github/site-policy/guide-to-submitting-a-dmca-counter-notice.md rename to translations/es-ES/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-counter-notice.md index 6bf85f9468..58caaac8f4 100644 --- a/translations/es-ES/content/github/site-policy/guide-to-submitting-a-dmca-counter-notice.md +++ b/translations/es-ES/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-counter-notice.md @@ -4,6 +4,7 @@ redirect_from: - /dmca-counter-notice-how-to - /articles/dmca-counter-notice-how-to - /articles/guide-to-submitting-a-dmca-counter-notice + - /github/site-policy/guide-to-submitting-a-dmca-counter-notice versions: fpt: '*' topics: @@ -52,7 +53,7 @@ Estos son sólo algunos ejemplos de la complejidad de la legislación sobre dere 5. ***Incluir la siguiente declaración: "Acepto la jurisdicción del Tribunal Federal de Distrito para el distrito judicial en el que se encuentra mi dirección (si es en los Estados Unidos, de lo contrario el Distrito Norte de California donde se encuentra GitHub) y aceptaré el servicio de trámite de la persona que proporcionó la notificación del DMCA o de un agente de dicha persona."*** -6. **Incluye tu firma física o electrónica.** +6. **Incluir tu firma física o electrónica.** ## Cómo enviar tu contra notificación diff --git a/translations/es-ES/content/github/site-policy/guide-to-submitting-a-dmca-takedown-notice.md b/translations/es-ES/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-takedown-notice.md similarity index 95% rename from translations/es-ES/content/github/site-policy/guide-to-submitting-a-dmca-takedown-notice.md rename to translations/es-ES/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-takedown-notice.md index 61be53bc81..49a187ecff 100644 --- a/translations/es-ES/content/github/site-policy/guide-to-submitting-a-dmca-takedown-notice.md +++ b/translations/es-ES/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-takedown-notice.md @@ -4,6 +4,7 @@ redirect_from: - /dmca-notice-how-to - /articles/dmca-notice-how-to - /articles/guide-to-submitting-a-dmca-takedown-notice + - /github/site-policy/guide-to-submitting-a-dmca-takedown-notice versions: fpt: '*' topics: @@ -13,7 +14,7 @@ topics: Esta guía describe la información que GitHub necesita para procesar una solicitud de retiro de DMCA. Si tienes preguntas más generales sobre qué es la DMCA o cómo procesa GitHub las solicitudes de retiro de DMCA, por favor revisa nuestra [política de retiro de DMCA](/articles/dmca-takedown-policy). -Debido al tipo de contenido de los hosts de GitHub (principalmente de código de software) y a la forma en que se gestiona el contenido (con Git), necesitamos que las demandas sean lo más específicas posible. Estas directrices están diseñadas para que el procesamiento de las notificaciones de supuestas infracciones sea lo más sencillo posible. Nuestra forma de notificación indicada a continuación es coherente con el formulario sugerido por el estatuto DMCA, que se puede encontrar en el sitio web oficial de la Oficina de Derechos de Autor de EE. UU.: . Sitio web oficial de la Oficina de Derechos de Autor: . +Debido al tipo de contenido de los hosts de GitHub (principalmente de código de software) y a la forma en que se gestiona el contenido (con Git), necesitamos que las quejas sean lo más específicas posible. Estas directrices están diseñadas para que el procesamiento de las notificaciones de supuestas infracciones sea lo más sencillo posible. Nuestra forma de notificación indicada a continuación es coherente con el formulario sugerido por el estatuto DMCA, que se puede encontrar en el sitio web oficial de la Oficina de Derechos de Autor de EE. UU.: . Sitio web oficial de la Oficina de Derechos de Autor: . Como en todas las cuestiones jurídicas, siempre es mejor consultar con un profesional sobre tus preguntas o situación específicas. Te recomendamos enfáticamente que lo hagas antes de emprender cualquier acción que pueda afectar tus derechos. Esta guía no es asesoramiento legal y no debería ser tomada como tal. @@ -68,7 +69,7 @@ Esta lista no es exhaustiva, por lo que hablar con un profesional legal sobre tu 8. **También incluye la siguiente declaración: "Juro, bajo pena de perjurio, que la información de esta notificación es exacta y que soy el propietario de los derechos de autor, o estoy autorizado para actuar en nombre del propietario, de un derecho exclusivo que se infringe presuntamente".** -9. **Incluye tu firma física o electrónica.** +9. **Incluir tu firma física o electrónica.** ## Quejas sobre Tecnología de Anti Elusión diff --git a/translations/es-ES/content/site-policy/content-removal-policies/index.md b/translations/es-ES/content/site-policy/content-removal-policies/index.md new file mode 100644 index 0000000000..080fd68bed --- /dev/null +++ b/translations/es-ES/content/site-policy/content-removal-policies/index.md @@ -0,0 +1,16 @@ +--- +title: Content Removal Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /submitting-content-removal-requests + - /github-private-information-removal-policy + - /github-trademark-policy + - /guide-to-submitting-a-dmca-counter-notice + - /guide-to-submitting-a-dmca-takedown-notice + - /dmca-takedown-policy +--- + diff --git a/translations/es-ES/content/github/site-policy/submitting-content-removal-requests.md b/translations/es-ES/content/site-policy/content-removal-policies/submitting-content-removal-requests.md similarity index 94% rename from translations/es-ES/content/github/site-policy/submitting-content-removal-requests.md rename to translations/es-ES/content/site-policy/content-removal-policies/submitting-content-removal-requests.md index 4203231be1..e84181c0c8 100644 --- a/translations/es-ES/content/github/site-policy/submitting-content-removal-requests.md +++ b/translations/es-ES/content/site-policy/content-removal-policies/submitting-content-removal-requests.md @@ -2,6 +2,8 @@ title: Enviar solicitudes de eliminación de contenido redirect_from: - /articles/submitting-content-removal-requests + - /github/site-policy/submitting-content-removal-requests + - /github/site-policy/github-terms-and-other-site-policies/submitting-content-removal-requests versions: fpt: '*' topics: diff --git a/translations/es-ES/content/github/site-policy/github-anti-bribery-statement.md b/translations/es-ES/content/site-policy/github-company-policies/github-anti-bribery-statement.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-anti-bribery-statement.md rename to translations/es-ES/content/site-policy/github-company-policies/github-anti-bribery-statement.md index f200bb2ced..2c1d59ef9a 100644 --- a/translations/es-ES/content/github/site-policy/github-anti-bribery-statement.md +++ b/translations/es-ES/content/site-policy/github-company-policies/github-anti-bribery-statement.md @@ -2,6 +2,7 @@ title: Declaración antisoborno de GitHub redirect_from: - /articles/github-anti-bribery-statement + - /github/site-policy/github-anti-bribery-statement versions: fpt: '*' topics: diff --git a/translations/es-ES/content/github/site-policy/github-gifts-and-entertainment-policy.md b/translations/es-ES/content/site-policy/github-company-policies/github-gifts-and-entertainment-policy.md similarity index 96% rename from translations/es-ES/content/github/site-policy/github-gifts-and-entertainment-policy.md rename to translations/es-ES/content/site-policy/github-company-policies/github-gifts-and-entertainment-policy.md index 60a2a1fafe..b0b8c89814 100644 --- a/translations/es-ES/content/github/site-policy/github-gifts-and-entertainment-policy.md +++ b/translations/es-ES/content/site-policy/github-company-policies/github-gifts-and-entertainment-policy.md @@ -2,6 +2,7 @@ title: Política de entretenimiento y obsequios de GitHub redirect_from: - /articles/github-gifts-and-entertainment-policy + - /github/site-policy/github-gifts-and-entertainment-policy versions: fpt: '*' topics: @@ -63,4 +64,4 @@ Ten en cuenta que lo que es una cantidad aceptable puede variar. Por ejemplo, ga MULTAS y CÁRCEL. No necesariamente solo para GitHub. Puedes llegar a pasar algunos años en la cárcel y no importará si el cliente alguna vez envió una orden a GitHub después de su viaje a Japón o si el funcionario del gobierno incluso recogió la maleta de dinero en efectivo. Básicamente, no importa si realmente _hiciste_ un soborno. Sin embargo, el intento es lo que cuenta. ## Más información -Para obtener más información y contexto sobre las reglas, el cumplimiento y las sanciones, el Departamento de Justicia de los EE. UU. [Guía de recursos para la ley de prácticas corruptas extranjeras de los EE. UU.](https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2015/01/16/guide.pdf) es un excelente recurso. La ley de prácticas corruptas extranjeras es un excelente recurso. +Para obtener más información y contexto sobre las reglas, el cumplimiento y las sanciones, el Departamento de Justicia de los EE. UU. Department of Justice’s [Resource Guide to the U.S. La ley de prácticas corruptas extranjeras](https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2015/01/16/guide.pdf) es un excelente recurso. diff --git a/translations/es-ES/content/github/site-policy/github-gpl-cooperation-commitment.md b/translations/es-ES/content/site-policy/github-company-policies/github-gpl-cooperation-commitment.md similarity index 98% rename from translations/es-ES/content/github/site-policy/github-gpl-cooperation-commitment.md rename to translations/es-ES/content/site-policy/github-company-policies/github-gpl-cooperation-commitment.md index 6ae631f5f3..ebb349791c 100644 --- a/translations/es-ES/content/github/site-policy/github-gpl-cooperation-commitment.md +++ b/translations/es-ES/content/site-policy/github-company-policies/github-gpl-cooperation-commitment.md @@ -2,6 +2,7 @@ title: Compromiso de Cooperación de GPL de GitHub redirect_from: - /articles/github-gpl-cooperation-commitment + - /github/site-policy/github-gpl-cooperation-commitment versions: fpt: '*' topics: diff --git a/translations/es-ES/content/github/site-policy/github-statement-against-modern-slavery-and-child-labor.md b/translations/es-ES/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-statement-against-modern-slavery-and-child-labor.md rename to translations/es-ES/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md index c09722c50d..3fe8dbffa5 100644 --- a/translations/es-ES/content/github/site-policy/github-statement-against-modern-slavery-and-child-labor.md +++ b/translations/es-ES/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md @@ -2,6 +2,7 @@ title: Acuerdo de GitHub contra la esclavitud moderna y el trabajo infantil redirect_from: - /articles/github-statement-against-modern-slavery-and-child-labor + - /github/site-policy/github-statement-against-modern-slavery-and-child-labor versions: fpt: '*' topics: diff --git a/translations/es-ES/content/site-policy/github-company-policies/index.md b/translations/es-ES/content/site-policy/github-company-policies/index.md new file mode 100644 index 0000000000..c1b0dd22ee --- /dev/null +++ b/translations/es-ES/content/site-policy/github-company-policies/index.md @@ -0,0 +1,14 @@ +--- +title: GitHub Company Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-statement-against-modern-slavery-and-child-labor + - /github-anti-bribery-statement + - /github-gpl-cooperation-commitment + - /github-gifts-and-entertainment-policy +--- + diff --git a/translations/es-ES/content/github/site-policy/github-community-forum-code-of-conduct.md b/translations/es-ES/content/site-policy/github-terms/github-community-forum-code-of-conduct.md similarity index 86% rename from translations/es-ES/content/github/site-policy/github-community-forum-code-of-conduct.md rename to translations/es-ES/content/site-policy/github-terms/github-community-forum-code-of-conduct.md index 5a22bcd182..1b01dda755 100644 --- a/translations/es-ES/content/github/site-policy/github-community-forum-code-of-conduct.md +++ b/translations/es-ES/content/site-policy/github-terms/github-community-forum-code-of-conduct.md @@ -2,6 +2,8 @@ title: Código de conducta del foro de la comunidad GitHub redirect_from: - /articles/github-community-forum-code-of-conduct + - /github/site-policy/github-community-forum-code-of-conduct + - /github/site-policy/acceptable-use-policies/github-community-forum-code-of-conduct versions: fpt: '*' topics: @@ -11,13 +13,13 @@ topics: ## Descripción y propósito -Millones de programadores albergan millones de proyectos en GitHub — tanto de código abierto como de código cerrado — y tenemos el honor de participar en permitir la colaboración de toda la comunidad de programadores todos los días. Juntos tenemos una emocionante oportunidad y responsabilidad de hacer de esta una comunidad de la que podemos estar orgullosos. +Millions of developers across the world host millions of projects—both open and closed source—on GitHub. We're fortunate to be able to play a part in enabling collaboration across the developer community every day, which is a responsibility we don’t take lightly. Together, we all have the exciting opportunity to make this a community we can be proud of. El Foro de la Comunidad de GitHub está previsto para ser un lugar para más colaboración, apoyo y reunión de reflexión. Este es un lugar civilizado para conectarse con otros usuarios, aprender nuevas habilidades, compartir comentarios e ideas y encontrar todo el apoyo que necesitas para tus proyectos de GitHub. Al participar en esta comunidad, declaras que estás de acuerdo con los [Términos de Servicio](/github/site-policy/github-terms-of-service/) y [Políticas de uso aceptable de GitHub](/github/site-policy/github-acceptable-use-policies) que aplican a GitHub.com, así como a este Código de Conducta específico de la comunidad. Con este Código de Conducta esperamos ayudarte a entender cómo colaborar mejor en el Foro de la Comunidad de GitHub, lo que puedes esperar de los moderadores y qué tipo de acciones o contenidos pueden resultar en una suspensión temporal o permanente de la participación en la Comunidad. Investigaremos cualquier reporte de abuso y podremos moderar el contenido público dentro de la Comunidad que determinemos que viola los Términos de Servicio de GitHub o de este Código de Conducta. -Los usuarios de GitHub en todo el mundo ofrecen perspectivas, ideas y experiencias diferentes y van desde personas que crearon su primer proyecto "Hola Mundo" la semana pasada hasta los desarrolladores de software más conocidos del mundo. Estamos comprometidos a hacer de GitHub y el Foro de la Comunidad de GitHub un entorno acogedor para todas las diferentes voces y perspectivas aquí, manteniendo un espacio donde la gente es libre de expresarse. +Our diverse user base brings different perspectives, ideas, and experiences, and ranges from people who created their first "Hello World" project last week to the most well-known software developers in the world. We are committed to making GitHub an environment that welcomes all the different voices and perspectives our community has to offer, while maintaining a safe place for developers to do their best work. ## Compromiso @@ -29,23 +31,26 @@ Trata el Foro de la Comunidad de GitHub con respeto. Somos un recurso compartido Lo siguiente no son normas duras y rápidas, sino ayudas al juicio humano de nuestra Comunidad. Utiliza estas pautas para mantener este lugar limpio y bien iluminado para el discurso público civilizado. -### *Mejores prácticas para construir una comunidad sólida* +### *Best Practices for Maintaining a Strong Community* -- Se respetuoso y considerado. - - **Se bienvenido y abierto.** Es posible que otros miembros de la comunidad no tengan el mismo nivel de experiencia o antecedentes que tú, pero eso no significa que no tengan buenas ideas para contribuir. Te invitamos a dar la bienvenida a los nuevos miembros y a los que están empezando a trabajar. - - **Respeto unos a otros.** Nada sabotea una conversación saludable como la rudeza. Se cortés y profesional y no publiques nada que una persona razonable consideraría ofensivo, abusivo o un discurso de odio. No acoses ni molestes a nadie. Trato mutuo con dignidad y consideración en todas las interacciones. +El propósito principal de la comunidad de GitHub es colaborar en proyectos de software. Estamos comprometidos a mantener una comunidad donde los usuarios sean libres de expresarse y desafiar las ideas de los demás, tanto técnicas como de otro tipo. At the same time, it's important that users remain respectful and allow space for others to contribute openly. In order to foster both a safe and productive environment, we encourage our community members to look to these guidelines to inform how they interact on our platform. Below, you’ll find some suggestions for how to have successful interactions as a valued member of the GitHub community. + +- Engage with consideration and respect. + + - **Be welcoming and open-minded** - New users join our community each day. Some are well-established developers, while others are just beginning. Be open to other ideas and experience levels. Make room for opinions other than your own and be welcoming to new collaborators and those just getting started. + + - **Be respectful** - Working in a collaborative environment means disagreements may happen. Pero recuerda criticar las ideas, no a las personas. Share thoughtful, constructive criticism and be courteous to those you interact with. If you’re unable to engage respectfully, consider taking a step back or using some of our moderation tools to deescalate a tense situation. + + - **Be empathetic** - GitHub is a global community with people from a wide variety of backgrounds and perspectives, many of which may not be your own. Try to put yourself in others’ shoes and understand their feelings before you address them. Do your best to help make GitHub a community where others feel safe to make contributions, participate in discussions, and share different ideas. - Es probable que desees responder a algo discrepándolo. Está bien. Pero recuerda criticar las ideas, no a las personas. Evita ataques usando el nombre, ad hominem, respondiendo al tono de un post en lugar de su contenido real y contradicción reactiva. En lugar de ello, proporciona contra-argumentos razonados que mejoran la conversación. - - **Comunícate con empatía.** Los desacuerdos o diferencias de opinión son un hecho de la vida. Formar parte de una comunidad significa interactuar con personas de diferentes orígenes y perspectivas, muchas de las cuales pueden no ser propias. Si no estás de acuerdo con alguien, trata de entender y compartir sus sentimientos antes de abordarlos. Esto promoverá un ambiente respetuoso y amistoso donde la gente se sienta cómoda haciendo preguntas, participando en discusiones y haciendo contribuciones. - Contribuye de forma positiva y constructiva. - **Mejorar el debate.** Ayúdanos a hacer de esto un gran lugar para el debate trabajando siempre para mejorar la discusión de alguna manera, sin embargo siempre breve. Si no estás seguro de que tu publicación sume a la conversación, piensa en lo que quieres decir e inténtalo de nuevo más tarde. Los temas debatidos aquí nos importan y esperamos que actúes como si también te importasen. Se respetuoso con los temas y con las personas que los debaten, aunque no estés de acuerdo con algo de los que se dice. - - **Se claro y enfócate en el tema.** Comunicarse con extraños en Internet puede ser incómodo. Es difícil transmitir o leer el tono y el sarcasmo es frecuentemente mal entendido. Intenta usar un lenguaje claro y piensa cómo será recibido por la otra persona. + - **Be clear and stay on topic.** The GitHub Community Forum is for collaboration, sharing ideas, and helping each other get stuff done. Los comentarios fuera del tema son una distracción (en ocasiones bien recibido, pero generalmente no) sobre realizar el trabajo y ser productivo. Mantener el tema ayuda a producir discusiones positivas y productivas. Esto también se aplica al intercambio de vínculos. Cualquier enlace compartido en el Foro de la Comunidad debe compartirse con la intención de proporcionar información relevante y apropiada. Los enlaces no deben publicarse para simplemente conducir el tráfico o la atención a un sitio. Los enlaces siempre deberán ir acompañados de una explicación completa del contenido y propósito de los mismos. Publicar enlaces, especialmente los no solicitados, sin un contexto relevante y valioso puede parecer publicidad o con fines aún más maliciosos. - Además, el Foro de la Comunidad de GitHub tiene el objetivo de colaborar, compartir ideas y ayudarse mutuamente a hacer cosas. Los comentarios fuera del tema son una distracción (en ocasiones bien recibido, pero generalmente no) sobre realizar el trabajo y ser productivo. Mantener el tema ayuda a producir discusiones positivas y productivas. - **Comparte con precaución.** Al pedir a otros que te den comentarios o colaboren en un proyecto, solo comparte recursos valiosos y relevantes para proporcionar un contexto. No publiques enlaces que no añadan valor al tema y no publiques enlaces no solicitados a tus propios proyectos o sitios en los temas de otros usuarios. Además, no compartas información confidencial. Esto incluye tu propia dirección de correo electrónico. No permitimos compartir dicha información en este Foro de la Comunidad, ya que puede crear riesgos de seguridad y privacidad para la persona que publica, así como para otros usuarios. Si quieres invitar a otros miembros del Foro a colaborar en un proyecto o trabajar contigo, comparte un enlace al repositorio en el que existe el proyecto en el que estás trabajando. Al compartir el enlace al repositorio de tu proyecto - con alguna información sobre lo que es tu proyecto y qué tipo de ayuda o retroalimentación estás buscando, puedes invitar a otros a colaborar contigo a través de temas o solicitudes de extracción sin tener que compartir tu información privada. También puedes añadir a otros como colaboradores externos en el repositorio de tu proyecto para darles permisos especiales que te ayuden a desarrollar tu proyecto. diff --git a/translations/es-ES/content/site-policy/github-terms/github-community-guidelines.md b/translations/es-ES/content/site-policy/github-terms/github-community-guidelines.md new file mode 100644 index 0000000000..2510d95b64 --- /dev/null +++ b/translations/es-ES/content/site-policy/github-terms/github-community-guidelines.md @@ -0,0 +1,86 @@ +--- +title: Pautas de la comunidad GitHub +redirect_from: + - /community-guidelines + - /articles/github-community-guidelines + - /github/site-policy/github-community-guidelines + - /github/site-policy/acceptable-use-policies/github-community-guidelines +versions: + fpt: '*' +topics: + - Policy + - Legal +--- + +Millions of developers across the world host millions of projects—both open and closed source—on GitHub. We're fortunate to be able to play a part in enabling collaboration across the developer community every day, which is a responsibility we don’t take lightly. Together, we all have the exciting opportunity to make this a community we can be proud of. + +Our diverse user base brings different perspectives, ideas, and experiences, and ranges from people who created their first "Hello World" project last week to the most well-known software developers in the world. We are committed to making GitHub an environment that welcomes all the different voices and perspectives our community has to offer, while maintaining a safe place for developers to do their best work. + +By outlining what we think a [safe, welcoming, and productive community](https://opensource.guide/building-community/) looks like at GitHub, we hope to help you understand how best to interact and collaborate on our platform in line with our [Terms of Service](/github/site-policy/github-terms-of-service) and [Acceptable Use Policies](/github/site-policy/github-acceptable-use-policies). + +We encourage our community members to communicate expectations clearly, [moderate](#what-if-something-or-someone-offends-you) their projects where possible, and [report](https://github.com/contact/report-abuse) any content that may violate our [policies](/github/site-policy/github-terms-of-service). GitHub Staff will investigate any reports of abuse, and may moderate public content on our site that we determine to be in violation of our Terms of Service. + + +## Maintaining a strong community + +El propósito principal de la comunidad de GitHub es colaborar en proyectos de software. Estamos comprometidos a mantener una comunidad donde los usuarios sean libres de expresarse y desafiar las ideas de los demás, tanto técnicas como de otro tipo. At the same time, it's important that users remain respectful and allow space for others to contribute openly. In order to foster both a safe and productive environment, we encourage our community members to look to these guidelines to inform how they interact on our platform. Below, you’ll find some suggestions for how to have successful interactions as a valued member of the GitHub community. + +* **Be welcoming and open-minded** - New users join our community each day. Some are well-established developers, while others are just beginning. Be open to other ideas and experience levels. Make room for opinions other than your own and be welcoming to new collaborators and those just getting started. + +* **Be respectful** - Working in a collaborative environment means disagreements may happen. Pero recuerda criticar las ideas, no a las personas. Share thoughtful, constructive criticism and be courteous to those you interact with. If you’re unable to engage respectfully, consider taking a step back or using some of our moderation tools to deescalate a tense situation. + +* **Be empathetic** - GitHub is a global community with people from a wide variety of backgrounds and perspectives, many of which may not be your own. Try to put yourself in others’ shoes and understand their feelings before you address them. Do your best to help make GitHub a community where others feel safe to make contributions, participate in discussions, and share different ideas. + + +## ¿Qué pasa si algo o alguien te ofende? + +While some disagreements can be resolved with direct, respectful communication between community members, we understand that is not always the case. We encourage our community to [let us know](https://support.github.com/contact/report-abuse?category=report-abuse&report=other&report_type=unspecified) when they believe content or activity they’ve encountered violates our policies. However, if you run into something or someone on the site that you find objectionable, here are some ways GitHub enables you to take action: + +* **Communicate expectations** - Maintainers can set community-specific guidelines to help users understand how to interact with their projects, for example, in a repository’s README, [CONTRIBUTING file](/articles/setting-guidelines-for-repository-contributors/), or [dedicated code of conduct](/articles/adding-a-code-of-conduct-to-your-project/). You can find additional information on building communities [here](/communities). + + +* **Moderate Comments** - Users with [write-access privileges](/articles/repository-permission-levels-for-an-organization/) for a repository can [edit, delete, or hide anyone's comments](/communities/moderating-comments-and-conversations/managing-disruptive-comments) on commits, pull requests, and issues. Cualquier persona con acceso de lectura a un repositorio puede ver el historial de edición del comentario. Comment authors and people with write access to a repository can also delete sensitive information from a [comment's edit history](/communities/moderating-comments-and-conversations/tracking-changes-in-a-comment). Moderating your projects can feel like a big task if there is a lot of activity, but you can [add collaborators](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository#collaborator-access-for-a-repository-owned-by-a-user-account) to assist you in managing your community. + +* **Lock Conversations**  - If a discussion in an issue, pull request, or commit gets out of hand, off topic, or violates your project’s code of conduct or GitHub’s policies, owners, collaborators, and anyone else with write access can put a temporary or permanent [lock](/articles/locking-conversations/) on the conversation. + +* **Block Users**  - If you encounter a specific user who you would rather not engage with, you can [block the user from your personal account](/articles/blocking-a-user-from-your-personal-account/) or [from your organization](/articles/blocking-a-user-from-your-organization/). + +* **Limit Interactions** - If your public project is getting unwanted attention, being trolled, spammed, or otherwise, you have the option of setting [temporary interaction limits](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository) to keep certain users from interacting with your repository. You can even set [code review limits](https://github.blog/2021-11-01-github-keeps-getting-better-for-open-source-maintainers/#preventing-drive-by-pull-request-approvals-and-requested-changes) to ensure quality contributions on your projects. + + +While we are passionate about empowering maintainers to moderate their own projects, please reach out to us to {% data variables.contact.report_abuse %} if you need additional support in dealing with a situation. + +## What happens if someone violates GitHub's policies? + +We rely on reports from the community, as well as proactive detection, to help ensure that GitHub is a safe, welcoming, and productive platform for software developers. There are a variety of factors we consider when we’re made aware of behavior or content not in line with GitHub’s policies. However, our policy enforcement and content moderation approach prioritizes our vision to be the home for all developers. This means: + +- We optimize for code collaboration. We recognize that code can have multiple uses and we distinguish between how the code is being used on the platform and other possible uses. We also think about how our enforcement actions can affect a potentially complicated web of interdependencies across the platform and aim to restrict as little legitimate content as possible. + +- We take a human-centered approach to content moderation and we tailor our responses to meet the needs of a specific situation. Our global team investigates the reports we receive on a case-by-case basis—considering context and the surrounding facts—before taking action. This could include taking into account potentially offensive content being posted in a way that lacks context or makes it easy for other users to unwittingly view or interact with while using GitHub. In those instances, we may favor moderation in order to safeguard our community. + +- Our decisions are rooted in our core belief that serving an interconnected community and empowering human progress through developer collaboration requires a commitment to diversity, inclusion, and belonging. + +Where we have decided that moderation action is warranted, these are some of the ways we may respond: + +* Removing the offending content +* Blocking or disabling the offending content +* Downgrading the visibility of the offending content +* Hiding a user account or organization from public view +* Suspending a user account or organization + + +## Apelación y reinstauración + +In some cases there may be a basis to reverse a moderation action taken by GitHub Staff. + +* **Reinstatement**: Where a user wishes to address the violation and is willing to agree to abide by our Acceptable Use Policies moving forward, we may choose to reinstate their account or content depending on the severity of the initial violation. + +* **Appeal**: If a user wishes to dispute the basis of an enforcement action and can provide additional information regarding the alleged violation, we will review that information and may grant the appeal where we determined that a violation did not occur. + +If you seek reinstatement or wish to appeal an enforcement action, please contact [support](https://support.github.com/contact?tags=docs-policy). + +## Avisos legales + +Dedicamos estas Pautas de la Comunidad al dominio público para que cualquiera pueda usar, reutilizar, adaptar o lo que sea, bajo los términos de [CC0-1.0](https://creativecommons.org/publicdomain/zero/1.0/). + +Estas son solo directrices; no modifican nuestros [Términos de Servicio](/articles/github-terms-of-service/) y no pretenden ser una lista completa. Under those terms, GitHub retains full discretion to remove any content or terminate any accounts for activity that violates our [Acceptable Use Policies](/articles/github-acceptable-use-policies). Estas directrices describen en qué situaciones ejerceremos dicha discreción. diff --git a/translations/es-ES/content/github/site-policy/github-corporate-terms-of-service.md b/translations/es-ES/content/site-policy/github-terms/github-corporate-terms-of-service.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-corporate-terms-of-service.md rename to translations/es-ES/content/site-policy/github-terms/github-corporate-terms-of-service.md index c96eb25349..34093bdb9e 100644 --- a/translations/es-ES/content/github/site-policy/github-corporate-terms-of-service.md +++ b/translations/es-ES/content/site-policy/github-terms/github-corporate-terms-of-service.md @@ -2,6 +2,7 @@ title: Términos de servicio corporativos de GitHub redirect_from: - /articles/github-corporate-terms-of-service + - /github/site-policy/github-corporate-terms-of-service versions: fpt: '*' topics: diff --git a/translations/es-ES/content/github/site-policy/github-event-code-of-conduct.md b/translations/es-ES/content/site-policy/github-terms/github-event-code-of-conduct.md similarity index 98% rename from translations/es-ES/content/github/site-policy/github-event-code-of-conduct.md rename to translations/es-ES/content/site-policy/github-terms/github-event-code-of-conduct.md index 67468c8cb4..a11f8de3d9 100644 --- a/translations/es-ES/content/github/site-policy/github-event-code-of-conduct.md +++ b/translations/es-ES/content/site-policy/github-terms/github-event-code-of-conduct.md @@ -2,6 +2,7 @@ title: Código de conducta del evento de GitHub redirect_from: - /articles/github-event-code-of-conduct + - /github/site-policy/github-event-code-of-conduct versions: fpt: '*' topics: diff --git a/translations/es-ES/content/github/site-policy/github-event-terms.md b/translations/es-ES/content/site-policy/github-terms/github-event-terms.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-event-terms.md rename to translations/es-ES/content/site-policy/github-terms/github-event-terms.md index dec8073159..2117c0b1d8 100644 --- a/translations/es-ES/content/github/site-policy/github-event-terms.md +++ b/translations/es-ES/content/site-policy/github-terms/github-event-terms.md @@ -2,6 +2,7 @@ title: Términos del evento de GitHub redirect_from: - /articles/github-event-terms + - /github/site-policy/github-event-terms versions: fpt: '*' topics: diff --git a/translations/es-ES/content/github/site-policy/github-marketplace-developer-agreement.md b/translations/es-ES/content/site-policy/github-terms/github-marketplace-developer-agreement.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-marketplace-developer-agreement.md rename to translations/es-ES/content/site-policy/github-terms/github-marketplace-developer-agreement.md index 0234cc983d..234bfc911e 100644 --- a/translations/es-ES/content/github/site-policy/github-marketplace-developer-agreement.md +++ b/translations/es-ES/content/site-policy/github-terms/github-marketplace-developer-agreement.md @@ -2,6 +2,7 @@ title: Acuerdo de Desarrollador de GitHub Marketplace redirect_from: - /articles/github-marketplace-developer-agreement + - /github/site-policy/github-marketplace-developer-agreement versions: fpt: '*' topics: @@ -146,7 +147,7 @@ En el caso de que tu publicación se elimine involuntariamente porque es defectu **6.1** GitHub será el comerciante de los productos de Programador comprados por usuarios finales a través del mercado. -**6.2** Los precios de las listas del mercado de las aplicaciones del Desarrollador se configurarán en dólares estadounidenses (USD). El desarrollador tiene un control total sobre la fijación de precios para cada listado y una vez establecido, dicho precio no se puede cambiar. Puedes retirar un plan de precios para un listado existente y agregar un nuevo plan de precios para dicho listado, siempre que dicho plan de precios nuevo no afecte de forma negativa a los usuarios finales existentes. Los precios que configuraste para los productos de Programador determinarán la cantidad de pago que recibirás. GitHub remitirá el 95% del precio de venta en dólares estadounidenses sin reducción para los impuestos, excepto para cualquier retención de impuestos que se requiera conforme a la legislación aplicable. El 5% restante del precio de venta se asignará y retendrá por GitHub. Al final de cada mes y al alcanzar un valor mínimo de $500 USD, GitHub reenviará tu parte de los pagos. +**6.2** Los precios de las listas del mercado de las aplicaciones del Desarrollador se configurarán en dólares estadounidenses (USD). El desarrollador tiene un control total sobre la fijación de precios para cada listado y una vez establecido, dicho precio no se puede cambiar. Puedes retirar un plan de precios para un listado existente y agregar un nuevo plan de precios para dicho listado, siempre que dicho plan de precios nuevo no afecte de forma negativa a los usuarios finales existentes. Los precios que configuraste para los productos de Programador determinarán la cantidad de pago que recibirás. GitHub will remit 95% of the sale price in USD without reduction for Taxes except for any withholding taxes that are required under applicable law. The remaining 5% of the sales price will be allotted to and retained by GitHub. Al final de cada mes y al alcanzar un valor mínimo de $500 USD, GitHub reenviará tu parte de los pagos. **6.3** Requisitos de Reembolso. Serás responsable de especificar los términos y condiciones relativos a los reembolsos a tus usuarios finales. En ningún caso GitHub será responsable de proporcionar ayuda alguna con los reembolsos, ni será GitHub será responsable del pago de ningún reembolso. diff --git a/translations/es-ES/content/github/site-policy/github-marketplace-terms-of-service.md b/translations/es-ES/content/site-policy/github-terms/github-marketplace-terms-of-service.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-marketplace-terms-of-service.md rename to translations/es-ES/content/site-policy/github-terms/github-marketplace-terms-of-service.md index e2ec0eea85..7adf1160ce 100644 --- a/translations/es-ES/content/github/site-policy/github-marketplace-terms-of-service.md +++ b/translations/es-ES/content/site-policy/github-terms/github-marketplace-terms-of-service.md @@ -2,6 +2,7 @@ title: Términos de servicio de Mercado GitHub redirect_from: - /articles/github-marketplace-terms-of-service + - /github/site-policy/github-marketplace-terms-of-service versions: fpt: '*' topics: diff --git a/translations/es-ES/content/github/site-policy/github-open-source-applications-terms-and-conditions.md b/translations/es-ES/content/site-policy/github-terms/github-open-source-applications-terms-and-conditions.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-open-source-applications-terms-and-conditions.md rename to translations/es-ES/content/site-policy/github-terms/github-open-source-applications-terms-and-conditions.md index f226101768..4989c5ba80 100644 --- a/translations/es-ES/content/github/site-policy/github-open-source-applications-terms-and-conditions.md +++ b/translations/es-ES/content/site-policy/github-terms/github-open-source-applications-terms-and-conditions.md @@ -2,6 +2,7 @@ title: Términos y condiciones de la aplicación de código abierto de GitHub redirect_from: - /articles/github-open-source-applications-terms-and-conditions + - /github/site-policy/github-open-source-applications-terms-and-conditions versions: fpt: '*' topics: diff --git a/translations/es-ES/content/github/site-policy/github-registered-developer-agreement.md b/translations/es-ES/content/site-policy/github-terms/github-registered-developer-agreement.md similarity index 81% rename from translations/es-ES/content/github/site-policy/github-registered-developer-agreement.md rename to translations/es-ES/content/site-policy/github-terms/github-registered-developer-agreement.md index f26077126b..0479200a30 100644 --- a/translations/es-ES/content/github/site-policy/github-registered-developer-agreement.md +++ b/translations/es-ES/content/site-policy/github-terms/github-registered-developer-agreement.md @@ -2,6 +2,7 @@ title: Acuerdo de programador registrado de GitHub redirect_from: - /articles/github-registered-developer-agreement + - /github/site-policy/github-registered-developer-agreement versions: fpt: '*' topics: @@ -55,7 +56,7 @@ Este Acuerdo es un acuerdo legal entre tú (“tú”) y GitHub, Inc. (“GitHub Las obligaciones de la presente sección 6 no se aplicarán a la información que puedas probar que: (i) estuviera generalmente disponible para el público antes de que te la revelemos; (II) se convirtió generalmente disponible para el público después de que te la revelemos, sin acción o inacción por tu parte, o por parte de tus empleados o contratistas; (III) que conocías antes de que te la revelemos; (IV) le fue revelada por un tercero, que no tenía ninguna obligación de confidencialidad con respecto a la misma; (v) que desarrollaste de forma independiente sin violar ninguna obligación de confidencialidad con nosotros o cualquier tercero; o (VI) te dimos permiso para divulgar, en un escrito firmado por uno de nuestros representantes autorizados. - Si te otortamos algún software de prelanzamiento o documentación o materiales relacionados, que puedan ncluir videos u otras formas de contenido ("materiales de prelanzamiento"), entonces, sujeto al cumplimiento de los términos y condiciones del presente acuerdo y de los TOS, por la presente te otorgamos un derecho y una licencia no exclusivos, intransferibles y revocables para usar los materiales de prelanzamiento únicamente para respaldar tus pruebas y/o el desarrollo de productos o servicios que están diseñados para funcionar en combinación con los sistemas o programas para los cuales se diseñan los materiales prelanzamiento. Si los materiales de prelanzamiento están acompañados de un acuerdo de licencia separado, aceptas que se aplicarán el acuerdo de licencia separado (además de cualquier disposición más restrictiva contenida en el presente acuerdo o en los términos de servicio). Aceptas no descompilar, hacer ingeniería inversa, desmontar o reducir de cualquier otra manera los materiales de prelanzamiento a una forma perceptible por el hombre y prometes no modificar, establecer redes, alquilar, arrendar, transmitir, vender o prestar los materiales de prelanzamiento, en su totalidad o en parte. Comprendes que no estamos obligados a proporcionarte ningún material de prelanzamiento, a proporcionarte actualizaciones, mejoras o correcciones en los materiales de prelanzamiento, o a notificarte de los cambios que realicemos a nuestros productos y servicios, ahora o en el futuro. + Si te otortamos algún software de prelanzamiento o documentación o materiales relacionados, que puedan ncluir videos u otras formas de contenido ("materiales de prelanzamiento"), entonces, sujeto al cumplimiento de los términos y condiciones del presente acuerdo y de los TOS, por la presente te otorgamos un derecho y una licencia no exclusivos, intransferibles y revocables para usar los materiales de prelanzamiento únicamente para respaldar tus pruebas y/o el desarrollo de productos o servicios que están diseñados para funcionar en combinación con los sistemas o programas para los cuales se diseñan los materiales prelanzamiento. Si los materiales de prelanzamiento están acompañados de un acuerdo de licencia separado, aceptas que se aplicarán el acuerdo de licencia separado (además de cualquier disposición más restrictiva contenida en el presente acuerdo o en los términos de servicio). Aceptas no descompilar, hacer ingeniería inversa, desarticular o reducir de cualquier otra manera los materiales de prelanzamiento a una forma perceptible por el hombre y prometes no modificar, establecer redes, alquilar, arrendar, transmitir, vender o prestar los materiales de prelanzamiento, en su totalidad o en parte. Entiendes que no estamos obligados a proporcionarte ningún material de prelanzamiento, a proporcionarte actualizaciones, mejoras o correcciones en los materiales de prelanzamiento o a notificarle los cambios que hagamos a nuestros productos y servicios, ahora o en el futuro. 7. **Cuotas y pago** @@ -63,9 +64,9 @@ Este Acuerdo es un acuerdo legal entre tú (“tú”) y GitHub, Inc. (“GitHub 8. **Plazo y terminación** - El presente acuerdo comienza en la fecha en que haces clic en "acordar", y continúa durante un período de un (1) año. El presente acuerdo se renovará automáticamente por términos sucesivos de un año, a menos que cualquiera de las partes le dé un aviso por escrito al menos treinta (30) días antes del vencimiento del plazo actual que quiere terminar o uno de nosotros lo terminará antes de acuerdo con lo dispuesto en la presente sección 8. + El presente acuerdo comienza en la fecha en la que haces clic en "acordar", y continúa durante un período de un (1) año. El presente acuerdo se renovará automáticamente por términos sucesivos de un año, a menos que cualquiera de las partes le dé un aviso por escrito al menos treinta (30) días antes del vencimiento del plazo actual que quiere terminar o uno de nosotros lo terminará antes de acuerdo con lo dispuesto en la presente sección 8. - Tanto tú como GitHub pueden rescindir el presente acuerdo por cualquier motivo, sin causa, después de treinta (30) días de aviso previo por escrito a la otra. Si finalizamos el presente acuerdo o suspendemos tu acceso al programa por cualquier motivo que no sea tu incumplimiento del presente acuerdo, los términos del programa o los TOS, nosotros, como tu único recurso y nuestra única obligación de dicha terminación, te reembolsaremos la parte proporcional de las tarifas del programa que nos pagaste por el plazo actual del presente acuerdo. El presente acuerdo terminará de inmediato, sin la obligación de aviso, si incumple cualquier término del presente acuerdo, los términos del programa o los TOS. + Tú y GitHub pueden rescindir el presente acuerdo por cualquier motivo, sin causa, después de treinta (30) días de aviso previo por escrito a la otra. Si finalizamos el presente acuerdo o suspendemos tu acceso al programa por cualquier motivo que no sea tu incumplimiento del presente acuerdo, los términos del programa o los TOS, nosotros, como tu único recurso y nuestra única obligación de dicha terminación, te reembolsaremos la parte proporcional de las tarifas del programa que nos pagaste por el plazo actual del presente acuerdo. El presente acuerdo terminará de inmediato, sin la obligación de aviso, si incumple cualquier término del presente acuerdo, los términos del programa o los TOS. Los derechos y obligaciones en las secciones 1, 2, 3 (segundo y tercer párrafo), 4, 5 (segundo y último párrafo), 6, 7 y 9 a 21 del presente acuerdo sobrevivirán a la terminación o a la expiración del presente acuerdo. Tras la terminación o la expiración del presente acuerdo, todos los derechos y las licencias que te otorgaron en el presente acuerdo dejarán de existir de inmediato, regresarás (o, a petición nuestra, destruirás) toda nuestra información confidencial y cualquier copia (incluidas las copias electrónicas) que estén en tu posesión o control y certificaras por escrito que has cumplido con estos requisitos. @@ -73,7 +74,7 @@ Este Acuerdo es un acuerdo legal entre tú (“tú”) y GitHub, Inc. (“GitHub Nos garantizas que: (i) tienes la autoridad para celebrar el presente acuerdo y para cumplir con sus obligaciones; (II) llevarás a cabo negocios de una manera que refleje favorablemente en todo momento en los productos y servicios de GitHub y nuestro buen nombre, buena voluntad y reputación; (III) no hará declaraciones o representaciones falsas o engañosas con respecto a GitHub o a nuestros productos y servicios; (IV) no tomarás ninguna obligación o responsabilidad, ni harás ninguna representación, garantía o endoso a nadie en nuestro nombre (incluyendo, entre otros, alguno de nuestros productos o servicios); y (v) no declararás o implicarás que hemos desarrollado, respaldado, revisado o aprobado de alguna manera cualquiera de tus productos. - EL PROGRAMA, LA API Y CUALQUIER INFORMACIÓN CONFIDENCIAL QUE TE OTORGUEMOS (INCLUYENDO, ENTRE OTROS, LOS MATERIALES DE PRELANZAMIENTO) SE PROPORCIONAN "TAL CUAL" Y SIN GARANTÍAS DE NINGÚN TIPO, EXPRESAS O IMPLÍCITAS. RENUNCIAMOS ESPECÍFICAMENTE A TODAS LAS GARANTÍAS O CONDICIONES IMPLÍCITAS DE COMERCIABILIDAD, IDONEIDAD PARA UN PROPÓSITO Y NO INFRACCIÓN PARTICULAR. NO GARANTIZAMOS QUE LOS SERVICIOS O PRODUCTOS QUE PONGAMOS A TU DISPOSICIÓN SE REUNIRÁN CON LOS REQUISITOS DE TUS USUARIOS FINALES. + EL PROGRAMA, LA API Y CUALQUIER INFORMACIÓN CONFIDENCIAL QUE TE OTORGUEMOS (INCLUYENDO, ENTRE OTROS, LOS MATERIALES DE PRELANZAMIENTO) SE PROPORCIONAN "TAL CUAL" Y SIN GARANTÍAS DE NINGÚN TIPO, EXPRESAS O IMPLÍCITAS. RENUNCIAMOS ESPECÍFICAMENTE A TODAS LAS GARANTÍAS O CONDICIONES IMPLÍCITAS DE COMERCIABILIDAD, IDONEIDAD PARA UN PROPÓSITO PARTICULAR Y NO INFRACCIÓN. NO GARANTIZAMOS QUE LOS SERVICIOS O PRODUCTOS QUE PONGAMOS A TU DISPOSICIÓN SE REUNIRÁN CON LOS REQUISITOS DE TUS USUARIOS FINALES. 10. **Indemnización** @@ -81,7 +82,7 @@ Este Acuerdo es un acuerdo legal entre tú (“tú”) y GitHub, Inc. (“GitHub 11. **Limitación de responsabilidad** - EN NINGÚN CASO SEREMOS RESPONSABLES ANTE TI O ANTE NINGÚN TERCERO POR NINGÚN DAÑO INDIRECTO, ESPECIAL, INCIDENTAL, CONSECUENTE, EJEMPLAR O PUNITIVO, INCLUYENDO, ENTRE OTROS, LOS DAÑOS POR DATOS PERDIDOS, PÉRDIDAS DE BENEFICIOS O COSTOS DE ADQUISICIÓN DE BIENES O SERVICIOS SUSTITUTIVOS, SIN PERJUICIO DE LO QUE SE CAUSE Y BAJO CUALQUIER TEORÍA DE RESPONSABILIDAD, YA SEA POR CONTRATO, AGRAVIO (INCLUYENDO LA RESPONSABILIDAD DE PRODUCTOS , RESPONSABILIDAD ESTRICTA Y NEGLIGENCIA), O CUALQUIER OTRA TEORÍA, Y SI SABÍAMOS O NO O DEBERÍAMOS HABER SABIDO SOBRE LA POSIBILIDAD DE DICHOS DAÑOS. EN NINGÚN CASO NUESTRA RESPONSABILIDAD TOTAL ANTE TI DERIVADA DEL PRESENTE ACUERDO O RELACIONADA CON ÉL POR CUALQUIER CAUSA, E INDEPENDIENTEMENTE DE LA FORMA DE ACCIÓN, YA SEA POR CONTRATO O POR AGRAVIO, EXCEDE EL MAYOR DE (I) LOS MONTOS QUE REALMENTE PAGÓ CONFORME A LO DISPUESTO EN EL PRESENTE ACUERDO; O (II) 500 DÓLARES ($500). LAS LIMITACIONES ANTERIORES SE APLICARÁN A PESAR DEL FRACASO DEL PROPÓSITO ESENCIAL DE CUALQUIER SOLUCIÓN LIMITADA QUE SE INDIQUE EN EL PRESENTE ACUERDO. + EN NINGÚN CASO SEREMOS RESPONSABLES ANTE TI O ANTE CUALQUIER TERCERO POR CUALQUIER DAÑO INDIRECTO, ESPECIAL, INCIDENTAL, CONSECUENTE, EJEMPLAR O PUNITIVO, INCLUIDOS, ENTRE OTROS, LOS DAÑOS POR DATOS PERDIDOS, PÉRDIDAS DE BENEFICIOS O COSTOS DE ADQUISICIÓN DE BIENES O SERVICIOS SUSTITUTIVOS, SIN PERJUICIO DE LO QUE SE CAUSE Y BAJO CUALQUIER TEORÍA DE RESPONSABILIDAD, YA SEA POR CONTRATO, AGRAVIO (INCLUIDA LA RESPONSABILIDAD DE PRODUCTOS , RESPONSABILIDAD ESTRICTA Y NEGLIGENCIA), O CUALQUIER OTRA TEORÍA, Y SI SABÍAMOS O DEBERÍAMOS HABER SABIDO SOBRE LA POSIBILIDAD DE DICHOS DAÑOS. EN NINGÚN CASO NUESTRA RESPONSABILIDAD TOTAL ANTE TI DERIVADA DEL PRESENTE ACUERDO O RELACIONADA CON ÉL POR CUALQUIER CAUSA, E INDEPENDIENTEMENTE DE LA FORMA DE ACCIÓN, YA SEA POR CONTRATO O POR AGRAVIO, EXCEDERÁ EL MAYOR DE (I) LOS MONTOS QUE REALMENTE PAGÓ CONFORME A LO DISPUESTO EN EL PRESENTE ACUERDO; O (II) 500 DÓLARES ($500). LAS LIMITACIONES ANTERIORES SE APLICARÁN INDEPENDIENTEMENTE DEL INCUMPLIMIENTO DEL PROPÓSITO ESENCIAL DE CUALQUIER SOLUCIÓN LIMITADA QUE SE INDIQUE EN EL PRESENTE ACUERDO. 12. **Control de exportación** @@ -91,9 +92,9 @@ Este Acuerdo es un acuerdo legal entre tú (“tú”) y GitHub, Inc. (“GitHub Aceptas que GitHub y sus licenciantes son propietarios de todo derecho, título e interés en la API, los materiales de prelanzamiento y todos los demás productos y servicios de GitHub; toda la información y los datos relativos a sus configuraciones y combinaciones; y todas las modificaciones y obras derivadas de cualquiera de las anteriores. Aceptas no eliminar, alterar, cubrir u confundir ningún derecho de autor u otros avisos de derechos de propiedad que colocamos o insertamos en la API, los materiales de prelanzamiento o cualquier otro producto y servicios de GitHub. -14. **Usuarios gubernamentales** +14. **Usuarios del Gobierno** - Si eres una entidad gubernamental, esta sección aplica para ti. Cierta parte de nuestra información confidencial puede considerarse "artículos comerciales", ya que ese término se define en 48 C. § 2,101, que consiste en "software informático comercial" y "documentación del software informático comercial", ya que dichos términos se usan en 48 C. § 12,212 o 48 C. § 227.7202, según corresponda. Consistente con 48 C. § 12,212 o 48 C. § 227.7202-1 a 227.7202-4, según corresponda, la documentación del software informático comercial y del software informático comercial se licencia para los usuarios finales del gobierno de los EE. UU. (a) únicamente como elementos comerciales y (b) con solo aquellos derechos que se conceden a todos los demás usuarios finales conforme a los términos y condiciones del presente documento. GitHub, Inc. 88 Colin P. Kelly Street, San Francisco, CA 94107. + Si eres una entidad gubernamental, esta sección aplica para ti. Cierta parte de nuestra información confidencial puede considerarse "artículos comerciales", ya que ese término se define en 48 C. § 2,101, que consiste en "software informático comercial" y "documentación del software informático comercial", ya que dichos términos se usan en 48 C. § 12,212 o 48 C. § 227,7202, según corresponda. Consistente con 48 C. § 12,212 o 48 C. § 227.7202-1 a 227.7202-4, según corresponda, el software informático comercial y la documentación del software informático comercial se licencia para los usuarios finales del gobierno de los EE. UU. (a) únicamente como elementos comerciales y (b) con solo aquellos derechos que se conceden a todos los demás usuarios finales conforme a los términos y condiciones del presente documento. GitHub, Inc. 88 Colin P. Kelly Street, San Francisco, CA 94107. 15. **Desarrollo independiente** @@ -105,11 +106,11 @@ Este Acuerdo es un acuerdo legal entre tú (“tú”) y GitHub, Inc. (“GitHub 17. **Contratistas independientes** - Las partes del presente acuerdo son contratistas independientes. Ninguno de nosotros será considerado como empleado, agente, socio, franquiciador, franquiciado o representante legal del otro para ningún propósito y ninguno de nosotros tendrá ningún derecho, poder o autoridad para crear ninguna obligación o responsabilidad en nombre de la otra. + Las partes de este Acuerdo son contratistas independientes. Ninguno de nosotros será considerado como empleado, agente, socio, franquiciador, franquiciado o representante legal del otro para ningún propósito y ninguno de nosotros tendrá ningún derecho, poder o autoridad para crear ninguna obligación o responsabilidad en nombre de la otra. 18. **Asignación** - No puedes ceder o transferir el presente acuerdo o ninguno de tus derechos en virtud del mismo, en su totalidad o en parte, por el funcionamiento de la ley o de cualquier otra manera, sin nuestro consentimiento previo por escrito. + No puedes ceder o transferir el presente acuerdo o ninguno de tus derechos en virtud de la misma, en su totalidad o en parte, por el funcionamiento de la ley o de cualquier otra manera, sin nuestro consentimiento previo por escrito. 19. **Legislación aplicable y jurisdicción** @@ -117,7 +118,7 @@ Este Acuerdo es un acuerdo legal entre tú (“tú”) y GitHub, Inc. (“GitHub 20. **Modificaciones; renuncias; inexistencia de terceros beneficiarios** - Es posible que el presente acuerdo no se cambie, excepto mediante un escrito firmado por ambas partes. Cualquier renuncia a las disposiciones del presente acuerdo o de los derechos o recursos de una parte conforme a lo dispuesto en el presente acuerdo debe ser por escrito para que sea efectiva. Si se encuentra que algún término, condición o disposición del presente acuerdo no es válido o no ejecutable, los términos restantes seguirán siendo válidos y exigibles en la medida en que lo permita la ley. Cada una de las partes acepta expresamente que no hay terceros beneficiarios del presente acuerdo. + Es posible que el presente acuerdo no se cambie, excepto mediante un escrito firmado por ambas partes. Cualquier renuncia a las disposiciones del presente acuerdo o de los derechos o recursos de una parte en virtud de lo dispuesto en el presente acuerdo debe ser por escrito para que sea efectiva. Si se encuentra que algún término, condición o disposición del presente acuerdo no es válida o no ejecutable, los términos restantes seguirán siendo válidos y exigibles en la medida en que lo permita la ley. Cada una de las partes acepta expresamente que no hay terceros beneficiarios del presente acuerdo. 21. **Acuerdo completo** diff --git a/translations/es-ES/content/github/site-policy/github-research-program-terms.md b/translations/es-ES/content/site-policy/github-terms/github-research-program-terms.md similarity index 89% rename from translations/es-ES/content/github/site-policy/github-research-program-terms.md rename to translations/es-ES/content/site-policy/github-terms/github-research-program-terms.md index ef7dfc759c..44dbc423c8 100644 --- a/translations/es-ES/content/github/site-policy/github-research-program-terms.md +++ b/translations/es-ES/content/site-policy/github-terms/github-research-program-terms.md @@ -2,6 +2,7 @@ title: Términos del programa de investigación de GitHub redirect_from: - /articles/github-research-program-terms + - /github/site-policy/github-research-program-terms versions: fpt: '*' topics: @@ -25,7 +26,7 @@ Aceptas que toda información no pública que compartamos contigo o a la que pue Comprendes que la divulgación o el uso no autorizados de nuestra información confidencial podrían causarnos un daño irreparable y una lesión significativa que podría ser difícil de cuantificar para nosotros. En consecuencia, aceptas que tendremos el derecho de buscar medidas cautelares inmediatas para asegurarnos de que cumplas con el presente acuerdo, además de cualesquier otro derecho y recurso que podamos tener. Si se te solicita por ley, regulación o una orden vinculante válida de un tribunal de jurisdicción competente para divulgar nuestra información confidencial, puedes hacerlo, pero solo si nos lo notificas antes de hacerlo y harás tu mejor esfuerzo para limitar dicha divulgación y buscar el tratamiento confidencial y protector de dicha información. -Las obligaciones de la presente sección 2 no se aplicarán a la información que puedas probar que: (i) estuvo generalmente disponible para el público antes de que te la revelaramos; (II) estuvo generalmente disponible para el público después de que te la revelamos, sin acción o inacción por tu parte, o por parte de tus empleados o contratistas; (III) conocías antes de que te la revelaramos; (IV) te fue revelada por un tercero, que no tenía ninguna obligación de confidencialidad con respecto a la misma; (v) que desarrollaste de forma independiente sin violar ninguna obligación de confidencialidad con nosotros o cualquier tercero; o (VI) te dimos permiso para divulgar, en un escrito firmado por uno de nuestros representantes autorizados. +Las obligaciones de la presente sección 2 no se aplicarán a la información que puedas probar que: (i) estuvo generalmente disponible para el público antes de que te la reveláramos; (II) estuvo generalmente disponible para el público después de que te la hayamos revelado, sin acción o inacción por tu parte, o por parte de tus empleados o contratistas; (III) conocías antes de que te la reveláramos; (IV) te fue revelada por un tercero, que no tenía ninguna obligación de confidencialidad con respecto a la misma; (v) que desarrollaste de forma independiente sin violar ninguna obligación de confidencialidad con nosotros o cualquier tercero; o (VI) te dimos permiso para divulgar, en un escrito firmado por uno de nuestros representantes autorizados. ## C. Salvaguarda de derechos @@ -35,7 +36,7 @@ Toda la información confidencial sigue siendo propiedad exclusiva y propiedad d Al participar en este programa, aceptas el uso de tu información personal con fines de investigación y para ningún otro propósito. Como parte del programa, es posible que uses tu información personal para contactarte o conservar tu información, para contactarte en una fecha posterior. La información personal no incluye información agregada, que no identifiques personalmente. Es posible que uses la información de identificación personal o agregada que se recopila a través del programa para operar, analizar y mejorar nuestros productos y servicios. -Puedes retirar tu consentimiento en cualquier momento y solicitar acceso o la eliminación de la información personal que tenemos sobre ti. Para obtener más información acerca de cómo puedes acceder, actualizar, modificar o eliminar la información personal que GitHub recopila a través del programa, consulta la[Declaración de privacidad de GitHub](/articles/github-privacy-statement/) o contáctanos a través de nuestra {% data variables.contact.contact_privacy %}. +Puedes retirar tu consentimiento en cualquier momento y solicitar acceso o la eliminación de la información personal que tenemos sobre ti. For more information about how you can access, update, alter, or delete the personal information GitHub collects through the Program, please see the [GitHub Privacy Statement](/articles/github-privacy-statement/) or contact us through our {% data variables.contact.contact_privacy %}. ## E. Términos del software y los servicios de GitHub diff --git a/translations/es-ES/content/github/site-policy/github-sponsors-additional-terms.md b/translations/es-ES/content/site-policy/github-terms/github-sponsors-additional-terms.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-sponsors-additional-terms.md rename to translations/es-ES/content/site-policy/github-terms/github-sponsors-additional-terms.md index d1338d582f..517efaa9f3 100644 --- a/translations/es-ES/content/github/site-policy/github-sponsors-additional-terms.md +++ b/translations/es-ES/content/site-policy/github-terms/github-sponsors-additional-terms.md @@ -2,6 +2,7 @@ title: Términos adicionales de los Patrocinadores de GitHub redirect_from: - /articles/github-sponsors-additional-terms + - /github/site-policy/github-sponsors-additional-terms versions: fpt: '*' topics: diff --git a/translations/es-ES/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md b/translations/es-ES/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md new file mode 100644 index 0000000000..9919c14da6 --- /dev/null +++ b/translations/es-ES/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md @@ -0,0 +1,118 @@ +--- +title: Condiciones de GitHub para las características y productos adicionales +redirect_from: + - /github/site-policy/github-additional-product-terms + - /github/site-policy/github-terms-for-additional-products-and-features +versions: + fpt: '*' +topics: + - Policy + - Legal +--- + +Fecha de entrada en vigor de la versión: 10 de agosto de 2021 + +Cuando utilices GitHub, podría que se te otorgue acceso a muchos productos y características adicionales ("Características y Productos Adicionales"). Ya que muchas de las Características y Productos Adicionales ofrecen funcionalidades diferentes, las condiciones específicas para dicho producto o característica podrán aplicarse adicionalmente a tu contrato principal con nosotros—las Condiciones de Servicio de GitHub, las Condiciones de Servicio Corporativo de GitHub, las Condiciones Generales de GitHub o el acuerdo de licenciamiento por volumen de Microsoft (cada uno de ellos conocidos como el "Acuerdo"). A continuación, listamos aquellos productos y características jutno con las condiciones adicionales correspondientes que aplican al uso que les des. + +Al utilizar las características y productos adicionales, también estás de acuerdo con las Condiciones aplicables de GitHub para las características y productos adicionales que se listan a continuación. El violar estas condiciones de GitHub para obtener características y productos adicionales constituye una violación del Acuerdo. Las condiciones en mayúsculas que no se definen aquí tienen el significado que se les otorga en el Acuerdo. + +**Para usuarios empresariales** +- Los usuarios de **GitHub Enterprise Cloud** pueden tener acceso a los siguientes productos y características adicionales: Acciones, Seguridad Avanzada, Base de Datos de Asesorías, Codespaces, Vistas Previas del Dependabot, Importador de GitHub Enterprise, Laboratorio de Aprendizaje, Paquetes y Páginas. + +- Los usuarios de **GitHub Enterprise Server** pueden tener acceso a los siguientes productos y características adicionales: Seguridad Avanzada, Base de Datos de Asesorías, Connect, Vista Previa del Dependabot, Importador de GitHub Enterprisa, Laboratorio de Aprendizaje, Paquetes, Páginas e Imágenes de SQL Server. + +- Los usuarios de **GitHub AE** podrían tener acceso a los siguientes productos y características adicionales: Acciones, Seguridad Avanzada, Base de Datos de Asesorías, Connect, Vista Previa del Dependabot, GitHub Enterprise Importer, Paquetes y Páginas. + +## Acciones +Acciones de GitHub te permiten crear flujos de trabajo de ciclo de vida de desarrollo del software personalizado directamente en tu repositorio de GitHub. Las acciones se facturan conforme se utilizan. La [Documentación de las acciones](/actions) incluye detalles como las cantidades de procesamiento y almacenamiento (dependiendo del plan de tu cuenta), y el cómo monitorear el uso de minutos de tus acciones y configurar los límites de uso. + +No podrán utilizarse las acciones ni cualquier elemento del servicio de este producto para violar el acuerdo, las [Políticas de uso aceptable de GitHub](/github/site-policy/github-acceptable-use-policies), ni las limitaciones del servicio de Github, las cuales se establecen en la [Documentación de las acciones](/actions/reference/usage-limits-billing-and-administration). Adicionalmente, sin importar si la acción utiliza ejecutores auto-hospedados, estas no deben utilizarse para: +- criptominería; +- perturbar, ganar o intentar ganar acceso no autorizado a cualquier servicio, dispositivo, datos, cuenta o red (diferentes a aquellos que autoriza el [programa de Recompensas por Errores de GitHub](https://bounty.github.com)); +- la provisión de un servicio o aplicación integrado o independiente que ofrezca el producto o servicio de las acciones o cualquier elemento del servicio o producto de las acciones para propósitos comerciales; +- cualquier actividad que coloque un peso en nuestros servidores, ya sea que dicho peso sea excesivo para los beneficios que se proporcionan a los usuarios (por ejemplo, no utilizamos acciones como una red de entrega de contenido o como parte de una aplicación sin servidores, pero una acción de beneficio mínimo podría estar bien si también implica un peso mínimo); o +- si estás utilizando los ejecutores hospedados en GitHub, cualquier otra actividad sin relación a la producción, pruebas, despliegue o publicación del proyecto de software asociado con el repositorio en donde se utilizan las GitHub Actions. + +Para evitar violaciones de estas limitaciones y abuso de las Acciones de GitHub, GitHub puede controlar tu uso de Acciones de GitHub. El mal uso de las GitHub Actions podría dar como resultado la terminación de jobs, restricciones en tu capacidad para utilizar las GitHub Actions, o inhabilitar los repositorios que se crearon para ejecutar las acciones de una forma que viole estas condiciones. + + +## Advanced Security +GitHub hace características de seguridad adicionales para los clientes bajo una licencia de Seguridad Avanzada. Estas características incluyen el escaneo de código, escaneo de secretos y revisión de dependencias. La [Documentación de la seguridad avanzada](/github/getting-started-with-github/about-github-advanced-security) proporciona más detalles. + +Se otorgan licencias para la Seguridad Avanzada con base en "Confirmantes únicos". Un "Confirmador único" es un usuario con licencia de GitHub Enterprise, GitHub Enterprise Cloud, GitHub Enterprise Server, o GitHub AE, quien realizó una confirmación en los últimos 90 días para cualquier repositorio con cualquier funcionalidad de GitHub Advanced Security activada. Debes adquirir una licencia de usuario de GitHub Advanced Security para cada uno de tus Confirmadores Únicos. Solo puedes utilizar GitHub Advanced Security en las bases de código que desarrollas o que se desarrollan para ti. En el caso de los usuarios de GitHub Enterprise Cloud, algunas características de la Seguridad Avanzada también requieren utilizar las GitHub Actions. + +## Base de datos consultiva +La base de datos de asesorías de GitHub te permite buscar manualmente o por coincidencia las vulnerabilidades que afectan los proyectos de código abierto en GitHub. + +_Licencia otorgada_ + +Necesitamos el derecho legal de enviar tus contribuciones a la base de datos consultiva de GitHub a los conjuntos de datos de dominio público como la [Base de datos nacional de vulnerabilidad](https://nvd.nist.gov/) y para licenciar la base de datos consultiva de GitHub bajo condiciones abiertas para su uso por investigadores de seguridad, la comunidad de código abierto, la industria y el público. Aceptas publicar tus contribuciones a la base de datos consultiva de GitHub bajo la [licencia Creative Commons Zero](https://creativecommons.org/publicdomain/zero/1.0/). + +_Licencia para la base de datos consultiva de GitHub_ + +La base de datos consultiva de GitHub está bajo la licencia [Creative Commons Attribution 4.0](https://creativecommons.org/licenses/by/4.0/). La condición de la atribución se puede cumplir enlazando a la base de datos consultiva de GitHub en [https://github. om/advisories](https://github.com/advisories) o a registros individuales de la base de datos consultiva de GitHub usada, con la calificación de . + +## Codespaces +_Nota: El servicio de github.dev, el cual se encuentra disponible al presionar `.` en un repositorio o navegando directamente a github.dev se rige mediante los [Términos de Servicio de GitHub Beta](/github/site-policy/github-terms-of-service#j-beta-previews)._ + +Los Codespaces de GitHub te permiten desarrollar código directamente desde tu buscador utilizando el código dentro de tu repositorio de GitHub. Los Codespaces y cualquier elemento de este servicio no podrán utilizarse en violación del Acuerdo o de las Políticas de Uso Aceptable. Adicionalmente, los Codespaces no deben utilizarse para: +- criptominería; +- utilizar nuestros servidores para perturbar o ganar o intentar ganar acceso no autorizado a cualquier servicio, dispositivo, datos, cuenta o red (diferentes a aquellos que autoriza el Programa de Recompensas por Errores de GitHub); +- la provisión de una aplicación o servicio integrado o independiente que ofrezca Codespaces o cualquier elemento de estos para propósitos comerciales; +- cualquier actividad que coloque una carga en nuestros servidores, ya sea que esta sea desproporcional a los beneficios que se proporcionan a los usuarios (por ejemplo, no utilices los Codespaces como una red de entrega de contenido, como parte de una aplicación sin servidor, ni para hospedar algun tipo de aplicació de cara a producción); o +- cualquier otra actividad sin relación al desarrollo o pruebas del proyecto de software asociado con el repositorio en donde se inicia GitHub Codespaces. + +Para prevenir las violaciones de estas limitaciones y el abuso de GitHub Codespaces, GitHub podría monitorear tu uso de este servicio. El mal uso de GitHub Codespaces podría resultar en la terminación de tu acceso a este servicio, en restricciones en tu capacidad de utilizarlo o en inhabilitar los repositorios que se crean para ejecutar los Cdespaces en la forma en la que se violen estos Términos. + +Los Codespaces te permiten cargar extensiones de Microsfot Visual Studio Marketplace ("Extensiones de Marketplace") para utilizar en tu ambiente de desarrollo, por ejemplo, para procesar los lenguajes de programación en los que está escrito tu código. Las extensiones de Marketplace se licencian bajo sus propios términos de uso de acuerdo como se describe en Visual Studio Marketplace y los términos de uso se ubican en https://aka.ms/vsmarketplace-ToU. GitHub no otorga garantías de ningún tipo en relación con las Extensiones de Marketplace y no es responsable por las acciones de autores terceros de estas, a quienes se les otorgue acceso a tu contenido. Codespaces también te permite cargar software en tu ambiente mediante características de devcontainer. Dicho software se proporciona bajo los términos de uso por separado que lo acompañan. El uso que hagas de cualquier solicitud de terceros corre por tu cuenta y riesgo. + +La versión generalmente disponible de los Codespaces no está disponible actualmente para los clientes del gobierno de los EE.UU. Feriado en pueden seguir utilizando la Vista Previa Beta de los Codespaces bajo términos independientes. Consulta los [Términos de la Vista Previa Beta](/github/site-policy/github-terms-of-service#j-beta-previews). + +## Conexión +Con GitHub Connect, puedes compartir algunas características y datos entre tu instancia de GitHub Enterprise Server o de GitHub AE y tu cuenta empresarial u organizacional de GitHub Enterprise Cloud en GitHub.com. Para habilitar GitHub Connect, debes tener por lo menos una (1) cuenta en GitHub Enterprise Cloud o en GitHub.com y una (1) instancia con licencia de GitHub Enterprise Server o de GitHub AE. Ti isp de GitHub Enterprise Cloud o de GitHub.com a través de Connect se rige por los términos bajo los cuales obtengas la licencia de GitHub Enterprise Cloud o GitHub.com. El uso de los datos personales se rige de acuerdo con la [Declaración de privacidad de GitHub](/github/site-policy/github-privacy-statement). + +## Importador de GitHub Enterprise +El importador es un marco de trabajo para exportar datos desde otras fuentes para que se importen a la plataforma de GitHub. El importador se proporciona "TAL COMO ES". + +## Laboratorio de aprendizaje +El Laboratorio de Aprendizaje de GiThub ofrece cursos interactivos gratuitos que se incorporan en GitHub con retroalimentación automática y ayuda instantáneas. + +*Materiales del curso.* GitHub es el propietario de los materiales de los cursos que proporciona y te garantiza una licencia sin sujeción a regalías, no transferible, por tiempo limitado, no exclusiva para copiar, mantener, utilizar y ejecutar dichos materiales para tus necesidades de negocio internas asociadas con el uso del Laboratorio de Aprendizaje. + +Las condiciones de licencia de código abierto podrían aplicar a porciones del código fuente que se proporcionan en los materiales del curso. + +Eres el propietario de los materiales del curso que tú mismo crees y para los cuales proporciones a GitHub una licencia mundial, no exclusiva, perpetua, no transferible y sin regalías para copiarlos, mantenerlos, utilizarlos, hospedarlos y ejecutarlos. + +El utilizar los materiales del curso de GitHub y crear y almacenar los materiales de tu propio curso no constituyen una propiedad conjunta de ninguna propiedad intelectual respectiva de las partes. + +El uso de los datos personales se rige de acuerdo con la [Declaración de privacidad de GitHub](/github/site-policy/github-privacy-statement). + +## npm +npm es un servicio de hospedaje de paquetes de software que te permite hospedar tus paquetes de software de forma privada o pública y utilizarlos como dependencias en tus proyectos. npm es el registro de registros para el ecosistema de JavaScript. Utilizar el registro público es gratuito, pero se facturará a los clientes si quieren publicar o administrar paquetes privados que utilicen equipos. La [documentación de npm](https://docs.npmjs.com/) incluye los detalles sobre la limitación de los tipos de cuenta y de como administrar los [paquetes privados](https://docs.npmjs.com/about-private-packages) y [organizaciones](https://docs.npmjs.com/organizations). El uso aceptable del registrio npm se detalla en las [condiciones de código abierto](https://www.npmjs.com/policies/open-source-terms). Hay condiciones adicionales tanto para los planes [solo](https://www.npmjs.com/policies/solo-plan) y [org](https://www.npmjs.com/policies/orgs-plan) de npm. Las [Condiciones de uso](https://www.npmjs.com/policies/terms) de npm aplican a tu uso de este. + +## Packages +GitHub Packages es un servicio de hospedaje de paquetes de software que te permite hospedar tus paquetes de software de forma privada o pública y utilizar los paquetes como dependencias en tus proyectos. GitHub Packages se factura de acuerdo con su uso. La [Documentación de paquetes](/packages/learn-github-packages/introduction-to-github-packages) incluye los detalles como las cantidades de ancho de banda y almacenamiento (dependiendo del plan de tu cuenta), y la forma en la que puedes monitorear el uso de los paquetes y configurar los límites de uso. El uso de ancho de banda de los paquetes se limita por las [Políticas de uso aceptable de GitHub](/github/site-policy/github-acceptable-use-policies). + +## Pages + +Cada cuenta incluye acceso al [servicio de hospedaje estático de GitHub pages](/github/working-with-github-pages/about-github-pages). Se pretende que GitHub pages hospede páginas web estáticas, pero es primeramente para mostrar proyectos organizacionales y personales. + +No se pretende ni se permite que las Páginas de GitHub se utilicen como un servicio de alojamiento web gratuito para ejecutar tus negocios en línea, ni como un sitio de comercio electrónico ni ningún otro tipo de sitio web que se dirija principalmente ya sea a facilitartransacciones comerciales o a proporcionar software comercial como un servicio (SaaS). Se permiten algunas iniciativas de monetización en las Páginas, tales como botones de donación y enlaces de financiación colectiva. + +_Límites de uso y de ancho de banda_ + +Las páginas de GitHub están sujetas a algunos límites específicos de ancho de banda y de uso, y podrían no ser adecuadas para algunos usos de ancho de banda alto. Por favor, consulta nuestros [Límites de GitHub pages](/github/working-with-github-pages/about-github-pages) para obtener más información. + +_Usos prohibidos_ + +Las GitHub Pages no pueden utilizarse si violan el acuerdo, las [Políticas de Uso Aceptable](/github/site-policy/github-acceptable-use-policies) de GitHub o las limitaciones de servicio de GitHub Pages, lo cual se describe integralmente en la [Documentación de Pages](/pages/getting-started-with-github-pages/about-github-pages#guidelines-for-using-github-pages). + +Su tuebes dudas sobre si tu uso o intención de uso cae en las siguientes categorías, por favor, contacta al [Soporte de GitHub](https://support.github.com/contact?tags=docs-policy). GitHub se reserva el derecho en todo momento de reclamar cualquier subdominio de GitHub sin responsabilidad. + +## Programa de patrocinadores + +GitHub Sponsors permite a la comunidad de desarrolladores apoyar financieramente al personal y organizaciones que diseñan, crean y mantienen los proyectos de código abierto de los cuales dependen, directamente en GitHub. Para convertirse en un Desarrollador Patrocinado, debes aceptar los [Términos Adicionales del Programa de Patrocinadores de GitHub](/github/site-policy/github-sponsors-additional-terms). + +## Imagenes de SQL Server + +Puedes descargar la imagen de contenedor de la Edición Estándar de Microsoft SQL Server para archivos Linux ("SQL Server Images"). Debes desinstalar las imagenes de SQL Server cuando termine tu derecho de utilizar el software. Microsoft Corporation puede inhabilitar las imágenes de SQL Server en cualquier momento. diff --git a/translations/es-ES/content/github/site-policy/github-terms-of-service.md b/translations/es-ES/content/site-policy/github-terms/github-terms-of-service.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-terms-of-service.md rename to translations/es-ES/content/site-policy/github-terms/github-terms-of-service.md index 3a3b88fef2..10420ee897 100644 --- a/translations/es-ES/content/github/site-policy/github-terms-of-service.md +++ b/translations/es-ES/content/site-policy/github-terms/github-terms-of-service.md @@ -6,6 +6,7 @@ redirect_from: - /terms-of-service - /github-terms-of-service-draft - /articles/github-terms-of-service + - /github/site-policy/github-terms-of-service versions: fpt: '*' topics: diff --git a/translations/es-ES/content/site-policy/github-terms/index.md b/translations/es-ES/content/site-policy/github-terms/index.md new file mode 100644 index 0000000000..1068d5e6d5 --- /dev/null +++ b/translations/es-ES/content/site-policy/github-terms/index.md @@ -0,0 +1,23 @@ +--- +title: GitHub Terms +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-corporate-terms-of-service + - /github-community-forum-code-of-conduct + - /github-community-guidelines + - /github-terms-of-service + - /github-sponsors-additional-terms + - /github-terms-for-additional-products-and-features + - /github-registered-developer-agreement + - /github-marketplace-terms-of-service + - /github-marketplace-developer-agreement + - /github-research-program-terms + - /github-open-source-applications-terms-and-conditions + - /github-event-terms + - /github-event-code-of-conduct +--- + diff --git a/translations/es-ES/content/site-policy/index.md b/translations/es-ES/content/site-policy/index.md new file mode 100644 index 0000000000..d1fc2707dd --- /dev/null +++ b/translations/es-ES/content/site-policy/index.md @@ -0,0 +1,21 @@ +--- +title: Política del sitio +redirect_from: + - /categories/61/articles + - /categories/site-policy + - /github/site-policy +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-terms + - /acceptable-use-policies + - /privacy-policies + - /other-site-policies + - /content-removal-policies + - /security-policies + - /github-company-policies +--- + diff --git a/translations/es-ES/content/github/site-policy/github-and-trade-controls.md b/translations/es-ES/content/site-policy/other-site-policies/github-and-trade-controls.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-and-trade-controls.md rename to translations/es-ES/content/site-policy/other-site-policies/github-and-trade-controls.md index 1b7381c6f7..b82b685dc5 100644 --- a/translations/es-ES/content/github/site-policy/github-and-trade-controls.md +++ b/translations/es-ES/content/site-policy/other-site-policies/github-and-trade-controls.md @@ -5,6 +5,8 @@ redirect_from: - /articles/github-and-trade-control - /articles/github-and-trade-controls - /github/site-policy/github-and-export-controls + - /github/site-policy/github-and-trade-controls + - /github/site-policy/github-terms-and-other-site-policies/github-and-trade-controls versions: fpt: '*' topics: diff --git a/translations/es-ES/content/github/site-policy/github-deceased-user-policy.md b/translations/es-ES/content/site-policy/other-site-policies/github-deceased-user-policy.md similarity index 92% rename from translations/es-ES/content/github/site-policy/github-deceased-user-policy.md rename to translations/es-ES/content/site-policy/other-site-policies/github-deceased-user-policy.md index dd7ebdeae9..54e9ef7868 100644 --- a/translations/es-ES/content/github/site-policy/github-deceased-user-policy.md +++ b/translations/es-ES/content/site-policy/other-site-policies/github-deceased-user-policy.md @@ -5,6 +5,9 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/github-deceased-user-policy + - /github/site-policy/github-terms-and-other-site-policies/github-deceased-user-policy --- En caso de que fallezca un usuario de GitHub, podemos trabajar con un individuo autorizado para determinar qué sucederá con el contenido de la cuenta. diff --git a/translations/es-ES/content/github/site-policy/github-government-takedown-policy.md b/translations/es-ES/content/site-policy/other-site-policies/github-government-takedown-policy.md similarity index 95% rename from translations/es-ES/content/github/site-policy/github-government-takedown-policy.md rename to translations/es-ES/content/site-policy/other-site-policies/github-government-takedown-policy.md index e2c2d4303d..24c6d9790f 100644 --- a/translations/es-ES/content/github/site-policy/github-government-takedown-policy.md +++ b/translations/es-ES/content/site-policy/other-site-policies/github-government-takedown-policy.md @@ -5,6 +5,9 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/github-government-takedown-policy + - /github/site-policy/github-terms-and-other-site-policies/github-government-takedown-policy --- ## ¿Qué es esto? diff --git a/translations/es-ES/content/github/site-policy/github-logo-policy.md b/translations/es-ES/content/site-policy/other-site-policies/github-logo-policy.md similarity index 89% rename from translations/es-ES/content/github/site-policy/github-logo-policy.md rename to translations/es-ES/content/site-policy/other-site-policies/github-logo-policy.md index be5fc00c45..f541e3b4cf 100644 --- a/translations/es-ES/content/github/site-policy/github-logo-policy.md +++ b/translations/es-ES/content/site-policy/other-site-policies/github-logo-policy.md @@ -4,6 +4,8 @@ redirect_from: - /articles/i-m-developing-a-third-party-github-app-what-do-i-need-to-know - /articles/using-an-octocat-to-link-to-github-or-your-github-profile - /articles/github-logo-policy + - /github/site-policy/github-logo-policy + - /github/site-policy/github-terms-and-other-site-policies/github-logo-policy versions: fpt: '*' topics: diff --git a/translations/es-ES/content/github/site-policy/github-username-policy.md b/translations/es-ES/content/site-policy/other-site-policies/github-username-policy.md similarity index 92% rename from translations/es-ES/content/github/site-policy/github-username-policy.md rename to translations/es-ES/content/site-policy/other-site-policies/github-username-policy.md index 35f3f29b7b..837bdad10d 100644 --- a/translations/es-ES/content/github/site-policy/github-username-policy.md +++ b/translations/es-ES/content/site-policy/other-site-policies/github-username-policy.md @@ -3,6 +3,8 @@ title: Política de nombre de usuario de GitHub redirect_from: - /articles/name-squatting-policy - /articles/github-username-policy + - /github/site-policy/github-username-policy + - /github/site-policy/github-terms-and-other-site-policies/github-username-policy versions: fpt: '*' topics: diff --git a/translations/es-ES/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md b/translations/es-ES/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md similarity index 97% rename from translations/es-ES/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md rename to translations/es-ES/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md index 2f2f8dee5e..246384d091 100644 --- a/translations/es-ES/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md +++ b/translations/es-ES/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md @@ -3,6 +3,8 @@ title: Pautas para las solicitudes legales de los datos del usuario redirect_from: - /law-enforcement-guidelines - /articles/guidelines-for-legal-requests-of-user-data + - /github/site-policy/guidelines-for-legal-requests-of-user-data + - /github/site-policy/github-terms-and-other-site-policies/guidelines-for-legal-requests-of-user-data versions: fpt: '*' topics: @@ -85,7 +87,7 @@ Aquí hay una lista no exhaustiva de los tipos de datos que mantenemos sobre usu - Colaboradores - -**Datos del repositorio público** — GitHub es el hogar de millones de proyectos públicos de software de código público. Puede navegar casi cualquier repositorio público (por ejemplo, el [Proyecto Atom](https://github.com/atom/atom)) para tener un sentido de la información que GitHub recopila y mantiene sobre repositorios. Puede incluir: +**Public repository data** — GitHub is home to millions of public, open-source software projects. Puede navegar casi cualquier repositorio público (por ejemplo, el [Proyecto Atom](https://github.com/atom/atom)) para tener un sentido de la información que GitHub recopila y mantiene sobre repositorios. Puede incluir: - El código - Versiones anteriores del código diff --git a/translations/es-ES/content/site-policy/other-site-policies/index.md b/translations/es-ES/content/site-policy/other-site-policies/index.md new file mode 100644 index 0000000000..4080978c23 --- /dev/null +++ b/translations/es-ES/content/site-policy/other-site-policies/index.md @@ -0,0 +1,16 @@ +--- +title: Other Site Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-and-trade-controls + - /github-deceased-user-policy + - /github-logo-policy + - /github-government-takedown-policy + - /github-username-policy + - /guidelines-for-legal-requests-of-user-data +--- + diff --git a/translations/es-ES/content/github/site-policy/github-candidate-privacy-policy.md b/translations/es-ES/content/site-policy/privacy-policies/github-candidate-privacy-policy.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-candidate-privacy-policy.md rename to translations/es-ES/content/site-policy/privacy-policies/github-candidate-privacy-policy.md index 250f8d4ffb..73982af3a6 100644 --- a/translations/es-ES/content/github/site-policy/github-candidate-privacy-policy.md +++ b/translations/es-ES/content/site-policy/privacy-policies/github-candidate-privacy-policy.md @@ -5,6 +5,8 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/github-candidate-privacy-policy --- Fecha de entrada en vigor: 8 de marzo de 2021 diff --git a/translations/es-ES/content/github/site-policy/github-codespaces-privacy-statement.md b/translations/es-ES/content/site-policy/privacy-policies/github-codespaces-privacy-statement.md similarity index 95% rename from translations/es-ES/content/github/site-policy/github-codespaces-privacy-statement.md rename to translations/es-ES/content/site-policy/privacy-policies/github-codespaces-privacy-statement.md index a21161a27c..5285c7bb6e 100644 --- a/translations/es-ES/content/github/site-policy/github-codespaces-privacy-statement.md +++ b/translations/es-ES/content/site-policy/privacy-policies/github-codespaces-privacy-statement.md @@ -2,6 +2,7 @@ title: Declaración de Privacidad de GitHub Codespaces redirect_from: - /github/site-policy/github-codespaces-privacy-policy + - /github/site-policy/github-codespaces-privacy-statement versions: fpt: '*' topics: diff --git a/translations/es-ES/content/github/site-policy/github-data-protection-agreement.md b/translations/es-ES/content/site-policy/privacy-policies/github-data-protection-agreement.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-data-protection-agreement.md rename to translations/es-ES/content/site-policy/privacy-policies/github-data-protection-agreement.md index 61b6834c96..7fffc7defa 100644 --- a/translations/es-ES/content/github/site-policy/github-data-protection-agreement.md +++ b/translations/es-ES/content/site-policy/privacy-policies/github-data-protection-agreement.md @@ -4,6 +4,7 @@ redirect_from: - /github/site-policy/github-data-protection-addendum - /github/site-policy-deprecated/github-data-protection-addendum - /github/site-policy/github-data-protection-agreement-non-enterprise-customers + - /github/site-policy/github-data-protection-agreement versions: fpt: '*' --- @@ -40,7 +41,7 @@ Los Términos del DPA proporcionan aquellos de los Servicios en Línea que se en Los términos capitalizados que se utilizan pero no se definen en este DPA tendrán los medios que se proporcionan en el Acuerdo de Cliente de GitHub. Los términos que se definen a continuación se utilizan en este DPA: -“**CCPA**” se refiere a la Ley de Privacidad de Consumidores de California, de acuerdo con lo que se establece en el Código Civil §1798.100 et seq. y sus regulaciones de implementación. +“**CCPA**” se refiere a la Ley de Privacidad de Consumidores de California, de acuerdo con lo que se establece en el Código Civ. §1798.100 et seq. y sus regulaciones de implementación. “**Datos de Cliente**” significa todos los datos, incluyendo todos los archivos de texto, sonido, video o imágenes y software que se le proporcionen a GitHub o en nombre del cliente mediante el uso del Servicio en Línea. @@ -101,7 +102,7 @@ Los Clientes deben cumplir con todas las leyes y regulaciones aplicables a su us ## Protección de datos Los términos de la DPA en esta sección incluyen las siguientes subsecciones: -- Alcance +- Ámbito - Naturaleza del Procesamiento de Datos; Propiedad - Divulgación de los Datos Procesados - Procesamiento de los Datos Personales; GDPR diff --git a/translations/es-ES/content/github/site-policy/github-privacy-statement.md b/translations/es-ES/content/site-policy/privacy-policies/github-privacy-statement.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-privacy-statement.md rename to translations/es-ES/content/site-policy/privacy-policies/github-privacy-statement.md index 316090bcbc..9f4bd24aa8 100644 --- a/translations/es-ES/content/github/site-policy/github-privacy-statement.md +++ b/translations/es-ES/content/site-policy/privacy-policies/github-privacy-statement.md @@ -7,6 +7,7 @@ redirect_from: - /github-privacy-policy - /articles/github-privacy-policy - /articles/github-privacy-statement + - /github/site-policy/github-privacy-statement versions: fpt: '*' topics: @@ -46,7 +47,7 @@ Por supuesto, la versión corta y el Resumen que aparecen a continuación no inf | [Cambios en tu Declaración de privacidad](#changes-to-our-privacy-statement) | Te notificamos los cambios importantes en esta Declaración de privacidad 30 días antes de que cualquier cambio entre en vigencia. Puedes rastrear los cambios en nuestro repositorio de Políticas del sitio. | | [Licencia](#license) | La presente Declaración de privacidad está autorizada por la [licencia Creative Commons Zero](https://creativecommons.org/publicdomain/zero/1.0/). | | [Contactarse con GitHub](#contacting-github) | Siéntete libre de contactarnos si tienes preguntas acerca de nuestra Declaración de privacidad. | -| [Traducciones](#translations) | Proporcionamos enlaces a algunas traducciones de la Declaración de privacidad. | +| [Translations](#translations) | Proporcionamos enlaces a algunas traducciones de la Declaración de privacidad. | ## Declaración de Privacidad de GitHub @@ -321,7 +322,7 @@ En el improbable caso de que surja una disputa entre tú y GitHub con respecto a ## Cambios en tu Declaración de privacidad -Aunque es probable que la mayoría de los cambios sean mínimos, GitHub puede cambiar nuestra Declaración de privacidad de manera ocasional. Les notificaremos a los Usuarios acerca de los cambios materiales a esta Declaración de privacidad por medio de nuestro Sitio web, al menos, 30 días antes de que el cambio entre en vigencia a través de la publicación de un aviso en nuestra página de inicio o enviando un correo electrónico a la dirección principal de correo electrónico que se especifica en tu cuenta de GitHub. También actualizaremos nuestro [Repositorio de políticas del sitio](https://github.com/github/site-policy/), que realiza un seguimiento de todos los cambios de esta política. Para otros cambios en esta declaración de privacidad, invitamos a los usuarios a [consultar](/github/managing-subscriptions-and-notifications-on-github/configuring-notifications#configuring-your-watch-settings-for-an-individual-repository) o a revisar el repositorio de nuestra política del sitio con frecuencia. +Aunque es probable que la mayoría de los cambios sean mínimos, GitHub puede cambiar nuestra Declaración de privacidad de manera ocasional. Les notificaremos a los Usuarios acerca de los cambios materiales a esta Declaración de privacidad por medio de nuestro Sitio web, al menos, 30 días antes de que el cambio entre en vigencia a través de la publicación de un aviso en nuestra página de inicio o enviando un correo electrónico a la dirección principal de correo electrónico que se especifica en tu cuenta de GitHub. También actualizaremos nuestro [Repositorio de políticas del sitio](https://github.com/github/site-policy/), que realiza un seguimiento de todos los cambios de esta política. For other changes to this Privacy Statement, we encourage Users to [watch](/github/managing-subscriptions-and-notifications-on-github/configuring-notifications#configuring-your-watch-settings-for-an-individual-repository) or to check our Site Policy repository frequently. ## Licencia @@ -330,12 +331,12 @@ La presente Declaración de privacidad está autorizada conforme a esta [licenci ## Contactarse con GitHub Las preguntas al respecto de la Declaración de privacidad de GitHub o de las prácticas de manejo de la información se deben realizar por medio de nuestro [Formulario de contacto de privacidad](https://support.github.com/contact/privacy). -## Traducciones +## Translations A continuación, aparecen traducciones de este documento a otros idiomas. En caso de cualquier conflicto, incertidumbre o aparente inconsistencia entre cualquiera de esas versiones y la versión en inglés, la versión en inglés es la versión que prima. ### Francés -Cliquez ici pour obtenir la version française: [Déclaration de confidentialité de GitHub](/assets/images/help/site-policy/github-privacy-statement(12.20.19)(FR).pdf) +Cliquez ici pour obtenir la version française: [Déclaration de confidentialité de GitHub](/assets/images/help/site-policy/github-privacy-statement(07.22.20)(FR).pdf) ### Otras traducciones diff --git a/translations/es-ES/content/github/site-policy/github-subprocessors-and-cookies.md b/translations/es-ES/content/site-policy/privacy-policies/github-subprocessors-and-cookies.md similarity index 99% rename from translations/es-ES/content/github/site-policy/github-subprocessors-and-cookies.md rename to translations/es-ES/content/site-policy/privacy-policies/github-subprocessors-and-cookies.md index 932407ca5d..a74893c3e2 100644 --- a/translations/es-ES/content/github/site-policy/github-subprocessors-and-cookies.md +++ b/translations/es-ES/content/site-policy/privacy-policies/github-subprocessors-and-cookies.md @@ -6,6 +6,7 @@ redirect_from: - /github-tracking - /github-cookies - /articles/github-subprocessors-and-cookies + - /github/site-policy/github-subprocessors-and-cookies versions: fpt: '*' topics: diff --git a/translations/es-ES/content/github/site-policy/githubs-notice-about-the-california-consumer-privacy-act.md b/translations/es-ES/content/site-policy/privacy-policies/githubs-notice-about-the-california-consumer-privacy-act.md similarity index 96% rename from translations/es-ES/content/github/site-policy/githubs-notice-about-the-california-consumer-privacy-act.md rename to translations/es-ES/content/site-policy/privacy-policies/githubs-notice-about-the-california-consumer-privacy-act.md index 20ff251422..476b0021eb 100644 --- a/translations/es-ES/content/github/site-policy/githubs-notice-about-the-california-consumer-privacy-act.md +++ b/translations/es-ES/content/site-policy/privacy-policies/githubs-notice-about-the-california-consumer-privacy-act.md @@ -5,6 +5,8 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/githubs-notice-about-the-california-consumer-privacy-act --- Válida desde el 1 de enero de 2020 @@ -65,7 +67,7 @@ Aunque la siguiente tabla contiene información acerca de las categorías de inf | Cualquier categoría de información personal descrita en la subdivisión (e) de Cal. Civ. Code §1798.80 (la cual define a la "información personal" como "cualquier tipo de información que identifica, relaciona, describe, o es capaz de asociarse con un individuo en particular" — con ejemplos que incluyen nombre, dirección, número de tarjeta de crédito o débito—y excluye la información disponible al público en general) | Información que el consumidor proporciona directamente | Perseguir a aquellos responsables por actividades malignas, engañosas, fraudulentas o ilegales.

Llevar a cabo servicios a nombre del negocio o proveedor de servicios | Proveedores de servicios, aplicación de leyes | Esta categoría de información personal se ha divulgado para fines comerciales o de negocios | | Las características de las clasificaciones protegidas bajo la ley federal de California (tales como género, edad) | Información que el consumidor decida proporcionar directamente | Llevar a cabo servicios (perfil de usuario) | Proveedores de servicios | Esta categoría de información personal se ha divulgado para fines comerciales o de negocios | | Información comercial (tal como aquella acerca de la compra, obtención, consideración de bienes o servicios, u otro tipo de historial o tendencia de compra o consumo) | Información que proporciona el consumidor directamente o automáticamente a través de su interacción con nuestros Servicios | Depuración para identificar y reparar errores que perjudican la funcionalidad deseada

Llevar a cabo servicios a nombre del negocio o proveedor de servicios | Proveedores de servicios | Esta categoría de información personal se ha divulgado para propósitos comerciales o de negocios | | Información de actividad en internet o en otra red electrónica (tal como historial de internet, historial de búsqueda, e información relacionada con la interacción de un cliente con una aplicación o sitio web de internet) | Información que el cliente proporciona automáticamente a través de su interacción con nuestros Servicios | Detectar incidentes de seguridad, proteger contra la actividad maligna, engañosa, fraudulenta, o ilegal, y perseguir a los responsables de dicha actividad

Depurar para identificar y reparar errores que perjudican la funcionalidad deseada

Llevar a cabo servicios a nombre del negocio o proveedor de servicios

Realizar investigación interna sobre demostraciones y desarrollo tecnológico

Realizar actividades para verificar o mantener la calidad o seguridad de un servicio, y para mejorarlo, actualizarlo o ampliarlo | Proveedores de servicio, clientes aplicables, aplicación de leyes | Esta categoría de información personal se ha divulgado para fines comerciales o de negocios | - Datos de Geolocalización (tales como la dirección IP) | Información que el consumidor proporciona automáticamente a través de su interacción con nuestros servicios | Detectar incidentes de seguridad, proteger contra actividades malignas, engañosas fraudulentas o ilegales, y perseguir a los responsables de dicha actividad

Depurar para identificar y reparar los errores que perjudican la funcionalidad deseada

Llevar a cabo servicios a nombre del negocio o proveedor de servicios

Realizar investigación interna sobre demostraciones y desarrollo tecnológico

Realizar actividades para verificar o mantener la calidad o seguridad de un servicio, y para mejorarlo, actualizarlo o ampliarlo | Proveedores de servicio, clientes aplicables, aplicación de leyes | Esta categoría de información personal se ha divulgado para fines comerciales o de negocios |Información de audio, electrónica, visual o similar | Información que el consumidor podrá elegir proporcionar directamente | Llevar a cabo servicios (perfil de usuario) | Proveedores de servicios | Esta categoría de información personal se ha divulgado para fines comerciales o de negocios | Información profesional o relacionada con el empleo | Información que el consumidor podrá elegir proporcionar directamente | Llevar a cabo servicios (perfil de usuario) | Proveedores de servicios | Esta categoría de información personal se ha divulgado para fines comerciales o de negocios | Infomración de la educación que no está disponible públicamente ni identifica a las personas | Esta categoría de información personal se ha divulgado con fines comerciales o de negocios | Información como se define en la Ley de Privacidad y Derechos Educacionales Familiares (20 U. S.C. Sec. 1232g; 34 C. F.R. Parte 99) | Información que el consumidor pudiera proporcionar directamente | Llevar a cabo servicios (perfil de usuario) | Proveedores de servicios | Esta categoría de información personal se ha divulgado para fines comerciales o de negocios | Inferencias extraídas de cualquier información identificada en esta tabla para crear un perfil acerca de un consumidor, el cual refleje las preferencias del mismo | Información que el consumidor proporciona directamente o automáticamente a través de su interacción con nuestros Servicios | Llevar a cabo servicios a nombre del negocio o proveedor de servicios | Proveedores de servicios | Esta categoría de información personal se ha divulgado para fines comerciales o de negocios | + Datos de Geolocalización (tales como la dirección IP) | Información que el consumidor proporciona automáticamente a través de su interacción con nuestros servicios | Detectar incidentes de seguridad, proteger contra actividades malignas, engañosas fraudulentas o ilegales, y perseguir a los responsables de dicha actividad

Depurar para identificar y reparar los errores que perjudican la funcionalidad deseada

Llevar a cabo servicios a nombre del negocio o proveedor de servicios

Realizar investigación interna sobre demostraciones y desarrollo tecnológico

Realizar actividades para verificar o mantener la calidad o seguridad de un servicio, y para mejorarlo, actualizarlo o ampliarlo | Proveedores de servicio, clientes aplicables, aplicación de leyes | Esta categoría de información personal se ha divulgado para fines comerciales o de negocios |Información de audio, electrónica, visual o similar | Información que el consumidor podrá elegir proporcionar directamente | Llevar a cabo servicios (perfil de usuario) | Proveedores de servicios | Esta categoría de información personal se ha divulgado para fines comerciales o de negocios | Información profesional o relacionada con el empleo | Información que el consumidor podrá elegir proporcionar directamente | Llevar a cabo servicios (perfil de usuario) | Proveedores de servicios | Esta categoría de información personal se ha divulgado para fines comerciales o de negocios | Infomración de la educación que no está disponible públicamente ni identifica a las personas | Esta categoría de información personal se ha divulgado con fines comerciales o de negocios | Información como se define en la Ley de Privacidad y Derechos Educacionales Familiares (20 U. S.C. Sec. Sección 1232g; 34 C. F.R. Parte 99) | Información que el consumidor pudiera proporcionar directamente | Llevar a cabo servicios (perfil de usuario) | Proveedores de servicios | Esta categoría de información personal se ha divulgado para fines comerciales o de negocios | Inferencias extraídas de cualquier información identificada en esta tabla para crear un perfil acerca de un consumidor, el cual refleje las preferencias del mismo | Información que el consumidor proporciona directamente o automáticamente a través de su interacción con nuestros Servicios | Llevar a cabo servicios a nombre del negocio o proveedor de servicios | Proveedores de servicios | Esta categoría de información personal se ha divulgado para fines comerciales o de negocios | ## Ejemplos bajo la CCPA diff --git a/translations/es-ES/content/github/site-policy/global-privacy-practices.md b/translations/es-ES/content/site-policy/privacy-policies/global-privacy-practices.md similarity index 99% rename from translations/es-ES/content/github/site-policy/global-privacy-practices.md rename to translations/es-ES/content/site-policy/privacy-policies/global-privacy-practices.md index cbfef01f73..d43a5d8c49 100644 --- a/translations/es-ES/content/github/site-policy/global-privacy-practices.md +++ b/translations/es-ES/content/site-policy/privacy-policies/global-privacy-practices.md @@ -3,6 +3,7 @@ title: Prácticas de Privacidad Globales redirect_from: - /eu-safe-harbor - /articles/global-privacy-practices + - /github/site-policy/global-privacy-practices versions: fpt: '*' topics: diff --git a/translations/es-ES/content/site-policy/privacy-policies/index.md b/translations/es-ES/content/site-policy/privacy-policies/index.md new file mode 100644 index 0000000000..7acb263d6d --- /dev/null +++ b/translations/es-ES/content/site-policy/privacy-policies/index.md @@ -0,0 +1,17 @@ +--- +title: Privacy Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-codespaces-privacy-statement + - /global-privacy-practices + - /github-data-protection-agreement + - /github-privacy-statement + - /github-subprocessors-and-cookies + - /githubs-notice-about-the-california-consumer-privacy-act + - /github-candidate-privacy-policy +--- + diff --git a/translations/es-ES/content/site-policy/security-policies/coordinated-disclosure-of-security-vulnerabilities.md b/translations/es-ES/content/site-policy/security-policies/coordinated-disclosure-of-security-vulnerabilities.md new file mode 100644 index 0000000000..57244e09b0 --- /dev/null +++ b/translations/es-ES/content/site-policy/security-policies/coordinated-disclosure-of-security-vulnerabilities.md @@ -0,0 +1,22 @@ +--- +title: Divulgación coordinada de las vulnerabilidades de seguridad +redirect_from: + - /responsible-disclosure + - /coordinated-disclosure + - /articles/responsible-disclosure-of-security-vulnerabilities + - /github/site-policy/responsible-disclosure-of-security-vulnerabilities + - /github/site-policy/coordinated-disclosure-of-security-vulnerabilities +versions: + fpt: '*' +topics: + - Policy + - Legal +--- + +Deseamos mantener a GitHub seguro para todos. Si descubres una vulnerabilidad de seguridad en GitHub, apreciamos tu ayuda para divulgárnosla de forma coordinada. + +## Programa de recompensas + +Al igual que muchas otras grandes empresas de software, GitHub proporciona una recompensa de errores para mejorar la relación con los investigadores de seguridad. La idea es simple: los hackers e investigadores de seguridad (como tú) encuentran y reportan vulnerabilidades mediante nuestro proceso de divulgación coordinado. Posteriormente, para reconocer el esfuerzo significativo que estos investigadores suelen presentan cuando cazan errores, los recompensamos con algo de dinero en efectivo. + +Revisa el sitio [Recompensa de Errores de GitHub](https://bounty.github.com) para obtener detalles de recompensas, revisa también nuestros términos amplios de la [Disposición de seguridad legal ](/articles/github-bug-bounty-program-legal-safe-harbor) y ¡Feliz caza! diff --git a/translations/es-ES/content/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor.md b/translations/es-ES/content/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor.md new file mode 100644 index 0000000000..5f35c3551b --- /dev/null +++ b/translations/es-ES/content/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor.md @@ -0,0 +1,37 @@ +--- +title: Disposición de seguridad legal del programa de recompensas de errores de GitHub +redirect_from: + - /articles/github-bug-bounty-program-legal-safe-harbor +versions: + fpt: '*' +topics: + - Policy + - Legal +--- + +## Resumen +1. Queremos coordinar la divulgación a través de nuestro programa de recompensas por errores y no queremos que los investigadores teman a las consecuencias legales por sus intentos bienintencionados de cumplir con nuestra política de recompensas por errores. No podemos vincular a ningún tercero, por lo que no presuponemos que esta protección se extiende a ningún tercero. Si tienes dudas, pregúntanos antes de participar en cualquier acción específica que consideres que _Podría_ vaya fuera de los límites de nuestra política. +2. Dado que tanto la información de identificación como la no identificativa pueden poner a un investigador en riesgo, limitamos lo que compartimos con terceros. Es posible que proporcionemos información sustantiva no identificativa de tu informe a un tercero afectado, pero solo después de notificarte a ti y de recibir un compromiso de que el tercero no perseguirá acciones legales en tu contra. Solo compartiremos la información de identificación (nombre, dirección de correo electrónico, número de teléfono, etc.) con un tercero si le proporcionas tu permiso por escrito. +3. Si tu investigación de seguridad como parte del programa de recompensas por errores viola ciertas restricciones en nuestras políticas del sitio, los términos del puerto seguro permiten una exención limitada. + +## 1. Condiciones de la disposición de seguridad + +Para alentar la investigación y coordinar la divulgación de las vulnerabilidades de seguridad, no perseguiremos las acciones criminales o civiles ni enviaremos notificaciones a las autoridades cuando existan violaciones accidentales o de buena fe a esta política. Consideramos que las investigaciones de seguridad y las actividades de divulgación de vulnerabilidades llevadas a cabo de acuerdo con esta política son conductas "autorizadas" conforme a la ley de fraude y abuso informático, la DMCA y otras leyes aplicables de uso informático, como Código Penal de Cal. 502(c). Renunciamos a cualquier demanda potencial de DMCA en tu contra por eludir las medidas tecnológicas que hemos utilizado para proteger las aplicaciones en este alcance del programa de recompensas de errores. + +Por favor, entiende que si tu investigación de seguridad involucra las redes, sistemas, información, aplicaciones, productos o servicios de un tercero (que no seamos nosotros), no podemos vincular a ese tercero y pueden perseguir acciones legales o aviso de cumplimiento de la ley. No podemos y no autorizamos la investigación de seguridad en el nombre de otras entidades, y de ninguna manera podemos ofrecer defenderte, indemnizarte o protegerte de ninguna manera de cualquier acción de terceros en base a sus acciones. + +Se espera, como siempre, cumplir con todas las leyes aplicables a ti, y no interrumpir o comprometer ningún dato más allá de lo que este programa de recompensas de errores permite. + +Ponte en contacto con nosotros antes de participar en una conducta que puede ser incompatible con esta política o no ser tratada por esta. Nos reservamos el derecho exclusivo de hacer la determinación de si una violación de esta política es accidental o de buena fe y el contacto proactivo con nosotros antes de participar en cualquier acción es un factor significativo en esa decisión. Si tienes dudas, ¡Pregúntanos primero! + +## 2. Disposición de seguridad de terceros + +Si envías un informe a través de nuestro programa de recompensas de errores que afecta a un servicio de terceros, limitaremos lo que compartamos con cualquier tercero afectado. Es posible que compartamos contenido no identificable de tu informe con un tercero afectado, pero solo después de notificarte que tenemos la intención de hacerlo y de obtener el compromiso por escrito del tercero de que no perseguirán acciones legales en tu contra o de iniciar contacto con las fuerzas del orden de las leyes en base a tu informe. No compartiremos tu información de identificación con ningún tercero afectado sin obtener primero tu permiso por escrito para hacerlo. + +Ten en cuenta que no podemos autorizar pruebas fuera de alcance en nombre de terceros y dichas pruebas están fuera del alcance de nuestra política. Consulta la política de recompensas de errores de ese tercer, si tiene una, o comunícate directamente con el tercero o a través de un representante legal antes de iniciar cualquier prueba en ese tercero o en sus servicios. Esto no es, y no debe entenderse como, cualquier acuerdo de nuestra parte para defender, indemnizar o de cualquier otra manera protegerte de cualquier acción de terceros con base a tus acciones. + +Dicho esto, si un tercero inicia una acción legal, incluyendo las fuerzas del orden, en tu contra por tu participación en este programa de recompensa de errores y has cumplido suficientemente con nuestra política de recompensas por errores (es decir, no has hecho violaciones intencionales o de mala fe), tomaremos las medidas para hacer que se conozca que tus acciones se realizaron de conformidad con esta política. Si bien consideramos que los informes presentados son documentos confidenciales y potencialmente privilegiados y protegidos frente a la divulgación forzada en la mayoría de las circunstancias, ten en cuenta que un tribunal puede, a pesar de nuestras objeciones, ordenarnos que compartamos información con un tercero. + +## 3. Exención limitada de otras políticas del sitio + +En medida en que tus actividades de investigación de seguridad sean inconsistentes con ciertas restricciones en nuestras [políticas relevantes de sitio](/categories/site-policy/) pero consistentes con las condiciones de nuestro programa de recompensas por errores, renunciamos a estas restricciones por el solo y único propósito de permitir tu investigación de seguridad bajo este programa. De la misma forma que se menciona anteriormente, si tienes dudas, ¡Pregúntanos primero! diff --git a/translations/es-ES/content/site-policy/security-policies/index.md b/translations/es-ES/content/site-policy/security-policies/index.md new file mode 100644 index 0000000000..35aab7da83 --- /dev/null +++ b/translations/es-ES/content/site-policy/security-policies/index.md @@ -0,0 +1,12 @@ +--- +title: Security Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /coordinated-disclosure-of-security-vulnerabilities + - /github-bug-bounty-program-legal-safe-harbor +--- + diff --git a/translations/es-ES/data/features/actions-cache-management.yml b/translations/es-ES/data/features/actions-cache-management.yml new file mode 100644 index 0000000000..9d28e9b9db --- /dev/null +++ b/translations/es-ES/data/features/actions-cache-management.yml @@ -0,0 +1,8 @@ +--- +#Reference: #6154 +#Documentation for Actions cache management APIs (initial ship) +versions: + fpt: '*' + ghec: '*' + ghes: '> 3.4' + ghae: 'issue-6154' diff --git a/translations/es-ES/data/features/device-flow-is-opt-in.yml b/translations/es-ES/data/features/device-flow-is-opt-in.yml new file mode 100644 index 0000000000..1b66880f95 --- /dev/null +++ b/translations/es-ES/data/features/device-flow-is-opt-in.yml @@ -0,0 +1,6 @@ +--- +#docs-content 6307. OAuth device auth flow is opt in. +versions: + fpt: '*' + ghec: '*' + ghae: 'issue-6307' diff --git a/translations/es-ES/data/features/mermaid.yml b/translations/es-ES/data/features/mermaid.yml index 09870e35f9..db633f907d 100644 --- a/translations/es-ES/data/features/mermaid.yml +++ b/translations/es-ES/data/features/mermaid.yml @@ -1,8 +1,8 @@ --- -#Issue 5812 and 6172 -#Mermaid syntax support +#Issues 5812 and 6172, also 6411 +#Mermaid syntax support, also ASCII STL and geoJSON/topoJSON syntax support versions: fpt: '*' ghec: '*' - ghes: '>=3.5' + ghes: '>=3.6' ghae: 'issue-6172' diff --git a/translations/es-ES/data/features/re-run-jobs.yml b/translations/es-ES/data/features/re-run-jobs.yml new file mode 100644 index 0000000000..8090de2387 --- /dev/null +++ b/translations/es-ES/data/features/re-run-jobs.yml @@ -0,0 +1,8 @@ +--- +#Issue 4722 +#Re-running failed jobs in an Actions workflow +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.5' + ghae: 'issue-4722' diff --git a/translations/es-ES/data/learning-tracks/actions.yml b/translations/es-ES/data/learning-tracks/actions.yml index 2454c612e5..3f4d88a6bc 100644 --- a/translations/es-ES/data/learning-tracks/actions.yml +++ b/translations/es-ES/data/learning-tracks/actions.yml @@ -39,7 +39,7 @@ deploy_to_the_cloud: - /actions/deployment/deploying-to-google-kubernetes-engine adopting_github_actions_for_your_enterprise_ghec: title: 'Adoptar GitHub Actions para tu empresa' - description: 'Learn how to plan and implement a rollout of {% data variables.product.prodname_actions %} in your enterprise.' + description: 'Aprende a planear y hacer una implementación de {% data variables.product.prodname_actions %} en tu empresa.' versions: ghec: '*' guides: @@ -52,7 +52,7 @@ adopting_github_actions_for_your_enterprise_ghec: - /billing/managing-billing-for-github-actions/about-billing-for-github-actions adopting_github_actions_for_your_enterprise_ghes_and_ghae: title: 'Adoptar GitHub Actions para tu empresa' - description: 'Learn how to plan and implement a rollout of {% data variables.product.prodname_actions %} in your enterprise.' + description: 'Aprende a planear y hacer una implementación de {% data variables.product.prodname_actions %} en tu empresa.' versions: ghes: '*' ghae: '*' diff --git a/translations/es-ES/data/learning-tracks/admin.yml b/translations/es-ES/data/learning-tracks/admin.yml index 85a81ba5f8..3e94b82af3 100644 --- a/translations/es-ES/data/learning-tracks/admin.yml +++ b/translations/es-ES/data/learning-tracks/admin.yml @@ -8,6 +8,7 @@ get_started_with_github_ae: guides: - /admin/overview/about-github-ae - /admin/overview/about-data-residency + - /admin/configuration/configuring-your-enterprise/deploying-github-ae - /admin/configuration/initializing-github-ae - /admin/configuration/restricting-network-traffic-to-your-enterprise - /admin/github-actions/getting-started-with-github-actions-for-github-ae @@ -38,7 +39,7 @@ upgrade_your_instance: - /admin/enterprise-management/upgrading-github-enterprise-server adopting_github_actions_for_your_enterprise_ghec: title: 'Adoptar GitHub Actions para tu empresa' - description: 'Learn how to plan and implement a rollout of {% data variables.product.prodname_actions %} in your enterprise.' + description: 'Aprende a planear y hacer una implementación de {% data variables.product.prodname_actions %} en tu empresa.' versions: ghec: '*' guides: @@ -51,7 +52,7 @@ adopting_github_actions_for_your_enterprise_ghec: - /billing/managing-billing-for-github-actions/about-billing-for-github-actions adopting_github_actions_for_your_enterprise_ghes_and_ghae: title: 'Adoptar GitHub Actions para tu empresa' - description: 'Learn how to plan and implement a rollout of {% data variables.product.prodname_actions %} in your enterprise.' + description: 'Aprende a planear y hacer una implementación de {% data variables.product.prodname_actions %} en tu empresa.' versions: ghes: '*' ghae: '*' diff --git a/translations/es-ES/data/learning-tracks/code-security.yml b/translations/es-ES/data/learning-tracks/code-security.yml index 8270e1d54f..53a7ba5dba 100644 --- a/translations/es-ES/data/learning-tracks/code-security.yml +++ b/translations/es-ES/data/learning-tracks/code-security.yml @@ -18,39 +18,39 @@ dependabot_alerts: title: 'Obtén notificaciones para las dependencias vulnerables' description: 'Configurar al Dependabot para alertarte sobre vulnerabilidades nuevas en tus dependencias.' guides: - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies + - /code-security/dependabot/dependabot-alerts/about-dependabot-alerts - '{% ifversion fpt or ghec or ghes > 3.2 %}/github/administering-a-repository/managing-repository-settings/managing-security-and-analysis-settings-for-your-repository{% endif %}' - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors + - /code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts + - /code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies + - /code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors #Feature available on dotcom and GHES 3.3+, so articles available on GHAE and earlier GHES hidden to hide the learning track dependabot_security_updates: title: 'Obtén solicitudes de cambios para actualizar tus dependencias vulnerables' description: 'Configurar al Dependabot para crear solicitudes de cambios cuando se reporten vulnerabilidades nuevas.' guides: - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates + - /code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates + - /code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates - '{% ifversion fpt or ghec or ghes > 3.2 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies{% endif %}' - '{% ifversion fpt or ghec or ghes > 3.2 %}/github/administering-a-repository/managing-repository-settings/managing-security-and-analysis-settings-for-your-repository{% endif %}' - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates - '{% ifversion fpt or ghec or ghes > 3.2 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies{% endif %}' #Feature available only on dotcom and GHES 3.3+ dependency_version_updates: title: 'Mantén tus dependencias actualizadas' description: 'Utilizar el Dependabot para verificar lanzamientos nuevos y crear solicitudes de cambios para actualizar tus dependencias.' guides: - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors + - /code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates + - /code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates + - /code-security/dependabot/dependabot-version-updates/customizing-dependency-updates + - /code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + - /code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot + - /code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions + - /code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates + - /code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors #Feature available in GHEC, GHES 3.0 up, and GHAE. Feature limited on FPT so hidden there. secret_scanning: title: 'Escanear en búsqueda de secretos' @@ -103,3 +103,12 @@ code_security_ci: - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/migrating-from-the-codeql-runner-to-codeql-cli - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/troubleshooting-codeql-runner-in-your-ci-system +#Feature available in all versions +end_to_end_supply_chain: + title: 'End-to-end supply chain' + description: 'How to think about securing your user accounts, your code, and your build process.' + guides: + - /code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-code + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-builds diff --git a/translations/es-ES/data/product-examples/code-security/code-examples.yml b/translations/es-ES/data/product-examples/code-security/code-examples.yml index d652a07c64..3dbd1a0007 100644 --- a/translations/es-ES/data/product-examples/code-security/code-examples.yml +++ b/translations/es-ES/data/product-examples/code-security/code-examples.yml @@ -24,7 +24,7 @@ #Security policies title: Microsoft security policy template description: Política de seguridad de ejemplo - href: https://github.com/microsoft/repo-templates/blob/main/shared/SECURITY.md + href: /microsoft/repo-templates/blob/main/shared/SECURITY.md tags: - Política de seguridad - diff --git a/translations/es-ES/data/release-notes/enterprise-server/3-1/0.yml b/translations/es-ES/data/release-notes/enterprise-server/3-1/0.yml index f37b8ac998..cc3dcfbd19 100644 --- a/translations/es-ES/data/release-notes/enterprise-server/3-1/0.yml +++ b/translations/es-ES/data/release-notes/enterprise-server/3-1/0.yml @@ -33,6 +33,7 @@ sections: - 'El último lanzamiento del CLI de CodeQL es compatible con subir los resultados del análisis a GitHub. esto facilita ejecutar el análisis de código para los clientes que quieran utilizar sistemas de IC/DC diferentes a los de {% data variables.product.prodname_actions %}. Anteriormente, estos usuarios tenían que utilizar un ejecutor de CodeQL por separado, el cual aún estará disponible. Para obtener más información, consulta la sección [Acerca del escaneo de código de CodeQL en tu sistema de IC](/enterprise-server@3.1/code-security/secure-coding/about-codeql-code-scanning-in-your-ci-system)".' - '{% data variables.product.prodname_actions %} es ahora compatible con saltar los flujos de trabajo de tipo `push` y `pull_request` si se buscan las palabras clave en común dentro de tu mensaje de confirmación.' - 'Se archivará las anotaciones de verificación más antiguas a cuatro meses.' + - 'Scaling of worker allocation for background tasks has been revised. We recommend validating that the new defaults are appropriate for your workload. Custom background worker overrides should be unset in most cases. [Updated 2022-03-18]' - heading: 'Cambios de seguridad' notes: - 'Siguiendo la retroalimentación, seguirá habiendo compatibilidad para mostrar los resultados del escaneo de código en una solicitud de cambios sin emitirlos con una ID de esta. Para obtener más información, consulta las secciones "[Configurar el escaneo de código](/enterprise-server@3.1/code-security/secure-coding/configuring-code-scanning#scanning-pull-requests)" y "[Configurar el escaneo de código de CodeQL en tu sistema de IC](/enterprise-server@3.1/code-security/secure-coding/configuring-codeql-code-scanning-in-your-ci-system#scanning-pull-requests).' diff --git a/translations/es-ES/data/release-notes/enterprise-server/3-4/0-rc1.yml b/translations/es-ES/data/release-notes/enterprise-server/3-4/0-rc1.yml index 6ac8139660..8ec4174ec7 100644 --- a/translations/es-ES/data/release-notes/enterprise-server/3-4/0-rc1.yml +++ b/translations/es-ES/data/release-notes/enterprise-server/3-4/0-rc1.yml @@ -1,7 +1,7 @@ --- date: '2022-02-15' release_candidate: true -deprecated: false +deprecated: true intro: | {% note %} diff --git a/translations/es-ES/data/release-notes/enterprise-server/3-4/0.yml b/translations/es-ES/data/release-notes/enterprise-server/3-4/0.yml new file mode 100644 index 0000000000..e2c97f8bec --- /dev/null +++ b/translations/es-ES/data/release-notes/enterprise-server/3-4/0.yml @@ -0,0 +1,193 @@ +--- +date: '2022-03-15' +intro: | + + For upgrade instructions, see "[Upgrading {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)." + + > This release is dedicated to our colleague and friend John, a Hubber who was always there to help. You will be greatly missed. + > + > **John "Ralph" Wiebalk 1986–2021** +sections: + features: + - + heading: Secret scanning REST API now returns locations + notes: + - | + Los clientes de la {% data variables.product.prodname_GH_advanced_security %} ahora pueden utilizar la API de REST para recuperar detalles de confirmación de los secretos que se detectan en escaneos de repositorio privados. La terminal nueva devuelve los detalles de las primeras detecciones de secretos dentro de un archivo, incluyendo la ubicación de dicho secreto y el SHA de confirmación. Para obtener más información, consulta la sección "[Escaneo de secretos](/rest/reference/secret-scanning)" en la documentación de la API de REST. + - + heading: Export license data of committer-based billing for GitHub Advanced Security + notes: + - | + Los propietarios de empresas y organizaciones ahora pueden exportar sus datos de uso de licencia de {% data variables.product.prodname_GH_advanced_security %} a un archivo CSV. Los datos de facturación de {% data variables.product.prodname_advanced_security %} también pueden recuperarse a través de terminales de facturación en la API de REST. Para obtener más información, consulta la "[Bitácora de cambios de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-11-export-github-advanced-security-license-usage-data/)". + - + heading: GitHub Actions reusable workflows in public beta + notes: + - | + Ahora puedes reutilizar flujos de trabajo enteros como si fueran una acción. Esta característica está disponible en beta público. En vez de copiar y pegar las definiciones de flujos de trabajo entre repositorios, ahora puedes referenciar un flujo de trabajo existente con una sola línea de configuración. Para obtener más información, consulta la [Bitácora de cambios de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-10-05-github-actions-dry-your-github-actions-configuration-by-reusing-workflows/)". + - + heading: Dependabot security and version updates in public beta + notes: + - | + El {% data variables.product.prodname_dependabot %} ahora está disponible en {% data variables.product.prodname_ghe_server %} 3.4 como un beta público y ofrece tanto actualziaciones de versión como de seguridad para varios ecosistemas populares. El {% data variables.product.prodname_dependabot %} en {% data variables.product.prodname_ghe_server %} requiere {% data variables.product.prodname_actions %} y un conjunto de ejecutores auto-hospedados configurado para que el mismo {% data variables.product.prodname_dependabot %} los utilice. El {% data variables.product.prodname_dependabot %} en {% data variables.product.prodname_ghe_server %} también requiere que un administrador habilite tanto {% data variables.product.prodname_github_connect %} como el mismo {% data variables.product.prodname_dependabot %}. Puedes compartir tu retroalimentación y sugerencias en el [Debate de GitHub sobre la retroalimentación para el {% data variables.product.prodname_dependabot %}](https://github.com/github/feedback/discussions/categories/dependabot-feedback). Para obtener más información y probar el beta, consulta la sección "[Configurar la seguridad y las actualizaciones de versión del {% data variables.product.prodname_dependabot %} en tu empresa](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/setting-up-dependabot-updates)". + - + heading: SAML authentication supports encrypted assertions + notes: + - | + If you use SAML authentication for {% data variables.product.prodname_ghe_server %}, you can now configure encrypted assertions from your IdP to improve security. Encrypted assertions add an additional layer of encryption when your IdP transmits information to {% data variables.product.product_location %}. For more information, see "[Using SAML](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml#enabling-encrypted-assertions)." + changes: + - + heading: Cambios en la administración + notes: + - Users can now choose the number of spaces a tab is equal to, by setting their preferred tab size in the "Appearance" settings of their user account. All code with a tab indent will render using the preferred tab size. + - The {% data variables.product.prodname_github_connect %} data connection record now includes a count of the number of active and dormant users and the configured dormancy period. + - You can now give users access to enterprise-specific links by adding custom footers to {% data variables.product.prodname_ghe_server %}. For more information, see "[Configuring custom footers](/admin/configuration/configuring-your-enterprise/configuring-custom-footers)." + - + heading: Cambios de rendimiento + notes: + - WireGuard, used to secure communication between {% data variables.product.prodname_ghe_server %} instances in a High Availability configuration, has been migrated to the Kernel implementation. + - + heading: Notification Changes + notes: + - Organization owners can now unsubscribe from email notifications when new deploy keys are added to repositories belonging to their organizations. For more information, see "[Configuring notifications](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications)." + - 'Notification emails from newly created issues and pull requests now include `(Issue #xx)` or `(PR #xx)` in the email subject, so you can recognize and filter emails that reference these types of issues.' + - + heading: Organization Changes + notes: + - Organizations can now display a `README.md` file on their profile Overview. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-14-readmes-for-organization-profiles/)." + - 'Los miembros de las organizaciones ahora pueden ver una lista de los propietarios de su empresa debajo de la pestaña de "Personas" de la organización. También puede accederse a la lista de propietarios de la empresa utilizando la API de GraphQL. Para obtener más información, consulta el campo "[`enterpriseOwners`](/graphql/reference/objects#organization)" debajo del objeto de Organización en la documentación de la API de GraphQL.' + - + heading: Cambios de repositorios + notes: + - | + Ahora se muestra una sección de "Administrar acceso" en la página de "Colaboradores y equipos" de tus ajustes de repositorio. La sección nueva facilita a los administradores de repositorio el ver y administrar quiénes tienen acceso a este y el nivel de acceso que se le otorgó a cada usuario. Los administradores ahora pueden: + + *Buscar a todos los miembros, equipos y colaboradores que tengan acceso al repositorio. + *Ver cuando los miembros tienen tareas de rol mixto, otorgárselas directamente como individuos o indirectamente a través de un equipo. Esto se visualiza a través de una advertencia nueva de "roles mixtos", la cual muestra el rol de nivel más alto que se le otorgó a un usuario si su nivel de permiso es mayor que el de su rol asignado. + *Administrar el acceso a los repositorios populares confiablemente, con paginación y menos tiempos de inactividad cuando grupos grandes de usuarios tienen acceso. + - '{% data variables.product.prodname_ghe_server %} 3.4 includes improvements to the repository invitation experience, such as notifications for private repository invites, a UI prompt when visiting a private repository you have a pending invitation for, and a banner on a public repository overview page when there is an pending invitation.' + - 'Ahora puedes utilizar prefijos de un solo carácter para los autoenlaces. Los prefijos de autoenlace ahora también permiten caracteres como `.`, `-`, `_`, `+`, `=`, `:`, `/` y `#`, así como alfanuméricos. Para obtener más información sobre los autoenlaces personalizados, consulta la sección "[Configurar autoenlaces para referenciar recursos externos](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources)".' + - A `CODE_OF_CONDUCT.md` file in the root of a repository is now highlighted in the "About" sidebar on the repository overview page. + - + heading: 'Releases changes' + notes: + - '{% data variables.product.prodname_ghe_server %} 3.4 incluye mejoras a la UI de lanzamientos, tales como notas de lanzamiento generadas automáticamente, las cuales muestran un resumen de todas las solicitudes de cambio para un lanzamiento en particular. Para obtener más información, consulta la "[Bitácora de cambios de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-10-20-improvements-to-github-releases-generally-available/)".' + - When a release is published, an avatar list is now displayed at the bottom of the release. Avatars for all user accounts mentioned in the release notes are shown. For more information, see "[Managing releases in a repository](/repositories/releasing-projects-on-github/managing-releases-in-a-repository)." + - + heading: 'Cambios en el Lenguaje de Marcado' + notes: + - Ahora puedes utilizar la página de ajustes de "Accesibilidad" para administrar tus atajos de teclado. Puedes elegir inhabilitar aquellos que solo utilicen caracteres sencillos como S, G C y . (la tecla de punto). Para obtener más información, consulta la "[Bitácora de cambios de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-16-managing-keyboard-shortcuts-using-accessibility-settings/)". + - You can now choose to use a fixed-width font in Markdown-enabled fields, like issue comments and pull request descriptions. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-12-fixed-width-font-support-in-markdown-enabled-fields/)." + - You can now paste a URL on selected text to quickly create a Markdown link. This works in all Markdown-enabled fields, such as issue comments and pull request descriptions. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-linkify-selected-text-on-url-paste/)." + - 'An image URL can now be appended with a theme context, such as `#gh-dark-mode-only`, to define how the Markdown image is displayed to a viewer. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-24-specify-theme-context-for-images-in-markdown/)."' + - Al crear o editar un archivo de gist con la extensión de archivo de lenguaje de marcado (`.md`), ahora puedes utilizar la pestaña de "Vista previa" o "Cambios a la vista previa" para mostrar un lenguaje de marcado que interprete el contenido del archivo. Para obtener más información, consulta la "[Bitácora de cambios de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-17-preview-the-markdown-rendering-of-gists/)". + - When typing the name of a {% data variables.product.prodname_dotcom %} user in issues, pull requests and discussions, the @mention suggester now ranks existing participants higher than other {% data variables.product.prodname_dotcom %} users, so that it's more likely the user you're looking for will be listed. + - Right-to-left languages are now supported natively in Markdown files, issues, pull requests, discussions, and comments. + - + heading: 'Cambios en propuestas y sollicitudes de cambio' + notes: + - The diff setting to hide whitespace changes in the pull request "Files changed" tab is now retained for your user account for that pull request. The setting you have chosen is automatically reapplied if you navigate away from the page and then revisit the "Files changed" tab of the same pull request. + - Cuando utilizas la asignación automática para las revisiones de código de solicitudes de cambios, ahora puedes elegir solo notificar a los miembros de equipo solicitados independientemente de tus ajustes de asignación automática. Este ajuste es útil en escenarios en donde muchos usuarios se asignan automáticamente pero no todos ellos requieren notificaciones. Para obtener más información, consulta la "[Bitácora de cambios de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-10-team-member-pull-request-review-notifications-can-be-configured-independently-of-auto-assignment/)". + - + heading: 'Cambios a las ramas' + notes: + - 'Organization and repository administrators can now trigger webhooks to listen for changes to branch protection rules on their repositories. For more information, see the "[branch_protection_rule](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#branch_protection_rule)" event in the webhooks events and payloads documentation.' + - Cuando configuras ramas protegidas, ahora puedes requerir que una {% data variables.product.prodname_github_app %} específica proporcione una verificación de estado requerida. Si entonces una aplicación diferente proporciona un estado o si lo hace un usuario a través de un estado de confirmación, se prevendrá la fusión. Esto garantiza que la aplicación correcta valide todos los cambios. Para obtener más información, consulta la "[Bitácora de cambios de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-12-01-ensure-required-status-checks-provided-by-the-intended-app/)". + - Únicamente los usuarios con permisos administrativos son capaces de renombrar las ramas protegidas y modificar las reglas de protección de rama. Anteriormente, con la excepción de la rama predeterminada, cualquier colaborador podía renombrar la rama y, como consecuencia, cualquier regla de protección de rama no comodín que aplicara a dicha rama también se renombraría. Para obtener más información, consulta las secciones "[Renombrar una rama](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch)" y "[Administrar una regla de protección de rama](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule)". + - Administrators can now allow only specific users and teams to bypass pull request requirements. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-19-allow-bypassing-required-pull-requests/)." + - Administrators can now allow only specific users and teams to force push to a repository. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-12-21-specify-who-can-force-push-to-a-repository/)." + - When requiring pull requests for all changes to a protected branch, administrators can now choose if approved reviews are also a requirement. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-require-pull-requests-without-requiring-reviews/)." + - + heading: 'Cambioas a las GitHub Actions' + notes: + - 'Los flujos de trabajo de {% data variables.product.prodname_actions %} que activa el {% data variables.product.prodname_dependabot %} para los eventos `create`, `deployment` y `deployment_status` ahora siempre reciben un token de solo lectura y ningún secreto. De forma similar, los flujos de trabajo que activa el {% data variables.product.prodname_dependabot %} para el evento `pull_request_target` en las solicitudes de cambio en donde el {% data variables.product.prodname_dependabot %} creó la ref base ahora siempre reciben un token de solo lectura y ningún secreto. Estos cambios se diseñaron para prevenir que el código potencialmente malintencionado se ejecute en un flujo de trabajo privilegiado. Para obtener más información, consulta la sección "[Automatizar el {% data variables.product.prodname_dependabot %} con las {% data variables.product.prodname_actions %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)".' + - Las ejecuciones de flujo de trabajo en los eventos de `push` y `pull_request` que activa el {% data variables.product.prodname_dependabot %} ahora respetarán los permisos que se especifican en tus flujos de trabajo, lo cual te permite controlar la forma en la que administras las actualizaciones de las dependencias automáticas. Los permisos de token predeterminados permanecerán como de solo lectura. Para obtener más información, consulta la "[Bitácora de cambios de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-10-06-github-actions-workflows-triggered-by-dependabot-prs-will-respect-permissions-key-in-workflows/)". + - 'Los flujos de trabajo de {% data variables.product.prodname_actions %} que activa el {% data variables.product.prodname_dependabot %} ahora se enviarán a los secretos del {% data variables.product.prodname_dependabot %}. Ahora puedes hacer extracciones de registros de paquetes privados en tu IC utilizando los mismos secretos que habías configurado para que utilizara el {% data variables.product.prodname_dependabot %}, mejorando la forma en la que las {% data variables.product.prodname_actions %} y el {% data variables.product.prodname_dependabot %} funcionan juntos. Para obtener más información, consulta la sección "[Automatizar el {% data variables.product.prodname_dependabot %} con las {% data variables.product.prodname_actions %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)".' + - Ahora puedes administrar grupos de ejecutores y ver el estado de tus ejecutores auto-hospedados utilizando páginas nuevas de ejecutores y de grupos de ejecutores en la IU. La página de ajustes de las acciones para tu repositorio u organización ahora muestra una vista de resumen de tus ejecutores y te permite adentrarte en un ejecutor específico para verlo o para ver qué job podría estar ejecutando actualmente. Para obtener más información, consulta la "[bitácora de cambios de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-09-20-github-actions-experience-refresh-for-the-management-of-self-hosted-runners/)". + - 'Los autores de las acciones ahora pueden hacer que su acción se ejecute en Node.js 16 si especifican [`runs.using` cpmo `node16` en el `action.yml` de la acción](/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-javascript-actions). Esto, en conjunto con la compatibilidad existente con Node.js 12; sigue especificando `runs.using: node12` para utilizar el tiempo de ejecución de Node.js 12.' + - 'For manually triggered workflows, {% data variables.product.prodname_actions %} now supports the `choice`, `boolean`, and `environment` input types in addition to the default `string` type. For more information, see "[`on.workflow_dispatch.inputs`](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_dispatchinputs)."' + - Actions written in YAML, also known as composite actions, now support `if` conditionals. This lets you prevent specific steps from executing unless a condition has been met. Like steps defined in workflows, you can use any supported context and expression to create a conditional. + - El comportamiento del orden de búsqueda para los ejecutores auto-hospedados cambió para que el ejecutor coincidente que esté disponible primero en cualquier nivel ejecute el job en todos los casos. Esto permite que se envíen jobs mucho más rápido a los ejecutores auto-hospedados, especialmente para las organizaciones y empresas con muchos de ellos. Anteriormente, cuando se ejecutaba un job que requiriera un ejecutor auto-hospedado, {% data variables.product.prodname_actions %} buscaba ejecutores auto-hospedados en el repositorio, organización y empresa, en ese orden. + - 'Las etiquetas ejecutoras de los ejecutores auto-hospedados de {% data variables.product.prodname_actions %} ahora se puede listar, agregar y eliminar utilizando la API de REST. Para obtener más información sobre cómo utilizar las API nuevas a nivel de repositorio, organización o empresa, consulta las secciones de "[Repositories](/rest/reference/actions#list-labels-for-a-self-hosted-runner-for-a-repository)", "[Organizations](/rest/reference/actions#add-custom-labels-to-a-self-hosted-runner-for-an-organization)" y "[Enterprises](/rest/reference/enterprise-admin#list-labels-for-a-self-hosted-runner-for-an-enterprise)" en la documentación de la API de REST.' + - + heading: 'Cambios al Dependabot y a la gráfica de Dependencias' + notes: + - Dependency graph now supports detecting Python dependencies in repositories that use the Poetry package manager. Dependencies will be detected from both `pyproject.toml` and `poetry.lock` manifest files. + - Cuando configuras la seguridad y actualizaciones de versión del {% data variables.product.prodname_dependabot %} en GitHub Enterprise Server, te recomendamos que también habilites el {% data variables.product.prodname_dependabot %} en {% data variables.product.prodname_github_connect %}. Esto permitirá que el {% data variables.product.prodname_dependabot %} recupere una lista actualizada de dependencias y vulnerabilidades desde {% data variables.product.prodname_dotcom_the_website %} al consultar información tal como las bitácoras de cambios de los lanzamientos de código abierto de los cuales dependes. Para obtener más información, consulta la sección "[Habilitar la gráfica de dependencias y las alertas del Dependabot para tu empresa] (/admin/configuration/configuring-github-connect/enabling-the-dependency-graph-and-dependabot-alerts-for-your-enterprise)". + - '{% data variables.product.prodname_dependabot_alerts %} alerts can now be dismissed using the GraphQL API. For more information, see the "[dismissRepositoryVulnerabilityAlert](/graphql/reference/mutations#dismissrepositoryvulnerabilityalert)" mutation in the GraphQL API documentation.' + - + heading: 'Cambios al escaneo de código y de secretos' + notes: + - El CLI de {% data variables.product.prodname_codeql %} ahora es compatible con la inclusión de ayuda de consultas interpretada en lenguaje de marcado en los archivos SARIF, para que el texto de ayuda pueda verse en la IU del {% data variables.product.prodname_code_scanning %} cuando la consulta genere una alerta. Para obtener más información, consulta la "[Bitácora de cambios de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-23-display-help-text-for-your-custom-codeql-queries-in-code-scanning/)". + - El CLI de {% data variables.product.prodname_codeql %} y la extensión de {% data variables.product.prodname_vscode %} ahora son compatibles con la creación de bases de datos y el análisis de código en las máquinas que funcionan con Apple Silicon, tales como Apple M1. Para obtener más información, consulta la "[Bitácora de cambios de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-10-codeql-now-supports-apple-silicon-m1/)". + - | + La profundidad del análisis del {% data variables.product.prodname_codeql %} se mejoró agregando compatibilidad con más [librerías y marcos de trabajo](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/) desde el ecosistema de Python. Como resultado, el {% data variables.product.prodname_codeql %} ahora puede detectar aún más fuentes potenciales de datos no confiables, pasos mediante los cuales fluyen los datos y consumidores de datos potencialmente peligrosos en donde podrían terminar estos datos. Esto da como resultado una mejora general de la calidad de las alertas del {% data variables.product.prodname_code_scanning %}. Para obtener más información, consulta la "[Bitácora de cambios de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-24-codeql-code-scanning-now-recognizes-more-python-libraries-and-frameworks/)". + - Code scanning with {% data variables.product.prodname_codeql %} now includes beta support for analyzing code in all common Ruby versions, up to and including 3.02. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-27-codeql-code-scanning-adds-beta-support-for-ruby/)." + - | + Se han realizado varias mejoras a la API del {% data variables.product.prodname_code_scanning %}: + + * La marca de tiempo `fixed_at` se agregó a las alertas. Esta marca de tiempo consiste en la primera vez que la alerta no se detectó en un análisis. + * Los resultados de las alertas ahora pueden ordenarse usando `sort` y `direction`, ya sea en `created`, `updated` o `number`. Para obtener más información, consulta la sección "[Escanear alertas de código de lista para un repositorio](/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository). + * Un encabezado de `Last-Modified` se agregó a la respuesta de las alertas de la terminal de las alertas. Para obtener más información, consulta [`Last-Modified`](https://developer.mozilla. rg/es-US/docs/Web/HTTP/Headers/Last-Modified) en la documentación de Mozilla. + * El campo `RelatedLocations` se agregó a la respuesta SARIF cuando solicitas un análisis de escaneo de código. El campo puede contener ubicaciones que no son las principales de la alerta. Puedes encontrar un ejemplo en [SARIF spec](https://docs.oasis-open.org/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01. tml#_Toc16012616) y, para obtener más información, consulta la sección "[Obtener un análisis de escaneo de código para un repositorio](/rest/reference/code-scanning#get-a-code-scanning-analysis-for-a-repository). + * Los datos de `ayuda` y `etiquetas` se agregaron al objeto de regla de la alerta de respuesta del webhook. Para obtener más información, consulta la sección "[Cargas útiles y eventos de webhook para las alertas del escaneo de código](/developeropers/webhooks-and-events/webhooks/webhook-events-and-payloads#code_scanning_alert). + * Los tokens de acceso personal con el alcance de `public_repo` ahora tienen acceso de escritura para las terminales de escaneo de código en los repositorios públicos, en caso de que el usuario tenga permiso. + + Para obtener más información, consulta la sección "[Escaneo de código](/rest/reference/code-scanning)" en la documentación de la API de REST. + - 'Los clientes de la {% data variables.product.prodname_GH_advanced_security %} ahora pueden utilizar la API de REST para recuperar resultados del escaneo de secretos en repositorios privados a nivel empresarial. La terminal nueva complementa a las terminales existentes a nivel de repositorio y organización. Para obtener más información, consulta la sección "[Escaneo de secretos](/rest/reference/secret-scanning)" en la documentación de la API de REST.' + #No security/bug fixes for the GA release + #security_fixes: + #- PLACEHOLDER + #bugs: + #- PLACEHOLDER + known_issues: + - En una instancia recién configurada de {% data variables.product.prodname_ghe_server %} sin ningún usuario, un atacante podría crear el primer usuario adminsitrador. + - Las reglas de cortafuegos personalizadas se eliminan durante el proceso de actualización. + - Los archivos rastreados del LFS de Git que se [cargaron mediante la interface web](https://github.com/blog/2105-upload-files-to-your-repositories) se agregaron incorrecta y directamente al repositorio. + - Las propuestas no pudieron cerrarse si contenían un permalink a un blob en el mismo repositorio en donde la ruta de archvio del blob era más grande a 255 caracteres. + - Cuando se habilita "Los usuarios pueden buscar en GitHub.com" con GitHub Connect, las propuestas en los repositorios privados e internos no se incluirán en los resultados de búsqueda de GitHub.com. + - El registor de npm del {% data variables.product.prodname_registry %} ya no regresa un valor de tiempo en las respuestas de metadatos. Esto se hizo para permitir mejoras de rendimiento sustanciales. Seguimos teniendo todos los datos necesarios para devolver un valor de tiempo como parte de la respuesta de metadatos y terminaremos de devolver este valor ene l futuro una vez que hayamos resuelto los problemas de rendimiento existentes. + - Los límites de recursos que son específicos para procesar ganchos de pre-recepción podrían ocasionar que fallen algunos ganchos de pre-recepción. + - Actions services needs to be restarted after restoring appliance from backup taken on a different host. + deprecations: + - + heading: Obsoletización de GitHub Enterprise Server 3.0 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.0 se descontinuó el 16 de febrero de 2022**. Esto significa que no se harán lanzamientos de parche, aún para los problemas de seguridad críticos, después de esta fecha. Para obtener un rendimiento mejor, una seguridad mejorada y características nuevas, [actualiza a la última versión de {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) tan pronto te sea posible.' + - + heading: Deprecation of GitHub Enterprise Server 3.1 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.1 se descontinuará el 3 de junio de 2022**. Eso significa que no se harán lanzamientos de parche, aún para los problemas de seguridad críticos, después de esta fecha. Para obtener un rendimiento mejor, una seguridad mejorada y características nuevas, [actualiza a la última versión de {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) tan pronto te sea posible.' + - + heading: Obsoletización del soporte para XenServer Hypervisor + notes: + - Starting in {% data variables.product.prodname_ghe_server %} 3.3, {% data variables.product.prodname_ghe_server %} on XenServer was deprecated and is no longer supported. Please contact [GitHub Support](https://support.github.com) with questions or concerns. + - + heading: Deprecation of the Content Attachments API preview + notes: + - Debido a su poco uso, la vista previa de la API de referencias de contenido se hizo obsoleta en {% data variables.product.prodname_ghe_server %} 3.4. Anteriormente, se podía acceder a la API con el encabezado `corsair-preview`. Los usuarios pueden seguir navegando hacia URL externas sin esta API. Cualquier uso registrado de la API de referencias de contenido ya no recibirá una notificación de webhook para las URL de tus dominios registrados y ya no devolveremos códigos de respuesta válidos para los intentos de actualización a los adjuntos de contenido existentes. + - + heading: Deprecation of the Codes of Conduct API preview + notes: + - 'La vista previa de la API de códigos de conducta, a la cual se podía acceder con el encabezado `scarlet-witch-preview`, es obsoleta y ya no se puede acceder a ella en {% data variables.product.prodname_ghe_server %} 3.4. En vez de esto, te recomendamos utilizar la terminal de "[Obtén métricas de perfil comunitario](/rest/reference/repos#get-community-profile-metrics)" para recuperar información sobre un código de conducta de un repositorio. Para obtener más información, consulta el "[Aviso de obsolescencia: Vista previa de la API de códigos de conducta](https://github.blog/changelog/2021-10-06-deprecation-notice-codes-of-conduct-api-preview/)" en la bitácora de cambios de {% data variables.product.prodname_dotcom %}.' + - + heading: Obsoletización de las terminales de la API de Aplicaciones OAuth y autenticación de la API a través de parámetros de consulta + notes: + - | + A partir de {% data variables.product.prodname_ghe_server %} 3.4, se retiró la [versión obsoleta de las terminales de la API de aplicación OAuth](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#endpoints-affected). Si te encuentras con errores 404 en estas terminales, convierte tu código a las versiones de la API de Aplicación OAuth que no tienen `access_tokens` en la URL. También inhabilitamos el uso de la autenticación de API utilizando parámetros de consulta. En vez de esto, te recomendamos utilizar [Autenticación de API en el encabezado de solicitud](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make). + - + heading: Obsoletización del ejecutor de CodeQL + notes: + - EL ejecutor de {% data variables.product.prodname_codeql %} ya es obsoleto en {% data variables.product.prodname_ghe_server %} 3.4 y ya no hay compatibilidad con este. Esta obsolescencia solo afecta a los usuarios que utilizan el escaneo de código de {% data variables.product.prodname_codeql %} en un sistema de IC/DC de terceros; los usuarios de {% data variables.product.prodname_actions %} no se ven afectados. Recomendamos fuertemente que los clientes se migren al CLI de {% data variables.product.prodname_codeql %}, el cual es un reemplazo con todas las características del ejecutor de {% data variables.product.prodname_codeql %}. Para obtener más información, consulta la [Bitácora de cambios de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/). + - + heading: Obsoletización de extensiones de bit-caché personalizadas + notes: + - | + Desde {% data variables.product.prodname_ghe_server %} 3.1, el soporte de las extensiones bit-cache propietarias de {% data variables.product.company_short %} se comenzó a eliminar paulatinamente. Estas extensiones son obsoletas en {% data variables.product.prodname_ghe_server %} 3.3 en adelante. + + Cualquier repositorio que ya haya estado presente y activo en {% data variables.product.product_location %} ejecutando la versión 3.1 o 3.2 ya se actualizó automáticamente. + + Los repositorios que no estuvieron presentes y activos antes de mejorar a {% data variables.product.prodname_ghe_server %} 3.3 podrían no funcionar de forma óptima sino hasta que se ejecute una tarea de mantenimiento de repositorio y esta se complete exitosamente. + + Para iniciar una tarea de mantenimiento de repositorio manualmente, dirígete a `https:///stafftools/repositories///network` en cada repositorio afectado y haz clic en el botón **Schedule**. + backups: + - '{% data variables.product.prodname_ghe_server %} 3.4 requires at least [GitHub Enterprise Backup Utilities 3.4.0](https://github.com/github/backup-utils) for [Backups and Disaster Recovery](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance).' diff --git a/translations/es-ES/data/reusables/actions/enterprise-github-connect-warning.md b/translations/es-ES/data/reusables/actions/enterprise-github-connect-warning.md deleted file mode 100644 index e748ab734d..0000000000 --- a/translations/es-ES/data/reusables/actions/enterprise-github-connect-warning.md +++ /dev/null @@ -1,15 +0,0 @@ -{% ifversion ghes > 3.2 or ghae-issue-4815 %} -{% note %} - -**Nota:** Cuando un flujo de trabajo utiliza una acción referenciando el repositorio en donde esta se almacena, {% data variables.product.prodname_actions %} intentará encontrarlo en tu instancia de {% data variables.product.prodname_ghe_server %} primero, antes de revertirse a {% data variables.product.prodname_dotcom_the_website %}. Si un usuario ya creó una organización y repositorio en tu empresa, el cual empate con un nombre de organización y repositorio en {% data variables.product.prodname_dotcom %}, el repositorio de tu empresa se utilizará en vez del de {% data variables.product.prodname_dotcom %}. Para obtener más información, consulta la sección "[Jubilación automática de designadores de espacio para las acciones a las cuales se accede en {% data variables.product.prodname_dotcom_the_website%}](#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom)". - -{% endnote %} -{% endif %} - -{% ifversion ghes < 3.3 or ghae %} -{% note %} - -**Nota:** Cuando un flujo de trabajo utiliza una acción referenciando el repositorio en donde esta se almacena, {% data variables.product.prodname_actions %} intentará encontrarlo en tu instancia de {% data variables.product.prodname_ghe_server %} primero, antes de revertirse a {% data variables.product.prodname_dotcom_the_website %}. Si un usuario crea una organización y repositorio en tu empresa, los cuales empaten con un nombre de organzación y repositorio en {% data variables.product.prodname_dotcom %}, el repositorio de tu empresa se utilizará en vez del repositorio de {% data variables.product.prodname_dotcom %}. Un usuario malintencionado podría sacar provecho de este comportamiento para ejecutar código como parte de un flujo de trabajo. - -{% endnote %} -{% endif %} diff --git a/translations/es-ES/data/reusables/actions/github-connect-resolution.md b/translations/es-ES/data/reusables/actions/github-connect-resolution.md new file mode 100644 index 0000000000..816e314a30 --- /dev/null +++ b/translations/es-ES/data/reusables/actions/github-connect-resolution.md @@ -0,0 +1 @@ +When a workflow uses an action by referencing the repository where the action is stored, {% data variables.product.prodname_actions %} will first try to find the repository on {% data variables.product.product_location %}. If the repository does not exist on {% data variables.product.product_location %}, and if you have automatic access to {% data variables.product.prodname_dotcom_the_website %} enabled, {% data variables.product.prodname_actions %} will try to find the repository on {% data variables.product.prodname_dotcom_the_website %}. \ No newline at end of file diff --git a/translations/es-ES/data/reusables/actions/github-token-expiration.md b/translations/es-ES/data/reusables/actions/github-token-expiration.md new file mode 100644 index 0000000000..3391ce321f --- /dev/null +++ b/translations/es-ES/data/reusables/actions/github-token-expiration.md @@ -0,0 +1 @@ +The `GITHUB_TOKEN` expires when a job finishes or after a maximum of 24 hours. \ No newline at end of file diff --git a/translations/es-ES/data/reusables/actions/runner-group-assign-policy-workflow.md b/translations/es-ES/data/reusables/actions/runner-group-assign-policy-workflow.md index 27cb070783..af555af9d4 100644 --- a/translations/es-ES/data/reusables/actions/runner-group-assign-policy-workflow.md +++ b/translations/es-ES/data/reusables/actions/runner-group-assign-policy-workflow.md @@ -1,6 +1,6 @@ {%- if restrict-groups-to-workflows %} 1. Assign a policy for workflow access. - You can configure a runner group to be accessible to a specific list of workflows, or to all workflows. This setting can't be overridden if you are configuring an organization's runner group that was shared by an enterprise. If you specify what workflow can access the runner group, you must use the full path to the workflow, including the repository name and owner, and you must pin the workflow to a branch, tag, or full SHA. For example: `octo-org/octo-repo/.github/workflows/build.yml@v2, octo-org/octo-repo/.github/workflows/deploy.yml@d6dc6c96df4f32fa27b039f2084f576ed2c5c2a5, monalisa/octo-test/.github/workflows/test.yml@main`. + You can configure a runner group to be accessible to a specific list of workflows, or to all workflows. This setting can't be overridden if you are configuring an organization's runner group that was shared by an enterprise. If you specify what workflow can access the runner group, you must use the full path to the workflow, including the repository name and owner, and you must pin the workflow to a branch, tag, or full SHA. Por ejemplo: `octo-org/octo-repo/.github/workflows/build.yml@v2, octo-org/octo-repo/.github/workflows/deploy.yml@d6dc6c96df4f32fa27b039f2084f576ed2c5c2a5, monalisa/octo-test/.github/workflows/test.yml@main`. Only jobs directly defined within the selected workflows will have access to the runner group.{%- endif %} diff --git a/translations/es-ES/data/reusables/actions/self-hosted-runner-add-to-enterprise.md b/translations/es-ES/data/reusables/actions/self-hosted-runner-add-to-enterprise.md index 2a62159957..9d6c8982fa 100644 --- a/translations/es-ES/data/reusables/actions/self-hosted-runner-add-to-enterprise.md +++ b/translations/es-ES/data/reusables/actions/self-hosted-runner-add-to-enterprise.md @@ -6,7 +6,7 @@ 1. Haz clic en **Ejecutor nuevo**. {% data reusables.actions.self-hosted-runner-configure %} {%- elsif ghae or ghes < 3.4 %} -To add a self-hosted runner to an enterprise, you must be an enterprise owner. +Para agregar un ejecutor auto-hospedado a una empresa, debes ser el propietario de la misma. {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} {% data reusables.enterprise-accounts.actions-tab %} diff --git a/translations/es-ES/data/reusables/actions/self-hosted-runner-communications-for-ghae.md b/translations/es-ES/data/reusables/actions/self-hosted-runner-communications-for-ghae.md deleted file mode 100644 index 9d96dd0710..0000000000 --- a/translations/es-ES/data/reusables/actions/self-hosted-runner-communications-for-ghae.md +++ /dev/null @@ -1,7 +0,0 @@ -{% ifversion ghae %} - -You must ensure that the self-hosted runner has appropriate network access to communicate with your {% data variables.product.prodname_ghe_managed %} URL and its subdomains. Pro ejemplo, si el nombre de tu instancia es `octoghae`, entonces necesitarás permitir que el ejecutor auto-hospedado acceda a `octoghae.githubenterprise.com`, `api.octoghae.githubenterprise.com` y `codeload.octoghae.githubenterprise.com`. - -If you use an IP address allow list for your organization or enterprise account on {% data variables.product.prodname_dotcom %}, you must add your self-hosted runner's IP address to the allow list. Para obtener más información, consulta "[Administrar las direcciones IP permitidas en tu organización](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)". - -{% endif %} diff --git a/translations/es-ES/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md b/translations/es-ES/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md new file mode 100644 index 0000000000..55c66796b0 --- /dev/null +++ b/translations/es-ES/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md @@ -0,0 +1 @@ +To use actions from {% data variables.product.prodname_dotcom_the_website %},{% ifversion ghes %} both {% data variables.product.product_location %} and{% endif %} your self-hosted runners must be able to make outbound connections to {% data variables.product.prodname_dotcom_the_website %}. No inbound connections from {% data variables.product.prodname_dotcom_the_website %} are required. For more information. Para obtener más información, consulta la sección "[Acerca de los ejecutores auto-hospedados](/actions/hosting-your-own-runners/about-self-hosted-runners#communication-betweens-self-hosted-runners-and-githubcom)". \ No newline at end of file diff --git a/translations/es-ES/data/reusables/actions/self-hosted-runner-ports-protocols.md b/translations/es-ES/data/reusables/actions/self-hosted-runner-ports-protocols.md index 57f16b0906..a24c445d1b 100644 --- a/translations/es-ES/data/reusables/actions/self-hosted-runner-ports-protocols.md +++ b/translations/es-ES/data/reusables/actions/self-hosted-runner-ports-protocols.md @@ -1 +1,3 @@ -Self-hosted runners must be able to communicate with {% ifversion ghae %}your enterprise on {% data variables.product.product_name %}{% elsif fpt or ghec or ghes %}{% data variables.product.product_location %}{% endif %} over HTTP (port 80) and HTTPS (port 443). +{% ifversion ghes or ghae %} +The connection between self-hosted runners and {% data variables.product.product_name %} is over {% ifversion ghes %}HTTP (port 80) or {% endif %}HTTPS (port 443). {% ifversion ghes %}To ensure connectivity over HTTPS, configure TLS for {% data variables.product.product_location %}. For more information, see "[Configuring TLS](/admin/configuration/configuring-network-settings/configuring-tls)."{% endif %} +{% endif %} diff --git a/translations/es-ES/data/reusables/apps/optional_feature_activation.md b/translations/es-ES/data/reusables/apps/optional_feature_activation.md index c13f030366..220420271a 100644 --- a/translations/es-ES/data/reusables/apps/optional_feature_activation.md +++ b/translations/es-ES/data/reusables/apps/optional_feature_activation.md @@ -1,2 +1,2 @@ -4. In the left sidebar, click **Optional Features**. ![Optional features tab](/assets/images/github-apps/optional-features-option.png) -5. Next to the optional feature you want to enable for your app, click **Opt-in**. ![Botón de unirse para habilitar una característica opcional](/assets/images/github-apps/enable-optional-features.png) +4. En la barra lateral izquierda, haz clic en **Características opcionales**. ![Pestaña de características opcionales](/assets/images/github-apps/optional-features-option.png) +5. Junto a la característica opcional que quieres habilitar para tu app, haz clic en **Decidir participar**. ![Botón de unirse para habilitar una característica opcional](/assets/images/github-apps/enable-optional-features.png) diff --git a/translations/es-ES/data/reusables/code-scanning/alert-default-branch.md b/translations/es-ES/data/reusables/code-scanning/alert-default-branch.md new file mode 100644 index 0000000000..c6a6029e70 --- /dev/null +++ b/translations/es-ES/data/reusables/code-scanning/alert-default-branch.md @@ -0,0 +1 @@ +The status and details on the alert page only reflect the state of the alert on the default branch of the repository, even if the alert exists in other branches. You can see the status of the alert on non-default branches in the **Affected branches** section on the right-hand side of the alert page. If an alert doesn't exist in the default branch, the status of the alert will display as "in pull request" or "in branch" and will be colored grey. \ No newline at end of file diff --git a/translations/es-ES/data/reusables/code-scanning/beta.md b/translations/es-ES/data/reusables/code-scanning/beta.md index bc41c01a1c..1e7fb13e55 100644 --- a/translations/es-ES/data/reusables/code-scanning/beta.md +++ b/translations/es-ES/data/reusables/code-scanning/beta.md @@ -1,4 +1,8 @@ -{% ifversion ghae %} +{% ifversion ghae-issue-5752 %} + + + +{% elsif ghae %} {% note %} diff --git a/translations/es-ES/data/reusables/code-scanning/filter-non-default-branches.md b/translations/es-ES/data/reusables/code-scanning/filter-non-default-branches.md new file mode 100644 index 0000000000..4df28a76d5 --- /dev/null +++ b/translations/es-ES/data/reusables/code-scanning/filter-non-default-branches.md @@ -0,0 +1 @@ +Please note that if you have filtered for alerts on a non-default branch, but the same alerts exist on the default branch, the alert page for any given alert will still only reflect the alert's status on the default branch, even if that status conflicts with the status on a non-default branch. For example, an alert that appears in the "Open" list in the summary of alerts for `branch-x` could show a status of "Fixed" on the alert page, if the alert is already fixed on the default branch. You can view the status of the alert for the branch you filtered on in the **Affected branches** section on the right side of the alert page. \ No newline at end of file diff --git a/translations/es-ES/data/reusables/code-scanning/upload-sarif-alert-limit.md b/translations/es-ES/data/reusables/code-scanning/upload-sarif-alert-limit.md index 2fc7fd7615..6552a32f70 100644 --- a/translations/es-ES/data/reusables/code-scanning/upload-sarif-alert-limit.md +++ b/translations/es-ES/data/reusables/code-scanning/upload-sarif-alert-limit.md @@ -1,7 +1,7 @@ {% note %} **Notas:** -- SARIF upload supports a maximum of 5000 results per upload. Cualquier resultado que sobrepase este límite se ignorará. Si una herramienta genera demasiados resultados, debes actualizar la configuración para enfocarte en los resultados de las reglas o consultas más importantes. +- La carga de SARIF es compatible con un máximo de 5000 resultados por carga. Cualquier resultado que sobrepase este límite se ignorará. Si una herramienta genera demasiados resultados, debes actualizar la configuración para enfocarte en los resultados de las reglas o consultas más importantes. - Para cada carga, la carga de SARIF es compatible con un tamaño máximo de 10 MB para el archivo comprimido de `gzip`. Cualquier carga que esté sobre este límite, se rechazará. Si tu archivo SARIF es demasiado grande porque contiene demasiados resultados, debes actualizar la configuración para enfocarte en los resultados de las reglas o consultas más importantes. diff --git a/translations/es-ES/data/reusables/dependabot/private-dependencies-note.md b/translations/es-ES/data/reusables/dependabot/private-dependencies-note.md index 03135127fa..b62c55d55b 100644 --- a/translations/es-ES/data/reusables/dependabot/private-dependencies-note.md +++ b/translations/es-ES/data/reusables/dependabot/private-dependencies-note.md @@ -1 +1 @@ -Cuando ejecutas actualizaciones de versión o de seguridad, algunos ecosistemas deberán poder resolver todas las dependencias de su fuente para verificar que las actualizaciones sean exitosas. Si tus archivos de manifiesto o de bloqueo contienen cualquier dependencia privada, el {% data variables.product.prodname_dependabot %} deberá poder acceder a la ubicación en la que se hospedan dichas dependencias. Los propietarios de las organizaciones pueden otorgar acceso al {% data variables.product.prodname_dependabot %} para los repositorios privados que contengan dependencias para un proyecto dentro de la misma organización. Para obtener más información, consulta la sección "[Administrar la configuración de seguridad y análisis para tu organización](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)". Puedes configurar el acceso a los registros privados en el archivo de configuración _dependabot.yml_ de un repositorio. Para obtener más información, consulta la sección "[Opciones de configuración para las actualizaciones de dependencias](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)". +Cuando ejecutas actualizaciones de versión o de seguridad, algunos ecosistemas deberán poder resolver todas las dependencias de su fuente para verificar que las actualizaciones sean exitosas. Si tus archivos de manifiesto o de bloqueo contienen cualquier dependencia privada, el {% data variables.product.prodname_dependabot %} deberá poder acceder a la ubicación en la que se hospedan dichas dependencias. Los propietarios de las organizaciones pueden otorgar acceso al {% data variables.product.prodname_dependabot %} para los repositorios privados que contengan dependencias para un proyecto dentro de la misma organización. Para obtener más información, consulta la sección "[Administrar la configuración de seguridad y análisis para tu organización](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)". Puedes configurar el acceso a los registros privados en el archivo de configuración _dependabot.yml_ de un repositorio. For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." diff --git a/translations/es-ES/data/reusables/dependabot/result-discrepancy.md b/translations/es-ES/data/reusables/dependabot/result-discrepancy.md new file mode 100644 index 0000000000..cd5055354a --- /dev/null +++ b/translations/es-ES/data/reusables/dependabot/result-discrepancy.md @@ -0,0 +1 @@ +Los resultados de la detección de dependencias que reporta {% data variables.product.product_name %} pueden ser diferentes a aquellos que devuelven otras herramientas. Esto está justificado y es útil el entender cómo {% data variables.product.prodname_dotcom %} determina las dependencias para tu proyecto. diff --git a/translations/es-ES/data/reusables/enterprise/test-in-staging.md b/translations/es-ES/data/reusables/enterprise/test-in-staging.md new file mode 100644 index 0000000000..86d4811f19 --- /dev/null +++ b/translations/es-ES/data/reusables/enterprise/test-in-staging.md @@ -0,0 +1 @@ +{% data variables.product.company_short %} strongly recommends that you verify any new configuration for authentication in a staging environment. An incorrect configuration could result in downtime for {% data variables.product.product_location %}. Para obtener más información, consulta "[Configurar una instancia de preparación](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)." diff --git a/translations/es-ES/data/reusables/repositories/github-reviews-security-advisories.md b/translations/es-ES/data/reusables/repositories/github-reviews-security-advisories.md index 9f4b64aa2d..366124f1fe 100644 --- a/translations/es-ES/data/reusables/repositories/github-reviews-security-advisories.md +++ b/translations/es-ES/data/reusables/repositories/github-reviews-security-advisories.md @@ -1,3 +1,3 @@ {% data variables.product.prodname_dotcom %} revisará cada asesoría de seguridad que se haya publicado, la agregará a la {% data variables.product.prodname_advisory_database %}, y podría utilzar esta asesoría de seguridad para enviar {% data variables.product.prodname_dependabot_alerts %} a los repositorios que se vean afectados. Si la asesoría de seguridad viene de una bifurcación, únicamente enviaremos una alerta si ésta tiene un paquete que se publique con un nombre único y esté en un registro de paquetes público. Este proceso puede tomar hasta 72 horas y {% data variables.product.prodname_dotcom %} podría contactarte para obtener más información. -Para obtener más información sobre las {% data variables.product.prodname_dependabot_alerts %}, consulta las secciones "[Acerca de las alertas para las dependencias vulnerables](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)" y "[Acerca de las {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-dependabot-security-updates)". Para obtener más información acerca de la {% data variables.product.prodname_advisory_database %}, consulta la sección "[Buscar vulnerabilidades de seguridad en la {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)". +For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-dependabot-security-updates)." Para obtener más información acerca de la {% data variables.product.prodname_advisory_database %}, consulta la sección "[Buscar vulnerabilidades de seguridad en la {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)". diff --git a/translations/es-ES/data/reusables/repositories/security-alert-delivery-options.md b/translations/es-ES/data/reusables/repositories/security-alert-delivery-options.md index 6b866fa868..e6e2e2b256 100644 --- a/translations/es-ES/data/reusables/repositories/security-alert-delivery-options.md +++ b/translations/es-ES/data/reusables/repositories/security-alert-delivery-options.md @@ -1,4 +1,4 @@ {% ifversion not ghae %} Si tu repositorio cuenta con un manifiesto compatible de la dependencia -{% ifversion fpt or ghec %} (y si configuraste la gráfica de dependencias en caso de que sea un repositorio privado){% endif %}, cada que {% data variables.product.product_name %} detecte una dependencia vulnerable en éste, recibirás un resumen semanal por correo electrónico. También puedes configurar tus alertas de seguridad y notificaciones web, notificaciones individuales por correo electrónico, resúmenes diarios por correo electrónico o alertas en la interfaz de {% data variables.product.product_name %}. Para obtener más información, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". +{% ifversion fpt or ghec %} (y si configuraste la gráfica de dependencias en caso de que sea un repositorio privado){% endif %}, cada que {% data variables.product.product_name %} detecte una dependencia vulnerable en éste, recibirás un resumen semanal por correo electrónico. También puedes configurar tus alertas de seguridad y notificaciones web, notificaciones individuales por correo electrónico, resúmenes diarios por correo electrónico o alertas en la interfaz de {% data variables.product.product_name %}. Para obtener más información, consulta la sección "[Acerca de{% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". {% endif %} diff --git a/translations/es-ES/data/reusables/rest-reference/actions/cache.md b/translations/es-ES/data/reusables/rest-reference/actions/cache.md new file mode 100644 index 0000000000..9e991a4b59 --- /dev/null +++ b/translations/es-ES/data/reusables/rest-reference/actions/cache.md @@ -0,0 +1,3 @@ +## Caché + +The cache API allows you to query and manage the {% data variables.product.prodname_actions %} cache for repositories. Para obtener más información, consulta la sección "[Almacenar las dependencias en caché para agilizar los flujos de trabajo](/actions/advanced-guides/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy)". \ No newline at end of file diff --git a/translations/es-ES/data/reusables/rest-reference/deployments/keys.md b/translations/es-ES/data/reusables/rest-reference/deploy_keys/deploy_keys.md similarity index 91% rename from translations/es-ES/data/reusables/rest-reference/deployments/keys.md rename to translations/es-ES/data/reusables/rest-reference/deploy_keys/deploy_keys.md index 23b36b1d07..1324e759c8 100644 --- a/translations/es-ES/data/reusables/rest-reference/deployments/keys.md +++ b/translations/es-ES/data/reusables/rest-reference/deploy_keys/deploy_keys.md @@ -1,5 +1,3 @@ -## Llaves de implementación - {% data reusables.repositories.deploy-keys %} Las llaves de despliegue pueden ya sea configurarse utilizando las siguientes terminales de la API, o mediante GitHub. Para aprender cómo configurar las llaves de despliegue en GitHub, consulta la sección "[Administrar las llaves de despliegue](/developers/overview/managing-deploy-keys)". \ No newline at end of file diff --git a/translations/es-ES/data/reusables/rest-reference/packages/packages.md b/translations/es-ES/data/reusables/rest-reference/packages/packages.md index 834d026e8d..adad6b6f10 100644 --- a/translations/es-ES/data/reusables/rest-reference/packages/packages.md +++ b/translations/es-ES/data/reusables/rest-reference/packages/packages.md @@ -1,4 +1,4 @@ -La API de {% data variables.product.prodname_registry %} te permite administrar paquetes utilizando la API de REST. Para aprender más sobre cómo restablecer o borrar paquetes, consulta la sección "[Restablecer y borrar paquetes](/packages/learn-github-packages/deleting-and-restoring-a-package)". +The {% data variables.product.prodname_registry %} API enables you to manage packages using the REST API.{% ifversion fpt or ghec or ghes > 3.1 or ghae %} To learn more about restoring or deleting packages, see "[Restoring and deleting packages](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} Para utilizar esta API, primero tienes que autenticarte utilizando un token de acceso personal. - Para acceder a los metadatos del paquete, tu token debe incluir el alcance `read:packages`. diff --git a/translations/es-ES/data/reusables/secret-scanning/beta.md b/translations/es-ES/data/reusables/secret-scanning/beta.md index 9436c83fea..c997ecba8b 100644 --- a/translations/es-ES/data/reusables/secret-scanning/beta.md +++ b/translations/es-ES/data/reusables/secret-scanning/beta.md @@ -1,4 +1,9 @@ -{% ifversion ghae %} +{% ifversion ghae-issue-5752 %} + + + +{% elsif ghae %} + {% note %} **Nota:** Las {% data variables.product.prodname_secret_scanning_caps %} para los repositorios que pertenecen a organizaciones se encuentra actualmente en beta y está sujeta a cambios. diff --git a/translations/es-ES/data/reusables/secret-scanning/fpt-GHAS-scans.md b/translations/es-ES/data/reusables/secret-scanning/fpt-GHAS-scans.md new file mode 100644 index 0000000000..f0e6cee6a4 --- /dev/null +++ b/translations/es-ES/data/reusables/secret-scanning/fpt-GHAS-scans.md @@ -0,0 +1 @@ +**Note:** Organizations using {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_GH_advanced_security %} can also enable {% data variables.product.prodname_secret_scanning_GHAS %} on any repository they own, including private repositories. Para obtener más información, consulta la [documentación de {% data variables.product.prodname_ghe_cloud %}](/enterprise-cloud@latest/code-security/secret-security/about-secret-scanning#about-secret-scanning-for-advanced-security). diff --git a/translations/es-ES/data/reusables/secret-scanning/partner-secret-list-private-repo.md b/translations/es-ES/data/reusables/secret-scanning/partner-secret-list-private-repo.md index 6374ddd8cc..8547b19ac2 100644 --- a/translations/es-ES/data/reusables/secret-scanning/partner-secret-list-private-repo.md +++ b/translations/es-ES/data/reusables/secret-scanning/partner-secret-list-private-repo.md @@ -36,13 +36,13 @@ Checkout.com | Llave Secreta de Pruebas de Checkout.com | checkout_test_secret_k {%- ifversion fpt or ghec or ghes > 3.1 or ghae %} CloudBees CodeShip | Credencial de CodeShip de CloudBees | codeship_credential{% endif %} {%- ifversion fpt or ghec or ghes > 3.2 %} -Contentful | Contentful Personal Access Token | contentful_personal_access_token{% endif %} Databricks | Databricks Access Token | databricks_access_token Discord | Discord Bot Token | discord_bot_token Doppler | Doppler Personal Token | doppler_personal_token Doppler | Doppler Service Token | doppler_service_token Doppler | Doppler CLI Token | doppler_cli_token Doppler | Doppler SCIM Token | doppler_scim_token +Contentful | Token de Acceso Personal de Contentful | contentful_personal_access_token{% endif %} Databricks | Token de Acceso de Databricks | databricks_access_token Discord | Token del Bot de Discord | discord_bot_token Doppler | Token Personal de Doppler | doppler_personal_token Doppler | Token de Servicio de Doppler | doppler_service_token Doppler | Token de CLI de Doppler | doppler_cli_token Doppler | Token de SCIM de Doppler | doppler_scim_token {%- ifversion fpt or ghec or ghes > 3.1 or ghae %} Doppler | Token de Auditoría de Doppler | doppler_audit_token{% endif %} Dropbox | Token de Acceso a Dropbox | dropbox_access_token Dropbox | Token de Acceso de Vida Corta a Dropbox | dropbox_short_lived_access_token {%- ifversion fpt or ghec or ghes > 3.1 or ghae %} Duffel | Token de Acceso en Vivo de Duffel | duffel_live_access_token{% endif %} {%- ifversion fpt or ghec or ghes > 3.1 or ghae %} -Duffel | Duffel Test Access Token | duffel_test_access_token{% endif %} Dynatrace | Dynatrace Access Token | dynatrace_access_token Dynatrace | Dynatrace Internal Token | dynatrace_internal_token +Duffel | Token de Acceso de Pruebas de Duffel | duffel_test_access_token{% endif %} Dynatrace | Token de Acceso de Dynatrace | dynatrace_access_token Dynatrace | Token Interno de Dynatrace | dynatrace_internal_token {%- ifversion fpt or ghec or ghes > 3.1 or ghae %} EasyPost | Llave de la API de Producción de EasyPost | easypost_production_api_key{% endif %} {%- ifversion fpt or ghec or ghes > 3.1 or ghae %} @@ -90,7 +90,7 @@ Ionic | Token de Acceso Personal de Ionic | ionic_personal_access_token{% endif {%- ifversion fpt or ghec or ghes > 3.1 or ghae %} Ionic | Token de Actualización de Ionic | ionic_refresh_token{% endif %} {%- ifversion fpt or ghec or ghes > 3.4 %} -JD Cloud | JD Cloud Access Key | jd_cloud_access_key{% endif %} +JD Cloud | Llave de Acceso de JD Cloud | jd_cloud_access_key{% endif %} {%- ifversion fpt or ghec or ghes > 3.2 %} JFrog | Token de Acceso a la Plataforma de JFrog | jfrog_platform_access_token{% endif %} {%- ifversion fpt or ghec or ghes > 3.2 %} @@ -164,7 +164,7 @@ Square | Token de Acceso a Square | square_access_token{% endif %} {%- ifversion fpt or ghec or ghes > 3.3 %} Square | Secreto de la Aplicación de Producción de Square | square_production_application_secret{% endif %} {%- ifversion fpt or ghec or ghes > 3.3 %} -Square | Square Sandbox Application Secret | square_sandbox_application_secret{% endif %} SSLMate | SSLMate API Key | sslmate_api_key SSLMate | SSLMate Cluster Secret | sslmate_cluster_secret Stripe | Stripe API Key | stripe_api_key Stripe | Stripe Live API Secret Key | stripe_live_secret_key Stripe | Stripe Test API Secret Key | stripe_test_secret_key Stripe | Stripe Live API Restricted Key | stripe_live_restricted_key Stripe | Stripe Test API Restricted Key | stripe_test_restricted_key +Square | Secreto de Aplicación de Pruebas de Square | square_sandbox_application_secret{% endif %} SSLMate | Llave de la API de SSLMate | sslmate_api_key SSLMate | Secreto de Clúster de SSLMate | sslmate_cluster_secret Stripe | Llave de la API de Stripe | stripe_api_key Stripe | Llave del Secreto de la API en Vivo de Stripe | stripe_live_secret_key Stripe | Llave del Secreto de la API de Pruebas de Stripe | stripe_test_secret_key Stripe | Llave Restringida de la API en Vivo de Stripe | stripe_live_restricted_key Stripe | Llave Restringida de la API de Pruebas de Stripe | stripe_test_restricted_key {%- ifversion fpt or ghec or ghes > 3.1 or ghae %} Stripe | Secreto de Firmado de Webhook de Stripe | stripe_webhook_signing_secret{% endif %} {%- ifversion fpt or ghec or ghes > 3.1 or ghae %} diff --git a/translations/es-ES/data/reusables/secret-scanning/partner-secret-list-public-repo.md b/translations/es-ES/data/reusables/secret-scanning/partner-secret-list-public-repo.md index 6e22b46630..7c946e7bea 100644 --- a/translations/es-ES/data/reusables/secret-scanning/partner-secret-list-public-repo.md +++ b/translations/es-ES/data/reusables/secret-scanning/partner-secret-list-public-repo.md @@ -58,6 +58,7 @@ | Meta | Token de Acceso a Facebook | | npm | Token de Acceso de npm | | NuGet | Clave de API de NuGet | +| Octopus Deploy | Octopus Deploy API Key | | OpenAI | Clave de la API de OpenAI | | Palantir | Token Web de JSON de Palantir | | PlanetScale | Contraseña de base de datos de PlanetScale | diff --git a/translations/es-ES/data/reusables/ssh/key-type-support.md b/translations/es-ES/data/reusables/ssh/key-type-support.md index 7718c3ccf7..ca77011ed7 100644 --- a/translations/es-ES/data/reusables/ssh/key-type-support.md +++ b/translations/es-ES/data/reusables/ssh/key-type-support.md @@ -1,8 +1,8 @@ {% note %} -**Nota:** {% data variables.product.company_short %} está mejrando la seguridad al dejar los tipos de llaves inseguras y más antiguas. +**Note:** {% data variables.product.company_short %} improved security by dropping older, insecure key types on March 15, 2022. -Ya no hay compatibilidad con llaves DSA (`ssh-dss`). Las llaves existentes seguirán funcionando hasta el 15 de mazo de 2022. No puedes agregar llaves DSA nuevas a tu cuenta de usuario en {% data variables.product.product_location %}. +As of that date, DSA keys (`ssh-dss`) are no longer supported. No puedes agregar llaves DSA nuevas a tu cuenta de usuario en {% data variables.product.product_location %}. Las llaves RSA (`ssh-rsa`) con un `valid_after` anterior al 2 de noviembre de 2021 podrán continuar utilizando cualquier algoritmo de firma. Las llaves RSA que se generaron después de esta fecha deberán utilizar un algoritmo de firma de tipo SHA-2. Algunos clientes más angituos podrían necesitar actualizarse para poder utilizar firmas de tipo SHA-2. diff --git a/translations/es-ES/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md b/translations/es-ES/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md index b06cba6d11..65fa711703 100644 --- a/translations/es-ES/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md +++ b/translations/es-ES/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md @@ -1 +1 @@ -Actividad relacionada con las alertas de vulnerabilidades de seguridad en un repositorio. {% data reusables.webhooks.action_type_desc %} Para obtener más información, consulta la sección "[Acerca de las alertas para las dependencias vulnerables](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)". +Actividad relacionada con las alertas de vulnerabilidades de seguridad en un repositorio. {% data reusables.webhooks.action_type_desc %} For more information, see the "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)". diff --git a/translations/es-ES/data/ui.yml b/translations/es-ES/data/ui.yml index 9b552b7871..257ca8ae35 100644 --- a/translations/es-ES/data/ui.yml +++ b/translations/es-ES/data/ui.yml @@ -103,6 +103,8 @@ products: notes: Notas parameters: Parámetros response: Respuesta + error_codes: Error Codes + http_status_code: HTTP Status Code code_sample: Ejemplo de código code_samples: Ejemplos de código preview_notice: Aviso de previsualización diff --git a/translations/es-ES/data/variables/release_candidate.yml b/translations/es-ES/data/variables/release_candidate.yml index 08448113ee..ec65ef6f94 100644 --- a/translations/es-ES/data/variables/release_candidate.yml +++ b/translations/es-ES/data/variables/release_candidate.yml @@ -1,2 +1,2 @@ --- -version: enterprise-server@3.4 +version: '' diff --git a/translations/ja-JP/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md b/translations/ja-JP/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md index 286b7b089f..066ef4eb97 100644 --- a/translations/ja-JP/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md +++ b/translations/ja-JP/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md @@ -134,7 +134,7 @@ Email notifications from {% data variables.product.product_location %} contain t | `To` field | This field connects directly to the thread.{% ifversion not ghae %} If you reply to the email, you'll add a new comment to the conversation.{% endif %} | | `Cc` address | {% data variables.product.product_name %} will `Cc` you if you're subscribed to a conversation. The second `Cc` email address matches the notification reason. The suffix for these notification reasons is {% data variables.notifications.cc_address %}. The possible notification reasons are:
  • `assign`: You were assigned to an issue or pull request.
  • `author`: You created an issue or pull request.
  • `ci_activity`: A {% data variables.product.prodname_actions %} workflow run that you triggered was completed.
  • `comment`: You commented on an issue or pull request.
  • `manual`: There was an update to an issue or pull request you manually subscribed to.
  • `mention`: You were mentioned on an issue or pull request.
  • `push`: Someone committed to a pull request you're subscribed to.
  • `review_requested`: You or a team you're a member of was requested to review a pull request.
    • {% ifversion fpt or ghes or ghae-issue-4864 or ghec %}
  • `security_alert`: {% data variables.product.prodname_dotcom %} detected a vulnerability in a repository you receive alerts for.
    • {% endif %}
  • `state_change`: An issue or pull request you're subscribed to was either closed or opened.
  • `subscribed`: There was an update in a repository you're watching.
  • `team_mention`: A team you belong to was mentioned on an issue or pull request.
  • `your_activity`: You opened, commented on, or closed an issue or pull request.
| | `mailing list` field | This field identifies the name of the repository and its owner. The format of this address is always `..{% data variables.command_line.backticks %}`. |{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} -| `X-GitHub-Severity` field | {% data reusables.repositories.security-alerts-x-github-severity %} The possible severity levels are:
  • `low`
  • `moderate`
  • `high`
  • `critical`
For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." |{% endif %} +| `X-GitHub-Severity` field | {% data reusables.repositories.security-alerts-x-github-severity %} The possible severity levels are:
  • `low`
  • `moderate`
  • `high`
  • `critical`
For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." |{% endif %} ## Choosing your notification settings diff --git a/translations/ja-JP/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md b/translations/ja-JP/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md index 19a4dad761..aacbf1d864 100644 --- a/translations/ja-JP/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md +++ b/translations/ja-JP/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md @@ -174,7 +174,7 @@ If you use {% data variables.product.prodname_dependabot %} to keep your depende - `reason:security_alert` は {% data variables.product.prodname_dependabot_alerts %} とセキュリティアップデートのプルリクエストの通知を表示します。 - `author:app/dependabot` は {% data variables.product.prodname_dependabot %} によって生成された通知を表示します。 これには、{% data variables.product.prodname_dependabot_alerts %}、セキュリティアップデートのプルリクエスト、およびバージョン更新のプルリクエストが含まれます。 -For more information about {% data variables.product.prodname_dependabot %}, see "[About managing vulnerable dependencies](/github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies)." +{% data variables.product.prodname_dependabot %} の詳細については、「[{% data variables.product.prodname_dependabot_alerts %} について](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)」を参照してください。 {% endif %} {% ifversion ghes < 3.3 or ghae-issue-4864 %} @@ -183,7 +183,7 @@ If you use {% data variables.product.prodname_dependabot %} to tell you about vu - `is:repository_vulnerability_alert` - `reason:security_alert` -{% data variables.product.prodname_dependabot %} に関する詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)」を参照してください。 +{% data variables.product.prodname_dependabot %} の詳細については、「[{% data variables.product.prodname_dependabot_alerts %} について](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)」を参照してください。 {% endif %} {% endif %} diff --git a/translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md b/translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md index ae9fcfa48b..805abb17d1 100644 --- a/translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md +++ b/translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md @@ -31,7 +31,7 @@ For an overview of repository-level security, see "[Securing your repository](/c {% data reusables.user-settings.access_settings %} {% data reusables.user-settings.security-analysis %} -3. Under "Code security and analysis", to the right of the feature, click **Disable all** or **Enable all**. +3. "Code security and analysis(コードのセキュリティ及び分析)"の下で、機能の右にある**Disable all(すべて無効化)**もしくは**Enable all(すべて有効化)**をクリックしてください。 {% ifversion ghes > 3.2 %}!["Enable all" or "Disable all" button for "Configure security and analysis" features](/assets/images/enterprise/3.3/settings/security-and-analysis-disable-or-enable-all.png){% else %}!["Enable all" or "Disable all" button for "Configure security and analysis" features](/assets/images/help/settings/security-and-analysis-disable-or-enable-all.png){% endif %} 6. Optionally, enable the feature by default for new repositories that you own. {% ifversion ghes > 3.2 %}!["Enable by default" option for new repositories](/assets/images/enterprise/3.3/settings/security-and-analysis-enable-by-default-in-modal.png){% else %}!["Enable by default" option for new repositories](/assets/images/help/settings/security-and-analysis-enable-by-default-in-modal.png){% endif %} @@ -50,5 +50,5 @@ For an overview of repository-level security, see "[Securing your repository](/c ## 参考リンク - [依存関係グラフについて](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph) -- [プロジェクトの依存関係にある脆弱性を管理する](/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies) +- 「[{% data variables.product.prodname_dependabot_alerts %} について](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)」 - [依存関係を自動的に更新する](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically) diff --git a/translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md b/translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md index fadc98773a..e9b90a2b10 100644 --- a/translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md +++ b/translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md @@ -45,7 +45,7 @@ The repository owner has full control of the repository. In addition to the acti | Customize the repository's social media preview | "[Customizing your repository's social media preview](/github/administering-a-repository/customizing-your-repositorys-social-media-preview)" | | Create a template from the repository | "[Creating a template repository](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)" |{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} | Control access to {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies | "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)" |{% endif %}{% ifversion fpt or ghec %} -| Dismiss {% data variables.product.prodname_dependabot_alerts %} in the repository | "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" | +| Dismiss {% data variables.product.prodname_dependabot_alerts %} in the repository | "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" | | Manage data use for a private repository | "[Managing data use settings for your private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)"|{% endif %} | Define code owners for the repository | "[About code owners](/github/creating-cloning-and-archiving-repositories/about-code-owners)" | | Archive the repository | "[Archiving repositories](/repositories/archiving-a-github-repository/archiving-repositories)" |{% ifversion fpt or ghec %} diff --git a/translations/ja-JP/content/actions/hosting-your-own-runners/about-self-hosted-runners.md b/translations/ja-JP/content/actions/hosting-your-own-runners/about-self-hosted-runners.md index f2904902c9..472e15ed55 100644 --- a/translations/ja-JP/content/actions/hosting-your-own-runners/about-self-hosted-runners.md +++ b/translations/ja-JP/content/actions/hosting-your-own-runners/about-self-hosted-runners.md @@ -133,16 +133,30 @@ Some extra configuration might be required to use actions from {% data variables ## Communication between self-hosted runners and {% data variables.product.product_name %} -The self-hosted runner polls {% data variables.product.product_name %} to retrieve application updates and to check if any jobs are queued for processing. The self-hosted runner uses a HTTPS _long poll_ that opens a connection to {% data variables.product.product_name %} for 50 seconds, and if no response is received, it then times out and creates a new long poll. The application must be running on the machine to accept and run {% data variables.product.prodname_actions %} jobs. +The self-hosted runner connects to {% data variables.product.product_name %} to receive job assignments and to download new versions of the runner application. The self-hosted runner uses an {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} _long poll_ that opens a connection to {% data variables.product.product_name %} for 50 seconds, and if no response is received, it then times out and creates a new long poll. The application must be running on the machine to accept and run {% data variables.product.prodname_actions %} jobs. {% data reusables.actions.self-hosted-runner-ports-protocols %} -{% data reusables.actions.self-hosted-runner-communications-for-ghae %} +{% ifversion fpt or ghec %} +Since the self-hosted runner opens a connection to {% data variables.product.product_location %}, you do not need to allow {% data variables.product.prodname_dotcom %} to make inbound connections to your self-hosted runner. +{% elsif ghes or ghae %} +Only an outbound connection from the runner to {% data variables.product.product_location %} is required. There is no need for an inbound connection from {% data variables.product.product_location %} to the runner. +{%- endif %} + +{% ifversion ghes %} + +{% data variables.product.product_name %} must accept inbound connections from your runners over {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} at {% data variables.product.product_location %}'s hostname and API subdomain, and your runners must allow outbound connections over {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} to {% data variables.product.product_location %}'s hostname and API subdomain. + +{% elsif ghae %} + +You must ensure that the self-hosted runner has appropriate network access to communicate with your {% data variables.product.product_name %} URL and its subdomains. For example, if your subdomain for {% data variables.product.product_name %} is `octoghae`, then you will need to allow the self-hosted runner to access `octoghae.githubenterprise.com`, `api.octoghae.githubenterprise.com`, and `codeload.octoghae.githubenterprise.com`. + +If you use an IP address allow list, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)." + +{% endif %} {% ifversion fpt or ghec %} -Since the self-hosted runner opens a connection to {% data variables.product.prodname_dotcom %}, you do not need to allow {% data variables.product.prodname_dotcom %} to make inbound connections to your self-hosted runner. - You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} hosts listed below. Some hosts are required for essential runner operations, while other hosts are only required for certain functionality. {% note %} @@ -191,27 +205,25 @@ If you use an IP address allow list for your {% data variables.product.prodname_ {% else %} -You must ensure that the machine has the appropriate network access to communicate with {% data variables.product.product_location %}.{% ifversion ghes %} Self-hosted runners connect directly to {% data variables.product.product_location %} and do not require any external internet access in order to function. As a result, you can use network routing to direct communication between the self-hosted runner and {% data variables.product.product_location %}. For example, you can assign a private IP address to your self-hosted runner and configure routing to send traffic to {% data variables.product.product_location %}, with no need for traffic to traverse a public network.{% endif %} +{% ifversion ghes %}Self-hosted runners do not require any external internet access in order to function. As a result, you can use network routing to direct communication between the self-hosted runner and {% data variables.product.product_location %}. For example, you can assign a private IP address to your self-hosted runner and configure routing to send traffic to {% data variables.product.product_location %}, with no need for traffic to traverse a public network.{% endif %} {% endif %} +{% ifversion ghae %} +If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)." +{% endif %} + You can also use self-hosted runners with a proxy server. For more information, see "[Using a proxy server with self-hosted runners](/actions/automating-your-workflow-with-github-actions/using-a-proxy-server-with-self-hosted-runners)." For more information about troubleshooting common network connectivity issues, see "[Monitoring and troubleshooting self-hosted runners](/actions/hosting-your-own-runners/monitoring-and-troubleshooting-self-hosted-runners#troubleshooting-network-connectivity)." -{% ifversion ghes %} +{% ifversion ghes or ghae %} ## Communication between self-hosted runners and {% data variables.product.prodname_dotcom_the_website %} -Self-hosted runners do not need to connect to {% data variables.product.prodname_dotcom_the_website %} unless you have [enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect). +Self-hosted runners do not need to connect to {% data variables.product.prodname_dotcom_the_website %} unless you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions for {% data variables.product.product_location %}. For more information, see "[About using actions in your enterprise](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise)." -If you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}, then the self-hosted runner will connect directly to {% data variables.product.prodname_dotcom_the_website %} to download actions. You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} URLs listed below. - -{% note %} - -**Note:** Some of the domains listed below are configured using `CNAME` records. Some firewalls might require you to add rules recursively for all `CNAME` records. Note that the `CNAME` records might change in the future, and that only the domains listed below will remain constant. - -{% endnote %} +If you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions, then the self-hosted runner will connect directly to {% data variables.product.prodname_dotcom_the_website %} to download actions. You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} URLs listed below. ``` github.com @@ -219,6 +231,13 @@ api.github.com codeload.github.com ``` +{% note %} + +**Note:** Some of the domains listed above are configured using `CNAME` records. Some firewalls might require you to add rules recursively for all `CNAME` records. Note that the `CNAME` records might change in the future, and that only the domains listed above will remain constant. + +{% endnote %} + + {% endif %} ## Self-hosted runner security diff --git a/translations/ja-JP/content/actions/learn-github-actions/contexts.md b/translations/ja-JP/content/actions/learn-github-actions/contexts.md index a5aa895136..5e37e10321 100644 --- a/translations/ja-JP/content/actions/learn-github-actions/contexts.md +++ b/translations/ja-JP/content/actions/learn-github-actions/contexts.md @@ -73,7 +73,7 @@ The following table indicates where each context and special function can be use | concurrency | github, inputs | | | env | github, secrets, inputs | | | jobs.<job_id>.concurrency | github, needs, strategy, matrix, inputs | | -| jobs.<job_id>.container | github, needs, strategy, matrix, secrets, inputs | | +| jobs.<job_id>.container | github, needs, strategy, matrix, env, secrets, inputs | | | jobs.<job_id>.container.credentials | github, needs, strategy, matrix, env, secrets, inputs | | | jobs.<job_id>.container.env.<env_id> | github, needs, strategy, matrix, job, runner, env, secrets, inputs | | | jobs.<job_id>.continue-on-error | github, needs, strategy, matrix, inputs | | @@ -199,7 +199,7 @@ jobs: {%- ifversion fpt or ghec or ghes > 3.5 or ghae-issue-4722 %} | `github.run_attempt` | `string` | A unique number for each attempt of a particular workflow run in a repository. This number begins at 1 for the workflow run's first attempt, and increments with each re-run. | {%- endif %} -| `github.server_url` | `string` | The URL of the GitHub server. For example: `https://github.com`. | | `github.sha` | `string` | The commit SHA that triggered the workflow run. | | `github.token` | `string` | A token to authenticate on behalf of the GitHub App installed on your repository. これは機能的に`GITHUB_TOKEN`シークレットに等価です。 For more information, see "[Automatic token authentication](/actions/security-guides/automatic-token-authentication)." | | `github.workflow` | `string` | The name of the workflow. ワークフローファイルで `name` を指定していない場合、このプロパティの値は、リポジトリ内にあるワークフローファイルのフルパスになります。 | | `github.workspace` | `string` | The default working directory on the runner for steps, and the default location of your repository when using the [`checkout`](https://github.com/actions/checkout) action. | +| `github.server_url` | `string` | The URL of the GitHub server. For example: `https://github.com`. | | `github.sha` | `string` | The commit SHA that triggered the workflow run. | | `github.token` | `string` | A token to authenticate on behalf of the GitHub App installed on your repository. これは機能的に`GITHUB_TOKEN`シークレットに等価です。 詳しい情報については「[自動トークン認証](/actions/security-guides/automatic-token-authentication)」を参照してください。 | | `github.workflow` | `string` | The name of the workflow. ワークフローファイルで `name` を指定していない場合、このプロパティの値は、リポジトリ内にあるワークフローファイルのフルパスになります。 | | `github.workspace` | `string` | The default working directory on the runner for steps, and the default location of your repository when using the [`checkout`](https://github.com/actions/checkout) action. | ### Example contents of the `github` context @@ -513,15 +513,15 @@ jobs: The `secrets` context contains the names and values of secrets that are available to a workflow run. The `secrets` context is not available for composite actions. For more information about secrets, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)." -`GITHUB_TOKEN` is a secret that is automatically created for every workflow run, and is always included in the `secrets` context. For more information, see "[Automatic token authentication](/actions/security-guides/automatic-token-authentication)." +`GITHUB_TOKEN` is a secret that is automatically created for every workflow run, and is always included in the `secrets` context. 詳しい情報については「[自動トークン認証](/actions/security-guides/automatic-token-authentication)」を参照してください。 {% data reusables.actions.secrets-redaction-warning %} -| プロパティ名 | 種類 | 説明 | -| ----------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `secrets` | `オブジェクト` | This context is the same for each job in a workflow run. このコンテキストには、ジョブのあらゆるステップからアクセスできます。 This object contains all the properties listed below. | -| `secrets.GITHUB_TOKEN` | `string` | Automatically created token for each workflow run. For more information, see "[Automatic token authentication](/actions/security-guides/automatic-token-authentication)." | -| `secrets.` | `string` | The value of a specific secret. | +| プロパティ名 | 種類 | 説明 | +| ----------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | +| `secrets` | `オブジェクト` | This context is the same for each job in a workflow run. このコンテキストには、ジョブのあらゆるステップからアクセスできます。 This object contains all the properties listed below. | +| `secrets.GITHUB_TOKEN` | `string` | Automatically created token for each workflow run. 詳しい情報については「[自動トークン認証](/actions/security-guides/automatic-token-authentication)」を参照してください。 | +| `secrets.` | `string` | The value of a specific secret. | ### Example contents of the `secrets` context diff --git a/translations/ja-JP/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md b/translations/ja-JP/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md index 1c1ae700ea..4ce5b67def 100644 --- a/translations/ja-JP/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md +++ b/translations/ja-JP/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md @@ -1,6 +1,6 @@ --- title: Re-running workflows and jobs -intro: You can re-run a workflow run up to 30 days after its initial run. +intro: 'You can re-run a workflow run{% if re-run-jobs %}, all failed jobs in a workflow run, or specific jobs in a workflow run{% endif %} up to 30 days after its initial run.' permissions: People with write permissions to a repository can re-run workflows in the repository. miniTocMaxHeadingLevel: 3 redirect_from: @@ -15,9 +15,11 @@ versions: {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -## Re-running all the jobs in a workflow +## About re-running workflows and jobs -Re-running a workflow uses the same `GITHUB_SHA` (commit SHA) and `GITHUB_REF` (Git ref) of the original event that triggered the workflow run. You can re-run a workflow for up to 30 days after the initial run. +Re-running a workflow{% if re-run-jobs %} or jobs in a workflow{% endif %} uses the same `GITHUB_SHA` (commit SHA) and `GITHUB_REF` (Git ref) of the original event that triggered the workflow run. You can re-run a workflow{% if re-run-jobs %} or jobs in a workflow{% endif %} for up to 30 days after the initial run. + +## Re-running all the jobs in a workflow {% webui %} @@ -26,7 +28,9 @@ Re-running a workflow uses the same `GITHUB_SHA` (commit SHA) and `GITHUB_REF` ( {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} {% ifversion fpt or ghes > 3.2 or ghae-issue-4721 or ghec %} -1. In the upper-right corner of the workflow, use the **Re-run jobs** drop-down menu, and select **Re-run all jobs** ![Rerun checks drop-down menu](/assets/images/help/repository/rerun-checks-drop-down.png) +1. ワークフローの右上隅にある [**Re-run jobs**] ドロップダウンメニューを使用して、[**Re-run all jobs**] を選択します。 + + If no jobs failed, you will not see the **Re-run jobs** drop-down menu. Instead, click **Re-run all jobs**. ![Rerun checks drop-down menu](/assets/images/help/repository/rerun-checks-drop-down.png) {% endif %} {% ifversion ghes < 3.3 or ghae %} 1. ワークフローの右上隅にある [**Re-run jobs**] ドロップダウンメニューを使用して、[**Re-run all jobs**] を選択します。 ![[Re-run checks] ドロップダウンメニュー](/assets/images/help/repository/rerun-checks-drop-down-updated.png) @@ -52,8 +56,61 @@ gh run watch {% endcli %} +{% if re-run-jobs %} +## Re-running failed jobs in a workflow + +If any jobs in a workflow run failed, you can re-run just the jobs that failed. When you re-run failed jobs in a workflow, a new workflow run will start for all failed jobs and their dependents. Any outputs for any successful jobs in the previous workflow run will be used for the re-run. Any artifacts that were created in the initial run will be available in the re-run. Any environment protection rules that passed in the previous run will automatically pass in the re-run. + +{% webui %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.actions-tab %} +{% data reusables.repositories.navigate-to-workflow %} +{% data reusables.repositories.view-run %} +1. In the upper-right corner of the workflow, use the **Re-run jobs** drop-down menu, and select **Re-run failed jobs**. ![Re-run failed jobs drop-down menu](/assets/images/help/repository/rerun-failed-jobs-drop-down.png) + +{% endwebui %} + +{% cli %} + +To re-run failed jobs in a workflow run, use the `run rerun` subcommand with the `--failed` flag. Replace `run-id` with the ID of the run for which you want to re-run failed jobs. `run-id` を指定しない場合、{% data variables.product.prodname_cli %} は、最近失敗した実行を選択するためのインタラクティブメニューを返します。 + +```shell +gh run rerun run-id --failed +``` + +{% endcli %} + +## Re-running a specific job in a workflow + +When you re-run a specific job in a workflow, a new workflow run will start for the job and any dependents. Any outputs for any other jobs in the previous workflow run will be used for the re-run. Any artifacts that were created in the initial run will be available in the re-run. Any environment protection rules that passed in the previous run will automatically pass in the re-run. + +{% webui %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.actions-tab %} +{% data reusables.repositories.navigate-to-workflow %} +{% data reusables.repositories.view-run %} +1. Next to the job that you want to re-run, click {% octicon "sync" aria-label="The re-run icon" %}. ![Re-run selected job](/assets/images/help/repository/re-run-selected-job.png) + + Alternatively, click on a job to view the log. In the log, click {% octicon "sync" aria-label="The re-run icon" %}. ![Re-run selected job](/assets/images/help/repository/re-run-single-job-from-log.png) + +{% endwebui %} + +{% cli %} + +To re-run a specific job in a workflow run, use the `run rerun` subcommand with the `--job` flag. Replace `job-id` with the ID of the job that you want to re-run. + +```shell +gh run rerun --job job-id +``` + +{% endcli %} + +{% endif %} + {% ifversion fpt or ghes > 3.2 or ghae-issue-4721 or ghec %} -### Reviewing previous workflow runs +## Reviewing previous workflow runs You can view the results from your previous attempts at running a workflow. You can also view previous workflow runs using the API. For more information, see ["Get a workflow run"](/rest/reference/actions#get-a-workflow-run). @@ -61,7 +118,11 @@ You can view the results from your previous attempts at running a workflow. You {% data reusables.repositories.actions-tab %} {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} +{%- if re-run-jobs %} +1. Any previous run attempts are shown in the **Latest** drop-down menu. ![Previous run attempts](/assets/images/help/repository/previous-run-attempts.png) +{%- else %} 1. Any previous run attempts are shown in the left pane. ![Rerun workflow](/assets/images/help/settings/actions-review-workflow-rerun.png) +{%- endif %} 1. Click an entry to view its results. {% endif %} diff --git a/translations/ja-JP/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md b/translations/ja-JP/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md index 60b161054a..e7dc784eda 100644 --- a/translations/ja-JP/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md +++ b/translations/ja-JP/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md @@ -62,6 +62,16 @@ versions: ![[Download logs] ドロップダウンメニュー](/assets/images/help/repository/download-logs-drop-down-updated-2.png) + {% if re-run-jobs %} + + {% note %} + + **Note**: When you download the log archive for a workflow that was partially re-run, the archive only includes the jobs that were re-run. To get a complete set of logs for jobs that were run from a workflow, you must download the log archives for the previous run attempts that ran the other jobs. + + {% endnote %} + + {% endif %} + ## ログの削除 ワークフローの実行からログファイルを削除できます。 {% data reusables.repositories.permissions-statement-write %} diff --git a/translations/ja-JP/content/actions/publishing-packages/publishing-docker-images.md b/translations/ja-JP/content/actions/publishing-packages/publishing-docker-images.md index bf831d3780..692da4b7ad 100644 --- a/translations/ja-JP/content/actions/publishing-packages/publishing-docker-images.md +++ b/translations/ja-JP/content/actions/publishing-packages/publishing-docker-images.md @@ -131,7 +131,7 @@ The `build-push-action` options required for {% data variables.product.prodname_ {% ifversion fpt or ghec %} {% data reusables.package_registry.publish-docker-image %} -The above workflow if triggered by a push to the "release" branch. It checks out the GitHub repository, and uses the `login-action` to log in to the {% data variables.product.prodname_container_registry %}. It then extracts labels and tags for the Docker image. Finally, it uses the `build-push-action` action to build the image and publish it on the {% data variables.product.prodname_container_registry %}. +The above workflow is triggered by a push to the "release" branch. It checks out the GitHub repository, and uses the `login-action` to log in to the {% data variables.product.prodname_container_registry %}. It then extracts labels and tags for the Docker image. Finally, it uses the `build-push-action` action to build the image and publish it on the {% data variables.product.prodname_container_registry %}. {% else %} ```yaml{:copy} diff --git a/translations/ja-JP/content/actions/security-guides/automatic-token-authentication.md b/translations/ja-JP/content/actions/security-guides/automatic-token-authentication.md index a6cdabb850..18f4b679cb 100644 --- a/translations/ja-JP/content/actions/security-guides/automatic-token-authentication.md +++ b/translations/ja-JP/content/actions/security-guides/automatic-token-authentication.md @@ -1,6 +1,6 @@ --- title: Automatic token authentication -intro: '{% data variables.product.prodname_dotcom %} provides a token that you can use to authenticate on behalf of {% data variables.product.prodname_actions %}.' +intro: '{% data variables.product.prodname_dotcom %}は、{% data variables.product.prodname_actions %}の代理で認証を受けるために利用できるトークンを提供します。' redirect_from: - /github/automating-your-workflow-with-github-actions/authenticating-with-the-github_token - /actions/automating-your-workflow-with-github-actions/authenticating-with-the-github_token @@ -17,37 +17,37 @@ shortTitle: Automatic token authentication {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -## About the `GITHUB_TOKEN` secret +## `GITHUB_TOKEN`シークレットについて -At the start of each workflow run, {% data variables.product.prodname_dotcom %} automatically creates a unique `GITHUB_TOKEN` secret to use in your workflow. You can use the `GITHUB_TOKEN` to authenticate in a workflow run. +At the start of each workflow run, {% data variables.product.prodname_dotcom %} automatically creates a unique `GITHUB_TOKEN` secret to use in your workflow. この`GITHUB_TOKEN`は、ワークフローの実行内での認証に利用できます。 -When you enable {% data variables.product.prodname_actions %}, {% data variables.product.prodname_dotcom %} installs a {% data variables.product.prodname_github_app %} on your repository. The `GITHUB_TOKEN` secret is a {% data variables.product.prodname_github_app %} installation access token. You can use the installation access token to authenticate on behalf of the {% data variables.product.prodname_github_app %} installed on your repository. The token's permissions are limited to the repository that contains your workflow. For more information, see "[Permissions for the `GITHUB_TOKEN`](#permissions-for-the-github_token)." +{% data variables.product.prodname_actions %}を有効化すると、{% data variables.product.prodname_dotcom %}はリポジトリに{% data variables.product.prodname_github_app %}をインストールします。 `GITHUB_TOKEN`シークレットは、{% data variables.product.prodname_github_app %}インストールアクセストークンです。 このインストールアクセストークンは、リポジトリにインストールされた{% data variables.product.prodname_github_app %}の代わりに認証を受けるために利用できます このトークンの権限は、ワークフローを含むリポジトリに限定されます。 詳しい情報については「[`GITHUB_TOKEN`の権限](#permissions-for-the-github_token)」を参照してください。 -Before each job begins, {% data variables.product.prodname_dotcom %} fetches an installation access token for the job. The token expires when the job is finished. +各ジョブの開始前に、{% data variables.product.prodname_dotcom %} はジョブのインストールアクセストークンをフェッチします。 {% data reusables.actions.github-token-expiration %} -The token is also available in the `github.token` context. For more information, see "[Contexts](/actions/learn-github-actions/contexts#github-context)." +このトークンは、`github.token`コンテキストにもあります。 詳細については、「[コンテキスト](/actions/learn-github-actions/contexts#github-context)」を参照してください。 -## Using the `GITHUB_TOKEN` in a workflow +## ワークフロー内での`GITHUB_TOKEN`の利用 -You can use the `GITHUB_TOKEN` by using the standard syntax for referencing secrets: {%raw%}`${{ secrets.GITHUB_TOKEN }}`{% endraw %}. Examples of using the `GITHUB_TOKEN` include passing the token as an input to an action, or using it to make an authenticated {% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom %}{% else %}{% data variables.product.product_name %}{% endif %} API request. +シークレットを参照するための標準構文 {%raw%}`${{ secrets.GITHUB_TOKEN }}`{% endraw %} を使用して、`GITHUB_TOKEN` を使用できます。 Examples of using the `GITHUB_TOKEN` include passing the token as an input to an action, or using it to make an authenticated {% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom %}{% else %}{% data variables.product.product_name %}{% endif %} API request. {% ifversion fpt or ghes > 3.1 or ghae or ghec %} {% note %} -**Important:** An action can access the `GITHUB_TOKEN` through the `github.token` context even if the workflow does not explicitly pass the `GITHUB_TOKEN` to the action. As a good security practice, you should always make sure that actions only have the minimum access they require by limiting the permissions granted to the `GITHUB_TOKEN`. For more information, see "[Permissions for the `GITHUB_TOKEN`](#permissions-for-the-github_token)." +**重要:** ワークフローが `GITHUB_TOKEN` をアクションに明示的に渡さない場合でも、アクションは `github.token` コンテキストを介して `GITHUB_TOKEN` にアクセスできます。 セキュリティを強化するには、`GITHUB_TOKEN` に付与されるアクセス許可を制限することにより、アクションに必要な最小限のアクセスのみが含まれるようにする必要があります。 詳しい情報については「[`GITHUB_TOKEN`の権限](#permissions-for-the-github_token)」を参照してください。 {% endnote %} {% endif %} {% data reusables.actions.actions-do-not-trigger-workflows %} -### Example 1: passing the `GITHUB_TOKEN` as an input +### 例 1: `GITHUB_TOKEN` を入力として渡す {% data reusables.actions.github_token-input-example %} -### Example 2: calling the REST API +### 例 2: REST API を呼び出す -You can use the `GITHUB_TOKEN` to make authenticated API calls. This example workflow creates an issue using the {% data variables.product.prodname_dotcom %} REST API: +`GITHUB_TOKEN`を使って、認証されたAPIコールを発行できます。 以下のワークフローの例では、{% data variables.product.prodname_dotcom %} REST APIを使ってIssueを作成しています。 ```yaml name: Create issue on commit @@ -73,74 +73,72 @@ jobs: --fail ``` -## Permissions for the `GITHUB_TOKEN` +## `GITHUB_TOKEN`の権限 -For information about the API endpoints {% data variables.product.prodname_github_apps %} can access with each permission, see "[{% data variables.product.prodname_github_app %} Permissions](/rest/reference/permissions-required-for-github-apps)." +{% data variables.product.prodname_github_apps %} が各権限でアクセスできる API エンドポイントについては、「[{% data variables.product.prodname_github_app %} の権限](/rest/reference/permissions-required-for-github-apps)」を参照してください。 {% ifversion fpt or ghes > 3.1 or ghae or ghec %} -The following table shows the permissions granted to the `GITHUB_TOKEN` by default. People with admin permissions to an {% ifversion not ghes %}enterprise, organization, or repository,{% else %}organization or repository{% endif %} can set the default permissions to be either permissive or restricted. For information on how to set the default permissions for the `GITHUB_TOKEN` for your enterprise, organization, or repository, see "[Enforcing policies for {% data variables.product.prodname_actions %} in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-github-actions-policies-for-your-enterprise#enforcing-a-policy-for-workflow-permissions-in-your-enterprise)," "[Disabling or limiting {% data variables.product.prodname_actions %} for your organization](/github/setting-up-and-managing-organizations-and-teams/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization)," or "[Managing {% data variables.product.prodname_actions %} settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository)." +次の表は、デフォルトで `GITHUB_TOKEN` に付与される権限を示しています。 People with admin permissions to an {% ifversion not ghes %}enterprise, organization, or repository,{% else %}organization or repository{% endif %} can set the default permissions to be either permissive or restricted. For information on how to set the default permissions for the `GITHUB_TOKEN` for your enterprise, organization, or repository, see "[Enforcing policies for {% data variables.product.prodname_actions %} in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-github-actions-policies-for-your-enterprise#enforcing-a-policy-for-workflow-permissions-in-your-enterprise)," "[Disabling or limiting {% data variables.product.prodname_actions %} for your organization](/github/setting-up-and-managing-organizations-and-teams/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization)," or "[Managing {% data variables.product.prodname_actions %} settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository)." -| Scope | Default access
(permissive) | Default access
(restricted) | Maximum access
by forked repos | -|---------------|-----------------------------|-----------------------------|--------------------------------| -| actions | read/write | none | read | -| checks | read/write | none | read | -| contents | read/write | read | read | -| deployments | read/write | none | read |{% ifversion fpt or ghec %} -| id-token | none | none | read |{% endif %} -| issues | read/write | none | read | -| metadata | read | read | read | -| packages | read/write | none | read | +| スコープ | デフォルトアクセス
(許可) | デフォルトアクセス
(制限付き) | フォークされたリポジトリ
による最大アクセス | +| ----------- | ----------------------- | ------------------------- | --------------------------------- | +| actions | 読み取り/書き込み | なし | 読み取り | +| checks | 読み取り/書き込み | なし | 読み取り | +| contents | 読み取り/書き込み | 読み取り | 読み取り | +| deployments | 読み取り/書き込み | なし | read |{% ifversion fpt or ghec %} +| id-token | なし | なし | read +{% endif %} +| issues | 読み取り/書き込み | なし | 読み取り | +| メタデータ | 読み取り | 読み取り | 読み取り | +| パッケージ | 読み取り/書き込み | なし | 読み取り | {%- ifversion fpt or ghec or ghes > 3.2 or ghae-issue-6187 %} | pages | read/write | none | read | {%- endif %} -| pull-requests | read/write | none | read | -| repository-projects | read/write | none | read | -| security-events | read/write | none | read | -| statuses | read/write | none | read | +| pull-requests | read/write | none | read | | repository-projects | read/write | none | read | | security-events | read/write | none | read | | statuses | read/write | none | read | {% else %} -| Scope | Access type | Access by forked repos | -|----------|-------------|--------------------------| -| actions | read/write | read | -| checks | read/write | read | -| contents | read/write | read | -| deployments | read/write | read | -| issues | read/write | read | -| metadata | read | read | -| packages | read/write | read | -| pull-requests | read/write | read | -| repository-projects | read/write | read | -| statuses | read/write | read | +| スコープ | アクセスタイプ | フォークしたリポジトリからのアクセス | +| ------------------- | --------- | ------------------ | +| actions | 読み取り/書き込み | 読み取り | +| checks | 読み取り/書き込み | 読み取り | +| contents | 読み取り/書き込み | 読み取り | +| deployments | 読み取り/書き込み | 読み取り | +| issues | 読み取り/書き込み | 読み取り | +| メタデータ | 読み取り | 読み取り | +| パッケージ | 読み取り/書き込み | 読み取り | +| pull-requests | 読み取り/書き込み | 読み取り | +| repository-projects | 読み取り/書き込み | 読み取り | +| statuses | 読み取り/書き込み | 読み取り | {% endif %} {% data reusables.actions.workflow-runs-dependabot-note %} {% ifversion fpt or ghes > 3.1 or ghae or ghec %} -### Modifying the permissions for the `GITHUB_TOKEN` +### `GITHUB_TOKEN` の権限を変更する -You can modify the permissions for the `GITHUB_TOKEN` in individual workflow files. If the default permissions for the `GITHUB_TOKEN` are restrictive, you may have to elevate the permissions to allow some actions and commands to run successfully. If the default permissions are permissive, you can edit the workflow file to remove some permissions from the `GITHUB_TOKEN`. As a good security practice, you should grant the `GITHUB_TOKEN` the least required access. +個々のワークフローファイルの `GITHUB_TOKEN` の権限を変更できます。 `GITHUB_TOKEN` のデフォルトの権限が制限付きの場合は、一部のアクションとコマンドを正常に実行できるように、権限を昇格させる必要がある場合があります。 デフォルトの権限が許可の場合は、ワークフローファイルを編集して、`GITHUB_TOKEN` から一部の権限を削除できます。 セキュリティを強化するには、`GITHUB_TOKEN` に必要最小限のアクセスを許可する必要があります。 -You can see the permissions that `GITHUB_TOKEN` had for a specific job in the "Set up job" section of the workflow run log. For more information, see "[Using workflow run logs](/actions/managing-workflow-runs/using-workflow-run-logs)." +`GITHUB_TOKEN` が特定のジョブに対して保持していた権限は、ワークフロー実行ログの [Set up job] セクションで確認できます。 詳しい情報については、「[ワークフロー実行ログを使用する](/actions/managing-workflow-runs/using-workflow-run-logs)」を参照してください。 -You can use the `permissions` key in your workflow file to modify permissions for the `GITHUB_TOKEN` for an entire workflow or for individual jobs. This allows you to configure the minimum required permissions for a workflow or job. When the `permissions` key is used, all unspecified permissions are set to no access, with the exception of the `metadata` scope, which always gets read access. +ワークフローファイルの `permissions` キーを使用して、ワークフロー全体または個々のジョブの `GITHUB_TOKEN` の権限を変更できます。 これにより、ワークフローまたはジョブに最低限必要な権限を設定できます。 `permissions` キーを使用すると、常に読み取りアクセスを取得する `metadata` スコープを除いて、指定されていないすべての権限が権限なしに設定されます。 {% data reusables.actions.forked-write-permission %} -The two workflow examples earlier in this article show the `permissions` key being used at the workflow level, and at the job level. In [Example 1](#example-1-passing-the-github_token-as-an-input) the two permissions are specified for the entire workflow. In [Example 2](#example-2-calling-the-rest-api) write access is granted for one scope for a single job. +この記事の前半の 2 つのワークフロー例は、ワークフローレベルとジョブレベルで使用されている `permissions` キーを示しています。 [例 1](#example-1-passing-the-github_token-as-an-input) では、ワークフロー全体に対して 2 つの権限が指定されています。 [例 2](#example-2-calling-the-rest-api) では、1 つのジョブに対し 1 つのスコープに書き込み権限が付与されています。 -For full details of the `permissions` key, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#permissions)." +`permissions` キーの詳細については、「[{% data variables.product.prodname_actions %} のワークフロー構文](/actions/reference/workflow-syntax-for-github-actions#permissions)」を参照してください。 -#### How the permissions are calculated for a workflow job +#### ワークフロージョブの権限の計算方法 -The permissions for the `GITHUB_TOKEN` are initially set to the default setting for the enterprise, organization, or repository. If the default is set to the restricted permissions at any of these levels then this will apply to the relevant repositories. For example, if you choose the restricted default at the organization level then all repositories in that organization will use the restricted permissions as the default. The permissions are then adjusted based on any configuration within the workflow file, first at the workflow level and then at the job level. Finally, if the workflow was triggered by a pull request from a forked repository, and the **Send write tokens to workflows from pull requests** setting is not selected, the permissions are adjusted to change any write permissions to read only. +`GITHUB_TOKEN` の権限は、最初は Enterprise、Organization、またはリポジトリのデフォルトに設定されています。 デフォルトがこれらのレベルのいずれかで制限付きの権限に設定されている場合、これは関連するリポジトリに適用されます。 たとえば、Organization レベルで制限付きのデフォルトを選択した場合、その Organization 内のすべてのリポジトリは、制限付きの権限をデフォルトとして使用します。 次に、ワークフローファイル内の構成に基づいて、最初にワークフローレベルで、次にジョブレベルで権限が調整されます。 最後に、ワークフローがフォークされたリポジトリからのプルリクエストによってトリガーされ、[**Send write tokens to workflows from pull requests**](プルリクエストから書き込みトークンをワークフローに送信) 設定が選択されていない場合、権限が調整され、書き込み権限が読み取り専用に変更されます。 -### Granting additional permissions +### 追加の権限を付与する {% endif %} -If you need a token that requires permissions that aren't available in the `GITHUB_TOKEN`, you can create a personal access token and set it as a secret in your repository: +`GITHUB_TOKEN`で利用できない権限を要求するトークンが必要な場合は、個人アクセストークンを生成して、それをリポジトリのシークレットに設定できます。 -1. Use or create a token with the appropriate permissions for that repository. For more information, see "[Creating a personal access token](/github/authenticating-to-github/creating-a-personal-access-token)." -1. Add the token as a secret in your workflow's repository, and refer to it using the {%raw%}`${{ secrets.SECRET_NAME }}`{% endraw %} syntax. For more information, see "[Creating and using encrypted secrets](/github/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)." +1. リポジトリに対して適切な権限を持つトークンを利用もしくは生成してください。 詳しい情報については、「[個人アクセストークンを作成する](/github/authenticating-to-github/creating-a-personal-access-token)」を参照してください。 +1. ワークフローのリポジトリにそのトークンをシークレットとして追加し、 {%raw%}`${{ secrets.SECRET_NAME }}`{% endraw %}構文でそれを参照してください。 詳しい情報については、「[暗号化されたシークレットの作成と利用](/github/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)」を参照してください。 -### Further reading +### 参考リンク - "[Resources in the REST API](/rest/overview/resources-in-the-rest-api#rate-limiting)" diff --git a/translations/ja-JP/content/actions/security-guides/encrypted-secrets.md b/translations/ja-JP/content/actions/security-guides/encrypted-secrets.md index 6694de7134..6682ef4fb2 100644 --- a/translations/ja-JP/content/actions/security-guides/encrypted-secrets.md +++ b/translations/ja-JP/content/actions/security-guides/encrypted-secrets.md @@ -226,6 +226,10 @@ steps: ``` {% endraw %} +Secrets cannot be directly referenced in `if:` conditionals. Instead, consider setting secrets as job-level environment variables, then referencing the environment variables to conditionally run steps in the job. For more information, see "[Context availability](/actions/learn-github-actions/contexts#context-availability)" and [`jobs..steps[*].if`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsif). + +If a secret has not been set, the return value of an expression referencing the secret (such as {% raw %}`${{ secrets.SuperSecret }}`{% endraw %} in the example) will be an empty string. + 可能であれば、コマンドラインからプロセス間でシークレットを渡すのは避けてください。 Command-line processes may be visible to other users (using the `ps` command) or captured by [security audit events](https://docs.microsoft.com/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing). シークレットの保護のために、環境変数、`STDIN`、あるいはターゲットのプロセスがサポートしている他の仕組みの利用を考慮してください。 コマンドラインからシークレットを渡さなければならない場合は、それらを適切なルールでクオート内に収めてください。 シークレットは、意図せずシェルに影響するかもしれない特殊なキャラクターをしばしば含みます。 それらの特殊なキャラクターをエスケープするには、環境変数をクオートで囲ってください。 例: diff --git a/translations/ja-JP/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md b/translations/ja-JP/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md index 26a05e623d..d0aac03c29 100644 --- a/translations/ja-JP/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md +++ b/translations/ja-JP/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md @@ -234,3 +234,11 @@ restore-keys: | ## 利用制限と退去のポリシー {% data variables.product.prodname_dotcom %}は、7日間以上アクセスされていないキャッシュエントリを削除します。 There is no limit on the number of caches you can store, but the total size of all caches in a repository is limited to 10 GB. If you exceed this limit, {% data variables.product.prodname_dotcom %} will save your cache but will begin evicting caches until the total size is less than 10 GB. + +{% if actions-cache-management %} + +## Managing caches + +You can use the {% data variables.product.product_name %} REST API to manage your caches. At present, you can use the API to see your cache usage, with more functionality expected in future updates. For more information, see the "[Actions](/rest/reference/actions#cache)" REST API documentation. + +{% endif %} diff --git a/translations/ja-JP/content/actions/using-workflows/workflow-commands-for-github-actions.md b/translations/ja-JP/content/actions/using-workflows/workflow-commands-for-github-actions.md index 05248380fa..b366202437 100644 --- a/translations/ja-JP/content/actions/using-workflows/workflow-commands-for-github-actions.md +++ b/translations/ja-JP/content/actions/using-workflows/workflow-commands-for-github-actions.md @@ -2,6 +2,7 @@ title: GitHub Actionsのワークフローコマンド shortTitle: ワークフロー コマンド intro: ワークフロー内あるいはアクションのコード内でシェルコマンドを実行する際には、ワークフローコマンドを利用できます。 +defaultTool: bash redirect_from: - /articles/development-tools-for-github-actions - /github/automating-your-workflow-with-github-actions/development-tools-for-github-actions @@ -26,10 +27,24 @@ versions: ほとんどのワークフローコマンドは特定の形式で `echo` コマンドを使用しますが、他のワークフローコマンドはファイルへの書き込みによって呼び出されます。 詳しい情報については、「[環境ファイル](#environment-files)」を参照してください。 -``` bash +### サンプル + +{% bash %} + +```bash{:copy} echo "::workflow-command parameter1={data},parameter2={data}::{command value}" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::workflow-command parameter1={data},parameter2={data}::{command value}" +``` + +{% endpowershell %} + {% note %} **ノート:** ワークフローコマンドおよびパラメータ名では、大文字と小文字は区別されません。 @@ -46,14 +61,18 @@ echo "::workflow-command parameter1={data},parameter2={data}::{command value}" [actions/toolkit](https://github.com/actions/toolkit)には、ワークフローコマンドとして実行できる多くの関数があります。 `::`構文を使って、YAMLファイル内でワークフローコマンドを実行してください。それらのコマンドは`stdout`を通じてランナーに送信されます。 たとえば、コードを使用して出力を設定する代わりに、以下のようにします。 -```javascript +```javascript{:copy} core.setOutput('SELECTED_COLOR', 'green'); ``` +### Example: Setting a value + ワークフローで `set-output` コマンドを使用して、同じ値を設定できます。 +{% bash %} + {% raw %} -``` yaml +```yaml{:copy} - name: Set selected color run: echo '::set-output name=SELECTED_COLOR::green' id: random-color-generator @@ -62,6 +81,22 @@ core.setOutput('SELECTED_COLOR', 'green'); ``` {% endraw %} +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} + - name: Set selected color + run: Write-Output "::set-output name=SELECTED_COLOR::green" + id: random-color-generator + - name: Get color + run: Write-Output "The selected color is ${{ steps.random-color-generator.outputs.SELECTED_COLOR }}" +``` +{% endraw %} + +{% endpowershell %} + 以下の表は、ワークフロー内で使えるツールキット関数を示しています。 | ツールキット関数 | 等価なワークフローのコマンド | @@ -86,186 +121,336 @@ core.setOutput('SELECTED_COLOR', 'green'); ## 出力パラメータの設定 -``` +アクションの出力パラメータを設定します。 + +```{:copy} ::set-output name={name}::{value} ``` -アクションの出力パラメータを設定します。 - あるいは、出力パラメータをアクションのメタデータファイル中で宣言することもできます。 For more information, see "[Metadata syntax for {% data variables.product.prodname_actions %}](/articles/metadata-syntax-for-github-actions#outputs-for-docker-container-and-javascript-actions)." -### サンプル +### Example: Setting an output parameter -``` bash +{% bash %} + +```bash{:copy} echo "::set-output name=action_fruit::strawberry" ``` -## デバッグメッセージの設定 +{% endbash %} +{% powershell %} + +```pwsh{:copy} +Write-Output "::set-output name=action_fruit::strawberry" ``` -::debug::{message} -``` + +{% endpowershell %} + +## デバッグメッセージの設定 デバッグメッセージをログに出力します。 ログでこのコマンドにより設定されたデバッグメッセージを表示するには、`ACTIONS_STEP_DEBUG` という名前のシークレットを作成し、値を `true` に設定する必要があります。 詳しい情報については、「[デバッグログの有効化](/actions/managing-workflow-runs/enabling-debug-logging)」を参照してください。 -### サンプル +```{:copy} +::debug::{message} +``` -``` bash +### Example: Setting a debug message + +{% bash %} + +```bash{:copy} echo "::debug::Set the Octocat variable" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::debug::Set the Octocat variable" +``` + +{% endpowershell %} + {% ifversion fpt or ghes > 3.2 or ghae-issue-4929 or ghec %} ## Setting a notice message -``` +Creates a notice message and prints the message to the log. {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::notice file={name},line={line},endLine={endLine},title={title}::{message} ``` -Creates a notice message and prints the message to the log. {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### サンプル +### Example: Setting a notice message -``` bash +{% bash %} + +```bash{:copy} echo "::notice file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::notice file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} {% endif %} ## 警告メッセージの設定 -``` +警告メッセージを作成し、ログにそのメッセージを出力します。 {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::warning file={name},line={line},endLine={endLine},title={title}::{message} ``` -警告メッセージを作成し、ログにそのメッセージを出力します。 {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### サンプル +### Example: Setting a warning message -``` bash +{% bash %} + +```bash{:copy} echo "::warning file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::warning file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} ## エラーメッセージの設定 -``` +エラーメッセージを作成し、ログにそのメッセージを出力します。 {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::error file={name},line={line},endLine={endLine},title={title}::{message} ``` -エラーメッセージを作成し、ログにそのメッセージを出力します。 {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### サンプル +### Example: Setting an error message -``` bash +{% bash %} + +```bash{:copy} echo "::error file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::error file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} ## ログの行のグループ化 -``` +展開可能なグループをログ中に作成します。 グループを作成するには、`group`コマンドを使って`title`を指定してください。 `group`と`endgroup`コマンド間でログに出力したすべての内容は、ログ中の展開可能なエントリ内にネストされます。 + +```{:copy} ::group::{title} ::endgroup:: ``` -展開可能なグループをログ中に作成します。 グループを作成するには、`group`コマンドを使って`title`を指定してください。 `group`と`endgroup`コマンド間でログに出力したすべての内容は、ログ中の展開可能なエントリ内にネストされます。 +### Example: Grouping log lines -### サンプル +{% bash %} -```bash -echo "::group::My title" -echo "Inside group" -echo "::endgroup::" +```yaml{:copy} +jobs: + bash-example: + runs-on: ubuntu-latest + steps: + - name: Group of log lines + run: | + echo "::group::My title" + echo "Inside group" + echo "::endgroup::" ``` +{% endbash %} + +{% powershell %} + +```yaml{:copy} +jobs: + powershell-example: + runs-on: windows-latest + steps: + - name: Group of log lines + run: | + Write-Output "::group::My title" + Write-Output "Inside group" + Write-Output "::endgroup::" +``` + +{% endpowershell %} + ![ワークフローの実行ログ中の折りたたみ可能なグループ](/assets/images/actions-log-group.png) ## ログ中での値のマスク -``` +```{:copy} ::add-mask::{value} ``` 値をマスクすることにより、文字列または値がログに出力されることを防ぎます。 空白で分離された、マスクされた各語は "`*`" という文字で置き換えられます。 マスクの `value` には、環境変数または文字列を用いることができます。 -### 文字列をマスクするサンプル +### Example: Masking a string ログに `"Mona The Octocat"` を出力すると、`"***"` が表示されます。 -```bash +{% bash %} + +```bash{:copy} echo "::add-mask::Mona The Octocat" ``` -### 環境変数をマスクするサンプル +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::add-mask::Mona The Octocat" +``` + +{% endpowershell %} + +### Example: Masking an environment variable 変数 `MY_NAME` または値 `"Mona The Octocat"` をログに出力すると、`"Mona The Octocat"` の代わりに `"***"` が表示されます。 -```bash -MY_NAME="Mona The Octocat" -echo "::add-mask::$MY_NAME" +{% bash %} + +```yaml{:copy} +jobs: + bash-example: + runs-on: ubuntu-latest + env: + MY_NAME: "Mona The Octocat" + steps: + - name: bash-version + run: echo "::add-mask::$MY_NAME" ``` +{% endbash %} + +{% powershell %} + +```yaml{:copy} +jobs: + powershell-example: + runs-on: windows-latest + env: + MY_NAME: "Mona The Octocat" + steps: + - name: powershell-version + run: Write-Output "::add-mask::$env:MY_NAME" +``` + +{% endpowershell %} + ## ワークフローコマンドの停止と開始 -`::stop-commands::{endtoken}` - ワークフローコマンドの処理を停止します。 この特殊コマンドを使うと、意図せずワークフローコマンドを実行することなくいかなるログも取れます。 たとえば、コメントがあるスクリプト全体を出力するためにログ取得を停止できます。 +```{:copy} +::stop-commands::{endtoken} +``` + To stop the processing of workflow commands, pass a unique token to `stop-commands`. To resume processing workflow commands, pass the same token that you used to stop workflow commands. {% warning %} -**Warning:** Make sure the token you're using is randomly generated and unique for each run. As demonstrated in the example below, you can generate a unique hash of your `github.token` for each run. +**Warning:** Make sure the token you're using is randomly generated and unique for each run. {% endwarning %} -``` +```{:copy} ::{endtoken}:: ``` -### Example stopping and starting workflow commands +### Example: Stopping and starting workflow commands + +{% bash %} {% raw %} -```yaml +```yaml{:copy} jobs: workflow-command-job: runs-on: ubuntu-latest steps: - - name: disable workflow commands + - name: Disable workflow commands run: | - echo '::warning:: this is a warning' - echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" - echo '::warning:: this will NOT be a warning' - echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" - echo '::warning:: this is a warning again' + echo '::warning:: This is a warning message, to demonstrate that commands are being processed.' + stopMarker=$(uuidgen) + echo "::stop-commands::$stopMarker" + echo '::warning:: This will NOT be rendered as a warning, because stop-commands has been invoked.' + echo "::$stopMarker::" + echo '::warning:: This is a warning again, because stop-commands has been turned off.' +``` +{% endraw %} + +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} +jobs: + workflow-command-job: + runs-on: windows-latest + steps: + - name: Disable workflow commands + run: | + Write-Output '::warning:: This is a warning message, to demonstrate that commands are being processed.' + $stopMarker = New-Guid + Write-Output "::stop-commands::$stopMarker" + Write-Output '::warning:: This will NOT be rendered as a warning, because stop-commands has been invoked.' + Write-Output "::$stopMarker::" + Write-Output '::warning:: This is a warning again, because stop-commands has been turned off.' ``` {% endraw %} +{% endpowershell %} + ## Echoing command outputs -``` +Enables or disables echoing of workflow commands. For example, if you use the `set-output` command in a workflow, it sets an output parameter but the workflow run's log does not show the command itself. If you enable command echoing, then the log shows the command, such as `::set-output name={name}::{value}`. + +```{:copy} ::echo::on ::echo::off ``` -Enables or disables echoing of workflow commands. For example, if you use the `set-output` command in a workflow, it sets an output parameter but the workflow run's log does not show the command itself. If you enable command echoing, then the log shows the command, such as `::set-output name={name}::{value}`. - Command echoing is disabled by default. However, a workflow command is echoed if there are any errors processing the command. The `add-mask`, `debug`, `warning`, and `error` commands do not support echoing because their outputs are already echoed to the log. You can also enable command echoing globally by turning on step debug logging using the `ACTIONS_STEP_DEBUG` secret. For more information, see "[Enabling debug logging](/actions/managing-workflow-runs/enabling-debug-logging)". In contrast, the `echo` workflow command lets you enable command echoing at a more granular level, rather than enabling it for every workflow in a repository. -### Example toggling command echoing +### Example: Toggling command echoing -```yaml +{% bash %} + +```yaml{:copy} jobs: workflow-command-job: runs-on: ubuntu-latest @@ -279,9 +464,29 @@ jobs: echo '::set-output name=action_echo::disabled' ``` -The step above prints the following lines to the log: +{% endbash %} +{% powershell %} + +```yaml{:copy} +jobs: + workflow-command-job: + runs-on: windows-latest + steps: + - name: toggle workflow command echoing + run: | + write-output "::set-output name=action_echo::disabled" + write-output "::echo::on" + write-output "::set-output name=action_echo::enabled" + write-output "::echo::off" + write-output "::set-output name=action_echo::disabled" ``` + +{% endpowershell %} + +The example above prints the following lines to the log: + +```{:copy} ::set-output name=action_echo::enabled ::echo::off ``` @@ -298,13 +503,13 @@ Only the second `set-output` and `echo` workflow commands are included in the lo 以下の例はJavaScriptを使って`save-state`コマンドを実行します。 結果の環境変数は`STATE_processID`という名前になり、`12345`という値を持ちます。 -``` javascript +```javascript{:copy} console.log('::save-state name=processID::12345') ``` そして、`STATE_processID`変数は`main`アクションの下で実行されるクリーンアップスクリプトからのみ利用できます。 以下の例は`main`を実行し、JavaScriptを使って環境変数`STATE_processID`に割り当てられた値を表示します。 -``` javascript +```javascript{:copy} console.log("The running PID from the main action is: " + process.env.STATE_processID); ``` @@ -312,37 +517,70 @@ console.log("The running PID from the main action is: " + process.env.STATE_pro ワークフローの実行中に、ランナーは特定のアクションを実行する際に使用できる一時ファイルを生成します。 これらのファイルへのパスは、環境変数を介して公開されます。 コマンドを適切に処理するには、これらのファイルに書き込むときに UTF-8 エンコーディングを使用する必要があります。 複数のコマンドを、改行で区切って同じファイルに書き込むことができます。 -{% warning %} +{% powershell %} -**Warning:** On Windows, legacy PowerShell (`shell: powershell`) does not use UTF-8 by default. +{% note %} -When using `shell: powershell`, you must specify UTF-8 encoding. 例: +**Note:** PowerShell versions 5.1 and below (`shell: powershell`) do not use UTF-8 by default, so you must specify the UTF-8 encoding. 例: -```yaml +```yaml{:copy} jobs: legacy-powershell-example: - uses: windows-2019 + runs-on: windows-latest steps: - shell: powershell - run: echo "mypath" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append + run: | + "mypath" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append ``` -Alternatively, you can use PowerShell Core (`shell: pwsh`), which defaults to UTF-8. +PowerShell Core versions 6 and higher (`shell: pwsh`) use UTF-8 by default. 例: -{% endwarning %} +```yaml{:copy} +jobs: + powershell-core-example: + runs-on: windows-latest + steps: + - shell: pwsh + run: | + "mypath" >> $env:GITHUB_PATH +``` + +{% endnote %} + +{% endpowershell %} ## 環境変数の設定 -``` bash +{% bash %} + +```bash{:copy} echo "{environment_variable_name}={value}" >> $GITHUB_ENV ``` +{% endbash %} + +{% powershell %} + +- Using PowerShell version 6 and higher: +```pwsh{:copy} +"{environment_variable_name}={value}" >> $env:GITHUB_ENV +``` + +- Using PowerShell version 5.1 and below: +```powershell{:copy} +"{environment_variable_name}={value}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append +``` + +{% endpowershell %} + You can make an environment variable available to any subsequent steps in a workflow job by defining or updating the environment variable and writing this to the `GITHUB_ENV` environment file. The step that creates or updates the environment variable does not have access to the new value, but all subsequent steps in a job will have access. The names of environment variables are case-sensitive, and you can include punctuation. 詳しい情報については、「[環境変数](/actions/learn-github-actions/environment-variables)」を参照してください。 ### サンプル +{% bash %} + {% raw %} -``` +```yaml{:copy} steps: - name: Set the value id: step_one @@ -355,11 +593,31 @@ steps: ``` {% endraw %} +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} +steps: + - name: Set the value + id: step_one + run: | + "action_state=yellow" >> $env:GITHUB_ENV + - name: Use the value + id: step_two + run: | + Write-Output "${{ env.action_state }}" # This will output 'yellow' +``` +{% endraw %} + +{% endpowershell %} + ### 複数行の文字列 複数行の文字列の場合、次の構文で区切り文字を使用できます。 -``` +```{:copy} {name}<<{delimiter} {value} {delimiter} @@ -367,29 +625,75 @@ steps: #### サンプル -この例では、区切り文字として `EOF` を使用し、`JSON_RESPONSE` 環境変数を cURL レスポンスの値に設定します。 -```yaml +This example uses `EOF` as a delimiter, and sets the `JSON_RESPONSE` environment variable to the value of the `curl` response. + +{% bash %} + +```yaml{:copy} steps: - - name: Set the value + - name: Set the value in bash id: step_one run: | echo 'JSON_RESPONSE<> $GITHUB_ENV - curl https://httpbin.org/json >> $GITHUB_ENV + curl https://example.lab >> $GITHUB_ENV echo 'EOF' >> $GITHUB_ENV ``` -## システムパスの追加 +{% endbash %} -``` bash -echo "{path}" >> $GITHUB_PATH +{% powershell %} + +```yaml{:copy} +steps: + - name: Set the value in pwsh + id: step_one + run: | + "JSON_RESPONSE<> $env:GITHUB_ENV + (Invoke-WebRequest -Uri "https://example.lab").Content >> $env:GITHUB_ENV + "EOF" >> $env:GITHUB_ENV + shell: pwsh ``` +{% endpowershell %} + +## システムパスの追加 + Prepends a directory to the system `PATH` variable and automatically makes it available to all subsequent actions in the current job; the currently running action cannot access the updated path variable. ジョブに現在定義されているパスを見るには、ステップもしくはアクション中で`echo "$PATH"`を使うことができます。 +{% bash %} + +```bash{:copy} +echo "{path}" >> $GITHUB_PATH +``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +"{path}" >> $env:GITHUB_PATH +``` + +{% endpowershell %} + ### サンプル この例は、ユーザの`$HOME/.local/bin`ディレクトリを`PATH`に追加する方法を示しています。 -``` bash +{% bash %} + +```bash{:copy} echo "$HOME/.local/bin" >> $GITHUB_PATH ``` + +{% endbash %} + + +This example demonstrates how to add the user `$env:HOMEPATH/.local/bin` directory to `PATH`: + +{% powershell %} + +```pwsh{:copy} +"$env:HOMEPATH/.local/bin" >> $env:GITHUB_PATH +``` + +{% endpowershell %} diff --git a/translations/ja-JP/content/actions/using-workflows/workflow-syntax-for-github-actions.md b/translations/ja-JP/content/actions/using-workflows/workflow-syntax-for-github-actions.md index 2102555f25..beb0751474 100644 --- a/translations/ja-JP/content/actions/using-workflows/workflow-syntax-for-github-actions.md +++ b/translations/ja-JP/content/actions/using-workflows/workflow-syntax-for-github-actions.md @@ -64,7 +64,7 @@ Use `on.workflow_call` to define the inputs and outputs for a reusable workflow. When using the `workflow_call` keyword, you can optionally specify inputs that are passed to the called workflow from the caller workflow. For more information about the `workflow_call` keyword, see "[Events that trigger workflows](/actions/learn-github-actions/events-that-trigger-workflows#workflow-reuse-events)." -In addition to the standard input parameters that are available, `on.workflow_call.inputs` requires a `type` parameter. For more information, see [`on.workflow_call.inputs..type`](#onworkflow_callinputsinput_idtype). +In addition to the standard input parameters that are available, `on.workflow_call.inputs` requires a `type` parameter. 詳しい情報については[`on.workflow_call.inputs..type`](#onworkflow_callinputsinput_idtype)を参照してください。 If a `default` parameter is not set, the default value of the input is `false` for a boolean, `0` for a number, and `""` for a string. @@ -342,6 +342,31 @@ steps: uses: actions/heroku@1.0.0 ``` +#### Example: Using secrets + +Secrets cannot be directly referenced in `if:` conditionals. Instead, consider setting secrets as job-level environment variables, then referencing the environment variables to conditionally run steps in the job. + +If a secret has not been set, the return value of an expression referencing the secret (such as {% raw %}`${{ secrets.SuperSecret }}`{% endraw %} in the example) will be an empty string. + +{% raw %} +```yaml +name: Run a step if a secret has been set +on: push +jobs: + my-jobname: + runs-on: ubuntu-latest + env: + super_secret: ${{ secrets.SuperSecret }} + steps: + - if: ${{ env.super_secret != '' }} + run: echo 'This step will only run if the secret has a value set.' + - if: ${{ env.super_secret == '' }} + run: echo 'This step will only run if the secret does not have a value set.' +``` +{% endraw %} + +For more information, see "[Context availability](/actions/learn-github-actions/contexts#context-availability)" and "[Encrypted secrets](/actions/security-guides/encrypted-secrets)." + ### `jobs..steps[*].name` {% data variables.product.prodname_dotcom %}で表示されるステップの名前。 @@ -521,7 +546,7 @@ jobs: ### `jobs..steps[*].shell` -`shell`キーワードを使用して、ランナーのオペレーティングシステムのデフォルトシェルを上書きできます。 組み込みの`shell`キーワードを使用するか、カスタムセットのシェルオプションを定義することができます。 The shell command that is run internally executes a temporary file that contains the commands specified in the `run` keyword. +`shell`キーワードを使用して、ランナーのオペレーティングシステムのデフォルトシェルの設定を上書きできます。 組み込みの`shell`キーワードを使用するか、カスタムセットのシェルオプションを定義することができます。 The shell command that is run internally executes a temporary file that contains the commands specified in the `run` keyword. | サポートされているプラットフォーム | `shell` パラメータ | 説明 | 内部で実行されるコマンド | | ----------------- | ------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------- | @@ -714,6 +739,12 @@ steps: If the timeout exceeds the job execution time limit for the runner, the job will be canceled when the execution time limit is met instead. For more information about job execution time limits, see {% ifversion fpt or ghec or ghes %}"[Usage limits and billing](/actions/reference/usage-limits-billing-and-administration#usage-limits)" for {% data variables.product.prodname_dotcom %}-hosted runners and {% endif %}"[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners/#usage-limits){% ifversion fpt or ghec or ghes %}" for self-hosted runner usage limits.{% elsif ghae %}."{% endif %} +{% note %} + +**Note:** {% data reusables.actions.github-token-expiration %} For self-hosted runners, the token may be the limiting factor if the job timeout is greater than 24 hours. For more information on the `GITHUB_TOKEN`, see "[About the `GITHUB_TOKEN` secret](/actions/security-guides/automatic-token-authentication#about-the-github_token-secret)." + +{% endnote %} + ## `jobs..strategy` {% data reusables.actions.jobs.section-using-a-build-matrix-for-your-jobs-strategy %} diff --git a/translations/ja-JP/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md b/translations/ja-JP/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md index 8c12c9efca..e5b1644670 100644 --- a/translations/ja-JP/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md +++ b/translations/ja-JP/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md @@ -271,7 +271,7 @@ GitHub helps you avoid using third-party software that contains known vulnerabil | Dependency Management Tool | 説明 | | ---------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Dependabot Alerts | You can track your repository's dependencies and receive Dependabot alerts when your enterprise detects vulnerable dependencies. 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)」を参照してください。 | +| Dependabot Alerts | You can track your repository's dependencies and receive Dependabot alerts when your enterprise detects vulnerable dependencies. 詳しい情報については、「[{% data variables.product.prodname_dependabot_alerts %} について](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)」を参照してください。 | | Dependency Graph | 依存関係グラフは、リポジトリに保存されているマニフェストファイルおよびロックファイルのサマリーです。 コードベースが依存するエコシステムとパッケージ(依存関係)、およびプロジェクトに依存するリポジトリとパッケージ(依存関係)が表示されます。 詳しい情報については、「[依存関係グラフについて](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)」を参照してください。 |{% ifversion ghes > 3.1 or ghec %} | Dependency Review | プルリクエストに依存関係への変更が含まれている場合は、変更内容の概要と、依存関係に既知の脆弱性があるかどうかを確認できます。 For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)" or "[Reviewing Dependency Changes in a Pull Request](/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)." |{% endif %} {% ifversion ghec or ghes > 3.2 %} | Dependabot Security Updates | Dependabot can fix vulnerable dependencies for you by raising pull requests with security updates. For more information, see "[About Dependabot security updates](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." | diff --git a/translations/ja-JP/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md b/translations/ja-JP/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md index 2b94ebac94..d5d9c480a8 100644 --- a/translations/ja-JP/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md +++ b/translations/ja-JP/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md @@ -49,7 +49,7 @@ After you enable {% data variables.product.prodname_dependabot_alerts %} for you When {% data variables.product.product_location %} receives information about a vulnerability, it identifies repositories in {% data variables.product.product_location %} that use the affected version of the dependency and generates {% data variables.product.prodname_dependabot_alerts %}. You can choose whether or not to notify users automatically about new {% data variables.product.prodname_dependabot_alerts %}. -For repositories with {% data variables.product.prodname_dependabot_alerts %} enabled, scanning is triggered on any push to the default branch that contains a manifest file or lock file. Additionally, when a new vulnerability record is added to {% data variables.product.product_location %}, {% data variables.product.product_name %} scans all existing repositories on {% data variables.product.product_location %} and generates alerts for any repository that is vulnerable. 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)」を参照してください。 +For repositories with {% data variables.product.prodname_dependabot_alerts %} enabled, scanning is triggered on any push to the default branch that contains a manifest file or lock file. Additionally, when a new vulnerability record is added to {% data variables.product.product_location %}, {% data variables.product.product_name %} scans all existing repositories on {% data variables.product.product_location %} and generates alerts for any repository that is vulnerable. 詳しい情報については、「[{% data variables.product.prodname_dependabot_alerts %} について](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)」を参照してください。 {% ifversion ghes > 3.2 %} ### {% data variables.product.prodname_dependabot_updates %}について @@ -67,7 +67,7 @@ After you enable {% data variables.product.prodname_dependabot_alerts %}, you ca With {% data variables.product.prodname_dependabot_updates %}, {% data variables.product.company_short %} automatically creates pull requests to update dependencies in two ways. - **{% data variables.product.prodname_dependabot_version_updates %}**: Users add a {% data variables.product.prodname_dependabot %} configuration file to the repository to enable {% data variables.product.prodname_dependabot %} to create pull requests when a new version of a tracked dependency is released. 詳しい情報については「[{% data variables.product.prodname_dependabot_version_updates %}について](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates)」を参照してください。 -- **{% data variables.product.prodname_dependabot_security_updates %}**: Users toggle a repository setting to enable {% data variables.product.prodname_dependabot %} to create pull requests when {% data variables.product.prodname_dotcom %} detects a vulnerability in one of the dependencies of the dependency graph for the repository. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." +- **{% data variables.product.prodname_dependabot_security_updates %}**: Users toggle a repository setting to enable {% data variables.product.prodname_dependabot %} to create pull requests when {% data variables.product.prodname_dotcom %} detects a vulnerability in one of the dependencies of the dependency graph for the repository. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." {% endif %} ## {% data variables.product.prodname_dependabot_alerts %} の有効化 @@ -100,7 +100,7 @@ After you enable {% data variables.product.prodname_dependabot_alerts %} for you {% ifversion ghes %} Before you enable {% data variables.product.prodname_dependabot_updates %}, you must configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %} with self-hosted runners. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." -{% data variables.product.prodname_dependabot_updates %} are not supported on {% data variables.product.product_name %} if your enterprise uses clustering or a high-availability configuration. +{% data variables.product.prodname_dependabot_updates %} are not supported on {% data variables.product.product_name %} if your enterprise uses clustering. {% endif %} {% data reusables.enterprise_site_admin_settings.sign-in %} diff --git a/translations/ja-JP/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md b/translations/ja-JP/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md index 3823b294b3..232b2ac264 100644 --- a/translations/ja-JP/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md +++ b/translations/ja-JP/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md @@ -17,7 +17,11 @@ topics: ハードコードされたIPアドレスの代わりにホスト名を設定すれば、ユーザやクライアントソフトウェアに影響を与えることなく{% data variables.product.product_location %}を動作させる物理ハードウェアを変更できるようになります。 -{% data variables.enterprise.management_console %} のホスト名の設定は、適切な完全修飾ドメイン名 (FQDN) に設定して、インターネット上または内部ネットワーク内で解決できるようにしてください。 たとえば、ホスト名の設定は `github.companyname.com` であるかもしれません。 また、選択したホスト名に対して Subdomain Isolation を有効にして、いくつかのクロスサイトスクリプティングスタイルの脆弱性を軽減することもおすすめします。 ホスト名の設定に関する詳しい情報については、[HTTP RFC の Section 2.1](https://tools.ietf.org/html/rfc1123#section-2) を参照してください。 +{% data variables.enterprise.management_console %} のホスト名の設定は、適切な完全修飾ドメイン名 (FQDN) に設定して、インターネット上または内部ネットワーク内で解決できるようにしてください。 For example, your hostname setting could be `github.companyname.com.` Web and API requests will automatically redirect to the hostname configured in the {% data variables.enterprise.management_console %}. + +After you configure a hostname, you can enable subdomain isolation to further increase the security of {% data variables.product.product_location %}. 詳しい情報については"[Subdomain Isolationの有効化](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)"を参照してください。 + +For more information on the supported hostname types, see [Section 2.1 of the HTTP RFC](https://tools.ietf.org/html/rfc1123#section-2). {% data reusables.enterprise_installation.changing-hostname-not-supported %} @@ -29,4 +33,4 @@ topics: {% data reusables.enterprise_management_console.test-domain-settings-failure %} {% data reusables.enterprise_management_console.save-settings %} -ホスト名を設定したら、{% data variables.product.product_location %}のSubdomain Isolationを有効化することをお勧めします。 詳しい情報については"[Subdomain Isolationの有効化](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)"を参照してください。 +To help mitigate various cross-site scripting vulnerabilities, we recommend that you enable subdomain isolation for {% data variables.product.product_location %} after you configure a hostname. 詳しい情報については"[Subdomain Isolationの有効化](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)"を参照してください。 diff --git a/translations/ja-JP/content/admin/configuration/configuring-network-settings/network-ports.md b/translations/ja-JP/content/admin/configuration/configuring-network-settings/network-ports.md index e815c6b10f..ec8cf46782 100644 --- a/translations/ja-JP/content/admin/configuration/configuring-network-settings/network-ports.md +++ b/translations/ja-JP/content/admin/configuration/configuring-network-settings/network-ports.md @@ -1,5 +1,5 @@ --- -title: ネットワークポート +title: Network ports redirect_from: - /enterprise/admin/articles/configuring-firewalls - /enterprise/admin/articles/firewall @@ -8,7 +8,7 @@ redirect_from: - /enterprise/admin/installation/network-ports - /enterprise/admin/configuration/network-ports - /admin/configuration/network-ports -intro: オープンするネットワークポートは、管理者、エンドユーザ、メールサポートへ公開する必要があるネットワークサービスに応じて選択してください。 +intro: 'Open network ports selectively based on the network services you need to expose for administrators, end users, and email support.' versions: ghes: '*' type: reference @@ -18,37 +18,51 @@ topics: - Networking - Security --- +## Administrative ports -## 管理ポート +Some administrative ports are required to configure {% data variables.product.product_location %} and run certain features. Administrative ports are not required for basic application use by end users. -{% data variables.product.product_location %}を設定し、一部の機能を実行するためにはいくつかの管理ポートが必要です。 管理ポートは、エンドユーザが基本的なアプリケーションを利用するためには必要ありません。 +| Port | Service | Description | +|---|---|---| +| 8443 | HTTPS | Secure web-based {% data variables.enterprise.management_console %}. Required for basic installation and configuration. | +| 8080 | HTTP | Plain-text web-based {% data variables.enterprise.management_console %}. Not required unless TLS is disabled manually. | +| 122 | SSH | Shell access for {% data variables.product.product_location %}. Required to be open to incoming connections between all nodes in a high availability configuration. The default SSH port (22) is dedicated to Git and SSH application network traffic. | +| 1194/UDP | VPN | Secure replication network tunnel in high availability configuration. Required to be open for communication between all nodes in the configuration.| +| 123/UDP| NTP | Required for time protocol operation. | +| 161/UDP | SNMP | Required for network monitoring protocol operation. | -| ポート | サービス | 説明 | -| -------- | ----- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| 8443 | HTTPS | 安全な Web ベースの {% data variables.enterprise.management_console %}。 基本的なインストールと設定に必要です。 | -| 8080 | HTTP | プレーンテキストの Web ベースの {% data variables.enterprise.management_console %}。 SSL を手動で無効にしない限り必要ありません。 | -| 122 | SSH | {% data variables.product.product_location %} 用のシェルアクセス。 Required to be open to incoming connections between all nodes in a high availability configuration. デフォルトの SSHポート (22) は Git と SSH のアプリケーションネットワークトラフィック専用です。 | -| 1194/UDP | VPN | High Availability設定でのセキュアなレプリケーションネットワークトンネル。 Required to be open for communication between all nodes in the configuration. | -| 123/UDP | NTP | timeプロトコルの処理に必要。 | -| 161/UDP | SNMP | ネットワークモニタリングプロトコルの処理に必要。 | +## Application ports for end users -## エンドユーザーのためのアプリケーションポート +Application ports provide web application and Git access for end users. -アプリケーションのポートは、エンドユーザーにWebアプリケーションとGitへのアクセスを提供します。 - -| ポート | サービス | 説明 | -| ---- | ----- | ---------------------------------------------------------------------------------------------------------------------------------- | -| 443 | HTTPS | WebアプリケーションとGit over HTTPSのアクセス。 | -| 80 | HTTP | Web アプリケーションへのアクセス。 SSL が有効な場合にすべての要求は HTTPS ポートにリダイレクトされます。 | -| 22 | SSH | Git over SSH へのアクセス。 パブリックとプライベートリポジトリへの clone、fetch、push 操作をサポートします。 | -| 9418 | Git | Gitプロトコルのポート。暗号化されないネットワーク通信でのパブリックなリポジトリへのclone及びfetch操作をサポートする。 {% data reusables.enterprise_installation.when-9418-necessary %} +| Port | Service | Description | +|---|---|---| +| 443 | HTTPS | Access to the web application and Git over HTTPS. | +| 80 | HTTP | Access to the web application. All requests are redirected to the HTTPS port if TLS is configured. | +| 22 | SSH | Access to Git over SSH. Supports clone, fetch, and push operations to public and private repositories. | +| 9418 | Git | Git protocol port supports clone and fetch operations to public repositories with unencrypted network communication. {% data reusables.enterprise_installation.when-9418-necessary %} | {% data reusables.enterprise_installation.terminating-tls %} -## メールのポート +## Email ports -メールのポートは直接あるいはエンドユーザ用のインバウンドメールサポートのリレーを経由してアクセスできなければなりません。 +Email ports must be accessible directly or via relay for inbound email support for end users. -| ポート | サービス | 説明 | -| --- | ---- | -------------------------- | -| 25 | SMTP | 暗号化ありのSMTP(STARTTLS)のサポート。 | +| Port | Service | Description | +|---|---|---| +| 25 | SMTP | Support for SMTP with encryption (STARTTLS). | + +## {% data variables.product.prodname_actions %} ports + +{% data variables.product.prodname_actions %} ports must be accessible for self-hosted runners to connect to {% data variables.product.product_location %}. For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners#communication-between-self-hosted-runners-and-github-enterprise-server)." + +| Port | Service | Description | +|---|---|---| +| 443 | HTTPS | Self-hosted runners connect to {% data variables.product.product_location %} to receive job assignments and to download new versions of the runner application. Required if TLS is configured. +| 80 | HTTP | Self-hosted runners connect to {% data variables.product.product_location %} to receive job assignments and to download new versions of the runner application. Required if TLS is not configured. + +If you enable automatic access to {% data variables.product.prodname_dotcom_the_website %} actions, {% data variables.product.prodname_actions %} will always search for an action on {% data variables.product.product_location %} first, via these ports, before checking {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[Enabling automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect#about-resolution-for-actions-using-github-connect)." + +## Further reading + +- "[Configuring TLS](/admin/configuration/configuring-network-settings/configuring-tls)" diff --git a/translations/ja-JP/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md b/translations/ja-JP/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md index 61dcc87705..b3629a5653 100644 --- a/translations/ja-JP/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md +++ b/translations/ja-JP/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md @@ -23,6 +23,8 @@ shortTitle: About configuration {% endif %} {% ifversion ghae %} +To get started with {% data variables.product.product_name %}, you first need to deploy {% data variables.product.product_name %}. For more information, see "[Deploying {% data variables.product.product_name %}](/admin/configuration/configuring-your-enterprise/deploying-github-ae)." + The first time you access your enterprise, you will complete an initial configuration to get {% data variables.product.product_name %} ready to use. 初期設定には、Enterprise とアイデンティティプロバイダ (IdP) の接続、SAML SSO による認証、Enterprise 内のリポジトリと Organization のポリシーの設定、および送信メール用の SMTP の設定が含まれます。 詳しい情報については、「[{% data variables.product.prodname_ghe_managed %} を初期化する](/admin/configuration/initializing-github-ae)」を参照してください。 後で、サイトアドミンのダッシュボードと Enterprise 設定を使用して、さらに Enterprise の設定を行い、ユーザ、Organization、およびリポジトリを管理し、リスクを軽減して品質を向上させるポリシーを設定できます。 diff --git a/translations/ja-JP/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md b/translations/ja-JP/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md new file mode 100644 index 0000000000..fe40b671b9 --- /dev/null +++ b/translations/ja-JP/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md @@ -0,0 +1,66 @@ +--- +title: Deploying GitHub AE +intro: 'You can deploy {% data variables.product.product_name %} to an available Azure region.' +versions: + ghae: '*' +topics: + - Accounts + - Enterprise +type: how_to +shortTitle: Deploy GitHub AE +redirect_from: + - /get-started/signing-up-for-github/setting-up-a-trial-of-github-ae +--- + +## About deployment of {% data variables.product.product_name %} + +{% data reusables.github-ae.github-ae-enables-you %} 詳しい情報については、「[{% data variables.product.prodname_ghe_managed %} について](/admin/overview/about-github-ae)」を参照してください。 + +After you purchase or start a trial of {% data variables.product.product_name %}, you can deploy {% data variables.product.product_name %} to an available Azure region. This guide refers to the Azure resource that contains the deployment of {% data variables.product.product_name %} as the {% data variables.product.product_name %} account. You'll use the Azure portal at [https://portal.azure.com](https://portal.azure.com) to deploy the {% data variables.product.product_name %} account. + +## 必要な環境 + +- Before you can deploy {% data variables.product.product_name %}, you must request access from your {% data variables.product.company_short %} account team. {% data variables.product.company_short %} will enable deployment of {% data variables.product.product_name %} for your Azure subscription. If you haven't already purchased {% data variables.product.product_name %}, you can contact {% data variables.contact.contact_enterprise_sales %} to check your eligibility for a trial. + +- You must have permission to perform the `/register/action` operation for the resource provider in Azure. The permission is included in the `Contributor` and `Owner` roles. For more information, see [Azure resource providers and types](https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/resource-providers-and-types#register-resource-provider) in the Microsoft documentation. + +## Deploying {% data variables.product.product_name %} with the {% data variables.actions.azure_portal %} + +The {% data variables.actions.azure_portal %} allows you to deploy the {% data variables.product.product_name %} account in your Azure resource group. + +1. Click one of the following two links to begin deployment of {% data variables.product.product_name %}. The link you should click depends on the Azure cloud where you plan to deploy {% data variables.product.product_name %}. For more information about Azure Government, see [What is Azure Government?](https://docs.microsoft.com/en-us/azure/azure-government/documentation-government-welcome) in the Microsoft documentation. + + - [Deploy {% data variables.product.product_name %} to Azure Commercial](https://aka.ms/create-github-ae-instance) + - [Deploy {% data variables.product.product_name %} to Azure Government](https://aka.ms/create-github-ae-instance-gov) +1. To begin the process of adding a new {% data variables.product.product_name %} account, click **Create GitHub AE account**. +1. Complete the "Project details" and "Instance details" fields. ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-form.png) + - **Account name:** The hostname for your enterprise + - **Administrator username:** A username for the initial enterprise owner that will be created in {% data variables.product.product_name %} + - **Administrator email:** The email address that will receive the login information +1. To review a summary of the proposed changes, click **Review + create**. +1. After the validation process has completed, click **Create**. + +The email address you entered above will receive instructions on how to access your enterprise. After you have access, you can get started by following the initial setup steps. 詳しい情報については、「[{% data variables.product.product_name %} を初期化する](/admin/configuration/initializing-github-ae)」を参照してください。 + +{% note %} + +**Note:** Software updates for your {% data variables.product.product_name %} deployment are performed by {% data variables.product.prodname_dotcom %}. For more information, see "[About upgrades to new releases](/admin/overview/about-upgrades-to-new-releases)." + +{% endnote %} + +## Navigating to your enterprise + +You can use the {% data variables.actions.azure_portal %} to navigate to your {% data variables.product.product_name %} deployment. The resulting list includes all the {% data variables.product.product_name %} deployments in your Azure region. + +1. On the {% data variables.actions.azure_portal %}, in the left panel, click **All resources**. +1. From the available filters, click **All types**, then deselect **Select all** and select **GitHub AE**: ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-type-filter.png) + +## 次のステップ + +- Once your deployment has been provisioned, the next step is to initialize {% data variables.product.product_name %}. 詳しい情報については、「[{% data variables.product.product_name %} を初期化する](/github-ae@latest/admin/configuration/configuring-your-enterprise/initializing-github-ae)」を参照してください。 +- If you're trying {% data variables.product.product_name %}, you can upgrade to a full license at any time during the trial period by contacting contact {% data variables.contact.contact_enterprise_sales %}. If you haven't upgraded by the last day of your trial, then the deployment is automatically deleted. {% data variables.product.product_name %} を評価するための時間がさらに必要な場合は、{% data variables.contact.contact_enterprise_sales %} に連絡して延長をリクエストしてください。 + +## 参考リンク + +- "[Enabling {% data variables.product.prodname_advanced_security %} features on {% data variables.product.product_name %}](/github/getting-started-with-github/about-github-advanced-security#enabling-advanced-security-features-on-github-ae)" +- "[{% data variables.product.product_name %} release notes](/github-ae@latest/admin/overview/github-ae-release-notes)" diff --git a/translations/ja-JP/content/admin/configuration/configuring-your-enterprise/index.md b/translations/ja-JP/content/admin/configuration/configuring-your-enterprise/index.md index 19b7f0d00c..b8699d8deb 100644 --- a/translations/ja-JP/content/admin/configuration/configuring-your-enterprise/index.md +++ b/translations/ja-JP/content/admin/configuration/configuring-your-enterprise/index.md @@ -16,6 +16,7 @@ topics: - Enterprise children: - /about-enterprise-configuration + - /deploying-github-ae - /initializing-github-ae - /accessing-the-management-console - /accessing-the-administrative-shell-ssh diff --git a/translations/ja-JP/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md b/translations/ja-JP/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md index 0e5fbe4540..e773ad9a19 100644 --- a/translations/ja-JP/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md +++ b/translations/ja-JP/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md @@ -19,25 +19,32 @@ shortTitle: Initiate failover to appliance {% data reusables.enterprise_installation.promoting-a-replica %} -1. アプライアンスを切り替える前にレプリケーションを終了できるようにするには、プライマリアプライアンスをメンテナンスモードにします。 - - Management Console を使用するには、「[メンテナンスモードの有効化とスケジュール設定](/enterprise/admin/guides/installation/enabling-and-scheduling-maintenance-mode/)」を参照してください。 - - `ghe-maintenance -s` コマンドも使用できます。 +1. If the primary appliance is available, to allow replication to finish before you switch appliances, on the primary appliance, put the primary appliance into maintenance mode. + + - Put the appliance into maintenance mode. + + - Management Console を使用するには、「[メンテナンスモードの有効化とスケジュール設定](/enterprise/admin/guides/installation/enabling-and-scheduling-maintenance-mode/)」を参照してください。 + + - `ghe-maintenance -s` コマンドも使用できます。 + ```shell + $ ghe-maintenance -s + ``` + + - When the number of active Git operations, MySQL queries, and Resque jobs reaches zero, wait 30 seconds. + + {% note %} + + **Note:** Nomad will always have jobs running, even in maintenance mode, so you can safely ignore these jobs. + + {% endnote %} + + - すべてのレプリケーションチャネルが `OK` を報告することを確認するには、`ghe-repl-status -vv` コマンドを使用します。 + ```shell - $ ghe-maintenance -s + $ ghe-repl-status -vv ``` -2. When the number of active Git operations, MySQL queries, and Resque jobs reaches zero, wait 30 seconds. - {% note %} - - **Note:** Nomad will always have jobs running, even in maintenance mode, so you can safely ignore these jobs. - - {% endnote %} - -3. すべてのレプリケーションチャネルが `OK` を報告することを確認するには、`ghe-repl-status -vv` コマンドを使用します。 - ```shell - $ ghe-repl-status -vv - ``` -4. レプリケーションを停止してレプリカアプライアンスをプライマリステータスに昇格するには、`ghe-repl-encourage` コマンドを使用します。 到達可能であれば、これによりプライマリノードも自動的にメンテナンスノードになります。 +4. On the replica appliance, to stop replication and promote the replica appliance to primary status, use the `ghe-repl-promote` command. 到達可能であれば、これによりプライマリノードも自動的にメンテナンスノードになります。 ```shell $ ghe-repl-promote ``` diff --git a/translations/ja-JP/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md b/translations/ja-JP/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md index b07878188c..b0313604d2 100644 --- a/translations/ja-JP/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md +++ b/translations/ja-JP/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md @@ -33,7 +33,7 @@ topics: {% data variables.product.prodname_actions %} helps your team work faster at scale. When large repositories start using {% data variables.product.prodname_actions %}, teams merge significantly more pull requests per day, and the pull requests are merged significantly faster. For more information, see "[Writing and shipping code faster](https://octoverse.github.com/writing-code-faster/#scale-through-automation)" in the State of the Octoverse. -You can create your own unique automations, or you can use and adapt workflows from our ecosystem of over 10,000 actions built by industry leaders and the open source community. For more information, see "[Finding and customizing actions](/actions/learn-github-actions/finding-and-customizing-actions)." +You can create your own unique automations, or you can use and adapt workflows from our ecosystem of over 10,000 actions built by industry leaders and the open source community. {% ifversion ghec %}For more information, see "[Finding and customizing actions](/actions/learn-github-actions/finding-and-customizing-actions)."{% else %}You can restrict your developers to using actions that exist on {% data variables.product.product_location %}, or you can allow your developers to access actions on {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[About using actions in your enterprise](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise)."{% endif %} {% data variables.product.prodname_actions %} is developer friendly, because it's integrated directly into the familiar {% data variables.product.product_name %} experience. diff --git a/translations/ja-JP/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md b/translations/ja-JP/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md index 0574bc0877..b507720da4 100644 --- a/translations/ja-JP/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md +++ b/translations/ja-JP/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md @@ -13,7 +13,7 @@ type: overview topics: - Actions - Enterprise -shortTitle: Add actions in your enterprise +shortTitle: About actions in your enterprise --- {% data reusables.actions.enterprise-beta %} @@ -23,13 +23,24 @@ shortTitle: Add actions in your enterprise {% data variables.product.prodname_actions %} workflows can use _actions_, which are individual tasks that you can combine to create jobs and customize your workflow. You can create your own actions, or use and customize actions shared by the {% data variables.product.prodname_dotcom %} community. -{% data reusables.actions.enterprise-no-internet-actions %} +{% data reusables.actions.enterprise-no-internet-actions %} You can restrict your developers to using actions that are stored on {% data variables.product.product_location %}, which includes most official {% data variables.product.company_short %}-authored actions, as well as any actions your developers create. Alternatively, to allow your developers to benefit from the full ecosystem of actions built by industry leaders and the open source community, you can configure access to other actions from {% data variables.product.prodname_dotcom_the_website %}. + +We recommend allowing automatic access to all actions from {% data variables.product.prodname_dotcom_the_website %}. {% ifversion ghes %}However, this does require {% data variables.product.product_name %} to make outbound connections to {% data variables.product.prodname_dotcom_the_website %}. If you don't want to allow these connections, or{% else %}If{% endif %} you want to have greater control over which actions are used on your enterprise, you can manually sync specific actions from {% data variables.product.prodname_dotcom_the_website %}. ## Official actions bundled with your enterprise instance {% data reusables.actions.actions-bundled-with-ghes %} -The bundled official actions include `actions/checkout`, `actions/upload-artifact`, `actions/download-artifact`, `actions/labeler`, and various `actions/setup-` actions, among others. To see all the official actions included on your enterprise instance, browse to the `actions` organization on your instance: https://HOSTNAME/actions. +The bundled official actions include the following, among others. +- `actions/checkout` +- `actions/upload-artifact` +- `actions/download-artifact` +- `actions/labeler` +- Various `actions/setup-` actions + +To see all the official actions included on your enterprise instance, browse to the `actions` organization on your instance: https://HOSTNAME/actions. + +There is no connection required between {% data variables.product.product_location %} and {% data variables.product.prodname_dotcom_the_website %} to use these actions. Each action is a repository in the `actions` organization, and each action repository includes the necessary tags, branches, and commit SHAs that your workflows can use to reference the action. For information on how to update the bundled official actions, see "[Using the latest version of the official bundled actions](/admin/github-actions/using-the-latest-version-of-the-official-bundled-actions)." @@ -43,14 +54,21 @@ Each action is a repository in the `actions` organization, and each action repos ## Configuring access to actions on {% data variables.product.prodname_dotcom_the_website %} -{% ifversion ghes %} -Before you can configure access to actions on {% data variables.product.prodname_dotcom_the_website %}, you must configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." -{% endif %} - {% data reusables.actions.access-actions-on-dotcom %} The recommended approach is to enable automatic access to all actions from {% data variables.product.prodname_dotcom_the_website %}. You can do this by using {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. For more information, see "[Enabling automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/enterprise/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect)". +{% ifversion ghes %} +{% note %} + +**Note:** Before you can configure access to actions on {% data variables.product.prodname_dotcom_the_website %}, you must configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." + + +{% endnote %} +{% endif %} + +{% data reusables.actions.self-hosted-runner-networking-to-dotcom %} + {% data reusables.actions.enterprise-limit-actions-use %} -Alternatively, if you want stricter control over which actions are allowed in your enterprise, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. For more information, see "[Manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)." +Alternatively, if you want stricter control over which actions are allowed in your enterprise, or you do not want to allow outbound connections to {% data variables.product.prodname_dotcom_the_website %}, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. For more information, see "[Manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)." diff --git a/translations/ja-JP/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md b/translations/ja-JP/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md index 3dc27dc3ff..f539aeca8d 100644 --- a/translations/ja-JP/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md +++ b/translations/ja-JP/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md @@ -21,11 +21,18 @@ shortTitle: Use GitHub Connect for actions ## About automatic access to {% data variables.product.prodname_dotcom_the_website %} actions -By default, {% data variables.product.prodname_actions %} workflows on {% data variables.product.product_name %} cannot use actions directly from {% data variables.product.prodname_dotcom_the_website %} or [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions). +By default, {% data variables.product.prodname_actions %} workflows on {% data variables.product.product_name %} cannot use actions directly from {% data variables.product.prodname_dotcom_the_website %} or [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions). To make all actions from {% data variables.product.prodname_dotcom_the_website %} available on your enterprise instance, you can use {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. -To make all actions from {% data variables.product.prodname_dotcom_the_website %} available on your enterprise instance, you can use {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. For other ways of accessing actions from {% data variables.product.prodname_dotcom_the_website %}, see "[About using actions in your enterprise](/admin/github-actions/about-using-actions-in-your-enterprise)." +{% data reusables.actions.self-hosted-runner-networking-to-dotcom %} -To use actions from {% data variables.product.prodname_dotcom_the_website %}, your self-hosted runners must be able to download public actions from `api.github.com`. +Alternatively, if you want stricter control over which actions are allowed in your enterprise, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. For more information, see "[Manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)." + +## About resolution for actions using {% data variables.product.prodname_github_connect %} + +{% data reusables.actions.github-connect-resolution %} + +If a user has already created an organization and repository in your enterprise that matches an organization and repository name on {% data variables.product.prodname_dotcom_the_website %}, the repository on your enterprise will be used instead of the {% data variables.product.prodname_dotcom_the_website %} repository. {% ifversion ghes < 3.3 or ghae %}A malicious user could take advantage of this behavior to run code as part of a workflow{% else %}For more information, see "[Automatic retirement of namespaces for actions accessed on {% data variables.product.prodname_dotcom_the_website%}](#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom)." +{% endif %} ## Enabling automatic access to all {% data variables.product.prodname_dotcom_the_website %} actions @@ -33,8 +40,6 @@ Before enabling access to all actions from {% data variables.product.prodname_do - Configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." - Enable{% else %} enable{% endif %} {% data variables.product.prodname_github_connect %}. For more information, see "[Managing {% data variables.product.prodname_github_connect %}](/admin/configuration/configuring-github-connect/managing-github-connect)." -{% data reusables.actions.enterprise-github-connect-warning %} - {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.github-connect-tab %} 1. Under "Users can utilize actions from GitHub.com in workflow runs", use the drop-down menu and select **Enabled**. diff --git a/translations/ja-JP/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md b/translations/ja-JP/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md index e0a8fdeac8..cfdc040d6a 100644 --- a/translations/ja-JP/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md +++ b/translations/ja-JP/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md @@ -54,7 +54,7 @@ If your IdP supports encrypted assertions, you can configure encrypted assertion {% note %} -**注釈**: ユーザの `NameID` が IdP で変更された場合、ユーザが {% data variables.product.prodname_ghe_server %} インスタンスにサインインしようとすると、エラーメッセージが表示されます。 {% ifversion ghes %}To restore the user's access, you'll need to update the user account's `NameID` mapping. 詳しい情報については、「[ユーザの SAML `NameID` を更新する](#updating-a-users-saml-nameid)」を参照してください。{% else %} 詳しい情報については、「[エラー: '別のユーザーがすでにアカウントを所有しています'](#error-another-user-already-owns-the-account)」を参照してください。{% endif %} +**Note**: If the `NameID` for a user does change on the IdP, the user will see an error message when they try to sign into {% data variables.product.product_location %}. To restore the user's access, you'll need to update the user account's `NameID` mapping. For more information, see "[Updating a user's SAML `NameID`](#updating-a-users-saml-nameid)." {% endnote %} @@ -96,6 +96,14 @@ To specify more than one value for an attribute, use multiple ` 3.3 %} +1. Optionally, to allow {% data variables.product.product_location %} to receive encrypted assertions from your SAML IdP, select **Require encrypted assertions**. You must ensure that your IdP supports encrypted assertions and that the encryption and key transport methods in the management console match the values configured on your IdP. You must also provide {% data variables.product.product_location %}'s public certificate to your IdP. For more information, see "[Enabling encrypted assertions](#enabling-encrypted-assertions)." ![Screenshot of "Enable encrypted assertions" checkbox within management console's "Authentication" section](/assets/images/help/saml/management-console-enable-encrypted-assertions.png) - - {% warning %} - - **Warning**: Incorrectly configuring encrypted assertions can cause all authentication to {% data variables.product.product_location %} to fail. - - - You must ensure that your IdP supports encrypted assertions and that the encryption and key transport methods in the management console match the values configured on your IdP. You must also provide {% data variables.product.product_location %}'s public certificate to your IdP. For more information, see "[Enabling encrypted assertions](#enabling-encrypted-assertions)." - - - Before enabling encrypted assertions, {% data variables.product.company_short %} recommends testing encrypted assertions in a staging environment, and confirming that SAML authentication functions as you expect. 詳しい情報については "[ステージングインスタンスのセットアップ](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)"を参照してください。 - - {% endwarning %} +{%- endif %} 1. In the **Single sign-on URL** field, type the HTTP or HTTPS endpoint on your IdP for single sign-on requests. この値はIdpの設定によって決まります。 If the host is only available from your internal network, you may need to [configure {% data variables.product.product_location %} to use internal nameservers](/enterprise/{{ currentVersion }}/admin/guides/installation/configuring-dns-nameservers/). ![Screenshot of text field for single sign-on URL](/assets/images/enterprise/management-console/saml-single-sign-url.png) @@ -153,37 +153,38 @@ To specify more than one value for an attribute, use multiple ` 別のユーザが既にアカウントを所有しています。 管理者に認証ログを確認するようご依頼ください。 -このメッセージは通常、その人のユーザ名またはメールアドレスが IdP で変更されたということを示します。 {% ifversion ghes %}Ensure that the `NameID` mapping for the user account on {% data variables.product.prodname_ghe_server %} matches the user's `NameID` on your IdP. 詳しい情報については、「[ユーザの SAML `NameID` の更新](#updating-a-users-saml-nameid)」を参照してください。{% else %} `NameID` マッピングの更新については、{% data variables.contact.contact_ent_support %} にお問い合わせください。{% endif %} +このメッセージは通常、その人のユーザ名またはメールアドレスが IdP で変更されたということを示します。 Ensure that the `NameID` mapping for the user account on {% data variables.product.prodname_ghe_server %} matches the user's `NameID` on your IdP. For more information, see "[Updating a user's SAML `NameID`](#updating-a-users-saml-nameid)." ### SAMLレスポンスが署名されていなかった場合、あるいは署名が内容とマッチしなかった場合、authログに以下のエラーメッセージが残されます。 -If the `Recipient` does not match the ACS URL for your {% data variables.product.prodname_ghe_server %} instance, one of the following two error messages will appear in the authentication log when a user attempts to authenticate. +If the `Recipient` does not match the ACS URL for {% data variables.product.product_location %}, one of the following two error messages will appear in the authentication log when a user attempts to authenticate. ``` Recipient in the SAML response must not be blank. @@ -254,7 +255,7 @@ Recipient in the SAML response must not be blank. Recipient in the SAML response was not valid. ``` -IdP の `Recipient` の値を、{% data variables.product.prodname_ghe_server %} インスタンスの完全な ACS URL に設定してください。 For example, `https://ghe.corp.example.com/saml/consume`. +Ensure that you set the value for `Recipient` on your IdP to the full ACS URL for {% data variables.product.product_location %}. For example, `https://ghe.corp.example.com/saml/consume`. ### エラー:「SAML レスポンスが署名されていないか、変更されています」 @@ -274,4 +275,40 @@ IdP のレスポンスに `Audience` の値がないか、または正しくな Audience is invalid. Audience attribute does not match https://YOUR-INSTANCE-URL ``` -IdP の `Audience` の値を、{% data variables.product.prodname_ghe_server %} インスタンスの `EntityId` に設定してください。これは、{% data variables.product.prodname_ghe_server %} インスタンスへの完全な URL です。 For example, `https://ghe.corp.example.com`. +Ensure that you set the value for `Audience` on your IdP to the `EntityId` for {% data variables.product.product_location %}, which is the full URL to {% data variables.product.product_location %}. For example, `https://ghe.corp.example.com`. + +### Configuring SAML debugging + +You can configure {% data variables.product.product_name %} to write verbose debug logs to _/var/log/github/auth.log_ for every SAML authentication attempt. You may be able to troubleshoot failed authentication attempts with this extra output. + +{% warning %} + +**警告**: + +- Only enable SAML debugging temporarily, and disable debugging immediately after you finish troubleshooting. If you leave debugging enabled, the size of your log may increase much faster than usual, which can negatively impact the performance of {% data variables.product.product_name %}. +- Test new authentication settings for {% data variables.product.product_location %} in a staging environment before you apply the settings in your production environment. 詳しい情報については "[ステージングインスタンスのセットアップ](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)"を参照してください。 + +{% endwarning %} + +{% data reusables.enterprise-accounts.access-enterprise %} +{% data reusables.enterprise-accounts.policies-tab %} +{% data reusables.enterprise-accounts.options-tab %} +1. Under "SAML debugging", select the drop-down and click **Enabled**. + + ![Screenshot of drop-down to enable SAML debugging](/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-enabled.png) + +1. Attempt to sign into {% data variables.product.product_location %} through your SAML IdP. + +1. Review the debug output in _/var/log/github/auth.log_ on {% data variables.product.product_location %}. + +1. When you're done troubleshooting, select the drop-down and click **Disabled**. + + ![Screenshot of drop-down to disable SAML debugging](/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-disabled.png) + +### Decoding responses in _auth.log_ + +Some output in _auth.log_ may be Base64-encoded. You can access the administrative shell and use the `base64` utility on {% data variables.product.product_location %} to decode these responses. For more information, see "[Accessing the administrative shell (SSH)](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh)." + +```shell +$ base64 --decode ENCODED OUTPUT +``` diff --git a/translations/ja-JP/content/admin/index.md b/translations/ja-JP/content/admin/index.md index d45da0275e..0779c3cbb1 100644 --- a/translations/ja-JP/content/admin/index.md +++ b/translations/ja-JP/content/admin/index.md @@ -96,7 +96,7 @@ featuredLinks: - '{% ifversion ghae %}/admin/identity-and-access-management/configuring-authentication-and-provisioning-for-your-enterprise-using-azure-ad{% endif %}' - '{% ifversion ghae %}/billing/managing-billing-for-your-github-account/about-billing-for-your-enterprise{% endif %}' - '{% ifversion ghae %}/admin/overview/about-upgrades-to-new-releases{% endif %}' - - '{% ifversion ghae %}/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae{% endif %}' + - '{% ifversion ghae %}/admin/configuration/configuring-your-enterprise/deploying-github-ae{% endif %}' - '{% ifversion ghes %}/billing/managing-your-license-for-github-enterprise{% endif %}' - '{% ifversion ghes %}/admin/configuration/command-line-utilities{% endif %}' - '{% ifversion ghec %}/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise{% endif %}' diff --git a/translations/ja-JP/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md b/translations/ja-JP/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md index 7200ff6386..8ac17e95e2 100644 --- a/translations/ja-JP/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md +++ b/translations/ja-JP/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md @@ -25,7 +25,7 @@ topics: 移行においては、すべての事項についてリポジトリが中心になります。 リポジトリに関係するほとんどのデータは移行できます。 たとえば Organization 内のリポジトリは、リポジトリ*および*その Organization、またそのリポジトリに関連付けられているユーザ、Team、Issue、プルリクエストのすべてを移行します。 -以下の表の項目はレポジトリと共に移行できます。 このデータの移行リストに記載されていない項目はどれも移行できません。 +以下の表の項目はレポジトリと共に移行できます。 Any items not shown in the list of migrated data can not be migrated, including {% data variables.large_files.product_name_short %} assets. {% data reusables.enterprise_migrations.fork-persistence %} diff --git a/translations/ja-JP/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md b/translations/ja-JP/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md index bbdaa9119f..4a430ae839 100644 --- a/translations/ja-JP/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md +++ b/translations/ja-JP/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md @@ -25,7 +25,7 @@ shortTitle: Check for existing SSH key # .ssh ディレクトリ内のファイルを一覧表示する(存在する場合) ``` -3. ディレクトリの一覧から、公開 SSH キーをすでに持っているか確認します。 By default, the {% ifversion ghae %}filename of a supported public key for {% data variables.product.product_name %} is *id_rsa.pub*.{% elsif fpt or ghes %}filenames of supported public keys for {% data variables.product.product_name %} are one of the following. +3. ディレクトリの一覧から、公開 SSH キーをすでに持っているか確認します。 By default, the {% ifversion ghae %}filename of a supported public key for {% data variables.product.product_name %} is *id_rsa.pub*.{% else %}filenames of supported public keys for {% data variables.product.product_name %} are one of the following. - *id_rsa.pub* - *id_ecdsa.pub* - *id_ed25519.pub*{% endif %} diff --git a/translations/ja-JP/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md b/translations/ja-JP/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md index 63f5d635b5..41a7b979d7 100644 --- a/translations/ja-JP/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md +++ b/translations/ja-JP/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md @@ -37,7 +37,7 @@ SSH 接続をテストする前に、次のことを済ませておく必要が > Are you sure you want to continue connecting (yes/no)? ``` -3. 表示されるメッセージのフィンガープリントが {% ifversion fpt or ghec %}[{% data variables.product.prodname_dotcom %} の RSA パブリックキーのフィンガープリント](/github/authenticating-to-github/githubs-ssh-key-fingerprints){% else %} Enterprise のパブリックキーのフィンガープリント{% endif %} に一致するかどうかを確認します。 一致する場合は、`yes` と入力します。 +3. Verify that the fingerprint in the message you see matches {% ifversion fpt or ghec %}[{% data variables.product.prodname_dotcom %}'s public key fingerprint](/github/authenticating-to-github/githubs-ssh-key-fingerprints){% else %} your enterprise's public key fingerprint{% endif %}. 一致する場合は、`yes` と入力します。 ```shell > Hi username! You've successfully authenticated, but GitHub does not > provide shell access. diff --git a/translations/ja-JP/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md b/translations/ja-JP/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md index e27c854f3e..dfa64c1eb1 100644 --- a/translations/ja-JP/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md +++ b/translations/ja-JP/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md @@ -33,7 +33,7 @@ $ ssh -T -p 443 git@ssh.github.com If you are able to SSH into `git@ssh.{% data variables.command_line.backticks %}` over port 443, you can override your SSH settings to force any connection to {% data variables.product.product_location %} to run through that server and port. -To set this in your SSH confifguration file, edit the file at `~/.ssh/config`, and add this section: +To set this in your SSH configuration file, edit the file at `~/.ssh/config`, and add this section: ``` Host {% data variables.command_line.codeblock %} diff --git a/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md b/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md index 3d628cfa43..60fc384867 100644 --- a/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md +++ b/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md @@ -27,7 +27,15 @@ By default, {% data variables.product.prodname_code_scanning %} analyzes your co Each alert highlights a problem with the code and the name of the tool that identified it. You can see the line of code that triggered the alert, as well as properties of the alert, such as the alert severity{% ifversion fpt or ghes > 3.1 or ghae or ghec %}, security severity,{% endif %} and the nature of the problem. Alerts also tell you when the issue was first introduced. For alerts identified by {% data variables.product.prodname_codeql %} analysis, you will also see information on how to fix the problem. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.alert-default-branch %} +{% endif %} + +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Example alert from {% data variables.product.prodname_code_scanning %}](/assets/images/help/repository/code-scanning-alert.png) +{% else %} +![Example alert from {% data variables.product.prodname_code_scanning %}](/assets/images/enterprise/3.4/repository/code-scanning-alert.png) +{% endif %} If you set up {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %}, you can also find data-flow problems in your code. Data-flow analysis finds potential security issues in code, such as: using data insecurely, passing dangerous arguments to functions, and leaking sensitive information. diff --git a/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md b/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md index d6ae1c8097..c8f214deae 100644 --- a/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md +++ b/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md @@ -46,9 +46,16 @@ By default, the code scanning alerts page is filtered to show alerts for the def {% else %} ![List of alerts from {% data variables.product.prodname_code_scanning %}](/assets/images/enterprise/3.1/help/repository/code-scanning-click-alert.png) {% endif %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} + {% data reusables.code-scanning.alert-default-branch %} + ![The "Affected branches" section in an alert](/assets/images/help/repository/code-scanning-affected-branches.png){% endif %} 1. Optionally, if the alert highlights a problem with data flow, click **Show paths** to display the path from the data source to the sink where it's used. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![The "Show paths" link on an alert](/assets/images/help/repository/code-scanning-show-paths.png) -1. Alerts from {% data variables.product.prodname_codeql %} analysis include a description of the problem. Click **Show more** for guidance on how to fix your code. + {% else %} + ![The "Show paths" link on an alert](/assets/images/enterprise/3.4/repository/code-scanning-show-paths.png) + {% endif %} +2. Alerts from {% data variables.product.prodname_codeql %} analysis include a description of the problem. Click **Show more** for guidance on how to fix your code. ![Details for an alert](/assets/images/help/repository/code-scanning-alert-details.png) For more information, see "[About {% data variables.product.prodname_code_scanning %} alerts](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts)." @@ -80,6 +87,10 @@ The benefit of using keyword filters is that only values with results are shown If you enter multiple filters, the view will show alerts matching _all_ these filters. For example, `is:closed severity:high branch:main` will only display closed high-severity alerts that are present on the `main` branch. The exception is filters relating to refs (`ref`, `branch` and `pr`): `is:open branch:main branch:next` will show you open alerts from both the `main` branch and the `next` branch. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.filter-non-default-branches %} +{% endif %} + {% ifversion fpt or ghes > 3.3 or ghec %} You can prefix the `tag` filter with `-` to exclude results with that tag. For example, `-tag:style` only shows alerts that do not have the `style` tag{% if codeql-ml-queries %} and `-tag:experimental` will omit all experimental alerts. For more information, see "[About {% data variables.product.prodname_code_scanning %} alerts](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts#about-experimental-alerts)."{% else %}.{% endif %} @@ -96,10 +107,12 @@ You can use the "Only alerts in application code" filter or `autofilter:true` ke You can search the list of alerts. This is useful if there is a large number of alerts in your repository, or if you don't know the exact name for an alert for example. {% data variables.product.product_name %} performs the free text search across: - The name of the alert -- The alert description - The alert details (this also includes the information hidden from view by default in the **Show more** collapsible section) - + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![The alert information used in searches](/assets/images/help/repository/code-scanning-free-text-search-areas.png) + {% else %} + ![The alert information used in searches](/assets/images/enterprise/3.4/repository/code-scanning-free-text-search-areas.png) + {% endif %} | Supported search | Syntax example | Results | | ---- | ---- | ---- | @@ -113,7 +126,7 @@ You can search the list of alerts. This is useful if there is a large number of **Tips:** - The multiple word search is equivalent to an OR search. -- The AND search will return results where the search terms are found _anywhere_, in any order in the alert name, description, or details. +- The AND search will return results where the search terms are found _anywhere_, in any order in the alert name or details. {% endtip %} @@ -143,7 +156,7 @@ If you have write permission for a repository, you can view fixed alerts by view You can use{% ifversion fpt or ghes > 3.1 or ghae or ghec %} the free text search or{% endif %} the filters to display a subset of alerts and then in turn mark all matching alerts as closed. -Alerts may be fixed in one branch but not in another. You can use the "Branch" drop-down menu, on the summary of alerts, to check whether an alert is fixed in a particular branch. +Alerts may be fixed in one branch but not in another. You can use the "Branch" filter, on the summary of alerts, to check whether an alert is fixed in a particular branch. {% ifversion fpt or ghes > 3.1 or ghae or ghec %} ![Filtering alerts by branch](/assets/images/help/repository/code-scanning-branch-filter.png) @@ -151,6 +164,9 @@ Alerts may be fixed in one branch but not in another. You can use the "Branch" d ![Filtering alerts by branch](/assets/images/enterprise/3.1/help/repository/code-scanning-branch-filter.png) {% endif %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.filter-non-default-branches %} +{% endif %} ## Dismissing or deleting alerts There are two ways of closing an alert. You can fix the problem in the code, or you can dismiss the alert. Alternatively, if you have admin permissions for the repository, you can delete alerts. Deleting alerts is useful in situations where you have set up a {% data variables.product.prodname_code_scanning %} tool and then decided to remove it, or where you have configured {% data variables.product.prodname_codeql %} analysis with a larger set of queries than you want to continue using, and you've then removed some queries from the tool. In both cases, deleting alerts allows you to clean up your {% data variables.product.prodname_code_scanning %} results. You can delete alerts from the summary list within the **Security** tab. diff --git a/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md b/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md index ef4ffcfa65..4c4bcf7cd9 100644 --- a/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md +++ b/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md @@ -39,7 +39,11 @@ You can use more than one issue to track the same {% data variables.product.prod - A "tracked in" section will also show in the corresponding alert page. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Tracked in section on code scanning alert page](/assets/images/help/repository/code-scanning-alert-tracked-in-pill.png) + {% else %} + ![Tracked in section on code scanning alert page](/assets/images/enterprise/3.4/repository/code-scanning-alert-tracked-in-pill.png) + {% endif %} - On the tracking issue, {% data variables.product.prodname_dotcom %} displays a security badge icon in the task list and on the hovercard. @@ -64,7 +68,12 @@ The status of the tracked alert won't change if you change the checkbox state of {% data reusables.code-scanning.explore-alert %} 1. Optionally, to find the alert to track, you can use the free-text search or the drop-down menus to filter and locate the alert. 詳しい情報については、「[リポジトリの Code scanningアラートを管理する](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#filtering-code-scanning-alerts)」を参照してください。 {% endif %} -1. Towards the top of the page, on the right side, click **Create issue**. ![Create a tracking issue for the code scanning alert](/assets/images/help/repository/code-scanning-create-issue-for-alert.png) +1. Towards the top of the page, on the right side, click **Create issue**. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} + ![Create a tracking issue for the code scanning alert](/assets/images/help/repository/code-scanning-create-issue-for-alert.png) + {% else %} + ![Create a tracking issue for the code scanning alert](/assets/images/enterprise/3.4/repository/code-scanning-create-issue-for-alert.png) + {% endif %} {% data variables.product.prodname_dotcom %} automatically creates an issue to track the alert and adds the alert as a task list item. {% data variables.product.prodname_dotcom %} prepopulates the issue: - The title contains the name of the {% data variables.product.prodname_code_scanning %} alert. diff --git a/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md b/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md index 66ae7d484f..29eaaa3ea7 100644 --- a/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md +++ b/translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md @@ -74,10 +74,17 @@ If you have write permission for the repository, some annotations contain links To see more information about an alert, users with write permission can click the **Show more details** link shown in the annotation. This allows you to see all of the context and metadata provided by the tool in an alert view. In the example below, you can see tags showing the severity, type, and relevant common weakness enumerations (CWEs) for the problem. The view also shows which commit introduced the problem. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.alert-default-branch %} +{% endif %} + In the detailed view for an alert, some {% data variables.product.prodname_code_scanning %} tools, like {% data variables.product.prodname_codeql %} analysis, also include a description of the problem and a **Show more** link for guidance on how to fix your code. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Alert description and link to show more information](/assets/images/help/repository/code-scanning-pr-alert.png) - +{% else %} +![Alert description and link to show more information](/assets/images/enterprise/3.4/repository/code-scanning-pr-alert.png) +{% endif %} ## Fixing an alert on your pull request Anyone with push access to a pull request can fix a {% data variables.product.prodname_code_scanning %} alert that's identified on that pull request. If you commit changes to the pull request this triggers a new run of the pull request checks. If your changes fix the problem, the alert is closed and the annotation removed. diff --git a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md b/translations/ja-JP/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md similarity index 94% rename from translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md rename to translations/ja-JP/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md index 52b0aa9c64..da996b60cc 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md @@ -1,11 +1,12 @@ --- -title: About alerts for vulnerable dependencies +title: About Dependabot alerts intro: '{% data variables.product.product_name %} sends {% data variables.product.prodname_dependabot_alerts %} when we detect vulnerabilities affecting your repository.' redirect_from: - /articles/about-security-alerts-for-vulnerable-dependencies - /github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies - /github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies - /code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies versions: fpt: '*' ghes: '*' @@ -81,7 +82,7 @@ For repositories where {% data variables.product.prodname_dependabot_security_up ## Access to {% data variables.product.prodname_dependabot_alerts %} -You can see all of the alerts that affect a particular project{% ifversion fpt or ghec %} on the repository's Security tab or{% endif %} in the repository's dependency graph. For more information, see "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." +You can see all of the alerts that affect a particular project{% ifversion fpt or ghec %} on the repository's Security tab or{% endif %} in the repository's dependency graph. For more information, see "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." By default, we notify people with admin permissions in the affected repositories about new {% data variables.product.prodname_dependabot_alerts %}. {% ifversion fpt or ghec %}{% data variables.product.product_name %} never publicly discloses identified vulnerabilities for any repository. You can also make {% data variables.product.prodname_dependabot_alerts %} visible to additional people or teams working repositories that you own or have admin permissions for. For more information, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)." {% endif %} @@ -95,5 +96,5 @@ You can also see all the {% data variables.product.prodname_dependabot_alerts %} ## Further reading - "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" -- "[Viewing and updating vulnerable dependencies in your repository](/articles/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% endif %} +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/articles/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% endif %} {% ifversion fpt or ghec %}- "[Privacy on {% data variables.product.prodname_dotcom %}](/get-started/privacy-on-github)"{% endif %} diff --git a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md b/translations/ja-JP/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md similarity index 94% rename from translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md rename to translations/ja-JP/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md index 7be2222f65..f1ef00374b 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md @@ -6,6 +6,7 @@ miniTocMaxHeadingLevel: 3 redirect_from: - /github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database - /code-security/supply-chain-security/browsing-security-vulnerabilities-in-the-github-advisory-database + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database versions: fpt: '*' ghec: '*' @@ -36,7 +37,7 @@ The {% data variables.product.prodname_advisory_database %} contains a list of k We carefully review each advisory for validity. Each {% data variables.product.company_short %}-reviewed advisory has a full description, and contains both ecosystem and package information. -If you enable {% data variables.product.prodname_dependabot_alerts %} for your repositories, you are automatically notified when a new {% data variables.product.company_short %}-reviewed advisory affects packages you depend on. 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)」を参照してください。 +If you enable {% data variables.product.prodname_dependabot_alerts %} for your repositories, you are automatically notified when a new {% data variables.product.company_short %}-reviewed advisory affects packages you depend on. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." ### About unreviewed advisories @@ -107,7 +108,7 @@ You can suggest improvements to any advisory in the {% data variables.product.pr ## 脆弱性のあるリポジトリを表示する -For any {% data variables.product.company_short %}-reviewed advisory in the {% data variables.product.prodname_advisory_database %}, you can see which of your repositories are affected by that security vulnerability. 脆弱性のあるリポジトリを確認するには、そのリポジトリの {% data variables.product.prodname_dependabot_alerts %} にアクセスできる必要があります。 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)」を参照してください。 +For any {% data variables.product.company_short %}-reviewed advisory in the {% data variables.product.prodname_advisory_database %}, you can see which of your repositories are affected by that security vulnerability. 脆弱性のあるリポジトリを確認するには、そのリポジトリの {% data variables.product.prodname_dependabot_alerts %} にアクセスできる必要があります。 詳しい情報については「[{% data variables.product.prodname_dependabot_alerts %}について](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)」を参照してください。 1. Https://github.com/advisories にアクセスします。 2. アドバイザリをクリックします。 diff --git a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md b/translations/ja-JP/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md similarity index 88% rename from translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md rename to translations/ja-JP/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md index 38aedd5f8e..c7aa8fda69 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md @@ -1,10 +1,11 @@ --- -title: 脆弱性のある依存関係の通知を設定する -shortTitle: 通知を設定する +title: Configuring notifications for Dependabot alerts +shortTitle: Configure notifications intro: 'Optimize how you receive notifications about {% data variables.product.prodname_dependabot_alerts %}.' redirect_from: - /github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies - /code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies versions: fpt: '*' ghes: '*' @@ -51,7 +52,7 @@ When a new {% data variables.product.prodname_dependabot %} alert is detected, { {% note %} -**Note:** You can filter your notifications on {% data variables.product.company_short %} to show {% data variables.product.prodname_dependabot_alerts %}. 詳しい情報については「[インボックスからの通知の管理](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#dependabot-custom-filters)」を参照してください。 +**Note:** You can filter your notifications on {% data variables.product.company_short %} to show {% data variables.product.prodname_dependabot_alerts %}. 詳しい情報については「[インボックスからの通知を管理する](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#dependabot-custom-filters)」を参照してください。 {% endnote %} @@ -59,7 +60,7 @@ When a new {% data variables.product.prodname_dependabot %} alert is detected, { ## 脆弱性のある依存関係の通知を減らす方法 -{% data variables.product.prodname_dependabot_alerts %}の通知をあまりに多く受け取ることが心配なら、週次のメールダイジェストにオプトインするか、{% data variables.product.prodname_dependabot_alerts %}を有効化したままで通知をオフにすることをおすすめします。 その場合でも、リポジトリのセキュリティタブで{% data variables.product.prodname_dependabot_alerts %}を確認することはできます。 詳細については、「[リポジトリ内の脆弱な依存関係を表示・更新する](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)」を参照してください。 +{% data variables.product.prodname_dependabot_alerts %}の通知をあまりに多く受け取ることが心配なら、週次のメールダイジェストにオプトインするか、{% data variables.product.prodname_dependabot_alerts %}を有効化したままで通知をオフにすることをおすすめします。 その場合でも、リポジトリのセキュリティタブで{% data variables.product.prodname_dependabot_alerts %}を確認することはできます。 For more information, see "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." ## 参考リンク diff --git a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md b/translations/ja-JP/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md similarity index 94% rename from translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md rename to translations/ja-JP/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md index 5f75c90373..7dbfd80181 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md @@ -3,6 +3,7 @@ title: Editing security advisories in the GitHub Advisory Database intro: 'You can submit improvements to any advisory published in the {% data variables.product.prodname_advisory_database %}.' redirect_from: - /code-security/security-advisories/editing-security-advisories-in-the-github-advisory-database + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database versions: fpt: '*' ghec: '*' diff --git a/translations/ja-JP/content/code-security/dependabot/dependabot-alerts/index.md b/translations/ja-JP/content/code-security/dependabot/dependabot-alerts/index.md new file mode 100644 index 0000000000..f5d51e64aa --- /dev/null +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-alerts/index.md @@ -0,0 +1,24 @@ +--- +title: Identifying vulnerabilities in your project's dependencies with Dependabot alerts +shortTitle: Dependabotアラート +intro: '{% data variables.product.prodname_dependabot %} generates {% data variables.product.prodname_dependabot_alerts %} when known vulnerabilites are detected in dependencies that your project uses.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +topics: + - Dependabot + - Alerts + - Vulnerabilities + - Repositories + - Dependencies +children: + - /browsing-security-vulnerabilities-in-the-github-advisory-database + - /editing-security-advisories-in-the-github-advisory-database + - /about-dependabot-alerts + - /viewing-and-updating-dependabot-alerts + - /configuring-notifications-for-dependabot-alerts +--- + diff --git a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md b/translations/ja-JP/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md similarity index 94% rename from translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md rename to translations/ja-JP/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md index c1e0d76330..a22458eeba 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md @@ -1,12 +1,13 @@ --- -title: リポジトリ内の脆弱な依存関係を表示・更新する +title: Viewing and updating Dependabot alerts intro: '{% data variables.product.product_name %} がプロジェクト内の脆弱性のある依存関係を発見した場合は、それらをリポジトリの [Dependabot alerts] タブで確認できます。 その後、プロジェクトを更新してこの脆弱性を解決することができます。' redirect_from: - /articles/viewing-and-updating-vulnerable-dependencies-in-your-repository - /github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository - /code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository permissions: Repository administrators and organization owners can view and update dependencies. -shortTitle: View vulnerable dependencies +shortTitle: View Dependabot alerts versions: fpt: '*' ghes: '*' @@ -25,7 +26,7 @@ topics: {% data reusables.dependabot.beta-security-and-version-updates %} {% data reusables.dependabot.enterprise-enable-dependabot %} -Your repository's {% data variables.product.prodname_dependabot_alerts %} tab lists all open and closed {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt or ghec or ghes > 3.2 %} and corresponding {% data variables.product.prodname_dependabot_security_updates %}{% endif %}. You can{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} filter alerts by package, ecosystem, or manifest. You can also{% endif %} sort the list of alerts, and you can click into specific alerts for more details. 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)」を参照してください。 +Your repository's {% data variables.product.prodname_dependabot_alerts %} tab lists all open and closed {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt or ghec or ghes > 3.2 %} and corresponding {% data variables.product.prodname_dependabot_security_updates %}{% endif %}. You can{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} filter alerts by package, ecosystem, or manifest. You can also{% endif %} sort the list of alerts, and you can click into specific alerts for more details. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." {% ifversion fpt or ghec or ghes > 3.2 %} {% data variables.product.prodname_dependabot_alerts %} と依存関係グラフを使用するリポジトリの自動セキュリティ更新を有効にすることができます。 詳しい情報については、「[{% data variables.product.prodname_dependabot_security_updates %} について](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)」を参照してください。 @@ -36,7 +37,7 @@ Your repository's {% data variables.product.prodname_dependabot_alerts %} tab li {% ifversion fpt or ghec or ghes > 3.2 %} ## リポジトリ内の脆弱性のある依存関係の更新について -コードベースが既知の脆弱性のある依存関係を使用していることを検出すると、{% data variables.product.product_name %} は {% data variables.product.prodname_dependabot_alerts %} を生成します。 {% data variables.product.prodname_dependabot_security_updates %} が有効になっているリポジトリの場合、{% data variables.product.product_name %} がデフォルトのブランチで脆弱性のある依存関係を検出すると、{% data variables.product.prodname_dependabot %} はそれを修正するためのプルリクエストを作成します。 Pull Requestは、脆弱性を回避するために必要最低限の安全なバージョンに依存関係をアップグレードします。 +コードベースが既知の脆弱性のある依存関係を使用していることを検出すると、{% data variables.product.product_name %} は {% data variables.product.prodname_dependabot_alerts %} を生成します。 {% data variables.product.prodname_dependabot_security_updates %} が有効になっているリポジトリの場合、{% data variables.product.product_name %} がデフォルトのブランチで脆弱性のある依存関係を検出すると、{% data variables.product.prodname_dependabot %} はそれを修正するためのプルリクエストを作成します。 プルリクエストは、脆弱性を回避するために必要最低限の安全なバージョンに依存関係をアップグレードします。 {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %}You can sort and filter {% data variables.product.prodname_dependabot_alerts %} with the dropdown menus in the {% data variables.product.prodname_dependabot_alerts %} tab or by typing filters as `key:value` pairs into the search bar. The available filters are repository (for example, `repo:my-repository`), package (for example, `package:django`), ecosystem (for example, `ecosystem:npm`), manifest (for example, `manifest:webwolf/pom.xml`), state (for example, `is:open`), and whether an advisory has a patch (for example, `has: patch`). @@ -98,7 +99,7 @@ Each {% data variables.product.prodname_dependabot %} alert has a unique numeric ## 参考リンク -- 「[脆弱性のある依存関係に対するアラートについて](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)」{% ifversion fpt or ghec or ghes > 3.2 %} +- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} - 「[{% data variables.product.prodname_dependabot_security_updates %}の設定](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)」{% endif %} - 「[リポジトリのセキュリティおよび分析設定を管理する](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)」 - 「[脆弱性のある依存関係の検出のトラブルシューティング](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies)」{% ifversion fpt or ghec or ghes > 3.2 %} diff --git a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md b/translations/ja-JP/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md similarity index 89% rename from translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md rename to translations/ja-JP/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md index aa02dff06e..4b9cc30b4d 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md @@ -6,6 +6,7 @@ redirect_from: - /github/managing-security-vulnerabilities/about-github-dependabot-security-updates - /github/managing-security-vulnerabilities/about-dependabot-security-updates - /code-security/supply-chain-security/about-dependabot-security-updates + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates versions: fpt: '*' ghec: '*' @@ -25,9 +26,9 @@ topics: {% data reusables.dependabot.beta-security-and-version-updates %} {% data reusables.dependabot.enterprise-enable-dependabot %} -## {% data variables.product.prodname_dependabot_security_updates %} について +## {% data variables.product.prodname_dependabot_security_updates %}について -{% data variables.product.prodname_dependabot_security_updates %} で、リポジトリ内の脆弱性のある依存関係を簡単に修正できます。 この機能を有効にすると、リポジトリの依存関係グラフで脆弱性のある依存関係に対して {% data variables.product.prodname_dependabot %} アラートが発生すると、{% data variables.product.prodname_dependabot %} は自動的にそれを修正しようとします。 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)」 および「[{% data variables.product.prodname_dependabot_security_updates %} を設定する](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)」を参照してください。 +{% data variables.product.prodname_dependabot_security_updates %} で、リポジトリ内の脆弱性のある依存関係を簡単に修正できます。 この機能を有効にすると、リポジトリの依存関係グラフで脆弱性のある依存関係に対して {% data variables.product.prodname_dependabot %} アラートが発生すると、{% data variables.product.prodname_dependabot %} は自動的にそれを修正しようとします。 詳しい情報については、「[{% data variables.product.prodname_dependabot_alerts %} について](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)」および「[{% data variables.product.prodname_dependabot_security_updates %} の設定](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)」を参照してください。 {% data variables.product.prodname_dotcom %} may send {% data variables.product.prodname_dependabot_alerts %} to repositories affected by a vulnerability disclosed by a recently published {% data variables.product.prodname_dotcom %} security advisory. {% data reusables.security-advisory.link-browsing-advisory-db %} @@ -63,4 +64,4 @@ topics: ## {% data variables.product.prodname_dependabot %} セキュリティアップデートの通知について -{% data variables.product.company_short %} で通知をフィルタして、{% data variables.product.prodname_dependabot %} セキュリティアップデートを表示できます。 詳しい情報については「[インボックスからの通知の管理](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#dependabot-custom-filters)」を参照してください。 +{% data variables.product.company_short %} で通知をフィルタして、{% data variables.product.prodname_dependabot %} セキュリティアップデートを表示できます。 詳しい情報については「[インボックスからの通知を管理する](/github/managing-subscriptions-and-notifications-on-github/managing-notifications-from-your-inbox#dependabot-custom-filters)」を参照してください。 diff --git a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md b/translations/ja-JP/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md similarity index 91% rename from translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md rename to translations/ja-JP/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md index 40c479eb51..6cc5ca642c 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md @@ -9,6 +9,7 @@ redirect_from: - /github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates - /github/managing-security-vulnerabilities/configuring-dependabot-security-updates - /code-security/supply-chain-security/configuring-dependabot-security-updates + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates versions: fpt: '*' ghec: '*' @@ -37,7 +38,7 @@ You can disable {% data variables.product.prodname_dependabot_security_updates % ## Supported repositories -{% data variables.product.prodname_dotcom %} automatically enables {% data variables.product.prodname_dependabot_security_updates %} for every repository that meets these prerequisites. +{% data variables.product.prodname_dotcom %} automatically enables {% data variables.product.prodname_dependabot_security_updates %} for every repository that meets these prerequisites. {% note %} @@ -59,7 +60,7 @@ If security updates are not enabled for your repository and you don't know why, You can enable or disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository (see below). -You can also enable or disable {% data variables.product.prodname_dependabot_security_updates %} for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." +You can also enable or disable {% data variables.product.prodname_dependabot_security_updates %} for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." {% data variables.product.prodname_dependabot_security_updates %} require specific repository settings. For more information, see "[Supported repositories](#supported-repositories)." @@ -68,12 +69,12 @@ You can also enable or disable {% data variables.product.prodname_dependabot_sec {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-security-and-analysis %} -1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot %} security updates", click **Enable** or **Disable**. +1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot %} security updates", click **Enable** to enable the feature or **Disable** to disable it. {% ifversion fpt or ghec %}For public repositories, the button is disabled if the feature is always enabled.{% endif %} {% ifversion fpt or ghec %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/help/repository/enable-dependabot-security-updates-button.png){% else %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/enterprise/3.3/repository/security-and-analysis-disable-or-enable-ghes.png){% endif %} ## Further reading -- "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec %} +- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec %} - "[Managing data use settings for your private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)"{% endif %} - "[Supported package ecosystems](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)" diff --git a/translations/ja-JP/content/code-security/dependabot/dependabot-security-updates/index.md b/translations/ja-JP/content/code-security/dependabot/dependabot-security-updates/index.md new file mode 100644 index 0000000000..30b0fe6070 --- /dev/null +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-security-updates/index.md @@ -0,0 +1,20 @@ +--- +title: Automatically updating dependencies with known vulnerabilities with Dependabot security updates +intro: '{% data variables.product.prodname_dependabot %} can help you fix vulnerable dependencies by automatically raising pull requests to update dependencies to secure versions.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Security updates + - Dependencies + - Pull requests +shortTitle: Dependabotセキュリティアップデート +children: + - /about-dependabot-security-updates + - /configuring-dependabot-security-updates +--- + diff --git a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md b/translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md similarity index 91% rename from translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md rename to translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md index e87757c4bf..40b2cdefd9 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md @@ -8,6 +8,7 @@ redirect_from: - /github/administering-a-repository/about-dependabot-version-updates - /code-security/supply-chain-security/about-dependabot-version-updates - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/upgrading-from-dependabotcom-to-github-native-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates versions: fpt: '*' ghec: '*' @@ -25,13 +26,13 @@ shortTitle: Dependabotバージョンアップデート {% data reusables.dependabot.beta-security-and-version-updates %} {% data reusables.dependabot.enterprise-enable-dependabot %} -## {% data variables.product.prodname_dependabot_version_updates %} について +## {% data variables.product.prodname_dependabot_version_updates %}について {% data variables.product.prodname_dependabot %} は、依存関係を維持する手間を省きます。 これを使用して、リポジトリが依存するパッケージおよびアプリケーションの最新リリースに自動的に対応できるようにすることができます。 設定ファイルをリポジトリにチェックインすることにより、{% data variables.product.prodname_dependabot_version_updates %} を有効化します。 設定ファイルは、リポジトリに保存されているマニフェストまたは他のパッケージ定義ファイルの場所を指定します。 {% data variables.product.prodname_dependabot %} はこの情報を使用して、古いパッケージとアプリケーションをチェックします。 {% data variables.product.prodname_dependabot %} は、依存関係のセマンティックバージョニング([semver](https://semver.org/))を調べて、そのバージョンへの更新の必要性を判断することにより、依存関係の新しいバージョンの有無を決定します。 特定のパッケージマネージャーでは、{% data variables.product.prodname_dependabot_version_updates %} もベンダをサポートしています。 ベンダ (またはキャッシュ) された依存関係は、マニフェストで参照されるのではなく、リポジトリ内の特定のディレクトリにチェックインされる依存関係です。 パッケージサーバーが利用できない場合でも、ビルド時にベンダ依存関係を利用できます。 {% data variables.product.prodname_dependabot_version_updates %} は、ベンダの依存関係をチェックして新しいバージョンを確認し、必要に応じて更新するように設定できます。 -{% data variables.product.prodname_dependabot %} が古い依存関係を特定すると、プルリクエストを発行して、マニフェストを依存関係の最新バージョンに更新します。 ベンダーの依存関係の場合、{% data variables.product.prodname_dependabot %} はプルリクエストを生成して、古い依存関係を新しいバージョンに直接置き換えます。 テストに合格したことを確認し、プルリクエストの概要に含まれている変更履歴とリリースノートを確認して、マージします。 For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +{% data variables.product.prodname_dependabot %} が古い依存関係を特定すると、プルリクエストを発行して、マニフェストを依存関係の最新バージョンに更新します。 ベンダーの依存関係の場合、{% data variables.product.prodname_dependabot %} はプルリクエストを生成して、古い依存関係を新しいバージョンに直接置き換えます。 テストに合格したことを確認し、プルリクエストの概要に含まれている変更履歴とリリースノートを確認して、マージします。 For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." If you enable _security updates_, {% data variables.product.prodname_dependabot %} also raises pull requests to update vulnerable dependencies. 詳しい情報については、「[{% data variables.product.prodname_dependabot_security_updates %} について](/github/managing-security-vulnerabilities/about-dependabot-security-updates)」を参照してください。 @@ -50,7 +51,7 @@ If you enable _security updates_, {% data variables.product.prodname_dependabot ## サポートされているリポジトリとエコシステム -サポートされているパッケージマネージャーのいずれかの依存関係マニフェストまたはロックファイルを含むリポジトリのバージョン更新を設定できます。 一部のパッケージマネージャーでは、依存関係のベンダを設定することもできます。 詳しい情報については、「[依存関係の更新の設定オプション](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#vendor) 」を参照してください。 +サポートされているパッケージマネージャーのいずれかの依存関係マニフェストまたはロックファイルを含むリポジトリのバージョン更新を設定できます。 一部のパッケージマネージャーでは、依存関係のベンダを設定することもできます。 For more information, see "[Configuration options for the dependabot.yml file](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#vendor)." {% note %} {% data reusables.dependabot.private-dependencies-note %} diff --git a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md b/translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md similarity index 95% rename from translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md rename to translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md index 0a38bb5acc..2368b595b0 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md @@ -1,10 +1,12 @@ --- -title: 依存関係の更新の設定オプション +title: Configuration options for the dependabot.yml file intro: '{% data variables.product.prodname_dependabot %} がリポジトリを維持する方法をカスタマイズする場合に使用可能なすべてのオプションの詳細情報。' permissions: 'People with write permissions to a repository can configure {% data variables.product.prodname_dependabot %} for the repository.' +allowTitleToDifferFromFilename: true redirect_from: - /github/administering-a-repository/configuration-options-for-dependency-updates - /code-security/supply-chain-security/configuration-options-for-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates miniTocMaxHeadingLevel: 3 versions: fpt: '*' @@ -17,7 +19,7 @@ topics: - Repositories - Dependencies - Pull requests -shortTitle: 設定オプション +shortTitle: Configure dependabot.yml --- {% data reusables.dependabot.beta-security-and-version-updates %} @@ -27,9 +29,9 @@ shortTitle: 設定オプション {% data variables.product.prodname_dependabot %} の設定ファイルである *dependabot.yml* では YAML 構文を使用します。 YAMLについて詳しくなく、学んでいきたい場合は、「[Learn YAML in five minutes (5分で学ぶYAML)](https://www.codeproject.com/Articles/1214409/Learn-YAML-in-five-minutes)」をお読みください。 -このファイルは、リポジトリの `.github` ディレクトリに保存する必要があります。 *dependabot.yml* ファイルを追加または更新すると、即座にバージョン更新を確認します。 For more information and an example, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-dependabot-version-updates)." +このファイルは、リポジトリの `.github` ディレクトリに保存する必要があります。 *dependabot.yml* ファイルを追加または更新すると、即座にバージョン更新を確認します。 For more information and an example, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-dependabot-version-updates)." -セキュリティアップデートに影響するオプションは、次にセキュリティアラートがセキュリティアップデートのためのプルリクエストをトリガーするときにも使用されます。 For more information, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)." +セキュリティアップデートに影響するオプションは、次にセキュリティアラートがセキュリティアップデートのためのプルリクエストをトリガーするときにも使用されます。 詳しい情報については、「[{% data variables.product.prodname_dependabot_security_updates %} を設定する](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)」を参照してください。 *dependabot.yml* ファイルには、必須の最上位キーに `version` と `updates` の 2 つがあります。 必要に応じて、最上位に `registries` キーを含めることができます。 ファイルは、`version: 2` で始まる必要があります。 @@ -53,7 +55,7 @@ shortTitle: 設定オプション | [`pull-request-branch-name.separator`](#pull-request-branch-nameseparator) | | プルリクエストブランチ名の区切り文字を変更する | | [`rebase-strategy`](#rebase-strategy) | | 自動リベースを無効にする | | [`registries`](#registries) | | {% data variables.product.prodname_dependabot %} がアクセスできるプライベートリポジトリ | -| [`reviewers`](#reviewers) | | プルリクエストのレビュー担当者 | +| [`レビュー担当者`](#reviewers) | | プルリクエストのレビュー担当者 | | [`schedule.day`](#scheduleday) | | 更新を確認する曜日 | | [`schedule.time`](#scheduletime) | | 更新を確認する時刻 (hh:mm) | | [`schedule.timezone`](#scheduletimezone) | | 時刻のタイムゾーン(ゾーン識別子) | @@ -170,7 +172,7 @@ updates: {% note %} -**注釈**: `schedule` は、{% data variables.product.prodname_dependabot %} が新規更新を試行するタイミングを設定します。 ただし、プルリクエストを受け取るタイミングはこれだけではありません。 更新は、 `dependabot.yml` ファイルへの変更、更新失敗後のマニフェストファイルへの変更、または {% data variables.product.prodname_dependabot_security_updates %} に基づいてトリガーされることがあります。 詳しい情報については、「[{% data variables.product.prodname_dependabot %} プルリクエストの頻度](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates#frequency-of-dependabot-pull-requests)」および「[{% data variables.product.prodname_dependabot_security_updates %} について](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)」を参照してください。 +**注釈**: `schedule` は、{% data variables.product.prodname_dependabot %} が新規更新を試行するタイミングを設定します。 ただし、プルリクエストを受け取るタイミングはこれだけではありません。 更新は、 `dependabot.yml` ファイルへの変更、更新失敗後のマニフェストファイルへの変更、または {% data variables.product.prodname_dependabot_security_updates %} に基づいてトリガーされることがあります。 For more information, see "[Frequency of {% data variables.product.prodname_dependabot %} pull requests](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates#frequency-of-dependabot-pull-requests)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." {% endnote %} @@ -187,7 +189,7 @@ updates: | ------------- | ----------------------------------------------- | ----------------------------------------------------------------------------- | | `direct` | すべて | 明示的に定義されたすべての依存関係。 | | `indirect` | `bundler`、`pip`、`composer`、`cargo` | 直接依存関係の依存関係 (サブ依存関係、または過渡依存関係とも呼ばれる)。 | - | `すべて` | すべて | 明示的に定義されたすべての依存関係。 `bundler`、`pip`、`composer`、`cargo` についても、直接依存関係の依存関係になります。 | + | `all` | すべて | 明示的に定義されたすべての依存関係。 `bundler`、`pip`、`composer`、`cargo` についても、直接依存関係の依存関係になります。 | | `production` | `bundler`、`composer`、`mix`, `maven`、`npm`、`pip` | Only dependencies in the "Production dependency group". | | `development` | `bundler`、`composer`、`mix`, `maven`、`npm`、`pip` | [Development dependency group] 内の依存関係のみ。 | @@ -307,7 +309,7 @@ updates: リポジトリが`ignore`の設定を保存したかは、リポジトリで`"@dependabot ignore" in:comments`を検索すれば調べられます。 この方法で無視された依存関係の無視を解除したいなら、Pull Requestを再度オープンしてください。 -`@dependabot ignore` コマンドに関する詳細については、「[依存関係の更新に関するプルリクエストを管理する](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)」をご覧ください。 +For more information about the `@dependabot ignore` commands, see "[Managing pull requests for dependency updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)." #### 無視する依存関係とバージョンを指定する @@ -322,7 +324,7 @@ updates: {% data reusables.dependabot.option-affects-security-updates %} ```yaml -# 更新されるべきではない依存関係を、`ignore`を使って指定する +# `ignore`を使って更新されるべきではない依存関係を指定 version: 2 updates: @@ -332,7 +334,7 @@ updates: interval: "daily" ignore: - dependency-name: "express" - # Expressではバージョン4と5に対するすべての更新を無視 + # Expressについてはバージョン4と5に対するすべての更新を無視 versions: ["4.x", "5.x"] # Lodashについてはすべての更新を無視 - dependency-name: "lodash" @@ -521,7 +523,7 @@ updates: {% endraw %} ``` -### `reviewers` +### `レビュー担当者` `reviewers` を使用して、パッケージマネージャーに対して発行されたすべてのプルリクエストの個々のレビュー担当者またはレビュー担当者の Team を指定します。 チームを@メンションしている場合と同様に、Organization を含む完全な Team 名を使用する必要があります。 @@ -725,7 +727,7 @@ updates: {% raw %} ```yaml -# 1つのプライベートリポジトリで依存関係を更新するための最低限の設定 +# 1つのプライベートリポジトリ内の依存関係の更新のための最小設定 version: 2 registries: diff --git a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md b/translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md similarity index 93% rename from translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md rename to translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md index 158e6dea9a..f039485d40 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md @@ -1,11 +1,12 @@ --- -title: Enabling and disabling Dependabot version updates +title: Configuring Dependabot version updates intro: '{% data variables.product.prodname_dependabot %} が使用するパッケージを自動的に更新するようにリポジトリを設定できます。' permissions: 'People with write permissions to a repository can enable or disable {% data variables.product.prodname_dependabot_version_updates %} for the repository.' redirect_from: - /github/administering-a-repository/enabling-and-disabling-version-updates - /code-security/supply-chain-security/enabling-and-disabling-version-updates - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-version-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates versions: fpt: '*' ghec: '*' @@ -17,7 +18,7 @@ topics: - Repositories - Dependencies - Pull requests -shortTitle: 更新の有効化と無効化 +shortTitle: Configure version updates --- @@ -34,7 +35,7 @@ shortTitle: 更新の有効化と無効化 ## {% data variables.product.prodname_dependabot_version_updates %} を有効化する -{% data reusables.dependabot.create-dependabot-yml %}詳しい情報については、「[依存関係の更新の設定オプション](/github/administering-a-repository/configuration-options-for-dependency-updates)」を参照してください。 +{% data reusables.dependabot.create-dependabot-yml %} For information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates)." 1. `version` を追加します。 1. プライベートレジストリに依存関係がある場合、必要に応じて認証情報を含む `registries` セクションを追加します。 1. `updates` セクションを追加し、{% data variables.product.prodname_dependabot %} に監視させるパッケージマネージャーごとにエントリを追加します。 @@ -138,4 +139,4 @@ updates: update-types: ["version-update:semver-patch"] ``` -既存の無視設定の確認に関する詳細については、「[依存関係の更新の設定オプション](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)」を参照してください。 +For more information about checking for existing ignore preferences, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)." diff --git a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md b/translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md similarity index 93% rename from translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md rename to translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md index 43c33fc5ea..cdaedce500 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md @@ -5,6 +5,7 @@ permissions: 'People with write permissions to a repository can configure {% dat redirect_from: - /github/administering-a-repository/customizing-dependency-updates - /code-security/supply-chain-security/customizing-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates versions: fpt: '*' ghec: '*' @@ -34,7 +35,7 @@ shortTitle: 更新のカスタマイズ - `open-pull-requests-limit`: バージョン更新のオープンプルリクエストの最大数をデフォルトの 5 件から変更する - `target-branch`: デフォルトブランチではなく、特定のブランチを対象とするバージョン更新のプルリクエストを開く -設定オプションの詳細については、「[依存関係の更新の設定オプション](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates) 」を参照してください。 +For more information about the configuration options, see "[Configuration options for the dependabot.yml file](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)." リポジトリ内の *dependabot.yml* ファイルを更新すると、{% data variables.product.prodname_dependabot %} は新しい設定で即座にチェックを実行します。 数分以内に、[**{% data variables.product.prodname_dependabot %}**] タブに更新された依存関係のリストが表示されます。リポジトリに多くの依存関係がある場合、表示までにさらに時間がかかることがあります。 バージョン更新に関する新しいプルリクエストが表示されることもあります。 詳しい情報については、「[バージョン更新用に設定された依存関係を一覧表示する](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates) 」を参照してください。 @@ -139,4 +140,4 @@ updates: ## その他の例 -その他の例ついては、「[依存関係の更新の設定オプション](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates) 」を参照してください。 +For more examples, see "[Configuration options for the dependabot.yml file](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)." diff --git a/translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/index.md b/translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/index.md new file mode 100644 index 0000000000..49056570ac --- /dev/null +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/index.md @@ -0,0 +1,26 @@ +--- +title: Keeping your dependencies updated automatically with Dependabot version updates +intro: 'You can use {% data variables.product.prodname_dependabot %} to automatically keep the dependencies and packages used in your repository updated to the latest version, even when they don’t have any known vulnerabilities.' +allowTitleToDifferFromFilename: true +redirect_from: + - /github/administering-a-repository/keeping-your-dependencies-updated-automatically + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Version updates + - Dependencies + - Pull requests +children: + - /about-dependabot-version-updates + - /configuring-dependabot-version-updates + - /listing-dependencies-configured-for-version-updates + - /customizing-dependency-updates + - /configuration-options-for-the-dependabot.yml-file +shortTitle: Dependabotバージョンアップデート +--- + diff --git a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md b/translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md similarity index 85% rename from translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md rename to translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md index ed581cda02..7331e568d6 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md +++ b/translations/ja-JP/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md @@ -4,6 +4,7 @@ intro: '{% data variables.product.prodname_dependabot %} が更新を監視し redirect_from: - /github/administering-a-repository/listing-dependencies-configured-for-version-updates - /code-security/supply-chain-security/listing-dependencies-configured-for-version-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates versions: fpt: '*' ghec: '*' @@ -22,7 +23,7 @@ shortTitle: 設定された依存関係の一覧 ## {% data variables.product.prodname_dependabot %} によって監視されている依存関係を表示する -バージョン更新を有効にした後、リポジトリの依存関係グラフの [**{% data variables.product.prodname_dependabot %}**] タブで、設定が正しいかどうかを確認できます。 For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +バージョン更新を有効にした後、リポジトリの依存関係グラフの [**{% data variables.product.prodname_dependabot %}**] タブで、設定が正しいかどうかを確認できます。 For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.accessing-repository-graphs %} diff --git a/translations/ja-JP/content/code-security/dependabot/index.md b/translations/ja-JP/content/code-security/dependabot/index.md new file mode 100644 index 0000000000..cb1f4984f9 --- /dev/null +++ b/translations/ja-JP/content/code-security/dependabot/index.md @@ -0,0 +1,23 @@ +--- +title: Keeping your supply chain secure with Dependabot +shortTitle: Dependabot +intro: 'Monitor vulnerabilities in dependencies used in your project{% ifversion fpt or ghec or ghes > 3.2 %} and keep your dependencies up-to-date{% endif %} with {% data variables.product.prodname_dependabot %}.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +topics: + - Dependabot + - Alerts + - Vulnerabilities + - Repositories + - Dependencies +children: + - /dependabot-alerts + - /dependabot-security-updates + - /dependabot-version-updates + - /working-with-dependabot +--- + diff --git a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md similarity index 98% rename from translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md rename to translations/ja-JP/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md index 08083383df..04794ab34a 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md +++ b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md @@ -17,6 +17,8 @@ topics: - Dependencies - Pull requests shortTitle: Use Dependabot with Actions +redirect_from: + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions --- {% data reusables.dependabot.beta-security-and-version-updates %} @@ -72,7 +74,7 @@ For more information, see "[Modifying the permissions for the GITHUB_TOKEN](/act ### Accessing secrets -When a {% data variables.product.prodname_dependabot %} event triggers a workflow, the only secrets available to the workflow are {% data variables.product.prodname_dependabot %} secrets. {% data variables.product.prodname_actions %} secrets are not available. Consequently, you must store any secrets that are used by a workflow triggered by {% data variables.product.prodname_dependabot %} events as {% data variables.product.prodname_dependabot %} secrets. For more information, see "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)". +When a {% data variables.product.prodname_dependabot %} event triggers a workflow, the only secrets available to the workflow are {% data variables.product.prodname_dependabot %} secrets. {% data variables.product.prodname_actions %} secrets are not available. Consequently, you must store any secrets that are used by a workflow triggered by {% data variables.product.prodname_dependabot %} events as {% data variables.product.prodname_dependabot %} secrets. 詳しい情報については「[Dependabotの暗号化されたシークレットの管理](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)」を参照してください。 {% data variables.product.prodname_dependabot %} secrets are added to the `secrets` context and referenced using exactly the same syntax as secrets for {% data variables.product.prodname_actions %}. For more information, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets#using-encrypted-secrets-in-a-workflow)." diff --git a/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/index.md b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/index.md new file mode 100644 index 0000000000..2ff0dbc0da --- /dev/null +++ b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/index.md @@ -0,0 +1,24 @@ +--- +title: Working with Dependabot +shortTitle: Work with Dependabot +intro: 'Guidance and recommendations for working with {% data variables.product.prodname_dependabot %}, such as managing pull requests raised by {% data variables.product.prodname_dependabot %}, using {% data variables.product.prodname_actions %} with {% data variables.product.prodname_dependabot %}, and troubleshooting {% data variables.product.prodname_dependabot %} errors.' +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Version updates + - Security updates + - Dependencies + - Pull requests +children: + - /managing-pull-requests-for-dependency-updates + - /automating-dependabot-with-github-actions + - /keeping-your-actions-up-to-date-with-dependabot + - /managing-encrypted-secrets-for-dependabot + - /troubleshooting-the-detection-of-vulnerable-dependencies + - /troubleshooting-dependabot-errors +--- + diff --git a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md similarity index 88% rename from translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md rename to translations/ja-JP/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md index 7261cc6b3b..e373bef51a 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md +++ b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md @@ -5,6 +5,7 @@ redirect_from: - /github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot - /github/administering-a-repository/keeping-your-actions-up-to-date-with-dependabot - /code-security/supply-chain-security/keeping-your-actions-up-to-date-with-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot versions: fpt: '*' ghec: '*' @@ -36,7 +37,7 @@ Actions are often updated with bug fixes and new features to make automated proc 1. Set a `schedule.interval` to specify how often to check for new versions. {% data reusables.dependabot.check-in-dependabot-yml %} If you have edited an existing file, save your changes. -You can also enable {% data variables.product.prodname_dependabot_version_updates %} on forks. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-version-updates-on-forks)." +You can also enable {% data variables.product.prodname_dependabot_version_updates %} on forks. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-version-updates-on-forks)." ### Example *dependabot.yml* file for {% data variables.product.prodname_actions %} @@ -57,7 +58,7 @@ updates: ## Configuring {% data variables.product.prodname_dependabot_version_updates %} for actions -When enabling {% data variables.product.prodname_dependabot_version_updates %} for actions, you must specify values for `package-ecosystem`, `directory`, and `schedule.interval`. There are many more optional properties that you can set to further customize your version updates. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates)." +When enabling {% data variables.product.prodname_dependabot_version_updates %} for actions, you must specify values for `package-ecosystem`, `directory`, and `schedule.interval`. There are many more optional properties that you can set to further customize your version updates. For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates)." ## Further reading diff --git a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md similarity index 95% rename from translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md rename to translations/ja-JP/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md index 4f4bc4a4ab..942e049502 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md +++ b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md @@ -4,6 +4,7 @@ intro: 'パスワードアクセストークンなどの機密情報を、暗号 redirect_from: - /github/administering-a-repository/managing-encrypted-secrets-for-dependabot - /code-security/supply-chain-security/managing-encrypted-secrets-for-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot versions: fpt: '*' ghec: '*' @@ -33,7 +34,7 @@ password: ${{secrets.MY_ARTIFACTORY_PASSWORD}} ``` {% endraw %} -詳しい情報については、「[依存関係の更新の設定オプション](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries) 」を参照してください。 +For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." ### シークレットに名前を付ける diff --git a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md similarity index 93% rename from translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md rename to translations/ja-JP/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md index de66c94282..8fd8a900e9 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md +++ b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md @@ -4,6 +4,7 @@ intro: '{% data variables.product.prodname_dependabot %} によって生成さ redirect_from: - /github/administering-a-repository/managing-pull-requests-for-dependency-updates - /code-security/supply-chain-security/managing-pull-requests-for-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates versions: fpt: '*' ghec: '*' @@ -41,7 +42,7 @@ shortTitle: Dependabot PRの管理 ## {% data variables.product.prodname_dependabot %} Pull Requestのリベース戦略を変更する -デフォルトでは、{% data variables.product.prodname_dependabot %} は自動的にプルリクエストをリベースして競合を解決します。 マージの競合を手動で処理する場合は、`rebase-strategy` オプションを使用してこれを無効にできます。 詳細については、「[依存関係の更新の設定オプション](/github/administering-a-repository/configuration-options-for-dependency-updates#rebase-strategy) 」を参照してください。 +デフォルトでは、{% data variables.product.prodname_dependabot %} は自動的にプルリクエストをリベースして競合を解決します。 マージの競合を手動で処理する場合は、`rebase-strategy` オプションを使用してこれを無効にできます。 For details, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#rebase-strategy)." ## {% data variables.product.prodname_dependabot %} Pull Requestをコメントコマンドで管理する @@ -62,4 +63,4 @@ shortTitle: Dependabot PRの管理 {% data variables.product.prodname_dependabot %}はコマンドを認識すると"thumbs up"の絵文字で反応し、Pull Requestのコメントで応答することがあります。 {% data variables.product.prodname_dependabot %}は通常すぐに反応しますが、コマンドによっては{% data variables.product.prodname_dependabot %}が他の更新やコマンドを処理するのに忙しい場合、完了に数分かかることがあります。 -依存関係やバージョンを無視するコマンドを実行すると、{% data variables.product.prodname_dependabot %} はリポジトリの設定を一元的に保存します。 これは簡単な解決策ですが、複数のコントリビューターがいるリポジトリの場合は、設定ファイルで無視する依存関係とバージョンを明示的に定義することをお勧めします。 これにより、特定の依存関係が自動的に更新されない理由をすべてのコントリビューターが簡単に確認できます。 詳しい情報については、「[依存関係の更新の設定オプション](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore) 」を参照してください。 +依存関係やバージョンを無視するコマンドを実行すると、{% data variables.product.prodname_dependabot %} はリポジトリの設定を一元的に保存します。 これは簡単な解決策ですが、複数のコントリビューターがいるリポジトリの場合は、設定ファイルで無視する依存関係とバージョンを明示的に定義することをお勧めします。 これにより、特定の依存関係が自動的に更新されない理由をすべてのコントリビューターが簡単に確認できます。 For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)." diff --git a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md similarity index 92% rename from translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md rename to translations/ja-JP/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md index f53f1f19ab..46de024e13 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md +++ b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md @@ -6,6 +6,7 @@ redirect_from: - /github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors - /github/managing-security-vulnerabilities/troubleshooting-dependabot-errors - /code-security/supply-chain-security/troubleshooting-dependabot-errors + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors versions: fpt: '*' ghec: '*' @@ -76,7 +77,7 @@ To see the logs for any manifest file, click the **Last checked TIME ago** link, 依存関係を含むすべてのアプリケーションには、依存関係グラフ、つまり、アプリケーションが直接または間接的に依存するすべてのパッケージバージョンの有向非巡回グラフがあります。 依存関係が更新されるたびに、このグラフを解決する必要があります。解決しない場合、アプリケーションがビルドされません。 npm や RubyGems のように、エコシステムに深く複雑な依存関係グラフがある場合、エコシステム全体をアップグレードせずに単一の依存関係をアップグレードすることは不可能な場合があります。 -この問題を回避する最善策としては、たとえばバージョン更新を有効化するなどして、最新のリリースバージョンで最新の状態に保つことです。 これにより、依存関係グラフを壊さない単純なアップグレードで 1 つの依存関係の脆弱性を解決できる可能性が高くなります。 For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +この問題を回避する最善策としては、たとえばバージョン更新を有効化するなどして、最新のリリースバージョンで最新の状態に保つことです。 これにより、依存関係グラフを壊さない単純なアップグレードで 1 つの依存関係の脆弱性を解決できる可能性が高くなります。 For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." ### 最新バージョンのオープンプルリクエストがすでに存在するため、{% data variables.product.prodname_dependabot %} を必要なバージョンに更新できない @@ -90,13 +91,13 @@ To see the logs for any manifest file, click the **Last checked TIME ago** link, これは対処が難しいエラーです。 バージョン更新がタイムアウトした場合は、`allow` パラメーターを使用して更新する最も重要な依存関係を指定するか、または、`ignore` パラメーターを使用して更新から一部の依存関係を除外できます。 設定を更新すると、{% data variables.product.prodname_dependabot %} がバージョンの更新を確認し、利用可能な時間内にプルリクエストを生成できます。 -セキュリティアップデートがタイムアウトする場合、たとえばバージョン更新を有効にするなどして依存関係を最新に保つことで、タイムアウトが発生する可能性を減らすことができます。 For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +セキュリティアップデートがタイムアウトする場合、たとえばバージョン更新を有効にするなどして依存関係を最新に保つことで、タイムアウトが発生する可能性を減らすことができます。 For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." ### {% data variables.product.prodname_dependabot %} で追加のプルリクエストをオープンできない {% data variables.product.prodname_dependabot %} が生成するオープンプルリクエスト数には制限があります。 上限に達すると、新しいプルリクエストはオープンされず、このエラーが報告されます。 エラーを解決する最善策として、複数のオープンプルリクエストを確認してマージします。 -セキュリティアップデートとバージョン更新のプルリクエストには個別の制限があるため、オープンなバージョン更新のプルリクエストがセキュリティアップデートのプルリクエストの作成をブロックすることはできません。 セキュリティアップデートのプルリクエストの上限は 10 件です。 デフォルトではバージョン更新の上限は 5 件ですが、設定ファイルの `open-pull-requests-limit` パラメータを使用して変更できます。 詳しい情報については、「[依存関係の更新の設定オプション](/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit) 」を参照してください。 +セキュリティアップデートとバージョン更新のプルリクエストには個別の制限があるため、オープンなバージョン更新のプルリクエストがセキュリティアップデートのプルリクエストの作成をブロックすることはできません。 セキュリティアップデートのプルリクエストの上限は 10 件です。 デフォルトではバージョン更新の上限は 5 件ですが、設定ファイルの `open-pull-requests-limit` パラメータを使用して変更できます。 For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit)." このエラーを解決する最善策として、既存のプルリクエストの一部をマージまたはクローズして、新しいプルリクエストを手動でトリガーします。 詳しい情報については、「[{% data variables.product.prodname_dependabot %} のプルリクエストを手動でトリガーする](#triggering-a-dependabot-pull-request-manually)」を参照してください。 @@ -121,3 +122,8 @@ To see the logs for any manifest file, click the **Last checked TIME ago** link, - **セキュリティアップデート** — 修正済みのエラーを示す {% data variables.product.prodname_dependabot %} アラートを表示します。[**Create {% data variables.product.prodname_dependabot %} security update**] をクリックします。 - **バージョン更新** — リポジトリの [**Insights**] タブで、[**Dependency graph**] をクリックし、[**Dependabot**] タブをクリックします。 [**Last checked *TIME* ago**] をクリックして、バージョン更新の最終チェック中に {% data variables.product.prodname_dependabot %} が生成したログファイルを表示します。 [**Check for updates**] をクリックします。 + +## 参考リンク + +- "[Troubleshooting the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)" +- 「[脆弱性のある依存関係の検出のトラブルシューティング](/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies)」 diff --git a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md similarity index 70% rename from translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md rename to translations/ja-JP/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md index 4a967cf2fb..722d2e48bd 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md +++ b/translations/ja-JP/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md @@ -1,10 +1,11 @@ --- title: Troubleshooting the detection of vulnerable dependencies intro: 'If the dependency information reported by {% data variables.product.product_name %} is not what you expected, there are a number of points to consider, and various things you can check.' -shortTitle: Troubleshoot detection +shortTitle: Troubleshoot vulnerability detection redirect_from: - /github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies - /code-security/supply-chain-security/troubleshooting-the-detection-of-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies versions: fpt: '*' ghes: '*' @@ -19,26 +20,31 @@ topics: - Security updates - Dependencies - Vulnerabilities - - Dependency graph - - Alerts - CVEs - Repositories --- {% data reusables.dependabot.beta-security-and-version-updates %} - -The results of dependency detection reported by {% data variables.product.product_name %} may be different from the results returned by other tools. There are good reasons for this and it's helpful to understand how {% data variables.product.prodname_dotcom %} determines dependencies for your project. +{% data reusables.dependabot.result-discrepancy %} ## Why do some dependencies seem to be missing? {% data variables.product.prodname_dotcom %} generates and displays dependency data differently than other tools. Consequently, if you've been using another tool to identify dependencies you will almost certainly see different results. Consider the following: * {% data variables.product.prodname_advisory_database %} is one of the data sources that {% data variables.product.prodname_dotcom %} uses to identify vulnerable dependencies. It's a free, curated database of vulnerability information for common package ecosystems on {% data variables.product.prodname_dotcom %}. It includes both data reported directly to {% data variables.product.prodname_dotcom %} from {% data variables.product.prodname_security_advisories %}, as well as official feeds and community sources. This data is reviewed and curated by {% data variables.product.prodname_dotcom %} to ensure that false or unactionable information is not shared with the development community. {% data reusables.security-advisory.link-browsing-advisory-db %} -* The dependency graph parses all known package manifest files in a user’s repository. For example, for npm it will parse the _package-lock.json_ file. It constructs a graph of all of the repository’s dependencies and public dependents. This happens when you enable the dependency graph and when anyone pushes to the default branch, and it includes commits that makes changes to a supported manifest format. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)." -* {% data variables.product.prodname_dependabot %} scans any push, to the default branch, that contains a manifest file. When a new vulnerability record is added, it scans all existing repositories and generates an alert for each vulnerable repository. {% data variables.product.prodname_dependabot_alerts %} are aggregated at the repository level, rather than creating one alert per vulnerability. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." +* The dependency graph parses all known package manifest files in a user’s repository. For example, for npm it will parse the _package-lock.json_ file. It constructs a graph of all of the repository’s dependencies and public dependents. This happens when you enable the dependency graph and when anyone pushes to the default branch, and it includes commits that makes changes to a supported manifest format. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" and "[Troubleshooting the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)." +* {% data variables.product.prodname_dependabot %} scans any push, to the default branch, that contains a manifest file. When a new vulnerability record is added, it scans all existing repositories and generates an alert for each vulnerable repository. {% data variables.product.prodname_dependabot_alerts %} are aggregated at the repository level, rather than creating one alert per vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." * {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} are triggered when you receive an alert about a vulnerable dependency in your repository. Where possible, {% data variables.product.prodname_dependabot %} creates a pull request in your repository to upgrade the vulnerable dependency to the minimum possible secure version needed to avoid the vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" and "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)." - {% endif %}{% data variables.product.prodname_dependabot %} doesn't scan repositories for vulnerable dependencies on a schedule, but rather when something changes. For example, a scan is triggered when a new dependency is added ({% data variables.product.prodname_dotcom %} checks for this on every push), or when a new vulnerability is added to the advisory database{% ifversion ghes or ghae-issue-4864 %} and synchronized to {% data variables.product.product_location %}{% endif %}. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)." + {% endif %}{% data variables.product.prodname_dependabot %} doesn't scan repositories for vulnerable dependencies on a schedule, but rather when something changes. For example, a scan is triggered when a new dependency is added ({% data variables.product.prodname_dotcom %} checks for this on every push), or when a new vulnerability is added to the advisory database{% ifversion ghes or ghae-issue-4864 %} and synchronized to {% data variables.product.product_location %}{% endif %}. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)." + +## Do {% data variables.product.prodname_dependabot_alerts %} only relate to vulnerable dependencies in manifests and lockfiles? + +{% data variables.product.prodname_dependabot_alerts %} advise you about dependencies you should update, including transitive dependencies, where the version can be determined from a manifest or a lockfile. {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} only suggest a change where {% data variables.product.prodname_dependabot %} can directly "fix" the dependency, that is, when these are: +* Direct dependencies explicitly declared in a manifest or lockfile +* Transitive dependencies declared in a lockfile{% endif %} + +**Check**: Is the uncaught vulnerability for a component that's not specified in the repository's manifest or lockfile? ## Why don't I get vulnerability alerts for some ecosystems? @@ -48,44 +54,6 @@ It's worth noting that {% data variables.product.prodname_dotcom %} Security Adv **Check**: Does the uncaught vulnerability apply to an unsupported ecosystem? -## Does the dependency graph only find dependencies in manifests and lockfiles? - -The dependency graph includes information on dependencies that are explicitly declared in your environment. That is, dependencies that are specified in a manifest or a lockfile. The dependency graph generally also includes transitive dependencies, even when they aren't specified in a lockfile, by looking at the dependencies of the dependencies in a manifest file. - -{% data variables.product.prodname_dependabot_alerts %} advise you about dependencies you should update, including transitive dependencies, where the version can be determined from a manifest or a lockfile. {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} only suggest a change where {% data variables.product.prodname_dependabot %} can directly "fix" the dependency, that is, when these are: -* Direct dependencies explicitly declared in a manifest or lockfile -* Transitive dependencies declared in a lockfile{% endif %} - -The dependency graph doesn't include "loose" dependencies. "Loose" dependencies are individual files that are copied from another source and checked into the repository directly or within an archive (such as a ZIP or JAR file), rather than being referenced by in a package manager’s manifest or lockfile. - -**Check**: Is the uncaught vulnerability for a component that's not specified in the repository's manifest or lockfile? - -## Does the dependency graph detect dependencies specified using variables? - -The dependency graph analyzes manifests as they’re pushed to {% data variables.product.prodname_dotcom %}. The dependency graph doesn't, therefore, have access to the build environment of the project, so it can't resolve variables used within manifests. If you use variables within a manifest to specify the name, or more commonly the version of a dependency, then that dependency will not be included in the dependency graph. - -**Check**: Is the missing dependency declared in the manifest by using a variable for its name or version? - -## Are there limits which affect the dependency graph data? - -Yes, the dependency graph has two categories of limits: - -1. **Processing limits** - - These affect the dependency graph displayed within {% data variables.product.prodname_dotcom %} and also prevent {% data variables.product.prodname_dependabot_alerts %} being created. - - Manifests over 0.5 MB in size are only processed for enterprise accounts. For other accounts, manifests over 0.5 MB are ignored and will not create {% data variables.product.prodname_dependabot_alerts %}. - - By default, {% data variables.product.prodname_dotcom %} will not process more than 20 manifests per repository. {% data variables.product.prodname_dependabot_alerts %} are not created for manifests beyond this limit. If you need to increase the limit, contact {% data variables.contact.contact_support %}. - -2. **Visualization limits** - - These affect what's displayed in the dependency graph within {% data variables.product.prodname_dotcom %}. However, they don't affect the {% data variables.product.prodname_dependabot_alerts %} that are created. - - The Dependencies view of the dependency graph for a repository only displays 100 manifests. Typically this is adequate as it is significantly higher than the processing limit described above. In situations where the processing limit is over 100, {% data variables.product.prodname_dependabot_alerts %} are still created for any manifests that are not shown within {% data variables.product.prodname_dotcom %}. - -**Check**: Is the missing dependency in a manifest file that's over 0.5 MB, or in a repository with a large number of manifests? - ## Does {% data variables.product.prodname_dependabot %} generate alerts for vulnerabilities that have been known for many years? The {% data variables.product.prodname_advisory_database %} was launched in November 2019, and initially back-filled to include vulnerability information for the supported ecosystems, starting from 2017. When adding CVEs to the database, we prioritize curating newer CVEs, and CVEs affecting newer versions of software. @@ -118,7 +86,8 @@ The {% data variables.product.prodname_dependabot_alerts %} count in {% data var ## Further reading -- "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" -- "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" -- "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" +- "[Troubleshooting the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)"{% ifversion fpt or ghec or ghes > 3.2 %} - "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"{% endif %} diff --git a/translations/ja-JP/content/code-security/getting-started/github-security-features.md b/translations/ja-JP/content/code-security/getting-started/github-security-features.md index 55bf4818a6..bdb89559b4 100644 --- a/translations/ja-JP/content/code-security/getting-started/github-security-features.md +++ b/translations/ja-JP/content/code-security/getting-started/github-security-features.md @@ -37,7 +37,7 @@ topics: ### {% data variables.product.prodname_dependabot_alerts %} およびセキュリティアップデート -セキュリティの脆弱性を含むことを把握している依存関係に関するアラートを表示し、プルリクエストを自動的に生成してこれらの依存関係を更新するかどうかを選択します。 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)」 および「[{% data variables.product.prodname_dependabot_security_updates %} について](/github/managing-security-vulnerabilities/about-dependabot-security-updates)」を参照してください。 +セキュリティの脆弱性を含むことを把握している依存関係に関するアラートを表示し、プルリクエストを自動的に生成してこれらの依存関係を更新するかどうかを選択します。 For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." {% endif %} {% ifversion ghes < 3.3 or ghae-issue-4864 %} @@ -45,7 +45,7 @@ topics: {% data reusables.dependabot.dependabot-alerts-beta %} -セキュリティの脆弱性を含むことを把握している依存関係に関するアラートを表示し、それらのアラートを管理します。 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)」を参照してください。 +セキュリティの脆弱性を含むことを把握している依存関係に関するアラートを表示し、それらのアラートを管理します。 詳しい情報については、「[{% data variables.product.prodname_dependabot_alerts %} について](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)」を参照してください。 {% endif %} {% ifversion fpt or ghec or ghes > 3.2 %} diff --git a/translations/ja-JP/content/code-security/getting-started/securing-your-organization.md b/translations/ja-JP/content/code-security/getting-started/securing-your-organization.md index bd40761fce..667abbef44 100644 --- a/translations/ja-JP/content/code-security/getting-started/securing-your-organization.md +++ b/translations/ja-JP/content/code-security/getting-started/securing-your-organization.md @@ -48,7 +48,7 @@ You can create a default security policy that will display in any of your organi {% data reusables.dependabot.dependabot-alerts-beta %} {% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} -For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)," "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)," and "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." +For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)," "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)," and "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." {% endif %} {% ifversion fpt or ghes > 3.1 or ghae-issue-4864 or ghec %} @@ -79,7 +79,7 @@ For more information, see "[About {% data variables.product.prodname_dependabot_ You can enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/about-dependabot-version-updates)." -To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." {% endif %} @@ -135,7 +135,7 @@ For more information, see "[Managing security and analysis settings for your org ## Next steps {% ifversion fpt or ghes > 3.1 or ghec %}You can view, filter, and sort security alerts for repositories owned by your organization in the security overview. For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)."{% endif %} -You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing and updating vulnerable dependencies in your repository](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." +You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." {% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)." {% endif %} diff --git a/translations/ja-JP/content/code-security/getting-started/securing-your-repository.md b/translations/ja-JP/content/code-security/getting-started/securing-your-repository.md index 293eb3185b..1073b342f8 100644 --- a/translations/ja-JP/content/code-security/getting-started/securing-your-repository.md +++ b/translations/ja-JP/content/code-security/getting-started/securing-your-repository.md @@ -75,7 +75,7 @@ For more information, see "[Exploring the dependencies of a repository](/code-se {% data reusables.dependabot.dependabot-alerts-beta %} {% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} -For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt or ghec %}" and "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account){% endif %}." +For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt or ghec %}" and "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account){% endif %}." {% endif %} @@ -111,7 +111,7 @@ For more information, see "[About {% data variables.product.prodname_dependabot_ You can enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/about-dependabot-version-updates)." -To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." {% endif %} @@ -132,7 +132,7 @@ You can set up {% data variables.product.prodname_code_scanning %} to automatica {% endif %} ## Next steps -You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing and updating vulnerable dependencies in your repository](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." +You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." {% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)." {% endif %} diff --git a/translations/ja-JP/content/code-security/guides.md b/translations/ja-JP/content/code-security/guides.md index 1fb4e1e570..a0e505f267 100644 --- a/translations/ja-JP/content/code-security/guides.md +++ b/translations/ja-JP/content/code-security/guides.md @@ -18,6 +18,7 @@ learningTracks: - code_security_actions - code_security_ci - code_security_integration + - end_to_end_supply_chain includeGuides: - /code-security/getting-started/adding-a-security-policy-to-your-repository - /code-security/getting-started/github-security-features @@ -74,7 +75,6 @@ includeGuides: - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates diff --git a/translations/ja-JP/content/code-security/index.md b/translations/ja-JP/content/code-security/index.md index ec13e102f5..e7248afec2 100644 --- a/translations/ja-JP/content/code-security/index.md +++ b/translations/ja-JP/content/code-security/index.md @@ -19,6 +19,7 @@ featuredLinks: - '{% ifversion ghes < 3.3 or ghae %}/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories{% endif %}' - '{% ifversion ghae %}/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github{% endif %}' - '{% ifversion ghae %}/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system{% endif %}' + - /code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview popular: - '{% ifversion ghes %}/admin/release-notes{% endif %}' - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies @@ -53,6 +54,7 @@ children: - /code-scanning - /repository-security-advisories - /supply-chain-security + - /dependabot - /security-overview - /guides --- diff --git a/translations/ja-JP/content/code-security/secret-scanning/about-secret-scanning.md b/translations/ja-JP/content/code-security/secret-scanning/about-secret-scanning.md index 884e8b3e26..9549eaaae2 100644 --- a/translations/ja-JP/content/code-security/secret-scanning/about-secret-scanning.md +++ b/translations/ja-JP/content/code-security/secret-scanning/about-secret-scanning.md @@ -31,9 +31,9 @@ If your project communicates with an external service, you might use a token or {% ifversion fpt or ghec %} {% data variables.product.prodname_secret_scanning_caps %} is available on {% data variables.product.prodname_dotcom_the_website %} in two forms: -1. **{% data variables.product.prodname_secret_scanning_partner_caps %}.** Runs automatically on all public repositories. Any strings that match patterns that were provided by secret scanning partners are reported directly to the relvant partner. +1. **{% data variables.product.prodname_secret_scanning_partner_caps %}.** Runs automatically on all public repositories. Any strings that match patterns that were provided by secret scanning partners are reported directly to the relevant partner. -2. **{% data variables.product.prodname_secret_scanning_GHAS_caps %}.** You can enable and configure additional scanning for repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. Any strings that match patterns provided by secret scannng partners, by other service providers, or defined by your organization are reported as alerts in the "Security" tab of repositories. If a string in a public repository matches a partner pattern, it is also reported to the partner. +2. **{% data variables.product.prodname_secret_scanning_GHAS_caps %}.** You can enable and configure additional scanning for repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. Any strings that match patterns provided by secret scanning partners, by other service providers, or defined by your organization, are reported as alerts in the "Security" tab of repositories. If a string in a public repository matches a partner pattern, it is also reported to the partner. {% endif %} Service providers can partner with {% data variables.product.company_short %} to provide their secret formats for scanning. {% data reusables.secret-scanning.partner-program-link %} @@ -48,11 +48,12 @@ You cannot change the configuration of {% data variables.product.prodname_secret {% ifversion fpt %} {% note %} -**Note:** Organizations using {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_GH_advanced_security %} can also enable {% data variables.product.prodname_secret_scanning_GHAS %} on any repository they own, including private repositories. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/secret-security/about-secret-scanning#about-secret-scanning-for-advanced-security). +{% data reusables.secret-scanning.fpt-GHAS-scans %} {% endnote %} {% endif %} + {% endif %} {% ifversion not fpt %} diff --git a/translations/ja-JP/content/code-security/security-overview/about-the-security-overview.md b/translations/ja-JP/content/code-security/security-overview/about-the-security-overview.md index 6bbc0ee124..d4a6e3f020 100644 --- a/translations/ja-JP/content/code-security/security-overview/about-the-security-overview.md +++ b/translations/ja-JP/content/code-security/security-overview/about-the-security-overview.md @@ -28,7 +28,7 @@ shortTitle: About security overview セキュリティの概要は、Organizationのセキュリティの状況の高レベルでの表示、あるいは介入が必要な問題のあるリポジトリを特定するために利用できます。 You can view aggregate or repository-specific security information in the security overview. You can also use the security overview to see which security features are enabled for your repositories and to configure any available security features that are not currently in use. -The security overview indicates whether {% ifversion fpt or ghes > 3.1 or ghec %}security{% endif %}{% ifversion ghae %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} features are enabled for repositories owned by your organization and consolidates alerts for each feature.{% ifversion fpt or ghes > 3.1 or ghec %} Security features include {% data variables.product.prodname_GH_advanced_security %} features, such as {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_secret_scanning %}, as well as {% data variables.product.prodname_dependabot_alerts %}.{% endif %} For more information about {% data variables.product.prodname_GH_advanced_security %} features, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)."{% ifversion fpt or ghes > 3.1 or ghec %} For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)."{% endif %} +The security overview indicates whether {% ifversion fpt or ghes > 3.1 or ghec %}security{% endif %}{% ifversion ghae %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} features are enabled for repositories owned by your organization and consolidates alerts for each feature.{% ifversion fpt or ghes > 3.1 or ghec %} Security features include {% data variables.product.prodname_GH_advanced_security %} features, such as {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_secret_scanning %}, as well as {% data variables.product.prodname_dependabot_alerts %}.{% endif %} For more information about {% data variables.product.prodname_GH_advanced_security %} features, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)."{% ifversion fpt or ghes > 3.1 or ghec %} For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)."{% endif %} For more information about securing your code at the repository and organization levels, see "[Securing your repository](/code-security/getting-started/securing-your-repository)" and "[Securing your organization](/code-security/getting-started/securing-your-organization)." @@ -50,13 +50,13 @@ For each repository in the security overview, you will see icons for each type o ![セキュリティの概要中のアイコン](/assets/images/help/organizations/security-overview-icons.png) -| アイコン | 意味 | -| ------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| {% octicon "code-square" aria-label="Code scanning alerts" %} | {% data variables.product.prodname_code_scanning_capc %} アラート. 詳しい情報については「[{% data variables.product.prodname_code_scanning %}について](/code-security/secure-coding/about-code-scanning)」を参照してください。 | -| {% octicon "key" aria-label="Secret scanning alerts" %} | {% data variables.product.prodname_secret_scanning_caps %} アラート. 詳しい情報については「[{% data variables.product.prodname_secret_scanning %}について](/code-security/secret-security/about-secret-scanning)」を参照してください。 | -| {% octicon "hubot" aria-label="Dependabot alerts" %} | {% data variables.product.prodname_dependabot_alerts %}について受ける方法は、カスタマイズできます。 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)」を参照してください。 | -| {% octicon "check" aria-label="Check" %} | The security feature is enabled, but does not raise alerts in this repository. | -| {% octicon "x" aria-label="x" %} | The security feature is not supported in this repository. | +| アイコン | 意味 | +| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| {% octicon "code-square" aria-label="Code scanning alerts" %} | {% data variables.product.prodname_code_scanning_capc %} アラート. 詳しい情報については「[{% data variables.product.prodname_code_scanning %}について](/code-security/secure-coding/about-code-scanning)」を参照してください。 | +| {% octicon "key" aria-label="Secret scanning alerts" %} | {% data variables.product.prodname_secret_scanning_caps %} アラート. 詳しい情報については「[{% data variables.product.prodname_secret_scanning %}について](/code-security/secret-security/about-secret-scanning)」を参照してください。 | +| {% octicon "hubot" aria-label="Dependabot alerts" %} | {% data variables.product.prodname_dependabot_alerts %}について受ける方法は、カスタマイズできます。 For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." | +| {% octicon "check" aria-label="Check" %} | The security feature is enabled, but does not raise alerts in this repository. | +| {% octicon "x" aria-label="x" %} | The security feature is not supported in this repository. | The security overview displays active alerts raised by security features. リポジトリに対してセキュリティの概要でアラートがない場合でも、検出されていないセキュリティ脆弱性やコードのエラーは存在するかもしれません。 diff --git a/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md b/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md new file mode 100644 index 0000000000..e2aeb52977 --- /dev/null +++ b/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md @@ -0,0 +1,38 @@ +--- +title: Securing your end-to-end supply chain +shortTitle: 概要 +allowTitleToDifferFromFilename: true +intro: 'Introducing best practice guides on complete end-to-end supply chain security including personal accounts, code, and build processes.' +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Organizations + - Teams + - Dependencies + - Advanced Security +--- + +## What is the end-to-end supply chain? + +At its core, end-to-end software supply chain security is about making sure the code you distribute hasn't been tampered with. Previously, attackers focused on targeting dependencies you use, for example libraries and frameworks. Attackers have now expanded their focus to include targeting user accounts and build processes, and so those systems must be defended as well. + +## About these guides + +This series of guides explains how to think about securing your end-to-end supply chain: personal account, code, and build processes. Each guide explains the risk to that area, and introduces the {% data variables.product.product_name %} features that can help you address that risk. + +Everyone's needs are different, so each guide starts with the highest impact change, and continues from there with additional improvements you should consider. You should feel free to skip around and focus on improvements you think will have the biggest benefit. The goal isn't to do everything at once but to continuously improve security in your systems over time. + +- "[Best practices for securing accounts](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)" + +- "[Best practices for securing code in your supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)" + +- "[Best practices for securing your build system](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)" + +## 参考リンク + +- [Safeguarding artifact integrity across any software supply chain](https://slsa.dev/) +- [Microsoft Supply Chain Integrity Model](https://github.com/microsoft/scim) +- [Software Supply Chain Security Paper - CNCF Security Technical Advisory Group](https://github.com/cncf/tag-security/blob/main/supply-chain-security/supply-chain-security-paper/CNCF_SSCP_v1.pdf) diff --git a/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md b/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md new file mode 100644 index 0000000000..0cf0b8d7ad --- /dev/null +++ b/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md @@ -0,0 +1,20 @@ +--- +title: End-to-end supply chain +intro: 'How to think about securing your user accounts, your code, and your build process' +versions: + fpt: '*' + ghec: '*' + ghes: '*' +topics: + - Security overview + - Organizations + - Teams + - Dependencies + - Advanced Security +children: + - /end-to-end-supply-chain-overview + - /securing-accounts + - /securing-code + - /securing-builds +--- + diff --git a/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md b/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md new file mode 100644 index 0000000000..998a277ef5 --- /dev/null +++ b/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md @@ -0,0 +1,137 @@ +--- +title: Best practices for securing accounts +shortTitle: Securing accounts +allowTitleToDifferFromFilename: true +intro: Guidance on how to protect accounts with access to your software supply chain. +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Organizations + - Teams + - SSH + - Security + - Accounts +--- + +## About this guide + +This guide describes the highest impact changes you can make to increase account security. Each section outlines a change you can make to your processes to improve the security. The highest impact changes are listed first. + +## What's the risk? + +Account security is fundamental to the security of your supply chain. If an attacker can take over your account on {% data variables.product.product_name %}, they can then make malicious changes to your code or build process. So your first goal should be to make it difficult for someone to take over your account and the accounts of other {% ifversion ghes %}users{% else %}members{% endif %} of {% ifversion fpt %}your organization{% elsif ghec or ghae %}your organization or enterprise{% elsif ghes %}{% data variables.product.product_location %}{% endif %}. + +{% ifversion ghec or ghes %} +## Centralize authentication +{% endif %} + +{% ifversion ghec %} +If you're an enterprise or organization owner, you can configure centralized authentication with SAML. While you can add or remove members manually, it's simpler and more secure to set up single sign-on (SSO) and SCIM between {% data variables.product.product_name %} and your SAML identity provider (IdP). This also simplifies the authentication process for all members of your enterprise. + +You can configure SAML authentication for an enterprise or organization account. With SAML, you can grant access to the personal accounts of members of your enterprise or organization on {% data variables.product.product_location %} through your IdP, or you can create and control the accounts that belong to your enterprise by using {% data variables.product.prodname_emus %}. For more information, see "[About identity and access management with SAML single sign-on](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)". + +After you configure SAML authentication, when members request access to your resources, they'll be directed to your SSO flow to ensure they are still recognized by your IdP. If they are unrecognized, their request is declined. + +Some IdPs support a protocol called SCIM, which can automatically provision or deprovision access on {% data variables.product.product_name %} when you make changes on your IdP. With SCIM, you can simplify administration as your team grows, and you can quickly revoke access to accounts. SCIM is available for individual organizations on {% data variables.product.product_name %}, or for enterprises that use {% data variables.product.prodname_emus %}. 詳しい情報については「[SCIMについて](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)」を参照してください。 +{% endif %} + +{% ifversion ghes %} +If you're the site administrator for {% data variables.product.product_location %}, you can simplify the login experience for users by choosing an authentication method that connects with your existing identity provider (IdP), like CAS, SAML, or LDAP. This means that they no longer need to remember an extra password for {% data variables.product.prodname_dotcom %}. + +Some authentication methods also support communicating additional information to {% data variables.product.product_name %}, for example, what groups the user is a member of, or synchronizing cryptographic keys for the user. This is a great way to simplify your administration as your organization grows. + +For more information on these authentication methods, see "[Using CAS](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-cas)," "[Using SAML](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml)," and "[Using LDAP](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-ldap)." +{% endif %} + +## Configure two-factor authentication + +The best way to improve the security of {% ifversion fpt %}your personal account{% elsif ghes %}your personal account or {% data variables.product.product_location %}{% elsif ghec %}your accounts{% elsif ghae %}your enterprise on {% data variables.product.product_name %}{% endif %} is to configure two-factor authentication (2FA){% ifversion ghae %} on your SAML identity provider (IdP){% endif %}. Passwords by themselves can be compromised by being guessable, by being reused on another site that's been compromised, or by social engineering, like phishing. 2FA makes it much more difficult for your accounts to be compromised, even if an attacker has your password. + +{% ifversion not ghae %} + +{% ifversion ghec %} +If you're an enterprise owner, you may be able to configure a policy to require 2FA for all organizations owned by your enterprise. +{% endif %} + +{% ifversion ghes %} +If you're the site administrator for {% data variables.product.product_location %}, you may be able to configure 2FA for all users of your instance. The availability of 2FA on {% data variables.product.product_name %} depends on the authentication method that you use. For more information, see "[Centralize user authentication](#centralize-user-authentication)." +{% endif %} + +If you're an organization owner, then you {% ifversion fpt %}can{% else %}may be able to{% endif %} require that all members of the organization enable 2FA. + +{% ifversion ghec or ghes %} + +### Configure your enterprise account + +Enterprise owners may be able to require 2FA for all {% ifversion ghes %}users on{% elsif ghec %}members of{% endif %} the {% ifversion ghes %}instance{% elsif ghec %}enterprise{% endif %}. The availability of 2FA policies on {% data variables.product.product_name %} depends on how {% ifversion ghes %}users{% else %}members{% endif %} authenticate to access your {% ifversion ghes %}instance{% elsif ghec %}enterprise's resources{% endif %}. + +{% ifversion ghes %} +- If you sign into {% data variables.product.product_location %} through an external IdP using CAS or SAML SSO, you +{% elsif ghec %} +If your enterprise uses {% data variables.product.prodname_emus %} or SAML authentication is enforced for your enterprise, you +{%- endif %} cannot configure 2FA on {% data variables.product.product_name %}. Someone with administrative access to your IdP must configure 2FA for the IdP. + +{% ifversion ghes %} + +- If you sign into {% data variables.product.product_location %} through an external LDAP directory, you can require 2FA for your enterprise on {% data variables.product.product_name %}. If you allow built-in authentication for users outside of your directory, individual users can enable 2FA, but you cannot require 2FA for your enterprise. + +{% endif %} + +For more information, see {% ifversion ghec %}"[About identity and access management for your enterprise](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-identity-and-access-management-for-your-enterprise)" and {% endif %}"[Enforcing policies for security settings in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#requiring-two-factor-authentication-for-organizations-in-your-enterprise)." + +{% endif %} + +### Configure your personal account + +{% ifversion ghec or ghes %} +{% note %} + +**Note**: Depending on the authentication method that {% ifversion ghec %}an enterprise owner{% elsif ghes %}a site administrator{% endif %} has configured for {% ifversion ghec %}your enterprise on {% endif %}{% data variables.product.product_location %}, you may not be able to enable 2FA for your personal account. + +{% endnote %} +{% endif %} + +{% data variables.product.product_name %} supports several options for 2FA, and while any of them is better than nothing, the most secure option is WebAuthn. WebAuthn requires either a hardware security key or a device that supports it through things like Windows Hello or Mac TouchID. It's possible, although difficult, to phish other forms of 2FA (for example, someone asking you to read them your 6 digit one-time password). However WebAuthn isn't phishable, because domain scoping is built into the protocol, which prevents credentials from a website impersonating a login page from being used on {% data variables.product.product_name %}. + +When you set up 2FA, you should always download the recovery codes and set up more than one factor. This ensures that access to your account doesn't depend on a single device. For more information, see "[Configuring two-factor authentication](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication)," "[Configuring two-factor authentication recovery methods](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication-recovery-methods)," and [GitHub Branded hardware security keys](https://thegithubshop.com/products/github-branded-yubikey) in the GitHub shop. + +### Configure your organization account + +{% ifversion ghec or ghes %} +{% note %} + +**Note**: Depending on the authentication method that {% ifversion ghec %}an enterprise owner{% elsif ghes %}a site administrator{% endif %} has configured for {% ifversion ghec %}your enterprise on {% endif %}{% data variables.product.product_location %}, you may not be able to require 2FA for your organization. + +{% endnote %} +{% endif %} + +If you're an organization owner, you can see which users don't have 2FA enabled, help them get set up, and then require 2FA for your organization. To guide you through that process, see: + +1. "[Viewing whether users in your organization have 2FA enabled](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled)" +2. "[Preparing to require two-factor authentication in your organization](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/preparing-to-require-two-factor-authentication-in-your-organization)" +3. "[Requiring two-factor authentication in your organization](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization)" + +{% endif %} + +## Connect to {% data variables.product.product_name %} using SSH keys + +There are other ways to interact with {% data variables.product.product_name %} beyond signing into the website. Many people authorize the code they push to {% data variables.product.prodname_dotcom %} with an SSH private key. For more information, see "[About SSH](/authentication/connecting-to-github-with-ssh/about-ssh)." + +Just like your account password, if an attacker were able to get your SSH private key, they could impersonate you and push malicious code to any repository you have write access for. If you store your SSH private key on a disk drive, it's a good idea to protect it with a passphrase. For more information, see "[Working with SSH key passphrases](/authentication/connecting-to-github-with-ssh/working-with-ssh-key-passphrases)." + +Another option is to generate SSH keys on a hardware security key. You could use the same key you're using for 2FA. Hardware security keys are very difficult to compromise remotely, because the private SSH key remains on the hardware, and is not directly accessible from software. For more information, see "[Generating a new SSH key for a hardware security key](/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent#generating-a-new-ssh-key-for-a-hardware-security-key)." + +{% ifversion ghec or ghes or ghae %} +Hardware-backed SSH keys are quite secure, but the hardware requirement might not work for some organizations. An alternative approach is to use SSH keys that are only valid for a short period of time, so even if the private key is compromised it can't be exploited for very long. This is the concept behind running your own SSH certificate authority. While this approach gives you a lot of control over how users authenticate, it also comes with the responsibility of maintaining an SSH certificate authority yourself. For more information, see "[About SSH certificate authorities](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities)." +{% endif %} + +## 次のステップ + +- "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)" + +- "[Best practices for securing code in your supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)" + +- "[Best practices for securing your build system](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)" diff --git a/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md b/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md new file mode 100644 index 0000000000..1fa1084c2a --- /dev/null +++ b/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md @@ -0,0 +1,62 @@ +--- +title: Best practices for securing your build system +shortTitle: Securing builds +allowTitleToDifferFromFilename: true +intro: Guidance on how to protect the end of your supply chain—the systems you use to build and distribute artifacts. +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Fundamentals + - Security + - CI + - CD +--- + +## About this guide + +This guide describes the highest impact changes you can make to improve the security of your build systems. Each section outlines a change you can make to your processes to improve security. The highest impact changes are listed first. + +## What's the risk? + +Some attacks on software supply chains target the build system directly. If an attacker can modify the build process, they can exploit your system without the effort of compromising personal accounts or code. It's important to make sure that you don't forget to protect the build system as well as personal accounts and code. + +## Secure your build system + +There are several security capabilities a build system should have: + +1. The build steps should be clear and repeatable. + +2. You should know exactly what was running during the build process. + +3. Each build should start in a fresh environment, so a compromised build doesn't persist to affect future builds. + +{% data variables.product.prodname_actions %} can help you meet these capabilities. Build instructions are stored in your repository, alongside your code. You choose what environment your build runs on, including Windows, Mac, Linux, or runners you host yourself. Each build starts with a fresh virtual environment, making it difficult for an attack to persist in your build environment. + +In addition to the security benefits, {% data variables.product.prodname_actions %} lets you trigger builds manually, periodically, or on git events in your repository for frequent and fast builds. + +{% data variables.product.prodname_actions %} is a big topic, but a good place to get started is "[Understanding GitHub Actions](/actions/learn-github-actions/understanding-github-actions)," as well as "[Choosing GitHub-hosted runners](/actions/using-workflows/workflow-syntax-for-github-actions#choosing-github-hosted-runners)," and "[Triggering a workflow](/actions/using-workflows/triggering-a-workflow)." + +## Sign your builds + +After your build process is secure, you want to prevent someone from tampering with the end result of your build process. A great way to do this is to sign your builds. When distributing software publicly, this is often done with a public/private cryptographic key pair. You use the private key to sign the build, and you publish your public key so users of your software can verify the signature on the build before they use it. If the bytes of the build are modified, the signature will not verify. + +How exactly you sign your build will depend on what sort of code you're writing, and who your users are. Often it's difficult to know how to securely store the private key. One basic option here is to use {% data variables.product.prodname_actions %} encrypted secrets, although you'll need to be careful to limit who has access to those {% data variables.product.prodname_actions %} workflows. {% ifversion fpt or ghec %}If your private key is stored in another system accessible over the public internet (like Microsoft Azure, or HashiCorp Vault), a more advanced option is to authenticate with OpenID Connect, so you don't have to share secrets across systems.{% endif %} If your private key is only accessible from a private network, another option is to use self-hosted runners for {% data variables.product.prodname_actions %}. + +For more information, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)"{% ifversion fpt or ghec %}, "[About security hardening with OpenID Connect](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)",{% endif %} and "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners)." + +## Harden security for {% data variables.product.prodname_actions %} + +There are many further steps you can take to additionally secure {% data variables.product.prodname_actions %}. In particular, be careful when evaluating third-party workflows, and consider using `CODEOWNERS` to limit who can make changes to your workflows. + +For more information, see "[Security hardening for GitHub Actions](/actions/security-guides/security-hardening-for-github-actions);" particularly "[Using third-party actions](/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions)" and "[Using `CODEOWNERS` to monitor changes](/actions/security-guides/security-hardening-for-github-actions#using-codeowners-to-monitor-changes)." + +## 次のステップ + +- "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)" + +- "[Best practices for securing accounts](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)" + +- "[Best practices for securing code in your supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)" diff --git a/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md b/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md new file mode 100644 index 0000000000..c874baf320 --- /dev/null +++ b/translations/ja-JP/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md @@ -0,0 +1,119 @@ +--- +title: Best practices for securing code in your supply chain +shortTitle: Securing code +allowTitleToDifferFromFilename: true +intro: Guidance on how to protect the center of your supply chain—the code you write and the code you depend on. +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Dependabot + - Security updates + - Vulnerabilities + - Advanced Security + - Secret scanning +--- + +## About this guide + +This guide describes the highest impact changes you can make to improve the security of your code. Each section outlines a change you can make to your processes to improve security. The highest impact changes are listed first. + +## What's the risk? + +Key risks in the development process include: + +- Using dependencies with security vulnerabilities that an attacker could exploit. +- Leaking authentication credentials or a token that an attacker could use to access your resources. +- Introducing a vulnerability to your own code that an attacker could exploit. + +These risks open your resources and projects to attack and those risks are passed directly on to anyone who uses a package that you create. The following sections explain how you can protect yourself and your users from these risks. + +## Create a vulnerability management program for dependencies + +You can secure the code you depend on by creating a vulnerability management program for dependencies. At a high level this should include processes to ensure that you: + +1. Create an inventory of your dependencies. + +2. Know when there is a security vulnerability in a dependency. + +3. Assess the impact of that vulnerability on your code and decide what action to take. + +### Automatic inventory generation + +As a first step, you want to make a complete inventory of your dependencies. The dependency graph for a repository shows you dependencies for supported ecosystems. If you check in your dependencies, or use other ecosystems, you will need to supplement this with data from 3rd party tools or by listing dependencies manually. 詳しい情報については、「[依存関係グラフについて](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)」を参照してください。 + +### Automatic detection of vulnerabilities in dependencies + +{% data variables.product.prodname_dependabot %} can help you by monitoring your dependencies and notifying you when they contain a known vulnerability. {% ifversion fpt or ghec or ghes > 3.2 %}You can even enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests that update the dependency to a secure version.{% endif %} For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} and "[About Dependabot security updates](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)"{% endif %}. + +### Assessment of exposure to risk from a vulnerable dependency + +When you discover you are using a vulnerable dependency, for example, a library or a framework, you must assess your project's level of exposure and determine what action to take. Vulnerabilities are usually reported with a severity score to show how severe their impact could be. The severity score is a useful guide but cannot tell you the full impact of the vulnerability on your code. + +To assess the impact of a vulnerability on your code, you also need to consider how you use the library and determine how much risk that actually poses to your system. Maybe the vulnerability is part of a feature that you don't use, and you can update the affected library and continue with your normal release cycle. Or maybe your code is badly exposed to risk, and you need to update the affected library and ship an updated build right away. This decision depends on how you're using the library in your system, and is a decision that only you have the knowledge to make. + +## Secure your communication tokens + +Code often needs to communicate with other systems over a network, and requires secrets (like a password, or an API key) to authenticate. Your system needs access to those secrets to run, but it's best practice to not include them in your source code. This is especially important for public repositories, but also for private repositories to which many people might have access. + +### Automatic detection of secrets committed to a repository + +{% note %} + +**Note:** {% data reusables.gated-features.secret-scanning-partner %} + +{% endnote %} + +{% data reusables.secret-scanning.enterprise-enable-secret-scanning %} + +{% ifversion fpt or ghec %} +{% data variables.product.prodname_dotcom %} partners with many providers to automatically detect when secrets are committed to or stored in your public repositories, and will notify the provider so they can take appropriate actions to ensure your account remains secure. For more information, see "[About {% data variables.product.prodname_secret_scanning %} for partner patterns](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-partner-patterns)." +{% endif %} + +{% ifversion fpt %} +{% data reusables.secret-scanning.fpt-GHAS-scans %} +{% elsif ghec %} +If your organization uses {% data variables.product.prodname_GH_advanced_security %}, you can enable {% data variables.product.prodname_secret_scanning_GHAS %} on any repository owned by the organization. You can also define custom patterns to detect additional secrets at the repository, organization, or enterprise level. For more information, see "[About {% data variables.product.prodname_secret_scanning_GHAS %}](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-advacned-security)." +{% else %} +You can configure {% data variables.product.prodname_secret_scanning %} to check for secrets issued by many service providers and to notify you when any are detected. You can also define custom patterns to detect additional secrets at the repository, organization, or enterprise level. For more information, see "[About secret scanning](/code-security/secret-scanning/about-secret-scanning)" and "[Secret scanning patterns](/code-security/secret-scanning/secret-scanning-patterns)." +{% endif %} + +{% ifversion fpt or ghec or ghes > 3.2 %} +### Secure storage of secrets you use in {% data variables.product.product_name %} +{% endif %} + +{% ifversion fpt or ghec %} +Besides your code, you probably need to use secrets in other places. For example, to allow {% data variables.product.prodname_actions %} workflows, {% data variables.product.prodname_dependabot %}, or your {% data variables.product.prodname_codespaces %} development environment to communicate with other systems. For more information on how to securely store and use secrets, see "[Encrypted secrets in Actions](/actions/security-guides/encrypted-secrets)," "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)," and "[Managing encrypted secrets for your codespaces](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)." +{% endif %} + +{% ifversion ghes > 3.2 %} +Besides your code, you probably need to use secrets in other places. For example, to allow {% data variables.product.prodname_actions %} workflows or {% data variables.product.prodname_dependabot %} to communicate with other systems. For more information on how to securely store and use secrets, see "[Encrypted secrets in Actions](/actions/security-guides/encrypted-secrets)", and "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)." +{% endif %} + +## Keep vulnerable coding patterns out of your repository + +{% note %} + +**Note:** {% data reusables.gated-features.code-scanning %} + +{% endnote %} + +{% data reusables.code-scanning.enterprise-enable-code-scanning %} + +### Create a pull request review process + +You can improve the quality and security of your code by ensuring that all pull requests are reviewed and tested before they are merged. {% data variables.product.prodname_dotcom %} has many features you can use to control the review and merge process. To get started, see "[About protected branches](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches)." + +### Scan your code for vulnerable patterns + +Insecure code patterns are often difficult for reviewers to spot unaided. In addition to scanning your code for secrets, you can check it for patterns that are associated with security vulnerabilities. For example, a function that isn't memory-safe, or failing to escaping user input that could lead to an injection vulnerability. {% data variables.product.prodname_dotcom %} offers several different ways to approach both how and when you scan your code. To get started, see "[About code scanning](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning)." + +## 次のステップ + +- "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)" + +- "[Best practices for securing accounts](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)" + +- "[Best practices for securing your build system](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)" diff --git a/translations/ja-JP/content/code-security/supply-chain-security/index.md b/translations/ja-JP/content/code-security/supply-chain-security/index.md index f01deb5b2a..93a4d082a9 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/index.md +++ b/translations/ja-JP/content/code-security/supply-chain-security/index.md @@ -16,7 +16,6 @@ topics: - Repositories children: - /understanding-your-software-supply-chain - - /keeping-your-dependencies-updated-automatically - - /managing-vulnerabilities-in-your-projects-dependencies + - /end-to-end-supply-chain --- diff --git a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md b/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md deleted file mode 100644 index 96d217d37f..0000000000 --- a/translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md +++ /dev/null @@ -1,29 +0,0 @@ ---- -title: 依存関係を自動的に更新する -intro: '{% data variables.product.prodname_dependabot %} はリポジトリの依存関係を自動的に維持することができます。' -redirect_from: - - /github/administering-a-repository/keeping-your-dependencies-updated-automatically -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -topics: - - Repositories - - Dependabot - - Version updates - - Dependencies - - Pull requests -children: - - /about-dependabot-version-updates - - /enabling-and-disabling-dependabot-version-updates - - /listing-dependencies-configured-for-version-updates - - /managing-pull-requests-for-dependency-updates - - /automating-dependabot-with-github-actions - - /managing-encrypted-secrets-for-dependabot - - /customizing-dependency-updates - - /configuration-options-for-dependency-updates - - /keeping-your-actions-up-to-date-with-dependabot -shortTitle: 依存関係の自動更新 ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} diff --git a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md b/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md deleted file mode 100644 index 23eab349d8..0000000000 --- a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md +++ /dev/null @@ -1,46 +0,0 @@ ---- -title: 脆弱性のある依存関係の管理について -intro: '{% data variables.product.product_name %} は、既知の脆弱性を含むサードパーティソフトウェアの使用を回避するのに役立ちます。' -redirect_from: - - /github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies - - /code-security/supply-chain-security/about-managing-vulnerable-dependencies -versions: - fpt: '*' - ghes: '>=3.2' - ghae: issue-4864 - ghec: '*' -type: overview -topics: - - Dependabot - - Dependency graph - - Dependency review - - Vulnerabilities - - Repositories - - Dependencies - - Pull requests -shortTitle: 脆弱性のある依存関係 ---- - - - -{% data variables.product.product_name %} は、脆弱性のある依存関係を削除および回避するための次のツールを提供しています。 - -## 依存関係グラフ -依存関係グラフは、リポジトリに保存されているマニフェストファイルおよびロックファイルのサマリーです。 コードベースが依存するエコシステムとパッケージ(依存関係)、およびプロジェクトに依存するリポジトリとパッケージ(依存関係)が表示されます。 依存関係グラフの情報は、依存関係のレビューと {% data variables.product.prodname_dependabot %} によって使用されます。 詳しい情報については、「[依存関係グラフについて](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)」を参照してください。 - -## 依存関係のレビュー - -{% data reusables.dependency-review.beta %} - -プルリクエストの依存関係のレビューを確認することで、依存関係からコードベースに脆弱性が発生するのを防ぐことができます。 プルリクエストが脆弱性のある依存関係を追加したり、依存関係を脆弱性のあるバージョンに変更した場合、これは依存関係のレビューで強調表示されます。 プルリクエストをマージする前に、依存関係をパッチを適用したバージョンに変更できます。 詳しい情報については「[依存関係のレビュー](/code-security/supply-chain-security/about-dependency-review)」を参照してください。 - -## {% data variables.product.prodname_dependabot_alerts %} -リポジトリ内の脆弱性のある依存関係を検出すると、{% data variables.product.product_name %} は {% data variables.product.prodname_dependabot_alerts %} を作成できます。 アラートは、リポジトリの [Security] タブに表示されます。 アラートには、プロジェクト内で影響を受けるファイルへのリンクと、修正バージョンに関する情報が含まれています。 {% data variables.product.product_name %} は、通知設定に従って、リポジトリのメンテナにも通知します。 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)」を参照してください。 - -{% ifversion fpt or ghec or ghes > 3.2 %} -## {% data variables.product.prodname_dependabot_security_updates %} -{% data variables.product.product_name %} がリポジトリ内の脆弱性のある依存関係に対して {% data variables.product.prodname_dependabot %} アラートが発生すると、{% data variables.product.prodname_dependabot %} は自動的にそれを修正しようとします。 {% data variables.product.prodname_dependabot_security_updates %} は、脆弱性のある依存関係を修正バージョンに更新するプルリクエストを自動的に生成します。 詳しい情報については、「[{% data variables.product.prodname_dependabot_security_updates %} について](/github/managing-security-vulnerabilities/about-dependabot-security-updates)」を参照してください。 - -## {% data variables.product.prodname_dependabot_version_updates %} -{% data variables.product.prodname_dependabot_version_updates %} を有効にすると、依存関係を維持する手間が省けます。 {% data variables.product.prodname_dependabot_version_updates %} を使用すると、{% data variables.product.prodname_dotcom %} が古い依存関係を識別するたびに、マニフェストを最新バージョンの依存関係に更新するためのプルリクエストを発行します。 対照的に、{% data variables.product.prodname_dependabot_security_updates %} は脆弱性のある依存関係を修正するためにプルリクエストのみを発行します。 詳しい情報については、「[ Dependabot のバージョン更新について](/github/administering-a-repository/about-dependabot-version-updates)」を参照してください。 -{% endif %} diff --git a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md b/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md deleted file mode 100644 index 40c479eb51..0000000000 --- a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md +++ /dev/null @@ -1,79 +0,0 @@ ---- -title: Configuring Dependabot security updates -intro: 'You can use {% data variables.product.prodname_dependabot_security_updates %} or manual pull requests to easily update vulnerable dependencies.' -shortTitle: Configure security updates -redirect_from: - - /articles/configuring-automated-security-fixes - - /github/managing-security-vulnerabilities/configuring-automated-security-fixes - - /github/managing-security-vulnerabilities/configuring-automated-security-updates - - /github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates - - /github/managing-security-vulnerabilities/configuring-dependabot-security-updates - - /code-security/supply-chain-security/configuring-dependabot-security-updates -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -type: how_to -topics: - - Dependabot - - Security updates - - Alerts - - Dependencies - - Pull requests - - Repositories ---- - - -{% data reusables.dependabot.beta-security-and-version-updates %} -{% data reusables.dependabot.enterprise-enable-dependabot %} - -## About configuring {% data variables.product.prodname_dependabot_security_updates %} - -You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." - -You can disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository or for all repositories owned by your user account or organization. For more information, see "[Managing {% data variables.product.prodname_dependabot_security_updates %} for your repositories](#managing-dependabot-security-updates-for-your-repositories)" below. - -{% ifversion fpt or ghec %}{% data reusables.dependabot.dependabot-tos %}{% endif %} - -## Supported repositories - -{% data variables.product.prodname_dotcom %} automatically enables {% data variables.product.prodname_dependabot_security_updates %} for every repository that meets these prerequisites. - -{% note %} - -**Note**: You can manually enable {% data variables.product.prodname_dependabot_security_updates %}, even if the repository doesn't meet some of the prerequisites below. For example, you can enable {% data variables.product.prodname_dependabot_security_updates %} on a fork, or for a package manager that isn't directly supported by following the instructions in "[Managing {% data variables.product.prodname_dependabot_security_updates %} for your repositories](#managing-dependabot-security-updates-for-your-repositories)." - -{% endnote %} - -| Automatic enablement prerequisite | More information | -| ----------------- | ----------------------- | -| Repository is not a fork | "[About forks](/github/collaborating-with-issues-and-pull-requests/about-forks)" | -| Repository is not archived | "[Archiving repositories](/github/creating-cloning-and-archiving-repositories/archiving-repositories)" |{% ifversion fpt or ghec %} -| Repository is public, or repository is private and you have enabled read-only analysis by {% data variables.product.prodname_dotcom %}, dependency graph, and vulnerability alerts in the repository's settings | "[Managing data use settings for your private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)." |{% endif %} -| Repository contains dependency manifest file from a package ecosystem that {% data variables.product.prodname_dotcom %} supports | "[Supported package ecosystems](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)" | -| {% data variables.product.prodname_dependabot_security_updates %} are not disabled for the repository | "[Managing {% data variables.product.prodname_dependabot_security_updates %} for your repository](#managing-dependabot-security-updates-for-your-repositories)" | - -If security updates are not enabled for your repository and you don't know why, first try enabling them using the instructions given in the procedural sections below. If security updates are still not working, you can contact {% data variables.contact.contact_support %}. - -## Managing {% data variables.product.prodname_dependabot_security_updates %} for your repositories - -You can enable or disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository (see below). - -You can also enable or disable {% data variables.product.prodname_dependabot_security_updates %} for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." - -{% data variables.product.prodname_dependabot_security_updates %} require specific repository settings. For more information, see "[Supported repositories](#supported-repositories)." - -### Enabling or disabling {% data variables.product.prodname_dependabot_security_updates %} for an individual repository - -{% data reusables.repositories.navigate-to-repo %} -{% data reusables.repositories.sidebar-settings %} -{% data reusables.repositories.navigate-to-security-and-analysis %} -1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot %} security updates", click **Enable** or **Disable**. - {% ifversion fpt or ghec %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/help/repository/enable-dependabot-security-updates-button.png){% else %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/enterprise/3.3/repository/security-and-analysis-disable-or-enable-ghes.png){% endif %} - - -## Further reading - -- "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec %} -- "[Managing data use settings for your private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)"{% endif %} -- "[Supported package ecosystems](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)" diff --git a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md b/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md deleted file mode 100644 index 150d83c734..0000000000 --- a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md +++ /dev/null @@ -1,36 +0,0 @@ ---- -title: プロジェクトの依存関係にある脆弱性を管理する -intro: 'You can track your repository''s dependencies and receive {% data variables.product.prodname_dependabot_alerts %} when {% data variables.product.product_name %} detects vulnerable dependencies.' -redirect_from: - - /articles/updating-your-project-s-dependencies - - /articles/updating-your-projects-dependencies - - /articles/managing-security-vulnerabilities-in-your-projects-dependencies - - /articles/managing-vulnerabilities-in-your-projects-dependencies - - /github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies -versions: - fpt: '*' - ghes: '*' - ghae: issue-4864 - ghec: '*' -topics: - - Repositories - - Dependabot - - Version updates - - Dependencies - - Pull requests - - Vulnerabilities - - Alerts -children: - - /about-managing-vulnerable-dependencies - - /browsing-security-vulnerabilities-in-the-github-advisory-database - - /editing-security-advisories-in-the-github-advisory-database - - /about-alerts-for-vulnerable-dependencies - - /configuring-notifications-for-vulnerable-dependencies - - /about-dependabot-security-updates - - /configuring-dependabot-security-updates - - /viewing-and-updating-vulnerable-dependencies-in-your-repository - - /troubleshooting-the-detection-of-vulnerable-dependencies - - /troubleshooting-dependabot-errors -shortTitle: 脆弱性のある依存関係の修復 ---- - diff --git a/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md b/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md index 72a04be9ef..cc0a6df48c 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md +++ b/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md @@ -41,7 +41,7 @@ Dependency review is available when dependency graph is enabled for {% data vari プルリクエストで依存関係のレビューを確認し、脆弱性としてフラグが付けられている依存関係を変更することで、プロジェクトに脆弱性が追加されるのを防ぐことができます。 依存関係のレビューの動作に関する詳しい情報については「[Pull Request中の依存関係の変更のレビュー](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)」を参照してください。 -{% data variables.product.prodname_dependabot_alerts %} は、すでに依存関係にある脆弱性を検出しますが、あとで修正するよりも、潜在的な問題が持ち込まれることを回避する方がはるかに良いです。 {% data variables.product.prodname_dependabot_alerts %} に関する詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)」を参照してください。 +{% data variables.product.prodname_dependabot_alerts %} は、すでに依存関係にある脆弱性を検出しますが、あとで修正するよりも、潜在的な問題が持ち込まれることを回避する方がはるかに良いです。 For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)." 依存関係のレビューは、依存関係グラフと同じ言語とパッケージ管理エコシステムをサポートしています。 詳しい情報については、「[依存関係グラフについて](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)」を参照してください。 diff --git a/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md b/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md new file mode 100644 index 0000000000..6ff3e6e9ed --- /dev/null +++ b/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md @@ -0,0 +1,156 @@ +--- +title: About supply chain security +intro: '{% data variables.product.product_name %} helps you secure your supply chain, from understanding the dependencies in your environment, to knowing about vulnerabilities in those dependencies{% ifversion fpt or ghec or ghes > 3.2 %}, and patching them{% endif %}.' +miniTocMaxHeadingLevel: 3 +shortTitle: Supply chain security +redirect_from: + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +type: overview +topics: + - Advanced Security + - Dependency review + - Dependency graph + - Vulnerabilities + - Dependencies + - Pull requests + - Repositories +--- + +## About supply chain security at GitHub + +With the accelerated use of open source, most projects depend on hundreds of open-source dependencies. This poses a security problem: what if the dependencies you're using are vulnerable? You could be putting your users at risk of a supply chain attack. One of the most important things you can do to protect your supply chain is to patch your vulnerabilities. + +You add dependencies directly to your supply chain when you specify them in a manifest file or a lockfile. Dependencies can also be included transitively, that is, even if you don’t specify a particular dependency, but a dependency of yours uses it, then you’re also dependent on that dependency. + +{% data variables.product.product_name %} offers a range of features to help you understand the dependencies in your environment{% ifversion ghes < 3.3 or ghae %} and know about vulnerabilities in those dependencies{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %}, know about vulnerabilities in those dependencies, and patch them{% endif %}. + +The supply chain features on {% data variables.product.product_name %} are: +- **Dependency graph** +{% ifversion fpt or ghec or ghes > 3.1 or ghae %}- **Dependency review**{% endif %} +- **{% data variables.product.prodname_dependabot_alerts %} ** +{% ifversion fpt or ghec or ghes > 3.2 %}- **{% data variables.product.prodname_dependabot_updates %}** + - **{% data variables.product.prodname_dependabot_security_updates %}** + - **{% data variables.product.prodname_dependabot_version_updates %}**{% endif %} + +The dependency graph is central to supply chain security. The dependency graph identifies all upstream dependencies and public downstream dependents of a repository or package. You can see your repository’s dependencies and some of their properties, like vulnerability information, on the dependency graph for the repository. + +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +Other supply chain features on {% data variables.product.prodname_dotcom %} rely on the information provided by the dependency graph. + +- Dependency review uses the dependency graph to identify dependency changes and help you understand the security impact of these changes when you review pull requests. +- {% data variables.product.prodname_dependabot %} cross-references dependency data provided by the dependency graph with the list of known vulnerabilities published in the {% data variables.product.prodname_advisory_database %}, scans your dependecies and generates {% data variables.product.prodname_dependabot_alerts %} when a potential vulnerability is detected. +{% ifversion fpt or ghec or ghes > 3.2 %}- {% data variables.product.prodname_dependabot_security_updates %} use the dependency graph and {% data variables.product.prodname_dependabot_alerts %} to help you update dependencies with known vulnerabilities in your repository. + +{% data variables.product.prodname_dependabot_version_updates %} don't use the dependency graph and rely on the semantic versioning of dependencies instead. {% data variables.product.prodname_dependabot_version_updates %} help you keep your dependencies updated, even when they don’t have any vulnerabilities. +{% endif %} +{% endif %} + +{% ifversion ghes < 3.2 %} +{% data variables.product.prodname_dependabot %} cross-references dependency data provided by the dependency graph with the list of known vulnerabilities published in the {% data variables.product.prodname_advisory_database %}, scans your dependencies and generates {% data variables.product.prodname_dependabot_alerts %} when a potential vulnerability is detected. + {% endif %} + +## Feature overview + +### What is the dependency graph + +To generate the dependency graph, {% data variables.product.company_short %} looks at a repository’s explicit dependencies declared in the manifest and lockfiles. When enabled, the dependency graph automatically parses all known package manifest files in the repository, and uses this to construct a graph with known dependency names and versions. + +- The dependency graph includes information on your _direct_ dependencies and _transitive_ dependencies. +- The dependency graph is automatically updated when you push a commit to {% data variables.product.company_short %} that changes or adds a supported manifest or lock file to the default branch, and when anyone pushes a change to the repository of one of your dependencies. +- You can see the dependency graph by opening the repository's main page on {% data variables.product.product_name %}, and navigating to the **Insights** tab. + +For more information about the dependency graph, see "[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)." + +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +### What is dependency review + +Dependency review helps reviewers and contributors understand dependency changes and their security impact in every pull request. + +- Dependency review tells you which dependencies were added, removed, or updated, in a pull request. You can use the release dates, popularity of dependencies, and vulnerability information to help you decide whether to accept the change. +- You can see the dependency review for a pull request by showing the rich diff on the **Files Changed** tab. + +For more information about dependency review, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)." + +{% endif %} + +### What is Dependabot + +{% data variables.product.prodname_dependabot %} keeps your dependencies up to date by informing you of any security vulnerabilities in your dependencies{% ifversion fpt or ghec or ghes > 3.2 or ghae %}, and automatically opens pull requests to upgrade your dependencies to the next available secure version when a {% data variables.product.prodname_dependabot %} alert is triggered, or to the latest version when a release is published{% else %} so that you can update that dependency{% endif %}. + +{% ifversion fpt or ghec or ghes > 3.2 %} +The term "{% data variables.product.prodname_dependabot %}" encompasses the following features: +- {% data variables.product.prodname_dependabot_alerts %}—Displayed notification on the **Security** tab for the repository, and in the repository's dependency graph. The alert includes a link to the affected file in the project, and information about a fixed version. +- {% data variables.product.prodname_dependabot_updates %}: + - {% data variables.product.prodname_dependabot_security_updates %}—Triggered updates to upgrade your dependencies to a secure version when an alert is triggered. + - {% data variables.product.prodname_dependabot_version_updates %}—Scheduled updates to keep your dependencies up to date with the latest version. +{% endif %} + +#### What are Dependabot alerts + +{% data variables.product.prodname_dependabot_alerts %} highlight repositories affected by a newly discovered vulnerability based on the dependency graph and the {% data variables.product.prodname_advisory_database %}, which contains the versions on known vulnerability lists. + +- {% data variables.product.prodname_dependabot %} performs a scan to detect vulnerable dependencies and sends {% data variables.product.prodname_dependabot_alerts %} when: +{% ifversion fpt or ghec %} + - A new vulnerability is added to the {% data variables.product.prodname_advisory_database %}.{% else %} + - New advisory data is synchronized to {% data variables.product.product_location %} each hour from {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.security-advisory.link-browsing-advisory-db %}{% endif %} + - The dependency graph for the repository changes. +- {% data variables.product.prodname_dependabot_alerts %} are displayed {% ifversion fpt or ghec or ghes > 3.0 %} on the **Security** tab for the repository and{% endif %} in the repository's dependency graph. The alert includes {% ifversion fpt or ghec or ghes > 3.0 %}a link to the affected file in the project, and {% endif %}information about a fixed version. + +For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)." + +{% ifversion fpt or ghec or ghes > 3.2 %} +#### What are Dependabot updates + +There are two types of {% data variables.product.prodname_dependabot_updates %}: {% data variables.product.prodname_dependabot %} _security_ updates and _version_ updates. {% data variables.product.prodname_dependabot %} generates automatic pull requests to update your dependencies in both cases, but there are several differences. + +{% data variables.product.prodname_dependabot_security_updates %}: + - Triggered by a {% data variables.product.prodname_dependabot %} alert + - Update dependencies to the minimum version that resolves a known vulnerability + - Supported for ecosystems the dependency graph supports + +{% data variables.product.prodname_dependabot_version_updates %}: + - Run on a schedule you configure + - Update dependencies to the latest version that matches the configuration + - Supported for a different group of ecosystems + +For more information about {% data variables.product.prodname_dependabot_updates %}, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)" and "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates)." +{% endif %} + +## Feature availability + +{% ifversion fpt or ghec %} + +Public repositories: +- **Dependency graph**—enabled by default and cannot be disabled. +- **Dependency review**—enabled by default and cannot be disabled. +- **{% data variables.product.prodname_dependabot_alerts %}**—not enabled by default. {% data variables.product.prodname_dotcom %} detects vulnerable dependencies and displays information in the dependency graph, but does not generate {% data variables.product.prodname_dependabot_alerts %} by default. Repository owners or people with admin access can enable {% data variables.product.prodname_dependabot_alerts %}. + You can also enable or disable Dependabot alerts for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)." + +Private repositories: +- **Dependency graph**—not enabled by default. The feature can be enabled by repository administrators. For more information, see "[Exploring the dependencies of a repository](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." +{% ifversion fpt %} +- **Dependency review**—available in private repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review). +{% elsif ghec %} +- **Dependency review**—available in private repositories owned by organizations provided you have a license for {% data variables.product.prodname_GH_advanced_security %} and the dependency graph enabled. For more information, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)" and "[Exploring the dependencies of a repository](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." +{% endif %} +- **{% data variables.product.prodname_dependabot_alerts %}**—not enabled by default. Owners of private repositories, or people with admin access, can enable {% data variables.product.prodname_dependabot_alerts %} by enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for their repositories. + You can also enable or disable Dependabot alerts for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)." + +Any repository type: +- **{% data variables.product.prodname_dependabot_security_updates %}**—not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." +- **{% data variables.product.prodname_dependabot_version_updates %}**—not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling security updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." +{% endif %} + +{% ifversion ghes or ghae %} +- **Dependency graph** and **{% data variables.product.prodname_dependabot_alerts %}**—not enabled by default. Both features are configured at an enterprise level by the enterprise owner. For more information, see {% ifversion ghes %}"[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)" and {% endif %}"[Enabling {% data variables.product.prodname_dependabot %} for your enterprise](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)." +- **Dependency review**—available when dependency graph is enabled for {% data variables.product.product_location %} and {% data variables.product.prodname_advanced_security %} is enabled for the organization or repository. For more information, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)." +{% endif %} +{% ifversion ghes > 3.2 %} +- **{% data variables.product.prodname_dependabot_security_updates %}**—not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." +- **{% data variables.product.prodname_dependabot_version_updates %}**—not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling security updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." +{% endif %} diff --git a/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md b/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md index de81712e37..91b871b9ef 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md +++ b/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md @@ -55,7 +55,7 @@ You can use the dependency graph to: - Explore the repositories your code depends on{% ifversion fpt or ghec %}, and those that depend on it{% endif %}. For more information, see "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)." {% ifversion fpt or ghec %} - View a summary of the dependencies used in your organization's repositories in a single dashboard. For more information, see "[Viewing insights for your organization](/articles/viewing-insights-for-your-organization#viewing-organization-dependency-insights)."{% endif %} -- View and update vulnerable dependencies for your repository. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."{% ifversion fpt or ghes > 3.1 or ghec %} +- View and update vulnerable dependencies for your repository. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."{% ifversion fpt or ghes > 3.1 or ghec %} - See information about vulnerable dependencies in pull requests. For more information, see "[Reviewing dependency changes in a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)."{% endif %} ## Enabling the dependency graph @@ -84,7 +84,7 @@ The recommended formats explicitly define which versions are used for all direct {%- endif %} | Maven | Java, Scala | `pom.xml` | `pom.xml` | | npm | JavaScript | `package-lock.json` | `package-lock.json`, `package.json`| -| Python PIP | Python | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`{% if github-actions-in-dependency-graph %}[2]{% else %}[1]{% endif %} | +| pip | Python | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`{% if github-actions-in-dependency-graph %}[2]{% else %}[1]{% endif %} | {%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-4752 %} | Python Poetry | Python | `poetry.lock` | `poetry.lock`, `pyproject.toml` |{% endif %} | RubyGems | Ruby | `Gemfile.lock` | `Gemfile.lock`, `Gemfile`, `*.gemspec` | @@ -111,5 +111,5 @@ The recommended formats explicitly define which versions are used for all direct - "[Dependency graph](https://en.wikipedia.org/wiki/Dependency_graph)" on Wikipedia - "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)"{% ifversion fpt or ghec %} - "[Viewing insights for your organization](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)"{% endif %} -- "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" - "[Troubleshooting the detection of vulnerable dependencies](/github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies)" diff --git a/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md b/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md index 0b53c0aa2c..6a51a33743 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md +++ b/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md @@ -40,7 +40,7 @@ Enterprise owners can configure the dependency graph at an enterprise level. For ### 依存関係ビュー {% ifversion fpt or ghec %} -依存関係はエコシステム別にグループ化されます。 依存関係を拡張すると、その依存関係を表示できます。 {% data variables.product.product_name %}でホストされているパブリックリポジトリの依存関係については、クリックしてそのリポジトリを見ることもできます。 プライベートリポジトリ、プライベートパッケージ、認識できないファイルの依存関係は、プレーンテキストで表示されます。 +依存関係はエコシステム別にグループ化されます。 依存関係を拡張すると、その依存関係を表示できます。 プライベートリポジトリ、プライベートパッケージ、認識できないファイルの依存関係は、プレーンテキストで表示されます。 If the package manager for the dependency is in a public repository, {% data variables.product.product_name %} will display a link to that repository. リポジトリで脆弱性が検出された場合は、{% data variables.product.prodname_dependabot_alerts %}にアクセスできるユーザに、ビューの上部で表示されます。 @@ -83,7 +83,10 @@ Enterprise owners can configure the dependency graph at an enterprise level. For ## "Used by"パッケージの変更 -依存関係グラフが有効になっている場合、サポートされているパッケージエコシステム上で公開されているパッケージをリポジトリが含んでいると、{% data variables.product.prodname_dotcom %}はリポジトリの**Code**タブのサイドバー内の"Used by"セクションに表示します。 サポートされているパッケージエコシステムに関する詳しい情報については「[依存関係グラフについて](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)」を参照してください。 +You may notice some repositories have a "Used by" section in the sidebar of the **Code** tab. Your repository will have a "Used by" section if: + * The dependency graph is enabled for the repository (see the above section for more details). + * Your repository contains a package that is published on a [supported package ecosystem](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems). + * Within the ecosystem, your package has a link to a _public_ repository where the source is stored. "Used by"セクションは、見つかったパッケージに対する公開参照数を示し、依存物のプロジェクトのオーナーのアバターを表示します。 @@ -112,7 +115,7 @@ Enterprise owners can configure the dependency graph at an enterprise level. For ## 参考リンク - [依存関係グラフについて](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph) -- [リポジトリ内の脆弱な依存関係を表示・更新する](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository){% ifversion fpt or ghec %} +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% ifversion fpt or ghec %} - [Organization のインサイトを表示する](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization) - [{% data variables.product.prodname_dotcom %}によるデータの利用と保護の方法の理解](/get-started/privacy-on-github) {% endif %} diff --git a/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md b/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md index faf0f20e3e..46fe16bc26 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md +++ b/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md @@ -9,10 +9,12 @@ topics: - Dependency graph - Dependencies - Repositories -children: - - /about-the-dependency-graph - - /exploring-the-dependencies-of-a-repository - - /about-dependency-review shortTitle: Understand your supply chain +children: + - /about-supply-chain-security + - /about-the-dependency-graph + - /about-dependency-review + - /exploring-the-dependencies-of-a-repository + - /troubleshooting-the-dependency-graph --- diff --git a/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md b/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md new file mode 100644 index 0000000000..6de1b7a25d --- /dev/null +++ b/translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md @@ -0,0 +1,62 @@ +--- +title: Troubleshooting the dependency graph +intro: 'If the dependency information reported by the dependency graph is not what you expected, there are a number of points to consider, and various things you can check.' +shortTitle: Troubleshoot dependency graph +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +type: how_to +topics: + - Troubleshooting + - Errors + - Dependencies + - Vulnerabilities + - Dependency graph + - CVEs + - Repositories +--- + +{% data reusables.dependabot.result-discrepancy %} + +## Does the dependency graph only find dependencies in manifests and lockfiles? + +The dependency graph includes information on dependencies that are explicitly declared in your environment. That is, dependencies that are specified in a manifest or a lockfile. The dependency graph generally also includes transitive dependencies, even when they aren't specified in a lockfile, by looking at the dependencies of the dependencies in a manifest file. + +The dependency graph doesn't include "loose" dependencies. "Loose" dependencies are individual files that are copied from another source and checked into the repository directly or within an archive (such as a ZIP or JAR file), rather than being referenced by in a package manager’s manifest or lockfile. + +**Check**: Is the missing dependency for a component that's not specified in the repository's manifest or lockfile? + +## Does the dependency graph detect dependencies specified using variables? + +The dependency graph analyzes manifests as they’re pushed to {% data variables.product.prodname_dotcom %}. The dependency graph doesn't, therefore, have access to the build environment of the project, so it can't resolve variables used within manifests. If you use variables within a manifest to specify the name, or more commonly the version of a dependency, then that dependency will not be included in the dependency graph. + +**Check**: Is the missing dependency declared in the manifest by using a variable for its name or version? + +## Are there limits which affect the dependency graph data? + +Yes, the dependency graph has two categories of limits: + +1. **Processing limits** + + These affect the dependency graph displayed within {% data variables.product.prodname_dotcom %} and also prevent {% data variables.product.prodname_dependabot_alerts %} being created. + + Manifests over 0.5 MB in size are only processed for enterprise accounts. For other accounts, manifests over 0.5 MB are ignored and will not create {% data variables.product.prodname_dependabot_alerts %}. + + By default, {% data variables.product.prodname_dotcom %} will not process more than 20 manifests per repository. {% data variables.product.prodname_dependabot_alerts %} are not created for manifests beyond this limit. If you need to increase the limit, contact {% data variables.contact.contact_support %}. + +2. **Visualization limits** + + These affect what's displayed in the dependency graph within {% data variables.product.prodname_dotcom %}. However, they don't affect the {% data variables.product.prodname_dependabot_alerts %} that are created. + + The Dependencies view of the dependency graph for a repository only displays 100 manifests. Typically this is adequate as it is significantly higher than the processing limit described above. In situations where the processing limit is over 100, {% data variables.product.prodname_dependabot_alerts %} are still created for any manifests that are not shown within {% data variables.product.prodname_dotcom %}. + +**Check**: Is the missing dependency in a manifest file that's over 0.5 MB, or in a repository with a large number of manifests? + +## Further reading + +- "[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)" +- "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" +- "[Troubleshooting the detection of vulnerable dependencies](/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"{% endif %} \ No newline at end of file diff --git a/translations/ja-JP/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md b/translations/ja-JP/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md index 1ea731f222..01b7f9dca6 100644 --- a/translations/ja-JP/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md +++ b/translations/ja-JP/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md @@ -59,39 +59,39 @@ webhook を保護するためにシークレットが必要なアプリケーシ 以下の表にある権限名をクエリパラメータ名として、権限タイプをクエリの値として使用することで、クエリ文字列で権限を設定できます。 たとえば、`contents` のユーザインターフェースに `Read & write` 権限を設定するには、クエリ文字列に `&contents=write` を含めます。 `blocking` のユーザインターフェースに `Read-only` 権限を設定するには、クエリ文字列に `&blocking=read` を含めます。 `checks` のユーザインターフェースに `no-access` を設定するには、クエリ文字列に `checks` 権限を含めないようにします。 -| 権限 | 説明 | -| -------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| 権限 | 説明 | +| -------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [`administration`](/rest/reference/permissions-required-for-github-apps/#permission-on-administration) | Organization およびリポジトリ管理のためのさまざまなエンドポイントにアクセス権を付与します。 `none`、`read`、`write` のいずれかです。{% ifversion fpt or ghec %} | [`blocking`](/rest/reference/permissions-required-for-github-apps/#permission-on-blocking) | [Blocking Users API](/rest/reference/users#blocking) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。{% endif %} | [`checks`](/rest/reference/permissions-required-for-github-apps/#permission-on-checks) | [Checks API](/rest/reference/checks) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。{% ifversion ghes < 3.4 %} | `content_references` | 「[コンテンツ添付の作成](/rest/reference/apps#create-a-content-attachment)」エンドポイントへのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。{% endif %} -| [`contents`](/rest/reference/permissions-required-for-github-apps/#permission-on-contents) | さまざまなエンドポイントにアクセス権を付与し、リポジトリのコンテンツを変更できるようにします。 `none`、`read`、`write` のいずれかです。 | +| [`contents`](/rest/reference/permissions-required-for-github-apps/#permission-on-contents) | さまざまなエンドポイントにアクセス権を付与し、リポジトリのコンテンツを変更できるようにします。 `none`、`read`、`write` のいずれかです。 | | [`deployments`](/rest/reference/permissions-required-for-github-apps/#permission-on-deployments) | [Deployments API](/rest/reference/repos#deployments) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。{% ifversion fpt or ghes or ghec %} | [`emails`](/rest/reference/permissions-required-for-github-apps/#permission-on-emails) | [Emails API](/rest/reference/users#emails) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。{% endif %} -| [`followers`](/rest/reference/permissions-required-for-github-apps/#permission-on-followers) | [Followers API](/rest/reference/users#followers) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | -| [`gpg_keys`](/rest/reference/permissions-required-for-github-apps/#permission-on-gpg-keys) | [GPG Keys API](/rest/reference/users#gpg-keys) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | -| [`issues`](/rest/reference/permissions-required-for-github-apps/#permission-on-issues) | [Issues API](/rest/reference/issues) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | -| [`keys`](/rest/reference/permissions-required-for-github-apps/#permission-on-keys) | [Public Keys API](/rest/reference/users#keys) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | +| [`followers`](/rest/reference/permissions-required-for-github-apps/#permission-on-followers) | [Followers API](/rest/reference/users#followers) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | +| [`gpg_keys`](/rest/reference/permissions-required-for-github-apps/#permission-on-gpg-keys) | [GPG Keys API](/rest/reference/users#gpg-keys) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | +| [`issues`](/rest/reference/permissions-required-for-github-apps/#permission-on-issues) | [Issues API](/rest/reference/issues) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | +| [`keys`](/rest/reference/permissions-required-for-github-apps/#permission-on-keys) | [Public Keys API](/rest/reference/users#keys) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | | [`members`](/rest/reference/permissions-required-for-github-apps/#permission-on-members) | Organization のメンバーへのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。{% ifversion fpt or ghec %} -| [`メタデータ`](/rest/reference/permissions-required-for-github-apps/#metadata-permissions) | 機密データを漏洩しない、読み取り専用のエンドポイントへのアクセス権を付与します。 `read`、`none` のいずれかです。 {% data variables.product.prodname_github_app %} に何らかの権限を設定した場合、デフォルトは `read` となり、権限を指定しなかった場合、デフォルトは `none` となります。 | +| [`メタデータ`](/rest/reference/permissions-required-for-github-apps/#metadata-permissions) | 機密データを漏洩しない、読み取り専用のエンドポイントへのアクセス権を付与します。 `read`、`none` のいずれかです。 {% data variables.product.prodname_github_app %} に何らかの権限を設定した場合、デフォルトは `read` となり、権限を指定しなかった場合、デフォルトは `none` となります。 | | [`organization_administration`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-administration) | 「[Organization の更新](/rest/reference/orgs#update-an-organization)」エンドポイントと、[Organization Interaction Restrictions API](/rest/reference/interactions#set-interaction-restrictions-for-an-organization) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。{% endif %} -| [`organization_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-hooks) | [Organization Webhooks API](/rest/reference/orgs#webhooks/) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | -| `organization_plan` | 「[Organization の取得](/rest/reference/orgs#get-an-organization)」エンドポイントを使用して Organization のプランについての情報を取得するためのアクセス権を付与します。 `none`、`read` のいずれかです。 | +| [`organization_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-hooks) | [Organization Webhooks API](/rest/reference/orgs#webhooks/) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | +| `organization_plan` | 「[Organization の取得](/rest/reference/orgs#get-an-organization)」エンドポイントを使用して Organization のプランについての情報を取得するためのアクセス権を付与します。 `none`、`read` のいずれかです。 | | [`organization_projects`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-projects) | [Projects API](/rest/reference/projects) へのアクセス権を付与します。 `none`、`read`、`write`、`admin` のいずれかです。{% ifversion fpt or ghec %} | [`organization_user_blocking`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-projects) | [Blocking Organization Users API](/rest/reference/orgs#blocking) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。{% endif %} -| [`pages`](/rest/reference/permissions-required-for-github-apps/#permission-on-pages) | [Pages API](/rest/reference/repos#pages) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | -| `plan` | 「[ユーザの取得](/rest/reference/users#get-a-user)」エンドポイントを使用してユーザの GitHub プランについての情報を取得するためのアクセス権を付与します。 `none`、`read` のいずれかです。 | -| [`pull_requests`](/rest/reference/permissions-required-for-github-apps/#permission-on-pull-requests) | さまざまなプルリクエストエンドポイントへのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | -| [`repository_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-hooks) | [Repository Webhooks API](/rest/reference/repos#hooks) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | +| [`pages`](/rest/reference/permissions-required-for-github-apps/#permission-on-pages) | [Pages API](/rest/reference/repos#pages) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | +| `plan` | 「[ユーザの取得](/rest/reference/users#get-a-user)」エンドポイントを使用してユーザの GitHub プランについての情報を取得するためのアクセス権を付与します。 `none`、`read` のいずれかです。 | +| [`pull_requests`](/rest/reference/permissions-required-for-github-apps/#permission-on-pull-requests) | さまざまなプルリクエストエンドポイントへのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | +| [`repository_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-hooks) | [Repository Webhooks API](/rest/reference/repos#hooks) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | | [`repository_projects`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-projects) | [Projects API](/rest/reference/projects) へのアクセス権を付与します。 `none`、`read`、`write`、`admin` のいずれかです。{% ifversion fpt or ghes or ghec %} | [`secret_scanning_alerts`](/rest/reference/permissions-required-for-github-apps/#permission-on-secret-scanning-alerts) | [Secret scanning API](/rest/reference/secret-scanning) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。{% endif %}{% ifversion fpt or ghes or ghec %} | [`security_events`](/rest/reference/permissions-required-for-github-apps/#permission-on-security-events) | [Code scanning API](/rest/reference/code-scanning/) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。{% endif %} -| [`single_file`](/rest/reference/permissions-required-for-github-apps/#permission-on-single-file) | [Contents API](/rest/reference/repos#contents) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | -| [`starring`](/rest/reference/permissions-required-for-github-apps/#permission-on-starring) | [Starring API](/rest/reference/activity#starring) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | -| [`statuses`](/rest/reference/permissions-required-for-github-apps/#permission-on-statuses) | [Statuses API](/rest/reference/commits#commit-statuses) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | +| [`single_file`](/rest/reference/permissions-required-for-github-apps/#permission-on-single-file) | [Contents API](/rest/reference/repos#contents) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | +| [`starring`](/rest/reference/permissions-required-for-github-apps/#permission-on-starring) | [Starring API](/rest/reference/activity#starring) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | +| [`statuses`](/rest/reference/permissions-required-for-github-apps/#permission-on-statuses) | [Statuses API](/rest/reference/commits#commit-statuses) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。 | | [`team_discussions`](/rest/reference/permissions-required-for-github-apps/#permission-on-team-discussions) | [Team Discussions API](/rest/reference/teams#discussions) および [Team Discussion Comments API](/rest/reference/teams#discussion-comments) へのアクセス権を付与します。 `none`、`read`、`write` のいずれかです。{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} -| `vulnerability_alerts` | リポジトリ内の脆弱性のある依存関係に対するセキュリティアラートを受信するためのアクセス権を付与します。 詳細は「[脆弱性のある依存関係に関するアラートについて](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)」を参照。 `none`、`read` のいずれかです。{% endif %} -| `Watch` | リストへのアクセス権を付与し、ユーザがサブスクライブするリポジトリの変更を許可します。 `none`、`read`、`write` のいずれかです。 | +| `vulnerability_alerts` | Grants access to receive {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies in a repository. See "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)" to learn more. `none`、`read` のいずれかです。{% endif %} +| `Watch` | リストへのアクセス権を付与し、ユーザがサブスクライブするリポジトリの変更を許可します。 `none`、`read`、`write` のいずれかです。 | ## {% data variables.product.prodname_github_app %} webhook イベント diff --git a/translations/ja-JP/content/developers/apps/building-github-apps/creating-a-github-app.md b/translations/ja-JP/content/developers/apps/building-github-apps/creating-a-github-app.md index fbe55f21a2..26d5355d03 100644 --- a/translations/ja-JP/content/developers/apps/building-github-apps/creating-a-github-app.md +++ b/translations/ja-JP/content/developers/apps/building-github-apps/creating-a-github-app.md @@ -46,7 +46,8 @@ topics: {% endif %} 1. デフォルトでは、アプリケーションのセキュリティを高めるため、アプリケーションは期限付きのユーザ認可トークンを使用します。 期限付きのユーザトークンの使用をオプトアウトするには、[Expire user authorization tokens] の選択を解除する必要があります。 リフレッシュトークンフローの設定と、期限付きユーザトークンの利点に関する詳細については、「[ユーザからサーバーに対するアクセストークンをリフレッシュする](/apps/building-github-apps/refreshing-user-to-server-access-tokens/)」を参照してください。 ![GitHub App のセットアップ中に期限付きユーザトークンをオプトインするオプション](/assets/images/github-apps/expire-user-tokens-selection.png) -1. アプリケーションが OAuth フローを使用してユーザを認可する場合、[**Request user authorization (OAuth) during installation**] を選択して、ユーザーかアプリをインストール時に認可するようにできます。 このオプションを選択した場合、[Setup URL] が利用できなくなり、アプリケーションのインストール後にユーザはあなたが設定した [User authorization callback URL] にリダイレクトされます。 詳しい情報については「[インストール中にユーザを認可する](/apps/installing-github-apps/#authorizing-users-during-installation)」を参照してください。 ![インストール時にユーザの認可を要求する](/assets/images/github-apps/github_apps_request_auth_upon_install.png) +1. アプリケーションが OAuth フローを使用してユーザを認可する場合、[**Request user authorization (OAuth) during installation**] を選択して、ユーザーかアプリをインストール時に認可するようにできます。 このオプションを選択した場合、[Setup URL] が利用できなくなり、アプリケーションのインストール後にユーザはあなたが設定した [User authorization callback URL] にリダイレクトされます。 詳しい情報については「[インストール中にユーザを認可する](/apps/installing-github-apps/#authorizing-users-during-installation)」を参照してください。 ![Request user authorization during installation](/assets/images/github-apps/github_apps_request_auth_upon_install.png){% if device-flow-is-opt-in %} +1. If your GitHub App will use the device flow to identify and authorize users, click **Enable Device Flow**. For more information about the device flow, see "[Authorizing OAuth Apps](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)." ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} 1. インストール後に追加の設定が必要な場合、[Setup URL] を追加して、アプリケーションをインストールした後にユーザをリダイレクトします。 ![GitHub App のセットアップ URL フィールド ](/assets/images/github-apps/github_apps_setup_url.png) {% note %} diff --git a/translations/ja-JP/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md b/translations/ja-JP/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md index 8efff60fb5..b16a5f6a83 100644 --- a/translations/ja-JP/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md +++ b/translations/ja-JP/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md @@ -127,7 +127,7 @@ curl -H "Authorization: token OAUTH-TOKEN" {% data variables.product.api_url_pre デバイスフローを使えば、CLIツールやGit認証情報マネージャーなどのヘッドレスアプリケーションのユーザを認可できます。 -デバイスフローを使ったユーザの認可については、「[OAuth App の認可](/developers/apps/authorizing-oauth-apps#device-flow)」を参照してください。 +{% if device-flow-is-opt-in %}Before you can use the device flow to identify and authorize users, you must first enable it in your app's settings. For more information on enabling device flow, see "[Modifying a GitHub App](/developers/apps/managing-github-apps/modifying-a-github-app)." {% endif %}For more information about authorizing users using the device flow, see "[Authorizing OAuth Apps](/developers/apps/authorizing-oauth-apps#device-flow)." ## ユーザがアクセスできるインストールされたリソースの確認 diff --git a/translations/ja-JP/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md b/translations/ja-JP/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md index 3dfba1b4bf..fc1883a9d7 100644 --- a/translations/ja-JP/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md +++ b/translations/ja-JP/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md @@ -125,6 +125,12 @@ curl -H "Authorization: token OAUTH-TOKEN" {% data variables.product.api_url_pre The device flow allows you to authorize users for a headless app, such as a CLI tool or Git credential manager. +{% if device-flow-is-opt-in %} + +Before you can use the device flow to authorize and identify users, you must first enable it in your app's settings. For more information about enabling the device flow in your app, see "[Modifying an OAuth App](/developers/apps/managing-oauth-apps/modifying-an-oauth-app)" for OAuth Apps and "[Modifying a GitHub App](/developers/apps/managing-github-apps/modifying-a-github-app)" for GitHub Apps. + +{% endif %} + ### Overview of the device flow 1. Your app requests device and user verification codes and gets the authorization URL where the user will enter the user verification code. @@ -254,10 +260,12 @@ If you make more than one access token request (`POST {% data variables.product. | `unsupported_grant_type` | The grant type must be `urn:ietf:params:oauth:grant-type:device_code` and included as an input parameter when you poll the OAuth token request `POST {% data variables.product.oauth_host_code %}/login/oauth/access_token`. | `incorrect_client_credentials` | For the device flow, you must pass your app's client ID, which you can find on your app settings page. The `client_secret` is not needed for the device flow. | `incorrect_device_code` | The device_code provided is not valid. -| `access_denied` | When a user clicks cancel during the authorization process, you'll receive a `access_denied` error and the user won't be able to use the verification code again. +| `access_denied` | When a user clicks cancel during the authorization process, you'll receive a `access_denied` error and the user won't be able to use the verification code again.{% if device-flow-is-opt-in %} +| `device_flow_disabled` | Device flow has not been enabled in the app's settings. For more information, see "[Device flow](#device-flow)."{% endif %} For more information, see the "[OAuth 2.0 Device Authorization Grant](https://tools.ietf.org/html/rfc8628#section-3.5)." + ## Non-Web application flow Non-web authentication is available for limited situations like testing. If you need to, you can use [Basic Authentication](/rest/overview/other-authentication-methods#basic-authentication) to create a personal access token using your [Personal access tokens settings page](/articles/creating-an-access-token-for-command-line-use). This technique enables the user to revoke access at any time. diff --git a/translations/ja-JP/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md b/translations/ja-JP/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md index a0df1839c6..0bb33233a0 100644 --- a/translations/ja-JP/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md +++ b/translations/ja-JP/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md @@ -49,5 +49,6 @@ topics: **注釈:** {% data variables.product.prodname_github_apps %} と異なり、OAuth App は複数のコールバック URL を持つことはできません。 {% endnote %} -{% endif %} -10. **Register application** をクリックする。 ![アプリケーションを登録するボタン](/assets/images/oauth-apps/oauth_apps_register_application.png) +{% endif %}{% if device-flow-is-opt-in %} +1. If your OAuth App will use the device flow to identify and authorize users, click **Enable Device Flow**. For more information about the device flow, see "[Authorizing OAuth Apps](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)." ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} +2. **Register application** をクリックする。 ![アプリケーションを登録するボタン](/assets/images/oauth-apps/oauth_apps_register_application.png) diff --git a/translations/ja-JP/content/developers/apps/managing-github-apps/modifying-a-github-app.md b/translations/ja-JP/content/developers/apps/managing-github-apps/modifying-a-github-app.md index f6473a081a..8a0cf2cf8f 100644 --- a/translations/ja-JP/content/developers/apps/managing-github-apps/modifying-a-github-app.md +++ b/translations/ja-JP/content/developers/apps/managing-github-apps/modifying-a-github-app.md @@ -18,5 +18,6 @@ topics: {% data reusables.user-settings.developer_settings %} {% data reusables.user-settings.github_apps %} {% data reusables.user-settings.modify_github_app %} -5. 「Basic information(基本情報)」で、修正したいGitHub Appの情報を変更してください。 ![GitHub Appの基本情報セクション](/assets/images/github-apps/github_apps_basic_information.png) +5. 「Basic information(基本情報)」で、修正したいGitHub Appの情報を変更してください。 ![Basic information section for your GitHub App](/assets/images/github-apps/github_apps_basic_information.png){% if device-flow-is-opt-in %} +1. If your GitHub App will use the device flow to identify and authorize users, click **Enable device flow**. For more information about the device flow, see "[Authorizing OAuth Apps](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)." ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} 6. [**Save changes**] をクリックします。 ![GitHub Appの変更保存ボタン](/assets/images/github-apps/github_apps_save_changes.png) diff --git a/translations/ja-JP/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md b/translations/ja-JP/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md index 7370b55b41..7bc2f20cd5 100644 --- a/translations/ja-JP/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md +++ b/translations/ja-JP/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md @@ -49,7 +49,7 @@ When you have finished creating your app, you can share it with other users by p 1. Add a pricing plan. For more information, see "[Setting pricing plans for your listing](/developers/github-marketplace/setting-pricing-plans-for-your-listing)." -1. Read and accept the terms of the "[{% data variables.product.prodname_marketplace %} Developer Agreement](/free-pro-team@latest/github/site-policy/github-marketplace-developer-agreement." +1. Read and accept the terms of the "[{% data variables.product.prodname_marketplace %} Developer Agreement](/free-pro-team@latest/github/site-policy/github-marketplace-developer-agreement)." 1. Submit your listing for publication in {% data variables.product.prodname_marketplace %}. For more information, see "[Submitting your listing for publication](/developers/github-marketplace/submitting-your-listing-for-publication)." diff --git a/translations/ja-JP/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md b/translations/ja-JP/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md index 75428b691f..21e4a67870 100644 --- a/translations/ja-JP/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md +++ b/translations/ja-JP/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md @@ -46,17 +46,17 @@ webhookの`POST`リクエストには、特別なヘッダがあります。 詳 `plan`オブジェクトには以下のキーがあります。 -| キー | 種類 | 説明 | -| ------------------------ | ------------------ | ------------------------------------------------------ | -| `id` | `integer` | このプランの一意の識別子。 | -| `name` | `string` | プラン名。 | -| `説明` | `string` | プランの説明。 | -| `monthly_price_in_cents` | `integer` | このプランのセント (米国の通貨) 単位の月額。 たとえば、月額10米ドルのリストは1000セントです。 | -| `yearly_price_in_cents` | `integer` | このプランのセント (米国の通貨) 単位の年額。 たとえば、月額100米ドルのリストは10000セントです。 | -| `price_model` | `string` | このリストの価格モデル。 `flat-rate`、`per-unit`、`free`のいずれかです。 | -| `has_free_trial` | `boolean` | このリストが無料トライアルを提供する場合は`true`になります。 | -| `unit_name` | `string` | ユニットの名前。 価格モデルが`per-unit`でない場合、これは`nil`になります。 | -| `bullet` | `array of strings` | 価格プランに設定されている箇条書きの名前。 | +| キー | 種類 | 説明 | +| ------------------------ | ------------------ | ------------------------------------------------------- | +| `id` | `integer` | このプランの一意の識別子。 | +| `name` | `string` | プラン名。 | +| `説明` | `string` | プランの説明。 | +| `monthly_price_in_cents` | `integer` | このプランのセント (米国の通貨) 単位の月額。 たとえば、月額10米ドルのリストは1000セントです。 | +| `yearly_price_in_cents` | `integer` | このプランのセント (米国の通貨) 単位の年額。 たとえば、月額100米ドルのリストは120000セントです。 | +| `price_model` | `string` | このリストの価格モデル。 `flat-rate`、`per-unit`、`free`のいずれかです。 | +| `has_free_trial` | `boolean` | このリストが無料トライアルを提供する場合は`true`になります。 | +| `unit_name` | `string` | ユニットの名前。 価格モデルが`per-unit`でない場合、これは`nil`になります。 | +| `bullet` | `array of strings` | 価格プランに設定されている箇条書きの名前。 |
diff --git a/translations/ja-JP/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md b/translations/ja-JP/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md index cb85b42e78..95567e16c8 100644 --- a/translations/ja-JP/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md +++ b/translations/ja-JP/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md @@ -1246,7 +1246,7 @@ GitHub Marketplace の購入に関連するアクティビティ。 {% data reus Activity related to a security advisory that has been reviewed by {% data variables.product.company_short %}. A {% data variables.product.company_short %}-reviewed security advisory provides information about security-related vulnerabilities in software on {% data variables.product.prodname_dotcom %}. -The security advisory dataset also powers the GitHub {% data variables.product.prodname_dependabot_alerts %}. 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)」を参照してください。 +The security advisory dataset also powers the GitHub {% data variables.product.prodname_dependabot_alerts %}. 詳しい情報については、「[{% data variables.product.prodname_dependabot_alerts %} について](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)」を参照してください。 ### 利用の可否 diff --git a/translations/ja-JP/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md b/translations/ja-JP/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md index ccfbf6ade7..00b10cd4ca 100644 --- a/translations/ja-JP/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md +++ b/translations/ja-JP/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md @@ -20,7 +20,7 @@ shortTitle: GitHub's use of your data {% data reusables.repositories.about-github-archive-program %} 詳細は「[{% data variables.product.prodname_dotcom %} 上のコンテンツとデータのアーカイブ処理について](/github/creating-cloning-and-archiving-repositories/about-archiving-content-and-data-on-github#about-the-github-archive-program)」を参照してください。 -{% data reusables.user-settings.export-data %} For more information, see "[Requesting an archive of your personal account's data](/articles/requesting-an-archive-of-your-personal-account-s-data)." +{% data reusables.user-settings.export-data %}詳細は「[個人アカウントのデータのアーカイブをリクエストする](/articles/requesting-an-archive-of-your-personal-account-s-data)」を参照してください。 プライベートリポジトリのデータの利用をオプトインした場合でも、プライベートデータ、ソースコード、企業秘密は引き続き弊社の[利用規約](/free-pro-team@latest/github/site-policy/github-terms-of-service)の下で機密事項として扱われます。 弊社が知る情報は、集約されたデータからのみです。 詳しい情報については、「[プライベートリポジトリのデータ使用を管理する](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)」を参照してください。 @@ -28,7 +28,7 @@ shortTitle: GitHub's use of your data ## データによるセキュリティの推奨事項の改善 -データの利用方法の例として、パブリックリポジトリの依存対象のセキュリティの脆弱性を検出し、アラートを出すことができます。 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)」を参照してください。 +データの利用方法の例として、パブリックリポジトリの依存対象のセキュリティの脆弱性を検出し、アラートを出すことができます。 詳しい情報については、「[{% data variables.product.prodname_dependabot_alerts %} について](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)」を参照してください。 潜在的なセキュリティの脆弱性を検出するために、{% data variables.product.product_name %}は依存対象のマニフェストファイルの内容をスキャンし、プロジェクトの依存対象のリストを作成します。 diff --git a/translations/ja-JP/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md b/translations/ja-JP/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md index 8229beefb9..d7b42f45ee 100644 --- a/translations/ja-JP/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md +++ b/translations/ja-JP/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md @@ -16,7 +16,7 @@ shortTitle: Manage data use for private repo ## About data use for your private repository -When you enable data use for your private repository, you'll be able to access the dependency graph, where you can track your repository's dependencies and receive {% data variables.product.prodname_dependabot_alerts %} when {% data variables.product.product_name %} detects vulnerable dependencies. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)." +When you enable data use for your private repository, you'll be able to access the dependency graph, where you can track your repository's dependencies and receive {% data variables.product.prodname_dependabot_alerts %} when {% data variables.product.product_name %} detects vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)." ## Enabling or disabling data use features @@ -32,5 +32,5 @@ When you enable data use for your private repository, you'll be able to access t ## Further reading - "[About {% data variables.product.prodname_dotcom %}'s use of your data](/articles/about-github-s-use-of-your-data)" -- "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" - "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" diff --git a/translations/ja-JP/content/get-started/quickstart/fork-a-repo.md b/translations/ja-JP/content/get-started/quickstart/fork-a-repo.md index 4f546dfef5..4300129c0d 100644 --- a/translations/ja-JP/content/get-started/quickstart/fork-a-repo.md +++ b/translations/ja-JP/content/get-started/quickstart/fork-a-repo.md @@ -22,7 +22,7 @@ topics: ## フォークについて -一般的にフォークは、他のユーザのプロジェクトへの変更を提案するため、あるいは他のユーザのプロジェクトを自分のアイディアの出発点として活用するために使用します。 You can fork a repository to create a copy of the repository and make changes without affecting the upstream repository. For more information, see "[Working with forks](/github/collaborating-with-issues-and-pull-requests/working-with-forks)." +Most commonly, forks are used to either propose changes to someone else's project to which you don't have write access, or to use someone else's project as a starting point for your own idea. You can fork a repository to create a copy of the repository and make changes without affecting the upstream repository. For more information, see "[Working with forks](/github/collaborating-with-issues-and-pull-requests/working-with-forks)." ### 他のユーザのプロジェクトへの変更を提案する diff --git a/translations/ja-JP/content/get-started/quickstart/hello-world.md b/translations/ja-JP/content/get-started/quickstart/hello-world.md index 9cf7699063..ce26597435 100644 --- a/translations/ja-JP/content/get-started/quickstart/hello-world.md +++ b/translations/ja-JP/content/get-started/quickstart/hello-world.md @@ -87,7 +87,7 @@ When you created a new branch in the previous step, {% data variables.product.pr You can make and save changes to the files in your repository. On {% data variables.product.product_name %}, saved changes are called commits. Each commit has an associated commit message, which is a description explaining why a particular change was made. Commit messages capture the history of your changes so that other contributors can understand what you’ve done and why. 1. Under the `readme-edits` branch you created, click the _README.md_ file. -2. Click {% octicon "pencil" aria-label="The edit icon" %} to edit the file. +2. {% octicon "pencil" aria-label="The edit icon" %}をクリックしてファイルを編集してください。 3. In the editor, write a bit about yourself. Try using different Markdown elements. 4. In the **Commit changes** box, write a commit message that describes your changes. 5. **[Commit changes]** をクリックしてください。 diff --git a/translations/ja-JP/content/get-started/signing-up-for-github/index.md b/translations/ja-JP/content/get-started/signing-up-for-github/index.md index a7e6e8a7c1..74bc3b1d19 100644 --- a/translations/ja-JP/content/get-started/signing-up-for-github/index.md +++ b/translations/ja-JP/content/get-started/signing-up-for-github/index.md @@ -16,6 +16,5 @@ children: - /verifying-your-email-address - /setting-up-a-trial-of-github-enterprise-cloud - /setting-up-a-trial-of-github-enterprise-server - - /setting-up-a-trial-of-github-ae --- diff --git a/translations/ja-JP/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae.md b/translations/ja-JP/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae.md deleted file mode 100644 index 1dcef336fd..0000000000 --- a/translations/ja-JP/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae.md +++ /dev/null @@ -1,66 +0,0 @@ ---- -title: Setting up a trial of GitHub AE -intro: '{% data variables.product.prodname_ghe_managed %} のトライアルは無料でできます。' -versions: - ghae: '*' -topics: - - Accounts -shortTitle: GitHub AE trial ---- - -## About the {% data variables.product.prodname_ghe_managed %} trial - -You can set up a 90-day trial to evaluate {% data variables.product.prodname_ghe_managed %}. This process allows you to deploy a {% data variables.product.prodname_ghe_managed %} account in your existing Azure region. - -- **{% data variables.product.prodname_ghe_managed %} account**: The Azure resource that contains the deployment of {% data variables.product.prodname_ghe_managed %}. -- **{% data variables.product.prodname_ghe_managed %} portal**: The Azure management tool at [https://portal.azure.com](https://portal.azure.com). This is used to deploy the {% data variables.product.prodname_ghe_managed %} account. - -## {% data variables.product.prodname_ghe_managed %} のトライアルを設定する - - -Before you can start your trial of {% data variables.product.prodname_ghe_managed %}, you must request access by contacting your {% data variables.product.prodname_dotcom %} account team. {% data variables.product.prodname_dotcom %} will enable the {% data variables.product.prodname_ghe_managed %} trial for your Azure subscription. - -Contact {% data variables.contact.contact_enterprise_sales %} to check your eligibility for a {% data variables.product.prodname_ghe_managed %} trial. - -## Deploying {% data variables.product.prodname_ghe_managed %} with the {% data variables.actions.azure_portal %} - -The {% data variables.actions.azure_portal %} allows you to deploy the {% data variables.product.prodname_ghe_managed %} account in your Azure resource group. - -1. On the {% data variables.actions.azure_portal %}, type `GitHub AE` in the search field. Then, under _Services_, click {% data variables.product.prodname_ghe_managed %}. ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-search.png) -1. To begin the process of adding a new {% data variables.product.prodname_ghe_managed %} account, click **Create GitHub AE account**. -1. Complete the "Project details" and "Instance details" fields. ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-form.png) - - **Account name:** The hostname for your enterprise - - **Administrator username:** A username for the initial enterprise owner that will be created in {% data variables.product.prodname_ghe_managed %} - - **Administrator email:** The email address that will receive the login information -1. To review a summary of the proposed changes, click **Review + create**. -1. After the validation process has completed, click **Create**. - -The email address you entered above will receive instructions on how to access your enterprise. After you have access, you can get started by following the initial setup steps. 詳しい情報については、「[{% data variables.product.prodname_ghe_managed %} を初期化する](/admin/configuration/initializing-github-ae)」を参照してください。 - -{% note %} - -**Note:** Software updates for your {% data variables.product.prodname_ghe_managed %} deployment are performed by {% data variables.product.prodname_dotcom %}. For more information, see "[About upgrades to new releases](/admin/overview/about-upgrades-to-new-releases)." - -{% endnote %} - -## Navigating to your enterprise - -You can use the {% data variables.actions.azure_portal %} to navigate to your {% data variables.product.prodname_ghe_managed %} deployment. The resulting list includes all the {% data variables.product.prodname_ghe_managed %} deployments in your Azure region. - -1. On the {% data variables.actions.azure_portal %}, in the left panel, click **All resources**. -1. From the available filters, click **All types**, then deselect **Select all** and select **GitHub AE**: ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-type-filter.png) - -## 次のステップ - -Once your deployment has been provisioned, the next step is to initialize {% data variables.product.prodname_ghe_managed %}. 詳しい情報については、「[{% data variables.product.prodname_ghe_managed %} を初期化する](/github-ae@latest/admin/configuration/configuring-your-enterprise/initializing-github-ae)」を参照してください。 - -## トライアルを終了する - -You can upgrade to a full license at any time during the trial period by contacting contact {% data variables.contact.contact_enterprise_sales %}. If you haven't upgraded by the last day of your trial, then the deployment is automatically deleted. - -{% data variables.product.prodname_ghe_managed %} を評価するための時間がさらに必要な場合は、{% data variables.contact.contact_enterprise_sales %} に連絡して延長をリクエストしてください。 - -## 参考リンク - -- "[Enabling {% data variables.product.prodname_advanced_security %} features on {% data variables.product.prodname_ghe_managed %}](/github/getting-started-with-github/about-github-advanced-security#enabling-advanced-security-features-on-github-ae)" -- "[{% data variables.product.prodname_ghe_managed %} release notes](/github-ae@latest/admin/overview/github-ae-release-notes)" diff --git a/translations/ja-JP/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md b/translations/ja-JP/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md index 77eb9bbd37..01e6944f05 100644 --- a/translations/ja-JP/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md +++ b/translations/ja-JP/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md @@ -19,7 +19,7 @@ shortTitle: Enterprise Server trial {% data variables.product.prodname_ghe_server %} を評価するための 45 日間トライアルをリクエストできます。 トライアルは仮想アプライアンスとしてインストールされ、オンプレミスまたはクラウドでのデプロイメントのオプションがあります。 サポートされている仮想化プラットフォームの一覧については「[GitHub Enterprise Server インスタンスをセットアップする](/enterprise-server@latest/admin/installation/setting-up-a-github-enterprise-server-instance)」を参照してください。 -{% ifversion ghes %}{% data variables.product.prodname_dependabot %}{% else %}現在、セキュリティ{% endif %}アラートと {% data variables.product.prodname_github_connect %} は {% data variables.product.prodname_ghe_server %} のトライアルでは利用できません。 これらの機能のデモについては、{% data variables.contact.contact_enterprise_sales %} にお問い合わせください。 For more information about these features, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" and "[Connecting your enterprise account to {% data variables.product.prodname_ghe_cloud %}](/enterprise-server@latest/admin/configuration/managing-connections-between-your-enterprise-accounts/connecting-your-enterprise-account-to-github-enterprise-cloud)." +{% ifversion ghes %}{% data variables.product.prodname_dependabot %}{% else %}現在、セキュリティ{% endif %}アラートと {% data variables.product.prodname_github_connect %} は {% data variables.product.prodname_ghe_server %} のトライアルでは利用できません。 これらの機能のデモについては、{% data variables.contact.contact_enterprise_sales %} にお問い合わせください。 For more information about these features, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" and "[Connecting your enterprise account to {% data variables.product.prodname_ghe_cloud %}](/enterprise-server@latest/admin/configuration/managing-connections-between-your-enterprise-accounts/connecting-your-enterprise-account-to-github-enterprise-cloud)." {% data variables.product.prodname_ghe_cloud %} のトライアルも利用できます。 詳しい情報については、「[{% data variables.product.prodname_ghe_cloud %} のトライアルを設定する](/articles/setting-up-a-trial-of-github-enterprise-cloud)」を参照してください。 diff --git a/translations/ja-JP/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md b/translations/ja-JP/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md index 60b87b47b2..9ddc037251 100644 --- a/translations/ja-JP/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md +++ b/translations/ja-JP/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md @@ -69,10 +69,9 @@ Look! You can see my backticks. {% if mermaid %} ## Creating diagrams -You can use Mermaid syntax to add diagrams. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams)." +You can also use code blocks to create diagrams in Markdown. GitHub supports Mermaid, geoJSON, topoJSON, and ASCII STL syntax. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams)." {% endif %} - ## 参考リンク - [{% data variables.product.prodname_dotcom %} Flavored Markdown の仕様](https://github.github.com/gfm/) diff --git a/translations/ja-JP/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md b/translations/ja-JP/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md index 4f4f1a2e26..b781425b93 100644 --- a/translations/ja-JP/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md +++ b/translations/ja-JP/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md @@ -6,7 +6,13 @@ versions: shortTitle: Create diagrams --- -You can use Mermaid syntax to create diagrams. Mermaid is a Markdown-inspired tool that renders text into diagrams. For example, Mermaid can render flow charts, sequence diagrams, pie charts and more. For more information, see the [Mermaid documentation](https://mermaid-js.github.io/mermaid/#/). +## About creating diagrams + +You can create diagrams in Markdown using three different syntaxes: mermaid, geoJSON and topoJSON, and ASCII STL. + +## Creating Mermaid diagrams + +Mermaid is a Markdown-inspired tool that renders text into diagrams. For example, Mermaid can render flow charts, sequence diagrams, pie charts and more. For more information, see the [Mermaid documentation](https://mermaid-js.github.io/mermaid/#/). To create a Mermaid diagram, add Mermaid syntax inside a fenced code block with the `mermaid` language identifier. For more information about creating code blocks, see "[Creating and highlighting code blocks](/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks)." @@ -31,3 +37,122 @@ graph TD; **Note:** You may observe errors if you run a third-party Mermaid plugin when using Mermaid syntax on {% data variables.product.company_short %}. {% endnote %} + +## Creating geoJSON and topoJSON maps + +You can use geo/topoJSON syntax to create interactive maps. To create a map, add geoJSON or topoJSON inside a fenced code block with the `geojson` or `topojson` syntax identifier. 詳しい情報については[コードブロックの作成とハイライト](/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks)を参照してください。 + +### Using geoJSON + +For example, you can create a simple map: + +
+```geojson
+{
+  "type": "Polygon",
+  "coordinates": [
+      [
+          [-90,30],
+          [-90,35],
+          [-90,35],
+          [-85,35],
+          [-85,30]
+      ]
+  ]
+}
+```
+
+ +![Rendered map](/assets/images/help/writing/fenced-geojson-rendered-map.png) + +### Using topoJSON + +For example, you can create a simple topoJSON map: + +
+```topojson
+{
+  "type": "Topology",
+  "transform": {
+    "scale": [0.0005000500050005, 0.00010001000100010001],
+    "translate": [100, 0]
+  },
+  "objects": {
+    "example": {
+      "type": "GeometryCollection",
+      "geometries": [
+        {
+          "type": "Point",
+          "properties": {"prop0": "value0"},
+          "coordinates": [4000, 5000]
+        },
+        {
+          "type": "LineString",
+          "properties": {"prop0": "value0", "prop1": 0},
+          "arcs": [0]
+        },
+        {
+          "type": "Polygon",
+          "properties": {"prop0": "value0",
+            "prop1": {"this": "that"}
+          },
+          "arcs": [[1]]
+        }
+      ]
+    }
+  },
+  "arcs": [[[4000, 0], [1999, 9999], [2000, -9999], [2000, 9999]],[[0, 0], [0, 9999], [2000, 0], [0, -9999], [-2000, 0]]]
+}
+```
+
+ +![Rendered topojson map](/assets/images/help/writing/fenced-topojson-rendered-map.png) + +For more information on working with `.geojson` and `.topojson` files, see "[Working with non-code files](/repositories/working-with-files/using-files/working-with-non-code-files#mapping-geojson-files-on-github)." + + +## Creating STL 3D models + +You can use ASCII STL syntax directly in markdown to create interactive 3D models. To display a model, add ASCII STL syntax inside a fenced code block with the `stl` syntax identifier. 詳しい情報については[コードブロックの作成とハイライト](/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks)を参照してください。 + +For example, you can create a simple 3D model: + +
+```stl
+solid cube_corner
+  facet normal 0.0 -1.0 0.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 1.0 0.0 0.0
+      vertex 0.0 0.0 1.0
+    endloop
+  endfacet
+  facet normal 0.0 0.0 -1.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 0.0 1.0 0.0
+      vertex 1.0 0.0 0.0
+    endloop
+  endfacet
+  facet normal -1.0 0.0 0.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 0.0 0.0 1.0
+      vertex 0.0 1.0 0.0
+    endloop
+  endfacet
+  facet normal 0.577 0.577 0.577
+    outer loop
+      vertex 1.0 0.0 0.0
+      vertex 0.0 1.0 0.0
+      vertex 0.0 0.0 1.0
+    endloop
+  endfacet
+endsolid
+```
+
+ +![Rendered 3D model](/assets/images/help/writing/fenced-stl-rendered-object.png) + +For more information on working with `.stl` files, see "[Working with non-code files](/repositories/working-with-files/using-files/working-with-non-code-files#3d-file-viewer)." + diff --git a/translations/ja-JP/content/github/index.md b/translations/ja-JP/content/github/index.md index db1e0bdeb6..a7fa952646 100644 --- a/translations/ja-JP/content/github/index.md +++ b/translations/ja-JP/content/github/index.md @@ -12,7 +12,6 @@ versions: ghae: '*' children: - /copilot - - /site-policy - /site-policy-deprecated --- diff --git a/translations/ja-JP/content/github/site-policy/github-community-guidelines.md b/translations/ja-JP/content/github/site-policy/github-community-guidelines.md deleted file mode 100644 index 6989bc5a0e..0000000000 --- a/translations/ja-JP/content/github/site-policy/github-community-guidelines.md +++ /dev/null @@ -1,108 +0,0 @@ ---- -title: GitHubコミュニティガイドライン -redirect_from: - - /community-guidelines - - /articles/github-community-guidelines -versions: - fpt: '*' -topics: - - Policy - - Legal ---- - -GitHub では、何百万人もの開発者が何百万ものプロジェクト(オープンソースとクローズドソースの両方)をホストしています。私たちは、コミュニティの日々のコラボレーションに貢献できることを光栄に思います。 私たちには、誇りに思うことができるコミュニティを実現するための素晴らしいチャンスがあると同時に、責任も背負っています。 - -世界中の GitHub ユーザたちの持つ視点、アイデア、経験は十人十色。数日前に初めて「Hello World」プロジェクトを作った人から、世界で最も有名なソフトウェア開発者まで、さまざまなユーザがいます。 私たちは、GitHub をコミュニティ内のさまざまな意見や視点に対応した快適な環境にし、人々が自由に自分を表現できるスペースになるよう取り組んでいます。 - -期待の伝達やプロジェクトの[モデレート](#what-if-something-or-someone-offends-you)、虐待的な行動やコンテンツの{% data variables.contact.report_abuse %}報告{% data variables.contact.report_content %}は、コミュニティメンバーにかかっています。 GitHub でコラボレーションする最適な方法や、どんな行為やコンテンツが当社の[利用規定](/github/site-policy/github-acceptable-use-policies)を含む[利用規約](#legal-notices)に違反する恐れがあるのかを皆様に理解していただくために、ここではコミュニティ内では何が期待されるのかを説明いたします。 当社は不正行為の報告を調査し、利用規約に違反していると判断したサイトの公開コンテンツをモデレートする場合があります。 - -## 強いコミュニティを作る - -GitHub コミュニティの主な目的は、ソフトウェアプロジェクトの共同作業です。 私たちの望みは、そんな皆様の共同作業がより良くなることです。 当社はサイトを管理していますが、これは私たちが*共に*構築するコミュニティです。それを最高のものにするためには、皆様のサポートが必要です。 - -* **広い心で受け入れる** - 他のコラボレータとあなたとでは、経験値やバックグラウンドが異なるかもしれませんが、だからといって相手がコントリビューションにつながる良いアイデアを持っていないということにはなりません。 新たなコラボレータや、かけだしのユーザーは歓迎してあげましょう。 - -* **Respect each other** - Nothing sabotages healthy conversation like rudeness. 礼儀正しく、大人の態度を保ちましょう。一般的に攻撃的、虐待的、ヘイトスピーチとみなされるような内容を投稿しないでください。 嫌がらせや、人が悲しむような行為は禁止されています。 あらゆるやり取りにおいて、お互いに品位と配慮をもって接しましょう。 - - 意見に反対したいこともあるでしょう。 それは全くかまいません。 ただし、批判すべきはアイデアであって、人ではありません。 悪口、個人攻撃、投稿の内容ではなく口調に対する応答、脊髄反射的な反論を行うのではなく、 会話の質を高めるような、理論的な反論を行いましょう。 - -* **共感をもってコミュニケーションを行う** - 意見の不一致や相違はよくあることです。 コミュニティの一員であることは、あなたとは違った背景や視点を持つさまざまな人と交流するということです。 誰かと意見が合わない場合は、それを直に伝える前に、その人を理解し、相手の立場に立ってみるようにしましょう。 こうすることで、質問や議論への参加、コントリビューションなどがしやすい、敬意と親密さに満ちた雰囲気が作られます。 - -* **明確に伝え、トピックから逸脱しない** - GitHub は、仕事を進めたり生産性を高めたりするために使われるものです。 トピックから逸脱したコメントは、生産的に働いて仕事を終わらせるという目的から気をそらしてしまいます(たまにはいいかもしれませんが、普段は慎みましょう)。 トピックに集中することで、ポジティブで生産的な議論が生まれます。 - - また、インターネット上で見知らぬ人とやりとりする場合は、注意深さが求められます。 口調を伝えたり読み取ったりすることは難しく、皮肉な言葉が誤解されることも少なくありません。 明確な言葉を用い、相手がそれをどのように受け取るかを考えるようにしましょう。 - -## 嫌な思いをしたら - -対応が必要な問題が当社の耳に入るかどうかは、コミュニティにかかっています。 私たちが攻撃的なコンテンツについてサイトを積極的に監視することはありません。 サイトで不快な思いをした場合は、GitHub が提供するいくつかのツールを使用することですぐに行動を取ることができます。 - -* ** 期待を伝える** - コミュニティ固有の独自のガイドラインを設定していないコミュニティに参加する場合は、プルリクエストを送信して、README ファイルまたは [CONTRIBUTING](/articles/setting-guidelines-for-repository-contributors/) ファイル、または[専用の行動規範](/articles/adding-a-code-of-conduct-to-your-project/)のいずれかで参加することを推奨します。 - -* **コメントをモデレートする** - リポジトリの[書き込みアクセス権限](/articles/repository-permission-levels-for-an-organization/)がある場合、コミット、プルリクエスト、および Issue に関するコメントを編集、削除、または非表示にすることができます。 リポジトリの読み取りアクセスがあれば、誰でもコミットの編集履歴を見ることができます。 コメントの作者とリポジトリの書き込みアクセスがある人は、コメントの編集履歴から機密情報を削除できます。 詳細については、「[コメントの変更を追跡する](/articles/tracking-changes-in-a-comment)」および「[混乱を生むコメントを管理する](/articles/managing-disruptive-comments)」を参照してください。 - -* **会話をロックする**  - Issue やプルリクエストのディスカッションが制御不能になった場合は、[会話をロック](/articles/locking-conversations/)できます。 - -* **ユーザーをブロックする**  - 繰り返し不適切な行動を取るユーザに遭遇した場合は、[ユーザを個人アカウントからブロック](/articles/blocking-a-user-from-your-personal-account/)したり、[ユーザを Organization からブロック](/articles/blocking-a-user-from-your-organization/)できます。 - -もちろん、状況に対処するためにさらなるサポートが必要な場合は、いつでも{% data variables.contact.report_abuse %}するため連絡できます。 - -## 禁止事項 - -私たちは、ユーザが自由に自己表現し、それが技術的な内容であろうがそうでなかろうが、お互いのアイデアについて意見を交換できるコミュニティを維持できるように取り組んでいます。 しかし、コミュニティのメンバーが怒鳴られたり、発言するのが怖いためにアイデアが出てこない場合、このようなディスカッションから実りある対話が生まれることは少ないでしょう。 このため、常に敬意を払い、礼儀正しく振る舞うべきで、相手が何者かであるかを根拠にして他人を攻撃することは控えるべきです。 当社は、一線を越えた次のような行為を許容しません。 - -- #### 暴力による脅し。 他人を脅したり、サイトを利用して現実世界の暴力やテロ行為を組織、促進、または扇動することはできません。 言葉を発する場合や画像を投稿する場合はもちろん、ソフトウェアを作成する場合でさえも、それが他人からどのように解釈される可能性があるかを慎重に考えてください。 あなたが冗談のつもりでも、そのように受け取られないかもしれません。 自分が投稿したコンテンツが脅しである、または暴力やテロを助長していると他の誰かが解釈する*かもしれない*と思われる場合は、 それをGitHubに投稿するのを止めましょう。 場合によっては、当社が身体的危害のリスクや公共の安全に対する脅威だと判断し、暴力の脅威として法執行機関に報告する場合があります。 - -- #### 差別的発言と差別。 年齢、体の大きさ、障害、民族性、性自認、性表現、経験の度合い、国籍、容姿、人種、宗教、性同一性、性的指向などのトピックを持ち出すこと自体は禁止されていませんが、相手が何者かであるかを根拠にして個人またはグループを攻撃する発言を当社は許容しません。 攻撃的または侮辱的なアプローチでこうしたデリケートなトピックを扱った場合、他の人を不快に感じさせたり、場合によっては危険にさえ感じさせたりすることがあることを認識してください。 誤解が生まれる可能性を完全に排除することはできませんが、デリケートなトピックを議論するときは、常に敬意を払い、礼儀正しく振る舞うことがコミュニティメンバーに期待されます。 - -- #### いじめと嫌がらせ。 私たちは、いじめや嫌がらせを容認しません。 これは、特定の個人またはグループを標的とする常習的な煽りや脅迫のことです。 一般的に、迷惑な行動を続けた場合、いじめや嫌がらせになる恐れが高くなります。 - -- #### 他のユーザのエクスペリエンスを妨げること。 コミュニティの一員であることには、あなたの振る舞いが他の人に与える影響を認識し、人々およびプラットフォームと有意義で生産的なやり取りを行うということでもあります。 話題から逸れたコメントを繰り返し投稿したり、空や無意味な Issue、プルリクエストをオープンしたり、プラットフォームのその他の機能を、他のユーザのエクスペリエンスを継続的に妨げたりするような振る舞いは許されません。 メンテナには自己のプロジェクトを個別に管理していただく一方、GitHubのスタッフは、こうした振る舞いに関与するアカウントに対して、さらに踏み込んだ制限を行うことができます。 - -- #### Impersonation You may not impersonate another person by copying their avatar, posting content under their email address, using a similar username or otherwise posing as someone else. なりすましは嫌がらせの一つです。 - -- #### 晒しとプライバシーの侵害。 プライベート用のメールアドレス、電話番号、住所、クレジットカード番号、社会保障番号、国民識別番号、パスワードなど、他の人の個人情報は投稿しないでください。 脅迫や嫌がらせに該当するなど状況次第では、当社は対象の同意なしに撮影または配信された写真やビデオなどの他の情報をプライバシーの侵害とみなす場合があります。その情報が対象の安全リスクになる場合は特にです。 - -- #### わいせつなコンテンツ。 ポルノに該当するコンテンツは投稿しないでください。 これは、すべてのヌード、または性に関するすべてのコードやコンテンツが禁止されていることを意味するものではありません。 セクシュアリティは生活の一部であり、ポルノ以外の性的コンテンツがプロジェクトの一部になったり、教育的または芸術的な目的で提示され得るものであることを当社は認識しています。 ただし、わいせつな性的コンテンツや未成年者の搾取や性的関与を含むコンテンツは許可されません。 - -- #### 脈絡のない暴力的コンテンツ。 合理的な文脈がない場合、また警告なしに暴力的な画像やテキストなどのコンテンツを投稿しないでください。 ビデオゲーム、ニュースレポート、過去の出来事の説明に暴力的なコンテンツを含めることは多くの場合問題ありませんが、無差別に投稿された暴力的コンテンツや、他のユーザにとって回避が困難な方法(例えば、プロフィールアバターや Issue のコメントとして)で投稿された暴力的コンテンツは許可されません。 他のコンテキスト内に明確な警告や断りがあれば、ユーザはそのようなコンテンツに関与したいかどうかについて知識に基づいて判断を下すことができるでしょう。 - -- #### 誤情報および偽の情報。 公衆に害を及ぼしかねない、またはすべての人が公の生活に参加するための公正で平等な機会を阻害する可能性があるような、現実をゆがめた内容の投稿は、不正確や誤り (誤情報) であれ、意図的な嘘 (偽の情報) であれ行ってはなりません。 たとえば、人々の幸福を脅かしたり、自由で開かれた社会への参加を制限したりするコンテンツは許容できません。 当社はアイデア、視点、経験を表現することにおいて積極的な参加を促しており、個人アカウントや意見に反論するような立場にはないでしょう。 当社は一般的に、利用規定に沿ったパロディや風刺を許容します。また、情報がどのように受け止められ、理解されるかにおいては、文脈が重要だと考えています。ですから、お断りやその他の手段、および情報源を示すことにより、あなたの意図を明確にすることが適切な場合もあるでしょう。 - -- #### アクティブなマルウェアやエクスプロイト。 コミュニティの一員になる以上、コミュニティの他のメンバーにつけ込むような行為を行ってはいけません。 悪意のある実行可能ファイルを配信する手段としてや、サービス拒否攻撃を組織したりコマンドアンドコントロールサーバーを管理したりといった攻撃インフラとして GitHub を使用するなど、当社のプラットフォームを使用して、技術的な危害を及ぼす非合法な攻撃を直接支援することは許可しません。 技術的な危害とは、悪用が生じる前に黙示的または明示的なデュアルユースの目的が存在しない、リソースの過剰な消費、物理的損傷、ダウンタイム、サービス拒否、データ損失のことを意味します。 - - ただし、GitHub はデュアルユースのコンテンツを許容し、脆弱性、マルウェア、またはエクスプロイトの研究に用いられるコンテンツの投稿を支持しています。こうしたコンテンツの公開や配布には教育的価値があり、セキュリティコミュニティに総合的に見て利益をもたらします。 当社はこうしたプロジェクトに肯定的な意図があり、エコシステム全体の促進と改善を促すために利用されることを想定しています。 - - デュアルユースのコンテンツが広範に乱用されている場合、当社は GitHub platform as an エクスプロイトやマルウェアの CDN として GitHub プラットフォームを活用している、現在進行中の非合法な攻撃やマルウェアキャンペーンを妨げるため、コンテンツの特定のインスタンスへの制限することが稀にあります。 ほとんどのインスタンスでは、コンテンツに認証を要求するという形で制限しますが、最後の手段として、アクセスの無効化や、それが不可能な場合 (Gist として投稿されている場合) はインスタンスの完全な削除を行う場合もあります。 また、可能な場合は導入した制限についてプロジェクトのオーナーに連絡します。 - - 制限は可能な限り一時的なものとし、プラットフォームから特定のデュアルユースコンテンツやそのコピーを永久的に取り除いたり、制限したりする目的で行うものではありません。 こうした稀な制限を、当社はプロジェクトのオーナーとの共同作業とすることを目指していますが、コンテンツが過度に制限されていると感じる場合は、[異議申し立てプロセス](#appeal-and-reinstatement)をご用意しています。 - - プロジェクトメンテナ自身による不正利用の解決を促進するため、GitHub に不正利用を報告する前に、リポジトリのオーナーが潜在的に有害なセキュリティ研究コンテンツを投稿する際に、リポジトリのオーナーが次のステップを実行するよう推奨します。(強制ではありません。) - - * プロジェクトの README ファイルの免責事項やソースコードのコメントに、潜在的に有害なコンテンツを明示し説明する。 - * リポジトリの SECURITY.md ファイルに、第三者が悪用について問い合わせる方法を記載する (例:「疑問や懸念事項については、このリポジトリに Issue を作成してください」)。 こうした連絡方法により、第三者はプロジェクトのメンテナに直接連絡でき、不正利用の報告を提出することなく問題を解決できる可能性があります。 - - *GitHub は、npm レジストリについて、研究用ではなく主にコードのインストールと実行時に使用するプラットフォームとしています。* - - -## 誰かがルールに違反した場合は - -ユーザから不適切な行動やコンテンツの報告があった場合に当社が講じる措置はさまざまです。 これは、事態の正確な状況次第で決まるのが普通です。 人はさまざまな理由で不適切な発言や行動をしてしまうことがあるというのが、当社の認識です。 自分の言葉がどのように受け取られるのかをわかっていなかったという場合もあるでしょう。 または、つい感情的になってしまったという場合もあるでしょう。 もちろん、単にスパムをばらまいたり、トラブルを引き起こすことを目的とする人がいることも事実です。 - -ケースバイケースで異なるアプローチが必要なため、当社は報告を受けた状況に合った対応を行うように心がけています。 このため、不正行為に関する報告は個別に確認しています。 いずれの場合も、多様性に富んだチームがコンテンツとそれに関する事情を調査し、必要に応じて対応し、このガイドラインに基づいて決定を下します。 - -不正行為の報告を受けた際に当社が講じる措置には以下が含まれますが、これらに限定されません。 - -* コンテンツの削除 -* コンテンツのブロック -* アカウントの一時停止 -* アカウントの解約 - -## 意義申し立てと復帰 - -たとえば、ユーザが提供する追加情報を理由として、あるいはユーザが違反に対応し、今後は利用規定に従うことに同意した場合など、措置を覆す理由が存在する場合もあります。 強制措置に意義を申し立てたい場合は、[サポート](https://support.github.com/contact?tags=docs-policy)にお問い合わせください。 - -## 法的通知 - -本コミュニティガイドラインは、[CC0-1.0](https://creativecommons.org/publicdomain/zero/1.0/) の条件に基づいて、誰でも使用、再利用、改作、その他あらゆることが可能になるようにパブリックドメインになっています。 - -これはあくまでもガイドラインであり、[利用規約](/articles/github-terms-of-service/)を変更するものや、完全なリストであることを意図したものではありません。 GitHub は、[利用規約](/articles/github-terms-of-service/#c-acceptable-use)に基づいて、利用規定に違反するコンテンツを削除するか、または利用規定に違反する活動のアカウントを解約することができる、完全な裁量を保持します。 本ガイドラインでは、かかる裁量を行使する場合について説明しています。 diff --git a/translations/ja-JP/content/github/site-policy/index.md b/translations/ja-JP/content/github/site-policy/index.md deleted file mode 100644 index e4d427e45a..0000000000 --- a/translations/ja-JP/content/github/site-policy/index.md +++ /dev/null @@ -1,52 +0,0 @@ ---- -title: サイトポリシー -redirect_from: - - /categories/61/articles - - /categories/site-policy -versions: - fpt: '*' -topics: - - Policy - - Legal -children: - - /github-terms-of-service - - /github-corporate-terms-of-service - - /github-privacy-statement - - /github-data-protection-agreement - - /global-privacy-practices - - /github-sponsors-additional-terms - - /github-codespaces-privacy-statement - - /github-terms-for-additional-products-and-features - - /github-logo-policy - - /github-username-policy - - /submitting-content-removal-requests - - /dmca-takedown-policy - - /guide-to-submitting-a-dmca-takedown-notice - - /guide-to-submitting-a-dmca-counter-notice - - /github-trademark-policy - - /github-private-information-removal-policy - - /github-subprocessors-and-cookies - - /github-bug-bounty-program-legal-safe-harbor - - /coordinated-disclosure-of-security-vulnerabilities - - /guidelines-for-legal-requests-of-user-data - - /github-government-takedown-policy - - /github-acceptable-use-policies - - /githubs-notice-about-the-california-consumer-privacy-act - - /github-community-guidelines - - /github-community-forum-code-of-conduct - - /github-registered-developer-agreement - - /github-marketplace-terms-of-service - - /github-marketplace-developer-agreement - - /github-research-program-terms - - /github-open-source-applications-terms-and-conditions - - /github-and-trade-controls - - /github-deceased-user-policy - - /github-statement-against-modern-slavery-and-child-labor - - /github-anti-bribery-statement - - /github-candidate-privacy-policy - - /github-gifts-and-entertainment-policy - - /github-event-terms - - /github-event-code-of-conduct - - /github-gpl-cooperation-commitment ---- - diff --git a/translations/ja-JP/content/index.md b/translations/ja-JP/content/index.md index 1825c56e82..2a1039417a 100644 --- a/translations/ja-JP/content/index.md +++ b/translations/ja-JP/content/index.md @@ -21,6 +21,7 @@ children: - github - admin - billing + - site-policy - organizations - code-security - pull-requests @@ -49,6 +50,7 @@ childGroups: - account-and-profile - authentication - billing + - site-policy - name: Collaborative coding octicon: CommentDiscussionIcon children: diff --git a/translations/ja-JP/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md b/translations/ja-JP/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md index e89f2f9465..7e46a5395c 100644 --- a/translations/ja-JP/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md +++ b/translations/ja-JP/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md @@ -17,7 +17,11 @@ shortTitle: Transfer an issue --- To transfer an open issue to another repository, you must have write access to the repository the issue is in and the repository you're transferring the issue to. For more information, see "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)." -You can only transfer issues between repositories owned by the same user or organization account. {% ifversion fpt or ghes or ghec %}You can't transfer an issue from a private repository to a public repository.{% endif %} +{% note %} + +**Note**: You can only transfer issues between repositories owned by the same user or organization account. {% ifversion fpt or ghes or ghec %}A private repository issue cannot be transferred to a public repository.{% endif %} + +{% endnote %} When you transfer an issue, comments, labels and assignees are retained. The issue's milestones are not retained. This issue will stay on any user-owned or organization-wide project boards and be removed from any repository project boards. For more information, see "[About project boards](/articles/about-project-boards)." diff --git a/translations/ja-JP/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md b/translations/ja-JP/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md index 535f165c25..61b87d6530 100644 --- a/translations/ja-JP/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md +++ b/translations/ja-JP/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md @@ -123,7 +123,7 @@ You can enable or disable features for all repositories. By default, {% data variables.product.prodname_dependabot %} can't update dependencies that are located in private repositories or private package registries. However, if a dependency is in a private {% data variables.product.prodname_dotcom %} repository within the same organization as the project that uses that dependency, you can allow {% data variables.product.prodname_dependabot %} to update the version successfully by giving it access to the host repository. -If your code depends on packages in a private registry, you can allow {% data variables.product.prodname_dependabot %} to update the versions of these dependencies by configuring this at the repository level. You do this by adding authentication details to the _dependabot.yml_ file for the repository. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." +If your code depends on packages in a private registry, you can allow {% data variables.product.prodname_dependabot %} to update the versions of these dependencies by configuring this at the repository level. You do this by adding authentication details to the _dependabot.yml_ file for the repository. For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." To allow {% data variables.product.prodname_dependabot %} to access a private {% data variables.product.prodname_dotcom %} repository: @@ -163,6 +163,5 @@ You can manage access to {% data variables.product.prodname_GH_advanced_security - "[Securing your repository](/code-security/getting-started/securing-your-repository)"{% ifversion not fpt %} - "[About secret scanning](/github/administering-a-repository/about-secret-scanning)"{% endif %}{% ifversion not ghae %} -- "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" -- "[Managing vulnerabilities in your project's dependencies](/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies)"{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %} -- "[Keeping your dependencies updated automatically](/github/administering-a-repository/keeping-your-dependencies-updated-automatically)"{% endif %} +- "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)"{% endif %}{% ifversion fpt or ghec or ghes or ghae-issue-4864 %} +- "[About supply chain security](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)"{% endif %} diff --git a/translations/ja-JP/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md b/translations/ja-JP/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md index c8eb80ee20..f6d67a50f8 100644 --- a/translations/ja-JP/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md +++ b/translations/ja-JP/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md @@ -42,7 +42,7 @@ To search for specific events, use the `action` qualifier in your query. Actions | [`billing`](#billing-category-actions) | Contains all activities related to your organization's billing. | [`business`](#business-category-actions) | Contains activities related to business settings for an enterprise. | | [`codespaces`](#codespaces-category-actions) | Contains all activities related to your organization's codespaces. |{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %} -| [`dependabot_alerts`](#dependabot_alerts-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in existing repositories. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +| [`dependabot_alerts`](#dependabot_alerts-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in existing repositories. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." | [`dependabot_alerts_new_repos`](#dependabot_alerts_new_repos-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in new repositories created in the organization. | [`dependabot_security_updates`](#dependabot_security_updates-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_security_updates %} in existing repositories. For more information, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." | [`dependabot_security_updates_new_repos`](#dependabot_security_updates_new_repos-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_security_updates %} for new repositories created in the organization.{% endif %}{% ifversion fpt or ghec %} @@ -508,10 +508,10 @@ For more information, see "[Managing the publication of {% data variables.produc | Action | Description | |--------|-------------| | `package_version_published` | Triggered when a package version is published. | -| `package_version_deleted` | Triggered when a specific package version is deleted. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." -| `package_deleted` | Triggered when an entire package is deleted. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." -| `package_version_restored` | Triggered when a specific package version is deleted. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." -| `package_restored` | Triggered when an entire package is restored. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." +| `package_version_deleted` | Triggered when a specific package version is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_deleted` | Triggered when an entire package is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_version_restored` | Triggered when a specific package version is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_restored` | Triggered when an entire package is restored.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} {% endif %} @@ -680,7 +680,7 @@ For more information, see "[Managing the publication of {% data variables.produc | Action | Description |------------------|------------------- -| `create` | Triggered when {% data variables.product.product_name %} creates a {% data variables.product.prodname_dependabot %} alert for a repository that uses a vulnerable dependency. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +| `create` | Triggered when {% data variables.product.product_name %} creates a {% data variables.product.prodname_dependabot %} alert for a repository that uses a vulnerable dependency. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." | `dismiss` | Triggered when an organization owner or person with admin access to the repository dismisses a {% data variables.product.prodname_dependabot %} alert about a vulnerable dependency. | `resolve` | Triggered when someone with write access to a repository pushes changes to update and resolve a vulnerability in a project dependency. diff --git a/translations/ja-JP/content/packages/learn-github-packages/about-permissions-for-github-packages.md b/translations/ja-JP/content/packages/learn-github-packages/about-permissions-for-github-packages.md index 03a5153e23..021191b162 100644 --- a/translations/ja-JP/content/packages/learn-github-packages/about-permissions-for-github-packages.md +++ b/translations/ja-JP/content/packages/learn-github-packages/about-permissions-for-github-packages.md @@ -47,8 +47,7 @@ shortTitle: 権限について 例: - リポジトリからパッケージをダウンロードしてインストールするには、トークンは`read:packages`スコープを持っていなければならず、ユーザアカウントは読み取り権限を持っていなければなりません。 -- {% ifversion fpt or ghes or ghec %}{% data variables.product.product_name %}上のパッケージを削除するには、トークンが少なくとも`delete:packages`と`read:packages`のスコープを持っている必要があります。 repoのスコープがあるパッケージでは、`repo`スコープも必要です。{% elsif ghae %}{% data variables.product.product_name %}上の、パッケージの特定バージョンを削除するには、トークンが`delete:packages`と`repo`スコープを持っている必要があります。{% endif %}詳しい情報については「[パッケージの削除と復元](/packages/learn-github-packages/deleting-and-restoring-a-package)」を参照してください。 - +- |{% ifversion fpt or ghes > 3.1 or ghec %}{% data variables.product.product_name %}上のパッケージを削除するには、トークンが少なくとも`delete:packages`と`read:packages`のスコープを持っている必要があります。 リポジトリをスコープとするパッケージには、 `repo`スコープも必要です。 詳しい情報については「[パッケージの削除と復元](/packages/learn-github-packages/deleting-and-restoring-a-package)」を参照してください。{% elsif ghae %}{% data variables.product.product_name %}上のパッケージの指定されたバージョンを削除するには、トークンが`delete:packages`及び`repo`スコープを持っていなければなりません。 詳しい情報については、「[パッケージの削除とリストア](/packages/learn-github-packages/deleting-and-restoring-a-package)」を参照してください。{% endif %} | スコープ | 説明 | 必要な権限 | | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------- | ------------ | | `read:packages` | {% data variables.product.prodname_registry %}からのパッケージのダウンロードとインストール | 読み取り | diff --git a/translations/ja-JP/content/packages/learn-github-packages/deleting-and-restoring-a-package.md b/translations/ja-JP/content/packages/learn-github-packages/deleting-and-restoring-a-package.md index 0ed0c29f18..e60dd8945b 100644 --- a/translations/ja-JP/content/packages/learn-github-packages/deleting-and-restoring-a-package.md +++ b/translations/ja-JP/content/packages/learn-github-packages/deleting-and-restoring-a-package.md @@ -9,7 +9,7 @@ redirect_from: - /packages/guides/deleting-a-container-image versions: fpt: '*' - ghes: '*' + ghes: '>=3.2' ghec: '*' ghae: '*' shortTitle: パッケージの削除と復元 diff --git a/translations/ja-JP/content/packages/learn-github-packages/introduction-to-github-packages.md b/translations/ja-JP/content/packages/learn-github-packages/introduction-to-github-packages.md index 1292276a7b..2f92adc46d 100644 --- a/translations/ja-JP/content/packages/learn-github-packages/introduction-to-github-packages.md +++ b/translations/ja-JP/content/packages/learn-github-packages/introduction-to-github-packages.md @@ -108,7 +108,7 @@ You can delete a private or public package in the {% data variables.product.prod You can delete a version of a package in the {% data variables.product.product_name %} user interface or using the GraphQL API. {% endif %} -When you use the GraphQL API to query and delete private packages, you must use the same token you use to authenticate to {% data variables.product.prodname_registry %}. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" and "[Forming calls with GraphQL]({% ifversion ghec %}/free-pro-team@latest{% endif %}/graphql/guides/forming-calls-with-graphql)." +When you use the GraphQL API to query and delete private packages, you must use the same token you use to authenticate to {% data variables.product.prodname_registry %}. For more information, see {% ifversion fpt or ghec or ghes > 3.1 or ghae %}"[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" and {% endif %}"[Forming calls with GraphQL]({% ifversion ghec %}/free-pro-team@latest{% endif %}/graphql/guides/forming-calls-with-graphql)." You can configure webhooks to subscribe to package-related events, such as when a package is published or updated. For more information, see the "[`package` webhook event](/webhooks/event-payloads/#package)." diff --git a/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md b/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md index 724f57e18d..c18396b6fa 100644 --- a/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md +++ b/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md @@ -190,5 +190,5 @@ To install an Apache Maven package from {% data variables.product.prodname_regis ## Further reading -- "[Working with the Gradle registry](/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry)" -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +- "[Working with the Gradle registry](/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry)"{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)"{% endif %} diff --git a/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md b/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md index dc433c384c..f114ecd455 100644 --- a/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md +++ b/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md @@ -261,8 +261,12 @@ $ docker pull HOSTNAME/OWNER/REPOSITORY/IMAGE_NAME:TAG_NAME {% endnote %} +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} + ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +{% endif %} + {% endif %} diff --git a/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md b/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md index 7ff16231a5..62c520c70b 100644 --- a/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md +++ b/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md @@ -215,5 +215,5 @@ To use a published package from {% data variables.product.prodname_registry %}, ## Further reading -- "[Working with the Apache Maven registry](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)" -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +- "[Working with the Apache Maven registry](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)"{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)"{% endif %} diff --git a/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md b/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md index b7d14dcd6a..f34f6977a1 100644 --- a/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md +++ b/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md @@ -27,7 +27,7 @@ If you publish over 1,000 npm package versions to {% data variables.product.prod In the future, to improve performance of the service, you won't be able to publish more than 1,000 versions of a package on {% data variables.product.prodname_dotcom %}. Any versions published before hitting this limit will still be readable. -If you reach this limit, consider deleting package versions or contact Support for help. When this limit is enforced, our documentation will be updated with a way to work around this limit. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" or "[Contacting Support](/packages/learn-github-packages/about-github-packages#contacting-support)." +If you reach this limit, consider deleting package versions or contact Support for help. When this limit is enforced, our documentation will be updated with a way to work around this limit. For more information, see {% ifversion fpt or ghec or ghes > 3.1 or ghae %}"[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" or {% endif %}"[Contacting Support](/packages/learn-github-packages/about-github-packages#contacting-support)." ## Authenticating to {% data variables.product.prodname_registry %} @@ -212,7 +212,3 @@ If your instance has subdomain isolation disabled: {% data variables.product.prodname_registry %} allows you to access the official NPM registry at `registry.npmjs.com`, if your {% data variables.product.prodname_ghe_server %} administrator has enabled this feature. For more information, see [Connecting to the official NPM registry](/admin/packages/configuring-packages-support-for-your-enterprise#connecting-to-the-official-npm-registry). {% endif %} - -## Further reading - -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" diff --git a/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md b/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md index 0fb8b99987..cd835bf35f 100644 --- a/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md +++ b/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md @@ -232,6 +232,8 @@ Your NuGet package may fail to push if the `RepositoryUrl` in *.csproj* is not s If you're using a nuspec file, ensure that it has a `repository` element with the required `type` and `url` attributes. +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +{% endif %} diff --git a/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md b/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md index c17c6eaa13..01a56b4478 100644 --- a/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md +++ b/translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md @@ -136,7 +136,7 @@ You can use gems from {% data variables.product.prodname_registry %} much like y end ``` -3. For Bundler versions earlier than 1.7.0, you need to add a new global `source`. For more information on using Bundler, see the [bundler.io documentation](http://bundler.io/v1.5/gemfile.html). +3. For Bundler versions earlier than 1.7.0, you need to add a new global `source`. For more information on using Bundler, see the [bundler.io documentation](https://bundler.io/gemfile.html). ```ruby source "https://{% ifversion fpt or ghec %}rubygems.pkg.github.com{% else %}REGISTRY-URL{% endif %}/OWNER" @@ -151,6 +151,10 @@ You can use gems from {% data variables.product.prodname_registry %} much like y $ gem install octo-gem --version "0.1.1" ``` +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} + ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" + +{% endif %} diff --git a/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/about-custom-domains-and-github-pages.md b/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/about-custom-domains-and-github-pages.md index cab54b0c6b..d60a3fa010 100644 --- a/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/about-custom-domains-and-github-pages.md +++ b/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/about-custom-domains-and-github-pages.md @@ -28,7 +28,7 @@ shortTitle: GitHub Pagesにおけるカスタムドメイン サイトには、Apex及び`www`サブドメインのいずれか、あるいは両方の設定をセットアップできます。 Apexドメインに関する詳しい情報については「[{% data variables.product.prodname_pages %}サイトでのApexドメインの利用](#using-an-apex-domain-for-your-github-pages-site)」を参照してください。 -Apex ドメインを使用している場合でも、`www` サブドメインを使用することをおすすめします。 When you create a new site with an apex domain, we automatically attempt to secure the `www` subdomain for use when serving your site's content, but you need to make the DNS changes to use the `www` subdomain. `www`サブドメインを設定すれば、関連するApexドメインの保護が自動的に試みられます。 詳しい情報については、「[{% data variables.product.prodname_pages %} サイト用のカスタムドメインを管理する](/articles/managing-a-custom-domain-for-your-github-pages-site)」を参照してください。 +Apex ドメインを使用している場合でも、`www` サブドメインを使用することをおすすめします。 Apexドメインで新しいサイトを作成すると、`www`サブドメインはサイトのコンテンツを提供する際に使用するために保護が自動的に試みられますが、`www`サブドメインを使うためのDNSの変更はユーザが行わなければなりません。 `www`サブドメインを設定すれば、関連するApexドメインの保護が自動的に試みられます。 詳しい情報については、「[{% data variables.product.prodname_pages %} サイト用のカスタムドメインを管理する](/articles/managing-a-custom-domain-for-your-github-pages-site)」を参照してください。 ユーザまたは Organization サイトのカスタムドメインを設定すると、カスタムドメインを設定していないアカウントが所有するプロジェクトサイトの URL で、`.github.io` または `.github.io` の部分がカスタムドメインによって置き換えられます。 たとえば、サイトのカスタムドメインが `www.octocat.com` で、`octo-project` というリポジトリから公開されているプロジェクトサイトにまだカスタムドメインを設定していない場合、そのリポジトリの {% data variables.product.prodname_pages %} サイトは、`www.octocat.com/octo-project` で公開されます。 @@ -56,9 +56,9 @@ Apex ドメインは、DNS プロバイダを通じて、`A`、`ALIAS`、`ANAME` {% data reusables.pages.www-and-apex-domain-recommendation %} 詳しい情報については、「[{% data variables.product.prodname_pages %} サイト用のカスタムドメインを管理する](/github/working-with-github-pages/managing-a-custom-domain-for-your-github-pages-site/#configuring-a-subdomain)」を参照してください。 -## Securing the custom domain for your {% data variables.product.prodname_pages %} site +## {% data variables.product.prodname_pages %}サイトのためのカスタムドメインの保護 -{% data reusables.pages.secure-your-domain %} For more information, see "[Verifying your custom domain for {% data variables.product.prodname_pages %}](/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages)" and "[Managing a custom domain for your {% data variables.product.prodname_pages %} site](/articles/managing-a-custom-domain-for-your-github-pages-site)." +{% data reusables.pages.secure-your-domain %} 詳しい情報については「[{% data variables.product.prodname_pages %}のカスタムドメインの検証](/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages)」及び「[{% data variables.product.prodname_pages %}サイトのためのカスタムドメインの管理](/articles/managing-a-custom-domain-for-your-github-pages-site)」を参照してください。 サイトが自動的に無効化される理由は、いくつかあります。 diff --git a/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/managing-a-custom-domain-for-your-github-pages-site.md b/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/managing-a-custom-domain-for-your-github-pages-site.md index dffdedd833..b37307b9ef 100644 --- a/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/managing-a-custom-domain-for-your-github-pages-site.md +++ b/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/managing-a-custom-domain-for-your-github-pages-site.md @@ -71,7 +71,7 @@ DNS レコードの設定が正しいかどうかを検証するために利用 {% data reusables.repositories.sidebar-settings %} {% data reusables.pages.sidebar-pages %} 4. "Custom domain(カスタムドメイン)" の下で、カスタムドメインを入力して**Save(保存)**をクリックします。 これで_CNAME_ファイルを公開ソースのルートに追加するコミットが作成されます。 ![カスタムドメインの保存ボタン](/assets/images/help/pages/save-custom-apex-domain.png) -5. DNS プロバイダに移動し、`ALIAS`、`ANAME`、または `A` レコードを作成します。 You can also create `AAAA` records for IPv6 support. {% data reusables.pages.contact-dns-provider %} +5. DNS プロバイダに移動し、`ALIAS`、`ANAME`、または `A` レコードを作成します。 IPv6サポートのために`AAAA`レコードを作成することもできます。 {% data reusables.pages.contact-dns-provider %} - `ALIAS`または`ANAME`レコードを作成するには、Apexドメインをサイトのデフォルトドメインにポイントします。 {% data reusables.pages.default-domain-information %} - `A` レコードを作成するには、Apex ドメインが {% data variables.product.prodname_pages %} の IP アドレスを指すようにします。 ```shell @@ -80,7 +80,7 @@ DNS レコードの設定が正しいかどうかを検証するために利用 185.199.110.153 185.199.111.153 ``` - - To create `AAAA` records, point your apex domain to the IP addresses for {% data variables.product.prodname_pages %}. + - `AAAA` レコードを作成するには、Apex ドメインが {% data variables.product.prodname_pages %} の IP アドレスを指すようにします。 ```shell 2606:50c0:8000::153 2606:50c0:8001::153 @@ -91,7 +91,7 @@ DNS レコードの設定が正しいかどうかを検証するために利用 {% indented_data_reference reusables.pages.wildcard-dns-warning spaces=3 %} {% data reusables.command_line.open_the_multi_os_terminal %} 6. DNS レコードが正しく設定されたことを確認するには、 `dig` コマンドを使います。_EXAMPLE.COM_ は、お使いの Apex ドメインに置き換えてください。 結果が、上記の {% data variables.product.prodname_pages %} の IP アドレスに一致することを確認します。 - - For `A` records. + - `A`レコードの場合。 ```shell $ dig EXAMPLE.COM +noall +answer -t A > EXAMPLE.COM 3600 IN A 185.199.108.153 @@ -99,7 +99,7 @@ DNS レコードの設定が正しいかどうかを検証するために利用 > EXAMPLE.COM 3600 IN A 185.199.110.153 > EXAMPLE.COM 3600 IN A 185.199.111.153 ``` - - For `AAAA` records. + - `AAAA`レコードの場合。 ```shell $ dig EXAMPLE.COM +noall +answer -t AAAA > EXAMPLE.COM 3600 IN AAAA 2606:50c0:8000::153 @@ -114,7 +114,7 @@ DNS レコードの設定が正しいかどうかを検証するために利用 Apexドメインを使う場合、コンテンツをApexドメインと`www`サブドメイン付きのドメインの双方でホストするよう{% data variables.product.prodname_pages %}サイトを設定することをおすすめします。 -To set up a `www` subdomain alongside the apex domain, you must first configure an apex domain by creating an `ALIAS`, `ANAME`, or `A` record with your DNS provider. 詳しい情報については「[Apexドメインの設定](#configuring-an-apex-domain)」を参照してください。 +Apexドメインと共に`www`サブドメインをセットアップするには、DNSプロバイダで`ALIAS`、`ANAME`、`A`のいずれかのレコードが作成することによって、まずApexドメインを設定しします。 詳しい情報については「[Apexドメインの設定](#configuring-an-apex-domain)」を参照してください。 Apexドメインを設定したら、DNSプロバイダでCNAMEレコードを設定しなければなりません。 @@ -134,9 +134,9 @@ Apexドメインを設定したら、DNSプロバイダでCNAMEレコードを {% data reusables.pages.sidebar-pages %} 4. "Custom domain(カスタムドメイン)"の下で、**Remove(削除)**をクリックしてください。 ![カスタムドメインの保存ボタン](/assets/images/help/pages/remove-custom-domain.png) -## Securing your custom domain +## カスタムドメインの保護 -{% data reusables.pages.secure-your-domain %} For more information, see "[Verifying your custom domain for {% data variables.product.prodname_pages %}](/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages)." +{% data reusables.pages.secure-your-domain %} 詳しい情報については「[{% data variables.product.prodname_pages %}のカスタムドメインの検証](/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages)」を参照してください。 ## 参考リンク diff --git a/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/troubleshooting-custom-domains-and-github-pages.md b/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/troubleshooting-custom-domains-and-github-pages.md index 8356b987bd..817790d578 100644 --- a/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/troubleshooting-custom-domains-and-github-pages.md +++ b/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/troubleshooting-custom-domains-and-github-pages.md @@ -31,12 +31,12 @@ shortTitle: カスタムドメインのトラブルシューティング ## DNS の設定ミス -デフォルトドメインをカスタムドメインにポイントすることに問題がある場合は、DNS プロバイダに連絡してください。 +サイトのデフォルトドメインをカスタムドメインを指すようにすることに問題がある場合は、DNS プロバイダに連絡してください。 -You can also use one of the following methods to test whether your custom domain's DNS records are configured correctly: +カスタムドメインのDNSレコードが正しく設定されているかをテストするには、以下の方法のいずれかを使うこともできます。 -- A CLI tool such as `dig`. For more information, see "[Managing a custom domain for your {% data variables.product.prodname_pages %} site](/articles/managing-a-custom-domain-for-your-github-pages-site)". -- An online DNS lookup tool. +- `dig`のようなCLIツール。 詳しい情報については「[{% data variables.product.prodname_pages %}サイトのカスタムドメインの管理](/articles/managing-a-custom-domain-for-your-github-pages-site)」を参照してください。 +- オンラインのDNSルックアップツール。 ## サポートされていないカスタムドメイン名 diff --git a/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages.md b/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages.md index d8e5302de3..b61509fd71 100644 --- a/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages.md +++ b/translations/ja-JP/content/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages.md @@ -1,45 +1,45 @@ --- -title: Verifying your custom domain for GitHub Pages -intro: You can increase the security of your custom domain and avoid takeover attacks by verifying your domain. +title: GitHub Pagesのカスタムドメインの検証 +intro: ドメインを検証することで、カスタムドメインのセキュリティを高め、乗っ取り攻撃を回避できます。 product: '{% data reusables.gated-features.pages %}' versions: fpt: '*' ghec: '*' topics: - Pages -shortTitle: Verify a custom domain +shortTitle: カスタムドメインの検証 --- -## About domain verification for GitHub Pages +## GitHub Pagesのドメイン検証について -When you verify your custom domain for your user account or organization, only repositories owned by your user account or organization may be used to publish a {% data variables.product.prodname_pages %} site to the verified custom domain or the domain's immediate subdomains. +自分のユーザアカウントあるいはOrganizationのカスタムドメインを検証すると、その検証されたカスタムドメインもしくはその直接のサブドメインに{% data variables.product.prodname_pages %}サイトを公開できるのは、自分のユーザアカウントあるいはOrganizationが所有するリポジトリだけになります。 -Verifying your domain stops other GitHub users from taking over your custom domain and using it to publish their own {% data variables.product.prodname_pages %} site. Domain takeovers can happen when you delete your repository, when your billing plan is downgraded, or after any other change which unlinks the custom domain or disables {% data variables.product.prodname_pages %} while the domain remains configured for {% data variables.product.prodname_pages %} and is not verified. +ドメインを検証すると、他のGitHubユーザがそのカスタムドメインを乗っ取り、そのユーザ自身の{% data variables.product.prodname_pages %}サイトの公開に使うことを止められます。 ドメインの乗っ取りは、{% data variables.product.prodname_pages %}用にドメインを残したままで検証せず、あなたが自分のリポジトリを削除したとき、支払いプランをダウングレードしたとき、あるいはカスタムドメインのリンクを解除するその他の変更や{% data variables.product.prodname_pages %}を無効化した後に生じます。 -When you verify a domain, any immediate subdomains are also included in the verification. For example, if the `github.com` custom domain is verified, `docs.github.com`, `support.github.com`, and any other immediate subdomains will also be protected from takeovers. +ドメインを検証すると、直接のサブドメインもその検証に含まれます。 たとえば、`github.com`というカスタムドメインが検証されると、`docs.github.com`、`support.github.com`あるいはその他の直接のサブドメインも、乗っ取りから保護されることになります。 -It's also possible to verify a domain for your organization{% ifversion ghec %} or enterprise{% endif %}, which displays a "Verified" badge on the organization {% ifversion ghec %}or enterprise{% endif %} profile{% ifversion ghec %} and, on {% data variables.product.prodname_ghe_cloud %}, allows you to restrict notifications to email addresses using the verified domain{% endif %}. For more information, see "[Verifying or approving a domain for your organization](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization){% ifversion ghec %}" and "[Verifying or approving a domain for your enterprise](/enterprise-cloud@latest/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise){% endif %}." +Organization{% ifversion ghec %}あるいはEnterprise{% endif %}のドメインを検証することもできます。そうすると、「検証済み」バッジがOrganization{% ifversion ghec %}もしくはEnterprise{% endif %}のプロフィールに表示され{% ifversion ghec %}、{% data variables.product.prodname_ghe_cloud %}では検証済みドメインを使ってメールアドレスへの通知を制限できるようになり{% endif %}ます。 詳しい情報については「[Organizationのドメインの検証あるいは承認](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)」{% ifversion ghec %}及び「[Enterpriseのドメインの検証あるいは承認](/enterprise-cloud@latest/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise)」{% endif %}を参照してください。 -## Verifying a domain for your user site +## ユーザサイトのドメインの検証 {% data reusables.user-settings.access_settings %} -1. In the "Code, planning, and automation" section of the sidebar, click **{% octicon "browser" aria-label="The pages icon" %} Pages**. +1. サイドバーの"Code, planning, and automation(コード、計画、自動化)"のセクションで、**{% octicon "browser" aria-label="The pages icon" %} Pages**をクリックしてください。 {% data reusables.pages.settings-verify-domain-setup %} -1. Wait for your DNS configuration to change, this may be immediate or take up to 24 hours. You can confirm the change to your DNS configuration by running the `dig` command on the command line. In the command below, replace `USERNAME` with your username and `example.com` with the domain you're verifying. If your DNS configuration has updated, you should see your new TXT record in the output. +1. DNS設定が変更されるまで待ちます。これはすぐに行われることも、最大で24時間かかることもあります。 DNS設定への変更は、コマンドラインで`dig`コマンドを実行して確認できます。 以下のコマンドで、`USERNAME`を自分のユーザ名に、`example.com`を検証しているドメインに置き換えてください。 DNS設定が更新されていれば、出力中に新しいTXTレコードが表示されます。 ``` dig _github-pages-challenge-USERNAME.example.com +nostats +nocomments +nocmd TXT ``` {% data reusables.pages.settings-verify-domain-confirm %} -## Verifying a domain for your organization site +## Organizationのサイトのドメインの検証 -Organization owners can verify custom domains for their organization. +Organizationのオーナーは、自分のOrganizatinのカスタムドメインを検証できます。 {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} -1. In the "Code, planning, and automation" section of the sidebar, click **{% octicon "browser" aria-label="The browser icon" %} Pages**. +1. サイドバーの"Code, planning, and automation(コード、計画、自動化)"のセクションで、**{% octicon "browser" aria-label="The browser icon" %} Pages**をクリックしてください。 {% data reusables.pages.settings-verify-domain-setup %} -1. Wait for your DNS configuration to change, this may be immediate or take up to 24 hours. You can confirm the change to your DNS configuration by running the `dig` command on the command line. In the command below, replace `ORGANIZATION` with the name of your organization and `example.com` with the domain you're verifying. If your DNS configuration has updated, you should see your new TXT record in the output. +1. DNS設定が変更されるまで待ちます。これはすぐに行われることも、最大で24時間かかることもあります。 DNS設定への変更は、コマンドラインで`dig`コマンドを実行して確認できます。 以下のコマンドで、`ORGANIZATION`を自分のOrganization名に、`example.com`を検証しているドメインに置き換えてください。 DNS設定が更新されていれば、出力中に新しいTXTレコードが表示されます。 ``` dig _github-pages-challenge-ORGANIZATION.example.com +nostats +nocomments +nocmd TXT ``` diff --git a/translations/ja-JP/content/pages/getting-started-with-github-pages/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser.md b/translations/ja-JP/content/pages/getting-started-with-github-pages/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser.md index 47027309e8..e6d3affdbb 100644 --- a/translations/ja-JP/content/pages/getting-started-with-github-pages/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser.md +++ b/translations/ja-JP/content/pages/getting-started-with-github-pages/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser.md @@ -39,7 +39,7 @@ Jekyll テーマをリポジトリに手動で追加したことがある場合 4. ページ上部の、選択したいテーマをクリックし、[**Select theme**] をクリックします。 ![テーマのオプションおよび [Select theme] ボタン](/assets/images/help/pages/select-theme.png) 5. サイトの *README.md* ファイルを編集するようプロンプトが表示される場合があります。 - ファイルを後で編集する場合、[**Cancel**] をクリックします。 ![ファイルを編集する際の [Cancel] リンク](/assets/images/help/pages/cancel-edit.png) - - To edit the file now, see "[Editing files](/repositories/working-with-files/managing-files/editing-files)." + - すぐにファイルを編集するには、「[Editing files(ファイルの編集)](/repositories/working-with-files/managing-files/editing-files)」を参照してください。 選択したテーマは、リポジトリの Markdown ファイルに自動的に適用されます。 テーマをリポジトリの HTML ファイルに適用するには、各ファイルのレイアウトを指定する YAML front matter を追加する必要があります。 詳しい情報については、Jekyll サイトの「[Front Matter](https://jekyllrb.com/docs/front-matter/)」を参照してください。 diff --git a/translations/ja-JP/content/pages/getting-started-with-github-pages/configuring-a-publishing-source-for-your-github-pages-site.md b/translations/ja-JP/content/pages/getting-started-with-github-pages/configuring-a-publishing-source-for-your-github-pages-site.md index a7f9575a98..5e931e4862 100644 --- a/translations/ja-JP/content/pages/getting-started-with-github-pages/configuring-a-publishing-source-for-your-github-pages-site.md +++ b/translations/ja-JP/content/pages/getting-started-with-github-pages/configuring-a-publishing-source-for-your-github-pages-site.md @@ -1,6 +1,6 @@ --- -title: GitHub Pages サイトの公開元を設定する -intro: '{% data variables.product.prodname_pages %} サイトでデフォルトの公開元を使用している場合、サイトは自動的に公開されます。 You can also choose to publish your site from a different branch or folder.' +title: Configuring a publishing source for your GitHub Pages site +intro: 'If you use the default publishing source for your {% data variables.product.prodname_pages %} site, your site will publish automatically. You can also choose to publish your site from a different branch or folder.' redirect_from: - /articles/configuring-a-publishing-source-for-github-pages - /articles/configuring-a-publishing-source-for-your-github-pages-site @@ -14,33 +14,36 @@ versions: ghec: '*' topics: - Pages -shortTitle: 公開ソースの設定 +shortTitle: Configure publishing source --- -公開元に関する詳しい情報については、「[{% data variables.product.prodname_pages %} について](/articles/about-github-pages#publishing-sources-for-github-pages-sites)」を参照してください。 +For more information about publishing sources, see "[About {% data variables.product.prodname_pages %}](/articles/about-github-pages#publishing-sources-for-github-pages-sites)." -## 公開元を選択する +## Choosing a publishing source Before you configure a publishing source, make sure the branch you want to use as your publishing source already exists in your repository. {% data reusables.pages.navigate-site-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.pages.sidebar-pages %} -3. [{% data variables.product.prodname_pages %}] で、[**None**] または [**Branch**] ドロップダウンメニューから公開元を選択します。 ![公開元を選択するドロップダウンメニュー](/assets/images/help/pages/publishing-source-drop-down.png) -4. 必要に応じて、ドロップダウンメニューで発行元のフォルダを選択します。 ![公開元のフォルダを選択するドロップダウンメニュー](/assets/images/help/pages/publishing-source-folder-drop-down.png) -5. [**Save**] をクリックします。 ![公開元の設定への変更を保存するボタン](/assets/images/help/pages/publishing-source-save.png) +3. Under "{% data variables.product.prodname_pages %}", use the **None** or **Branch** drop-down menu and select a publishing source. + ![Drop-down menu to select a publishing source](/assets/images/help/pages/publishing-source-drop-down.png) +4. Optionally, use the drop-down menu to select a folder for your publishing source. + ![Drop-down menu to select a folder for publishing source](/assets/images/help/pages/publishing-source-folder-drop-down.png) +5. Click **Save**. + ![Button to save changes to publishing source settings](/assets/images/help/pages/publishing-source-save.png) -## {% data variables.product.prodname_pages %} サイトの公開に関するトラブルシューティング +## Troubleshooting publishing problems with your {% data variables.product.prodname_pages %} site {% data reusables.pages.admin-must-push %} -If you choose the `docs` folder on any branch as your publishing source, then later remove the `/docs` folder from that branch in your repository, your site won't build and you'll get a page build error message for a missing `/docs` folder. 詳細については、「[{% data variables.product.prodname_pages %} サイトの Jekyll ビルドエラーに関するトラブルシューティング](/articles/troubleshooting-jekyll-build-errors-for-github-pages-sites#missing-docs-folder)」を参照してください。 +If you choose the `docs` folder on any branch as your publishing source, then later remove the `/docs` folder from that branch in your repository, your site won't build and you'll get a page build error message for a missing `/docs` folder. For more information, see "[Troubleshooting Jekyll build errors for {% data variables.product.prodname_pages %} sites](/articles/troubleshooting-jekyll-build-errors-for-github-pages-sites#missing-docs-folder)." -{% ifversion fpt %} +{% ifversion fpt %} Your {% data variables.product.prodname_pages %} site will always be deployed with a {% data variables.product.prodname_actions %} workflow run, even if you've configured your {% data variables.product.prodname_pages %} site to be built using a different CI tool. Most external CI workflows "deploy" to GitHub Pages by committing the build output to the `gh-pages` branch of the repository, and typically include a `.nojekyll` file. When this happens, the {% data variables.product.prodname_actions %} worfklow will detect the state that the branch does not need a build step, and will execute only the steps necessary to deploy the site to {% data variables.product.prodname_pages %} servers. -To find potential errors with either the build or deployment, you can check the workflow run for your {% data variables.product.prodname_pages %} site by reviewing your repository's workflow runs. 詳しい情報については、「[ワークフロー実行の履歴を表示する](/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history)」を参照してください。 For more information about how to re-run the workflow in case of an error, see "[Re-running workflows and jobs](/actions/managing-workflow-runs/re-running-workflows-and-jobs)." +To find potential errors with either the build or deployment, you can check the workflow run for your {% data variables.product.prodname_pages %} site by reviewing your repository's workflow runs. For more information, see "[Viewing workflow run history](/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history)." For more information about how to re-run the workflow in case of an error, see "[Re-running workflows and jobs](/actions/managing-workflow-runs/re-running-workflows-and-jobs)." {% note %} diff --git a/translations/ja-JP/content/pages/getting-started-with-github-pages/creating-a-github-pages-site.md b/translations/ja-JP/content/pages/getting-started-with-github-pages/creating-a-github-pages-site.md index f70d1267c2..b311a78103 100644 --- a/translations/ja-JP/content/pages/getting-started-with-github-pages/creating-a-github-pages-site.md +++ b/translations/ja-JP/content/pages/getting-started-with-github-pages/creating-a-github-pages-site.md @@ -45,7 +45,7 @@ shortTitle: GitHub Pagesのサイトの作成 {% tip %} - **Tip:** If `index.html` is present, this will be used instead of `index.md`. If neither `index.html` nor `index.md` are present, `README.md` will be used. + **参考:** `index.html`があるなら、`index.md`の代わりに利用されます。 `index.html`も`index.md`もないなら、`README.md`が使われます。 {% endtip %} {% data reusables.pages.configure-publishing-source %} diff --git a/translations/ja-JP/content/pages/getting-started-with-github-pages/securing-your-github-pages-site-with-https.md b/translations/ja-JP/content/pages/getting-started-with-github-pages/securing-your-github-pages-site-with-https.md index 38a7076147..3da106918d 100644 --- a/translations/ja-JP/content/pages/getting-started-with-github-pages/securing-your-github-pages-site-with-https.md +++ b/translations/ja-JP/content/pages/getting-started-with-github-pages/securing-your-github-pages-site-with-https.md @@ -25,7 +25,7 @@ shortTitle: HTTPSでのサイトの保護 {% note %} -**Note:** RFC3280 states that the maximum length of the common name should be 64 characters. Therefore, the entire domain name of your {% data variables.product.prodname_pages %} site must be less than 64 characters long for a certificate to be successfully created. +**ノート:** RFC3280は、コモンネームの最大長は64文字でなければならないとしています。 したがって、証明書が正常に作成されるようにするには、{% data variables.product.prodname_pages %}サイトのドメイン名全体の長さは64文字未満でなければなりません。 {% endnote %} @@ -36,11 +36,11 @@ shortTitle: HTTPSでのサイトの保護 {% data reusables.pages.sidebar-pages %} 3. [{% data variables.product.prodname_pages %}] で、[**Enforce HTTPS**] を選択します。 ![[Enforce HTTPS] チェックボックス](/assets/images/help/pages/enforce-https-checkbox.png) -## Troubleshooting certificate provisioning ("Certificate not yet created" error") +## 証明書プロビジョニングのトラブルシューティング("Certificate not yet created" error") -When you set or change your custom domain in the Pages settings, an automatic DNS check begins. This check determines if your DNS settings are configured to allow {% data variables.product.prodname_dotcom %} to obtain a certificate automatically. If the check is successful, {% data variables.product.prodname_dotcom %} queues a job to request a TLS certificate from [Let's Encrypt](https://letsencrypt.org/). On receiving a valid certificate, {% data variables.product.prodname_dotcom %} automatically uploads it to the servers that handle TLS termination for Pages. When this process completes successfully, a check mark is displayed beside your custom domain name. +Pagesの設定でカスタムドメインを設定もしくは変更した場合、自動DNSチェックが開始されます。 このチェックは、DNS設定が{% data variables.product.prodname_dotcom %}による自動的な証明書の取得を許可するように設定されているかを判断します。 このチェックに成功すると、{% data variables.product.prodname_dotcom %}は[Let's Encrypt](https://letsencrypt.org/)にTLS証明書をリクエストするジョブをキューイングします。 有効な証明書を受信すると、{% data variables.product.prodname_dotcom %}は自動的にそれをPagesのTLSターミネーションを処理するサーバーにアップロードします。 このプロセスが正常に終了すると、カスタムドメイン名の横にチェックマークが表示されます。 -The process may take some time. If the process has not completed several minutes after you clicked **Save**, try clicking **Remove** next to your custom domain name. Retype the domain name and click **Save** again. This will cancel and restart the provisioning process. +このプロセスには多少の時間がかかることがあります。 **Save(保存)**をクリックしてから数分経ってもこのプロセスが終了しないなら、カスタムドメイン名の隣にある**Remove(削除)**をクリックしてみてください。 ドメイン名を再入力し、**Save(保存)**をもう一度クリックしてください。 これでプロビジョニングのプロセスがキャンセルされ、再起動されます。 ## 混在したコンテンツの問題を解決する diff --git a/translations/ja-JP/content/pages/index.md b/translations/ja-JP/content/pages/index.md index 4c6930bb35..44ce4c4065 100644 --- a/translations/ja-JP/content/pages/index.md +++ b/translations/ja-JP/content/pages/index.md @@ -1,7 +1,7 @@ --- title: GitHub Pagesのドキュメンテーション shortTitle: GitHub Pages -intro: 'You can create a website directly from a repository on {% ifversion ghae %}{% data variables.product.product_name %}{% else %}{% data variables.product.product_location %}{% endif %}.' +intro: '{% ifversion ghae %}{% data variables.product.product_name %}{% else %}{% data variables.product.product_location %}{% endif %}上のリポジトリから直接Webサイトを作成できます。' redirect_from: - /categories/20/articles - /categories/95/articles diff --git a/translations/ja-JP/content/pages/quickstart.md b/translations/ja-JP/content/pages/quickstart.md index 5fd2d42e5c..34ebe0cad1 100644 --- a/translations/ja-JP/content/pages/quickstart.md +++ b/translations/ja-JP/content/pages/quickstart.md @@ -1,6 +1,6 @@ --- -title: Quickstart for GitHub Pages -intro: 'You can use {% data variables.product.prodname_pages %} to showcase some open source projects, host a blog, or even share your résumé. This guide will help get you started on creating your next website.' +title: GitHub Pagesのクイックスタート +intro: '{% data variables.product.prodname_pages %}を使って、オープンソースプロジェクトを紹介したり、ブログをホストしたり、履歴書を共有することさえもできます。 このガイドは、次のWebサイトを作成し始めるための役に立ちます。' allowTitleToDifferFromFilename: true versions: fpt: '*' @@ -16,30 +16,30 @@ product: '{% data reusables.gated-features.pages %}' ## はじめに -{% data variables.product.prodname_pages %} are public webpages hosted and published through {% data variables.product.product_name %}. The quickest way to get up and running is by using the Jekyll Theme Chooser to load a pre-made theme. You can then modify your {% data variables.product.prodname_pages %}' content and style. +{% data variables.product.prodname_pages %}は、{% data variables.product.product_name %}を通じてホストされ、公開されるパブリックなWebページです。 立ち上げて実行するための最速の方法は、Jekyll テーマ選択画面を使って事前作成されたテーマをロードすることです。 その後、{% data variables.product.prodname_pages %}のコンテンツやスタイルを変更できます。 -This guide will lead you through creating a user site at `username.github.io`. +このガイドは、`username.github.io`でのユーザサイトの作成をご案内します。 -## Creating your website +## Webサイトの作成 {% data reusables.repositories.create_new %} -1. Enter `username.github.io` as the repository name. Replace `username` with your {% data variables.product.prodname_dotcom %} username. For example, if your username is `octocat`, the repository name should be `octocat.github.io`. ![Repository name field](/assets/images/help/pages/create-repository-name-pages.png) +1. リポジトリ名として`username.github.io`を入力してください。 `username`を自分の{% data variables.product.prodname_dotcom %}ユーザ名で置き換えてください。 たとえば、ユーザ名が`octocat`なら、リポジトリ名は`octocat.github.io`となります。 ![リポジトリ名フィールド](/assets/images/help/pages/create-repository-name-pages.png) {% data reusables.repositories.sidebar-settings %} {% data reusables.pages.sidebar-pages %} -1. Click **Choose a theme**. ![[Choose a theme] ボタン](/assets/images/help/pages/choose-theme.png) -2. The Theme Chooser will open. Browse the available themes, then click **Select theme** to select a theme. It's easy to change your theme later, so if you're not sure, just choose one for now. ![テーマのオプションおよび [Select theme] ボタン](/assets/images/help/pages/select-theme.png) -3. After you select a theme, your repository's `README.md` file will open in the file editor. The `README.md` file is where you will write the content for your site. You can edit the file or keep the default content for now. -4. When you are done editing the file, click **Commit changes**. -5. Visit `username.github.io` to view your new website. **メモ:** サイトに対する変更は、その変更を{% data variables.product.product_name %}にプッシュしてから公開されるまでに、最大20分かかることがあります。 +1. **Choose a theme(テーマの選択)**をクリックしてください。 ![[Choose a theme] ボタン](/assets/images/help/pages/choose-theme.png) +2. テーマ選択画面が開きます。 利用可能なテーマをブラウズし、**Select theme(テーマの選択)**をクリックしてテーマを選択してください。 後でテーマを変更することも容易なので、はっきりしない場合はとりあえずどれか1つを選択しておいてください。 ![テーマのオプションおよび [Select theme] ボタン](/assets/images/help/pages/select-theme.png) +3. テーマとを選択すると、ファイルエディタで`README.md`ファイルが開かれます。 `README.md`ファイルは、サイトの内容を書くところです。 このファイルを編集することも、あるいはとりあえずデフォルトの内容をそのままにしておくこともできます。 +4. ファイルの編集が終わったら、**Commit changes(変更をコミット)**をクリックしてください。 +5. `username.github.io`にアクセスして、新しいWebサイトを見てみてください。 **メモ:** サイトに対する変更は、その変更を{% data variables.product.product_name %}にプッシュしてから公開されるまでに、最大20分かかることがあります。 -## Changing the title and description +## タイトルと説明の変更 -By default, the title of your site is `username.github.io`. You can change the title by editing the `_config.yml` file in your repository. You can also add a description for your site. +デフォルトでは、サイトのタイトルは`username.github.io`です。 リポジトリ内の`_config.yml`ファイルを編集すれば、タイトルを変更できます。 サイトの説明を追加することもできます。 -1. Click the **Code** tab of your repository. -1. In the file list, click `_config.yml` to open the file. -1. Click {% octicon "pencil" aria-label="The edit icon" %} to edit the file. -1. The `_config.yml` file already contains a line that specifies the theme for your site. Add a new line with `title:` followed by the title you want. Add a new line with `description:` followed by the description you want. 例: +1. リポジトリの**Code(コード)**タブをクリックしてください。 +1. ファイルリスト中で`_config.yml`をクリックしてオープンしてください。 +1. {% octicon "pencil" aria-label="The edit icon" %}をクリックしてファイルを編集してください。 +1. `_config.yml`には、既にサイトのテーマを指定する行が含まれています。 新しい行として`title:`の後に指定したいタイトルを続けてください。 新しい行を追加して`description:`の後に指定したい説明を続けてください。 例: ```yaml theme: jekyll-theme-minimal @@ -47,10 +47,10 @@ By default, the title of your site is `username.github.io`. You can change the t description: Bookmark this to keep an eye on my project updates! ``` -1. When you are done editing the file, click **Commit changes**. +1. ファイルの編集を終えたら、**Commit changes(変更をコミット)**をクリックしてください。 ## 次のステップ -For more information about how to add additional pages to your site, see "[Adding content to your GitHub Pages site using Jekyll](/pages/setting-up-a-github-pages-site-with-jekyll/adding-content-to-your-github-pages-site-using-jekyll#about-content-in-jekyll-sites)." +サイトへのページの追加方法に関する詳しい情報については「[Jekyllを使ったGitHub Pagesサイトへのコンテンツの追加](/pages/setting-up-a-github-pages-site-with-jekyll/adding-content-to-your-github-pages-site-using-jekyll#about-content-in-jekyll-sites)」を参照してください。 -For more information about setting up a {% data variables.product.prodname_pages %} site with Jekyll, see "[About GitHub Pages and Jekyll](/pages/setting-up-a-github-pages-site-with-jekyll/about-github-pages-and-jekyll)." +Jekyllと合わせて{% data variables.product.prodname_pages %}をセットアップすることに関する詳しい情報については「[GitHub PagesとJekyllについて](/pages/setting-up-a-github-pages-site-with-jekyll/about-github-pages-and-jekyll)」を参照してください。 diff --git a/translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/creating-a-github-pages-site-with-jekyll.md b/translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/creating-a-github-pages-site-with-jekyll.md index a30b8d437d..5137b5456f 100644 --- a/translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/creating-a-github-pages-site-with-jekyll.md +++ b/translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/creating-a-github-pages-site-with-jekyll.md @@ -68,9 +68,9 @@ Jekyll を使用して {% data variables.product.prodname_pages %} サイトを サイトを `gh-pages` ブランチから公開する場合には、`gh-pages` ブランチを作成してチェックアウトします。 ```shell $ git checkout --orphan gh-pages - # Creates a new branch, with no history or contents, called gh-pages, and switches to the gh-pages branch + # 履歴やコンテンツなしでgh-pagesという新しいブランチを作成、gh-pagesブランチに切り替え $ git rm -rf - # Removes the contents from your default branch from the working directory + # ワーキングディレクトリでデフォルトブランチからコンテンツを削除 ``` 1. 新しい Jekyll サイトを作成するには、`jekyll new` コマンドを使用します。 ```shell @@ -89,7 +89,7 @@ Jekyll を使用して {% data variables.product.prodname_pages %} サイトを 正しいバージョンの Jekyll は、`github-pages` gem の依存関係としてインストールされます。 1. Gemfile を保存して閉じます。 -1. From the command line, run `bundle install`. +1. コマンドラインから`bundle install`を実行 1. あるいは、`_config.yml`ファイルに必要な編集を加えてください。 これは、リポジトリがサブディレクトリでホストされている場合に相対パスに対して必要です。 詳しい情報については「[サブフォルダを分割して新しいリポジトリにする](/github/getting-started-with-github/using-git/splitting-a-subfolder-out-into-a-new-repository)」を参照してください。 ```yml domain: my-site.github.io # HTTPSを強制したいなら、ドメインの先頭でhttpを指定しない。例: example.com @@ -102,7 +102,7 @@ Jekyll を使用して {% data variables.product.prodname_pages %} サイトを git add . git commit -m 'Initial GitHub pages site with Jekyll' ``` -1. Add your repository on {% ifversion ghae %}{% data variables.product.product_name %}{% else %}{% data variables.product.product_location %}{% endif %} as a remote, replacing {% ifversion ghes or ghae %}_HOSTNAME_ with your enterprise's hostname,{% endif %} _USER_ with the account that owns the repository{% ifversion ghes or ghae %},{% endif %} and _REPOSITORY_ with the name of the repository. +1. {% ifversion ghae %}{% data variables.product.product_name %}{% else %}{% data variables.product.product_location %}{% endif %}でリモートとしてリポジトリを追加してください。{% ifversion ghes or ghae %}_HOSTNAME_をEnterpriseのホスト名で、{% endif %}_USER_をリポジトリを所有するアカウントで、{% ifversion ghes or ghae %}{% endif %}_REPOSITORY_をリポジトリ名で置き換えてください。 ```shell {% ifversion fpt or ghec %} $ git remote add origin https://github.com/USER/REPOSITORY.git diff --git a/translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/setting-a-markdown-processor-for-your-github-pages-site-using-jekyll.md b/translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/setting-a-markdown-processor-for-your-github-pages-site-using-jekyll.md index 682c5a984d..baf0068f4c 100644 --- a/translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/setting-a-markdown-processor-for-your-github-pages-site-using-jekyll.md +++ b/translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/setting-a-markdown-processor-for-your-github-pages-site-using-jekyll.md @@ -1,6 +1,6 @@ --- -title: Jekyll を使用して、GitHub Pages サイトの Markdown プロセッサを設定する -intro: 'Markdown プロセッサを選択して、{% data variables.product.prodname_pages %} サイトで Markdown をどのようにレンダリングするかを決めることができます。' +title: Setting a Markdown processor for your GitHub Pages site using Jekyll +intro: 'You can choose a Markdown processor to determine how Markdown is rendered on your {% data variables.product.prodname_pages %} site.' redirect_from: - /articles/migrating-your-pages-site-from-maruku - /articles/updating-your-markdown-processor-to-kramdown @@ -14,25 +14,26 @@ versions: ghec: '*' topics: - Pages -shortTitle: Markdownプロセッサの設定 +shortTitle: Set Markdown processor --- -リポジトリへの書き込み権限があるユーザは、{% data variables.product.prodname_pages %} サイトに対して Markdown プロセッサを設定できます。 +People with write permissions for a repository can set the Markdown processor for a {% data variables.product.prodname_pages %} site. -{% data variables.product.prodname_pages %} supports two Markdown processors: [kramdown](http://kramdown.gettalong.org/) and {% data variables.product.prodname_dotcom %}'s own Markdown processor, which is used to render [{% data variables.product.prodname_dotcom %} Flavored Markdown (GFM)](https://github.github.com/gfm/) throughout {% data variables.product.product_name %}. 詳しい情報については、「[{% data variables.product.prodname_dotcom %}での執筆とフォーマットについて](/articles/about-writing-and-formatting-on-github)」を参照してください。 +{% data variables.product.prodname_pages %} supports two Markdown processors: [kramdown](http://kramdown.gettalong.org/) and {% data variables.product.prodname_dotcom %}'s own Markdown processor, which is used to render [{% data variables.product.prodname_dotcom %} Flavored Markdown (GFM)](https://github.github.com/gfm/) throughout {% data variables.product.product_name %}. For more information, see "[About writing and formatting on {% data variables.product.prodname_dotcom %}](/articles/about-writing-and-formatting-on-github)." You can use {% data variables.product.prodname_dotcom %} Flavored Markdown with either processor, but only our GFM processor will always match the results you see on {% data variables.product.product_name %}. {% data reusables.pages.navigate-site-repo %} -2. リポジトリの *_config.yml* ファイルを開きます。 +2. In your repository, browse to the *_config.yml* file. {% data reusables.repositories.edit-file %} -4. `markdown` で始まる行を見つけ、値を `kramdown` または `GFM`に変更します。 ![config.yml での Markdown 設定](/assets/images/help/pages/config-markdown-value.png) +4. Find the line that starts with `markdown:` and change the value to `kramdown` or `GFM`. + ![Markdown setting in config.yml](/assets/images/help/pages/config-markdown-value.png) {% data reusables.files.write_commit_message %} {% data reusables.files.choose-commit-email %} {% data reusables.files.choose_commit_branch %} {% data reusables.files.propose_new_file %} -## 参考リンク +## Further reading -- [kramdown のドキュメント](https://kramdown.gettalong.org/documentation.html) -- [{% data variables.product.prodname_dotcom %} Flavored Markdown の仕様](https://github.github.com/gfm/) +- [kramdown Documentation](https://kramdown.gettalong.org/documentation.html) +- [{% data variables.product.prodname_dotcom %} Flavored Markdown Spec](https://github.github.com/gfm/) diff --git a/translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md b/translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md index 0614d8ad8e..a641eb99dc 100644 --- a/translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md +++ b/translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md @@ -50,6 +50,12 @@ Jekyll を使用してサイトをテストする前に、以下の操作が必 ``` 3. サイトをプレビューするには、ウェブブラウザで `http://localhost:4000` を開きます。 +{% note %} + +**ノート:** Ruby 3.0及びJekyll 4.2.xあるいはそれより古いものを使っているなら、`bundle install`を実行する前にプロジェクトのGemfileに`webrick` gemを追加する必要があります。 + +{% endnote %} + ## {% data variables.product.prodname_pages %} gem の更新 Jekyll は、頻繁に更新されているアクティブなオープンソースプロジェクトです。 お使いのコンピュータ上の `github-pages` gem が {% data variables.product.prodname_pages %} サーバー上の `github-pages` gem と比較して古くなっている場合は、ローカルでビルドしたときと {% data variables.product.product_name %} に公開したときで、サイトの見え方が異なることがあります。 こうならないように、お使いのコンピュータ上の `github-pages` gem は常にアップデートしておきましょう。 diff --git a/translations/ja-JP/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md b/translations/ja-JP/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md index e4760ebf16..a35b477866 100644 --- a/translations/ja-JP/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md +++ b/translations/ja-JP/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md @@ -17,9 +17,11 @@ topics: shortTitle: Request a PR review --- -ユーザアカウントが所有しているリポジトリのオーナーとコラボレータは、プルリクエストのレビューを割り当てることができます。 リポジトリに対するトリアージ権限を持つ Organization メンバーは、プルリクエストのレビューを割り当てることができます。 +Repositories belong to a personal account (a single individual owner) or an organization account (a shared account with numerous collaborators or maintainers). 詳しい情報については、「[{% data variables.product.prodname_dotcom %}アカウントの種類](/get-started/learning-about-github/types-of-github-accounts)」を参照してください。" Owners and collaborators on a repository owned by a personal account can assign pull request reviews. Organization members with triage permissions can also assign a reviewer for a pull request. -オーナーまたはコラボレータは、ユーザ所有のリポジトリに明示的に[読み取りアクセス](/articles/access-permissions-on-github)を付与された人にプルリクエストのレビューを割り当てることができます。 Organization メンバーは、リポジトリの読み取りアクセス権を持つ人や Team にプルリクエストのレビューを割り当てることができます。 リクエストされたレビュー担当者または Team は、Pull Request レビューをするようあなたが依頼したという通知を受け取ります。 {% ifversion fpt or ghae or ghes or ghec %}Team にレビューをリクエストし、コードレビューの割り当てが有効になっている場合、特定のメンバーがリクエストされ、Team はレビュー担当者として削除されます。 For more information, see "[Managing code review settings for your team](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)."{% endif %} +To assign a reviewer to a pull request, you will need write access to the repository. For more information about repository access, see "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)." If you have write access, you can assign anyone who has read access to the repository as a reviewer. + +Organization members with write access can also assign a pull request review to any person or team with read access to a repository. リクエストされたレビュー担当者または Team は、Pull Request レビューをするようあなたが依頼したという通知を受け取ります。 {% ifversion fpt or ghae or ghes or ghec %}Team にレビューをリクエストし、コードレビューの割り当てが有効になっている場合、特定のメンバーがリクエストされ、Team はレビュー担当者として削除されます。 For more information, see "[Managing code review settings for your team](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)."{% endif %} {% note %} diff --git a/translations/ja-JP/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md b/translations/ja-JP/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md index a57c184903..2b5b2c67e0 100644 --- a/translations/ja-JP/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md +++ b/translations/ja-JP/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md @@ -38,7 +38,7 @@ CODEOWNERS ファイルを使うためには、コードオーナーを追加し コードオーナーがレビューのリクエストを受け取るためには、CODEOWNERS ファイルがプルリクエストの base ブランチになければなりません。 たとえばリポジトリ中の`gh-pages`ブランチの、*.js*ファイルのコードオーナーとして`@octocat`を割り当てたなら、*.js*に変更を加えるプルリクエストがheadブランチと`gh-pages`の間でオープンされると、`@octocat`はレビューのリクエストを受けることになります。 -{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-9273 %} +{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4675 %} ## CODEOWNERS file size CODEOWNERS files must be under 3 MB in size. A CODEOWNERS file over this limit will not be loaded, which means that code owner information is not shown and the appropriate code owners will not be requested to review changes in a pull request. diff --git a/translations/ja-JP/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md b/translations/ja-JP/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md index d4359ecd5c..fe49b3658a 100644 --- a/translations/ja-JP/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md +++ b/translations/ja-JP/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md @@ -7,7 +7,7 @@ versions: fpt: '*' ghec: '*' ghes: '>3.2' - ghae-issue-4974: '*' + ghae: issue-4974 topics: - Repositories --- diff --git a/translations/ja-JP/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md b/translations/ja-JP/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md index f9238820cb..e16ade776b 100644 --- a/translations/ja-JP/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md +++ b/translations/ja-JP/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md @@ -73,5 +73,5 @@ shortTitle: Connections between repositories 依存関係グラフは、リポジトリの依存関係を視覚化して調査するために最適な方法を提供しています。 詳しい情報については、「[依存関係グラフについて](/code-security/supply-chain-security/about-the-dependency-graph)」および「[リポジトリの依存関係を調べる](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository) 」を参照してください。 -依存関係の 1 つにセキュリティの脆弱性が見つかった場合は、{% data variables.product.company_short %} が自動的に警告するようにリポジトリを設定することもできます。 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)」を参照してください。 +依存関係の 1 つにセキュリティの脆弱性が見つかった場合は、{% data variables.product.company_short %} が自動的に警告するようにリポジトリを設定することもできます。 詳しい情報については、「[{% data variables.product.prodname_dependabot_alerts %} について](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)」を参照してください。 {% endif %} diff --git a/translations/ja-JP/content/repositories/working-with-files/using-files/working-with-non-code-files.md b/translations/ja-JP/content/repositories/working-with-files/using-files/working-with-non-code-files.md index a72acf5017..3a763b8869 100644 --- a/translations/ja-JP/content/repositories/working-with-files/using-files/working-with-non-code-files.md +++ b/translations/ja-JP/content/repositories/working-with-files/using-files/working-with-non-code-files.md @@ -130,6 +130,12 @@ For example, if your model's URL is [`github.com/skalnik/secret-bear-clip/blob/m {% endtip %} +{% if mermaid %} +### Rendering in Markdown + +You can embed ASCII STL syntax directly in Markdown. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-stl-3d-models)." +{% endif %} + ## CSV および TSV データをレンダリングする GitHub では、*.csv* (カンマ区切り) 形式および *.tsv* (タブ区切り) 形式のファイルのレンダリングがサポートされています。 @@ -233,7 +239,7 @@ HTML ドキュメントへのコミットのレンダリング済みビューは ![ソースとレンダリングの切り替えのスクリーンショット](/assets/images/help/repository/source-render-toggle-geojson.png) -### ジオメトリのタイプ +### Geometry types {% data variables.product.product_name %} のマップは [Leaflet.js](http://leafletjs.com) を使用し、[geoJSON の仕様](http://www.geojson.org/geojson-spec.html) (Point、LineString、Polygon、MultiPoint、MultiLineString、MultiPolygon、GeometryCollection) に概要が示されているジオメトリのタイプをすべてサポートしています。 TopoJSON ファイルは "Topology" タイプで、[topoJSON の仕様](https://github.com/mbostock/topojson/wiki/Specification)に従っている必要があります。 @@ -274,6 +280,12 @@ GeoJSON マップを {% data variables.product.product_name %} 以外の場所 {% endtip %} +{% if mermaid %} +### Mapping in Markdown + +You can embed geoJSON and topoJSON directly in Markdown. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-geojson-and-topojson-maps)." +{% endif %} + ### クラスタリング マップに大量のマーカー (およそ 750 以上) が設定されている場合、ズーム レベルが大きいときは近隣のマーカーが自動的にクラスタ化されます。 クラスタをクリックしてズームするだけで、個々のマーカーが表示されます。 @@ -292,7 +304,7 @@ geoJSON ファイルのレンダリングに問題がある場合は、[geoJSON その場合でも、`.geojson` ファイルを [TopoJSON](https://github.com/mbostock/topojson) に変換すればデータをレンダリングできます。TopoJSONは、ファイルサイズを最大 80% まで縮小できる圧縮形式です。 ファイルを小さいチャンクに分割し (州ごと、年ごとなど)、データを複数のファイルとしてリポジトリに格納することは、もちろんいつでもできます。 -### 他のリソース +### 参考リンク * [Leaflet.js geojson ドキュメント](http://leafletjs.com/examples/geojson.html) * [MapBox マーカースタイリングのドキュメント](http://www.mapbox.com/developers/simplestyle/) @@ -320,3 +332,44 @@ $ jupyter nbconvert --to html NOTEBOOK-NAME.ipynb - [Jupyter notebook の GitHub リポジトリ](https://github.com/jupyter/jupyter_notebook) - [Jupyter notebooks のギャラリー](https://github.com/jupyter/jupyter/wiki/A-gallery-of-interesting-Jupyter-Notebooks) + +{% if mermaid %} +## Displaying Mermaid files on {% data variables.product.prodname_dotcom %} + +{% data variables.product.product_name %} supports rendering Mermaid files within repositories. Commit the file as you would normally using a `.mermaid` or `.mmd` extension. Then, navigate to the path of the Mermaid file on {% data variables.product.prodname_dotcom %}. + +For example, if you add a `.mmd` file with the following content to your repository: + +``` +graph TD + A[Friend's Birthday] -->|Get money| B(Go shopping) + B --> C{Let me think} + C -->|One| D["Cool
Laptop"] + C -->|Two| E[iPhone] + C -->|Three| F[fa:fa-car Car] +``` + +When you view the file in the repository, it is rendered as a flow chart. ![Rendered mermaid file diagram](/assets/images/help/repository/mermaid-file-diagram.png) + +### トラブルシューティング + +If your chart does not render at all, verify that it contains valid Mermaid Markdown syntax by checking your chart with the [Mermaid live editor](https://mermaid.live/edit). + +If the chart displays, but does not appear as you'd expect, you can create a new [feedback discussion](https://github.com/github/feedback/discussions/categories/general-feedback), and add the `mermaid` tag. + +#### 既知の問題 + +* Sequence diagram charts frequently render with additional padding below the chart, with more padding added as the chart size increases. This is a known issue with the Mermaid library. +* Actor nodes with popover menus do not work as expected within sequence diagram charts. This is due to a discrepancy in how JavaScript events are added to a chart when the Mermaid library's API is used to render a chart. +* Not all charts are a11y compliant. This may affect users who rely on a screen reader. + +### Mermaid in Markdown + +You can embed Mermaid syntax directly in Markdown. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-mermaid-diagrams)." + +### 参考リンク + +* [Mermaid.js documentation](https://mermaid-js.github.io/mermaid/#/) +* [Mermaid.js live editor](https://mermaid.live/edit) +{% endif %} + diff --git a/translations/ja-JP/content/rest/README.md b/translations/ja-JP/content/rest/README.md index ac6f75795b..0fc763f0c7 100644 --- a/translations/ja-JP/content/rest/README.md +++ b/translations/ja-JP/content/rest/README.md @@ -7,4 +7,4 @@ GitHub REST API ドキュメントは、`/content/rest` ディレクトリにあ `include` タグによってレンダリングされるコンテンツは`/lib/rest/static`ディレクトリから取得され、これは GitHub で内部的に API ソースコードから自動的に生成されます。ユーザーは編集しないでください。 詳しい情報については、[`/lib/rest/README.md`](/lib/rest/README.md) を参照してください。 - **We cannot accept changes to content that is rendered by `include` tags. However, you can open an issue describing the changes you would like to see.** + **`include`タグによってレンダリングされたコンテンツへの変更は受付できません。 ただし、表示させたい変更を記述したIssueをオープンすることはできます。** diff --git a/translations/ja-JP/content/rest/index.md b/translations/ja-JP/content/rest/index.md index b292765e5c..9d920a0911 100644 --- a/translations/ja-JP/content/rest/index.md +++ b/translations/ja-JP/content/rest/index.md @@ -1,7 +1,7 @@ --- title: GitHubのREST API shortTitle: REST API -intro: 'To create integrations, retrieve data, and automate your workflows, build with the {% data variables.product.prodname_dotcom %} REST API.' +intro: 'インテグレーションを作成し、データを取り出し、ワークフローを自動化するために、{% data variables.product.prodname_dotcom %}のREST APIで構築してください。' introLinks: quickstart: /rest/guides/getting-started-with-the-rest-api featuredLinks: diff --git a/translations/ja-JP/content/rest/overview/libraries.md b/translations/ja-JP/content/rest/overview/libraries.md index a83c7b8417..932f4e8fd3 100644 --- a/translations/ja-JP/content/rest/overview/libraries.md +++ b/translations/ja-JP/content/rest/overview/libraries.md @@ -1,6 +1,6 @@ --- title: ライブラリ -intro: 'You can use the official Octokit library and other third-party libraries to extend and simplify how you use the {% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom %}{% else %}{% data variables.product.product_name %}{% endif %} API.' +intro: '公式のOctokitライブラリや、その他のサードパーティライブラリを使い、{% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom %}{% else %}{% data variables.product.product_name %}{% endif %} APIの使い方を拡張し、シンプルにすることができます。' redirect_from: - /libraries - /v3/libraries diff --git a/translations/ja-JP/content/rest/overview/permissions-required-for-github-apps.md b/translations/ja-JP/content/rest/overview/permissions-required-for-github-apps.md index 717ed1fe11..e584210701 100644 --- a/translations/ja-JP/content/rest/overview/permissions-required-for-github-apps.md +++ b/translations/ja-JP/content/rest/overview/permissions-required-for-github-apps.md @@ -17,7 +17,7 @@ shortTitle: GitHub Appの権限 ### {% data variables.product.prodname_github_app %}の権限について -{% data variables.product.prodname_github_apps %} are created with a set of permissions. {% data variables.product.prodname_github_app %}がAPIを介してアクセスできるリソースが、権限によって決まります。 詳細は、「[GitHub Appの権限の設定](/apps/building-github-apps/setting-permissions-for-github-apps/)」を参照してください。 +{% data variables.product.prodname_github_apps %}は、一連の権限を付けて作成されます。 {% data variables.product.prodname_github_app %}がAPIを介してアクセスできるリソースが、権限によって決まります。 詳細は、「[GitHub Appの権限の設定](/apps/building-github-apps/setting-permissions-for-github-apps/)」を参照してください。 ### メタデータ権限 @@ -121,6 +121,9 @@ _検索_ - [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#get-an-artifact) (:read) - [`DELETE /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#delete-an-artifact) (:write) - [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id/zip`](/rest/reference/actions#download-an-artifact) (:read) +{% if actions-cache-management -%} +- [`GET /repos/:owner/:repo/actions/cache/usage`](/rest/reference/actions#get-github-actions-cache-usage-for-a-repository) (:read) +{% endif -%} - [`GET /repos/:owner/:repo/actions/jobs/:job_id`](/rest/reference/actions#get-a-job-for-a-workflow-run) (:read) - [`GET /repos/:owner/:repo/actions/jobs/:job_id/logs`](/rest/reference/actions#download-job-logs-for-a-workflow-run) (:read) - [`GET /repos/:owner/:repo/actions/runs`](/rest/reference/actions#list-workflow-runs-for-a-repository) (:read) @@ -644,6 +647,10 @@ _Team_ ### "organization administration"に対する権限 - [`PATCH /orgs/:org`](/rest/reference/orgs#update-an-organization) (:write) +{% if actions-cache-management -%} +- [`GET /orgs/:org/actions/cache/usage`](/rest/reference/actions#get-github-actions-cache-usage-for-an-organization) (:read) +- [`GET /orgs/:org/actions/cache/usage-by-repository`](/rest/reference/actions#list-repositories-with-github-actions-cache-usage-for-an-organization) (:read) +{% endif -%} {% ifversion fpt -%} - [`GET /orgs/:org/interaction-limits`](/rest/reference/interactions#get-interaction-restrictions-for-an-organization) (:read) {% endif -%} @@ -880,7 +887,7 @@ _Team_ {% endif %} {% ifversion fpt or ghec or ghes > 3.3%} -### Permission on "dependabot_secrets" +### "dependabot_secrets"に対する権限 - [`GET /repos/:owner/:repo/dependabot/secrets/public-key`](/rest/reference/dependabot#get-a-repository-public-key) (:read) - [`GET /repos/:owner/:repo/dependabot/secrets`](/rest/reference/dependabot#list-repository-secrets) (:read) - [`GET /repos/:owner/:repo/dependabot/secrets/:secret_name`](/rest/reference/dependabot#get-a-repository-secret) (:read) diff --git a/translations/ja-JP/content/rest/overview/resources-in-the-rest-api.md b/translations/ja-JP/content/rest/overview/resources-in-the-rest-api.md index b4fc780694..10c861ce1b 100644 --- a/translations/ja-JP/content/rest/overview/resources-in-the-rest-api.md +++ b/translations/ja-JP/content/rest/overview/resources-in-the-rest-api.md @@ -111,7 +111,7 @@ $ curl -H "Authorization: token OAUTH-TOKEN" {% data variables.product. curl -u my_client_id:my_client_secret '{% data variables.product.api_url_pre %}/user/repos' ``` -Using your `client_id` and `client_secret` does _not_ authenticate as a user, it will only identify your OAuth App to increase your rate limit. アクセス許可はユーザにのみ付与され、アプリケーションには付与されません。また、認証されていないユーザに表示されるデータのみが返されます。 このため、サーバー間のシナリオでのみ OAuth2 キー/シークレットを使用する必要があります。 Don't leak your OAuth App's client secret to your users. +`client_id` と `client_secret` を使用してもユーザとして認証_されず_、OAuth アプリケーションを識別してレート制限を増やすだけです。 アクセス許可はユーザにのみ付与され、アプリケーションには付与されません。また、認証されていないユーザに表示されるデータのみが返されます。 このため、サーバー間のシナリオでのみ OAuth2 キー/シークレットを使用する必要があります。 OAuth アプリケーションのクライアントシークレットをユーザーに漏らさないようにしてください。 {% ifversion ghes %} プライベートモードでは、OAuth2 キーとシークレットを使用して認証することはできません。認証しようとすると `401 Unauthorized` が返されます。 詳しい情報については、 「[プライベートモードを有効化する](/admin/configuration/configuring-your-enterprise/enabling-private-mode)」を参照してください。 @@ -311,19 +311,19 @@ _この例は、読みやすいように改行されています。_ ## レート制限 -Different types of API requests to {% data variables.product.product_location %} are subject to different rate limits. +{% data variables.product.product_location %}への様々な種類のAPIリクエストは、様々なレート制限に従います。 -Additionally, the Search API has dedicated limits. For more information, see "[Search](/rest/reference/search#rate-limit)" in the REST API documentation. +加えて、Search APIには専用の制限があります。 詳しい情報についてはREST APIのドキュメンテーションの「[検索](/rest/reference/search#rate-limit)」を参照してください。 {% data reusables.enterprise.rate_limit %} {% data reusables.rest-api.always-check-your-limit %} -### Requests from user accounts +### ユーザアカウントからのリクエスト -Direct API requests that you authenticate with a personal access token are user-to-server requests. An OAuth App or GitHub App can also make a user-to-server request on your behalf after you authorize the app. For more information, see "[Creating a personal access token](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)," "[Authorizing OAuth Apps](/authentication/keeping-your-account-and-data-secure/authorizing-oauth-apps)," and "[Authorizing GitHub Apps](/authentication/keeping-your-account-and-data-secure/authorizing-github-apps)." +個人アクセストークンで認証された直接のAPIリクエストは、user-to-serverリクエストです。 OAuth AppあるいはGitHub Appは、ユーザが認可した後、user-to-serverリクエストをユーザの代わりに発行することもできます。 詳しい情報については「[個人アクセストークンの作成](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)」、「[OAuth Appの認可](/authentication/keeping-your-account-and-data-secure/authorizing-oauth-apps)」、「[GitHub Appの認可](/authentication/keeping-your-account-and-data-secure/authorizing-github-apps)」を参照してください。 -{% data variables.product.product_name %} associates all user-to-server requests with the authenticated user. For OAuth Apps and GitHub Apps, this is the user who authorized the app. All user-to-server requests count toward the authenticated user's rate limit. +{% data variables.product.product_name %}は、すべてのuser-to-serverリクエストを認証されたユーザと関連づけます。 OAuth App及びGitHubについては、これはアプリケーションを認可したユーザです。 すべてのuser-to-serverリクエストは、認証されたユーザのレート制限に対してカウントされます。 {% data reusables.apps.user-to-server-rate-limits %} @@ -333,31 +333,31 @@ Direct API requests that you authenticate with a personal access token are user- {% ifversion fpt or ghec or ghes %} -認証されていないリクエストでは、レート制限により 1 時間あたり最大 60 リクエストまで可能です。 Unauthenticated requests are associated with the originating IP address, and not the person making requests. +認証されていないリクエストでは、レート制限により 1 時間あたり最大 60 リクエストまで可能です。 認証されていないリクエストは、リクエストを発行した人ではなく、発信元の IP アドレスに関連付けられます。 {% endif %} {% endif %} -### Requests from GitHub Apps +### GitHub Appからのリクエスト -Requests from a GitHub App may be either user-to-server or server-to-server requests. For more information about rate limits for GitHub Apps, see "[Rate limits for GitHub Apps](/developers/apps/building-github-apps/rate-limits-for-github-apps)." +GitHub Appからのリクエストは、user-to-serverあるいはserver-to-serverリクエストのいずれかになります。 GitHub Appのレート制限に関する詳しい情報については「[GitHub Appのレート制限](/developers/apps/building-github-apps/rate-limits-for-github-apps)」を参照してください。 -### Requests from GitHub Actions +### GitHub Actionsからのリクエスト -You can use the built-in `GITHUB_TOKEN` to authenticate requests in GitHub Actions workflows. For more information, see "[Automatic token authentication](/actions/security-guides/automatic-token-authentication)." +GitHub Actionsワークフロー内のリクエストの認証には、ビルトインの`GITHUB_TOKEN`が使えます。 詳しい情報については「[自動トークン認証](/actions/security-guides/automatic-token-authentication)」を参照してください。 -When using `GITHUB_TOKEN`, the rate limit is 1,000 requests per hour per repository.{% ifversion fpt or ghec %} For requests to resources that belong to an enterprise account on {% data variables.product.product_location %}, {% data variables.product.prodname_ghe_cloud %}'s rate limit applies, and the limit is 15,000 requests per hour per repository.{% endif %} +`GITHUB_TOKEN`を使う場合、レート制限はリポジトリごとに1時間あたり1,000リクエストです。{% ifversion fpt or ghec %}{% data variables.product.product_location %}上のEnterpriseアカウントに属するリソースへのアクセスについては{% data variables.product.prodname_ghe_cloud %}のレート制限が適用され、その制限はリポジトリごとに1時間あたり15,000リクエストです。{% endif %} -### Checking your rate limit status +### レート制限のステータスのチェック -The Rate Limit API and a response's HTTP headers are authoritative sources for the current number of API calls available to you or your app at any given time. +レート制限APIとレスポンスのHTTPヘッダは、任意の時点におけるユーザまたはユーザのアプリケーションが利用できるAPIコール数の信頼できるソースです。 -#### Rate Limit API +#### レート制限API -You can use the Rate Limit API to check your rate limit status without incurring a hit to the current limit. For more information, see "[Rate limit](/rest/reference/rate-limit)." +レート制限APIを使って、現在の制限に達することなくレート制限のステータスをチェックできます。 詳しい情報については「[レート制限](/rest/reference/rate-limit)」を参照してください。 -#### Rate limit HTTP headers +#### レート制限HTTPヘッダ API リクエストの返された HTTP ヘッダは、現在のレート制限ステータスを示しています。 @@ -398,9 +398,9 @@ new Date(1372700873 * 1000) > } ``` -### Increasing the unauthenticated rate limit for OAuth Apps +### OAuth Appの認証されていないレート制限の増加 -If your OAuth App needs to make unauthenticated calls with a higher rate limit, you can pass your app's client ID and secret before the endpoint route. +OAuth Appが認証されていない呼び出しをより高いレート制限で行う必要がある場合は、エンドポイントルートの前にアプリのクライアント ID とシークレットを渡すことができます。 ```shell $ curl -u my_client_id:my_client_secret {% data variables.product.api_url_pre %}/user/repos @@ -421,11 +421,11 @@ $ curl -u my_client_id:my_client_secret {% data variables.product.api_url_pre %} Basic 認証または OAuth を使用してレート制限を超えた場合、API レスポンスをキャッシュし、[条件付きリクエスト](#conditional-requests)を使用することで問題を解決できます。 -### Secondary rate limits +### セカンダリレート制限 -{% data variables.product.product_name %} で高品質のサービスを提供するにあたって、API を使用するときに、いくつかのアクションに追加のレート制限が適用される場合があります。 For example, using the API to rapidly create content, poll aggressively instead of using webhooks, make multiple concurrent requests, or repeatedly request data that is computationally expensive may result in secondary rate limiting. +{% data variables.product.product_name %} で高品質のサービスを提供するにあたって、API を使用するときに、いくつかのアクションに追加のレート制限が適用される場合があります。 たとえば、API を使用してコンテンツを急速に作成する、webhook を使用する代わりに積極的にポーリングする、複数の同時リクエストを行う、計算コストが高いデータを繰り返しリクエストするなどの行為によって、セカンダリレート制限が適用される場合があります。 -Secondary rate limits are not intended to interfere with legitimate use of the API. 通常のレート制限が、ユーザにとって唯一の制限であるべきです。 優良な API ユーザにふさわしい振る舞いをしているかどうかを確認するには、[ベストプラクティスのガイドライン](/guides/best-practices-for-integrators/)をご覧ください。 +セカンダリレート制限は、API の正当な使用を妨げることを意図したものではありません。 通常のレート制限が、ユーザにとって唯一の制限であるべきです。 優良な API ユーザにふさわしい振る舞いをしているかどうかを確認するには、[ベストプラクティスのガイドライン](/guides/best-practices-for-integrators/)をご覧ください。 アプリケーションがこのレート制限をトリガーすると、次のような有益なレスポンスを受け取ります。 @@ -614,14 +614,14 @@ JavaScript ハンドラを記述して、コールバックを処理できます ## タイムゾーン -新しいコミットの作成など、新しいデータを作成する一部のリクエストでは、タイムスタンプを指定または生成するときにタイムゾーン情報を提供できます。 We apply the following rules, in order of priority, to determine timezone information for such API calls. +新しいコミットの作成など、新しいデータを作成する一部のリクエストでは、タイムスタンプを指定または生成するときにタイムゾーン情報を提供できます。 そういったAPI 呼び出しのタイムゾーン情報を決定する際に、優先順位に従って次のルールを適用します。 * [ISO 8601 タイムスタンプにタイムゾーン情報を明示的に提供する](#explicitly-providing-an-iso-8601-timestamp-with-timezone-information) * [`Time-Zone` ヘッダを使用する](#using-the-time-zone-header) * [ユーザが最後に認識されたタイムゾーンを使用する](#using-the-last-known-timezone-for-the-user) * [他のタイムゾーン情報を含まない UTC をデフォルトにする](#defaulting-to-utc-without-other-timezone-information) -Note that these rules apply only to data passed to the API, not to data returned by the API. As mentioned in "[Schema](#schema)," timestamps returned by the API are in UTC time, ISO 8601 format. +これらのルールは、APIに渡されたデータに対してのみ適用され、APIが返す日付には適用されないことに注意してください。 「[スキーマ](#schema)」にあるように、APIが返すタイムスタンプはUTCでISO8601フォーマットです。 ### ISO 8601 タイムスタンプにタイムゾーン情報を明示的に提供する diff --git a/translations/ja-JP/content/rest/overview/troubleshooting.md b/translations/ja-JP/content/rest/overview/troubleshooting.md index 15b826dd6f..c51a47dd11 100644 --- a/translations/ja-JP/content/rest/overview/troubleshooting.md +++ b/translations/ja-JP/content/rest/overview/troubleshooting.md @@ -20,7 +20,7 @@ API で不可解な問題が発生した場合、発生したと思われる問 通常、クライアントが正しく認証されていない場合、`404` エラーが送信されます。 このような場合、`403 Forbidden` が表示されるはずであると考えるかもしれません。 しかし、プライベートリポジトリに関する_いずれの_情報も提供されないため、API は代わりに `404` エラーを返します。 -To troubleshoot, ensure [you're authenticating correctly](/guides/getting-started/), [your OAuth access token has the required scopes](/apps/building-oauth-apps/understanding-scopes-for-oauth-apps/), [third-party application restrictions][oap-guide] are not blocking access, and that [the token has not expired or been revoked](/github/authenticating-to-github/keeping-your-account-and-data-secure/token-expiration-and-revocation). +トラブルシューティングを行うには、[正しく認証されていること](/guides/getting-started/)、[OAuth アクセストークンに必要なスコープがあること](/apps/building-oauth-apps/understanding-scopes-for-oauth-apps/)、[サードパーティアプリケーションの制限][oap-guide]によってアクセスがブロックされていないこと、そして[トークンが期限切れになっていたり取り消されたりしてない](/github/authenticating-to-github/keeping-your-account-and-data-secure/token-expiration-and-revocation)ことを確認してください。 ## 表示されない結果がある @@ -63,9 +63,9 @@ curl -u my_username:my_password -X POST "https://api.github.com/authorizations" 次に、[Web アプリケーションフロー](/apps/building-oauth-apps/authorizing-oauth-apps/#web-application-flow)に切り替えて、アクセストークンを生成します。 -## Timeouts +## タイムアウト -If {% data variables.product.product_name %} takes more than 10 seconds to process an API request, {% data variables.product.product_name %} will terminate the request and you will receive a timeout response. +{% data variables.product.product_name %}がAPIを処理するのに10秒以上かかると、{% data variables.product.product_name %}はリクエストを終了させ、タイムアウトのレスポンスが返されます。 {% endif %} diff --git a/translations/ja-JP/content/rest/reference/actions.md b/translations/ja-JP/content/rest/reference/actions.md index 51dad1afa2..ab1972db6a 100644 --- a/translations/ja-JP/content/rest/reference/actions.md +++ b/translations/ja-JP/content/rest/reference/actions.md @@ -1,6 +1,6 @@ --- title: アクション -intro: 'With the Actions API, you can manage and control {% data variables.product.prodname_actions %} for an organization or repository.' +intro: 'Actions APIを使うと、Organizationやリポジトリの{% data variables.product.prodname_actions %}を管理し、制御できます。' redirect_from: - /v3/actions versions: diff --git a/translations/ja-JP/content/rest/reference/activity.md b/translations/ja-JP/content/rest/reference/activity.md index 35d9ca8aea..1a15e000f3 100644 --- a/translations/ja-JP/content/rest/reference/activity.md +++ b/translations/ja-JP/content/rest/reference/activity.md @@ -1,6 +1,6 @@ --- title: アクティビティ -intro: 'The Activity API allows you to list events and feeds and manage notifications, starring, and watching for the authenticated user.' +intro: Activity APIを使うと、イベントやフィードをリストし、通知、Star、認証されたユーザのWatchを管理できます。 redirect_from: - /v3/activity versions: diff --git a/translations/ja-JP/content/rest/reference/apps.md b/translations/ja-JP/content/rest/reference/apps.md index 912673d56e..b48b8aaa31 100644 --- a/translations/ja-JP/content/rest/reference/apps.md +++ b/translations/ja-JP/content/rest/reference/apps.md @@ -1,6 +1,6 @@ --- title: アプリ -intro: The GitHub Apps API enables you to retrieve the information about the installation as well as specific information about GitHub Apps. +intro: GitHub Apps APIを使うと、インストールに関する情報や、GitHub Appに関する特定の情報を取得できます。 redirect_from: - /v3/apps versions: diff --git a/translations/ja-JP/content/rest/reference/billing.md b/translations/ja-JP/content/rest/reference/billing.md index 43e193a099..457f2323a1 100644 --- a/translations/ja-JP/content/rest/reference/billing.md +++ b/translations/ja-JP/content/rest/reference/billing.md @@ -1,6 +1,6 @@ --- title: 支払い -intro: 'With the Billing API, you can monitor the charges and usage {% data variables.product.prodname_actions %} and {% data variables.product.prodname_registry %} for a user or organization.' +intro: 'Billing APIを使うと、ユーザやOrganizationに対する{% data variables.product.prodname_actions %}や{% data variables.product.prodname_registry %}の確認と使用状況をモニターできます。' versions: fpt: '*' ghec: '*' diff --git a/translations/ja-JP/content/rest/reference/branches.md b/translations/ja-JP/content/rest/reference/branches.md index 3495232f52..e125a0776a 100644 --- a/translations/ja-JP/content/rest/reference/branches.md +++ b/translations/ja-JP/content/rest/reference/branches.md @@ -1,6 +1,6 @@ --- title: ブランチ -intro: The branches API allows you to modify branches and their protection settings. +intro: ブランチAPIを使うと、ブランチとブランチの保護設定を変更できます。 allowTitleToDifferFromFilename: true versions: fpt: '*' diff --git a/translations/ja-JP/content/rest/reference/checks.md b/translations/ja-JP/content/rest/reference/checks.md index ea71583370..ca2b4dea93 100644 --- a/translations/ja-JP/content/rest/reference/checks.md +++ b/translations/ja-JP/content/rest/reference/checks.md @@ -1,6 +1,6 @@ --- title: チェック -intro: 'With the Checks API, you can build {% data variables.product.prodname_github_apps %} that run powerful checks against the code changes in a repository.' +intro: 'Checks APIを使用すると、リポジトリでのコード変更に対して強力なチェックを行う{% data variables.product.prodname_github_apps %}を構築できます。' redirect_from: - /v3/checks versions: diff --git a/translations/ja-JP/content/rest/reference/code-scanning.md b/translations/ja-JP/content/rest/reference/code-scanning.md index f10dc933ac..19153ecd79 100644 --- a/translations/ja-JP/content/rest/reference/code-scanning.md +++ b/translations/ja-JP/content/rest/reference/code-scanning.md @@ -1,6 +1,6 @@ --- title: Code scanning -intro: The Code Scanning API enables you to retrieve and update the code scanning alerts and analyses from a repository. +intro: Code Scanning APIを使うと、リポジトリからCode scanningのアラートと分析を取得し、更新できます。 redirect_from: - /v3/code-scanning product: '{% data reusables.gated-features.code-scanning %}' diff --git a/translations/ja-JP/content/rest/reference/codes-of-conduct.md b/translations/ja-JP/content/rest/reference/codes-of-conduct.md index 9b1714546c..8b9b973f9c 100644 --- a/translations/ja-JP/content/rest/reference/codes-of-conduct.md +++ b/translations/ja-JP/content/rest/reference/codes-of-conduct.md @@ -1,6 +1,6 @@ --- title: 行動規範 -intro: The Codes of Conduct API lets you to retrieve the information about a particular repository's code of conduct. +intro: Codes of Conduct APIを使うと、特定のリポジトリの行動規範に関する情報を取得できます。 redirect_from: - /v3/codes_of_conduct - /v3/codes-of-conduct diff --git a/translations/ja-JP/content/rest/reference/codespaces.md b/translations/ja-JP/content/rest/reference/codespaces.md index 11f28ca643..5d353aec91 100644 --- a/translations/ja-JP/content/rest/reference/codespaces.md +++ b/translations/ja-JP/content/rest/reference/codespaces.md @@ -1,6 +1,6 @@ --- title: Codespaces -intro: 'The {% data variables.product.prodname_codespaces %} API enables you to manage your codespaces using the REST API.' +intro: '{% data variables.product.prodname_codespaces %} APIを使うと、REST APIを利用してCodespacesを管理できます。' product: '{% data reusables.gated-features.codespaces %}' versions: fpt: '*' @@ -12,4 +12,4 @@ miniTocMaxHeadingLevel: 3 \ No newline at end of file +--> diff --git a/translations/ja-JP/content/rest/reference/collaborators.md b/translations/ja-JP/content/rest/reference/collaborators.md index f53b35d2c8..822f6c6c40 100644 --- a/translations/ja-JP/content/rest/reference/collaborators.md +++ b/translations/ja-JP/content/rest/reference/collaborators.md @@ -1,6 +1,6 @@ --- title: コラボレータ -intro: 'The collaborators API allows you to add, invite, and remove collaborators from a repository.' +intro: コラボレータAPIを使うと、リポジトリでコラボレータの追加、招待、削除が行えます。 allowTitleToDifferFromFilename: true versions: fpt: '*' diff --git a/translations/ja-JP/content/rest/reference/commits.md b/translations/ja-JP/content/rest/reference/commits.md index 72a860a96e..a8022f5ae2 100644 --- a/translations/ja-JP/content/rest/reference/commits.md +++ b/translations/ja-JP/content/rest/reference/commits.md @@ -1,6 +1,6 @@ --- title: コミット -intro: 'The commits API allows you to list, view, and compare commits in a repository. You can also interact with commit comments and commit statuses.' +intro: コミットAPIを使うと、リポジトリ内のコミットのリスト、表示、比較ができます。 コミットコメントやコミットのステータスの操作もできます。 allowTitleToDifferFromFilename: true versions: fpt: '*' diff --git a/translations/ja-JP/content/rest/reference/dependabot.md b/translations/ja-JP/content/rest/reference/dependabot.md index 5fe2940b7c..d5f9b41693 100644 --- a/translations/ja-JP/content/rest/reference/dependabot.md +++ b/translations/ja-JP/content/rest/reference/dependabot.md @@ -1,6 +1,6 @@ --- title: Dependabot -intro: 'With the {% data variables.product.prodname_dependabot %} Secrets API, you can manage and control {% data variables.product.prodname_dependabot %} secrets for an organization or repository.' +intro: '{% data variables.product.prodname_dependabot %} Secrets APIを使うと、Organizationあるいはリポジトリの{% data variables.product.prodname_dependabot %}sjシークレットを管理し、制御できます。' versions: fpt: '*' ghes: '>=3.4' @@ -12,4 +12,4 @@ miniTocMaxHeadingLevel: 3 \ No newline at end of file +--> diff --git a/translations/ja-JP/content/rest/reference/deploy_keys.md b/translations/ja-JP/content/rest/reference/deploy_keys.md new file mode 100644 index 0000000000..08cd4132e1 --- /dev/null +++ b/translations/ja-JP/content/rest/reference/deploy_keys.md @@ -0,0 +1,17 @@ +--- +title: デプロイキー +intro: Deploy Keys APIを使えば、サーバーに保存され、GitHubリポジトリへのアクセスを許可するSSHキーを作成できます。 +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: '*' + ghec: '*' +topics: + - API +miniTocMaxHeadingLevel: 3 +--- + + diff --git a/translations/ja-JP/content/rest/reference/deployments.md b/translations/ja-JP/content/rest/reference/deployments.md index fb24aca589..3763c740b9 100644 --- a/translations/ja-JP/content/rest/reference/deployments.md +++ b/translations/ja-JP/content/rest/reference/deployments.md @@ -1,6 +1,6 @@ --- title: デプロイメント -intro: 'The deployments API allows you to create and delete deploy keys, deployments, and deployment environments.' +intro: デプロイメントAPIを使うと、デプロイメント及びデプロイメント環境の作成と削除ができます。 allowTitleToDifferFromFilename: true versions: fpt: '*' diff --git a/translations/ja-JP/content/rest/reference/emojis.md b/translations/ja-JP/content/rest/reference/emojis.md index 7c9155c157..f703abb119 100644 --- a/translations/ja-JP/content/rest/reference/emojis.md +++ b/translations/ja-JP/content/rest/reference/emojis.md @@ -1,6 +1,6 @@ --- title: 絵文字 -intro: 'With the Emojis API, you can list and view all the available emojis to use in {% data variables.product.product_name %}.' +intro: 'Emojis APIを使用すると、{% data variables.product.product_name %}で利用できるすべての絵文字のリストと表示ができます。' redirect_from: - /v3/emojis - /v3/misc diff --git a/translations/ja-JP/content/rest/reference/gists.md b/translations/ja-JP/content/rest/reference/gists.md index c9a59dd8d0..971cd74e8e 100644 --- a/translations/ja-JP/content/rest/reference/gists.md +++ b/translations/ja-JP/content/rest/reference/gists.md @@ -1,6 +1,6 @@ --- title: Gist -intro: 'The Gists API enables the authorized user to list, create, update and delete the public gists on {% data variables.product.product_name %}.' +intro: 'Gists APIを使うと、認可されたユーザは{% data variables.product.product_name %}上のパブリックGistのリスト、作成、、更新、削除ができます。' redirect_from: - /v3/gists versions: diff --git a/translations/ja-JP/content/rest/reference/git.md b/translations/ja-JP/content/rest/reference/git.md index 0fa81d6eca..973b396afc 100644 --- a/translations/ja-JP/content/rest/reference/git.md +++ b/translations/ja-JP/content/rest/reference/git.md @@ -1,6 +1,6 @@ --- title: Git データベース -intro: 'The Git Database API enables you to read and write raw Git objects to your Git database on {% data variables.product.product_name %} and to list and update Git references (branch heads and tags).' +intro: 'Git Database APIを使うと、{% data variables.product.product_name %}上のGitデータベースに対してRaw形式のGitオブジェクトを読み書きしたり、リファレンス (ブランチheadやタグ) をリストおよび更新したりできます。' allowTitleToDifferFromFilename: true redirect_from: - /v3/git diff --git a/translations/ja-JP/content/rest/reference/gitignore.md b/translations/ja-JP/content/rest/reference/gitignore.md index 65610e6aad..5d243527ed 100644 --- a/translations/ja-JP/content/rest/reference/gitignore.md +++ b/translations/ja-JP/content/rest/reference/gitignore.md @@ -1,6 +1,6 @@ --- title: Gitignore -intro: The Gitignore API fetches `.gitignore` templates that can be used to ignore files and directories. +intro: Gitignore APIは、ファイルやディレクトリを無視するために利用できる`.gitignore`テンプレートをフェッチします。 redirect_from: - /v3/gitignore versions: @@ -15,4 +15,4 @@ miniTocMaxHeadingLevel: 3 \ No newline at end of file +--> diff --git a/translations/ja-JP/content/rest/reference/index.md b/translations/ja-JP/content/rest/reference/index.md index bbc7d47c7a..4c1aeeb062 100644 --- a/translations/ja-JP/content/rest/reference/index.md +++ b/translations/ja-JP/content/rest/reference/index.md @@ -22,6 +22,7 @@ children: - /collaborators - /commits - /dependabot + - /deploy_keys - /deployments - /emojis - /enterprise-admin diff --git a/translations/ja-JP/content/rest/reference/interactions.md b/translations/ja-JP/content/rest/reference/interactions.md index 174ce78978..497bd4cf1a 100644 --- a/translations/ja-JP/content/rest/reference/interactions.md +++ b/translations/ja-JP/content/rest/reference/interactions.md @@ -1,6 +1,6 @@ --- title: インタラクション -intro: 'With the Interactions API, people with owner or admin access can set the interaction limit for the users in their organizations and repositories.' +intro: Interactions APIを使うと、オーナーもしくは管理アクセスを持つ人が、Organizationやリポジトリ内のユーザの操作制限を設定できます。 redirect_from: - /v3/interactions versions: diff --git a/translations/ja-JP/content/rest/reference/issues.md b/translations/ja-JP/content/rest/reference/issues.md index 0cacdccae2..c7b51db59d 100644 --- a/translations/ja-JP/content/rest/reference/issues.md +++ b/translations/ja-JP/content/rest/reference/issues.md @@ -1,6 +1,6 @@ --- title: Issue -intro: 'The Issues API enables you to view and manage issues, including issue assignees, comments, labels, and milestones.' +intro: Issues APIを使うと、Issueにアサインされた人、コメント、ラベル、マイルストーンを含め、Issueの表示と管理ができます。 redirect_from: - /v3/issues versions: diff --git a/translations/ja-JP/content/rest/reference/licenses.md b/translations/ja-JP/content/rest/reference/licenses.md index 5aff348368..b66d570593 100644 --- a/translations/ja-JP/content/rest/reference/licenses.md +++ b/translations/ja-JP/content/rest/reference/licenses.md @@ -1,6 +1,6 @@ --- title: ライセンス -intro: The Licenses API lets you to retrieve popular open source licenses and information about a particular project's license file. +intro: Licenses API は、広く利用されているオープンソースライセンスと、特定のプロジェクトのライセンスファイルに関する情報を返します。 redirect_from: - /v3/licenses versions: diff --git a/translations/ja-JP/content/rest/reference/markdown.md b/translations/ja-JP/content/rest/reference/markdown.md index e17fb2faa9..be2b82601d 100644 --- a/translations/ja-JP/content/rest/reference/markdown.md +++ b/translations/ja-JP/content/rest/reference/markdown.md @@ -1,6 +1,6 @@ --- title: Markdown -intro: The Markdown API enables you to render a markdown document as an HTML page or as raw text. +intro: MarkdownAPIを使うと、MarkdownドキュメントをHTMLページあるいは生のテキストとしてレンダリングできます。 redirect_from: - /v3/markdown versions: @@ -15,4 +15,4 @@ miniTocMaxHeadingLevel: 3 \ No newline at end of file +--> diff --git a/translations/ja-JP/content/rest/reference/meta.md b/translations/ja-JP/content/rest/reference/meta.md index 43a541a79f..0a99c13371 100644 --- a/translations/ja-JP/content/rest/reference/meta.md +++ b/translations/ja-JP/content/rest/reference/meta.md @@ -1,6 +1,6 @@ --- title: メタ情報 -intro: 'The Meta API returns meta information about {% data variables.product.product_name %} including the IP addresses of {% data variables.product.product_name %} services.' +intro: 'Meta APIは、{% data variables.product.product_name %}サービスのIPアドレスを含む{% data variables.product.product_name %}に関するメタ情報を返します。' redirect_from: - /v3/meta versions: diff --git a/translations/ja-JP/content/rest/reference/metrics.md b/translations/ja-JP/content/rest/reference/metrics.md index 1f00b23b60..2c3ff4bade 100644 --- a/translations/ja-JP/content/rest/reference/metrics.md +++ b/translations/ja-JP/content/rest/reference/metrics.md @@ -1,6 +1,6 @@ --- -title: Metrics -intro: 'The repository metrics API allows you to retrieve community profile, statistics, and traffic for your repository.' +title: メトリクス +intro: リポジトリメトリクスAPIを使うと、リポジトリのコミュニティプロフィール、統計、トラフィックを取得できます。 allowTitleToDifferFromFilename: true redirect_from: - /rest/reference/repository-metrics diff --git a/translations/ja-JP/content/rest/reference/migrations.md b/translations/ja-JP/content/rest/reference/migrations.md index cd1ec7e542..d47a4f8ba4 100644 --- a/translations/ja-JP/content/rest/reference/migrations.md +++ b/translations/ja-JP/content/rest/reference/migrations.md @@ -1,6 +1,6 @@ --- title: 移行 -intro: 'The Migration API lets you migrate the repositories and users of your organization from {% data variables.product.prodname_dotcom_the_website %} to {% data variables.product.prodname_ghe_server %}.' +intro: 'Migration APIを使うと、{% data variables.product.prodname_dotcom_the_website %}から{% data variables.product.prodname_ghe_server %}へ、Organizaitonのリポジトリとユーザを移行できます。' redirect_from: - /v3/migrations - /v3/migration diff --git a/translations/ja-JP/content/rest/reference/orgs.md b/translations/ja-JP/content/rest/reference/orgs.md index 637c7b818e..bf9272a069 100644 --- a/translations/ja-JP/content/rest/reference/orgs.md +++ b/translations/ja-JP/content/rest/reference/orgs.md @@ -1,6 +1,6 @@ --- title: Organization -intro: 'The Organizations API gives you access to control and manage all your {% data variables.product.product_name %} organizations.' +intro: 'Organizations APIを使うと、自分のすべての{% data variables.product.product_name %} Organizationの制御と管理のためのアクセスができます。' allowTitleToDifferFromFilename: true redirect_from: - /v3/orgs diff --git a/translations/ja-JP/content/rest/reference/packages.md b/translations/ja-JP/content/rest/reference/packages.md index 06e5f09b36..363c02abd7 100644 --- a/translations/ja-JP/content/rest/reference/packages.md +++ b/translations/ja-JP/content/rest/reference/packages.md @@ -1,6 +1,6 @@ --- title: パッケージ -intro: 'With the {% data variables.product.prodname_registry %} API, you can manage packages for your {% data variables.product.prodname_dotcom %} repositories and organizations.' +intro: '{% data variables.product.prodname_registry %} APIを使うと、{% data variables.product.prodname_dotcom %}の自分のリポジトリとOrganizationのパッケージの管理ができます。' product: '{% data reusables.gated-features.packages %}' versions: fpt: '*' diff --git a/translations/ja-JP/content/rest/reference/pages.md b/translations/ja-JP/content/rest/reference/pages.md index 5b379f1697..71129a3cbb 100644 --- a/translations/ja-JP/content/rest/reference/pages.md +++ b/translations/ja-JP/content/rest/reference/pages.md @@ -1,6 +1,6 @@ --- title: Pages -intro: The GitHub Pages API allows you to interact with GitHub Pages sites and build information. +intro: GitHub Pages APIを使うと、GitHub Pagesのサイトとビルド情報の操作ができます。 allowTitleToDifferFromFilename: true versions: fpt: '*' @@ -14,4 +14,4 @@ miniTocMaxHeadingLevel: 3 \ No newline at end of file +--> diff --git a/translations/ja-JP/content/rest/reference/projects.md b/translations/ja-JP/content/rest/reference/projects.md index 19e3aa4526..b27117a274 100644 --- a/translations/ja-JP/content/rest/reference/projects.md +++ b/translations/ja-JP/content/rest/reference/projects.md @@ -1,6 +1,6 @@ --- title: プロジェクト -intro: 'The Projects API lets you create, list, update, delete and customize projects in a repository.' +intro: Projects APIを使うと、リポジトリ内のプロジェクトの作成、リスト、更新、削除、カスタマイズができます。 redirect_from: - /v3/projects versions: diff --git a/translations/ja-JP/content/rest/reference/releases.md b/translations/ja-JP/content/rest/reference/releases.md index dd6a8f2561..ed64cd2981 100644 --- a/translations/ja-JP/content/rest/reference/releases.md +++ b/translations/ja-JP/content/rest/reference/releases.md @@ -1,6 +1,6 @@ --- title: リリース -intro: 'The releases API allows you to create, modify, and delete releases and release assets.' +intro: リリースAPIを使うと、リリースとリリースアセットの作成、変更、削除ができます。 allowTitleToDifferFromFilename: true versions: fpt: '*' diff --git a/translations/ja-JP/content/rest/reference/repos.md b/translations/ja-JP/content/rest/reference/repos.md index 01bcaaac01..deacf54576 100644 --- a/translations/ja-JP/content/rest/reference/repos.md +++ b/translations/ja-JP/content/rest/reference/repos.md @@ -1,6 +1,6 @@ --- title: リポジトリ -intro: 'The Repos API allows to create, manage and control the workflow of public and private {% data variables.product.product_name %} repositories.' +intro: 'Repos APIを使うと、パブリック及びプライベートの{% data variables.product.product_name %}リポジトリのワークフローの作成、管理、制御ができます。' allowTitleToDifferFromFilename: true redirect_from: - /v3/repos diff --git a/translations/ja-JP/content/rest/reference/secret-scanning.md b/translations/ja-JP/content/rest/reference/secret-scanning.md index 770ef2f5ff..69a332ba7b 100644 --- a/translations/ja-JP/content/rest/reference/secret-scanning.md +++ b/translations/ja-JP/content/rest/reference/secret-scanning.md @@ -1,6 +1,6 @@ --- title: Secret scanning -intro: 'Use the secret scanning API to retrieve and update secret alerts from a repository.' +intro: Secret scanning APIを使うと、リポジトリのシークレットアラートの取得と更新ができます。 versions: fpt: '*' ghes: '*' diff --git a/translations/ja-JP/content/rest/reference/webhooks.md b/translations/ja-JP/content/rest/reference/webhooks.md index 2afa687c1c..ef437a17db 100644 --- a/translations/ja-JP/content/rest/reference/webhooks.md +++ b/translations/ja-JP/content/rest/reference/webhooks.md @@ -1,6 +1,6 @@ --- title: webhook -intro: The webhooks API allows you to create and manage webhooks for your repositories. +intro: webhooks APIを使うと、リポジトリのwebhookの作成と管理ができます。 allowTitleToDifferFromFilename: true versions: fpt: '*' diff --git a/translations/ja-JP/content/github/site-policy/github-acceptable-use-policies.md b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md similarity index 58% rename from translations/ja-JP/content/github/site-policy/github-acceptable-use-policies.md rename to translations/ja-JP/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md index aafd6147d9..826fe37be8 100644 --- a/translations/ja-JP/content/github/site-policy/github-acceptable-use-policies.md +++ b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md @@ -2,6 +2,7 @@ title: GitHub 利用規定 redirect_from: - /articles/github-acceptable-use-policies + - /github/site-policy/github-acceptable-use-policies versions: fpt: '*' topics: @@ -9,66 +10,70 @@ topics: - Legal --- -**趣旨の要約:** _私たちは、世界中のさまざまな協同プロジェクトをホストしており、そうしたコラボレーションは、ユーザ同士が誠実に協力できる場合にのみ成り立ちます。 あなたが「サービス」を利用する際は、本利用規定に従う必要があります。本利用規定には、あなたが投稿できるコンテンツについての制限、サービス上の行動、その他の制限が記載されています。 その趣旨を要約すれば、お互いのことを思いやりましょうということです。_ +**趣旨の要約:** _私たちは、世界中のさまざまな協同プロジェクトをホストしており、そうしたコラボレーションは、ユーザ同士が誠実に協力できる場合にのみ成り立ちます。 While using the Service, you must comply with our Acceptable Use Policies, which include some restrictions on content and conduct on GitHub related to user safety, intellectual property, privacy, authenticity, and other limitations. その趣旨を要約すれば、お互いのことを思いやりましょうということです。_ かぎ括弧に括られた用語のうち、本利用規定で定義されていないものについては、 「[利用規約](/articles/github-terms-of-service)」、「[企業向け利用規約](/articles/github-corporate-terms-of-service)」、および「[プライバシーについての声明](/articles/github-privacy-statement)」に記載された定義に従うものとします。 「[企業向け利用規約](/articles/github-corporate-terms-of-service)」が適用されるお客様については、「あなた」は「お客様」または「ユーザ」を指します。 「私たち」、「当社」は「GitHub」を指します。 ## 1. 法令・規定の遵守 あなたは、本「サービス」を利用するにあたり、全ての適用法、規制、および当社の定める全ての利用規定を遵守する責任を負います。 これらの規定は、更新されることがあります。更新内容については以下、ならびに当社の「[利用規約](/articles/github-terms-of-service)」および「[企業向け利用規約](/articles/github-corporate-terms-of-service)」をご確認ください。 -## 2. コンテンツの制限 -「ユーザ」は、いかなる場合においても、以下に該当する「コンテンツ」をアップロード、投稿、ホスト、実行、または送信しないものとします: +## 2. User Safety +We do not allow content or activity on GitHub that: - 非合法、または非合法行為を促進するもの、 -- [性的・わいせつな内容](/github/site-policy/github-community-guidelines#sexually-obscene-content)を含むもの、 +- is [sexually obscene](/github/site-policy/github-sexually-obscene-content) or relates to sexual exploitation or abuse, including of minors; - 中傷、名誉毀損、あるいは詐欺的なもの、 -- 個人やグループを[差別または罵倒](/github/site-policy/github-community-guidelines#hate-speech-and-discrimination)するもの、 +- 個人やグループを[差別または罵倒](/github/site-policy/github-hate-speech-and-discrimination)するもの、 -- 暴力的画像を含め、[不必要に暴力を描写または美化](/github/site-policy/github-community-guidelines#gratuitously-violent-content)するもの、 +- is [false, inaccurate, or intentionally deceptive information](/github/site-policy/github-misinformation-and-disinformation) and likely to adversely affect the public interest (including health, safety, election integrity, and civic participation); -- 公共の利益 (健康、安全、選挙の完全性、市民参加を含む) に悪影響を及ぼす可能性がある、[虚偽、不正確、または意図的に誤解を招く](/github/site-policy/github-community-guidelines#misinformation-and-disinformation)内容であるか、そうした内容を含むもの、 +- [harasses or abuses](/github/site-policy/github-bullying-and-harassment) another individual or group, including our employees, officers, and agents, or other users; -- 不正使用が発生する前に黙示的にも明示的にもデュアルユース目的であることを示さず、当社プラットフォームを悪意ある実行ファイルを配信したり、サービス拒否攻撃を組織したり、コマンドアンドコントロールサーバーを管理したりといった攻撃インフラとして使用するなど、技術的な危害を及ぼす[非合法な能動的攻撃やマルウェアキャンペーン](/github/site-policy/github-community-guidelines#active-malware-or-exploits)を直接的に支援するもの、 +- [threatens or incites violence](/github/site-policy/github-threats-of-violence-and-gratuitously-violent-content) toward any individual or group, especially on the basis of who they are; -- 不正な製品ライセンスキー、製品ライセンスキーを不正に生成するソフトウェア、および製品ライセンスキーのチェックを迂回するソフトウェア(試用期間を超えて無料ライセンスを延長するものを含む)を共有するもの、 +- [gratuitously depicts or glorifies violence](/github/site-policy/github-threats-of-violence-and-gratuitously-violent-content), including violent images; or -- 特許、商標、企業秘密、パブリシティー権などの権利を含め、あらゆる当事者のあらゆる所有権を侵害するもの。 +- is off-topic, or interacts with platform features in a way that significantly or repeatedly [disrupts the experience of other users](/github/site-policy/github-disrupting-the-experience-of-other-users). -詳細は、「[コミュニティガイドライン](/github/site-policy/github-community-guidelines#what-is-not-allowed)」を参照してください。 -## 3. 行動の制限 -「サービス」を利用する際は、いかなる場合においても以下のことを行わないものとします: +## 3. Intellectual Property, Authenticity, and Private Information +We do not allow content or activity on GitHub that: -- 当社従業員、役員、代理店、その他ユーザを含む、あらゆる個人またはグループに対する[嫌がらせ、罵倒](/github/site-policy/github-community-guidelines#bullying-and-harassment)、[脅迫、または暴力](/github/site-policy/github-community-guidelines#threats-of-violence)を誘発すること、 +- infringes any proprietary right of any party, including patent, trademark, trade secret, copyright, right of publicity, or other right; -- [他のユーザのエクスペリエンスを著しくまたは繰り返し妨げる](/github/site-policy/github-community-guidelines#disrupting-the-experience-of-other-users)ような方法で、オフトピックのコンテンツを投稿したりプラットフォームの機能を使用したりすること、 +- unlawfully shares unauthorized product licensing keys, software for generating unauthorized product licensing keys, or software for bypassing checks for product licensing keys, including extension of a free license beyond its trial period; -- あらゆる自動化された[過剰な大規模活動](/github/site-policy/github-acceptable-use-policies#4-spam-and-inauthentic-activity-on-github) (スパムや暗号通貨のマイニングなど) に当社サーバーを利用すること、自動化された手段により当社サーバーに不当な負荷を加えること、または当社サーバーを経由して、あらゆる未承諾広告や勧誘行為 (攻略法詐欺など) を中継すること、 +- [impersonates any person or entity](/github/site-policy/github-impersonation), including any of our employees or representatives, including through false association with GitHub, or by fraudulently misrepresenting your identity or site's purpose; or -- 当社サーバーを使用して、何らかのサービス、デバイス、データ、アカウントまたはネットワークを妨害するかあるいはこれを試みること、またはこれらに不正アクセスするかあるいはこれを試みること ([GitHub Bug Bounty program](https://bounty.github.com) により許可されている場合を除く)、 - -- GitHub との偽りの関係性を騙ること、悪用目的で自分の身分やサイトの目的を偽ることなどにより、当社従業員や代表者を含め、あらゆる[個人や法人に成りすます](/github/site-policy/github-community-guidelines#impersonation)こと、 - -- 他人の個人情報を同意なしに投稿するなどにより、[あらゆる第三者のプライバシーを侵害](/github/site-policy/github-community-guidelines#doxxing-and-invasion-of-privacy)すること。 - -詳細は、「[コミュニティガイドライン](/github/site-policy/github-community-guidelines#what-is-not-allowed)」を参照してください。 +- [violates the privacy of any third party](/github/site-policy/github-doxxing-and-invasion-of-privacy), such as by posting another person's personal information without consent. ## 4. GitHub におけるスパムおよび不正活動 -GitHub では、スパム送信などの自動化された過剰な大規模活動および組織的な不正活動は禁止されています。 禁止活動には以下が含まれます。 -* GitHub の規約およびポリシーによって禁止されているプロモーションおよび広告の大量配布 -* 偽のアカウントや自動化された不正活動などの不正なインタラクション -* 自動化された Star 付けやフォローなどのランクの悪用 -* 不正活動を拡散する目的でのセカンダリーマーケットの作成または参加 -* 他のプラットフォームで悪用を伝播するためのプラットフォームとして GitHub を利用すること -* フィッシングまたはフィッシングの試み +We do not allow content or activity on GitHub that is: +- automated excessive bulk activity and coordinated inauthentic activity, such as + * spamming + * cryptocurrency mining; +* GitHub の規約およびポリシーによって禁止されているプロモーションおよび広告の大量配布; +* inauthentic interactions, such as fake accounts and automated inauthentic activity; +* rank abuse, such as automated starring or following; +* creation of or participation in secondary markets for the purpose of the proliferation of inauthentic activity; +* 他のプラットフォームで悪用を伝播するためのプラットフォームとして GitHub を利用すること; +* phishing or attempted phishing; or +* using our servers for any form of excessive automated bulk activity, to place undue burden on our servers through automated means, or to relay any form of unsolicited advertising or solicitation through our servers, such as get-rich-quick schemes. -## 5. サービス利用の制限 +## 5. Site Access and Safety +We do not allow content or activity on GitHub that: + +- 不正使用が発生する前に黙示的にも明示的にもデュアルユース目的であることを示さず、当社プラットフォームを悪意ある実行ファイルを配信したり、サービス拒否攻撃を組織したり、コマンドアンドコントロールサーバーを管理したりといった攻撃インフラとして使用するなど、技術的な危害を及ぼす[非合法な能動的攻撃やマルウェアキャンペーン](/github/site-policy/github-active-malware-or-exploits)を直接的に支援するもの、 +- uses our servers to disrupt or to attempt to disrupt, or to gain or to attempt to gain unauthorized access to, any service, device, data, account or network. Please note, activities permitted under bug bounty programs, such as the [GitHub Bug Bounty program](https://bounty.github.com), are not considered “unauthorized.” + + +## 6. サービス利用の制限 当社が書面により明示的に許可する場合を除き、「サービス」のいずれか一部、「サービス」の使用、または「サービス」へのアクセスを複製、複写、コピー、販売、再販売、または活用してはなりません。 -## 6. 情報利用の制限 +## 7. 情報利用の制限 スクレイピング、API を通じた収集、その他のいずれの手段においてであれ、あなたは当社の「サービス」から取得した情報を、以下の理由で使用することができます。 - 研究者は、研究成果の発表が[オープンアクセス](https://en.wikipedia.org/wiki/Open_access)となる場合にのみ、公開の非個人情報を「サービス」から研究目的でスクレイピングすることができます。 @@ -80,24 +85,28 @@ GitHub では、スパム送信などの自動化された過剰な大規模活 本「サービス」から収集したデータの利用はすべて、「 [GitHub のプライバシーについての声明](/github/site-policy/github-privacy-statement)」に従う必要があります。 -## 7. プライバシー +## 8. プライバシー 「ユーザ個人情報」の悪用は禁じられています 本「サービス」からデータを収集するあらゆる個人、法人、またはサービスは、特に「ユーザ個人情報」の収集に関して、「[GitHub のプライバシーについての声明](/articles/github-privacy-statement)」に従う必要があります。 「サービス」から何らかの「ユーザ個人情報」を収集する場合、あなたは「ユーザ」が承認した目的においてのみ「ユーザ個人情報」を利用することに同意するものとします。 あなたは、「サービス」から収集した、あらゆる「ユーザ個人情報」を合理的に保護することに同意するものとし、当社やその他ユーザからの苦情、削除要請、および連絡拒否の要請に速やかに対応するものとします。 -## 8. 過剰な帯域の使用 +## 9. 過剰な帯域の使用 「サービス」の帯域制限は、利用する機能によって異なります。 帯域の利用が、同類の機能の他のユーザと比較して過剰であると当社が判断した場合、帯域の消費を抑えられるまで、当社はお客様の「アカウント」を停止したり、ファイルのホスティングを抑制したりするなどしてアクティビティを制限する権利を留保します。 また当社は、当社インフラストラクチャに過度の負荷をかけていると判断するリポジトリを、事前通知を行った後に削除する権利を留保します。 リポジトリのオブジェクトストレージに関する利用規定については、「[私のディスク容量はいくつですか?](/github/managing-large-files/what-is-my-disk-quota)」を参照してください。 特定機能の帯域制限に関する詳しい情報については、「[GitHub 追加製品の利用規約](/github/site-policy/github-additional-product-terms)」を参照してください。 -## 9. GitHubでの広告 +## 10. GitHubでの広告 **趣旨の要約:** *基本的に、当社は GitHub の広告としての利用を禁止していません。 しかし、GitHub がスパムの温床にならないよう、当社はユーザが特定の制限に従うことを期待します。 このような事態は誰も望まないからです。* 当社は、お客様が支持者の名前またはロゴをアカウントに掲載することによって自身の「コンテンツ」のプロモーションを行いたい場合があることを理解していますが、「アカウント」内あるいは「アカウント」を通して「サービス」へと投稿される「コンテンツ」の主な目的が広告またはプロモーション活動であってはなりません。 これには、「ページ」、「パッケージ」、リポジトリ、および「サービス」のその他一切の部分内か、またはこれを通じて投稿される「コンテンツ」が含まれます。 お客様の「アカウント」に関連する README ドキュメントまたはプロジェクト説明セクションに、静止画像、リンク、広告文を記載することはできますが、それは GitHub でホスティングしているプロジェクトに関連するものでなければなりません。 収益目的または過度に大きいコンテンツを Issue に投稿するなど、他の「ユーザ」の「アカウント」で広告を行うことはできません。 -違法か、その他当社の[利用規約](/github/site-policy/github-terms-of-service/)、[コミュニティガイドライン](/github/site-policy/github-community-guidelines/)、もしくは[利用規定](/github/site-policy/github-acceptable-use-policies/)で禁止されているコンテンツもしくはアクティビティのプロモーションまたは配布を行うことがはできません。これには、自動化された過剰な大規模活動 (スパムなど)、攻略法詐欺、およびプロモーションに関連する不実表示または虚偽が含まれます。 +You may not promote or distribute content or activity that is illegal or otherwise prohibited by our [Terms of Service](/github/site-policy/github-terms-of-service/)or [Acceptable Use Policies](/github/site-policy/github-acceptable-use-policies/), including excessive automated bulk activity (for example, spamming), get-rich-quick schemes, and misrepresentation or deception related to your promotion. 「アカウント」に何らかの宣伝材料を投稿することを決めた場合、お客様はすべての適用される法令に従う責任を負うものとします。 この法令には、「推奨・証言に関する米国連邦取引委員会のガイドライン」が含まれますが、それに限定されません。 当社は、GitHub の何らかの規約またはポリシーに違反すると当社が独自に裁量した、一切の宣伝材料または広告を削除する権利を留保します。 -GitHub は、本ポリシーに違反する一切の「コンテンツ」を削除する権利を留保します。 +## 11. ユーザの保護 +他のユーザを著しく害する行動をしてはなりません。 -## 10. ユーザの保護 -他のユーザを著しく害する行動をしてはなりません。 当社は、ユーザ全体の利益保護を優先して紛争を解決します。 +We will interpret our policies and resolve disputes in favor of protecting users as a whole. + +--- + +GitHub retains full discretion to [take action](/github/site-policy/github-community-guidelines#what-happens-if-someone-violates-githubs-policies) in response to a violation of these policies, including account suspension, account [termination](/github/site-policy/github-terms-of-service#3-github-may-terminate), or [removal](/github/site-policy/github-terms-of-service#2-github-may-remove-content) of content. diff --git a/translations/ja-JP/content/site-policy/acceptable-use-policies/github-active-malware-or-exploits.md b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-active-malware-or-exploits.md new file mode 100644 index 0000000000..8875459751 --- /dev/null +++ b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-active-malware-or-exploits.md @@ -0,0 +1,27 @@ +--- +title: GitHub Active Malware or Exploits +shortTitle: Active Malware or Exploits +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-active-malware-or-exploits + - /github/site-policy/github-community-guidelines#active-malware-or-exploits +--- + +Being part of a community includes not taking advantage of other members of the community. 悪意のある実行可能ファイルを配信する手段としてや、サービス拒否攻撃を組織したりコマンドアンドコントロールサーバーを管理したりといった攻撃インフラとして GitHub を使用するなど、当社のプラットフォームを使用して、技術的な危害を及ぼす非合法な攻撃を直接支援することは許可しません。 技術的な危害とは、悪用が生じる前に黙示的または明示的なデュアルユースの目的が存在しない、リソースの過剰な消費、物理的損傷、ダウンタイム、サービス拒否、データ損失のことを意味します。 + + ただし、GitHub はデュアルユースのコンテンツを許容し、脆弱性、マルウェア、またはエクスプロイトの研究に用いられるコンテンツの投稿を支持しています。こうしたコンテンツの公開や配布には教育的価値があり、セキュリティコミュニティに総合的に見て利益をもたらします。 当社はこうしたプロジェクトに肯定的な意図があり、エコシステム全体の促進と改善を促すために利用されることを想定しています。 + + デュアルユースのコンテンツが広範に乱用されている場合、当社は GitHub platform as an エクスプロイトやマルウェアの CDN として GitHub プラットフォームを活用している、現在進行中の非合法な攻撃やマルウェアキャンペーンを妨げるため、コンテンツの特定のインスタンスへの制限することが稀にあります。 ほとんどのインスタンスでは、コンテンツに認証を要求するという形で制限しますが、最後の手段として、アクセスの無効化や、それが不可能な場合 (Gist として投稿されている場合) はインスタンスの完全な削除を行う場合もあります。 また、可能な場合は導入した制限についてプロジェクトのオーナーに連絡します。 + + 制限は可能な限り一時的なものとし、プラットフォームから特定のデュアルユースコンテンツやそのコピーを永久的に取り除いたり、制限したりする目的で行うものではありません。 こうした稀な制限を、当社はプロジェクトのオーナーとの共同作業とすることを目指していますが、コンテンツが過度に制限されていると感じる場合は、[異議申し立てプロセス](/github/site-policy/github-community-guidelines#appeal-and-reinstatement)をご用意しています。 + + プロジェクトメンテナ自身による不正利用の解決を促進するため、GitHub に不正利用を報告する前に、リポジトリのオーナーが潜在的に有害なセキュリティ研究コンテンツを投稿する際に、リポジトリのオーナーが次のステップを実行するよう推奨します。(強制ではありません。) + +* プロジェクトの README ファイルの免責事項やソースコードのコメントに、潜在的に有害なコンテンツを明示し説明する。 +* リポジトリの SECURITY.md ファイルに、第三者が悪用について問い合わせる方法を記載する (例:「疑問や懸念事項については、このリポジトリに Issue を作成してください」)。 こうした連絡方法により、第三者はプロジェクトのメンテナに直接連絡でき、不正利用の報告を提出することなく問題を解決できる可能性があります。 + + *GitHub は、npm レジストリについて、研究用ではなく主にコードのインストールと実行時に使用するプラットフォームとしています。* diff --git a/translations/ja-JP/content/site-policy/acceptable-use-policies/github-appeal-and-reinstatement.md b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-appeal-and-reinstatement.md new file mode 100644 index 0000000000..b876954da1 --- /dev/null +++ b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-appeal-and-reinstatement.md @@ -0,0 +1,38 @@ +--- +title: GitHub Appeal and Reinstatement +versions: + fpt: '*' +topics: + - Policy + - Legal +--- + +## 意義申し立てと復帰 + +While the majority of interactions between individuals in GitHub’s community fall within our Acceptable Use Policies and Community Guidelines, violations of those policies do occur at times. When they do, GitHub staff may need to take enforcement action to address the violations. However, in some cases there may be a basis to reverse a moderation action taken by GitHub Staff. + +## What are appeals and reinstatements? + +Both appeals and reinstatements arise in relation to disabling of content or restrictions to access an account. + +**Reinstatement**: The user wishes to regain access to their account or content and is willing to make any necessary changes to address the violation and must agree not to violate our terms going forward. + +**Appeal**: The user disputes that a violation occurred and can provide additional information to show that a different decision should have been reached. + +## How this works + +If you seek reinstatement or wish to appeal an enforcement action, please fill out our [Appeal and Reinstatement form](https://support.github.com/contact/reinstatement). + +GitHub staff will review the information provided in the form to determine whether there is sufficient information to warrant reinstatement or granting of an appeal. + +* **Reinstatement**: Where a user can agree to abide by our Acceptable Use Policies moving forward and has made the changes necessary to address the violation(s), we may choose to reinstate their account or content depending on the circumstances and severity of the initial violation. + +All legitimate reinstatement requests will be reviewed initially by GitHub staff and will be answered with a decision. + +* **Appeal**: Where a user seeks to dispute a decision, they can use the form to explain their basis for disputing the decision and to provide any additional information regarding the alleged violation that they believe should have led to a different decision. If the information provided demonstrates that a different conclusion should have been reached, we may be able to grant an appeal. + +If the GitHub staff reviewer is the same person who made the initial determination and that staff member believes their initial conclusion was correct (and thus would be inclined to deny the appeal), a different member of GitHub’s staff will independently review the appeal. All legitimate appeals will be answered with a final decision. + +## 透明性 + +We track appeals and reinstatements in our [transparency reports](https://github.blog/2022-01-27-2021-transparency-report/#Appeals_and_other_reinstatements). diff --git a/translations/ja-JP/content/site-policy/acceptable-use-policies/github-bullying-and-harassment.md b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-bullying-and-harassment.md new file mode 100644 index 0000000000..6f3c98cb65 --- /dev/null +++ b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-bullying-and-harassment.md @@ -0,0 +1,23 @@ +--- +title: GitHub Bullying and Harassment +shortTitle: Bullying and Harassment +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-bullying-and-harassment + - /github/site-policy/github-community-guidelines#bullying-and-harassment +--- + +We do not tolerate harassment, bullying, or abuse of any kind, whether directly or by encouraging others to take part in the prohibited conduct. これは以下のものが含まれます。 + +- Targeted personal attacks +- Piling on to or orchestrating [disruptive](/github/site-policy/github-disrupting-the-experience-of-other-users) activity in a way that amounts to abuse +- Following another user around the platform in a manner that causes intimidation +- Making sexual advances or comments directed at another individual +- Disingenuously participating in conversation in a way that instigates conflict or undermines sincere discussion +- Creating alternative accounts specifically to evade moderation action taken by GitHub staff or users + +Please note, not all unwelcome conduct is necessarily considered harassment. For example, disagreeing with another user or downvoting their comments may not rise to the level of harassment on our platform. In addition, sharing criticism of public figures or projects, or topics of public interest, does not necessarily fall under this policy. However, we encourage you to be mindful in how you engage with other users and the platform, as this activity may still violate our restriction on disrupting the experience of other users. diff --git a/translations/ja-JP/content/site-policy/acceptable-use-policies/github-disrupting-the-experience-of-other-users.md b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-disrupting-the-experience-of-other-users.md new file mode 100644 index 0000000000..fe095e62e4 --- /dev/null +++ b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-disrupting-the-experience-of-other-users.md @@ -0,0 +1,27 @@ +--- +title: GitHub Disrupting the Experience of Other Users +shortTitle: Disrupting the Experience of Other Users +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-disrupting-the-experience-of-other-users + - /github/site-policy/github-community-guidelines#disrupting-the-experience-of-other-users +--- + +Being part of a community includes recognizing how your behavior affects others and engaging in meaningful and productive interactions with people and the platform they rely on. + +We do not allow behavior that significantly or continually disrupts the experience of other users. これは以下のものが含まれます。 + +- Posting off-topic comments +- Opening empty or meaningless issues or pull requests +- Starring and/or following accounts or repositories in large volume in a short period of time +- Creating nonsensical or irrelevant code reviews +- Engaging with platform features in a way that causes excessive notifications for other users +- Using any other platform feature in a way that creates disruption + +メンテナには自己のプロジェクトを個別に管理していただく一方、GitHubのスタッフは、こうした振る舞いに関与するアカウントに対して、さらに踏み込んだ制限を行うことができます。 + +Please note that the above conduct may also violate other restrictions in our [Acceptable Use Policies](/github/site-policy/github-acceptable-use-policies). For example, depending on the nature and severity of the activity, it may rise to the level of [bullying and harassment](/github/site-policy/github-bullying-and-harassment). diff --git a/translations/ja-JP/content/site-policy/acceptable-use-policies/github-doxxing-and-invasion-of-privacy.md b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-doxxing-and-invasion-of-privacy.md new file mode 100644 index 0000000000..4f50bacbb8 --- /dev/null +++ b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-doxxing-and-invasion-of-privacy.md @@ -0,0 +1,30 @@ +--- +title: GitHub Doxxing and Invasion of Privacy +shortTitle: Doxxing and Invasion of Privacy +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-doxxing-and-invasion-of-privacy + - /github/site-policy/github-community-guidelines#doxxing-and-invasion-of-privacy +--- + +Don't post other people's personal information. これは以下のものが含まれます。 + +- Personal, private email addresses +- Phone numbers +- Physical addresses or other private location information +- Bank account information or credit card numbers +- Social Security/National Identity numbers +- パスワード +- Voter information +- Medical information and personal biometric data +- Other private information that may pose a safety or security risk + +We may consider other information, such as photos or videos that were taken or distributed without the subject's consent, to be an invasion of privacy, especially when such material presents a safety risk to the subject, such as in the case of intimidation or harassment. + +GitHub will take context into account as well as whether the reported content is publicly available elsewhere. Please note, however, that while sharing publicly available content may not be a violation of this policy, if the information is shared with the intent to harass or incite other abusive behavior, it may violate our prohibition against [bullying and harassment](/github/site-policy/github-bullying-and-harassment). + +For more information, or to learn how to report a violation, see our [Private Information Removal Policy](/github/site-policy/github-private-information-removal-policy) and our instructions for [Reporting Abuse](/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam). diff --git a/translations/ja-JP/content/site-policy/acceptable-use-policies/github-hate-speech-and-discrimination.md b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-hate-speech-and-discrimination.md new file mode 100644 index 0000000000..2f7ed3a315 --- /dev/null +++ b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-hate-speech-and-discrimination.md @@ -0,0 +1,24 @@ +--- +title: GitHub Hate Speech and Discrimination +shortTitle: Hate Speech and Discrimination +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-hate-speech-and-discrimination + - /github/site-policy/github-community-guidelines#hate-speech-and-discrimination +--- + +GitHub does not tolerate speech that attacks or promotes hate toward an individual or group of people on the basis of who they are, including age, body size, ability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, sexual identity, or sexual orientation. これは以下のものが含まれます。 + +- Mocking, attacking, or excluding a person or group based on their beliefs or the characteristics listed above +- Displaying clear affiliation or identification with known terrorist or violent extremist organizations +- Supporting or promoting hate groups or hate-based conspiracy theories +- Sharing symbols or images synonymous with hate +- Using harmful stereotypes, slurs, or dehumanizing speech +- Attacking an individual based on their perceived gender +- Dog whistling; or using coded or suggestive language and/or symbols to promote abuse or hate + +While GitHub takes all instances of abuse and harassment on the platform seriously, we are especially committed to fighting hate-based abuse where it disproportionately affects communities that have historically been targeted by such abuse. We aim to make GitHub a place where all individuals feel welcome and safe. diff --git a/translations/ja-JP/content/site-policy/acceptable-use-policies/github-impersonation.md b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-impersonation.md new file mode 100644 index 0000000000..32cf270aef --- /dev/null +++ b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-impersonation.md @@ -0,0 +1,23 @@ +--- +title: GitHub Impersonation +shortTitle: Impersonation +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-impersonation + - /github/site-policy/github-community-guidelines#impersonation +--- + +You may not misrepresent your identity or your association with another person or organization. This includes doing any of the following in a way that misleads or deceives others: + +- Copying another user's avatar or other personal profile information +- Posting content under another user's email address +- Using a deceptively similar username, organization name, or other namespace +- Otherwise posing as another individual or organization + +Impersonation is a form of harassment and violation of this policy may lead to loss of access to your account. + +Please note, having a username similar to another is not necessarily impersonation. GitHub will take context into account. For example, as in cases involving claims of [misinformation or disinformation](/github/site-policy/github-misinformation-and-disinformation), we generally allow parody and satire that is in line with our [Acceptable Use Polices](/github/site-policy/github-acceptable-use-policies). diff --git a/translations/ja-JP/content/site-policy/acceptable-use-policies/github-misinformation-and-disinformation.md b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-misinformation-and-disinformation.md new file mode 100644 index 0000000000..ae251f208d --- /dev/null +++ b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-misinformation-and-disinformation.md @@ -0,0 +1,21 @@ +--- +title: GitHub Misinformation and Disinformation +shortTitle: Misinformation and Disinformation +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-misinformation-and-disinformation + - /github/site-policy/github-community-guidelines#misinformation-and-disinformation +--- + +You may not post content that presents a distorted view of reality, whether it is inaccurate or false (misinformation) or is intentionally deceptive (disinformation), where such content is likely to result in harm to the public or to interfere with fair and equal opportunities for all to take part in a free and open society. これには以下が含まれます。 +- Inaccurate or scientifically unsupported medical claims that endanger public health or safety +- Manipulated media, whether audio or visual, likely to mislead or deceive in a way that may harm the public interest +- False or misleading content likely to interfere with an individual's ability to participate in civic activities +- Unsubstantiated claims that could promote hate or targeted harassment of specific groups of people + +当社はアイデア、視点、経験を表現することにおいて積極的な参加を促しており、個人アカウントや意見に反論するような立場にはないでしょう。 We generally allow parody and satire that is in line with our [Acceptable Use Polices](/github/site-policy/github-acceptable-use-policies), and we consider context to be important in how information is received and understood. When reviewing content under this policy, GitHub will consider the impact of various factors that may help to orient the viewer, such as whether the content has been provided with clear disclaimers, citations to credible sources, or includes other details that clarify the accuracy of the information being shared. + diff --git a/translations/ja-JP/content/site-policy/acceptable-use-policies/github-sexually-obscene-content.md b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-sexually-obscene-content.md new file mode 100644 index 0000000000..d003bb6138 --- /dev/null +++ b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-sexually-obscene-content.md @@ -0,0 +1,20 @@ +--- +title: GitHub Sexually Obscene Content +shortTitle: Sexually Obscene Content +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-sexually-obscene-content + - /github/site-policy/github-community-guidelines#sexually-obscene-content +--- + +We do not tolerate content associated with sexual exploitation or abuse of another individual, including where minors are concerned. We do not allow sexually themed or suggestive content that serves little or no purpose other than to solicit an erotic or shocking response, particularly where that content is amplified by its placement in profiles or other social contexts. これは以下のものが含まれます。 + +- Pornographic content +- Non-consensual intimate imagery +- Graphic depictions of sexual acts including photographs, video, animation, drawings, computer-generated images, or text-based content + +We recognize that not all nudity or content related to sexuality is obscene. We may allow visual and/or textual depictions in artistic, educational, historical or journalistic contexts, or as it relates to victim advocacy. In some cases a disclaimer can help communicate the context of the project. However, please understand that we may choose to limit the content by giving users the option to opt in before viewing. diff --git a/translations/ja-JP/content/site-policy/acceptable-use-policies/github-threats-of-violence-and-gratuitously-violent-content.md b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-threats-of-violence-and-gratuitously-violent-content.md new file mode 100644 index 0000000000..189947910b --- /dev/null +++ b/translations/ja-JP/content/site-policy/acceptable-use-policies/github-threats-of-violence-and-gratuitously-violent-content.md @@ -0,0 +1,22 @@ +--- +title: GitHub Threats of Violence and Gratuitously Violent Content +shortTitle: Threats of Violence and Gratuitously Violent Content +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-threats-of-violence-and-gratuitously-violent-content + - /github/site-policy/github-community-guidelines#threats-of-violence + - /github/site-policy/github-community-guidelines#gratuitously-violent-content +--- + + +You may not use GitHub to organize, promote, encourage, threaten, or incite acts of violence. You may not post content that depicts or glorifies violence or physical harm against human beings or animals. これは以下のものが含まれます。 + +- Threatening another individual or group with abuse, harm, sexual violence, or death +- Posting text, imagery, or audio content glorifying or containing a graphic depiction of violence toward oneself, another individual, group, or animal +- Encouraging another individual to engage in self harm + +We do not allow violent content to be posted indiscriminately or in a way that is difficult for other users to avoid, such as a profile avatar or an issue comment. However, we understand there may be legitimate reasons to post violent content, such as for educational or documentary purposes, creative works, or depictions of historical events. In those cases, a clear warning or disclaimer can help users make an educated decision as to whether or not they want to engage with such content. Still, GitHub may decide to limit the visibility of such content to those who choose to opt in. diff --git a/translations/ja-JP/content/site-policy/acceptable-use-policies/index.md b/translations/ja-JP/content/site-policy/acceptable-use-policies/index.md new file mode 100644 index 0000000000..1166113b3d --- /dev/null +++ b/translations/ja-JP/content/site-policy/acceptable-use-policies/index.md @@ -0,0 +1,21 @@ +--- +title: 利用規定 +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - github-sexually-obscene-content + - github-disrupting-the-experience-of-other-users + - github-doxxing-and-invasion-of-privacy + - github-hate-speech-and-discrimination + - github-acceptable-use-policies + - github-bullying-and-harassment + - github-active-malware-or-exploits + - github-threats-of-violence-and-gratuitously-violent-content + - github-impersonation + - github-misinformation-and-disinformation + - github-appeal-and-reinstatement +--- + diff --git a/translations/ja-JP/content/github/site-policy/dmca-takedown-policy.md b/translations/ja-JP/content/site-policy/content-removal-policies/dmca-takedown-policy.md similarity index 97% rename from translations/ja-JP/content/github/site-policy/dmca-takedown-policy.md rename to translations/ja-JP/content/site-policy/content-removal-policies/dmca-takedown-policy.md index a97fe754f4..502cc3a2b7 100644 --- a/translations/ja-JP/content/github/site-policy/dmca-takedown-policy.md +++ b/translations/ja-JP/content/site-policy/content-removal-policies/dmca-takedown-policy.md @@ -6,6 +6,7 @@ redirect_from: - /dmca-takedown-policy - /articles/dmca-takedown - /articles/dmca-takedown-policy + - /github/site-policy/dmca-takedown-policy versions: fpt: '*' topics: @@ -64,7 +65,7 @@ DMCA のフレームワークは、「授業中のメモまわし」に少し似 ## B. フォークの場合は? (またはフォークとは?) -GitHub の最も優れた機能の 1 つに、ユーザが互いのリポジトリを「フォーク」できることがあります。 どういうことかと言うと、 基本的に、ユーザは GitHub のプロジェクトのコピーを自分のリポジトリに作成できます。 ライセンスや法律で許可されている範囲で、ユーザはそのフォークを変更してメインプロジェクトに戻したり、プロジェクトの独自のバリエーションとして保持したりすることができます。 これらの各コピーは、元のリポジトリの「[フォーク](/articles/github-glossary#fork)」であり、フォークの「親」とも呼ばれます。 +GitHub の最も優れた機能の 1 つに、ユーザが互いのリポジトリを「フォーク」できることがあります。 どういうことかと言うと、 要は、ユーザは GitHub のプロジェクトのコピーを自分のリポジトリに作成できるということです。 ライセンスや法律で許可されている範囲で、ユーザはそのフォークを変更してメインプロジェクトに戻したり、プロジェクトの独自のバリエーションとして保持したりすることができます。 これらの各コピーは、元のリポジトリの「[フォーク](/articles/github-glossary#fork)」であり、フォークの「親」とも呼ばれます。 GitHub は、親リポジトリを無効にするときにフォークを自動的に無効に*しません*。 これは、フォークが異なるユーザに属し、著しく変更されている可能性があり、フェアユースの原則によって保護されている別の方法でライセンス供与または使用されている可能性があるためです。 GitHub がフォークに対して独立した調査を行うことはありません。 著作権所有者がその調査を行い、フォークも著作権を侵害していると思われる場合は、テイクダウン通知にフォークを明示的に含めることが求められます。 diff --git a/translations/ja-JP/content/github/site-policy/github-private-information-removal-policy.md b/translations/ja-JP/content/site-policy/content-removal-policies/github-private-information-removal-policy.md similarity index 95% rename from translations/ja-JP/content/github/site-policy/github-private-information-removal-policy.md rename to translations/ja-JP/content/site-policy/content-removal-policies/github-private-information-removal-policy.md index bd02138525..56038296f1 100644 --- a/translations/ja-JP/content/github/site-policy/github-private-information-removal-policy.md +++ b/translations/ja-JP/content/site-policy/content-removal-policies/github-private-information-removal-policy.md @@ -3,6 +3,7 @@ title: GitHub個人情報削除ポリシー redirect_from: - /articles/github-sensitive-data-removal-policy - /github/site-policy/github-sensitive-data-removal-policy + - /github/site-policy/github-private-information-removal-policy versions: fpt: '*' topics: @@ -62,7 +63,7 @@ topics: 7. **ユーザは変更を加えるための追加猶予期間をリクエストできます。**ユーザが通知で指定された個人情報を削除する機会を逃した場合、リクエストがあれば、その変更を行うことができるよう、当社はもう一度 1 営業日程度の猶予期間を与える場合があります。 その場合、GitHub は申立人に通知します。 ### フォークの場合は? (またはフォークとは?) -GitHub の最も優れた機能の 1 つに、ユーザが互いのリポジトリを「フォーク」できることがあります。 どういうことかと言うと、 基本的に、ユーザは GitHub のプロジェクトのコピーを自分のリポジトリに作成できます。 ライセンスや法律で許可されている範囲で、ユーザはそのフォークを変更してメインプロジェクトに戻したり、プロジェクトの独自のバリエーションとして保持したりすることができます。 これらの各コピーは、元のリポジトリの「[フォーク](/articles/github-glossary/#fork)」であり、フォークの「親」とも呼ばれます。 +GitHub の最も優れた機能の 1 つに、ユーザが互いのリポジトリを「フォーク」できることがあります。 どういうことかと言うと、 要は、ユーザは GitHub のプロジェクトのコピーを自分のリポジトリに作成できるということです。 ライセンスや法律で許可されている範囲で、ユーザはそのフォークを変更してメインプロジェクトに戻したり、プロジェクトの独自のバリエーションとして保持したりすることができます。 これらの各コピーは、元のリポジトリの「[フォーク](/articles/github-glossary/#fork)」であり、フォークの「親」とも呼ばれます。 GitHub は、親リポジトリを無効にするときにフォークを自動的に無効にしません。 これは、フォークはさまざまなユーザに属しており、著しく変更されている可能性があるためです。 GitHub がフォークに対して独立した調査を行うことはありません。 この調査は、個人情報の削除リクエストを送信する申立人が実施するようお願いいたします。フォークにも個人情報が含まれていると思われる場合は、リクエストにフォークを明示的に含めてください。 diff --git a/translations/ja-JP/content/github/site-policy/github-trademark-policy.md b/translations/ja-JP/content/site-policy/content-removal-policies/github-trademark-policy.md similarity index 97% rename from translations/ja-JP/content/github/site-policy/github-trademark-policy.md rename to translations/ja-JP/content/site-policy/content-removal-policies/github-trademark-policy.md index aa8924dc19..223aed3957 100644 --- a/translations/ja-JP/content/github/site-policy/github-trademark-policy.md +++ b/translations/ja-JP/content/site-policy/content-removal-policies/github-trademark-policy.md @@ -2,6 +2,7 @@ title: GitHubトレードマークポリシー redirect_from: - /articles/github-trademark-policy + - /github/site-policy/github-trademark-policy versions: fpt: '*' topics: @@ -43,7 +44,7 @@ topics: * 要求する措置(違反アカウントの削除や、商標登録されたユーザ名の既存の会社アカウントへの移譲など) * "I have a good faith belief that use of the trademark described above is not authorized by the trademark owner, or its agent, or the law. I have taken nominative and other fair uses into consideration."(私は、商標権者、その代理人、または法律により、上記の商標の使用が許可されていないことを確信しています。ノミネート使用などのフェアユースの可能性も検討しましたが、フェアユースには該当しません。) という文言を含めてください。 * "I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed."(私は、偽証罪の罰則に基づき、この通知の情報は正確であり、私が侵害が申し立てられる排他的権利の商標権者であるか、商標権者に代わって行動することが認められている者であることを誓います。)という文言も含めてください。 -* 物理的または電子的な署名を含めてください。 +* 物理的または電子的な署名を含んでいなければなりません。 * 注:連邦または国際商標登録番号が必要です。 報告する名前が登録商標では**ない**場合(政府機関や非営利団体など)は、以下をお知らせください。 * あなたの氏名 diff --git a/translations/ja-JP/content/github/site-policy/guide-to-submitting-a-dmca-counter-notice.md b/translations/ja-JP/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-counter-notice.md similarity index 96% rename from translations/ja-JP/content/github/site-policy/guide-to-submitting-a-dmca-counter-notice.md rename to translations/ja-JP/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-counter-notice.md index b9b1a1d80e..49f59efa1d 100644 --- a/translations/ja-JP/content/github/site-policy/guide-to-submitting-a-dmca-counter-notice.md +++ b/translations/ja-JP/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-counter-notice.md @@ -4,6 +4,7 @@ redirect_from: - /dmca-counter-notice-how-to - /articles/dmca-counter-notice-how-to - /articles/guide-to-submitting-a-dmca-counter-notice + - /github/site-policy/guide-to-submitting-a-dmca-counter-notice versions: fpt: '*' topics: @@ -19,7 +20,7 @@ GitHub のあなたのコンテンツが DMCA テイクダウンリクエスト ## はじめる前に -*** 真実を教えてください。***DMCA では、宣誓を行い、虚偽の申し立てを行った場合には*偽証罪によって罰せられるという条件で*異議申し立て通知を行うことを義務付けています。 宣誓宣言で意図的に虚偽の陳述を行うと連邦犯罪になります。 ([合衆国法典、タイトル 18、セクション 1621](https://www.gpo.gov/fdsys/pkg/USCODE-2011-title18/html/USCODE-2011-title18-partI-chap79-sec1621.htm) *を参照してください。 )虚偽の情報を提出すると、民事責任が発生する可能性もあります。 つまり、金銭的損害で訴えられる可能性があります。 +*** 真実を教えてください。***DMCA では、宣誓を行い、虚偽の申し立てを行った場合には*偽証罪によって罰せられるという条件で*異議申し立て通知を行うことを義務付けています。 宣誓宣言で意図的に虚偽の陳述を行うと連邦犯罪になります。 (*See* [U.S. Code, Title 18, Section 1621](https://www.gpo.gov/fdsys/pkg/USCODE-2011-title18/html/USCODE-2011-title18-partI-chap79-sec1621.htm).) )虚偽の情報を提出すると、民事責任が発生する可能性もあります。 つまり、金銭的損害で訴えられる可能性があります。 ***調査してください。***DMCA 異議申し立て通知を提出すると、現実的な法的結果が生じる可能性があります。 苦情を申し立てた当事者がテイクダウン通知が間違っていることに同意しない場合、コンテンツを無効にし続けるためにあなたに対して訴訟を起こすことがあります。 あなたは、テイクダウン通知でなされた申し立てを徹底的に調査し、そして異議申し立て通知を提出する前に弁護士に相談するべきでしょう。 @@ -52,7 +53,7 @@ GitHub のあなたのコンテンツが DMCA テイクダウンリクエスト 5. ***"I consent to the jurisdiction of Federal District Court for the judicial district in which my address is located (if in the United States, otherwise the Northern District of California where GitHub is located), and I will accept service of process from the person who provided the DMCA notification or an agent of such person."(私は、私の住所がある司法管轄区(米国の場合は GitHub が所在するカリフォルニア州北部地区)の連邦地方裁判所の管轄に同意し、DMCA 通知を提供した人物またはかかる人物の代理人からの令状の送達を受け入れます。)という文言を含んでいなければなりません。*** -6. **物理的または電子的な署名を含めてください。** +6. **物理的または電子的な署名を含んでいなければなりません。** ## 異議申し立て通知の提出方法 diff --git a/translations/ja-JP/content/github/site-policy/guide-to-submitting-a-dmca-takedown-notice.md b/translations/ja-JP/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-takedown-notice.md similarity index 95% rename from translations/ja-JP/content/github/site-policy/guide-to-submitting-a-dmca-takedown-notice.md rename to translations/ja-JP/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-takedown-notice.md index 89422bb465..1424fcacaa 100644 --- a/translations/ja-JP/content/github/site-policy/guide-to-submitting-a-dmca-takedown-notice.md +++ b/translations/ja-JP/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-takedown-notice.md @@ -4,6 +4,7 @@ redirect_from: - /dmca-notice-how-to - /articles/dmca-notice-how-to - /articles/guide-to-submitting-a-dmca-takedown-notice + - /github/site-policy/guide-to-submitting-a-dmca-takedown-notice versions: fpt: '*' topics: @@ -19,7 +20,7 @@ GitHub がホストするコンテンツの種類(主にソフトウェアコ ## はじめる前に -*** 真実を教えてください。***DMCA では、*偽証罪によって罰せられるという条件で*著作権侵害の申し立てを行うことを義務付けています。 宣誓宣言で意図的に虚偽の陳述を行うと連邦犯罪になります。 ([合衆国法典、タイトル 18、セクション 1621](https://www.gpo.gov/fdsys/pkg/USCODE-2011-title18/html/USCODE-2011-title18-partI-chap79-sec1621.htm) *を参照してください。 )虚偽の情報を提出すると、民事責任が発生する可能性もあります。 つまり、金銭的損害で訴えられる可能性があります。 DMCA 自体には、資料や活動が権利を侵害していることを故意かつ実質的に不実表示した人物に対する[損害賠償が規定](https://en.wikipedia.org/wiki/Online_Copyright_Infringement_Liability_Limitation_Act#%C2%A7_512(f)_Misrepresentations)されています。 +*** 真実を教えてください。***DMCA では、*偽証罪によって罰せられるという条件で*著作権侵害の申し立てを行うことを義務付けています。 宣誓宣言で意図的に虚偽の陳述を行うと連邦犯罪になります。 (*See* [U.S. Code, Title 18, Section 1621](https://www.gpo.gov/fdsys/pkg/USCODE-2011-title18/html/USCODE-2011-title18-partI-chap79-sec1621.htm).) )虚偽の情報を提出すると、民事責任が発生する可能性もあります。 つまり、金銭的損害で訴えられる可能性があります。 DMCA 自体には、資料や活動が権利を侵害していることを故意かつ実質的に不実表示した人物に対する[損害賠償が規定](https://en.wikipedia.org/wiki/Online_Copyright_Infringement_Liability_Limitation_Act#%C2%A7_512(f)_Misrepresentations)されています。 ***調査してください。***何百万人ものユーザや組織が、GitHub で作成およびコントリビューションするプロジェクトに心血を注ぎ込んでいます。 このようなプロジェクトに対して DMCA の苦情を申し立てることは、実在する人々に現実的な結果をもたらすことになる、重大な法的措置です。 そのため、テイクダウンを送信する前に徹底的な調査を行い、弁護士に相談して、実際に使用が許可されていないことを確認してください。 @@ -68,7 +69,7 @@ GitHub がホストするコンテンツの種類(主にソフトウェアコ 8. **"I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed."(私は、偽証罪の罰則に基づき、この通知の情報は正確であり、私が侵害が申し立てられる排他的権利の著作権所有者であるか、所有者に代わって行動することが認められている者であることを誓います。)という文言も含んでいなければなりません。** -9. **物理的または電子的な署名を含めてください。** +9. **物理的または電子的な署名を含んでいなければなりません。** ## 反迂回技術に関する苦情 diff --git a/translations/ja-JP/content/site-policy/content-removal-policies/index.md b/translations/ja-JP/content/site-policy/content-removal-policies/index.md new file mode 100644 index 0000000000..080fd68bed --- /dev/null +++ b/translations/ja-JP/content/site-policy/content-removal-policies/index.md @@ -0,0 +1,16 @@ +--- +title: Content Removal Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /submitting-content-removal-requests + - /github-private-information-removal-policy + - /github-trademark-policy + - /guide-to-submitting-a-dmca-counter-notice + - /guide-to-submitting-a-dmca-takedown-notice + - /dmca-takedown-policy +--- + diff --git a/translations/ja-JP/content/github/site-policy/submitting-content-removal-requests.md b/translations/ja-JP/content/site-policy/content-removal-policies/submitting-content-removal-requests.md similarity index 94% rename from translations/ja-JP/content/github/site-policy/submitting-content-removal-requests.md rename to translations/ja-JP/content/site-policy/content-removal-policies/submitting-content-removal-requests.md index e5d9e5cf14..ac330d13e3 100644 --- a/translations/ja-JP/content/github/site-policy/submitting-content-removal-requests.md +++ b/translations/ja-JP/content/site-policy/content-removal-policies/submitting-content-removal-requests.md @@ -2,6 +2,8 @@ title: コンテンツ削除リクエストのサブミット redirect_from: - /articles/submitting-content-removal-requests + - /github/site-policy/submitting-content-removal-requests + - /github/site-policy/github-terms-and-other-site-policies/submitting-content-removal-requests versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/github/site-policy/github-anti-bribery-statement.md b/translations/ja-JP/content/site-policy/github-company-policies/github-anti-bribery-statement.md similarity index 99% rename from translations/ja-JP/content/github/site-policy/github-anti-bribery-statement.md rename to translations/ja-JP/content/site-policy/github-company-policies/github-anti-bribery-statement.md index 093922eeb4..3f1bfae5e6 100644 --- a/translations/ja-JP/content/github/site-policy/github-anti-bribery-statement.md +++ b/translations/ja-JP/content/site-policy/github-company-policies/github-anti-bribery-statement.md @@ -2,6 +2,7 @@ title: 贈賄防止に関するGitHubの声明 redirect_from: - /articles/github-anti-bribery-statement + - /github/site-policy/github-anti-bribery-statement versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/github/site-policy/github-gifts-and-entertainment-policy.md b/translations/ja-JP/content/site-policy/github-company-policies/github-gifts-and-entertainment-policy.md similarity index 96% rename from translations/ja-JP/content/github/site-policy/github-gifts-and-entertainment-policy.md rename to translations/ja-JP/content/site-policy/github-company-policies/github-gifts-and-entertainment-policy.md index 1c2d0a405a..8a04263d16 100644 --- a/translations/ja-JP/content/github/site-policy/github-gifts-and-entertainment-policy.md +++ b/translations/ja-JP/content/site-policy/github-company-policies/github-gifts-and-entertainment-policy.md @@ -2,6 +2,7 @@ title: GitHubのギフトおよびエンタテインメントに関するポリシー redirect_from: - /articles/github-gifts-and-entertainment-policy + - /github/site-policy/github-gifts-and-entertainment-policy versions: fpt: '*' topics: @@ -63,4 +64,4 @@ GitHubの倫理規範では、ギフト、旅行、エンタテインメント 罰金と刑務所です。 GitHubに対してだけとは限りません。 あなた自身が刑務所で数年間過ごすことになるかもしれません。顧客が日本旅行の後、GitHubに発注したかどうかや、政府公務員が現金入りのスーツケースを入手したかどうかも関係ありません。 基本的に、あなたが実際に賄賂を_贈った_かどうかは関係ないのです。 結果にかかわらず、贈ろうとしたかどうかが問題となります。 ## 詳細情報 -詳細情報、規制の文脈、執行、罰則については、米国司法省の[「米国海外腐敗行為防止法ガイドライン」](https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2015/01/16/guide.pdf)が優れた資料です。 +Department of Justice’s [Resource Guide to the U.S. Foreign Corrupt Practices Act](https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2015/01/16/guide.pdf) is an excellent resource. diff --git a/translations/ja-JP/content/github/site-policy/github-gpl-cooperation-commitment.md b/translations/ja-JP/content/site-policy/github-company-policies/github-gpl-cooperation-commitment.md similarity index 98% rename from translations/ja-JP/content/github/site-policy/github-gpl-cooperation-commitment.md rename to translations/ja-JP/content/site-policy/github-company-policies/github-gpl-cooperation-commitment.md index dc5667de04..45a72d02ec 100644 --- a/translations/ja-JP/content/github/site-policy/github-gpl-cooperation-commitment.md +++ b/translations/ja-JP/content/site-policy/github-company-policies/github-gpl-cooperation-commitment.md @@ -2,6 +2,7 @@ title: GitHubのGPL協力へのコミットメント redirect_from: - /articles/github-gpl-cooperation-commitment + - /github/site-policy/github-gpl-cooperation-commitment versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/github/site-policy/github-statement-against-modern-slavery-and-child-labor.md b/translations/ja-JP/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md similarity index 97% rename from translations/ja-JP/content/github/site-policy/github-statement-against-modern-slavery-and-child-labor.md rename to translations/ja-JP/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md index 774fcbbbb7..8ddc2dd191 100644 --- a/translations/ja-JP/content/github/site-policy/github-statement-against-modern-slavery-and-child-labor.md +++ b/translations/ja-JP/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md @@ -2,6 +2,7 @@ title: 現代版奴隷法と児童労働に関するGitHubの声明 redirect_from: - /articles/github-statement-against-modern-slavery-and-child-labor + - /github/site-policy/github-statement-against-modern-slavery-and-child-labor versions: fpt: '*' topics: @@ -45,7 +46,7 @@ GitHubのサプライチェーンは、コンピューティングサービス **GitHubの行動規範**では、現代の奴隷制 (奴隷制、強制または意思に反した労働、人身売買、隷属、および拘禁、年季奉公、拘束された労働者) や児童労働を故意に使用、関与、支援、または容認することを含む、危険行為および違法行為を禁じています。 -GitHubは、[「米国連邦調達規則」22.17の人身売買との闘い](https://www.govinfo.gov/content/pkg/CFR-2009-title48-vol1/pdf/CFR-2009-title48-vol1-part22-subpart22-17.pdf)を含め、事業を行う管轄区域における、人身売買および児童労働を禁止する法律を遵守しています。 +GitHub complies with laws prohibiting trafficking and child labor in the jurisdictions in which it operates, including [U.S. Federal Acquisition Regulation 22.17 on combatting human trafficking](https://www.govinfo.gov/content/pkg/CFR-2009-title48-vol1/pdf/CFR-2009-title48-vol1-part22-subpart22-17.pdf). さらに、GitHubはFairHotel Programと提携しています。これは、GitHubが従業員に対して、FairHotelが支持する、公正な給料、十分な福利厚生、従業員の声が職場に反映されるホテルを選ぶよう奨励していることを意味します。 また、FairHotelと提携していることは、公正な雇用者として、GitHubがホテルに仕事を提供していることも意味します。 diff --git a/translations/ja-JP/content/site-policy/github-company-policies/index.md b/translations/ja-JP/content/site-policy/github-company-policies/index.md new file mode 100644 index 0000000000..c1b0dd22ee --- /dev/null +++ b/translations/ja-JP/content/site-policy/github-company-policies/index.md @@ -0,0 +1,14 @@ +--- +title: GitHub Company Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-statement-against-modern-slavery-and-child-labor + - /github-anti-bribery-statement + - /github-gpl-cooperation-commitment + - /github-gifts-and-entertainment-policy +--- + diff --git a/translations/ja-JP/content/github/site-policy/github-community-forum-code-of-conduct.md b/translations/ja-JP/content/site-policy/github-terms/github-community-forum-code-of-conduct.md similarity index 85% rename from translations/ja-JP/content/github/site-policy/github-community-forum-code-of-conduct.md rename to translations/ja-JP/content/site-policy/github-terms/github-community-forum-code-of-conduct.md index 0d882b140b..7f33df1764 100644 --- a/translations/ja-JP/content/github/site-policy/github-community-forum-code-of-conduct.md +++ b/translations/ja-JP/content/site-policy/github-terms/github-community-forum-code-of-conduct.md @@ -2,6 +2,8 @@ title: GitHubコミュニティフォーラムの行動規範 redirect_from: - /articles/github-community-forum-code-of-conduct + - /github/site-policy/github-community-forum-code-of-conduct + - /github/site-policy/acceptable-use-policies/github-community-forum-code-of-conduct versions: fpt: '*' topics: @@ -11,13 +13,13 @@ topics: ## 概要と目的 -GitHub では、何百万人もの開発者が何百万ものプロジェクト(オープンソースとクローズドソースの両方)をホストしています。私たちは、開発者コミュニティの日々のコラボレーションに貢献できることを光栄に思います。 私たちには、誇りに思うことができるコミュニティを実現するための素晴らしいチャンスがあると同時に、責任も背負っています。 +Millions of developers across the world host millions of projects—both open and closed source—on GitHub. We're fortunate to be able to play a part in enabling collaboration across the developer community every day, which is a responsibility we don’t take lightly. Together, we all have the exciting opportunity to make this a community we can be proud of. GitHubコミュニティフォーラムは、コラボレーション、サポート、およびブレインストーミングを推進する場となることを目的としています。 ここは、他のユーザとつながり、新しいスキルを学び、意見やアイデアを共有し、さらにGitHubプロジェクトに必要なサポートを得るための快適な場です。 By participating in this Community, you are agreeing to the same [Terms of Service](/github/site-policy/github-terms-of-service/) and [GitHub Acceptable Use Policies](/github/site-policy/github-acceptable-use-policies) that apply to GitHub.com, as well as this Community-specific Code of Conduct. この行動規範が、 GitHubコミュニティフォーラムに貢献する最善の方法、モデレーターにできること、およびコミュニティへの参加が一時的または永久に停止される行為やコンテンツの種類について理解の助けになることを願います。 当社は不正行為の報告を調査し、GitHub利用規約または本行動規範のいずれかに違反していると当社が判断したコミュニティ内の公開コンテンツを管理することがあります。 -世界中の GitHub ユーザたちの持つ視点、アイデア、経験は十人十色。数日前に初めて「Hello World」プロジェクトを作った人から、世界で最も有名なソフトウェア開発者まで、さまざまなユーザがいます。 私たちは、GitHubおよびGitHubコミュニティフォーラムを、さまざまな意見や視点に対応した快適な環境にし、人々が自由に自分を表現できるスペースになるよう取り組んでいます。 +Our diverse user base brings different perspectives, ideas, and experiences, and ranges from people who created their first "Hello World" project last week to the most well-known software developers in the world. We are committed to making GitHub an environment that welcomes all the different voices and perspectives our community has to offer, while maintaining a safe place for developers to do their best work. ## 誓約 @@ -29,23 +31,26 @@ GitHubコミュニティフォーラムを、敬意をもって扱ってくだ 以下は杓子定規の決まりごとではなく、コミュニティにおける人間の判断を助けるためのものです。 気持ちよい、礼儀正しい話し合いの場である状態を保つため、このガイドラインを用いましょう。 -### *強いコミュニティを作るためのベストプラクティス* +### *Best Practices for Maintaining a Strong Community* -- 敬意と思いやりを持ちましょう。 - - **広い心で受け入れる。**他のコミュニティメンバーとあなたとでは、経験値やバックグラウンドが異なるかもしれませんが、だからといって相手がコントリビューションにつながる良いアイデアを持っていないということにはなりません。 新たなメンバーや、かけだしのユーザーは歓迎してあげましょう。 - - **お互いを尊重し合うこと。**無礼な態度ほど、健全な会話を妨げるものはありません。 礼儀正しく、大人の態度を保ちましょう。一般的に攻撃的、虐待的、ヘイトスピーチとみなされるような内容を投稿しないでください。 嫌がらせや、人が悲しむような行為は禁止されています。 あらゆるやり取りにおいて、お互いに品位と配慮をもって接しましょう。 +GitHub コミュニティの主な目的は、ソフトウェアプロジェクトの共同作業です。 私たちは、ユーザが自由に自己表現し、それが技術的な内容であろうがそうでなかろうが、お互いのアイデアについて意見を交換できるコミュニティを維持できるように取り組んでいます。 At the same time, it's important that users remain respectful and allow space for others to contribute openly. In order to foster both a safe and productive environment, we encourage our community members to look to these guidelines to inform how they interact on our platform. Below, you’ll find some suggestions for how to have successful interactions as a valued member of the GitHub community. + +- Engage with consideration and respect. + + - **Be welcoming and open-minded** - New users join our community each day. Some are well-established developers, while others are just beginning. Be open to other ideas and experience levels. Make room for opinions other than your own and be welcoming to new collaborators and those just getting started. + + - **Be respectful** - Working in a collaborative environment means disagreements may happen. ただし、批判すべきはアイデアであって、人ではありません。 Share thoughtful, constructive criticism and be courteous to those you interact with. If you’re unable to engage respectfully, consider taking a step back or using some of our moderation tools to deescalate a tense situation. + + - **Be empathetic** - GitHub is a global community with people from a wide variety of backgrounds and perspectives, many of which may not be your own. Try to put yourself in others’ shoes and understand their feelings before you address them. Do your best to help make GitHub a community where others feel safe to make contributions, participate in discussions, and share different ideas. - 意見に反対したいこともあるでしょう。 それは全くかまいません。 ただし、批判すべきはアイデアであって、人ではありません。 悪口、個人攻撃、投稿の内容ではなく口調に対する応答、脊髄反射的な反論を行うのではなく、 会話の質を高めるような、理論的な反論を行いましょう。 - - **共感をもってコミュニケーションを行う。**意見の不一致や相違はよくあることです。 コミュニティの一員であることは、あなたとは違った背景や視点を持つさまざまな人と交流するということです。 誰かと意見が合わない場合は、それを直に伝える前に、その人を理解し、相手の立場に立ってみるようにしましょう。 こうすることで、質問や議論への参加、コントリビューションなどがしやすい、敬意と親密さに満ちた雰囲気が作られます。 - 肯定的、建設的な方法で貢献しましょう。 - **ディスカッションを向上させる。**ディスカッションを少しでも向上させるよう努めて、コミュニティが良いディスカッションの場になるようご協力ください。 投稿が会話を深めるか自信がない場合、何を言いたいかをまず考えてみてください。 この場で話し合われる話題は私たちにとって大切なので、あなたにもそれを大切にしてもらいたいと思います。 何か同意できないことがある場合でも、話題やそれを話し合う人々を尊重してください。 - - **明確でトピックに沿うようにやりとりする。**インターネット上で見知らぬ人とやりとりするには、注意深さが求められます。 口調を伝えたり読み取ったりすることは難しく、皮肉な言葉が誤解されることも少なくありません。 明確な言葉を用い、相手がそれをどのように受け取るかを考えるようにしましょう。 + - **Be clear and stay on topic.** The GitHub Community Forum is for collaboration, sharing ideas, and helping each other get stuff done. トピックから逸脱したコメントは、生産的に働いて仕事を終わらせるという目的から気をそらしてしまいます(たまにはいいかもしれませんが、普段は慎みましょう)。 トピックに集中することで、ポジティブで生産的な議論が生まれます。 これは、リンクを書き込むことについても当てはまります。 コミュニティフォーラムでリンクを書き込む場合、関連する適切な情報を提供する目的で行う必要があります。 単にトラフィックを呼び込んだり、サイトに注目を集めたりするためにリンクを投稿すべきではありません。 リンクを投稿する際は、常にリンク先のコンテンツや目的についての十分な説明を添えてください。 関連性や価値あるコンテンツがない、不要なリンクを投稿すれば、広告や悪意の目的があるものと受け取られる可能性があります。 - さらに、GitHubコミュニティフォーラムは、コラボレーション、アイデアの共有、そしてお互いの作業を終わらせるための場です。 トピックから逸脱したコメントは、生産的に働いて仕事を終わらせるという目的から気をそらしてしまいます(たまにはいいかもしれませんが、普段は慎みましょう)。 トピックに集中することで、ポジティブで生産的な議論が生まれます。 - **伝え方に注意する。**他の人にフィードバックを求めたり、プロジェクトへのコラボレーションを求めたりする場合は、背景を伝えるため、有益で関連あるリソースのみを共有しましょう。 話題に貢献しないリンクや、自分のプロジェクトやサイトへのリンクをむやみに他のユーザのスレッドに投稿しないでください。 また、重要な情報を書き込まないでください。 これには、あなたのメールアドレスも含まれます。 このコミュニティフォーラムでは、そうした情報の書き込みを許可していません。投稿者や他のユーザにとって、安全やプライバシーのリスクが生じるためです。 他のフォーラムメンバーをプロジェクトのコラボレートや共同作業に招待したい場合は、作業中のプロジェクトにあるリポジトリのリンクを伝えてください。 プロジェクトの内容や、求めている支援やフィードバックについての情報を添えて、プロジェクトのリポジトリへのリンクを共有することで、あなたの個人情報を伝えることなく、Issueやプルリクエストを通じてコラボレーションするよう他の人々を招待できます。 また、プロジェクトのリポジトリに外部のコラボレータて追加して、プロジェクトを開発するために役立つ特別な権限を与えることも可能です。 diff --git a/translations/ja-JP/content/site-policy/github-terms/github-community-guidelines.md b/translations/ja-JP/content/site-policy/github-terms/github-community-guidelines.md new file mode 100644 index 0000000000..b348700d44 --- /dev/null +++ b/translations/ja-JP/content/site-policy/github-terms/github-community-guidelines.md @@ -0,0 +1,86 @@ +--- +title: GitHubコミュニティガイドライン +redirect_from: + - /community-guidelines + - /articles/github-community-guidelines + - /github/site-policy/github-community-guidelines + - /github/site-policy/acceptable-use-policies/github-community-guidelines +versions: + fpt: '*' +topics: + - Policy + - Legal +--- + +Millions of developers across the world host millions of projects—both open and closed source—on GitHub. We're fortunate to be able to play a part in enabling collaboration across the developer community every day, which is a responsibility we don’t take lightly. Together, we all have the exciting opportunity to make this a community we can be proud of. + +Our diverse user base brings different perspectives, ideas, and experiences, and ranges from people who created their first "Hello World" project last week to the most well-known software developers in the world. We are committed to making GitHub an environment that welcomes all the different voices and perspectives our community has to offer, while maintaining a safe place for developers to do their best work. + +By outlining what we think a [safe, welcoming, and productive community](https://opensource.guide/building-community/) looks like at GitHub, we hope to help you understand how best to interact and collaborate on our platform in line with our [Terms of Service](/github/site-policy/github-terms-of-service) and [Acceptable Use Policies](/github/site-policy/github-acceptable-use-policies). + +We encourage our community members to communicate expectations clearly, [moderate](#what-if-something-or-someone-offends-you) their projects where possible, and [report](https://github.com/contact/report-abuse) any content that may violate our [policies](/github/site-policy/github-terms-of-service). GitHub Staff will investigate any reports of abuse, and may moderate public content on our site that we determine to be in violation of our Terms of Service. + + +## Maintaining a strong community + +GitHub コミュニティの主な目的は、ソフトウェアプロジェクトの共同作業です。 私たちは、ユーザが自由に自己表現し、それが技術的な内容であろうがそうでなかろうが、お互いのアイデアについて意見を交換できるコミュニティを維持できるように取り組んでいます。 At the same time, it's important that users remain respectful and allow space for others to contribute openly. In order to foster both a safe and productive environment, we encourage our community members to look to these guidelines to inform how they interact on our platform. Below, you’ll find some suggestions for how to have successful interactions as a valued member of the GitHub community. + +* **Be welcoming and open-minded** - New users join our community each day. Some are well-established developers, while others are just beginning. Be open to other ideas and experience levels. Make room for opinions other than your own and be welcoming to new collaborators and those just getting started. + +* **Be respectful** - Working in a collaborative environment means disagreements may happen. ただし、批判すべきはアイデアであって、人ではありません。 Share thoughtful, constructive criticism and be courteous to those you interact with. If you’re unable to engage respectfully, consider taking a step back or using some of our moderation tools to deescalate a tense situation. + +* **Be empathetic** - GitHub is a global community with people from a wide variety of backgrounds and perspectives, many of which may not be your own. Try to put yourself in others’ shoes and understand their feelings before you address them. Do your best to help make GitHub a community where others feel safe to make contributions, participate in discussions, and share different ideas. + + +## 嫌な思いをしたら + +While some disagreements can be resolved with direct, respectful communication between community members, we understand that is not always the case. We encourage our community to [let us know](https://support.github.com/contact/report-abuse?category=report-abuse&report=other&report_type=unspecified) when they believe content or activity they’ve encountered violates our policies. However, if you run into something or someone on the site that you find objectionable, here are some ways GitHub enables you to take action: + +* **Communicate expectations** - Maintainers can set community-specific guidelines to help users understand how to interact with their projects, for example, in a repository’s README, [CONTRIBUTING file](/articles/setting-guidelines-for-repository-contributors/), or [dedicated code of conduct](/articles/adding-a-code-of-conduct-to-your-project/). You can find additional information on building communities [here](/communities). + + +* **Moderate Comments** - Users with [write-access privileges](/articles/repository-permission-levels-for-an-organization/) for a repository can [edit, delete, or hide anyone's comments](/communities/moderating-comments-and-conversations/managing-disruptive-comments) on commits, pull requests, and issues. リポジトリの読み取りアクセスがあれば、誰でもコミットの編集履歴を見ることができます。 Comment authors and people with write access to a repository can also delete sensitive information from a [comment's edit history](/communities/moderating-comments-and-conversations/tracking-changes-in-a-comment). Moderating your projects can feel like a big task if there is a lot of activity, but you can [add collaborators](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository#collaborator-access-for-a-repository-owned-by-a-user-account) to assist you in managing your community. + +* **Lock Conversations**  - If a discussion in an issue, pull request, or commit gets out of hand, off topic, or violates your project’s code of conduct or GitHub’s policies, owners, collaborators, and anyone else with write access can put a temporary or permanent [lock](/articles/locking-conversations/) on the conversation. + +* **Block Users**  - If you encounter a specific user who you would rather not engage with, you can [block the user from your personal account](/articles/blocking-a-user-from-your-personal-account/) or [from your organization](/articles/blocking-a-user-from-your-organization/). + +* **Limit Interactions** - If your public project is getting unwanted attention, being trolled, spammed, or otherwise, you have the option of setting [temporary interaction limits](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository) to keep certain users from interacting with your repository. You can even set [code review limits](https://github.blog/2021-11-01-github-keeps-getting-better-for-open-source-maintainers/#preventing-drive-by-pull-request-approvals-and-requested-changes) to ensure quality contributions on your projects. + + +While we are passionate about empowering maintainers to moderate their own projects, please reach out to us to {% data variables.contact.report_abuse %} if you need additional support in dealing with a situation. + +## What happens if someone violates GitHub's policies? + +We rely on reports from the community, as well as proactive detection, to help ensure that GitHub is a safe, welcoming, and productive platform for software developers. There are a variety of factors we consider when we’re made aware of behavior or content not in line with GitHub’s policies. However, our policy enforcement and content moderation approach prioritizes our vision to be the home for all developers. This means: + +- We optimize for code collaboration. We recognize that code can have multiple uses and we distinguish between how the code is being used on the platform and other possible uses. We also think about how our enforcement actions can affect a potentially complicated web of interdependencies across the platform and aim to restrict as little legitimate content as possible. + +- We take a human-centered approach to content moderation and we tailor our responses to meet the needs of a specific situation. Our global team investigates the reports we receive on a case-by-case basis—considering context and the surrounding facts—before taking action. This could include taking into account potentially offensive content being posted in a way that lacks context or makes it easy for other users to unwittingly view or interact with while using GitHub. In those instances, we may favor moderation in order to safeguard our community. + +- Our decisions are rooted in our core belief that serving an interconnected community and empowering human progress through developer collaboration requires a commitment to diversity, inclusion, and belonging. + +Where we have decided that moderation action is warranted, these are some of the ways we may respond: + +* Removing the offending content +* Blocking or disabling the offending content +* Downgrading the visibility of the offending content +* Hiding a user account or organization from public view +* Suspending a user account or organization + + +## 意義申し立てと復帰 + +In some cases there may be a basis to reverse a moderation action taken by GitHub Staff. + +* **Reinstatement**: Where a user wishes to address the violation and is willing to agree to abide by our Acceptable Use Policies moving forward, we may choose to reinstate their account or content depending on the severity of the initial violation. + +* **Appeal**: If a user wishes to dispute the basis of an enforcement action and can provide additional information regarding the alleged violation, we will review that information and may grant the appeal where we determined that a violation did not occur. + +If you seek reinstatement or wish to appeal an enforcement action, please contact [support](https://support.github.com/contact?tags=docs-policy). + +## 法的通知 + +本コミュニティガイドラインは、[CC0-1.0](https://creativecommons.org/publicdomain/zero/1.0/) の条件に基づいて、誰でも使用、再利用、改作、その他あらゆることが可能になるようにパブリックドメインになっています。 + +これはあくまでもガイドラインであり、[利用規約](/articles/github-terms-of-service/)を変更するものや、完全なリストであることを意図したものではありません。 Under those terms, GitHub retains full discretion to remove any content or terminate any accounts for activity that violates our [Acceptable Use Policies](/articles/github-acceptable-use-policies). 本ガイドラインでは、かかる裁量を行使する場合について説明しています。 diff --git a/translations/ja-JP/content/github/site-policy/github-corporate-terms-of-service.md b/translations/ja-JP/content/site-policy/github-terms/github-corporate-terms-of-service.md similarity index 94% rename from translations/ja-JP/content/github/site-policy/github-corporate-terms-of-service.md rename to translations/ja-JP/content/site-policy/github-terms/github-corporate-terms-of-service.md index 63f1207d36..a9569da5e4 100644 --- a/translations/ja-JP/content/github/site-policy/github-corporate-terms-of-service.md +++ b/translations/ja-JP/content/site-policy/github-terms/github-corporate-terms-of-service.md @@ -2,6 +2,7 @@ title: GitHub企業向け利用規約 redirect_from: - /articles/github-corporate-terms-of-service + - /github/site-policy/github-corporate-terms-of-service versions: fpt: '*' topics: @@ -34,7 +35,7 @@ _本規約は、1) 企業向け利用規約を受け入れたGitHub.com (非Ente 「**ベータプレビュー**」とは、アルファ、ベータ、プレビュー、アーリーアクセス、評価版、またはその他同様の意味を持つ言葉や表現により称されるソフトウェア、サービス、または機能を意味します。 -「**機密情報**」とは、書面、口頭、その他の手段により機密として指定されたか、あるいは開示側の「当事者」にとって機密であることを受領側の 「当事者」 が知っているまたは開示に関する状況および情報の性質により、機密であることを合理的に知っていると判断される、いずれかの「当事者」 により、他の当事者に開示された、あらゆる非公開情報を意味します。 疑義を避けるため、お客様の「プライベートリポジトリ」に保存されたお客様の「コンテンツ」を除き、「サービス」に投稿された「コンテンツ」は「機密情報」と見なされないものとします。 「機密情報」には、以下のいずれの情報も含まれません。(i) 受領側当事者の過失によらず、公知であったもの、あるいは公知となったもの、(ii) 開示する権利を有する開示側当事者以外の情報源から、機密または所有権の制約を受けることなく、受領側「当事者」が正当に知っていたか正当に知るようになったもの、(iii) 開示側「当事者」に正式に委託を受けた職員により署名された書面により、制約を受けることなく開示することについて、かかる開示側「当事者」により承認されたもの、(iv) 相手方「当事者」の「機密情報」を入手または利用することなく、受領側「当事者」が独自に開発したもの、(v) 「サービス」内、かつお客様の「プライベートリポジトリ」以外に保存または投稿されるまたはされているもの。 +「**機密情報**」とは、書面、口頭、その他の手段により機密として指定されたか、あるいは開示側の「当事者」にとって機密であることを受領側の 「当事者」 が知っているまたは開示に関する状況および情報の性質により、機密であることを合理的に知っていると判断される、いずれかの「当事者」 により、他の当事者に開示された、あらゆる非公開情報を意味します。 疑義を避けるため、お客様の「プライベートリポジトリ」に保存されたお客様の「コンテンツ」を除き、「サービス」に投稿された「コンテンツ」は「機密情報」と見なされないものとします。 「機密情報」には、以下のいずれの情報も含まれません。(i) 受領側当事者の過失によらず、公知であったか公知となったもの、(ii) 開示する権利を有する開示側当事者以外の情報源から、機密または所有権の制約を受けることなく、受領側「当事者」が正当に知っていたか正当に知るようになったもの、(iii) 開示側「当事者」に正式に委託を受けた職員により署名された書面により、制約を受けることなく開示することについて、かかる開示側「当事者」により承認されたもの、(iv) 相手方「当事者」の「機密情報」を入手または利用することなく、受領側「当事者」が独自に開発したもの、(v) 「サービス」内、かつお客様の「プライベートリポジトリ」以外に保存または投稿されるまたはされているもの。 「**コンテンツ**」とは、機能、表示、その他 「サービス」を通じて利用できる、コード、テキスト、データ、記事、画像、パッケージ、写真、図表、ソフトウェア、アプリケーション、設計、機能、その他それらに制約されないあらゆる素材を意味します。 @@ -70,13 +71,13 @@ _本規約は、1) 企業向け利用規約を受け入れたGitHub.com (非Ente 「**プロフェッショナルサービス**」とは、相互に締結した「SOW」に従い、GitHub がお客様に対して提供するトレーニング、コンサルティング、または実装サービスを意味します。 「プロフェッショナルサービス」には、「サポート」は含まれません。 -「**プロフェッショナルサービスクレジット**」とは、「プロフェッショナルサービス」 (旅費および宿泊費除く) を購入するための前払い方式による支払いを意味し、お客様は、これを「プロフェッショナルサービス」のために (「注文書」に特に明記していない場合) 12 か月間利用できます。 (「注文書」に特に明記していない場合) 購入日から 12 か月経過した月末までに利用されていない「プロフェッショナルサービスクレジット」は自動的に取り消しとなり、返金できません。 +**"Professional Services Credits"** means the upfront payment method for purchasing Professional Services (exclusive of travel and lodging expenses) that Customer may use over a period of twelve (12) months (unless otherwise stated in an Order Form) for Professional Services. (「注文書」に特に明記していない場合) 購入日から 12 か月経過した月末までに利用されていない「プロフェッショナルサービスクレジット」は自動的に取り消しとなり、返金できません。 -「**パブリックリポジトリ**」とは、「コンテンツ」が「全ユーザ」に表示できるリポジトリを意味します。 +**“Public Repository”** means a repository whose Content is visible to All Users. 「**担当者**」とは、「当事者」の従業員、役員、代理人、独立契約者、コンサルタント、および財務顧問を意味します。 -「**スクレイピング**」とは、ボットやウェブクローラーなどの自動的な処理により、「サービス」からデータを抽出することを意味します。GitHub の API を通して情報を収集することはこれに含まれません。 +**“Scraping”** means extracting data from the Service via an automated process, such as a bot or webcrawler, and does not include the collection of information through GitHub's API. 「**サービス**」とは、GitHub のホストしたサービスおよび該当するあらゆる「ドキュメンテーション」を意味します。 @@ -88,12 +89,12 @@ _本規約は、1) 企業向け利用規約を受け入れたGitHub.com (非Ente 「**ユーザ**」とは、「お客様」を代表して、(a) 「サービス」にアクセスまたはそれを利用する、(b) 「お客様」のアカウントの一部にアクセスまたはそれを利用する、あるいは (c) 機能を実行するにあたり「お客様」のアカウントの利用を命令する、個人または「コンピュータアカウント」を意味します。 「ユーザ」の数は、「お客様」が購入した「プランライセンス」の数を超過してはなりません。 -「**ユーザ生成コンテンツ**」とは、第三者または「外部ユーザ」が作成または所有する「コンテンツ」を意味します。 +**“User-Generated Content”** means Content created or owned by a third party or External User. ## B. アカウント利用規約 ### 1. アカウントの管理 - * _ユーザ。_お客様は、「ユーザ」が各自のアカウントおよびアカウント内の「コンテンツ」に対する最終的な管理権限を保持することに同意するものとします。 「ユーザ」の「サービス」利用については、本セクション 3 に基づく「ユーザ」のアクティビティに関するものを除き、[GitHub の「標準利用規約」](/articles/github-terms-of-service)が適用されます。 + * _ユーザ。_お客様は、「ユーザ」が各自のアカウントおよびアカウント内の「コンテンツ」に対する最終的な管理権限を保持することに同意するものとします。 [GitHub's Standard Terms of Service](/articles/github-terms-of-service) govern Users' use of the Service, except with respect to Users' activities under this Section B. * _(ii) Organization。_お客様は、本セクション B に従い、お客様を代表して作成されたあらゆる Organization、およびその Organization 内のリポジトリに投稿された「ユーザ生成コンテンツ」について、最終的な管理権限を保持します。本セクション B は、お客様の Organization による利用について規定するものです。 @@ -104,7 +105,7 @@ _本規約は、1) 企業向け利用規約を受け入れたGitHub.com (非Ente * 「ユーザ」は、ログインを複数人で共有することはできません。 -- お客様が以下に該当する場合、「製品」を利用することはできません。 (a) 米国またはその他の該当する管轄区域の輸出規制または制裁に関する法律に違反する場合、(b) 米国財務省外国資産管理局 (OFAC) が管理する包括的制裁の対象となる国または地域にの居住者であるか、常時滞在している場合、(c) お客様が、[特定国籍 (SDN)](https://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx)、同様の制限に服する個人、または取引禁止者であるか、それらのために働いている場合。 詳しくは「[輸出規制方針](/articles/github-and-export-controls)」をご覧ください。 +- お客様が以下に該当する場合、「製品」を利用することはできません。 (a) 米国またはその他の該当する管轄区域の輸出規制または制裁に関する法律に違反する場合、(b) 米国財務省外国資産管理局 (OFAC) が管理する包括的制裁の対象となる国または地域にの居住者であるか、常時滞在している場合、(c) お客様が、[特定国籍 (SDN)](https://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx)、同様の制限に服する個人、または取引禁止者であるか、それらのために働いている場合。 For more information, please see our [Export Controls policy](/articles/github-and-export-controls). ### 3. アカウントのセキュリティ お客様は、以下に対して責任を負います。(i) お客様の「企業アカウント」における、投稿された「コンテンツ」およびアクティビティの全て、(ii) お客様のアカウントのログイン認証情報に関するセキュリティの維持、(iii) お客様のアカウントを通じた、「サービス」のあらゆる不正利用や不正アクセスを認識した際には、[速やかにGitHub に通知](https://github.com/contact)すること。 GitHub は、お客様が本セクション B に従わなかったことにより生ずるいかなる損失または損害にも責任を負いません。 @@ -175,7 +176,7 @@ GitHub は、[法令にもとづく開示を求められた場合](/github/site- お客様がGitHubのトレードマークを使用したい場合は、GitHubの[ロゴページ](https://github.com/logos)の内容も含めて、トレードマークに関するGitHubのすべてのガイドラインに従う必要があります。 ### 3. GitHub ライセンスポリシー -本「契約」は、[Creative Commons Zero license](https://creativecommons.org/publicdomain/zero/1.0/) の元でライセンス付与されています。 詳細は、[サイトポリシーリポジトリ](https://github.com/github/site-policy#license)を参照してください。 +本「契約」は、[Creative Commons Zero license](https://creativecommons.org/publicdomain/zero/1.0/) の元でライセンス付与されています。 詳細は、[site-policyリポジトリ](https://github.com/github/site-policy#license)を参照してください。 ### 4. 著作権侵害と DMCA ポリシー お客様が著作権所有者であり、「サービス」上のコンテンツがお客様の著作権を侵害していると考えられる場合、お客様は[GitHubのデジタルミレニアム著作権法 (DMCA) ポリシー](/articles/dmca-takedown-policy/)に従って、[DMCAの様式](https://github.com/contact/dmca)を用いるか、またはcopyright@github.com に電子メールを送信して、GitHubに通知できます。 @@ -196,7 +197,7 @@ GitHub は、[法令にもとづく開示を求められた場合](/github/site- ### 1. 価格、料金 -**支払い条件** 料金については、[github.com/pricing](https://github.com/pricing) に掲載されているものが適用されます (ただし、関係者による協議を行い、「注文書」に記載されている場合を除きます)。 お客様は、減額や相殺などに類することを行わず、アメリカ合衆国ドルにより「料金」の全額を前払いで支払うことに同意します。 。 お客様は、GitHub による請求の日付から 30 日以内に「料金」を支払う必要があります。 本「契約」に基づいて支払われる金額は、本「契約」に別段の定めがある場合を除き、返金できません。 Amounts payable under this Agreement are non-refundable, except as provided in Sections 13 and 14.1. 本契約に関して課されたか、負うようになったあらゆる税金、料金、関税、および政府による査定 (GitHub の純利益に基づく税金を除く) について、お客様は全責任を負います。 +**支払い条件** 料金については、[github.com/pricing](https://github.com/pricing) に掲載されているものが適用されます (ただし、関係者による協議を行い、「注文書」に記載されている場合を除きます)。 お客様は、減額や相殺などに類することを行わず、アメリカ合衆国ドルにより「料金」の全額を前払いで支払うことに同意します。 設定しなければなりません。 お客様は、GitHub による請求の日付から 30 日以内に「料金」を支払う必要があります。 本「契約」に基づいて支払われる金額は、本「契約」に別段の定めがある場合を除き、返金できません。 Amounts payable under this Agreement are non-refundable, except as provided in Sections 13 and 14.1. 本契約に関して課されたか、負うようになったあらゆる税金、料金、関税、および政府による査定 (GitHub の純利益に基づく税金を除く) について、お客様は全責任を負います。 **従量制支払い:** 「サービス」の一部の機能は、使用量に基づいて請求されます。 かかる「サービス」機能は、限られた使用量および期間であれば、追加料金なしでご利用のプランで使用できる場合があります。 ご利用のプランに含まれる数量を超えて有料の「サービス」機能を購入することを選択した場合、お客様は前月の実際の使用量に基づいてかかる「サービス」機能の料金を支払います。 かかる購入に対する毎月の支払いは、後払いで定期的に請求されます。ただし、請求書払いのお客様については、有料の「サービス」機能は前払いとなります。 詳しくは、[GitHub 追加製品の利用規約](/github/site-policy/github-additional-product-terms)を参照してください。 @@ -249,7 +250,7 @@ _「プロフェッショナルサービス保証」。_SOW に別段の定め _「サービスの免責事項」。_GitHub は、「サービス」を**「現状のまま」****「提供可能な状態で」**、いかなる保証もなしに提供します。 GitHub は、「サービス」に関して、商品性、特定目的への適合性、権原、セキュリティ、正確性、および非侵害性を含むがこれに限定されない一切の保証を明示的に否認します。 GitHub は、「サービス」がお客様の要件を満たすこと、「サービス」が中断されないこと、適時に提供されること、安全であること、またはエラーがないこと、「サービス」を通じて提供される情報が正確、信頼できる、または的確であること、あらゆる欠陥やエラーが修正されること、「サービス」が特定の時間や場所で利用できること、ならびに「サービス」にウイルスやその他の有害なコンポーネントが含まれていないことを保証しません。 GitHub は、お客様がファイル、情報、「コンテンツ」 、その他「サービス」から取得した資料のダウンロードおよび/または利用により生じるいかなる損失のリスクについても責任を負いません。 -_「ベータプレビューの免責事項」。_お客様は、自らの裁量により「ベータプレビュー」の利用を選択できます。 「ベータプレビュー」はサポートを受けることができない場合があり、その内容は随時予告なく変更される場合があります。 「ベータプレビュー」は、「サービス」ほど信頼性が高くない場合があります。または利用できない可能性もあります。 「ベータプレビュー」は、「サービス」にこれまでも現在も適用されているものと同等のセキュリティ対策および監査の対象ではありません。 GitHub は、「ベータプレビュー」に起因または関連する責任を負わないものとします。 **お客様は、自らの責任において「ベータプレビュー」を利用するものとします。** +_「ベータプレビューの免責事項」。_お客様は、自らの裁量により「ベータプレビュー」の利用を選択できます。 「ベータプレビュー」はサポートを受けることができない場合があり、その内容は随時予告なく変更される場合があります。 「ベータプレビュー」は、「サービス」ほど信頼性が高くない場合があります。または利用できない可能性もあります。 「ベータプレビュー」は、「サービス」にこれまでも現在も適用されているものと同等のセキュリティ対策および監査の対象ではありません。 GitHub は、「ベータプレビュー」に起因または関連する責任を負わないものとします。 **Customer uses Beta Previews at its own risk.** ## N. 責任の制限 **_「間接的損害」。_原因の如何に関わらず、かかる義務が契約、保証、不法行為 (過失を含む)、厳格責任などに基づく請求から生じるあらゆる請求に起因するか、また当事者がかかる損害の可能性について当事者が知らされていたかを問わず、間接的、特別的、偶発的、懲罰的または派生的損害 (利益、収益またはデータの損失を含む)、または本契約に起因または関連して発生する代替製品の取得費用について、いずれの当事者も、相手方当事者またはあらゆる第三者に対して、準拠法によって許される最大限の範囲で、いかなる場合においても責任を負わないものとします。** diff --git a/translations/ja-JP/content/github/site-policy/github-event-code-of-conduct.md b/translations/ja-JP/content/site-policy/github-terms/github-event-code-of-conduct.md similarity index 98% rename from translations/ja-JP/content/github/site-policy/github-event-code-of-conduct.md rename to translations/ja-JP/content/site-policy/github-terms/github-event-code-of-conduct.md index ab359bf3d2..22c9164578 100644 --- a/translations/ja-JP/content/github/site-policy/github-event-code-of-conduct.md +++ b/translations/ja-JP/content/site-policy/github-terms/github-event-code-of-conduct.md @@ -2,6 +2,7 @@ title: GitHubイベントの行動規範 redirect_from: - /articles/github-event-code-of-conduct + - /github/site-policy/github-event-code-of-conduct versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/github/site-policy/github-event-terms.md b/translations/ja-JP/content/site-policy/github-terms/github-event-terms.md similarity index 99% rename from translations/ja-JP/content/github/site-policy/github-event-terms.md rename to translations/ja-JP/content/site-policy/github-terms/github-event-terms.md index 64e7788189..836c885c9a 100644 --- a/translations/ja-JP/content/github/site-policy/github-event-terms.md +++ b/translations/ja-JP/content/site-policy/github-terms/github-event-terms.md @@ -2,6 +2,7 @@ title: GitHubイベント規約 redirect_from: - /articles/github-event-terms + - /github/site-policy/github-event-terms versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/github/site-policy/github-marketplace-developer-agreement.md b/translations/ja-JP/content/site-policy/github-terms/github-marketplace-developer-agreement.md similarity index 98% rename from translations/ja-JP/content/github/site-policy/github-marketplace-developer-agreement.md rename to translations/ja-JP/content/site-policy/github-terms/github-marketplace-developer-agreement.md index 19ebbe66da..20ae8853c4 100644 --- a/translations/ja-JP/content/github/site-policy/github-marketplace-developer-agreement.md +++ b/translations/ja-JP/content/site-policy/github-terms/github-marketplace-developer-agreement.md @@ -2,6 +2,7 @@ title: GitHub Marketplace開発者同意書 redirect_from: - /articles/github-marketplace-developer-agreement + - /github/site-policy/github-marketplace-developer-agreement versions: fpt: '*' topics: @@ -66,11 +67,11 @@ Effective Date: August 24, 2021 - 3\. あらゆる第三者の機械、システム、ハードウェア、サーバー、ネットワーク、デバイス、データその他の財産またはサービスに対する妨害、破壊、損傷、損害、危害、または不正なアクセスを行うこと、 - 4\. 虚偽または誤解を招くコンテンツを含めること、 - 5\. 特許、商標、企業秘密、パブリシティー権などの権利を含め、あらゆる当事者のあらゆる所有権を侵害すること、 -- 6\. 中傷、名誉毀損、あるいは詐欺的なもの、 +- 6\. Is libelous, defamatory, or fraudulent; - 7\. ストリーミングコンテンツやメディアの不正なアクセスを可能にすること、 - 8\. 違法なコンテンツを表示またはそれにリンクすること、 - 9\. GitHub従業員、役員、代理店、その他あらゆる「エンドユーザ」を含む、あらゆる個人またはグループに対する嫌がらせ、罵倒、脅迫、または暴力の誘発を行うこと、 -- 10\. 性的・わいせつな内容を含むもの、 +- 10\. Is or contains sexually obscene content; - 11\. あらゆる個人やグループを差別または罵倒するもの、 - 12\. 「Marketplace」を模倣したり、「Marketplace」になりすますあらゆるサイトに「エンドユーザ」を迂回させるか、リンクを提供すること。 @@ -146,7 +147,7 @@ GitHubは、自らの裁量により、「リスティング」を「Marketplace **6.1** GitHubは、「エンドユーザ」が「Marketplace」経由で購入した「開発者製品」について、最終販売責任を負う商業者となります。 -**6.2** 「開発者アプリケーション」の「Marketplaceリスティング」の価格は、米ドル(USD)で設定されます。 「開発者」は、各「リスティング」の価格設定を自ら決定でき、一度価格を設定すると、その価格は変更されません。 既存の「リスティング」の価格プランを取りやめ、追加の価格プランを適用することができますが、ただし、かかる新価格プランが、既存の「エンドユーザ」に悪影響を及ぼさないことを条件とします。 「開発者製品」に設定した価格によって、お客様が受け取る金額が決定されます。 GitHubは、米ドルで設定された販売価格の95%を、適用法に基づき要求される源泉徴収税以外の「税金」を控除せずに送金します。 販売価格のうち残りの5%については、GitHubの割り当て分となり、GitHubが保管します。 毎月最終日、500米ドルの最低額に到達した場合に、GitHubはお客様の受け取り金額を送金するものとします。 +**6.2** 「開発者アプリケーション」の「Marketplaceリスティング」の価格は、米ドル(USD)で設定されます。 「開発者」は、各「リスティング」の価格設定を自ら決定でき、一度価格を設定すると、その価格は変更されません。 既存の「リスティング」の価格プランを取りやめ、追加の価格プランを適用することができますが、ただし、かかる新価格プランが、既存の「エンドユーザ」に悪影響を及ぼさないことを条件とします。 「開発者製品」に設定した価格によって、お客様が受け取る金額が決定されます。 GitHub will remit 95% of the sale price in USD without reduction for Taxes except for any withholding taxes that are required under applicable law. The remaining 5% of the sales price will be allotted to and retained by GitHub. 毎月最終日、500米ドルの最低額に到達した場合に、GitHubはお客様の受け取り金額を送金するものとします。 **6.3** 「返金要件」。 お客様は、「エンドユーザー」への返金に関する条件を指定する責任を負います。 いかなる場合においても、GitHub は返金についてサポートを提供する義務や、返金の支払いについて責任を負う義務を負いません。 diff --git a/translations/ja-JP/content/github/site-policy/github-marketplace-terms-of-service.md b/translations/ja-JP/content/site-policy/github-terms/github-marketplace-terms-of-service.md similarity index 97% rename from translations/ja-JP/content/github/site-policy/github-marketplace-terms-of-service.md rename to translations/ja-JP/content/site-policy/github-terms/github-marketplace-terms-of-service.md index 5c80505970..84466fc53e 100644 --- a/translations/ja-JP/content/github/site-policy/github-marketplace-terms-of-service.md +++ b/translations/ja-JP/content/site-policy/github-terms/github-marketplace-terms-of-service.md @@ -2,6 +2,7 @@ title: GitHub Marketplace利用規約 redirect_from: - /articles/github-marketplace-terms-of-service + - /github/site-policy/github-marketplace-terms-of-service versions: fpt: '*' topics: @@ -39,7 +40,7 @@ GitHub Marketplace (「Marketplace」) へようこそ! また、こちらの **支払いスケジュール、返金なし。**支払いスケジュールは、GitHubアカウントの作成時に選択した支払いスケジュール (無料、月間、年間など) によって決まります。 月間または年間払いのプランの場合、 「Marketplace」における購入はそれぞれ月ごとまたは年ごとに前払いされ、返金されません。 サービスの一部の月に対する返金もしくはクレジット、ダウングレードの返金、および未使用月に対する返金はありません。ただし、支払い済みの期間中は、サービスは有効です。 「開発者製品」のサービスをキャンセルしたい場合、画面上部のグローバルナビゲーションバーにある [設定] にアクセスしてキャンセルできます。 -If you would have a question, concern, or dispute regarding your billing, please contact [GitHub Support](https://support.github.com/contact?tags=docs-policy). +支払いについて質問、懸念、または意義がある場合は、[GitHub サポート](https://support.github.com/contact?tags=docs-policy)にお問い合わせください。 ## E. お客様のデータとGitHubのプライバシーポリシー @@ -85,6 +86,6 @@ GitHub は、法的またはポリシー上の理由により、当社のサー 5. **セクションの見出し。** 本「Marketplace利用規約」全体を通して、各セクションには後述の規約および条件のタイトルが含まれています。 これらのセクションのタイトルには法的拘束力はありません。 -6. **GitHubライセンスポリシー。**本「Marketplace利用規約は、この[Creative Commons Zero license](https://creativecommons.org/publicdomain/zero/1.0/)の下でライセンス付与されています。 詳細は、[サイトポリシーリポジトリ](https://github.com/github/site-policy#license)を参照してください。 +6. **GitHubライセンスポリシー。**本「Marketplace利用規約は、この[Creative Commons Zero license](https://creativecommons.org/publicdomain/zero/1.0/)の下でライセンス付与されています。 詳細は、[site-policyリポジトリ](https://github.com/github/site-policy#license)を参照してください。 7. **お問い合わせ。**「Marketplace利用規約」についてのご質問をお寄せください。 [Contact us](https://support.github.com/contact?tags=docs-policy). diff --git a/translations/ja-JP/content/github/site-policy/github-open-source-applications-terms-and-conditions.md b/translations/ja-JP/content/site-policy/github-terms/github-open-source-applications-terms-and-conditions.md similarity index 92% rename from translations/ja-JP/content/github/site-policy/github-open-source-applications-terms-and-conditions.md rename to translations/ja-JP/content/site-policy/github-terms/github-open-source-applications-terms-and-conditions.md index 8ae32dbb87..f50f590780 100644 --- a/translations/ja-JP/content/github/site-policy/github-open-source-applications-terms-and-conditions.md +++ b/translations/ja-JP/content/site-policy/github-terms/github-open-source-applications-terms-and-conditions.md @@ -2,6 +2,7 @@ title: GitHubオープンソースアプリケーションの規約および条件 redirect_from: - /articles/github-open-source-applications-terms-and-conditions + - /github/site-policy/github-open-source-applications-terms-and-conditions versions: fpt: '*' topics: @@ -55,12 +56,12 @@ GitHubは予告の有無にかかわらず、「サービス」(またはその 2. 完全なる合意。 本「アプリケーション規約」は、適用されるあらゆる「プライバシーに関する通知」と共に、お客様とGitHubとの完全なる合意を構成し、お客様による本「ソフトウェア」の使用に適用され、お客様とGitHubとの間で交わされた先行する (以前の「アプリケーション」を含み、これに限定されない) あらゆる契約に優先するものとします。 -3. 準拠法. お客様は、「アプリケーション規約」および本「ソフトウェア」の利用がカリフォルニア州法に準拠し、本「ソフトウェア」に関するあらゆる紛争は、カリフォルニア州サンフランシスコまたはその付近にある正当な司法権を持つ裁判所に持ち込ち込まなければならないことに同意するものとします。 +3. Governing Law. お客様は、「アプリケーション規約」および本「ソフトウェア」の利用がカリフォルニア州法に準拠し、本「ソフトウェア」に関するあらゆる紛争は、カリフォルニア州サンフランシスコまたはその付近にある正当な司法権を持つ裁判所に持ち込ち込まなければならないことに同意するものとします。 4. サードパーティのパッケージ。 本「ソフトウェア」は、本「ソフトウェア」の機能を改善、追加、削除、または変更できる、サードパーティの「パッケージ」をサポートしています。 こうした「パッケージ」は、本「アプリケーション規約」の対象ではありませんが、その特定のパッケージに適用される独自のライセンスが含まれている場合があります。 5. 変更なし、完全合意。 本「アプリケーション規約」は、GitHubの権限のある代表者が署名した書面による修正、またはGitHubによる改訂版の投稿によってのみ変更できます。 本「アプリケーション規約」は、該当する「オープンソースライセンスおよび通知」ならびに「GitHub のプライバシーについての声明」とともに、お客様と当社の間の完全かつ排他的な合意の声明を表しています。 本「アプリケーション規約」は、かかる規約の主題に関する口頭または書面による提案または事前の契約、およびお客様と GitHub 間のその他の通信に優先します。 -6. GitHub ライセンスポリシー. 本「アプリケーション規約」は、この [Creative Commons Zero license](https://creativecommons.org/publicdomain/zero/1.0/) の元でライセンス付与されています。 詳細は、[サイトポリシーリポジトリ](https://github.com/github/site-policy#license)を参照してください。 +6. License to GitHub Policies. 本「アプリケーション規約」は、この [Creative Commons Zero license](https://creativecommons.org/publicdomain/zero/1.0/) の元でライセンス付与されています。 詳細は、[site-policyリポジトリ](https://github.com/github/site-policy#license)を参照してください。 7. お問い合わせ。 「利用規約」について質問がございましたら、 [Contact us](https://support.github.com/contact?tags=docs-policy). diff --git a/translations/ja-JP/content/github/site-policy/github-registered-developer-agreement.md b/translations/ja-JP/content/site-policy/github-terms/github-registered-developer-agreement.md similarity index 97% rename from translations/ja-JP/content/github/site-policy/github-registered-developer-agreement.md rename to translations/ja-JP/content/site-policy/github-terms/github-registered-developer-agreement.md index 886767a1ad..30532af377 100644 --- a/translations/ja-JP/content/github/site-policy/github-registered-developer-agreement.md +++ b/translations/ja-JP/content/site-policy/github-terms/github-registered-developer-agreement.md @@ -2,6 +2,7 @@ title: GitHub登録開発者同意書 redirect_from: - /articles/github-registered-developer-agreement + - /github/site-policy/github-registered-developer-agreement versions: fpt: '*' topics: @@ -51,7 +52,7 @@ GitHubは、多くの開発者に当社のプラットフォームをご愛用 お客様は、当社がお客様に提供する非公開情報や、本「プログラム」の参加者として入手できる非公開情報が、そのように表示されているか特定されているかにかかわらず、GitHubの機密情報 (「機密情報」と総称) と見なされることに同意するものとします。 お客様は、かかる「機密情報」を本「プログラム」の参加者に対して認められた目的にのみ使用し (「目的」)、その他一切の目的には使用しないことに同意するものとします。 お客様は、当社の「機密情報」の不正使用、開示、公開、または配布を防止するための合理的な注意を払うものとします。 お客様は、「機密情報」をお客様の従業員および請負業者以外の第三者に開示、公開、または配布しないこと、また開示、公開、配布の範囲において次の条件を満たすことを約束するものとします。(i)「目的」のために「機密情報」を知る必要があること、(ii)「機密情報」の機密的性格を認識させ、(iii)従業員および請負業者の行為および怠慢に対して責任を負い、(iv)当社がかかる開示を禁止または制限していないこと。 - あなたは、当社の「機密情報」を許可なく開示または使用した場合、当社に回復不能の損害を及ぼし、定量化が困難な重大な傷害を引き起こす可能性があることを理解するものとします。 したがって、あなたが本「利用規約」に確実に従うようにするため、当社が有するその他の権利および救済に加えて、即時の差止め命令による救済を求める権利を有することに同意するものとします。 法律、規制または有効な拘束力のある管轄裁判所の命令により、当社の「機密情報」を開示することを要求された場合は、開示を行う前に当社に通知し、かかる開示を可能な限り制限するように努め、かかる情報の機密的、保護的措置を求めた後にのみ、かかる開示を行うことができます。 + お客様は、当社の「機密情報」を許可なく開示または使用した場合、当社に回復不能の損害を及ぼし、定量化が困難な重大な傷害を引き起こす可能性があることを理解するものとします。 したがって、お客様が本「契約」に確実に従うようにするため、当社が有するその他の権利および救済に加えて、即時の差止め命令による救済を求める権利を有することに同意するものとします。 法律、規制または有効な拘束力のある管轄裁判所の命令により、当社の「機密情報」を開示することを要求された場合は、開示を行う前に当社に通知し、かかる開示を可能な限り制限するように努め、かかる情報の機密的、保護的措置を求めた後にのみ、かかる開示を行うことができます。 本セクション6の義務は、次の事項をあなたが証明できる情報には適用されません。(i) あなたに開示する前に公知であった情報、(ii) あなた、またあなたの従業員や請負業者の行動や怠慢によらずして、あなたに開示した後に公知になったもの、(iii) 当社があなたに開示する前にあなたが知っていたもの、(iv) 開示された情報について、機密保持の義務を負わない第三者からあなたに開示されたもの、(v) 当社やいかなる第三者の機密保持義務にも違反せず、あなたが独自で開発したもの、(vi) 当社の権限のある担当者により、あなたに書面で開示の許可を与えたもの。 @@ -107,7 +108,7 @@ GitHubは、多くの開発者に当社のプラットフォームをご愛用 本「契約」の両当事者は独立契約者です。 いずれの当事者も、相手方当事者の使用者、従業員、代理人、パートナー、フランチャイザー、フランチャイジー、または法定代理人とは見なされず、また相手方当事者を代表して義務または責任を発生させるいかなる権利、権力、権限も有しません。 -18. **. 譲渡** +18. **譲渡** お客様は、本「契約」またはそれに基づく権利を、その一部であれ全体であれ、法律の運用その他の方法により、書面による事前の同意なしに譲渡または移転してはならないものとします。 diff --git a/translations/ja-JP/content/github/site-policy/github-research-program-terms.md b/translations/ja-JP/content/site-policy/github-terms/github-research-program-terms.md similarity index 87% rename from translations/ja-JP/content/github/site-policy/github-research-program-terms.md rename to translations/ja-JP/content/site-policy/github-terms/github-research-program-terms.md index 66eb73e7dc..15380ecff7 100644 --- a/translations/ja-JP/content/github/site-policy/github-research-program-terms.md +++ b/translations/ja-JP/content/site-policy/github-terms/github-research-program-terms.md @@ -2,6 +2,7 @@ title: GitHub Research Program利用規約 redirect_from: - /articles/github-research-program-terms + - /github/site-policy/github-research-program-terms versions: fpt: '*' topics: @@ -23,9 +24,9 @@ GitHubは、本「Program」を通じて当社がフィードバックを得る あなたは、当社がお客様に提供する非公開情報や、「Program」参加者として入手できる非公開情報が、そのように表示されているか特定されているかにかかわらず、GitHubの機密情報 (「機密情報」と総称) と見なされることに同意するものとします。 あなたは、かかる「機密情報」を上記の「目的」にのみ使用し、その他一切の目的には使用しないことに同意するものとします。 お客様は、かかる「機密情報」について、あなたの機密情報と同じ程度の注意を払う必要がありますが、この注意が当社の「機密情報」の不正使用、開示、公開、または配布を防止するための合理的な予防策に劣るものであってはなりません。 あなたは、「機密情報」を第三者に開示、公開、または配布しないことを約束します。 -あなたは、当社の「機密情報」を許可なく開示または使用した場合、当社に回復不能の損害を及ぼし、定量化が困難な重大な傷害を引き起こす可能性があることを理解するものとします。 したがって、あなたが本「利用規約」に確実に従うようにするため、当社が有するその他の権利および救済に加えて、即時の差止め命令による救済を求める権利を有することに同意するものとします。 法律、規制または有効な拘束力のある管轄裁判所の命令により、当社の「機密情報」を開示することを要求された場合は、開示を行う前に当社に通知し、かかる開示を可能な限り制限するように努め、かかる情報の機密的、保護的措置を求めた後にのみ、かかる開示を行うことができます。 +お客様は、当社の「機密情報」を許可なく開示または使用した場合、当社に回復不能の損害を及ぼし、定量化が困難な重大な傷害を引き起こす可能性があることを理解するものとします。 したがって、お客様が本「契約」に確実に従うようにするため、当社が有するその他の権利および救済に加えて、即時の差止め命令による救済を求める権利を有することに同意するものとします。 法律、規制または有効な拘束力のある管轄裁判所の命令により、当社の「機密情報」を開示することを要求された場合は、開示を行う前に当社に通知し、かかる開示を可能な限り制限するように努め、かかる情報の機密的、保護的措置を求めた後にのみ、かかる開示を行うことができます。 -本セクション2の義務は、次の事項をお客様が証明できる情報には適用されません。(i) お客様に開示する前に公知であった情報、(ii) お客様、またお客様の従業員や請負業者の行動や怠慢によらずして、お客様に開示した後に公知になったもの、(iii) 当社があなたに開示する前にお客様が知っていたもの、(iv) 開示された情報について、機密保持の義務を負わない第三者からお客様に開示されたもの、(v) 当社やいかなる第三者の機密保持義務にも違反せず、お客様が独自で開発したもの、(vi) 当社の権限のある担当者により、お客様に書面で開示の許可を与えたもの。 +本セクション2の義務は、次の事項をあなたが証明できる情報には適用されません。(i) あなたに開示する前に公知であった情報、(ii) あなた、またあなたの従業員や請負業者の行動や怠慢によらずして、あなたに開示した後に公知になったもの、(iii) 当社があなたに開示する前にあなたが知っていたもの、(iv) 開示された情報について、機密保持の義務を負わない第三者からあなたに開示されたもの、(v) 当社やいかなる第三者の機密保持義務にも違反せず、あなたが独自で開発したもの、(vi) 当社の権限のある担当者により、あなたに書面で開示の許可を与えたもの。 ## C. 権利の留保 diff --git a/translations/ja-JP/content/github/site-policy/github-sponsors-additional-terms.md b/translations/ja-JP/content/site-policy/github-terms/github-sponsors-additional-terms.md similarity index 99% rename from translations/ja-JP/content/github/site-policy/github-sponsors-additional-terms.md rename to translations/ja-JP/content/site-policy/github-terms/github-sponsors-additional-terms.md index 0116f020fb..f0a8be3003 100644 --- a/translations/ja-JP/content/github/site-policy/github-sponsors-additional-terms.md +++ b/translations/ja-JP/content/site-policy/github-terms/github-sponsors-additional-terms.md @@ -2,6 +2,7 @@ title: GitHub Sponsors に関する追加条項 redirect_from: - /articles/github-sponsors-additional-terms + - /github/site-policy/github-sponsors-additional-terms versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/github/site-policy/github-terms-for-additional-products-and-features.md b/translations/ja-JP/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md similarity index 99% rename from translations/ja-JP/content/github/site-policy/github-terms-for-additional-products-and-features.md rename to translations/ja-JP/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md index 0d2c329722..d5d8dc3cb4 100644 --- a/translations/ja-JP/content/github/site-policy/github-terms-for-additional-products-and-features.md +++ b/translations/ja-JP/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md @@ -2,6 +2,7 @@ title: GitHub 追加製品および機能の利用規約 redirect_from: - /github/site-policy/github-additional-product-terms + - /github/site-policy/github-terms-for-additional-products-and-features versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/github/site-policy/github-terms-of-service.md b/translations/ja-JP/content/site-policy/github-terms/github-terms-of-service.md similarity index 96% rename from translations/ja-JP/content/github/site-policy/github-terms-of-service.md rename to translations/ja-JP/content/site-policy/github-terms/github-terms-of-service.md index 630aac5377..46b0918554 100644 --- a/translations/ja-JP/content/github/site-policy/github-terms-of-service.md +++ b/translations/ja-JP/content/site-policy/github-terms/github-terms-of-service.md @@ -6,6 +6,7 @@ redirect_from: - /terms-of-service - /github-terms-of-service-draft - /articles/github-terms-of-service + - /github/site-policy/github-terms-of-service versions: fpt: '*' topics: @@ -72,13 +73,13 @@ GitHub の「サービス」の「ユーザアカウント」には、いくつ - 1 人の個人または 1 つの法人が複数の無料「アカウント」を保持することはできません (コンピュータアカウントも制御することを選択した場合、それは問題ありませんが、それはコンピュータの実行にのみ使用できます)。 - 年齢が13歳以上である必要があります。 当社は若く優秀なプログラマーがプログラミングを熱心に習得することを歓迎していますが、その一方で当社は米国の法律に従う必要があります。 GitHub の「サービス」は 13 歳未満の未成年を対象としておらず、当社は 13 歳未満の「ユーザ」が「サービス」を利用することを許可していません。 当社は「ユーザ」が 13 歳未満であることを知った場合、[その「ユーザ」の「アカウント」を直ちに解約](#l-cancellation-and-termination)します。 あなたが米国外の居住者である場合には、その国に適用される最低年齢が 13 歳以上である場合があります。そのような場合には、あなたはその国の法律に従う責任を負います。 - ログインを使用できるのは 1 人だけです。つまり、1 つのログインを複数の人で共有することはできません。 有料の「Organization」は、サブスクリプションが許可する数の「ユーザアカウント」に対してのみアクセスを提供できます。 -- 米国またはその他の適用法域の輸出管理法または制裁法に違反して GitHub を使用することはできません。 あなたが[ 特定国籍 (SDN)](https://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx) 者もしくは米国政府機関によって管理されている同様の制限の対象者またはその代理で作業している場合は、GitHub を使用することはできません。 GitHub は、特定の認可された国または地域の人々が、米国政府の許可に従って特定の GitHub サービスにアクセスすることを許可する場合があります。 詳しくは「[輸出規制方針](/articles/github-and-export-controls)」をご覧ください。 +- 米国またはその他の適用法域の輸出管理法または制裁法に違反して GitHub を使用することはできません。 あなたが[ 特定国籍 (SDN)](https://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx) 者もしくは米国政府機関によって管理されている同様の制限の対象者またはその代理で作業している場合は、GitHub を使用することはできません。 GitHub は、特定の認可された国または地域の人々が、米国政府の許可に従って特定の GitHub サービスにアクセスすることを許可する場合があります。 For more information, please see our [Export Controls policy](/articles/github-and-export-controls). ### 4. ユーザアカウントのセキュリティ お客様には、当社の「サービス」を利用している間、「アカウント」を安全に保つ責任があります。 当社は「アカウント」のセキュリティを維持するのに役立つ 2 要素認証などのツールを提供していますが、「アカウント」のコンテンツとそのセキュリティはお客様の手に委ねられています。 - お客様は、自身の「アカウント」下で投稿されたすべてのコンテンツおよび自身の「アカウント」下で発生するすべてのアクティビティについて責任を負います (コンテンツがお客様の「アカウント」下に「アカウント」を持つ他者によって投稿された場合も同様です)。 - お客様には、自身の「アカウント」とパスワードのセキュリティを維持する責任があります。 GitHub は、このセキュリティ義務を順守しなかったことによる損失または損害について責任を負いません。 -- You will promptly [notify GitHub](https://support.github.com/contact?tags=docs-policy) if you become aware of any unauthorized use of, or access to, our Service through your Account, including any unauthorized use of your password or Account. +- お客様が「アカウント」を介した当社の「サービス」の不正な使用またはアクセスに気付いた場合は (お客様のパスワードまたは 「アカウント」の不正使用を含む)、速かに [GitHub に通知](https://support.github.com/contact?tags=docs-policy)してください。 ### 5. 追加条項 場合によっては、あなたによる GitHub の利用について、第三者による規約が適用されることがあります。 たとえば、お客様が独自の規約またはライセンス契約を持つ GitHub の Organization の成員である場合、お客様は GitHub に統合するアプリケーションをダウンロードすることができる場合や、他のサービスに認証するために GitHub を利用できる場合があります。 当社とお客様の間の完全な合意は本「規約」ですが、他の当事者とお客様との関係にはかかる当事者の規約が適用されることに注意してください。 @@ -162,7 +163,7 @@ GitHub および当社のライセンサー、ベンダー、エージェント GitHub の商標を使用する場合は、ロゴのページ (https://github.com/logos) にあるものを含め、商標に関するすべてのガイドラインに従う必要があります。 ### 3. GitHub ライセンスポリシー -本「契約」は、この [Creative Commons Zero license](https://creativecommons.org/publicdomain/zero/1.0/) の元でライセンス付与されています。 詳細は、[サイトポリシーリポジトリ](https://github.com/github/site-policy#license)を参照してください。 +本「契約」は、この [Creative Commons Zero license](https://creativecommons.org/publicdomain/zero/1.0/) の元でライセンス付与されています。 詳細は、[site-policyリポジトリ](https://github.com/github/site-policy#license)を参照してください。 ## H. API 規約 **趣旨の要約:** *GitHub にアクセスするサードパーティ製品を介したAPIの使用を含む、GitHub の API (アプリケーションプロバイダーインターフェイス) のいずれかを使用する場合、本「利用規約」に加えて本セクションHに同意するものとします。 * @@ -218,13 +219,13 @@ GitHub は、高スループットアクセスまたは GitHub の「サービ **使用量に基づく支払い:** 「サービス」の一部の機能は、使用量に基づいて請求されます。 かかる「サービス」機能は、限られた使用量および期間であれば、追加料金なしでご利用のプランで使用できる場合があります。 ご利用のプランに含まれる数量を超えて有料の「サービス」機能を購入することを選択した場合、お客様は前月の実際の使用量に基づいてかかる「サービス」機能の料金を支払います。 かかる購入に対する毎月の支払いは、後払いで定期的に請求されます。 詳しくは、[GitHub 追加製品の利用規約](/github/site-policy/github-additional-product-terms)を参照してください。 -**請求:** 請求書払いの「ユーザ」の場合、「ユーザ」は、いかなる種類の控除も相殺もなく料金の全額を米ドルの前払いで支払うことに同意するものとします。 。 「ユーザ」は、GitHub による請求日から 30 日以内に料金を支払う必要があります。 本「契約」に基づいて支払われる金額は、本「契約」に別段の定めがある場合を除き、返金できません。 「ユーザ」が定められた期限に料金を支払わなかった場合、普通法または衡平法に基づく法的措置を取ることに加え、GitHub は次の権利を留保します。(i) 過去の未払い金に対して毎月 1.0% か、法律により許容される最高額の金利のうち、いずれか低い額の金利を課し、かつ回収に要するあらゆる費用を課すこと、および (ii) 該当する注文書を解約すること。 本「契約」に関して課されたか、負うようになったあらゆる税金、料金、関税、および政府による査定 (GitHub の純利益に基づく税金を除く) について、お客様は全責任を負います。 +**請求:** 請求書払いの「ユーザ」の場合、「ユーザ」は、いかなる種類の控除も相殺もなく料金の全額を米ドルの前払いで支払うことに同意するものとします。 設定しなければなりません。 「ユーザ」は、GitHub による請求日から 30 日以内に料金を支払う必要があります。 本「契約」に基づいて支払われる金額は、本「契約」に別段の定めがある場合を除き、返金できません。 「ユーザ」が定められた期限に料金を支払わなかった場合、普通法または衡平法に基づく法的措置を取ることに加え、GitHub は次の権利を留保します。(i) 過去の未払い金に対して毎月 1.0% か、法律により許容される最高額の金利のうち、いずれか低い額の金利を課し、かつ回収に要するあらゆる費用を課すこと、および (ii) 該当する注文書を解約すること。 本「契約」に関して課されたか、負うようになったあらゆる税金、料金、関税、および政府による査定 (GitHub の純利益に基づく税金を除く) について、お客様は全責任を負います。 ### 4. 認可 本「規約」に同意することにより、お客様は GitHub に対して承認した料金について、登録されたクレジットカード、PayPal アカウント、またはその他の承認された支払い方法に請求する許可を当社に与えるものとします。 ### 5. 支払いの責任 -税金を含む「サービス」の利用に関連するすべての料金は、お客様の責任となります。 「サービス」を利用することにより、お客様は「サービス」の利用に関連して発生した料金を GitHub に支払うことに同意するものとします。 If you dispute the matter, contact [GitHub Support](https://support.github.com/contact?tags=docs-policy). お客様は、有料「アカウント」の有効な支払い方法を当社に提供する責任を負います。 無料アカウントの場合は支払い情報を提供する必要はありません。 +税金を含む「サービス」の利用に関連するすべての料金は、お客様の責任となります。 「サービス」を利用することにより、お客様は「サービス」の利用に関連して発生した料金を GitHub に支払うことに同意するものとします。 本件に異議がある場合は、[GitHub サポート](https://support.github.com/contact?tags=docs-policy)にお問い合わせください。 お客様は、有料「アカウント」の有効な支払い方法を当社に提供する責任を負います。 無料アカウントの場合は支払い情報を提供する必要はありません。 ## L. キャンセルと解約 **趣旨の要約:** *お客様はいつでも「アカウント」を閉鎖できます。 その場合、当社は責任を持ってお客様の情報を取り扱います。* diff --git a/translations/ja-JP/content/site-policy/github-terms/index.md b/translations/ja-JP/content/site-policy/github-terms/index.md new file mode 100644 index 0000000000..1068d5e6d5 --- /dev/null +++ b/translations/ja-JP/content/site-policy/github-terms/index.md @@ -0,0 +1,23 @@ +--- +title: GitHub Terms +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-corporate-terms-of-service + - /github-community-forum-code-of-conduct + - /github-community-guidelines + - /github-terms-of-service + - /github-sponsors-additional-terms + - /github-terms-for-additional-products-and-features + - /github-registered-developer-agreement + - /github-marketplace-terms-of-service + - /github-marketplace-developer-agreement + - /github-research-program-terms + - /github-open-source-applications-terms-and-conditions + - /github-event-terms + - /github-event-code-of-conduct +--- + diff --git a/translations/ja-JP/content/site-policy/index.md b/translations/ja-JP/content/site-policy/index.md new file mode 100644 index 0000000000..0a90807ec4 --- /dev/null +++ b/translations/ja-JP/content/site-policy/index.md @@ -0,0 +1,21 @@ +--- +title: サイトポリシー +redirect_from: + - /categories/61/articles + - /categories/site-policy + - /github/site-policy +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-terms + - /acceptable-use-policies + - /privacy-policies + - /other-site-policies + - /content-removal-policies + - /security-policies + - /github-company-policies +--- + diff --git a/translations/ja-JP/content/github/site-policy/github-and-trade-controls.md b/translations/ja-JP/content/site-policy/other-site-policies/github-and-trade-controls.md similarity index 99% rename from translations/ja-JP/content/github/site-policy/github-and-trade-controls.md rename to translations/ja-JP/content/site-policy/other-site-policies/github-and-trade-controls.md index 25faae2681..3bc0462174 100644 --- a/translations/ja-JP/content/github/site-policy/github-and-trade-controls.md +++ b/translations/ja-JP/content/site-policy/other-site-policies/github-and-trade-controls.md @@ -5,6 +5,8 @@ redirect_from: - /articles/github-and-trade-control - /articles/github-and-trade-controls - /github/site-policy/github-and-export-controls + - /github/site-policy/github-and-trade-controls + - /github/site-policy/github-terms-and-other-site-policies/github-and-trade-controls versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/github/site-policy/github-deceased-user-policy.md b/translations/ja-JP/content/site-policy/other-site-policies/github-deceased-user-policy.md similarity index 93% rename from translations/ja-JP/content/github/site-policy/github-deceased-user-policy.md rename to translations/ja-JP/content/site-policy/other-site-policies/github-deceased-user-policy.md index ba9b791b10..7fc45ef8dd 100644 --- a/translations/ja-JP/content/github/site-policy/github-deceased-user-policy.md +++ b/translations/ja-JP/content/site-policy/other-site-policies/github-deceased-user-policy.md @@ -5,6 +5,9 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/github-deceased-user-policy + - /github/site-policy/github-terms-and-other-site-policies/github-deceased-user-policy --- 万が一、GitHubのユーザがお亡くなりになった場合は、アカウントのコンテンツに関する取り扱いを決定するため、権限を与えられた個人と協力できます。 diff --git a/translations/ja-JP/content/github/site-policy/github-government-takedown-policy.md b/translations/ja-JP/content/site-policy/other-site-policies/github-government-takedown-policy.md similarity index 95% rename from translations/ja-JP/content/github/site-policy/github-government-takedown-policy.md rename to translations/ja-JP/content/site-policy/other-site-policies/github-government-takedown-policy.md index ed047388f1..1c5de35243 100644 --- a/translations/ja-JP/content/github/site-policy/github-government-takedown-policy.md +++ b/translations/ja-JP/content/site-policy/other-site-policies/github-government-takedown-policy.md @@ -5,6 +5,9 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/github-government-takedown-policy + - /github/site-policy/github-terms-and-other-site-policies/github-government-takedown-policy --- ## この項目についての説明 diff --git a/translations/ja-JP/content/github/site-policy/github-logo-policy.md b/translations/ja-JP/content/site-policy/other-site-policies/github-logo-policy.md similarity index 91% rename from translations/ja-JP/content/github/site-policy/github-logo-policy.md rename to translations/ja-JP/content/site-policy/other-site-policies/github-logo-policy.md index 5f0927b9d5..ec236070d6 100644 --- a/translations/ja-JP/content/github/site-policy/github-logo-policy.md +++ b/translations/ja-JP/content/site-policy/other-site-policies/github-logo-policy.md @@ -4,6 +4,8 @@ redirect_from: - /articles/i-m-developing-a-third-party-github-app-what-do-i-need-to-know - /articles/using-an-octocat-to-link-to-github-or-your-github-profile - /articles/github-logo-policy + - /github/site-policy/github-logo-policy + - /github/site-policy/github-terms-and-other-site-policies/github-logo-policy versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/github/site-policy/github-username-policy.md b/translations/ja-JP/content/site-policy/other-site-policies/github-username-policy.md similarity index 93% rename from translations/ja-JP/content/github/site-policy/github-username-policy.md rename to translations/ja-JP/content/site-policy/other-site-policies/github-username-policy.md index 7780a9c6b8..c3218ce749 100644 --- a/translations/ja-JP/content/github/site-policy/github-username-policy.md +++ b/translations/ja-JP/content/site-policy/other-site-policies/github-username-policy.md @@ -3,6 +3,8 @@ title: GitHub ユーザ名ポリシー redirect_from: - /articles/name-squatting-policy - /articles/github-username-policy + - /github/site-policy/github-username-policy + - /github/site-policy/github-terms-and-other-site-policies/github-username-policy versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md b/translations/ja-JP/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md similarity index 99% rename from translations/ja-JP/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md rename to translations/ja-JP/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md index 4575b897ba..132c3b9e01 100644 --- a/translations/ja-JP/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md +++ b/translations/ja-JP/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md @@ -3,6 +3,8 @@ title: ユーザデータの法的リクエストに関するガイドライン redirect_from: - /law-enforcement-guidelines - /articles/guidelines-for-legal-requests-of-user-data + - /github/site-policy/guidelines-for-legal-requests-of-user-data + - /github/site-policy/github-terms-and-other-site-policies/guidelines-for-legal-requests-of-user-data versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/site-policy/other-site-policies/index.md b/translations/ja-JP/content/site-policy/other-site-policies/index.md new file mode 100644 index 0000000000..4080978c23 --- /dev/null +++ b/translations/ja-JP/content/site-policy/other-site-policies/index.md @@ -0,0 +1,16 @@ +--- +title: Other Site Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-and-trade-controls + - /github-deceased-user-policy + - /github-logo-policy + - /github-government-takedown-policy + - /github-username-policy + - /guidelines-for-legal-requests-of-user-data +--- + diff --git a/translations/ja-JP/content/github/site-policy/github-candidate-privacy-policy.md b/translations/ja-JP/content/site-policy/privacy-policies/github-candidate-privacy-policy.md similarity index 99% rename from translations/ja-JP/content/github/site-policy/github-candidate-privacy-policy.md rename to translations/ja-JP/content/site-policy/privacy-policies/github-candidate-privacy-policy.md index 59b0e183bc..5d9ae4f069 100644 --- a/translations/ja-JP/content/github/site-policy/github-candidate-privacy-policy.md +++ b/translations/ja-JP/content/site-policy/privacy-policies/github-candidate-privacy-policy.md @@ -5,6 +5,8 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/github-candidate-privacy-policy --- 発効日: 2021年3月8日 diff --git a/translations/ja-JP/content/github/site-policy/github-codespaces-privacy-statement.md b/translations/ja-JP/content/site-policy/privacy-policies/github-codespaces-privacy-statement.md similarity index 94% rename from translations/ja-JP/content/github/site-policy/github-codespaces-privacy-statement.md rename to translations/ja-JP/content/site-policy/privacy-policies/github-codespaces-privacy-statement.md index 580ec9f90b..5c84b46a70 100644 --- a/translations/ja-JP/content/github/site-policy/github-codespaces-privacy-statement.md +++ b/translations/ja-JP/content/site-policy/privacy-policies/github-codespaces-privacy-statement.md @@ -2,6 +2,7 @@ title: GitHub Codespaces Privacy Statement redirect_from: - /github/site-policy/github-codespaces-privacy-policy + - /github/site-policy/github-codespaces-privacy-statement versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/github/site-policy/github-data-protection-agreement.md b/translations/ja-JP/content/site-policy/privacy-policies/github-data-protection-agreement.md similarity index 99% rename from translations/ja-JP/content/github/site-policy/github-data-protection-agreement.md rename to translations/ja-JP/content/site-policy/privacy-policies/github-data-protection-agreement.md index 25693ba8b1..6bb63fbd78 100644 --- a/translations/ja-JP/content/github/site-policy/github-data-protection-agreement.md +++ b/translations/ja-JP/content/site-policy/privacy-policies/github-data-protection-agreement.md @@ -4,6 +4,7 @@ redirect_from: - /github/site-policy/github-data-protection-addendum - /github/site-policy-deprecated/github-data-protection-addendum - /github/site-policy/github-data-protection-agreement-non-enterprise-customers + - /github/site-policy/github-data-protection-agreement versions: fpt: '*' --- diff --git a/translations/ja-JP/content/github/site-policy/github-privacy-statement.md b/translations/ja-JP/content/site-policy/privacy-policies/github-privacy-statement.md similarity index 99% rename from translations/ja-JP/content/github/site-policy/github-privacy-statement.md rename to translations/ja-JP/content/site-policy/privacy-policies/github-privacy-statement.md index a06c0b474d..ca0d69a4ae 100644 --- a/translations/ja-JP/content/github/site-policy/github-privacy-statement.md +++ b/translations/ja-JP/content/site-policy/privacy-policies/github-privacy-statement.md @@ -7,6 +7,7 @@ redirect_from: - /github-privacy-policy - /articles/github-privacy-policy - /articles/github-privacy-statement + - /github/site-policy/github-privacy-statement versions: fpt: '*' topics: @@ -187,7 +188,7 @@ GitHubサービスおよび機能の多くは公開向けです。 お客様の GitHubデータをコンパイルしたい場合、お客様は、[情報利用](/github/site-policy/github-acceptable-use-policies#6-information-usage-restrictions)および[プライバシー](/github/site-policy/github-acceptable-use-policies#7-privacy)に関する当社の利用規約を遵守しなければなりません。またお客様は、収集した公開向けユーザ個人情報を、当社のユーザが許可した目的に限り利用できるものとします。 たとえば、GitHubユーザが自らの身分と所属を明らかにする目的でメールアドレスを公開している場合、そのメールアドレスをユーザへの未承諾メール送信や、採用担当者、ヘッドハンター、および求人掲示板への販売、または商業広告などの目的で使用してはなりません。 当社は、お客様が、GitHubから収集したあらゆるユーザ個人情報を合理的に保護すること、ならびに、 GitHubまたは他のユーザからの苦情、削除要請および連絡拒否のリクエストに速やかに対応することを要求します。 -これに類して、GitHub上のプロジェクトは、コラボレーティブ処理の一部として収集した公開されている利用可能なユーザ個人情報を含むことがあります。 GitHub上のユーザ個人情報について苦情がある場合、[苦情の解決](/github/site-policy/github-privacy-statement#resolving-complaints)を参照してください。 +これに類して、GitHub上のプロジェクトは、コラボレーティブ処理の一部として収集した公開されている利用可能なユーザ個人情報を含むことがあります。 If you have a complaint about any User Personal Information on GitHub, please see our section on [resolving complaints](/github/site-policy/github-privacy-statement#resolving-complaints). ### Organization @@ -325,7 +326,7 @@ GitHubは米国内外の個人情報を処理しており、欧州経済領域 ## ライセンス -本プライバシーステートメントは、この[Creative Commons Zero license](https://creativecommons.org/publicdomain/zero/1.0/)の元でライセンス付与されています。 詳細は、[サイトポリシーリポジトリ](https://github.com/github/site-policy#license)を参照してください。 +本プライバシーステートメントは、この[Creative Commons Zero license](https://creativecommons.org/publicdomain/zero/1.0/)の元でライセンス付与されています。 詳細は、[site-policyリポジトリ](https://github.com/github/site-policy#license)を参照してください。 ## GitHubへの連絡 GitHubプライバシーステートメントまたは情報処理についてのご質問は、[プライバシー連絡フォーム](https://support.github.com/contact/privacy)をご利用ください。 @@ -335,7 +336,7 @@ GitHubプライバシーステートメントまたは情報処理について 下記は、本ドキュメントの他言語への翻訳です。 これらのバージョンと英語バージョンとの間に何らかの矛盾、曖昧さ、または、明らかな非一貫性がある場合、英語バージョンを優先的なバージョンとします。 ### フランス語 -Cliquez ici pour obtenir la version française: [Déclaration de confidentialité de GitHub](/assets/images/help/site-policy/github-privacy-statement(12.20.19)(FR).pdf) +Cliquez ici pour obtenir la version française: [Déclaration de confidentialité de GitHub](/assets/images/help/site-policy/github-privacy-statement(07.22.20)(FR).pdf) ### その他の翻訳 diff --git a/translations/ja-JP/content/github/site-policy/github-subprocessors-and-cookies.md b/translations/ja-JP/content/site-policy/privacy-policies/github-subprocessors-and-cookies.md similarity index 99% rename from translations/ja-JP/content/github/site-policy/github-subprocessors-and-cookies.md rename to translations/ja-JP/content/site-policy/privacy-policies/github-subprocessors-and-cookies.md index c7d1405b80..9f5920096d 100644 --- a/translations/ja-JP/content/github/site-policy/github-subprocessors-and-cookies.md +++ b/translations/ja-JP/content/site-policy/privacy-policies/github-subprocessors-and-cookies.md @@ -6,6 +6,7 @@ redirect_from: - /github-tracking - /github-cookies - /articles/github-subprocessors-and-cookies + - /github/site-policy/github-subprocessors-and-cookies versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/github/site-policy/githubs-notice-about-the-california-consumer-privacy-act.md b/translations/ja-JP/content/site-policy/privacy-policies/githubs-notice-about-the-california-consumer-privacy-act.md similarity index 98% rename from translations/ja-JP/content/github/site-policy/githubs-notice-about-the-california-consumer-privacy-act.md rename to translations/ja-JP/content/site-policy/privacy-policies/githubs-notice-about-the-california-consumer-privacy-act.md index 541a4a0ee1..6559fcd612 100644 --- a/translations/ja-JP/content/github/site-policy/githubs-notice-about-the-california-consumer-privacy-act.md +++ b/translations/ja-JP/content/site-policy/privacy-policies/githubs-notice-about-the-california-consumer-privacy-act.md @@ -1,10 +1,12 @@ --- -title: カリフォルニア州消費者プライバシー法に関するGitHubからの通知 +title: カリフォルニア州消費者プライバシー法に関するGitHubの通知 versions: fpt: '*' topics: - Policy - Legal +redirect_from: + - /github/site-policy/githubs-notice-about-the-california-consumer-privacy-act --- 発行日: 2020年1月1日 @@ -21,7 +23,7 @@ GitHubは、16歳未満の方を含め、一切の個人情報を販売_いた ## CCPAに基づくあなたの権利 -CCPAは、カリフォルニア州住民に、個人情報に関する特定の権利を付与します。 To submit a request based on these rights, please contact us via our [contact form](https://support.github.com/contact?tags=docs-policy). +CCPAは、カリフォルニア州住民に、個人情報に関する特定の権利を付与します。 この権利に基づく請求を提出するには、[連絡フォーム](https://support.github.com/contact?tags=docs-policy)からご連絡ください。 請求を受領した際、当社はリクエストを行った方が、個人情報の請求対象に関係する住民であるかどうかを検証します。 カリフォルニア州住民は、個人情報の処理に関する特定の情報を開示したり、個人情報を削除したりするため、自ら権利を行使するか、委任代理人を使用して権利行使の請求を行うことができます。 委任代理人を使用して請求を行う場合、当社は代理人があなたに代わって行動していることを証明する追加情報を求めることがあります。 diff --git a/translations/ja-JP/content/github/site-policy/global-privacy-practices.md b/translations/ja-JP/content/site-policy/privacy-policies/global-privacy-practices.md similarity index 99% rename from translations/ja-JP/content/github/site-policy/global-privacy-practices.md rename to translations/ja-JP/content/site-policy/privacy-policies/global-privacy-practices.md index d3b08dfe5c..ccdfa46356 100644 --- a/translations/ja-JP/content/github/site-policy/global-privacy-practices.md +++ b/translations/ja-JP/content/site-policy/privacy-policies/global-privacy-practices.md @@ -3,6 +3,7 @@ title: プライバシーのグローバルプラクティス redirect_from: - /eu-safe-harbor - /articles/global-privacy-practices + - /github/site-policy/global-privacy-practices versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/site-policy/privacy-policies/index.md b/translations/ja-JP/content/site-policy/privacy-policies/index.md new file mode 100644 index 0000000000..7acb263d6d --- /dev/null +++ b/translations/ja-JP/content/site-policy/privacy-policies/index.md @@ -0,0 +1,17 @@ +--- +title: Privacy Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-codespaces-privacy-statement + - /global-privacy-practices + - /github-data-protection-agreement + - /github-privacy-statement + - /github-subprocessors-and-cookies + - /githubs-notice-about-the-california-consumer-privacy-act + - /github-candidate-privacy-policy +--- + diff --git a/translations/ja-JP/content/github/site-policy/coordinated-disclosure-of-security-vulnerabilities.md b/translations/ja-JP/content/site-policy/security-policies/coordinated-disclosure-of-security-vulnerabilities.md similarity index 89% rename from translations/ja-JP/content/github/site-policy/coordinated-disclosure-of-security-vulnerabilities.md rename to translations/ja-JP/content/site-policy/security-policies/coordinated-disclosure-of-security-vulnerabilities.md index 30164e3a8c..d18d83fdb6 100644 --- a/translations/ja-JP/content/github/site-policy/coordinated-disclosure-of-security-vulnerabilities.md +++ b/translations/ja-JP/content/site-policy/security-policies/coordinated-disclosure-of-security-vulnerabilities.md @@ -4,7 +4,8 @@ redirect_from: - /responsible-disclosure - /coordinated-disclosure - /articles/responsible-disclosure-of-security-vulnerabilities - - /site-policy/responsible-disclosure-of-security-vulnerabilities + - /github/site-policy/responsible-disclosure-of-security-vulnerabilities + - /github/site-policy/coordinated-disclosure-of-security-vulnerabilities versions: fpt: '*' topics: diff --git a/translations/ja-JP/content/github/site-policy/github-bug-bounty-program-legal-safe-harbor.md b/translations/ja-JP/content/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor.md similarity index 100% rename from translations/ja-JP/content/github/site-policy/github-bug-bounty-program-legal-safe-harbor.md rename to translations/ja-JP/content/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor.md diff --git a/translations/ja-JP/content/site-policy/security-policies/index.md b/translations/ja-JP/content/site-policy/security-policies/index.md new file mode 100644 index 0000000000..35aab7da83 --- /dev/null +++ b/translations/ja-JP/content/site-policy/security-policies/index.md @@ -0,0 +1,12 @@ +--- +title: Security Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /coordinated-disclosure-of-security-vulnerabilities + - /github-bug-bounty-program-legal-safe-harbor +--- + diff --git a/translations/ja-JP/data/features/actions-cache-management.yml b/translations/ja-JP/data/features/actions-cache-management.yml new file mode 100644 index 0000000000..9d28e9b9db --- /dev/null +++ b/translations/ja-JP/data/features/actions-cache-management.yml @@ -0,0 +1,8 @@ +--- +#Reference: #6154 +#Documentation for Actions cache management APIs (initial ship) +versions: + fpt: '*' + ghec: '*' + ghes: '> 3.4' + ghae: 'issue-6154' diff --git a/translations/ja-JP/data/features/device-flow-is-opt-in.yml b/translations/ja-JP/data/features/device-flow-is-opt-in.yml new file mode 100644 index 0000000000..1b66880f95 --- /dev/null +++ b/translations/ja-JP/data/features/device-flow-is-opt-in.yml @@ -0,0 +1,6 @@ +--- +#docs-content 6307. OAuth device auth flow is opt in. +versions: + fpt: '*' + ghec: '*' + ghae: 'issue-6307' diff --git a/translations/ja-JP/data/features/mermaid.yml b/translations/ja-JP/data/features/mermaid.yml index 09870e35f9..db633f907d 100644 --- a/translations/ja-JP/data/features/mermaid.yml +++ b/translations/ja-JP/data/features/mermaid.yml @@ -1,8 +1,8 @@ --- -#Issue 5812 and 6172 -#Mermaid syntax support +#Issues 5812 and 6172, also 6411 +#Mermaid syntax support, also ASCII STL and geoJSON/topoJSON syntax support versions: fpt: '*' ghec: '*' - ghes: '>=3.5' + ghes: '>=3.6' ghae: 'issue-6172' diff --git a/translations/ja-JP/data/features/re-run-jobs.yml b/translations/ja-JP/data/features/re-run-jobs.yml new file mode 100644 index 0000000000..8090de2387 --- /dev/null +++ b/translations/ja-JP/data/features/re-run-jobs.yml @@ -0,0 +1,8 @@ +--- +#Issue 4722 +#Re-running failed jobs in an Actions workflow +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.5' + ghae: 'issue-4722' diff --git a/translations/ja-JP/data/learning-tracks/admin.yml b/translations/ja-JP/data/learning-tracks/admin.yml index 3c957cda2d..6ef7226986 100644 --- a/translations/ja-JP/data/learning-tracks/admin.yml +++ b/translations/ja-JP/data/learning-tracks/admin.yml @@ -7,6 +7,7 @@ get_started_with_github_ae: guides: - /admin/overview/about-github-ae - /admin/overview/about-data-residency + - /admin/configuration/configuring-your-enterprise/deploying-github-ae - /admin/configuration/initializing-github-ae - /admin/configuration/restricting-network-traffic-to-your-enterprise - /admin/github-actions/getting-started-with-github-actions-for-github-ae diff --git a/translations/ja-JP/data/learning-tracks/code-security.yml b/translations/ja-JP/data/learning-tracks/code-security.yml index ebd0a98098..cd72a37bba 100644 --- a/translations/ja-JP/data/learning-tracks/code-security.yml +++ b/translations/ja-JP/data/learning-tracks/code-security.yml @@ -18,39 +18,39 @@ dependabot_alerts: title: '脆弱な依存関係に関する通知を取得' description: '依存関係中の新しい脆弱性に対するアラートを発するようDependabotをセットアップしてください。' guides: - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies + - /code-security/dependabot/dependabot-alerts/about-dependabot-alerts - '{% ifversion fpt or ghec or ghes > 3.2 %}/github/administering-a-repository/managing-repository-settings/managing-security-and-analysis-settings-for-your-repository{% endif %}' - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors + - /code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts + - /code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies + - /code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors #Feature available on dotcom and GHES 3.3+, so articles available on GHAE and earlier GHES hidden to hide the learning track dependabot_security_updates: title: '脆弱な依存関係を更新するためのPull Requestを取得' description: '新しい脆弱性が報告されたときにPull Requestを作成するようDependabotをセットアップ' guides: - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates + - /code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates + - /code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates - '{% ifversion fpt or ghec or ghes > 3.2 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies{% endif %}' - '{% ifversion fpt or ghec or ghes > 3.2 %}/github/administering-a-repository/managing-repository-settings/managing-security-and-analysis-settings-for-your-repository{% endif %}' - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates - '{% ifversion fpt or ghec or ghes > 3.2 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies{% endif %}' #Feature available only on dotcom and GHES 3.3+ dependency_version_updates: title: '依存関係を最新に保つ' description: '新しいリリースをチェックし、依存関係を更新するPull Requestを作成するためにDependabotを使ってください。' guides: - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors + - /code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates + - /code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates + - /code-security/dependabot/dependabot-version-updates/customizing-dependency-updates + - /code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + - /code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot + - /code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions + - /code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates + - /code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors #Feature available in GHEC, GHES 3.0 up, and GHAE. Feature limited on FPT so hidden there. secret_scanning: title: 'シークレットのスキャン' @@ -103,3 +103,12 @@ code_security_ci: - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/migrating-from-the-codeql-runner-to-codeql-cli - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/troubleshooting-codeql-runner-in-your-ci-system +#Feature available in all versions +end_to_end_supply_chain: + title: 'End-to-end supply chain' + description: 'How to think about securing your user accounts, your code, and your build process.' + guides: + - /code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-code + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-builds diff --git a/translations/ja-JP/data/product-examples/code-security/code-examples.yml b/translations/ja-JP/data/product-examples/code-security/code-examples.yml index 38beac236f..523fc73521 100644 --- a/translations/ja-JP/data/product-examples/code-security/code-examples.yml +++ b/translations/ja-JP/data/product-examples/code-security/code-examples.yml @@ -24,7 +24,7 @@ #Security policies title: Microsoft security policy template description: セキュリティポリシーの例 - href: https://github.com/microsoft/repo-templates/blob/main/shared/SECURITY.md + href: /microsoft/repo-templates/blob/main/shared/SECURITY.md tags: - セキュリティポリシー - diff --git a/translations/ja-JP/data/release-notes/enterprise-server/3-1/0.yml b/translations/ja-JP/data/release-notes/enterprise-server/3-1/0.yml index f4db0c2cc8..ccd0725cf4 100644 --- a/translations/ja-JP/data/release-notes/enterprise-server/3-1/0.yml +++ b/translations/ja-JP/data/release-notes/enterprise-server/3-1/0.yml @@ -76,6 +76,7 @@ sections: - The latest release of the CodeQL CLI supports uploading analysis results to GitHub. This makes it easier to run code analysis for customers who wish to use CI/CD systems other than {% data variables.product.prodname_actions %}. Previously, such users had to use the separate CodeQL runner, which will continue to be available. For more information, see "[About CodeQL code scanning in your CI system](/enterprise-server@3.1/code-security/secure-coding/about-codeql-code-scanning-in-your-ci-system)." - '{% data variables.product.prodname_actions %} now supports skipping `push` and `pull_request` workflows by looking for some common keywords in your commit message.' - Check annotations older than four months will be archived. + - Scaling of worker allocation for background tasks has been revised. We recommend validating that the new defaults are appropriate for your workload. Custom background worker overrides should be unset in most cases. [Updated 2022-03-18] - heading: Security Changes notes: diff --git a/translations/ja-JP/data/release-notes/enterprise-server/3-4/0-rc1.yml b/translations/ja-JP/data/release-notes/enterprise-server/3-4/0-rc1.yml index 8a4b9c6da0..6ae7356298 100644 --- a/translations/ja-JP/data/release-notes/enterprise-server/3-4/0-rc1.yml +++ b/translations/ja-JP/data/release-notes/enterprise-server/3-4/0-rc1.yml @@ -1,7 +1,7 @@ --- date: '2022-02-15' release_candidate: true -deprecated: false +deprecated: true intro: | {% note %} diff --git a/translations/ja-JP/data/release-notes/enterprise-server/3-4/0.yml b/translations/ja-JP/data/release-notes/enterprise-server/3-4/0.yml new file mode 100644 index 0000000000..54c5d38568 --- /dev/null +++ b/translations/ja-JP/data/release-notes/enterprise-server/3-4/0.yml @@ -0,0 +1,193 @@ +--- +date: '2022-03-15' +intro: | + + For upgrade instructions, see "[Upgrading {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)." + + > This release is dedicated to our colleague and friend John, a Hubber who was always there to help. You will be greatly missed. + > + > **John "Ralph" Wiebalk 1986–2021** +sections: + features: + - + heading: Secret scanning REST API now returns locations + notes: + - | + {% data variables.product.prodname_GH_advanced_security %} customers can now use the REST API to retrieve commit details of secrets detected in private repository scans. The new endpoint returns details of a secret's first detection within a file, including the secret's location and commit SHA. For more information, see "[Secret scanning](/rest/reference/secret-scanning)" in the REST API documentation. + - + heading: Export license data of committer-based billing for GitHub Advanced Security + notes: + - | + Enterprise and organization owners can now export their {% data variables.product.prodname_GH_advanced_security %} license usage data to a CSV file. The {% data variables.product.prodname_advanced_security %} billing data can also be retrieved via billing endpoints in the REST API. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-11-export-github-advanced-security-license-usage-data/)." + - + heading: GitHub Actions reusable workflows in public beta + notes: + - | + You can now reuse entire workflows as if they were an action. This feature is available in public beta. Instead of copying and pasting workflow definitions across repositories, you can now reference an existing workflow with a single line of configuration. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-05-github-actions-dry-your-github-actions-configuration-by-reusing-workflows/)." + - + heading: Dependabot security and version updates in public beta + notes: + - | + {% data variables.product.prodname_dependabot %} is now available in {% data variables.product.prodname_ghe_server %} 3.4 as a public beta, offering both version updates and security updates for several popular ecosystems. {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_ghe_server %} requires {% data variables.product.prodname_actions %} and a pool of self-hosted runners configured for {% data variables.product.prodname_dependabot %} use. {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_ghe_server %} also requires {% data variables.product.prodname_github_connect %} and {% data variables.product.prodname_dependabot %} to be enabled by an administrator. Beta feedback and suggestions can be shared in the [{% data variables.product.prodname_dependabot %} Feedback GitHub discussion](https://github.com/github/feedback/discussions/categories/dependabot-feedback). For more information and to try the beta, see "[Setting up {% data variables.product.prodname_dependabot %} security and version updates on your enterprise](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/setting-up-dependabot-updates)." + - + heading: SAML authentication supports encrypted assertions + notes: + - | + If you use SAML authentication for {% data variables.product.prodname_ghe_server %}, you can now configure encrypted assertions from your IdP to improve security. Encrypted assertions add an additional layer of encryption when your IdP transmits information to {% data variables.product.product_location %}. For more information, see "[Using SAML](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml#enabling-encrypted-assertions)." + changes: + - + heading: 管理に関する変更 + notes: + - Users can now choose the number of spaces a tab is equal to, by setting their preferred tab size in the "Appearance" settings of their user account. All code with a tab indent will render using the preferred tab size. + - The {% data variables.product.prodname_github_connect %} data connection record now includes a count of the number of active and dormant users and the configured dormancy period. + - You can now give users access to enterprise-specific links by adding custom footers to {% data variables.product.prodname_ghe_server %}. For more information, see "[Configuring custom footers](/admin/configuration/configuring-your-enterprise/configuring-custom-footers)." + - + heading: Performance Changes + notes: + - WireGuard, used to secure communication between {% data variables.product.prodname_ghe_server %} instances in a High Availability configuration, has been migrated to the Kernel implementation. + - + heading: Notification Changes + notes: + - Organization owners can now unsubscribe from email notifications when new deploy keys are added to repositories belonging to their organizations. For more information, see "[Configuring notifications](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications)." + - 'Notification emails from newly created issues and pull requests now include `(Issue #xx)` or `(PR #xx)` in the email subject, so you can recognize and filter emails that reference these types of issues.' + - + heading: Organization Changes + notes: + - Organizations can now display a `README.md` file on their profile Overview. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-14-readmes-for-organization-profiles/)." + - 'Members of organizations can now view a list of their enterprise owners under the organization''s "People" tab. The enterprise owners list is also now accessible using the GraphQL API. For more information, see the "[`enterpriseOwners`](/graphql/reference/objects#organization)" field under the Organization object in the GraphQL API documentation.' + - + heading: リポジトリの変更 + notes: + - | + A "Manage Access" section is now shown on the "Collaborators and teams" page in your repository settings. The new section makes it easier for repository administrators to see and manage who has access to their repository, and the level of access granted to each user. Administrators can now: + + * Search all members, teams and collaborators who have access to the repository. + * View when members have mixed role assignments, granted to them directly as individuals or indirectly via a team. This is visualized through a new "mixed roles" warning, which displays the highest level role the user is granted if their permission level is higher than their assigned role. + * Manage access to popular repositories reliably, with page pagination and fewer timeouts when large groups of users have access. + - '{% data variables.product.prodname_ghe_server %} 3.4 includes improvements to the repository invitation experience, such as notifications for private repository invites, a UI prompt when visiting a private repository you have a pending invitation for, and a banner on a public repository overview page when there is an pending invitation.' + - 'You can now use single-character prefixes for custom autolinks. Autolink prefixes also now allow `.`, `-`, `_`, `+`, `=`, `:`, `/`, and `#` characters, as well as alphanumerics. For more information about custom autolinks, see "[Configuring autolinks to reference external resources](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources)."' + - A `CODE_OF_CONDUCT.md` file in the root of a repository is now highlighted in the "About" sidebar on the repository overview page. + - + heading: 'Releases changes' + notes: + - '{% data variables.product.prodname_ghe_server %} 3.4 includes improvements to the Releases UI, such as automatically generated release notes which display a summary of all the pull requests for a given release. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-20-improvements-to-github-releases-generally-available/)."' + - When a release is published, an avatar list is now displayed at the bottom of the release. Avatars for all user accounts mentioned in the release notes are shown. For more information, see "[Managing releases in a repository](/repositories/releasing-projects-on-github/managing-releases-in-a-repository)." + - + heading: 'Markdownの変更' + notes: + - You can now use the new "Accessibility" settings page to manage your keyboard shortcuts. You can choose to disable keyboard shortcuts that only use single characters like S, G C, and . (the period key). For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-16-managing-keyboard-shortcuts-using-accessibility-settings/)." + - You can now choose to use a fixed-width font in Markdown-enabled fields, like issue comments and pull request descriptions. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-12-fixed-width-font-support-in-markdown-enabled-fields/)." + - You can now paste a URL on selected text to quickly create a Markdown link. This works in all Markdown-enabled fields, such as issue comments and pull request descriptions. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-linkify-selected-text-on-url-paste/)." + - 'An image URL can now be appended with a theme context, such as `#gh-dark-mode-only`, to define how the Markdown image is displayed to a viewer. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-24-specify-theme-context-for-images-in-markdown/)."' + - When creating or editing a gist file with the Markdown (`.md`) file extension, you can now use the "Preview" or "Preview Changes" tab to display a Markdown rendering of the file contents. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-17-preview-the-markdown-rendering-of-gists/)." + - When typing the name of a {% data variables.product.prodname_dotcom %} user in issues, pull requests and discussions, the @mention suggester now ranks existing participants higher than other {% data variables.product.prodname_dotcom %} users, so that it's more likely the user you're looking for will be listed. + - Right-to-left languages are now supported natively in Markdown files, issues, pull requests, discussions, and comments. + - + heading: 'Issues and pull requests changes' + notes: + - The diff setting to hide whitespace changes in the pull request "Files changed" tab is now retained for your user account for that pull request. The setting you have chosen is automatically reapplied if you navigate away from the page and then revisit the "Files changed" tab of the same pull request. + - When using auto assignment for pull request code reviews, you can now choose to only notify requested team members independently of your auto assignment settings. This setting is useful in scenarios where many users are auto assigned but not all users require notification. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-team-member-pull-request-review-notifications-can-be-configured-independently-of-auto-assignment/)." + - + heading: 'Branches changes' + notes: + - 'Organization and repository administrators can now trigger webhooks to listen for changes to branch protection rules on their repositories. For more information, see the "[branch_protection_rule](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#branch_protection_rule)" event in the webhooks events and payloads documentation.' + - When configuring protected branches, you can now enforce that a required status check is provided by a specific {% data variables.product.prodname_github_app %}. If a status is then provided by a different application, or by a user via a commit status, merging is prevented. This ensures all changes are validated by the intended application. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-12-01-ensure-required-status-checks-provided-by-the-intended-app/)." + - Only users with administrator permissions are now able to rename protected branches and modify branch protection rules. Previously, with the exception of the default branch, a collaborator could rename a branch and consequently any non-wildcard branch protection rules that applied to that branch were also renamed. For more information, see "[Renaming a branch](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch)" and "[Managing a branch protection rule](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule)." + - Administrators can now allow only specific users and teams to bypass pull request requirements. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-19-allow-bypassing-required-pull-requests/)." + - Administrators can now allow only specific users and teams to force push to a repository. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-12-21-specify-who-can-force-push-to-a-repository/)." + - When requiring pull requests for all changes to a protected branch, administrators can now choose if approved reviews are also a requirement. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-require-pull-requests-without-requiring-reviews/)." + - + heading: 'GitHub Actions changes' + notes: + - '{% data variables.product.prodname_actions %} workflows triggered by {% data variables.product.prodname_dependabot %} for the `create`, `deployment`, and `deployment_status` events now always receive a read-only token and no secrets. Similarly, workflows triggered by {% data variables.product.prodname_dependabot %} for the `pull_request_target` event on pull requests where the base ref was created by {% data variables.product.prodname_dependabot %}, now always receive a read-only token and no secrets. These changes are designed to prevent potentially malicious code from executing in a privileged workflow. For more information, see "[Automating {% data variables.product.prodname_dependabot %} with {% data variables.product.prodname_actions %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)."' + - Workflow runs on `push` and `pull_request` events triggered by {% data variables.product.prodname_dependabot %} will now respect the permissions specified in your workflows, allowing you to control how you manage automatic dependency updates. The default token permissions will remain read-only. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-06-github-actions-workflows-triggered-by-dependabot-prs-will-respect-permissions-key-in-workflows/)." + - '{% data variables.product.prodname_actions %} workflows triggered by {% data variables.product.prodname_dependabot %} will now be sent the {% data variables.product.prodname_dependabot %} secrets. You can now pull from private package registries in your CI using the same secrets you have configured for {% data variables.product.prodname_dependabot %} to use, improving how {% data variables.product.prodname_actions %} and {% data variables.product.prodname_dependabot %} work together. For more information, see "[Automating {% data variables.product.prodname_dependabot %} with {% data variables.product.prodname_actions %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)."' + - You can now manage runner groups and see the status of your self-hosted runners using new Runners and Runner Groups pages in the UI. The Actions settings page for your repository or organization now shows a summary view of your runners, and allows you to deep dive into a specific runner to edit it or see what job it may be currently running. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-20-github-actions-experience-refresh-for-the-management-of-self-hosted-runners/)." + - 'Actions authors can now have their action run in Node.js 16 by specifying [`runs.using` as `node16` in the action''s `action.yml`](/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-javascript-actions). This is in addition to the existing Node.js 12 support; actions can continue to specify `runs.using: node12` to use the Node.js 12 runtime.' + - 'For manually triggered workflows, {% data variables.product.prodname_actions %} now supports the `choice`, `boolean`, and `environment` input types in addition to the default `string` type. For more information, see "[`on.workflow_dispatch.inputs`](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_dispatchinputs)."' + - Actions written in YAML, also known as composite actions, now support `if` conditionals. This lets you prevent specific steps from executing unless a condition has been met. Like steps defined in workflows, you can use any supported context and expression to create a conditional. + - The search order behavior for self-hosted runners has now changed, so that the first available matching runner at any level will run the job in all cases. This allows jobs to be sent to self-hosted runners much faster, especially for organizations and enterprises with lots of self-hosted runners. Previously, when running a job that required a self-hosted runner, {% data variables.product.prodname_actions %} would look for self-hosted runners in the repository, organization, and enterprise, in that order. + - 'Runner labels for {% data variables.product.prodname_actions %} self-hosted runners can now be listed, added and removed using the REST API. For more information about using the new APIs at a repository, organization, or enterprise level, see "[Repositories](/rest/reference/actions#list-labels-for-a-self-hosted-runner-for-a-repository)", "[Organizations](/rest/reference/actions#add-custom-labels-to-a-self-hosted-runner-for-an-organization)", and "[Enterprises](/rest/reference/enterprise-admin#list-labels-for-a-self-hosted-runner-for-an-enterprise)" in the REST API documentation.' + - + heading: 'Dependabot and Dependency graph changes' + notes: + - Dependency graph now supports detecting Python dependencies in repositories that use the Poetry package manager. Dependencies will be detected from both `pyproject.toml` and `poetry.lock` manifest files. + - When configuring {% data variables.product.prodname_dependabot %} security and version updates on GitHub Enterprise Server, we recommend you also enable {% data variables.product.prodname_dependabot %} in {% data variables.product.prodname_github_connect %}. This will allow {% data variables.product.prodname_dependabot %} to retrieve an updated list of dependencies and vulnerabilities from {% data variables.product.prodname_dotcom_the_website %}, by querying for information such as the changelogs of the public releases of open source code that you depend upon. For more information, see "[Enabling the dependency graph and Dependabot alerts for your enterprise](/admin/configuration/configuring-github-connect/enabling-the-dependency-graph-and-dependabot-alerts-for-your-enterprise)." + - '{% data variables.product.prodname_dependabot_alerts %} alerts can now be dismissed using the GraphQL API. For more information, see the "[dismissRepositoryVulnerabilityAlert](/graphql/reference/mutations#dismissrepositoryvulnerabilityalert)" mutation in the GraphQL API documentation.' + - + heading: 'Code scanning and secret scanning changes' + notes: + - The {% data variables.product.prodname_codeql %} CLI now supports including markdown-rendered query help in SARIF files, so that the help text can be viewed in the {% data variables.product.prodname_code_scanning %} UI when the query generates an alert. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-23-display-help-text-for-your-custom-codeql-queries-in-code-scanning/)." + - The {% data variables.product.prodname_codeql %} CLI and {% data variables.product.prodname_vscode %} extension now support building databases and analyzing code on machines powered by Apple Silicon, such as Apple M1. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-codeql-now-supports-apple-silicon-m1/)." + - | + The depth of {% data variables.product.prodname_codeql %}'s analysis has been improved by adding support for more [libraries and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/) from the Python ecosystem. As a result, {% data variables.product.prodname_codeql %} can now detect even more potential sources of untrusted user data, steps through which that data flows, and potentially dangerous sinks where the data could end up. This results in an overall improvement of the quality of {% data variables.product.prodname_code_scanning %} alerts. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-24-codeql-code-scanning-now-recognizes-more-python-libraries-and-frameworks/)." + - Code scanning with {% data variables.product.prodname_codeql %} now includes beta support for analyzing code in all common Ruby versions, up to and including 3.02. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-27-codeql-code-scanning-adds-beta-support-for-ruby/)." + - | + Several improvements have been made to the {% data variables.product.prodname_code_scanning %} API: + + * The `fixed_at` timestamp has been added to alerts. This timestamp is the first time that the alert was not detected in an analysis. + * Alert results can now be sorted using `sort` and `direction` on either `created`, `updated` or `number`. For more information, see "[List code scanning alerts for a repository](/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository)." + * A `Last-Modified` header has been added to the alerts and alert endpoint response. For more information, see [`Last-Modified`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Last-Modified) in the Mozilla documentation. + * The `relatedLocations` field has been added to the SARIF response when you request a code scanning analysis. The field may contain locations which are not the primary location of the alert. See an example in the [SARIF spec](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html#_Toc16012616) and for more information see "[Get a code scanning analysis for a repository](/rest/reference/code-scanning#get-a-code-scanning-analysis-for-a-repository)." + * Both `help` and `tags` data have been added to the webhook response alert rule object. For more information, see "[Code scanning alert webhooks events and payloads](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#code_scanning_alert)." + * Personal access tokens with the `public_repo` scope now have write access for code scanning endpoints on public repos, if the user has permission. + + For more information, see "[Code scanning](/rest/reference/code-scanning)" in the REST API documentation. + - '{% data variables.product.prodname_GH_advanced_security %} customers can now use the REST API to retrieve private repository secret scanning results at the enterprise level. The new endpoint supplements the existing repository-level and organization-level endpoints. For more information, see "[Secret scanning](/rest/reference/secret-scanning)" in the REST API documentation.' + #No security/bug fixes for the GA release + #security_fixes: + #- PLACEHOLDER + #bugs: + #- PLACEHOLDER + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - アップグレードの過程で、カスタムのファイアウォールのルールが削除されます。 + - Git LFSが追跡するファイル[Webインターフェースからアップロードされたもの](https://github.com/blog/2105-upload-files-to-your-repositories)が、不正にリポジトリに直接追加されてしまいます。 + - 同じリポジトリ内のファイルパスが255文字を超えるblobへのパーマリンクを含むIssueをクローズできませんでした。 + - GitHub Connectで"Users can search GitHub.com"が有効化されている場合、GitHub.comの検索結果にプライベート及びインターナルリポジトリのIssueが含まれません。 + - '{% data variables.product.prodname_registry %}のnpmレジストリは、メタデータのレスポンス中で時間の値を返さなくなります。これは、大きなパフォーマンス改善のために行われました。メタデータレスポンスの一部として時間の値を返すために必要なすべてのデータは保持し続け、既存のパフォーマンスの問題を解決した将来に、この値を返すことを再開します。' + - pre-receive フックの処理に固有のリソース制限によって、pre-receive フックに失敗するものが生じることがあります。 + - Actions services needs to be restarted after restoring appliance from backup taken on a different host. + deprecations: + - + heading: Deprecation of GitHub Enterprise Server 3.0 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.0 was discontinued on February 16, 2022**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - + heading: Deprecation of GitHub Enterprise Server 3.1 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.1 will be discontinued on June 3, 2022**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - + heading: XenServer Hypervisorサポートの非推奨化 + notes: + - Starting in {% data variables.product.prodname_ghe_server %} 3.3, {% data variables.product.prodname_ghe_server %} on XenServer was deprecated and is no longer supported. Please contact [GitHub Support](https://support.github.com) with questions or concerns. + - + heading: Deprecation of the Content Attachments API preview + notes: + - Due to low usage, we have deprecated the Content References API preview in {% data variables.product.prodname_ghe_server %} 3.4. The API was previously accessible with the `corsair-preview` header. Users can continue to navigate to external URLs without this API. Any registered usages of the Content References API will no longer receive a webhook notification for URLs from your registered domain(s) and we no longer return valid response codes for attempted updates to existing content attachments. + - + heading: Deprecation of the Codes of Conduct API preview + notes: + - 'The Codes of Conduct API preview, which was accessible with the `scarlet-witch-preview` header, is deprecated and no longer accessible in {% data variables.product.prodname_ghe_server %} 3.4. We instead recommend using the "[Get community profile metrics](/rest/reference/repos#get-community-profile-metrics)" endpoint to retrieve information about a repository''s code of conduct. For more information, see the "[Deprecation Notice: Codes of Conduct API preview](https://github.blog/changelog/2021-10-06-deprecation-notice-codes-of-conduct-api-preview/)" in the {% data variables.product.prodname_dotcom %} changelog.' + - + heading: Deprecation of OAuth Application API endpoints and API authentication using query parameters + notes: + - | + Starting with {% data variables.product.prodname_ghe_server %} 3.4, the [deprecated version of the OAuth Application API endpoints](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#endpoints-affected) have been removed. If you encounter 404 error messages on these endpoints, convert your code to the versions of the OAuth Application API that do not have `access_tokens` in the URL. We've also disabled the use of API authentication using query parameters. We instead recommend using [API authentication in the request header](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make). + - + heading: Deprecation of the CodeQL runner + notes: + - The {% data variables.product.prodname_codeql %} runner is deprecated in {% data variables.product.prodname_ghe_server %} 3.4 and is no longer supported. The deprecation only affects users who use {% data variables.product.prodname_codeql %} code scanning in third party CI/CD systems; {% data variables.product.prodname_actions %} users are not affected. We strongly recommend that customers migrate to the {% data variables.product.prodname_codeql %} CLI, which is a feature-complete replacement for the {% data variables.product.prodname_codeql %} runner. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/). + - + heading: Deprecation of custom bit-cache extensions + notes: + - | + Starting in {% data variables.product.prodname_ghe_server %} 3.1, support for {% data variables.product.company_short %}'s proprietary bit-cache extensions began to be phased out. These extensions are deprecated in {% data variables.product.prodname_ghe_server %} 3.3 onwards. + + Any repositories that were already present and active on {% data variables.product.product_location %} running version 3.1 or 3.2 will have been automatically updated. + + Repositories which were not present and active before upgrading to {% data variables.product.prodname_ghe_server %} 3.3 may not perform optimally until a repository maintenance task is run and has successfully completed. + + To start a repository maintenance task manually, browse to `https:///stafftools/repositories///network` for each affected repository and click the Schedule button. + backups: + - '{% data variables.product.prodname_ghe_server %} 3.4 requires at least [GitHub Enterprise Backup Utilities 3.4.0](https://github.com/github/backup-utils) for [Backups and Disaster Recovery](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance).' diff --git a/translations/ja-JP/data/reusables/actions/enterprise-github-connect-warning.md b/translations/ja-JP/data/reusables/actions/enterprise-github-connect-warning.md deleted file mode 100644 index 3543165079..0000000000 --- a/translations/ja-JP/data/reusables/actions/enterprise-github-connect-warning.md +++ /dev/null @@ -1,15 +0,0 @@ -{% ifversion ghes > 3.2 or ghae-issue-4815 %} -{% note %} - -**Note:** When a workflow uses an action by referencing the repository where the action is stored, {% data variables.product.prodname_actions %} will try to find the repository on your {% data variables.product.prodname_ghe_server %} instance first before falling back to {% data variables.product.prodname_dotcom_the_website %}. If a user has already created an organization and repository in your enterprise that matches an organization and repository name on {% data variables.product.prodname_dotcom %}, the repository on your enterprise will be used in place of the {% data variables.product.prodname_dotcom %} repository. For more information, see "[Automatic retirement of namespaces for actions accessed on {% data variables.product.prodname_dotcom_the_website%}](#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom)." - -{% endnote %} -{% endif %} - -{% ifversion ghes < 3.3 or ghae %} -{% note %} - -**Note:** When a workflow uses an action by referencing the repository where the action is stored, {% data variables.product.prodname_actions %} will try to find the repository on your {% data variables.product.prodname_ghe_server %} instance first before falling back to {% data variables.product.prodname_dotcom_the_website %}. ユーザが、{% data variables.product.prodname_dotcom %}上のOrganization及びリポジトリの名前に一致するOrganizationとリポジトリをEnterprise上に作成すると、{% data variables.product.prodname_dotcom %}リポジトリのところではEnterprise上のリポジトリが使用されます。 悪意あるユーザは、ワークフローの一部としてコードを実行するのに、この動作を利用できるかもしれません。 - -{% endnote %} -{% endif %} diff --git a/translations/ja-JP/data/reusables/actions/github-connect-resolution.md b/translations/ja-JP/data/reusables/actions/github-connect-resolution.md new file mode 100644 index 0000000000..816e314a30 --- /dev/null +++ b/translations/ja-JP/data/reusables/actions/github-connect-resolution.md @@ -0,0 +1 @@ +When a workflow uses an action by referencing the repository where the action is stored, {% data variables.product.prodname_actions %} will first try to find the repository on {% data variables.product.product_location %}. If the repository does not exist on {% data variables.product.product_location %}, and if you have automatic access to {% data variables.product.prodname_dotcom_the_website %} enabled, {% data variables.product.prodname_actions %} will try to find the repository on {% data variables.product.prodname_dotcom_the_website %}. \ No newline at end of file diff --git a/translations/ja-JP/data/reusables/actions/github-token-expiration.md b/translations/ja-JP/data/reusables/actions/github-token-expiration.md new file mode 100644 index 0000000000..3391ce321f --- /dev/null +++ b/translations/ja-JP/data/reusables/actions/github-token-expiration.md @@ -0,0 +1 @@ +The `GITHUB_TOKEN` expires when a job finishes or after a maximum of 24 hours. \ No newline at end of file diff --git a/translations/ja-JP/data/reusables/actions/self-hosted-runner-communications-for-ghae.md b/translations/ja-JP/data/reusables/actions/self-hosted-runner-communications-for-ghae.md deleted file mode 100644 index 052be44951..0000000000 --- a/translations/ja-JP/data/reusables/actions/self-hosted-runner-communications-for-ghae.md +++ /dev/null @@ -1,7 +0,0 @@ -{% ifversion ghae %} - -You must ensure that the self-hosted runner has appropriate network access to communicate with your {% data variables.product.prodname_ghe_managed %} URL and its subdomains. For example, if your instance name is `octoghae`, then you will need to allow the self-hosted runner to access `octoghae.githubenterprise.com`, `api.octoghae.githubenterprise.com`, and `codeload.octoghae.githubenterprise.com`. - -If you use an IP address allow list for your organization or enterprise account on {% data variables.product.prodname_dotcom %}, you must add your self-hosted runner's IP address to the allow list. 詳細は「[ Organization に対する許可 IP アドレスを管理する](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)」を参照してください。 - -{% endif %} diff --git a/translations/ja-JP/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md b/translations/ja-JP/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md new file mode 100644 index 0000000000..56a88617bd --- /dev/null +++ b/translations/ja-JP/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md @@ -0,0 +1 @@ +To use actions from {% data variables.product.prodname_dotcom_the_website %},{% ifversion ghes %} both {% data variables.product.product_location %} and{% endif %} your self-hosted runners must be able to make outbound connections to {% data variables.product.prodname_dotcom_the_website %}. No inbound connections from {% data variables.product.prodname_dotcom_the_website %} are required. For more information. 詳しい情報については、「[セルフホストランナーについて](/actions/hosting-your-own-runners/about-self-hosted-runners#communication-betweens-self-hosted-runners-and-githubcom)」を参照してください。 \ No newline at end of file diff --git a/translations/ja-JP/data/reusables/actions/self-hosted-runner-ports-protocols.md b/translations/ja-JP/data/reusables/actions/self-hosted-runner-ports-protocols.md index 57f16b0906..a24c445d1b 100644 --- a/translations/ja-JP/data/reusables/actions/self-hosted-runner-ports-protocols.md +++ b/translations/ja-JP/data/reusables/actions/self-hosted-runner-ports-protocols.md @@ -1 +1,3 @@ -Self-hosted runners must be able to communicate with {% ifversion ghae %}your enterprise on {% data variables.product.product_name %}{% elsif fpt or ghec or ghes %}{% data variables.product.product_location %}{% endif %} over HTTP (port 80) and HTTPS (port 443). +{% ifversion ghes or ghae %} +The connection between self-hosted runners and {% data variables.product.product_name %} is over {% ifversion ghes %}HTTP (port 80) or {% endif %}HTTPS (port 443). {% ifversion ghes %}To ensure connectivity over HTTPS, configure TLS for {% data variables.product.product_location %}. For more information, see "[Configuring TLS](/admin/configuration/configuring-network-settings/configuring-tls)."{% endif %} +{% endif %} diff --git a/translations/ja-JP/data/reusables/code-scanning/alert-default-branch.md b/translations/ja-JP/data/reusables/code-scanning/alert-default-branch.md new file mode 100644 index 0000000000..c6a6029e70 --- /dev/null +++ b/translations/ja-JP/data/reusables/code-scanning/alert-default-branch.md @@ -0,0 +1 @@ +The status and details on the alert page only reflect the state of the alert on the default branch of the repository, even if the alert exists in other branches. You can see the status of the alert on non-default branches in the **Affected branches** section on the right-hand side of the alert page. If an alert doesn't exist in the default branch, the status of the alert will display as "in pull request" or "in branch" and will be colored grey. \ No newline at end of file diff --git a/translations/ja-JP/data/reusables/code-scanning/beta.md b/translations/ja-JP/data/reusables/code-scanning/beta.md index a18be28cd0..bb9cf0d33c 100644 --- a/translations/ja-JP/data/reusables/code-scanning/beta.md +++ b/translations/ja-JP/data/reusables/code-scanning/beta.md @@ -1,4 +1,8 @@ -{% ifversion ghae %} +{% ifversion ghae-issue-5752 %} + + + +{% elsif ghae %} {% note %} diff --git a/translations/ja-JP/data/reusables/code-scanning/filter-non-default-branches.md b/translations/ja-JP/data/reusables/code-scanning/filter-non-default-branches.md new file mode 100644 index 0000000000..4df28a76d5 --- /dev/null +++ b/translations/ja-JP/data/reusables/code-scanning/filter-non-default-branches.md @@ -0,0 +1 @@ +Please note that if you have filtered for alerts on a non-default branch, but the same alerts exist on the default branch, the alert page for any given alert will still only reflect the alert's status on the default branch, even if that status conflicts with the status on a non-default branch. For example, an alert that appears in the "Open" list in the summary of alerts for `branch-x` could show a status of "Fixed" on the alert page, if the alert is already fixed on the default branch. You can view the status of the alert for the branch you filtered on in the **Affected branches** section on the right side of the alert page. \ No newline at end of file diff --git a/translations/ja-JP/data/reusables/dependabot/private-dependencies-note.md b/translations/ja-JP/data/reusables/dependabot/private-dependencies-note.md index bba112ff1c..98c5a29e42 100644 --- a/translations/ja-JP/data/reusables/dependabot/private-dependencies-note.md +++ b/translations/ja-JP/data/reusables/dependabot/private-dependencies-note.md @@ -1 +1 @@ -セキュリティあるいはバージョンアップデートを実行する際に、エコシステムによってはアップデートが成功したことを検証するためにすべての依存関係をソースから解決できなければならないことがあります。 マニフェストあるいはロックファイルにプライベートの依存関係が含まれているなら、{% data variables.product.prodname_dependabot %}はそれらの依存関係がホストされている場所にアクセスできなければなりません。 Organizationのオーナーは、同じOrganization内のプロジェクトに対する依存関係を含むプライベートリポジトリへのアクセス権を{% data variables.product.prodname_dependabot %}に付与できます。 詳しい情報については「[Organizatonのためのセキュリティ及び分析設定の管理](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)」を参照してください。 リポジトリの_dependabot.yml_設定ファイル中で、プライベートリポジトリへのアクセスを設定できます。 詳しい情報については、「[依存関係の更新の設定オプション](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries) 」を参照してください。 +セキュリティあるいはバージョンアップデートを実行する際に、エコシステムによってはアップデートが成功したことを検証するためにすべての依存関係をソースから解決できなければならないことがあります。 マニフェストあるいはロックファイルにプライベートの依存関係が含まれているなら、{% data variables.product.prodname_dependabot %}はそれらの依存関係がホストされている場所にアクセスできなければなりません。 Organizationのオーナーは、同じOrganization内のプロジェクトに対する依存関係を含むプライベートリポジトリへのアクセス権を{% data variables.product.prodname_dependabot %}に付与できます。 詳しい情報については「[Organizatonのためのセキュリティ及び分析設定の管理](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)」を参照してください。 リポジトリの_dependabot.yml_設定ファイル中で、プライベートリポジトリへのアクセスを設定できます。 For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." diff --git a/translations/ja-JP/data/reusables/dependabot/result-discrepancy.md b/translations/ja-JP/data/reusables/dependabot/result-discrepancy.md new file mode 100644 index 0000000000..866f6f4d02 --- /dev/null +++ b/translations/ja-JP/data/reusables/dependabot/result-discrepancy.md @@ -0,0 +1 @@ +{% data variables.product.product_name %} によって報告された依存関係の検出結果は、他のツールから返される結果とは異なる場合があります。 これには理由があり、{% data variables.product.prodname_dotcom %} がプロジェクトの依存関係をどのように決定するかを理解しておくと便利です。 diff --git a/translations/ja-JP/data/reusables/enterprise/test-in-staging.md b/translations/ja-JP/data/reusables/enterprise/test-in-staging.md new file mode 100644 index 0000000000..733409b967 --- /dev/null +++ b/translations/ja-JP/data/reusables/enterprise/test-in-staging.md @@ -0,0 +1 @@ +{% data variables.product.company_short %} strongly recommends that you verify any new configuration for authentication in a staging environment. An incorrect configuration could result in downtime for {% data variables.product.product_location %}. 詳しい情報については "[ステージングインスタンスのセットアップ](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)"を参照してください。 diff --git a/translations/ja-JP/data/reusables/repositories/github-reviews-security-advisories.md b/translations/ja-JP/data/reusables/repositories/github-reviews-security-advisories.md index 4f84799a05..e74228e1a4 100644 --- a/translations/ja-JP/data/reusables/repositories/github-reviews-security-advisories.md +++ b/translations/ja-JP/data/reusables/repositories/github-reviews-security-advisories.md @@ -1,3 +1,3 @@ {% data variables.product.prodname_dotcom %}は、公開されたそれぞれのセキュリティアドバイザリをレビューし、{% data variables.product.prodname_advisory_database %}に追加し、そのセキュリティアドバイザリを使って影響されるリポジトリに{% data variables.product.prodname_dependabot_alerts %}を送信することがあります。 セキュリティアドバイザリがフォークから生ずる場合、ユニークな名前の下でパブリックなパッケージレジストリに公開されたパッケージをフォークが所有しているときにのみアラートが送信されます。 このプロセスには最大で72時間がかかり、{% data variables.product.prodname_dotcom %}がさらなる情報を求めてあなたに連絡することがあります。 -{% data variables.product.prodname_dependabot_alerts %}に関する詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)」 および「[{% data variables.product.prodname_dependabot_security_updates %}について](/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-dependabot-security-updates)」を参照してください。 {% data variables.product.prodname_advisory_database %}に関する詳しい情報については、「[{% data variables.product.prodname_advisory_database %}におけるセキュリティ脆弱性をブラウズする](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)」を参照してください。 +For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-dependabot-security-updates)." {% data variables.product.prodname_advisory_database %}に関する詳しい情報については、「[{% data variables.product.prodname_advisory_database %}におけるセキュリティ脆弱性をブラウズする](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)」を参照してください。 diff --git a/translations/ja-JP/data/reusables/repositories/security-alert-delivery-options.md b/translations/ja-JP/data/reusables/repositories/security-alert-delivery-options.md index df5701fa85..7612c7374b 100644 --- a/translations/ja-JP/data/reusables/repositories/security-alert-delivery-options.md +++ b/translations/ja-JP/data/reusables/repositories/security-alert-delivery-options.md @@ -1,4 +1,4 @@ {% ifversion not ghae %} リポジトリにサポートされている依存関係マニフェストがあり -{% ifversion fpt or ghec %}(そしてプライベートリポジトリの場合に依存関係グラフをセットアップしているなら){% endif %}、リポジトリ内に脆弱な依存関係を{% data variables.product.product_name %}が検出すると、週次のダイジェストメールを受け取ることになります。 セキュリティアラートは、Web通知、個別のメール通知、日次のメールダイジェスト、{% data variables.product.product_name %}インターフェース上のアラートとして設定することもできます。 詳しい情報については、「[脆弱性のある依存関係に対するアラートについて](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)」を参照してください。 +{% ifversion fpt or ghec %}(そしてプライベートリポジトリの場合に依存関係グラフをセットアップしているなら){% endif %}、リポジトリ内に脆弱な依存関係を{% data variables.product.product_name %}が検出すると、週次のダイジェストメールを受け取ることになります。 セキュリティアラートは、Web通知、個別のメール通知、日次のメールダイジェスト、{% data variables.product.product_name %}インターフェース上のアラートとして設定することもできます。 詳しい情報については、「[{% data variables.product.prodname_dependabot_alerts %} について](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)」を参照してください。 {% endif %} diff --git a/translations/ja-JP/data/reusables/rest-reference/actions/cache.md b/translations/ja-JP/data/reusables/rest-reference/actions/cache.md new file mode 100644 index 0000000000..e9a369dd30 --- /dev/null +++ b/translations/ja-JP/data/reusables/rest-reference/actions/cache.md @@ -0,0 +1,3 @@ +## キャッシュ + +The cache API allows you to query and manage the {% data variables.product.prodname_actions %} cache for repositories. 詳しい情報については、「[ワークフローを高速化するための依存関係のキャッシュ](/actions/advanced-guides/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy)」を参照してください。 \ No newline at end of file diff --git a/translations/ja-JP/data/reusables/rest-reference/deployments/keys.md b/translations/ja-JP/data/reusables/rest-reference/deploy_keys/deploy_keys.md similarity index 94% rename from translations/ja-JP/data/reusables/rest-reference/deployments/keys.md rename to translations/ja-JP/data/reusables/rest-reference/deploy_keys/deploy_keys.md index ae5ed1ae39..f8e7a1c953 100644 --- a/translations/ja-JP/data/reusables/rest-reference/deployments/keys.md +++ b/translations/ja-JP/data/reusables/rest-reference/deploy_keys/deploy_keys.md @@ -1,5 +1,3 @@ -## デプロイキー - {% data reusables.repositories.deploy-keys %} デプロイキーは、以下の API エンドポイントを使用するか、GitHub を使用することでセットアップできます。 GitHub でデプロイキーを設定する方法については、「[デプロイキーを管理する](/developers/overview/managing-deploy-keys)」を参照してください。 \ No newline at end of file diff --git a/translations/ja-JP/data/reusables/rest-reference/packages/packages.md b/translations/ja-JP/data/reusables/rest-reference/packages/packages.md index 756d5de02e..b525ddbf63 100644 --- a/translations/ja-JP/data/reusables/rest-reference/packages/packages.md +++ b/translations/ja-JP/data/reusables/rest-reference/packages/packages.md @@ -1,4 +1,4 @@ -{% data variables.product.prodname_registry %} APIでは、REST APIを使ってパッケージを管理できます。 パッケージのリストアや削除についてさらに学ぶには、「[パッケージのリストアと削除](/packages/learn-github-packages/deleting-and-restoring-a-package)」を参照してください。 +The {% data variables.product.prodname_registry %} API enables you to manage packages using the REST API.{% ifversion fpt or ghec or ghes > 3.1 or ghae %} To learn more about restoring or deleting packages, see "[Restoring and deleting packages](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} このAPIを使うには、個人アクセストークンを使って認証を受けなければなりません。 - パッケージメタデータにアクセスするには、トークンに`read:packages`スコープが含まれていなければなりません。 diff --git a/translations/ja-JP/data/reusables/secret-scanning/beta.md b/translations/ja-JP/data/reusables/secret-scanning/beta.md index c81d69def2..4dd22083b1 100644 --- a/translations/ja-JP/data/reusables/secret-scanning/beta.md +++ b/translations/ja-JP/data/reusables/secret-scanning/beta.md @@ -1,4 +1,9 @@ -{% ifversion ghae %} +{% ifversion ghae-issue-5752 %} + + + +{% elsif ghae %} + {% note %} **ノート:** Organizationが所有するリポジトリのための{% data variables.product.prodname_secret_scanning_caps %}は現在ベータで、変更されることがあります。 diff --git a/translations/ja-JP/data/reusables/secret-scanning/fpt-GHAS-scans.md b/translations/ja-JP/data/reusables/secret-scanning/fpt-GHAS-scans.md new file mode 100644 index 0000000000..6a76ba5ca9 --- /dev/null +++ b/translations/ja-JP/data/reusables/secret-scanning/fpt-GHAS-scans.md @@ -0,0 +1 @@ +**Note:** Organizations using {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_GH_advanced_security %} can also enable {% data variables.product.prodname_secret_scanning_GHAS %} on any repository they own, including private repositories. 詳しい情報については[{% data variables.product.prodname_ghe_cloud %}のドキュメンテーション](/enterprise-cloud@latest/code-security/secret-security/about-secret-scanning#about-secret-scanning-for-advanced-security)を参照してください。 diff --git a/translations/ja-JP/data/reusables/secret-scanning/partner-secret-list-public-repo.md b/translations/ja-JP/data/reusables/secret-scanning/partner-secret-list-public-repo.md index 331f9b03bb..185cff6f75 100644 --- a/translations/ja-JP/data/reusables/secret-scanning/partner-secret-list-public-repo.md +++ b/translations/ja-JP/data/reusables/secret-scanning/partner-secret-list-public-repo.md @@ -58,6 +58,7 @@ | メタ情報 | Facebook Access Token | | npm | npm Access Token | | NuGet | NuGet API Key | +| Octopus Deploy | Octopus Deploy API Key | | OpenAI | OpenAI API Key | | Palantir | Palantir JSON Web Token | | PlanetScale | PlanetScale Database Password | diff --git a/translations/ja-JP/data/reusables/ssh/key-type-support.md b/translations/ja-JP/data/reusables/ssh/key-type-support.md index 4d8f1bf494..7bfdf23c4b 100644 --- a/translations/ja-JP/data/reusables/ssh/key-type-support.md +++ b/translations/ja-JP/data/reusables/ssh/key-type-support.md @@ -1,8 +1,8 @@ {% note %} -**Note:** {% data variables.product.company_short %} is improving security by dropping older, insecure key types. +**Note:** {% data variables.product.company_short %} improved security by dropping older, insecure key types on March 15, 2022. -DSA keys (`ssh-dss`) are no longer supported. Existing keys will continue to function through March 15, 2022. You cannot add new DSA keys to your user account on {% data variables.product.product_location %}. +As of that date, DSA keys (`ssh-dss`) are no longer supported. You cannot add new DSA keys to your user account on {% data variables.product.product_location %}. RSA keys (`ssh-rsa`) with a `valid_after` before November 2, 2021 may continue to use any signature algorithm. RSA keys generated after that date must use a SHA-2 signature algorithm. Some older clients may need to be upgraded in order to use SHA-2 signatures. diff --git a/translations/ja-JP/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md b/translations/ja-JP/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md index 4aea385281..2fe7cd8e0d 100644 --- a/translations/ja-JP/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md +++ b/translations/ja-JP/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md @@ -1 +1 @@ -リポジトリ内のセキュリティ脆弱性アラートに関連するアクティビティ。 {% data reusables.webhooks.action_type_desc %} 詳しい情報については「[脆弱性のある依存関係に対するアラートについて](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)」を参照してください。 +リポジトリ内のセキュリティ脆弱性アラートに関連するアクティビティ。 {% data reusables.webhooks.action_type_desc %} For more information, see the "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)". diff --git a/translations/ja-JP/data/ui.yml b/translations/ja-JP/data/ui.yml index 1284decf26..f89e3035f2 100644 --- a/translations/ja-JP/data/ui.yml +++ b/translations/ja-JP/data/ui.yml @@ -103,6 +103,8 @@ products: notes: 注釈 parameters: パラメータ response: レスポンス + error_codes: Error Codes + http_status_code: HTTP Status Code code_sample: コードサンプル code_samples: コードサンプル preview_notice: プレビュー通知 diff --git a/translations/ja-JP/data/variables/release_candidate.yml b/translations/ja-JP/data/variables/release_candidate.yml index 08448113ee..ec65ef6f94 100644 --- a/translations/ja-JP/data/variables/release_candidate.yml +++ b/translations/ja-JP/data/variables/release_candidate.yml @@ -1,2 +1,2 @@ --- -version: enterprise-server@3.4 +version: '' diff --git a/translations/log/cn-resets.csv b/translations/log/cn-resets.csv index aafc6a7b8a..f29b21ffe3 100644 --- a/translations/log/cn-resets.csv +++ b/translations/log/cn-resets.csv @@ -5,16 +5,18 @@ translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-gith translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-graphs-on-your-profile/viewing-contributions-on-your-profile.md,broken liquid tags translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-graphs-on-your-profile/why-are-my-contributions-not-showing-up-on-my-profile.md,broken liquid tags translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/about-your-personal-dashboard.md,broken liquid tags -translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/changing-your-github-username.md,parsing error +translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/changing-your-github-username.md,rendering error translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-the-default-branch-name-for-your-repositories.md,broken liquid tags translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-your-membership-in-organizations/about-organization-membership.md,broken liquid tags translations/zh-CN/content/actions/automating-builds-and-tests/about-continuous-integration.md,broken liquid tags +translations/zh-CN/content/actions/deployment/about-deployments/deploying-with-github-actions.md,broken liquid tags translations/zh-CN/content/actions/hosting-your-own-runners/about-self-hosted-runners.md,broken liquid tags translations/zh-CN/content/actions/hosting-your-own-runners/adding-self-hosted-runners.md,Listed in localization-support#489 translations/zh-CN/content/actions/hosting-your-own-runners/adding-self-hosted-runners.md,broken liquid tags translations/zh-CN/content/actions/hosting-your-own-runners/monitoring-and-troubleshooting-self-hosted-runners.md,Listed in localization-support#489 translations/zh-CN/content/actions/hosting-your-own-runners/monitoring-and-troubleshooting-self-hosted-runners.md,broken liquid tags translations/zh-CN/content/actions/learn-github-actions/usage-limits-billing-and-administration.md,broken liquid tags +translations/zh-CN/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md,rendering error translations/zh-CN/content/actions/managing-workflow-runs/removing-workflow-artifacts.md,broken liquid tags translations/zh-CN/content/actions/managing-workflow-runs/reviewing-deployments.md,Listed in localization-support#489 translations/zh-CN/content/actions/security-guides/security-hardening-for-github-actions.md,broken liquid tags @@ -23,6 +25,7 @@ translations/zh-CN/content/actions/using-workflows/storing-workflow-data-as-arti translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance.md,broken liquid tags translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-secret-scanning-for-your-appliance.md,broken liquid tags translations/zh-CN/content/admin/configuration/configuring-network-settings/configuring-an-outbound-web-proxy-server.md,broken liquid tags +translations/zh-CN/content/admin/configuration/configuring-network-settings/network-ports.md,broken liquid tags translations/zh-CN/content/admin/configuration/configuring-your-enterprise/accessing-the-management-console.md,broken liquid tags translations/zh-CN/content/admin/configuration/configuring-your-enterprise/command-line-utilities.md,broken liquid tags translations/zh-CN/content/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance.md,broken liquid tags @@ -59,17 +62,19 @@ translations/zh-CN/content/admin/identity-and-access-management/managing-iam-for translations/zh-CN/content/admin/index.md,broken liquid tags translations/zh-CN/content/admin/installation/setting-up-a-github-enterprise-server-instance/installing-github-enterprise-server-on-aws.md,broken liquid tags translations/zh-CN/content/admin/overview/about-enterprise-accounts.md,Listed in localization-support#489 -translations/zh-CN/content/admin/overview/about-enterprise-accounts.md,parsing error +translations/zh-CN/content/admin/overview/about-enterprise-accounts.md,rendering error translations/zh-CN/content/admin/packages/enabling-github-packages-with-aws.md,broken liquid tags translations/zh-CN/content/admin/packages/enabling-github-packages-with-azure-blob-storage.md,broken liquid tags translations/zh-CN/content/admin/packages/enabling-github-packages-with-minio.md,broken liquid tags translations/zh-CN/content/admin/packages/getting-started-with-github-packages-for-your-enterprise.md,broken liquid tags translations/zh-CN/content/admin/packages/quickstart-for-configuring-your-minio-storage-bucket-for-github-packages.md,broken liquid tags translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-advanced-security-in-your-enterprise.md,broken liquid tags +translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md,broken liquid tags translations/zh-CN/content/admin/policies/enforcing-policy-with-pre-receive-hooks/creating-a-pre-receive-hook-script.md,broken liquid tags translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/creating-teams.md,broken liquid tags translations/zh-CN/content/admin/user-management/managing-repositories-in-your-enterprise/configuring-git-large-file-storage-for-your-enterprise.md,broken liquid tags translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/promoting-or-demoting-a-site-administrator.md,broken liquid tags +translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise.md,rendering error translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/suspending-and-unsuspending-users.md,broken liquid tags translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your-enterprise/exporting-migration-data-from-githubcom.md,broken liquid tags translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your-enterprise/exporting-migration-data-from-your-enterprise.md,broken liquid tags @@ -85,18 +90,18 @@ translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/r translations/zh-CN/content/authentication/managing-commit-signature-verification/about-commit-signature-verification.md,broken liquid tags translations/zh-CN/content/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication.md,broken liquid tags translations/zh-CN/content/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication.md,broken liquid tags -translations/zh-CN/content/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security.md,parsing error +translations/zh-CN/content/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security.md,rendering error translations/zh-CN/content/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md,broken liquid tags translations/zh-CN/content/billing/managing-billing-for-github-packages/about-billing-for-github-packages.md,broken liquid tags translations/zh-CN/content/billing/managing-billing-for-your-github-account/about-billing-for-your-enterprise.md,broken liquid tags translations/zh-CN/content/billing/managing-billing-for-your-github-account/discounted-subscriptions-for-github-accounts.md,broken liquid tags translations/zh-CN/content/billing/managing-billing-for-your-github-account/index.md,broken liquid tags -translations/zh-CN/content/billing/managing-billing-for-your-github-account/upgrading-your-github-subscription.md,parsing error -translations/zh-CN/content/billing/managing-billing-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account.md,parsing error +translations/zh-CN/content/billing/managing-billing-for-your-github-account/upgrading-your-github-subscription.md,rendering error +translations/zh-CN/content/billing/managing-billing-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account.md,rendering error translations/zh-CN/content/billing/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/about-visual-studio-subscriptions-with-github-enterprise.md,broken liquid tags translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/about-licenses-for-github-enterprise.md,broken liquid tags -translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/downloading-your-license-for-github-enterprise.md,parsing error -translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud.md,parsing error +translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/downloading-your-license-for-github-enterprise.md,rendering error +translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud.md,rendering error translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/uploading-a-new-license-to-github-enterprise-server.md,broken liquid tags translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/viewing-license-usage-for-github-enterprise.md,broken liquid tags translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql.md,broken liquid tags @@ -115,27 +120,27 @@ translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scannin translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system.md,broken liquid tags translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system.md,broken liquid tags translations/zh-CN/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-runner-in-your-ci-system.md,broken liquid tags +translations/zh-CN/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md,rendering error +translations/zh-CN/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md,broken liquid tags +translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md,broken liquid tags +translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md,broken liquid tags +translations/zh-CN/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md,broken liquid tags +translations/zh-CN/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md,broken liquid tags +translations/zh-CN/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md,broken liquid tags translations/zh-CN/content/code-security/getting-started/github-security-features.md,broken liquid tags translations/zh-CN/content/code-security/getting-started/securing-your-organization.md,broken liquid tags translations/zh-CN/content/code-security/getting-started/securing-your-repository.md,broken liquid tags translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md,broken liquid tags -translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md,broken liquid tags -translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md,broken liquid tags -translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md,Listed in localization-support#489 -translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md,parsing error -translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md,broken liquid tags -translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md,broken liquid tags -translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md,broken liquid tags -translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md,broken liquid tags -translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md,Listed in localization-support#489 -translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md,rendering error -translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md,broken liquid tags +translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md,broken liquid tags translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md,Listed in localization-support#489 +translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md,broken liquid tags translations/zh-CN/content/codespaces/customizing-your-codespace/personalizing-codespaces-for-your-account.md,broken liquid tags translations/zh-CN/content/codespaces/developing-in-codespaces/developing-in-a-codespace.md,broken liquid tags translations/zh-CN/content/codespaces/developing-in-codespaces/forwarding-ports-in-your-codespace.md,broken liquid tags translations/zh-CN/content/codespaces/developing-in-codespaces/using-codespaces-in-visual-studio-code.md,broken liquid tags +translations/zh-CN/content/codespaces/developing-in-codespaces/using-codespaces-with-github-cli.md,broken liquid tags translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/enabling-codespaces-for-your-organization.md,broken liquid tags +translations/zh-CN/content/codespaces/the-githubdev-web-based-editor.md,broken liquid tags translations/zh-CN/content/codespaces/troubleshooting/troubleshooting-your-connection-to-codespaces.md,broken liquid tags translations/zh-CN/content/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam.md,broken liquid tags translations/zh-CN/content/desktop/contributing-and-collaborating-using-github-desktop/adding-and-cloning-repositories/adding-an-existing-project-to-github-using-github-desktop.md,broken liquid tags @@ -165,7 +170,7 @@ translations/zh-CN/content/get-started/customizing-your-github-workflow/explorin translations/zh-CN/content/get-started/getting-started-with-git/about-remote-repositories.md,broken liquid tags translations/zh-CN/content/get-started/getting-started-with-git/updating-credentials-from-the-macos-keychain.md,broken liquid tags translations/zh-CN/content/get-started/learning-about-github/about-github-advanced-security.md,broken liquid tags -translations/zh-CN/content/get-started/learning-about-github/githubs-products.md,parsing error +translations/zh-CN/content/get-started/learning-about-github/githubs-products.md,rendering error translations/zh-CN/content/get-started/learning-about-github/types-of-github-accounts.md,broken liquid tags translations/zh-CN/content/get-started/onboarding/getting-started-with-github-ae.md,broken liquid tags translations/zh-CN/content/get-started/onboarding/getting-started-with-github-enterprise-cloud.md,broken liquid tags @@ -177,7 +182,7 @@ translations/zh-CN/content/get-started/quickstart/communicating-on-github.md,bro translations/zh-CN/content/get-started/quickstart/git-and-github-learning-resources.md,broken liquid tags translations/zh-CN/content/get-started/quickstart/github-flow.md,broken liquid tags translations/zh-CN/content/get-started/quickstart/set-up-git.md,broken liquid tags -translations/zh-CN/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-cloud.md,parsing error +translations/zh-CN/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-cloud.md,rendering error translations/zh-CN/content/get-started/signing-up-for-github/signing-up-for-a-new-github-account.md,broken liquid tags translations/zh-CN/content/get-started/signing-up-for-github/verifying-your-email-address.md,broken liquid tags translations/zh-CN/content/get-started/using-git/dealing-with-non-fast-forward-errors.md,broken liquid tags @@ -189,7 +194,7 @@ translations/zh-CN/content/organizations/managing-membership-in-your-organizatio translations/zh-CN/content/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization.md,broken liquid tags translations/zh-CN/content/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization.md,broken liquid tags translations/zh-CN/content/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization.md,Listed in localization-support#489 -translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization.md,parsing error +translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization.md,rendering error translations/zh-CN/content/organizations/organizing-members-into-teams/about-teams.md,broken liquid tags translations/zh-CN/content/packages/learn-github-packages/installing-a-package.md,broken liquid tags translations/zh-CN/content/packages/learn-github-packages/introduction-to-github-packages.md,broken liquid tags @@ -220,6 +225,7 @@ translations/zh-CN/content/rest/overview/other-authentication-methods.md,broken translations/zh-CN/content/rest/overview/resources-in-the-rest-api.md,Listed in localization-support#489 translations/zh-CN/content/rest/reference/enterprise-admin.md,broken liquid tags translations/zh-CN/content/search-github/getting-started-with-searching-on-github/about-searching-on-github.md,broken liquid tags +translations/zh-CN/content/search-github/getting-started-with-searching-on-github/enabling-githubcom-repository-search-from-your-private-enterprise-environment.md,rendering error translations/zh-CN/content/sponsors/getting-started-with-github-sponsors/about-github-sponsors.md,broken liquid tags translations/zh-CN/content/sponsors/receiving-sponsorships-through-github-sponsors/about-github-sponsors-for-open-source-contributors.md,broken liquid tags translations/zh-CN/content/support/contacting-github-support/creating-a-support-ticket.md,broken liquid tags @@ -266,7 +272,7 @@ translations/zh-CN/data/reusables/rest-reference/activity/events.md,broken liqui translations/zh-CN/data/reusables/rest-reference/apps/marketplace.md,broken liquid tags translations/zh-CN/data/reusables/rest-reference/packages/packages.md,broken liquid tags translations/zh-CN/data/reusables/saml/you-must-periodically-authenticate.md,Listed in localization-support#489 -translations/zh-CN/data/reusables/saml/you-must-periodically-authenticate.md,parsing error +translations/zh-CN/data/reusables/saml/you-must-periodically-authenticate.md,rendering error translations/zh-CN/data/reusables/scim/after-you-configure-saml.md,broken liquid tags translations/zh-CN/data/reusables/secret-scanning/enterprise-enable-secret-scanning.md,broken liquid tags translations/zh-CN/data/reusables/sponsors/feedback.md,broken liquid tags diff --git a/translations/log/es-resets.csv b/translations/log/es-resets.csv index d39fa29f58..81e64c7d78 100644 --- a/translations/log/es-resets.csv +++ b/translations/log/es-resets.csv @@ -118,24 +118,6 @@ translations/es-ES/content/code-security/guides.md,Listed in localization-suppor translations/es-ES/content/code-security/index.md,Listed in localization-support#489 translations/es-ES/content/code-security/secret-scanning/about-secret-scanning.md,Listed in localization-support#489 translations/es-ES/content/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md,broken liquid tags -translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md,Listed in localization-support#489 -translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md,Listed in localization-support#489 translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md,Listed in localization-support#489 translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md,Listed in localization-support#489 translations/es-ES/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md,Listed in localization-support#489 @@ -158,7 +140,7 @@ translations/es-ES/content/codespaces/setting-up-your-project-for-codespaces/set translations/es-ES/content/codespaces/setting-up-your-project-for-codespaces/setting-up-your-python-project-for-codespaces.md,Listed in localization-support#489 translations/es-ES/content/codespaces/troubleshooting/exporting-changes-to-a-branch.md,Listed in localization-support#489 translations/es-ES/content/communities/documenting-your-project-with-wikis/about-wikis.md,Listed in localization-support#489 -translations/es-ES/content/communities/documenting-your-project-with-wikis/about-wikis.md,parsing error +translations/es-ES/content/communities/documenting-your-project-with-wikis/about-wikis.md,rendering error translations/es-ES/content/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository.md,Listed in localization-support#489 translations/es-ES/content/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-issue-forms.md,Listed in localization-support#489 translations/es-ES/content/desktop/contributing-and-collaborating-using-github-desktop/adding-and-cloning-repositories/cloning-and-forking-repositories-from-github-desktop.md,Listed in localization-support#489 @@ -192,10 +174,6 @@ translations/es-ES/content/get-started/using-github/keyboard-shortcuts.md,Listed translations/es-ES/content/github-cli/github-cli/github-cli-reference.md,Listed in localization-support#489 translations/es-ES/content/github/copilot/index.md,Listed in localization-support#489 translations/es-ES/content/github/index.md,Listed in localization-support#489 -translations/es-ES/content/github/site-policy/coordinated-disclosure-of-security-vulnerabilities.md,Listed in localization-support#489 -translations/es-ES/content/github/site-policy/github-bug-bounty-program-legal-safe-harbor.md,Listed in localization-support#489 -translations/es-ES/content/github/site-policy/github-terms-for-additional-products-and-features.md,Listed in localization-support#489 -translations/es-ES/content/github/site-policy/index.md,Listed in localization-support#489 translations/es-ES/content/graphql/overview/breaking-changes.md,Listed in localization-support#489 translations/es-ES/content/index.md,Listed in localization-support#489 translations/es-ES/content/issues/tracking-your-work-with-issues/about-task-lists.md,Listed in localization-support#489 diff --git a/translations/log/ja-resets.csv b/translations/log/ja-resets.csv index a64bef81ea..d2bfcd0828 100644 --- a/translations/log/ja-resets.csv +++ b/translations/log/ja-resets.csv @@ -17,11 +17,11 @@ translations/ja-JP/content/actions/learn-github-actions/finding-and-customizing- translations/ja-JP/content/actions/managing-workflow-runs/removing-workflow-artifacts.md,broken liquid tags translations/ja-JP/content/actions/publishing-packages/about-packaging-with-github-actions.md,broken liquid tags translations/ja-JP/content/actions/quickstart.md,broken liquid tags -translations/ja-JP/content/actions/security-guides/automatic-token-authentication.md,parsing error translations/ja-JP/content/actions/using-github-hosted-runners/about-github-hosted-runners.md,broken liquid tags translations/ja-JP/content/actions/using-workflows/storing-workflow-data-as-artifacts.md,broken liquid tags translations/ja-JP/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance.md,broken liquid tags translations/ja-JP/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-secret-scanning-for-your-appliance.md,broken liquid tags +translations/ja-JP/content/admin/configuration/configuring-network-settings/network-ports.md,broken liquid tags translations/ja-JP/content/admin/configuration/configuring-your-enterprise/accessing-the-management-console.md,broken liquid tags translations/ja-JP/content/admin/configuration/configuring-your-enterprise/command-line-utilities.md,broken liquid tags translations/ja-JP/content/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance.md,broken liquid tags @@ -31,7 +31,7 @@ translations/ja-JP/content/admin/configuration/configuring-your-enterprise/initi translations/ja-JP/content/admin/configuration/configuring-your-enterprise/managing-github-mobile-for-your-enterprise.md,broken liquid tags translations/ja-JP/content/admin/configuration/configuring-your-enterprise/site-admin-dashboard.md,broken liquid tags translations/ja-JP/content/admin/enterprise-management/configuring-clustering/monitoring-cluster-nodes.md,Listed in localization-support#489 -translations/ja-JP/content/admin/enterprise-management/configuring-clustering/monitoring-cluster-nodes.md,parsing error +translations/ja-JP/content/admin/enterprise-management/configuring-clustering/monitoring-cluster-nodes.md,rendering error translations/ja-JP/content/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/increasing-cpu-or-memory-resources.md,broken liquid tags translations/ja-JP/content/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrade-requirements.md,broken liquid tags translations/ja-JP/content/admin/github-actions/advanced-configuration-and-troubleshooting/index.md,broken liquid tags @@ -78,7 +78,7 @@ translations/ja-JP/content/authentication/keeping-your-account-and-data-secure/u translations/ja-JP/content/authentication/managing-commit-signature-verification/about-commit-signature-verification.md,broken liquid tags translations/ja-JP/content/authentication/troubleshooting-ssh/error-permission-denied-publickey.md,Listed in localization-support#489 translations/ja-JP/content/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md,Listed in localization-support#489 -translations/ja-JP/content/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md,parsing error +translations/ja-JP/content/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md,rendering error translations/ja-JP/content/billing/managing-billing-for-github-packages/about-billing-for-github-packages.md,broken liquid tags translations/ja-JP/content/billing/managing-billing-for-your-github-account/how-does-upgrading-or-downgrading-affect-the-billing-process.md,broken liquid tags translations/ja-JP/content/billing/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/about-visual-studio-subscriptions-with-github-enterprise.md,broken liquid tags @@ -98,15 +98,17 @@ translations/ja-JP/content/code-security/code-scanning/using-codeql-code-scannin translations/ja-JP/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-runner-in-your-ci-system.md,broken liquid tags translations/ja-JP/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system.md,broken liquid tags translations/ja-JP/content/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-runner-in-your-ci-system.md,broken liquid tags +translations/ja-JP/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md,broken liquid tags +translations/ja-JP/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md,broken liquid tags +translations/ja-JP/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md,broken liquid tags +translations/ja-JP/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md,broken liquid tags translations/ja-JP/content/code-security/getting-started/securing-your-organization.md,broken liquid tags translations/ja-JP/content/code-security/getting-started/securing-your-repository.md,broken liquid tags translations/ja-JP/content/code-security/index.md,broken liquid tags translations/ja-JP/content/code-security/secret-scanning/about-secret-scanning.md,broken liquid tags -translations/ja-JP/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md,broken liquid tags -translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md,broken liquid tags -translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md,broken liquid tags -translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md,broken liquid tags +translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md,broken liquid tags translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md,Listed in localization-support#489 +translations/ja-JP/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md,broken liquid tags translations/ja-JP/content/codespaces/customizing-your-codespace/personalizing-codespaces-for-your-account.md,broken liquid tags translations/ja-JP/content/codespaces/developing-in-codespaces/using-codespaces-in-visual-studio-code.md,broken liquid tags translations/ja-JP/content/codespaces/prebuilding-your-codespaces/configuring-prebuilds.md,broken liquid tags @@ -141,7 +143,7 @@ translations/ja-JP/content/education/manage-coursework-with-github-classroom/tea translations/ja-JP/content/get-started/customizing-your-github-workflow/exploring-integrations/about-github-marketplace.md,broken liquid tags translations/ja-JP/content/get-started/getting-started-with-git/updating-credentials-from-the-macos-keychain.md,broken liquid tags translations/ja-JP/content/get-started/learning-about-github/about-github-advanced-security.md,Listed in localization-support#489 -translations/ja-JP/content/get-started/learning-about-github/about-github-advanced-security.md,parsing error +translations/ja-JP/content/get-started/learning-about-github/about-github-advanced-security.md,rendering error translations/ja-JP/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md,broken liquid tags translations/ja-JP/content/get-started/quickstart/git-and-github-learning-resources.md,broken liquid tags translations/ja-JP/content/get-started/using-github/github-mobile.md,broken liquid tags @@ -169,8 +171,10 @@ translations/ja-JP/content/packages/working-with-a-github-packages-registry/work translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md,broken liquid tags translations/ja-JP/content/pages/getting-started-with-github-pages/about-github-pages.md,broken liquid tags translations/ja-JP/content/pages/getting-started-with-github-pages/changing-the-visibility-of-your-github-pages-site.md,broken liquid tags +translations/ja-JP/content/pages/getting-started-with-github-pages/configuring-a-publishing-source-for-your-github-pages-site.md,broken liquid tags translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/about-github-pages-and-jekyll.md,broken liquid tags translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/about-jekyll-build-errors-for-github-pages-sites.md,broken liquid tags +translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/setting-a-markdown-processor-for-your-github-pages-site-using-jekyll.md,broken liquid tags translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/troubleshooting-jekyll-build-errors-for-github-pages-sites.md,broken liquid tags translations/ja-JP/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches.md,broken liquid tags translations/ja-JP/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository.md,broken liquid tags @@ -236,9 +240,9 @@ translations/ja-JP/data/reusables/education/apply-for-team.md,broken liquid tags translations/ja-JP/data/reusables/enterprise-accounts/actions-packages-report-download-enterprise-accounts.md,broken liquid tags translations/ja-JP/data/reusables/enterprise-accounts/actions-tab.md,broken liquid tags translations/ja-JP/data/reusables/enterprise-accounts/hooks-tab.md,Listed in localization-support#489 -translations/ja-JP/data/reusables/enterprise-accounts/hooks-tab.md,parsing error +translations/ja-JP/data/reusables/enterprise-accounts/hooks-tab.md,rendering error translations/ja-JP/data/reusables/enterprise-accounts/messages-tab.md,Listed in localization-support#489 -translations/ja-JP/data/reusables/enterprise-accounts/messages-tab.md,parsing error +translations/ja-JP/data/reusables/enterprise-accounts/messages-tab.md,rendering error translations/ja-JP/data/reusables/enterprise-accounts/pages-tab.md,broken liquid tags translations/ja-JP/data/reusables/enterprise_installation/download-appliance.md,broken liquid tags translations/ja-JP/data/reusables/enterprise_installation/hardware-considerations-all-platforms.md,broken liquid tags diff --git a/translations/log/pt-resets.csv b/translations/log/pt-resets.csv index b97f8f6972..4558a18bbc 100644 --- a/translations/log/pt-resets.csv +++ b/translations/log/pt-resets.csv @@ -28,7 +28,7 @@ translations/pt-BR/content/education/explore-the-benefits-of-teaching-and-learni translations/pt-BR/content/get-started/customizing-your-github-workflow/exploring-integrations/github-extensions-and-integrations.md,broken liquid tags translations/pt-BR/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-cloud.md,broken liquid tags translations/pt-BR/content/github/index.md,Listed in localization-support#489 -translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md,parsing error +translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md,rendering error translations/pt-BR/content/organizations/organizing-members-into-teams/about-teams.md,broken liquid tags translations/pt-BR/content/packages/learn-github-packages/introduction-to-github-packages.md,broken liquid tags translations/pt-BR/content/packages/learn-github-packages/publishing-a-package.md,broken liquid tags @@ -39,7 +39,7 @@ translations/pt-BR/content/packages/working-with-a-github-packages-registry/work translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md,Listed in localization-support#489 translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md,broken liquid tags translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md,broken liquid tags -translations/pt-BR/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md,parsing error +translations/pt-BR/content/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository.md,broken liquid tags translations/pt-BR/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/about-email-notifications-for-pushes-to-your-repository.md,broken liquid tags translations/pt-BR/content/rest/reference/enterprise-admin.md,Listed in localization-support#489 translations/pt-BR/content/rest/reference/enterprise-admin.md,broken liquid tags diff --git a/translations/pt-BR/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md b/translations/pt-BR/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md index 286b7b089f..066ef4eb97 100644 --- a/translations/pt-BR/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md +++ b/translations/pt-BR/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md @@ -134,7 +134,7 @@ Email notifications from {% data variables.product.product_location %} contain t | `To` field | This field connects directly to the thread.{% ifversion not ghae %} If you reply to the email, you'll add a new comment to the conversation.{% endif %} | | `Cc` address | {% data variables.product.product_name %} will `Cc` you if you're subscribed to a conversation. The second `Cc` email address matches the notification reason. The suffix for these notification reasons is {% data variables.notifications.cc_address %}. The possible notification reasons are:
  • `assign`: You were assigned to an issue or pull request.
  • `author`: You created an issue or pull request.
  • `ci_activity`: A {% data variables.product.prodname_actions %} workflow run that you triggered was completed.
  • `comment`: You commented on an issue or pull request.
  • `manual`: There was an update to an issue or pull request you manually subscribed to.
  • `mention`: You were mentioned on an issue or pull request.
  • `push`: Someone committed to a pull request you're subscribed to.
  • `review_requested`: You or a team you're a member of was requested to review a pull request.
    • {% ifversion fpt or ghes or ghae-issue-4864 or ghec %}
  • `security_alert`: {% data variables.product.prodname_dotcom %} detected a vulnerability in a repository you receive alerts for.
    • {% endif %}
  • `state_change`: An issue or pull request you're subscribed to was either closed or opened.
  • `subscribed`: There was an update in a repository you're watching.
  • `team_mention`: A team you belong to was mentioned on an issue or pull request.
  • `your_activity`: You opened, commented on, or closed an issue or pull request.
| | `mailing list` field | This field identifies the name of the repository and its owner. The format of this address is always `..{% data variables.command_line.backticks %}`. |{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} -| `X-GitHub-Severity` field | {% data reusables.repositories.security-alerts-x-github-severity %} The possible severity levels are:
  • `low`
  • `moderate`
  • `high`
  • `critical`
For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." |{% endif %} +| `X-GitHub-Severity` field | {% data reusables.repositories.security-alerts-x-github-severity %} The possible severity levels are:
  • `low`
  • `moderate`
  • `high`
  • `critical`
For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." |{% endif %} ## Choosing your notification settings diff --git a/translations/pt-BR/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md b/translations/pt-BR/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md index 222e531c9a..e523fc897f 100644 --- a/translations/pt-BR/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md +++ b/translations/pt-BR/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md @@ -174,7 +174,7 @@ Se você usar {% data variables.product.prodname_dependabot %} para manter suas - `reason:security_alert` para mostrar notificações para {% data variables.product.prodname_dependabot_alerts %} e pull requests das atualizações de segurança. - `author:app/dependabot` para mostrar as notificações geradas por {% data variables.product.prodname_dependabot %}. Isto inclui {% data variables.product.prodname_dependabot_alerts %}, pull requests para atualizações de segurança e pull requests para atualizações de versão. -Para obter mais informações sobre {% data variables.product.prodname_dependabot %}, consulte "[Sobre o gerenciamento de dependências vulneráveis](/github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies)". +Para obter mais informações sobre {% data variables.product.prodname_dependabot %}, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." {% endif %} {% ifversion ghes < 3.3 or ghae-issue-4864 %} @@ -183,7 +183,7 @@ Se você usar {% data variables.product.prodname_dependabot %} para falar sobre - `is:repository_vulnerability_alert` - `reason:security_alert` -Para obter mais informações sobre {% data variables.product.prodname_dependabot %}, consulte "[Sobre alertas para dependências vulneráveis](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". +Para obter mais informações sobre {% data variables.product.prodname_dependabot %}, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." {% endif %} {% endif %} diff --git a/translations/pt-BR/content/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-graphs-on-your-profile/why-are-my-contributions-not-showing-up-on-my-profile.md b/translations/pt-BR/content/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-graphs-on-your-profile/why-are-my-contributions-not-showing-up-on-my-profile.md index 81bc3e28ca..986b01255a 100644 --- a/translations/pt-BR/content/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-graphs-on-your-profile/why-are-my-contributions-not-showing-up-on-my-profile.md +++ b/translations/pt-BR/content/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-graphs-on-your-profile/why-are-my-contributions-not-showing-up-on-my-profile.md @@ -19,7 +19,7 @@ shortTitle: Contribuições ausentes Seu gráfico de contribuições de perfil é um registro de contribuições que você fez para repositórios {% ifversion ghae %}pertencentes a{% else %}em{% endif %} {% data variables.product.product_location %}. As contribuições recebem registros de data e hora de acordo com o UTC (Coordinated Universal Time, Horário universal coordenado), e não com o fuso horário local. As contribuições só serão contabilizadas se atenderem a determinados critérios. Em alguns casos, pode ser necessário recriar o gráfico para que as contribuições sejam exibidas. -If you are part of an organization that uses SAML single sign-on (SSO), you won’t be able to see contribution activity from the organization on your profile if you do not have an active SSO session. People viewing your profile from outside your organization will see anonymized contribution activity of your contribution activity for your organization. +Se você faz parte de uma organização que usa o logon único SAML (SSO), você não poderá ver a atividade de contribuição da organização em seu perfil se não tiver uma sessão SSO ativa. As pessoas que visualizarem o seu perfil de fora da sua organização verão a atividade de contribuição anônima de sua atividade de contribuição para sua organização. ## Contribuições que são contabilizadas diff --git a/translations/pt-BR/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md b/translations/pt-BR/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md index 78305fdf52..1657138a5c 100644 --- a/translations/pt-BR/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md +++ b/translations/pt-BR/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md @@ -50,5 +50,5 @@ Para obter uma visão geral da segurança do repositório, consulte "[Proteger s ## Leia mais - "[Sobre o gráfico de dependências](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" -- "[Gerenciar vulnerabilidades nas dependências do seu projeto](/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies)" +- "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" - "[Manter suas dependências atualizadas automaticamente](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically)" diff --git a/translations/pt-BR/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md b/translations/pt-BR/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md index dd4e45d9fa..b1bc170fad 100644 --- a/translations/pt-BR/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md +++ b/translations/pt-BR/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md @@ -48,7 +48,7 @@ O proprietário do repositório tem controle total do repositório. Além das a | Personalizar a visualização das mídias sociais do repositório | "[Personalizar a visualização das mídias sociais do seu repositório](/github/administering-a-repository/customizing-your-repositorys-social-media-preview)" | | Criar um modelo a partir do repositório | "[Criando um repositório de modelo](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)"{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} | Controle o acesso a {% data variables.product.prodname_dependabot_alerts %} para dependências vulneráveis | "[Gerenciar as configurações de segurança e análise do repositório](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)" |{% endif %}{% ifversion fpt or ghec %} -| Ignorar {% data variables.product.prodname_dependabot_alerts %} no repositório | "[Visualizar e atualizar dependências vulneráveis no seu repositório](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" | +| Ignorar {% data variables.product.prodname_dependabot_alerts %} no repositório | "[Visualizando {% data variables.product.prodname_dependabot_alerts %} para dependências vulneráveis](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" | | Gerenciar o uso de dados para um repositório privado | "[Gerenciar as configurações de uso de dados para o seu repositório privado](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)" {% endif %} | Definir os proprietários do código do repositório | "[Sobre proprietários do código](/github/creating-cloning-and-archiving-repositories/about-code-owners)" | diff --git a/translations/pt-BR/content/actions/deployment/about-deployments/deploying-with-github-actions.md b/translations/pt-BR/content/actions/deployment/about-deployments/deploying-with-github-actions.md index a23edc754c..408de14ea7 100644 --- a/translations/pt-BR/content/actions/deployment/about-deployments/deploying-with-github-actions.md +++ b/translations/pt-BR/content/actions/deployment/about-deployments/deploying-with-github-actions.md @@ -132,7 +132,7 @@ jobs: # ...deployment-specific steps ``` -For guidance on writing deployment-specific steps, see "[Finding deployment examples](#finding-deployment-examples)." +Para orientação sobre a escrita de etapas específicas de implantação, consulte "[Encontrando exemplos de implantação](#finding-deployment-examples)". ## Visualizar histórico de implantação @@ -166,7 +166,7 @@ Você pode usar um selo de status para exibir o status do seu fluxo de trabalho Para obter mais informações, consulte "[Adicionando um selo de status do fluxo de trabalho](/actions/managing-workflow-runs/adding-a-workflow-status-badge)". -## Finding deployment examples +## Procurando exemplos de implantação Este artigo mostrou as funcionalidades de {% data variables.product.prodname_actions %} que você pode adicionar aos seus fluxos de trabalho de implantação. diff --git a/translations/pt-BR/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault.md b/translations/pt-BR/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault.md index 3f672a99b9..037b3ac69b 100644 --- a/translations/pt-BR/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault.md +++ b/translations/pt-BR/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault.md @@ -45,8 +45,8 @@ Para atualizar seus fluxos de trabalho para o OIDC, você deverá fazer duas alt Para adicionar a integração do OIDC a seus fluxos de trabalho que lhes permitem acessar os segredos no Vault, você deverá adicionar as seguintes alterações de código: -- Grant permission to fetch the token from the {% data variables.product.prodname_dotcom %} OIDC provider: - - O fluxo de trabalho precisa de configurações de `permissions:` com o valor `id-token` definido como `write`. This lets you fetch the OIDC token from every job in the workflow. +- Conceder permissão para obter o token do provedor do OIDC de {% data variables.product.prodname_dotcom %}: + - O fluxo de trabalho precisa de configurações de `permissions:` com o valor `id-token` definido como `write`. Isso permite obter o token do OIDC de cada trabalho do fluxo de trabalho. - Solicite o JWT do provedor do OIDC {% data variables.product.prodname_dotcom %} e apresente-o ao HashiCorp Vault para receber um token de acesso: - Você pode usar o kit de ferramentas [Actions](https://github.com/actions/toolkit/) para buscar os tokens para o seu trabalho, ou você pode usar a ação [`hashicorp/vault-action`](https://github.com/hashicorp/vault-action) para buscar o JWT e receber o token de acesso do Vault. diff --git a/translations/pt-BR/content/actions/hosting-your-own-runners/about-self-hosted-runners.md b/translations/pt-BR/content/actions/hosting-your-own-runners/about-self-hosted-runners.md index f2904902c9..472e15ed55 100644 --- a/translations/pt-BR/content/actions/hosting-your-own-runners/about-self-hosted-runners.md +++ b/translations/pt-BR/content/actions/hosting-your-own-runners/about-self-hosted-runners.md @@ -133,16 +133,30 @@ Some extra configuration might be required to use actions from {% data variables ## Communication between self-hosted runners and {% data variables.product.product_name %} -The self-hosted runner polls {% data variables.product.product_name %} to retrieve application updates and to check if any jobs are queued for processing. The self-hosted runner uses a HTTPS _long poll_ that opens a connection to {% data variables.product.product_name %} for 50 seconds, and if no response is received, it then times out and creates a new long poll. The application must be running on the machine to accept and run {% data variables.product.prodname_actions %} jobs. +The self-hosted runner connects to {% data variables.product.product_name %} to receive job assignments and to download new versions of the runner application. The self-hosted runner uses an {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} _long poll_ that opens a connection to {% data variables.product.product_name %} for 50 seconds, and if no response is received, it then times out and creates a new long poll. The application must be running on the machine to accept and run {% data variables.product.prodname_actions %} jobs. {% data reusables.actions.self-hosted-runner-ports-protocols %} -{% data reusables.actions.self-hosted-runner-communications-for-ghae %} +{% ifversion fpt or ghec %} +Since the self-hosted runner opens a connection to {% data variables.product.product_location %}, you do not need to allow {% data variables.product.prodname_dotcom %} to make inbound connections to your self-hosted runner. +{% elsif ghes or ghae %} +Only an outbound connection from the runner to {% data variables.product.product_location %} is required. There is no need for an inbound connection from {% data variables.product.product_location %} to the runner. +{%- endif %} + +{% ifversion ghes %} + +{% data variables.product.product_name %} must accept inbound connections from your runners over {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} at {% data variables.product.product_location %}'s hostname and API subdomain, and your runners must allow outbound connections over {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} to {% data variables.product.product_location %}'s hostname and API subdomain. + +{% elsif ghae %} + +You must ensure that the self-hosted runner has appropriate network access to communicate with your {% data variables.product.product_name %} URL and its subdomains. For example, if your subdomain for {% data variables.product.product_name %} is `octoghae`, then you will need to allow the self-hosted runner to access `octoghae.githubenterprise.com`, `api.octoghae.githubenterprise.com`, and `codeload.octoghae.githubenterprise.com`. + +If you use an IP address allow list, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)." + +{% endif %} {% ifversion fpt or ghec %} -Since the self-hosted runner opens a connection to {% data variables.product.prodname_dotcom %}, you do not need to allow {% data variables.product.prodname_dotcom %} to make inbound connections to your self-hosted runner. - You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} hosts listed below. Some hosts are required for essential runner operations, while other hosts are only required for certain functionality. {% note %} @@ -191,27 +205,25 @@ If you use an IP address allow list for your {% data variables.product.prodname_ {% else %} -You must ensure that the machine has the appropriate network access to communicate with {% data variables.product.product_location %}.{% ifversion ghes %} Self-hosted runners connect directly to {% data variables.product.product_location %} and do not require any external internet access in order to function. As a result, you can use network routing to direct communication between the self-hosted runner and {% data variables.product.product_location %}. For example, you can assign a private IP address to your self-hosted runner and configure routing to send traffic to {% data variables.product.product_location %}, with no need for traffic to traverse a public network.{% endif %} +{% ifversion ghes %}Self-hosted runners do not require any external internet access in order to function. As a result, you can use network routing to direct communication between the self-hosted runner and {% data variables.product.product_location %}. For example, you can assign a private IP address to your self-hosted runner and configure routing to send traffic to {% data variables.product.product_location %}, with no need for traffic to traverse a public network.{% endif %} {% endif %} +{% ifversion ghae %} +If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)." +{% endif %} + You can also use self-hosted runners with a proxy server. For more information, see "[Using a proxy server with self-hosted runners](/actions/automating-your-workflow-with-github-actions/using-a-proxy-server-with-self-hosted-runners)." For more information about troubleshooting common network connectivity issues, see "[Monitoring and troubleshooting self-hosted runners](/actions/hosting-your-own-runners/monitoring-and-troubleshooting-self-hosted-runners#troubleshooting-network-connectivity)." -{% ifversion ghes %} +{% ifversion ghes or ghae %} ## Communication between self-hosted runners and {% data variables.product.prodname_dotcom_the_website %} -Self-hosted runners do not need to connect to {% data variables.product.prodname_dotcom_the_website %} unless you have [enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect). +Self-hosted runners do not need to connect to {% data variables.product.prodname_dotcom_the_website %} unless you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions for {% data variables.product.product_location %}. For more information, see "[About using actions in your enterprise](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise)." -If you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}, then the self-hosted runner will connect directly to {% data variables.product.prodname_dotcom_the_website %} to download actions. You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} URLs listed below. - -{% note %} - -**Note:** Some of the domains listed below are configured using `CNAME` records. Some firewalls might require you to add rules recursively for all `CNAME` records. Note that the `CNAME` records might change in the future, and that only the domains listed below will remain constant. - -{% endnote %} +If you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions, then the self-hosted runner will connect directly to {% data variables.product.prodname_dotcom_the_website %} to download actions. You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} URLs listed below. ``` github.com @@ -219,6 +231,13 @@ api.github.com codeload.github.com ``` +{% note %} + +**Note:** Some of the domains listed above are configured using `CNAME` records. Some firewalls might require you to add rules recursively for all `CNAME` records. Note that the `CNAME` records might change in the future, and that only the domains listed above will remain constant. + +{% endnote %} + + {% endif %} ## Self-hosted runner security diff --git a/translations/pt-BR/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md b/translations/pt-BR/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md index e1f3435fba..e5d90c43e0 100644 --- a/translations/pt-BR/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md +++ b/translations/pt-BR/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md @@ -9,7 +9,7 @@ versions: ghae: '*' ghec: '*' type: tutorial -shortTitle: Manage access to runners +shortTitle: Gerenciar acesso a executores --- {% data reusables.actions.enterprise-beta %} @@ -32,10 +32,10 @@ Se você usar {% endif %} {% ifversion ghec or ghes or ghae %} -Grupos de executores auto-hospedados são usados para controlar o acesso a executores auto-hospedados a nível da organização e da empresa. Enterprise owners can configure access policies that control which organizations -{% if restrict-groups-to-workflows %}and workflows {% endif %}in an enterprise have access to the runner group. Organization owners can configure access policies that control which repositories{% if restrict-groups-to-workflows %} and workflows{% endif %} in an organization have access to the runner group. +Grupos de executores auto-hospedados são usados para controlar o acesso a executores auto-hospedados a nível da organização e da empresa. Os proprietários corporativos podem configurar políticas de acesso que controlam as organizações +{% if restrict-groups-to-workflows %}e fluxos de trabalho {% endif %}em uma empresa têm acesso ao grupo de executores. Os proprietários da organização podem configurar as políticas de acesso que controlam quais repositórios{% if restrict-groups-to-workflows %} e fluxos de trabalho{% endif %} em uma organização têm acesso ao grupo de executores. -When an enterprise owner grants an organization access to a runner group, organization owners can see the runner group listed in the organization's self-hosted runner settings. The organization owners can then assign additional granular repository{% if restrict-groups-to-workflows %} and workflow{% endif %} access policies to the enterprise runner group. +Quando um proprietário corporativo concede acesso de uma organização a um grupo de executores, os proprietários da organização podem ver o grupo de executores listado nas configurações do executor auto-hospedado da organização. Em seguida, os proprietários da organização podem atribuir um repositório granular adicional{% if restrict-groups-to-workflows %} e as políticas de acesso do fluxo de trabalho {% endif %} ao grupo do executor corporativo. Quando novos executores são criados, eles são atribuídos automaticamente ao grupo-padrão. Os executores só podem estar em um grupo por vez. Você pode mover os executores do grupo-padrão para outro grupo. Para obter mais informações, consulte "[Mover um executorauto-hospedado para um grupo](#moving-a-self-hosted-runner-to-a-group)". @@ -45,14 +45,14 @@ Todas as organizações têm um único grupo de executores auto-hospedados padr Os executores auto-hospedados são automaticamente atribuídos ao grupo-padrão quando criados e só podem ser membros de um grupo por vez. Você pode mover um executor do grupo- padrão para qualquer grupo que você criar. -When creating a group, you must choose a policy that defines which repositories{% if restrict-groups-to-workflows %} and workflows{% endif %} have access to the runner group. +Ao criar um grupo, você deve escolher uma política que defina quais repositórios{% if restrict-groups-to-workflows %} e fluxos de trabalho{% endif %} têm acesso ao grupo do executor. {% ifversion ghec or ghes > 3.3 or ghae-issue-5091 %} {% data reusables.organizations.navigate-to-org %} {% data reusables.organizations.org_settings %} {% data reusables.actions.settings-sidebar-actions-runner-groups %} 1. Na seção "Grupos de executores", clique em **Novo grupo de executor**. -1. Enter a name for your runner group. +1. Digite um nome para o grupo do seu executor. {% data reusables.actions.runner-group-assign-policy-repo %} {% warning %} @@ -62,7 +62,7 @@ When creating a group, you must choose a policy that defines which repositories{ Para obter mais informações, consulte "[Sobre os executores auto-hospedados](/actions/hosting-your-own-runners/about-self-hosted-runners#self-hosted-runner-security-with-public-repositories)." {% endwarning %} -{% data reusables.actions.runner-group-assign-policy-workflow %}{%- if restrict-groups-to-workflows %} Organization-owned runner groups cannot access workflows from a different organization in the enterprise; instead, you must create an enterprise-owned runner group.{% endif %} +Os grupos de executores de {% data reusables.actions.runner-group-assign-policy-workflow %}{%- if restrict-groups-to-workflows %} não podem acessar os fluxos de trabalho de uma organização diferente na empresa. Em vez disso, você deve criar um grupo de executores de propriedade corporativa.{% endif %} {% data reusables.actions.self-hosted-runner-create-group %} {% elsif ghae or ghes < 3.4 %} {% data reusables.organizations.navigate-to-org %} @@ -93,7 +93,7 @@ When creating a group, you must choose a policy that defines which repositories{ ## Criar um grupo de executor auto-hospedado para uma empresa -As empresas podem adicionar seus executores auto-hospedados a grupos para gerenciamento de acesso. Enterprises can create groups of self-hosted runners that are accessible to specific organizations in the enterprise account{% if restrict-groups-to-workflows %} or to specific workflows{% endif %}. Organization owners can then assign additional granular repository{% if restrict-groups-to-workflows %} or workflow{% endif %} access policies to the enterprise runner groups. Para obter informações sobre como criar um grupo de executores auto-hospedados com a API REST, consulte os pontos de extremidade corporativos na [API REST de {% data variables.product.prodname_actions %}](/rest/reference/actions#self-hosted-runner-groups). +As empresas podem adicionar seus executores auto-hospedados a grupos para gerenciamento de acesso. As empresas podem criar grupos de executores auto-hospedados que podem ser acessados a partir de organizações específicas na conta corporativa{% if restrict-groups-to-workflows %} ou por fluxos de trabalho específicos{% endif %}. Os proprietários da organização podem atribuir políticas adicionais de acesso do repositório granular{% if restrict-groups-to-workflows %} ou políticas de acesso do fluxo de trabalho {% endif %} para os grupos de executores corporativos. Para obter informações sobre como criar um grupo de executores auto-hospedados com a API REST, consulte os pontos de extremidade corporativos na [API REST de {% data variables.product.prodname_actions %}](/rest/reference/actions#self-hosted-runner-groups). Os executores auto-hospedados são automaticamente atribuídos ao grupo-padrão quando criados e só podem ser membros de um grupo por vez. Você pode atribuir o executor a um grupo específico durante o processo de registro, ou você pode mover o executor do grupo-padrão para um grupo personalizado. @@ -127,14 +127,14 @@ Ao criar um grupo, você deve escolher uma política que defina quais organizaç ## Alterar a política de acesso de um grupo de executores auto-hospedados -For runner groups in an enterprise, you can change what organizations in the enterprise can access a runner group{% if restrict-groups-to-workflows %} or restrict what workflows a runner group can run{% endif %}. For runner groups in an organization, you can change what repositories in the organization can access a runner group{% if restrict-groups-to-workflows %} or restrict what workflows a runner group can run{% endif %}. +Para grupos de executores em uma empresa, você pode mudar quais organizações na empresa podem acessar um grupo de executores{% if restrict-groups-to-workflows %} ou restringir quais fluxos de trabalho um grupo de executores pode executar{% endif %}. Para grupos de executores em uma organização, você pode alterar quais repositórios na organização podem acessar um grupo de executores{% if restrict-groups-to-workflows %} ou restringir quais fluxos de trabalho um grupo de executores pode executar{% endif %}. -### Changing what organizations or repositories can access a runner group +### Alterando quais organizações ou repositórios podem acessar um grupo de executores {% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5091 %} {% data reusables.actions.self-hosted-runner-groups-navigate-to-repo-org-enterprise %} {% data reusables.actions.settings-sidebar-actions-runner-groups-selection %} -1. For runner groups in an enterprise, under **Organization access**, modify what organizations can access the runner group. For runner groups in an organization, under **Repository access**, modify what repositories can access the runner group. +1. Para grupos de executores em uma empresa, em **Acesso da organização**, modifique quais organizações podem acessar o grupo de executores. Para grupos de executores em uma organização, em **Acesso do repositório**, modifique quais repositórios podem acessar o grupo de executores. {%- ifversion fpt or ghec or ghes %} {% warning %} @@ -152,32 +152,32 @@ For runner groups in an enterprise, you can change what organizations in the ent {% endif %} {% if restrict-groups-to-workflows %} -### Changing what workflows can access a runner group -You can configure a self-hosted runner group to run either selected workflows or all workflows. For example, you might use this setting to protect secrets that are stored on self-hosted runners or to standardize deployment workflows by restricting a runner group to run only a specific reusable workflow. This setting cannot be overridden if you are configuring an organization's runner group that was shared by an enterprise. +### Alterando quais fluxos de trabalho podem acessar um grupo de executores +Você pode configurar um grupo de executor auto-hospedado para executar fluxos de trabalho selecionados ou todos os fluxos de trabalho. Por exemplo, você pode usar essa configuração para proteger segredos armazenados em executores auto-hospedados ou para padronizar os fluxos de trabalho de implantação restringindo um grupo de executores para executar apenas um fluxo de trabalho reutilizável. Esta configuração não pode ser substituída se você configurar o grupo de executores da organização que foi compartilhado por uma empresa. {% data reusables.actions.self-hosted-runner-groups-navigate-to-repo-org-enterprise %} {% data reusables.actions.settings-sidebar-actions-runner-groups-selection %} -1. Under **Workflow access**, select the dropdown menu and click **Selected workflows**. +1. Em **Acesso ao fluxo de trabalho**, selecione o menu suspenso e clique em **Fluxos de trabalho selecionados**. 1. Clique em {% octicon "gear" aria-label="the gear icon" %}. -1. Enter a comma separated list of the workflows that can access the runner group. Use the full path, including the repository name and owner. Pin the workflow to a branch, tag, or full SHA. For example: `octo-org/octo-repo/.github/workflows/build.yml@v2, octo-org/octo-repo/.github/workflows/deploy.yml@d6dc6c96df4f32fa27b039f2084f576ed2c5c2a5, monalisa/octo-test/.github/workflows/test.yml@main`. +1. Insira uma lista separada por vírgulas dos fluxos de trabalho que podem acessar o grupo de executores. Use o caminho completo, incluindo o nome e proprietário do repositório. Fixar o fluxo de trabalho em um ramo, tag ou SHA completo. Por exemplo: `octo-org/octo-repo/.github/workflows/build.yml@v2, octo-org/octo-repo/.github/workflows/deploy.yml@d6dc6c96df4f32fa27b039f2084f576ed2c5c2a5, monalisa/octo-test/.github/workflows/test.yml@main`. - Only jobs directly defined within the selected workflows will have access to the runner group. + Apenas trabalhos definidos diretamente nos fluxos de trabalho selecionados terão acesso ao grupo de executores. - Organization-owned runner groups cannot access workflows from a different organization in the enterprise; instead, you must create an enterprise-owned runner group. + Os grupos de executores pertencentes à organização não podem acessar os fluxos de trabalho de uma organização diferente na empresa. Em vez disso, você deve criar um grupo de executores pertencente à empresa. 1. Clique em **Salvar**. {% endif %} -## Changing the name of a runner group +## Alterando o nome de um grupo de executores {% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5091 %} {% data reusables.actions.self-hosted-runner-groups-navigate-to-repo-org-enterprise %} {% data reusables.actions.settings-sidebar-actions-runner-groups-selection %} -1. Change the runner group name. +1. Altere o nome do grupo de executores. {% elsif ghae or ghes < 3.4 %} {% data reusables.actions.self-hosted-runner-configure-runner-group %} -1. Change the runner group name. +1. Altere o nome do grupo de executores. {% endif %} {% ifversion ghec or ghes or ghae %} diff --git a/translations/pt-BR/content/actions/learn-github-actions/contexts.md b/translations/pt-BR/content/actions/learn-github-actions/contexts.md index 0d3157f4cd..0f9b257762 100644 --- a/translations/pt-BR/content/actions/learn-github-actions/contexts.md +++ b/translations/pt-BR/content/actions/learn-github-actions/contexts.md @@ -73,7 +73,7 @@ A tabela a seguir indica onde cada contexto e função especial pode ser utiliza | concorrência | github, entradas | | | env | github, segredos, entradas | | | jobs.<job_id>.concurrency | github, necessidades, estratégia, matriz, entradas | | -| jobs.<job_id>.container | github, necessidades, estratégia, matriz, segredos, entradas | | +| jobs.<job_id>.container | github, necessidades, estratégia, matrix, env, segredos, entradas | | | jobs.<job_id>.container.credentials | github, necessidades, estratégia, matrix, env, segredos, entradas | | | jobs.<job_id>.container.env.<env_id> | github, necessidades, estratégia, matrix, trabalho, executor, env, segredos, entradas | | | jobs.<job_id>.continue-on-error | github, necessidades, estratégia, matriz, entradas | | @@ -180,7 +180,7 @@ O contexto `github` context contém informações sobre a execução do fluxo de | `github.action_path` | `string` | O caminho onde uma ação está localizada. Esta propriedade só é compatível com ações compostas. Você pode usar este caminho para acessar arquivos localizados no mesmo repositório da ação. | | `github.action_ref` | `string` | Para uma etapa executando uma ação, este é o ref da ação que está sendo executada. Por exemplo, `v2`. | | `github.action_repository` | `string` | Para uma etpa que executa uma ação, este é o nome do proprietário e do repositório da ação. Por exemplo, `actions/checkout`. | -| `github.action_status` | `string` | For a composite action, the current result of the composite action. | +| `github.action_status` | `string` | Para uma ação composta, o resultado atual da ação composta. | | `github.actor` | `string` | O nome de usuário que iniciou a execução do fluxo de trabalho. | | `github.api_url` | `string` | A URL da API REST de {% data variables.product.prodname_dotcom %}. | | `github.base_ref` | `string` | `base_ref` ou branch alvo da pull request em uma execução de fluxo de trabalho. Esta propriedade só está disponível quando o evento que aciona a execução de um fluxo de trabalho for `pull_request` ou `pull_request_target`. | diff --git a/translations/pt-BR/content/actions/learn-github-actions/environment-variables.md b/translations/pt-BR/content/actions/learn-github-actions/environment-variables.md index 3d09ced703..e0fa6a26af 100644 --- a/translations/pt-BR/content/actions/learn-github-actions/environment-variables.md +++ b/translations/pt-BR/content/actions/learn-github-actions/environment-variables.md @@ -147,7 +147,7 @@ As variáveis de ambiente padrão que os conjuntos de {% data variables.product. {%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5338 %} | `GITHUB_REF_NAME` | {% data reusables.actions.ref_name-description %} For example, `feature-branch-1`.| | `GITHUB_REF_PROTECTED` | {% data reusables.actions.ref_protected-description %} | | `GITHUB_REF_TYPE` | {% data reusables.actions.ref_type-description %} {%- endif %} -| `GITHUB_REPOSITORY` | O nome do proprietário e do repositório. Por exemplo, `octocat/Hello-World`. | | `GITHUB_REPOSITORY_OWNER` | O nome do proprietário do repositório. Por exemplo, `octocat`. | | `GITHUB_RETENTION_DAYS` | O número de dias que os registros da execução do fluxo de trabalho e os artefatos são mantidos. Por exemplo, `90`. | | `GITHUB_RUN_ATTEMPT` | Um número único para cada tentativa da execução de um fluxo de trabalho particular em um repositório. Este número começa em 1 para a primeira tentativa de execução do fluxo de trabalho e aumenta a cada nova execução. Por exemplo, `3`. | | `GITHUB_RUN_ID` | {% data reusables.actions.run_id_description %} Por exemplo, `1658821493`. | | `GITHUB_RUN_NUMBER` | {% data reusables.actions.run_number_description %} Por exemplo, `3`. | | `GITHUB_SERVER_URL`| A URL do servidor de {% data variables.product.product_name %} server. Por exemplo: `https://{% data variables.product.product_url %}`. | `GITHUB_SHA` | O SHA do commit que acionou o fluxo de trabalho. The value of this commit SHA depends on the event that triggered the workflow. For more information, see [Events that trigger workflows](/actions/using-workflows/events-that-trigger-workflows). Por exemplo, `ffac537e6cbbf934b08745a378932722df287a53`. | | `GITHUB_WORKFLOW` | O nome do fluxo de trabalho. Por exemplo, `My test workflow`. Se o fluxo de trabalho não determinar um `nome`, o valor desta variável será o caminho completo do arquivo do fluxo de trabalho no repositório. | | `GITHUB_WORKSPACE` | O diretório de trabalho padrão no executor para as etapas e para a localidade padrão do seu repositório ao usar a ação [`checkout`](https://github.com/actions/checkout). Por exemplo, `/home/runner/work/my-repo-name/my-repo-name`. | +| `GITHUB_REPOSITORY` | O nome do proprietário e do repositório. Por exemplo, `octocat/Hello-World`. | | `GITHUB_REPOSITORY_OWNER` | O nome do proprietário do repositório. Por exemplo, `octocat`. | | `GITHUB_RETENTION_DAYS` | O número de dias que os registros da execução do fluxo de trabalho e os artefatos são mantidos. Por exemplo, `90`. | | `GITHUB_RUN_ATTEMPT` | Um número único para cada tentativa da execução de um fluxo de trabalho particular em um repositório. Este número começa em 1 para a primeira tentativa de execução do fluxo de trabalho e aumenta a cada nova execução. Por exemplo, `3`. | | `GITHUB_RUN_ID` | {% data reusables.actions.run_id_description %} Por exemplo, `1658821493`. | | `GITHUB_RUN_NUMBER` | {% data reusables.actions.run_number_description %} Por exemplo, `3`. | | `GITHUB_SERVER_URL`| A URL do servidor de {% data variables.product.product_name %} server. Por exemplo: `https://{% data variables.product.product_url %}`. | `GITHUB_SHA` | O SHA do commit que acionou o fluxo de trabalho. O valor do commit deste SHA depende do evento que acionou o fluxo de trabalho. Para obter mais informações, consulte [Eventos que acionam fluxos de trabalho](/actions/using-workflows/events-that-trigger-workflows). Por exemplo, `ffac537e6cbbf934b08745a378932722df287a53`. | | `GITHUB_WORKFLOW` | O nome do fluxo de trabalho. Por exemplo, `My test workflow`. Se o fluxo de trabalho não determinar um `nome`, o valor desta variável será o caminho completo do arquivo do fluxo de trabalho no repositório. | | `GITHUB_WORKSPACE` | O diretório de trabalho padrão no executor para as etapas e para a localidade padrão do seu repositório ao usar a ação [`checkout`](https://github.com/actions/checkout). Por exemplo, `/home/runner/work/my-repo-name/my-repo-name`. | {%- if actions-runner-arch-envvars %} | `RUNNER_ARCH` | {% data reusables.actions.runner-arch-description %} {%- endif %} diff --git a/translations/pt-BR/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md b/translations/pt-BR/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md index 3057250dcb..44900fd670 100644 --- a/translations/pt-BR/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md +++ b/translations/pt-BR/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md @@ -1,6 +1,6 @@ --- title: Reexecutando fluxos de trabalho e trabalhos -intro: Você pode executar novamente a execução do workflow até 30 dias após sua execução inicial. +intro: 'Você pode executar novamente um fluxo de trabalho{% if re-run-jobs %}, todos os trabalhos que falharam na execução de um fluxo de trabalho, ou trabalhos específicos em uma execução de fluxo de trabalho{% endif %} até 30 dias após sua execução inicial.' permissions: People with write permissions to a repository can re-run workflows in the repository. miniTocMaxHeadingLevel: 3 redirect_from: @@ -15,9 +15,11 @@ versions: {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -## Reexecutar todos os trabalhos em um fluxo de trabalho +## Sobre a reexecução de fluxos de trabalho e trabalhos -A reexecução de um fluxo de trabalho usa o mesmo `GITHUB_SHA` (commit SHA) e `GITHUB_REF` (Git ref) do evento original que acionou a execução do fluxo de trabalho. Você pode executar novamente um fluxo de trabalho por até 30 dias após a execução inicial. +A reexecução de um fluxo de trabalho{% if re-run-jobs %} ou trabalhos em um fluxo de trabalho{% endif %} usa o mesmo `GITHUB_SHA` (commit SHA) e `GITHUB_REF` (Git ref) do evento original que acionou a execução do fluxo de trabalho. Você pode executar novamente um fluxo de trabalho{% if re-run-jobs %} ou trabalhos em um fluxo de trabalho{% endif %} por até 30 dias após a execução inicial. + +## Reexecutar todos os trabalhos em um fluxo de trabalho {% webui %} @@ -26,7 +28,9 @@ A reexecução de um fluxo de trabalho usa o mesmo `GITHUB_SHA` (commit SHA) e ` {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} {% ifversion fpt or ghes > 3.2 or ghae-issue-4721 or ghec %} -1. No canto superior direito do fluxo de trabalho, use o menu suspenso **Reexecutar trabalhos** e selecione **Reexecutar todos os trabalhos** ![Menu suspenso reexecutar](/assets/images/help/repository/rerun-checks-drop-down.png) +1. No canto superior direito do fluxo de trabalho, use o menu suspenso **Reexecutar trabalhos** e selecione **Reexecutar todos os trabalhos**. + + Se nenhum trabalho falhar, você não verá o menu suspenso **Reexecutar trabalhos**. Em vez disso, clique em **Reexecutar todos os trabalhos**. ![Menu suspenso reexecutar](/assets/images/help/repository/rerun-checks-drop-down.png) {% endif %} {% ifversion ghes < 3.3 or ghae %} 1. No canto superior direito do fluxo de trabalho, use o menu suspenso **Reexecutar trabalhos** e selecione **Reexecutar todos os trabalhos**. ![Menu suspenso Re-run checks (Executar verificações novamente)](/assets/images/help/repository/rerun-checks-drop-down-updated.png) @@ -52,8 +56,61 @@ gh run watch {% endcli %} +{% if re-run-jobs %} +## Reexecutar trabalhos que falharam em um fluxo de trabalho + +Se qualquer trabalho na execução de um fluxo de trabalho falhar, você poderá executar novamente apenas os trabalhos que falharam. Ao reexecutar trabalhos que falharam em fluxo de trabalho, uma nova execução do fluxo de trabalho será iniciada para todos os trabalhos que falharam e seus dependentes. Todas as saídas para quaisquer trabalhos bem-sucedidos na execução anterior do fluxo de trabalho serão usadas para a nova execução. Todos os artefatos criados na execução inicial estarão disponíveis na reexecução. Todas as regras de proteção de ambiente que passaram na execução anterior serão automaticamente passadas na reexecução. + +{% webui %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.actions-tab %} +{% data reusables.repositories.navigate-to-workflow %} +{% data reusables.repositories.view-run %} +1. No canto superior direito do fluxo de trabalho, use o menu suspenso **Reexecutar trabalhos** e selecione **Reexecutar trabalhos com falhas**. ![Menu suspenso de executar novamente trabalhos com falha](/assets/images/help/repository/rerun-failed-jobs-drop-down.png) + +{% endwebui %} + +{% cli %} + +Para executar novamente trabalhos que falharam em um fluxo de trabalho executado, use o subcomando `executar novamente` com o sinalizador `--failed`. Substitua `run-id` pelo ID da execução para o qual você deseja reexecutar trabalhos que falharam. Se você não especificar um `run-id`, {% data variables.product.prodname_cli %} irá retornar um menu interativo para você escolher uma execução com falha recente. + +```shell +gh run rerun run-id --failed +``` + +{% endcli %} + +## Reexecutando um trabalho específico em um fluxo de trabalho + +Ao executar novamente um trabalho específico em um fluxo de trabalho, uma nova execução do fluxo de trabalho será iniciada para o trabalho e para quaisquer dependentes. Todas as saídas para outros trabalhos na execução anterior do fluxo de trabalho serão usadas para a nova execução. Todos os artefatos criados na execução inicial estarão disponíveis na reexecução. Todas as regras de proteção de ambiente que passaram na execução anterior serão automaticamente passadas na reexecução. + +{% webui %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.actions-tab %} +{% data reusables.repositories.navigate-to-workflow %} +{% data reusables.repositories.view-run %} +1. Ao lado do trabalho que você deseja executar novamente, clique em {% octicon "sync" aria-label="The re-run icon" %}. ![Reexecutar trabalho selecionado](/assets/images/help/repository/re-run-selected-job.png) + + Alternativamente, clique em um trabalho para visualizar o registro. No registro, clique em {% octicon "sync" aria-label="The re-run icon" %}. ![Reexecutar trabalho selecionado](/assets/images/help/repository/re-run-single-job-from-log.png) + +{% endwebui %} + +{% cli %} + +Para executar novamente um trabalho específico em uma execução de fluxo de trabalho, use o subcomando `executar novamente` com o sinalizador `--job`. Substitua `job-id` pelo ID do trabalho que você deseja executar novamente. + +```shell +gh run rerun --job job-id +``` + +{% endcli %} + +{% endif %} + {% ifversion fpt or ghes > 3.2 or ghae-issue-4721 or ghec %} -### Revisando execuções de workflows anteriores +## Revisando execuções de workflows anteriores Você pode ver os resultados de suas tentativas anteriores de executar um fluxo de trabalho. Você também pode visualizar execuções de workflows anteriores do fluxo de trabalho usando a API. Para obter mais informações, consulte ["Obter uma execução de workflow"](/rest/reference/actions#get-a-workflow-run). @@ -61,7 +118,11 @@ Você pode ver os resultados de suas tentativas anteriores de executar um fluxo {% data reusables.repositories.actions-tab %} {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} +{%- if re-run-jobs %} +1. Quaisquer tentativas anteriores de execução são exibidas no menu suspenso **mais recentes**. ![Tentativas de execução anteriores](/assets/images/help/repository/previous-run-attempts.png) +{%- else %} 1. Todas as tentativas anteriores de execução são mostradas no painel esquerdo. ![Reexecutar fluxo de trabalho](/assets/images/help/settings/actions-review-workflow-rerun.png) +{%- endif %} 1. Clique em uma entrada para visualizar os resultados. {% endif %} diff --git a/translations/pt-BR/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md b/translations/pt-BR/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md index 8075db160f..fa590d1d7b 100644 --- a/translations/pt-BR/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md +++ b/translations/pt-BR/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md @@ -62,6 +62,16 @@ Você pode fazer o download dos arquivos de registro da execução do seu fluxo ![Menu suspenso Download logs (Baixar logs)](/assets/images/help/repository/download-logs-drop-down-updated-2.png) + {% if re-run-jobs %} + + {% note %} + + **Obersvação**: Ao fazer o download do arquivo de registro de um fluxo de trabalho que foi parcialmente executado, o arquivo só incluirá os trabalhos que foram reexecutados. Para obter um conjunto completo de registro para trabalhos foram executados de um fluxo de trabalho, você deverá fazer o download dos arquivos de registro para as tentativas de execução anteriores que executaram os outros trabalhos. + + {% endnote %} + + {% endif %} + ## Excluir registros Você pode excluir arquivos de registro da execução do seu fluxo de trabalho. {% data reusables.repositories.permissions-statement-write %} diff --git a/translations/pt-BR/content/actions/publishing-packages/publishing-docker-images.md b/translations/pt-BR/content/actions/publishing-packages/publishing-docker-images.md index 34e2642be9..e873cac9d2 100644 --- a/translations/pt-BR/content/actions/publishing-packages/publishing-docker-images.md +++ b/translations/pt-BR/content/actions/publishing-packages/publishing-docker-images.md @@ -133,7 +133,7 @@ As opções de `build-push-action` necessárias para {% data variables.product.p {% ifversion fpt or ghec %} {% data reusables.package_registry.publish-docker-image %} -O fluxo de trabalho acima, se acionado por um push para o branch "versão". Ele verifica o repositório GitHub e usa `login-action` para fazer login no {% data variables.product.prodname_container_registry %}. Em seguida, extrai etiquetas e tags para a imagem do Docker. Finalmente, ele usa a ação `de build-push-action` para criar a imagem e publicá-la no {% data variables.product.prodname_container_registry %}. +O fluxo de trabalho acima é acionado por um push para o branch da "versão". Ele verifica o repositório GitHub e usa `login-action` para fazer login no {% data variables.product.prodname_container_registry %}. Em seguida, extrai etiquetas e tags para a imagem do Docker. Finalmente, ele usa a ação `de build-push-action` para criar a imagem e publicá-la no {% data variables.product.prodname_container_registry %}. {% else %} ```yaml{:copy} diff --git a/translations/pt-BR/content/actions/security-guides/automatic-token-authentication.md b/translations/pt-BR/content/actions/security-guides/automatic-token-authentication.md index 467ae7a0e1..d41fdf7c18 100644 --- a/translations/pt-BR/content/actions/security-guides/automatic-token-authentication.md +++ b/translations/pt-BR/content/actions/security-guides/automatic-token-authentication.md @@ -23,7 +23,7 @@ No início da execução de cada fluxo de trabalho, {% data variables.product.pr Ao habilitar {% data variables.product.prodname_actions %}, {% data variables.product.prodname_dotcom %} instala um {% data variables.product.prodname_github_app %} no seu repositório. O segredo `GITHUB_TOKEN` é um token de acesso de instalação {% data variables.product.prodname_github_app %}. Você pode usar o token de acesso de instalação para autenticar em nome do {% data variables.product.prodname_github_app %} instalado no seu repositório. As permissões do token são restritas ao repositório do fluxo de trabalho. Para obter mais informações, consulte "[Permissões para o `GITHUB_TOKEN`](#permissions-for-the-github_token)". -Antes de iniciar cada trabalho, {% data variables.product.prodname_dotcom %} busca um token de acesso de instalação para o trabalho. O token expira quando o trabalho é concluído. +Antes de iniciar cada trabalho, {% data variables.product.prodname_dotcom %} busca um token de acesso de instalação para o trabalho. {% data reusables.actions.github-token-expiration %} O token também está disponível no contexto `github.token`. Para obter mais informações, consulte "[Contextos](/actions/learn-github-actions/contexts#github-context)". diff --git a/translations/pt-BR/content/actions/security-guides/encrypted-secrets.md b/translations/pt-BR/content/actions/security-guides/encrypted-secrets.md index 4251ab38ab..8d25a5c220 100644 --- a/translations/pt-BR/content/actions/security-guides/encrypted-secrets.md +++ b/translations/pt-BR/content/actions/security-guides/encrypted-secrets.md @@ -226,6 +226,10 @@ steps: ``` {% endraw %} +Não é possível fazer referência a segredos nas condicionais `if:`. Em vez disso, considere definir segredos como variáveis de ambiente no nível de trabalho e, em seguida, fazer referência às variáveis de ambiente para executar etapas condicionalmente no trabalho. Para obter mais informações, consulte "[Disponibilidade de contexto](/actions/learn-github-actions/contexts#context-availability)" e [`trabalhos..steps[*].if`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsif). + +Se um segredo não tiver sido definido, o valor de retorno de uma expressão referente ao segredo (como {% raw %}`${{ secrets.SuperSecret }}`{% endraw %} no exemplo) será uma string vazia. + Evite a transmissão de segredos entre processos da linha de comando sempre que possível. Os processos da linha de comando podem ser visíveis para outros usuários (usando o comando `ps`) ou capturado por [eventos de auditoria de segurança](https://docs.microsoft.com/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing). Para ajudar a proteger os segredos, considere o uso de variáveis de ambiente, `STDIN`, ou outros mecanismos compatíveis com o processo de destino. Se você passar segredos dentro de uma linha de comando, inclua-os dentro das regras de aspas corretas. Muitas vezes, os segredos contêm caracteres especiais que não intencionalmente podem afetar o seu shell. Para escapar desses caracteres especiais, use aspas com suas variáveis de ambiente. Por exemplo: diff --git a/translations/pt-BR/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md b/translations/pt-BR/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md index 3fd22a578b..8a408be867 100644 --- a/translations/pt-BR/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md +++ b/translations/pt-BR/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md @@ -234,3 +234,11 @@ Por exemplo, se um pull request contiver um branch de`recurso` (escopo atual) e ## Limites de uso e política de eliminação {% data variables.product.prodname_dotcom %} removerá todas as entradas da cache não acessadas há mais de 7 dias. Não há limite no número de caches que você pode armazenar, mas o tamanho total de todos os caches em um repositório é limitado a 10 GB. Se você exceder esse limite, {% data variables.product.prodname_dotcom %} salvará seu cache mas começará a despejar caches até que o tamanho total seja inferior a 10 GB. + +{% if actions-cache-management %} + +## Gerenciando caches + +Você pode usar a API REST de {% data variables.product.product_name %} para gerenciar seus caches. No momento, você pode usar a API para ver o uso ddo seu cache, cpodendo esperar outras funcionalidades em atualizações futuras. Para obter mais informações, consulte as "[Ações](/rest/reference/actions#cache)" na documentação da API REST. + +{% endif %} diff --git a/translations/pt-BR/content/actions/using-workflows/reusing-workflows.md b/translations/pt-BR/content/actions/using-workflows/reusing-workflows.md index 299495162f..e555a8f72e 100644 --- a/translations/pt-BR/content/actions/using-workflows/reusing-workflows.md +++ b/translations/pt-BR/content/actions/using-workflows/reusing-workflows.md @@ -308,4 +308,4 @@ Para obter informações sobre o uso da API REST para consultar o log de auditor Para continuar aprendendo sobre {% data variables.product.prodname_actions %}, consulte "[Eventos que desencadeiam fluxos de trabalho](/actions/learn-github-actions/events-that-trigger-workflows)". -{% if restrict-groups-to-workflows %}You can standardize deployments by creating a self-hosted runner group that can only execute a specific reusable workflow. For more information, see "[Managing access to self-hosted runners using groups](/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups)."{% endif %} +{% if restrict-groups-to-workflows %}Você pode padronizar implantações criando um grupo de executores auto-hospedados que só pode executar um fluxo de trabalho específico reutilizável. Para obter mais informações, consulte "[Gerenciando acesso a executores auto-hospedados usando grupos](/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups)."{% endif %} diff --git a/translations/pt-BR/content/actions/using-workflows/workflow-commands-for-github-actions.md b/translations/pt-BR/content/actions/using-workflows/workflow-commands-for-github-actions.md index eb591ed4c1..9e184886de 100644 --- a/translations/pt-BR/content/actions/using-workflows/workflow-commands-for-github-actions.md +++ b/translations/pt-BR/content/actions/using-workflows/workflow-commands-for-github-actions.md @@ -2,6 +2,7 @@ title: Comandos do fluxo de trabalho para o GitHub Actions shortTitle: Comandos do fluxo de trabalho intro: Você pode usar comandos do fluxo de trabalho ao executar comandos do shell em um fluxo de trabalho ou no código de uma ação. +defaultTool: bash redirect_from: - /articles/development-tools-for-github-actions - /github/automating-your-workflow-with-github-actions/development-tools-for-github-actions @@ -26,10 +27,24 @@ As ações podem comunicar-se com a máquina do executor para definir as variáv A maioria dos comandos de fluxo de trabalho usa o comando `echo` em um formato específico, enquanto outros são chamados escrevendo um arquivo. Para obter mais informações, consulte ["Arquivos de ambiente".](#environment-files) -``` bash +### Exemplo + +{% bash %} + +```bash{:copy} echo "::workflow-command parameter1={data},parameter2={data}::{command value}" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::workflow-command parameter1={data},parameter2={data}::{command value}" +``` + +{% endpowershell %} + {% note %} **Observação:** Os nomes do comando do fluxo de trabalho e do parâmetro não diferenciam maiúsculas e minúsculas. @@ -46,14 +61,18 @@ echo "::workflow-command parameter1={data},parameter2={data}::{command value}" O [actions/toolkit](https://github.com/actions/toolkit) inclui uma quantidade de funções que podem ser executadas como comandos do fluxo de trabalho. Use a sintaxe `::` para executar os comandos do fluxo de trabalho no arquivo YAML. Em seguida, esses comandos serão enviados para a o executor por meio do `stdout`. Por exemplo, em vez de usar o código para definir uma saída, como abaixo: -```javascript +```javascript{:copy} core.setOutput('SELECTED_COLOR', 'green'); ``` +### Example: Setting a value + Você pode usar o comando `set-output` no seu fluxo de trabalho para definir o mesmo valor: +{% bash %} + {% raw %} -``` yaml +```yaml{:copy} - name: Set selected color run: echo '::set-output name=SELECTED_COLOR::green' id: random-color-generator @@ -62,6 +81,22 @@ Você pode usar o comando `set-output` no seu fluxo de trabalho para definir o m ``` {% endraw %} +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} + - name: Set selected color + run: Write-Output "::set-output name=SELECTED_COLOR::green" + id: random-color-generator + - name: Get color + run: Write-Output "The selected color is ${{ steps.random-color-generator.outputs.SELECTED_COLOR }}" +``` +{% endraw %} + +{% endpowershell %} + A tabela a seguir mostra quais funções do conjunto de ferramentas estão disponíveis dentro de um fluxo de trabalho: | Função do kit de ferramentas | Comando equivalente do fluxo de trabalho | @@ -86,186 +121,336 @@ A tabela a seguir mostra quais funções do conjunto de ferramentas estão dispo ## Definir um parâmetro de saída -``` +Configura um parâmetro de saída da ação. + +```{:copy} ::set-output name={name}::{value} ``` -Configura um parâmetro de saída da ação. - Opcionalmente, você também pode declarar os parâmetros de saída no arquivo de metadados de uma ação. Para obter mais informações, consulte "[Sintaxe de metadados para o {% data variables.product.prodname_actions %}](/articles/metadata-syntax-for-github-actions#outputs-for-docker-container-and-javascript-actions)". -### Exemplo +### Example: Setting an output parameter -``` bash +{% bash %} + +```bash{:copy} echo "::set-output name=action_fruit::strawberry" ``` -## Configurar uma mensagem de depuração +{% endbash %} +{% powershell %} + +```pwsh{:copy} +Write-Output "::set-output name=action_fruit::strawberry" ``` -::debug::{message} -``` + +{% endpowershell %} + +## Configurar uma mensagem de depuração Imprime uma mensagem de erro no log. Você deve criar um segredo nomeado `ACTIONS_STEP_DEBUG` com o valor `true` para ver as mensagens de erro configuradas por esse comando no log. Para obter mais informações, consulte "[Habilitar o registro de depuração](/actions/managing-workflow-runs/enabling-debug-logging)". -### Exemplo +```{:copy} +::debug::{message} +``` -``` bash +### Example: Setting a debug message + +{% bash %} + +```bash{:copy} echo "::debug::Set the Octocat variable" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::debug::Set the Octocat variable" +``` + +{% endpowershell %} + {% ifversion fpt or ghes > 3.2 or ghae-issue-4929 or ghec %} ## Configurando uma mensagem de aviso -``` +Cria uma mensagem de aviso e a imprime no registro. {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::notice file={name},line={line},endLine={endLine},title={title}::{message} ``` -Cria uma mensagem de aviso e a imprime no registro. {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### Exemplo +### Example: Setting a notice message -``` bash +{% bash %} + +```bash{:copy} echo "::notice file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::notice file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} {% endif %} ## Configurar uma mensagem de aviso -``` +Cria uma mensagem de aviso e a imprime no log. {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::warning file={name},line={line},endLine={endLine},title={title}::{message} ``` -Cria uma mensagem de aviso e a imprime no log. {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### Exemplo +### Example: Setting a warning message -``` bash +{% bash %} + +```bash{:copy} echo "::warning file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::warning file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} ## Configurar uma mensagem de erro -``` +Cria uma mensagem de erro e a imprime no log. {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::error file={name},line={line},endLine={endLine},title={title}::{message} ``` -Cria uma mensagem de erro e a imprime no log. {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### Exemplo +### Example: Setting an error message -``` bash +{% bash %} + +```bash{:copy} echo "::error file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::error file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} ## Agrupar linhas dos registros -``` +Cria um grupo expansível no registro. Para criar um grupo, use o comando `grupo` e especifique um `título`. Qualquer coisa que você imprimir no registro entre os comandos `grupo` e `endgroup` estará aninhada dentro de uma entrada expansível no registro. + +```{:copy} ::group::{title} ::endgroup:: ``` -Cria um grupo expansível no registro. Para criar um grupo, use o comando `grupo` e especifique um `título`. Qualquer coisa que você imprimir no registro entre os comandos `grupo` e `endgroup` estará aninhada dentro de uma entrada expansível no registro. +### Example: Grouping log lines -### Exemplo +{% bash %} -```bash -echo "::group::My title" -echo "Inside group" -echo "::endgroup::" +```yaml{:copy} +jobs: + bash-example: + runs-on: ubuntu-latest + steps: + - name: Group of log lines + run: | + echo "::group::My title" + echo "Inside group" + echo "::endgroup::" ``` +{% endbash %} + +{% powershell %} + +```yaml{:copy} +jobs: + powershell-example: + runs-on: windows-latest + steps: + - name: Group of log lines + run: | + Write-Output "::group::My title" + Write-Output "Inside group" + Write-Output "::endgroup::" +``` + +{% endpowershell %} + ![Grupo dobrável no registro da execução do fluxo de trabalho](/assets/images/actions-log-group.png) ## Mascarar um valor no registro -``` +```{:copy} ::add-mask::{value} ``` Mascarar um valor evita que uma string ou variável seja impressa no log. Cada palavra mascarada separada por espaço em branco é substituída pelo caractere `*`. Você pode usar uma variável de ambiente ou string para o `value` da máscara. -### Exemplo de máscara de string +### Example: Masking a string Quando você imprime `"Mona The Octocat"` no log, você verá `"***"`. -```bash +{% bash %} + +```bash{:copy} echo "::add-mask::Mona The Octocat" ``` -### Exemplo de máscara de uma variável de ambiente +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::add-mask::Mona The Octocat" +``` + +{% endpowershell %} + +### Example: Masking an environment variable Ao imprimir a variável `MY_NAME` ou o valor `"Mona The Octocat"` no log, você verá `"***"` em vez de `"Mona The Octocat"`. -```bash -MY_NAME="Mona The Octocat" -echo "::add-mask::$MY_NAME" +{% bash %} + +```yaml{:copy} +jobs: + bash-example: + runs-on: ubuntu-latest + env: + MY_NAME: "Mona The Octocat" + steps: + - name: bash-version + run: echo "::add-mask::$MY_NAME" ``` +{% endbash %} + +{% powershell %} + +```yaml{:copy} +jobs: + powershell-example: + runs-on: windows-latest + env: + MY_NAME: "Mona The Octocat" + steps: + - name: powershell-version + run: Write-Output "::add-mask::$env:MY_NAME" +``` + +{% endpowershell %} + ## Parar e iniciar os comandos no fluxo de trabalho -`::stop-commands::{endtoken}` - Para de processar quaisquer comandos de fluxo de trabalho. Esse comando especial permite fazer o registro do que você desejar sem executar um comando do fluxo de trabalho acidentalmente. Por exemplo, é possível parar o log para gerar um script inteiro que tenha comentários. +```{:copy} +::stop-commands::{endtoken} +``` + Para parar o processamento de comandos de fluxo de trabalho, passe um token único para `stop-commands`. Para retomar os comandos do fluxo de trabalho, passe o mesmo token que você usou para parar os comandos do fluxo de trabalho. {% warning %} -**Aviso:** Certifique-se de que o token que você está usando é gerado aleatoriamente e exclusivo para cada execução. Como demonstrado no exemplo abaixo, você pode gerar um hash exclusivo do seu `github.token` para cada execução. +**Aviso:** Certifique-se de que o token que você está usando é gerado aleatoriamente e exclusivo para cada execução. {% endwarning %} -``` +```{:copy} ::{endtoken}:: ``` -### Exemplo de parar e iniciar comandos de workflow +### Example: Stopping and starting workflow commands + +{% bash %} {% raw %} -```yaml +```yaml{:copy} jobs: workflow-command-job: runs-on: ubuntu-latest steps: - - name: disable workflow commands + - name: Disable workflow commands run: | - echo '::warning:: this is a warning' - echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" - echo '::warning:: this will NOT be a warning' - echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" - echo '::warning:: this is a warning again' + echo '::warning:: This is a warning message, to demonstrate that commands are being processed.' + stopMarker=$(uuidgen) + echo "::stop-commands::$stopMarker" + echo '::warning:: This will NOT be rendered as a warning, because stop-commands has been invoked.' + echo "::$stopMarker::" + echo '::warning:: This is a warning again, because stop-commands has been turned off.' +``` +{% endraw %} + +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} +jobs: + workflow-command-job: + runs-on: windows-latest + steps: + - name: Disable workflow commands + run: | + Write-Output '::warning:: This is a warning message, to demonstrate that commands are being processed.' + $stopMarker = New-Guid + Write-Output "::stop-commands::$stopMarker" + Write-Output '::warning:: This will NOT be rendered as a warning, because stop-commands has been invoked.' + Write-Output "::$stopMarker::" + Write-Output '::warning:: This is a warning again, because stop-commands has been turned off.' ``` {% endraw %} +{% endpowershell %} + ## Eco de saídas de comando -``` +Habilita ou desabilita o eco de comandos de fluxo de trabalho. Por exemplo, se você usar o comando `set-output` em um fluxo de trabalho, ele definirá um parâmetro de saída, mas o registro da execução do fluxo de trabalho não irá mostrar o comando em si. Se você habilitar o comando de eco, o registro mostrará o comando, como `::set-output name={name}::{value}`. + +```{:copy} ::echo::on ::echo::off ``` -Habilita ou desabilita o eco de comandos de fluxo de trabalho. Por exemplo, se você usar o comando `set-output` em um fluxo de trabalho, ele definirá um parâmetro de saída, mas o registro da execução do fluxo de trabalho não irá mostrar o comando em si. Se você habilitar o comando de eco, o registro mostrará o comando, como `::set-output name={name}::{value}`. - O eco de comandos encontra-se desabilitado por padrão. No entanto, um comando de fluxo de trabalho será refletido se houver algum erro que processa o comando. Os comandos `add-mask`, `depurar`, `aviso` e `erro` não são compatíveis com o eco, porque suas saídas já estão ecoadas no registros. Você também pode habilitar o comando de eco globalmente ativando o registrode depuração da etapa usando o segredo `ACTIONS_STEP_DEBUG`. Para obter mais informações, consulte[Habilitando o log de depuração](/actions/managing-workflow-runs/enabling-debug-logging)". Em contraste, o comando do fluxo de trabalho `echo` permite que você habilite o comando de eco em um nível mais granular em vez de habilitá-lo para cada fluxo de trabalho em um repositório. -### Exemplo de alternar o comando do eco +### Example: Toggling command echoing -```yaml +{% bash %} + +```yaml{:copy} jobs: workflow-command-job: runs-on: ubuntu-latest @@ -279,9 +464,29 @@ jobs: echo '::set-output name=action_echo::disabled' ``` -A etapa acima imprime as seguintes linhas no registro: +{% endbash %} +{% powershell %} + +```yaml{:copy} +jobs: + workflow-command-job: + runs-on: windows-latest + steps: + - name: toggle workflow command echoing + run: | + write-output "::set-output name=action_echo::disabled" + write-output "::echo::on" + write-output "::set-output name=action_echo::enabled" + write-output "::echo::off" + write-output "::set-output name=action_echo::disabled" ``` + +{% endpowershell %} + +The example above prints the following lines to the log: + +```{:copy} ::set-output name=action_echo::enabled ::echo::off ``` @@ -298,13 +503,13 @@ O comando `save-state` pode ser executado apenas em uma ação e não está disp Este exemplo usa o JavaScript para executar o comando `save-state`. A variável de ambiente resultante é denominada `STATE_processID` com o valor de `12345`: -``` javascript +```javascript{:copy} console.log('::save-state name=processID::12345') ``` A variável `STATE_processID` está exclusivamente disponível para o script de limpeza executado na ação `principal`. Este exemplo é executado em `principal` e usa o JavaScript para exibir o valor atribuído à variável de ambiente `STATE_processID`: -``` javascript +```javascript{:copy} console.log("O PID em execução a partir da ação principal é: " + process.env.STATE_processID); ``` @@ -312,37 +517,70 @@ console.log("O PID em execução a partir da ação principal é: " + process.e Durante a execução de um fluxo de trabalho, o executor gera arquivos temporários que podem ser usados para executar certas ações. O caminho para esses arquivos são expostos através de variáveis de ambiente. Você precisará usar a codificação UTF-8 ao escrever para esses arquivos para garantir o processamento adequado dos comandos. Vários comandos podem ser escritos no mesmo arquivo, separados por novas linhas. -{% warning %} +{% powershell %} -**Aviso:** no Windows, o PowerShell de legado (`shell: powershell`) não usa UTF-8 por padrão. +{% note %} -Ao usar `shell: powershell`, você deverá especificar a codificação UTF-8. Por exemplo: +**Note:** PowerShell versions 5.1 and below (`shell: powershell`) do not use UTF-8 by default, so you must specify the UTF-8 encoding. Por exemplo: -```yaml +```yaml{:copy} jobs: legacy-powershell-example: - uses: windows-2019 + runs-on: windows-latest steps: - shell: powershell - run: echo "mypath" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append + run: | + "mypath" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append ``` -Como alternativa, você pode usar PowerShell Core (`shell: pwsh`), cujo padrão é UTF-8. +PowerShell Core versions 6 and higher (`shell: pwsh`) use UTF-8 by default. Por exemplo: -{% endwarning %} +```yaml{:copy} +jobs: + powershell-core-example: + runs-on: windows-latest + steps: + - shell: pwsh + run: | + "mypath" >> $env:GITHUB_PATH +``` + +{% endnote %} + +{% endpowershell %} ## Definir uma variável de ambiente -``` bash +{% bash %} + +```bash{:copy} echo "{environment_variable_name}={value}" >> $GITHUB_ENV ``` +{% endbash %} + +{% powershell %} + +- Using PowerShell version 6 and higher: +```pwsh{:copy} +"{environment_variable_name}={value}" >> $env:GITHUB_ENV +``` + +- Using PowerShell version 5.1 and below: +```powershell{:copy} +"{environment_variable_name}={value}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append +``` + +{% endpowershell %} + Você pode tornar uma variável de ambiente disponível para quaisquer etapas subsequentes em um trabalho de fluxo de trabalho definindo ou atualizando a variável de ambiente e gravando isso no arquivo de ambiente `GITHUB_ENV`. A etapa que cria ou atualiza a variável de ambiente não tem acesso ao novo valor, mas todos os passos subsequentes em um trabalho terão acesso. Os nomes das variáveis de ambiente são diferenciam maiúsculas e minúsculas e você pode incluir a pontuação. Para obter mais informações, consulte "[Variáveis de ambiente](/actions/learn-github-actions/environment-variables)". ### Exemplo +{% bash %} + {% raw %} -``` +```yaml{:copy} steps: - name: Set the value id: step_one @@ -355,11 +593,31 @@ steps: ``` {% endraw %} +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} +steps: + - name: Set the value + id: step_one + run: | + "action_state=yellow" >> $env:GITHUB_ENV + - name: Use the value + id: step_two + run: | + Write-Output "${{ env.action_state }}" # This will output 'yellow' +``` +{% endraw %} + +{% endpowershell %} + ### Strings de linha múltipla Para strings linha múltipla, você pode usar um delimitador com a seguinte sintaxe. -``` +```{:copy} {name}<<{delimiter} {value} {delimiter} @@ -367,29 +625,75 @@ Para strings linha múltipla, você pode usar um delimitador com a seguinte sint #### Exemplo -Neste exemplo, usamos `EOF` como um delimitador e definimos a variável de ambiente `JSON_RESPONSE` como o valor da resposta de curl. -```yaml +This example uses `EOF` as a delimiter, and sets the `JSON_RESPONSE` environment variable to the value of the `curl` response. + +{% bash %} + +```yaml{:copy} steps: - - name: Set the value + - name: Set the value in bash id: step_one run: | echo 'JSON_RESPONSE<> $GITHUB_ENV - curl https://httpbin.org/json >> $GITHUB_ENV + curl https://example.lab >> $GITHUB_ENV echo 'EOF' >> $GITHUB_ENV ``` -## Adicionar um caminho do sistema +{% endbash %} -``` bash -echo "{path}" >> $GITHUB_PATH +{% powershell %} + +```yaml{:copy} +steps: + - name: Set the value in pwsh + id: step_one + run: | + "JSON_RESPONSE<> $env:GITHUB_ENV + (Invoke-WebRequest -Uri "https://example.lab").Content >> $env:GITHUB_ENV + "EOF" >> $env:GITHUB_ENV + shell: pwsh ``` +{% endpowershell %} + +## Adicionar um caminho do sistema + Prepara um diretório para a variável `PATH` do sistema e disponibiliza automaticamente para todas as ações subsequentes no trabalho atual; a ação atualmente em execução não pode acessar a variável de caminho atualizada. Para ver os caminhos atualmente definidos para o seu trabalho, você pode usar o `echo "$PATH"` em uma etapa ou ação. +{% bash %} + +```bash{:copy} +echo "{path}" >> $GITHUB_PATH +``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +"{path}" >> $env:GITHUB_PATH +``` + +{% endpowershell %} + ### Exemplo Este exemplo demonstra como adicionar o diretório `$HOME/.local/bin` ao `PATH`: -``` bash +{% bash %} + +```bash{:copy} echo "$HOME/.local/bin" >> $GITHUB_PATH ``` + +{% endbash %} + + +This example demonstrates how to add the user `$env:HOMEPATH/.local/bin` directory to `PATH`: + +{% powershell %} + +```pwsh{:copy} +"$env:HOMEPATH/.local/bin" >> $env:GITHUB_PATH +``` + +{% endpowershell %} diff --git a/translations/pt-BR/content/actions/using-workflows/workflow-syntax-for-github-actions.md b/translations/pt-BR/content/actions/using-workflows/workflow-syntax-for-github-actions.md index c1bdf25d87..560cdf1737 100644 --- a/translations/pt-BR/content/actions/using-workflows/workflow-syntax-for-github-actions.md +++ b/translations/pt-BR/content/actions/using-workflows/workflow-syntax-for-github-actions.md @@ -342,6 +342,31 @@ steps: uses: actions/heroku@1.0.0 ``` +#### Exemplo: Usando segredos + +Não é possível fazer referência a segredos nas condicionais `if:`. Em vez disso, considere definir segredos como variáveis de ambiente no nível de trabalho e, em seguida, fazer referência às variáveis de ambiente para executar etapas condicionalmente no trabalho. + +Se um segredo não tiver sido definido, o valor de retorno de uma expressão referente ao segredo (como {% raw %}`${{ secrets.SuperSecret }}`{% endraw %} no exemplo) será uma string vazia. + +{% raw %} +```yaml +name: Run a step if a secret has been set +on: push +jobs: + my-jobname: + runs-on: ubuntu-latest + env: + super_secret: ${{ secrets.SuperSecret }} + steps: + - if: ${{ env.super_secret != '' }} + run: echo 'This step will only run if the secret has a value set.' + - if: ${{ env.super_secret == '' }} + run: echo 'This step will only run if the secret does not have a value set.' +``` +{% endraw %} + +Para obter mais informações, consulte "[Disponibilidade de contexto](/actions/learn-github-actions/contexts#context-availability)" e "[Segredos criptografados](/actions/security-guides/encrypted-secrets)". + ### `jobs..steps[*].name` Nome da etapa no {% data variables.product.prodname_dotcom %}. @@ -714,6 +739,12 @@ Número máximo de minutos para permitir a execução de um trabalho o antes que Se o tempo-limite exceder o tempo limite de execução do trabalho para o runner, o trabalho será cancelada quando o tempo limite de execução for atingido. Para obter mais informações sobre o limite de tempo de execução do trabalho, consulte {% ifversion fpt or ghec or ghes %}"[Limites de uso e cobrança](/actions/reference/usage-limits-billing-and-administration#usage-limits)" para executores hospedados em {% data variables.product.prodname_dotcom %} e {% endif %}"[Sobre executores auto-hospedados](/actions/hosting-your-own-runners/about-self-hosted-runners/#usage-limits){% ifversion fpt or ghec or ghes %}" para limites de uso de executores auto-hospedados.{% elsif ghae %}."{% endif %} +{% note %} + +**Observação:** {% data reusables.actions.github-token-expiration %} para executores auto-hospedados, o token pode ser o fator de limitação se o tempo limite do trabalho for superior a 24 horas. Para obter mais informações sobre o `GITHUB_TOKEN`, consulte "[Sobre ](/actions/security-guides/automatic-token-authentication#about-the-github_token-secret)segredo do `GITHUB_TOKEN`." + +{% endnote %} + ## `jobs..strategy` {% data reusables.actions.jobs.section-using-a-build-matrix-for-your-jobs-strategy %} diff --git a/translations/pt-BR/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md b/translations/pt-BR/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md index a5e5a5c0f2..658a39db40 100644 --- a/translations/pt-BR/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md +++ b/translations/pt-BR/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md @@ -271,7 +271,7 @@ O GitHub ajuda você a evitar o uso de software de terceiros que contém vulnera | Ferramenta Gerenciamento de Dependência | Descrição | | ---------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Alertas de Dependabot | Você pode acompanhar as dependências do seu repositório e receber alertas de dependências do Dependabot quando sua empresa detectar dependências vulneráveis. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)" | +| Alertas de Dependabot | Você pode acompanhar as dependências do seu repositório e receber alertas de dependências do Dependabot quando sua empresa detectar dependências vulneráveis. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)". | | Gráfico de Dependência | O gráfico de dependências é um resumo do manifesto e bloqueia arquivos armazenados em um repositório. Ele mostra os ecossistemas e pacotes dos quais a sua base de código depende (suas dependências) e os repositórios e pacotes que dependem do seu projeto (suas dependências). Para obter mais informações, consulte "[Sobre o gráfico de dependência](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)". |{% ifversion ghes > 3.1 or ghec %} | Revisão de Dependência | Se um pull request tiver alterações nas dependências, você poderá ver um resumo do que alterou e se há vulnerabilidades conhecidas em qualquer uma das dependências. Para obter mais informações, consulte "[Sobre a revisão de dependências](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)" ou "[Revisando as alterações de dependência em um pull requestl](/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)". |{% endif %} {% ifversion ghec or ghes > 3.2 %} | Atualizações de segurança do Dependabot | O dependabot pode corrigir dependências vulneráveis levantando pull requests com atualizações de segurança. Para obter mais informações, consulte "[Sobre atualizações de segurança do Dependabot](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)". | diff --git a/translations/pt-BR/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md b/translations/pt-BR/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md index 2b36099d6d..6b90321137 100644 --- a/translations/pt-BR/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md +++ b/translations/pt-BR/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md @@ -49,7 +49,7 @@ Também é possível sincronizar os dados de vulnerabilidade manualmente a qualq Quando {% data variables.product.product_location %} recebe informações sobre uma vulnerabilidade, ele identifica repositórios em {% data variables.product.product_location %} que usam a versão afetada da dependência e gera {% data variables.product.prodname_dependabot_alerts %}. Você pode escolher se quer ou não notificar os usuários automaticamente sobre o novo {% data variables.product.prodname_dependabot_alerts %}. -Para repositórios com {% data variables.product.prodname_dependabot_alerts %} habilitado, a digitalização é acionada em qualquer push para o branch padrão que contém um arquivo de manifesto ou arquivo de bloqueio. Além disso, quando um novo registro de vulnerabilidade é adicionado a {% data variables.product.product_location %}, {% data variables.product.product_name %} digitaliza todos os repositórios existentes em {% data variables.product.product_location %} e gera alertas para qualquer repositório que seja vulnerável. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" +Para repositórios com {% data variables.product.prodname_dependabot_alerts %} habilitado, a digitalização é acionada em qualquer push para o branch padrão que contém um arquivo de manifesto ou arquivo de bloqueio. Além disso, quando um novo registro de vulnerabilidade é adicionado a {% data variables.product.product_location %}, {% data variables.product.product_name %} digitaliza todos os repositórios existentes em {% data variables.product.product_location %} e gera alertas para qualquer repositório que seja vulnerável. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". {% ifversion ghes > 3.2 %} ### Sobre {% data variables.product.prodname_dependabot_updates %} @@ -67,7 +67,7 @@ Após habilitar {% data variables.product.prodname_dependabot_alerts %}, você p Com {% data variables.product.prodname_dependabot_updates %}, {% data variables.product.company_short %} cria automaticamente pull requests para atualizar dependências de duas maneiras. - **{% data variables.product.prodname_dependabot_version_updates %}**: Os usuários adicionam um arquivo de configuração de {% data variables.product.prodname_dependabot %} ao repositório para habilitar {% data variables.product.prodname_dependabot %} e criar pull requests quando uma nova versão de uma dependência monitorada for lançada. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates)". -- **{% data variables.product.prodname_dependabot_security_updates %}**: Os usuários alternam uma configuração de repositório para habilitar {% data variables.product.prodname_dependabot %} para criar pull requests quando {% data variables.product.prodname_dotcom %} detecta uma vulnerabilidade em uma das dependências do gráfico de dependências para o repositório. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)" e[Sobre {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)". +- **{% data variables.product.prodname_dependabot_security_updates %}**: Os usuários alternam uma configuração de repositório para habilitar {% data variables.product.prodname_dependabot %} para criar pull requests quando {% data variables.product.prodname_dotcom %} detecta uma vulnerabilidade em uma das dependências do gráfico de dependências para o repositório. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)" e "[Sobre {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)". {% endif %} ## Habilitando {% data variables.product.prodname_dependabot_alerts %} @@ -100,7 +100,7 @@ Após habilitar {% data variables.product.prodname_dependabot_alerts %} para a s {% ifversion ghes %} Antes de habilitar {% data variables.product.prodname_dependabot_updates %}, você deverá configurar {% data variables.product.product_location %} para usar {% data variables.product.prodname_actions %} com executores auto-hospedados. Para obter mais informações, consulte "[Primeiros passos com {% data variables.product.prodname_actions %} para o GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." -{% data variables.product.prodname_dependabot_updates %} não são compatíveis em {% data variables.product.product_name %} se a sua empresa usar um clustering ou uma configuração de alta disponibilidade. +{% data variables.product.prodname_dependabot_updates %} não são compatíveis em {% data variables.product.product_name %} se sua empresa usar clustering. {% endif %} {% data reusables.enterprise_site_admin_settings.sign-in %} diff --git a/translations/pt-BR/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md b/translations/pt-BR/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md index 509097a1fd..10f71e3518 100644 --- a/translations/pt-BR/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md +++ b/translations/pt-BR/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md @@ -17,7 +17,11 @@ topics: Se configurar um nome de host em vez de um endereço IP codificado, você poderá alterar o hardware físico em que a {% data variables.product.product_location %} é executada sem afetar os usuários ou o software cliente. -A configuração do nome de host no {% data variables.enterprise.management_console %} deve ser definida como um nome de domínio totalmente qualificado (FQDN) que seja resolvido na internet ou dentro da sua rede interna. Por exemplo, a configuração do nome de host pode ser `github.nomedaempresa.com.` Também recomendamos habilitar o isolamento de subdomínio para o nome do host escolhido a fim de mitigar várias vulnerabilidades no estilo de script entre sites. Para obter mais informações sobre as configurações de nome de host, consulte a [Seção 2.1 em HTTP RFC](https://tools.ietf.org/html/rfc1123#section-2). +A configuração do nome de host no {% data variables.enterprise.management_console %} deve ser definida como um nome de domínio totalmente qualificado (FQDN) que seja resolvido na internet ou dentro da sua rede interna. For example, your hostname setting could be `github.companyname.com.` Web and API requests will automatically redirect to the hostname configured in the {% data variables.enterprise.management_console %}. + +After you configure a hostname, you can enable subdomain isolation to further increase the security of {% data variables.product.product_location %}. Para obter mais informações, consulte "[Habilitar isolamento de subdomínio](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)". + +For more information on the supported hostname types, see [Section 2.1 of the HTTP RFC](https://tools.ietf.org/html/rfc1123#section-2). {% data reusables.enterprise_installation.changing-hostname-not-supported %} @@ -29,4 +33,4 @@ A configuração do nome de host no {% data variables.enterprise.management_cons {% data reusables.enterprise_management_console.test-domain-settings-failure %} {% data reusables.enterprise_management_console.save-settings %} -Depois de configurar um nome de host, recomendamos que você habilite o isolamento de subdomínio para a {% data variables.product.product_location %}. Para obter mais informações, consulte "[Habilitar isolamento de subdomínio](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)". +To help mitigate various cross-site scripting vulnerabilities, we recommend that you enable subdomain isolation for {% data variables.product.product_location %} after you configure a hostname. Para obter mais informações, consulte "[Habilitar isolamento de subdomínio](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)". diff --git a/translations/pt-BR/content/admin/configuration/configuring-network-settings/network-ports.md b/translations/pt-BR/content/admin/configuration/configuring-network-settings/network-ports.md index 77caf7b17d..7868daccfd 100644 --- a/translations/pt-BR/content/admin/configuration/configuring-network-settings/network-ports.md +++ b/translations/pt-BR/content/admin/configuration/configuring-network-settings/network-ports.md @@ -26,7 +26,7 @@ Certas portas administrativas são obrigatórias para configurar a {% data varia | Porta | Serviço | Descrição | | -------- | ------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | 8443 | HTTPS | {% data variables.enterprise.management_console %} seguro na web. Obrigatória para instalação e configuração básicas. | -| 8080 | HTTP | {% data variables.enterprise.management_console %} de texto simples na web. Não é obrigatória, a menos que o SSL seja desativado manualmente. | +| 8080 | HTTP | {% data variables.enterprise.management_console %} de texto simples na web. Não é obrigatória, a menos que o TSL seja desabilitado manualmente. | | 122 | SSH | Acesso de shell à {% data variables.product.product_location %}. Obrigatório para estar aberto a conexões de entrada entre todos os nós em uma configuração de alta disponibilidade. A porta SSH padrão (22) é dedicada ao tráfego de rede de aplicativos Git e SSH. | | 1194/UDP | VPN | Túnel de rede de réplica segura na configuração de alta disponibilidade. Obrigatório estar aberto para a comunicação entre todos os nós da configuração. | | 123/UDP | NTP | Obrigatória para operações de protocolo de tempo. | @@ -39,7 +39,7 @@ As portas de aplicativo fornecem aplicativos da web e acesso dos usuários finai | Porta | Serviço | Descrição | | ----- | ------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | 443 | HTTPS | Acesso ao aplicativo da web e ao Git por HTTPS. | -| 80 | HTTP | Acesso ao aplicativo da web. Todas as solicitações são redirecionadas para a porta HTTPS quando o SSL está ativado. | +| 80 | HTTP | Acesso ao aplicativo da web. Todas as solicitações são redirecionadas para a porta HTTPS se o TLS estiver configurado. | | 22 | SSH | Acesso ao Git por SSH. Compatível com operações de clonagem, fetch e push em repositórios públicos e privados. | | 9418 | Git | A porta do protocolo Git é compatível com operações de clonagem e fetch em repositórios públicos com comunicação de rede não criptografada. {% data reusables.enterprise_installation.when-9418-necessary %} @@ -52,3 +52,18 @@ As portas de e-mail devem estar acessíveis diretamente ou via retransmissão pa | Porta | Serviço | Descrição | | ----- | ------- | ------------------------------------------- | | 25 | SMTP | Suporte a SMTP com criptografia (STARTTLS). | + +## Portas de {% data variables.product.prodname_actions %} + +As portas de {% data variables.product.prodname_actions %} devem poder ser acessadas por executores auto-hospedados para se conectar a {% data variables.product.product_location %}. Para obter mais informações, consulte "[Sobre executores auto-hospedados](/actions/hosting-your-own-runners/about-self-hosted-runners#communication-between-self-hosted-runners-and-github-enterprise-server)." + +| Porta | Serviço | Descrição | +| ----- | ------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| 443 | HTTPS | Os executores auto-hospedados conectam a {% data variables.product.product_location %} para receber atividades de trabalho e fazer o download das novas versões do aplicativo do executor. Obrigatório se TLS estiver configurado. | +| 80 | HTTP | Os executores auto-hospedados conectam a {% data variables.product.product_location %} para receber atividades de trabalho e fazer o download das novas versões do aplicativo do executor. Obrigatório se TLS não estiver configurado. | + +Se você habilitar o acesso automático a ações de {% data variables.product.prodname_dotcom_the_website %}, {% data variables.product.prodname_actions %} sempre irá pesquisar uma ação em {% data variables.product.product_location %} primeiro, por meio dessas portas, antes de verificar {% data variables.product.prodname_dotcom_the_website %}. Para obter mais informações, consulte "[Habilitar o acesso automático às ações de {% data variables.product.prodname_dotcom_the_website %} usando o {% data variables.product.prodname_github_connect %}](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect#about-resolution-for-actions-using-github-connect)". + +## Leia mais + +- "[Configurando TLS](/admin/configuration/configuring-network-settings/configuring-tls)" diff --git a/translations/pt-BR/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md b/translations/pt-BR/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md index 410dfa8031..a9ae13741b 100644 --- a/translations/pt-BR/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md +++ b/translations/pt-BR/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md @@ -23,6 +23,8 @@ shortTitle: Sobre a configuração {% endif %} {% ifversion ghae %} +Para dar os primeiros passos com {% data variables.product.product_name %}, primeiro você precisa implantar o {% data variables.product.product_name %}. Para obter mais informações, consulte "[Implantando {% data variables.product.product_name %}](/admin/configuration/configuring-your-enterprise/deploying-github-ae)". + Na primeira vez que você acessar a sua empresa, você realizará uma configuração inicial para preparar {% data variables.product.product_name %} para ser usado. A configuração inicial inclui conectar a sua empresa a um provedor de identidade (IdP), efetuando a autenticação com SAML SSO, configurando políticas para repositórios e organizações na sua empresa e configurando SMTP para e-mails de saída. Para obter mais informações, consulte "[Inicializar {% data variables.product.prodname_ghe_managed %}](/admin/configuration/initializing-github-ae)". Posteriormente, você poderá usar o painel de administração do site e as configurações corporativas para configurar ainda mais sua empresa, gerenciar usuários, organizações e repositórios e definir políticas que reduzem o risco e aumentam a qualidade. diff --git a/translations/pt-BR/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md b/translations/pt-BR/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md new file mode 100644 index 0000000000..65f6e2c6ed --- /dev/null +++ b/translations/pt-BR/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md @@ -0,0 +1,66 @@ +--- +title: Implantação do GitHub AE +intro: 'Você pode implantar {% data variables.product.product_name %} para uma região disponível do Azure.' +versions: + ghae: '*' +topics: + - Accounts + - Enterprise +type: how_to +shortTitle: Implantar o GitHub AE +redirect_from: + - /get-started/signing-up-for-github/setting-up-a-trial-of-github-ae +--- + +## Sobre a implantação de {% data variables.product.product_name %} + +{% data reusables.github-ae.github-ae-enables-you %} Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_ghe_managed %}de](/admin/overview/about-github-ae)." + +Após comprar ou começar um teste de {% data variables.product.product_name %}, você pode fazer a implantação de {% data variables.product.product_name %} para uma região do Azure disponível. Este guia refere-se ao recurso do Azure que contém a implantação de {% data variables.product.product_name %} como a conta de {% data variables.product.product_name %}. Você usará o portal do Azure em [https://portal.azure.com](https://portal.azure.com) para implantar a conta de {% data variables.product.product_name %}. + +## Pré-requisitos + +- Antes de poder implantar {% data variables.product.product_name %}, você deve solicitar o acesso da sua equipe de conta de {% data variables.product.company_short %}. {% data variables.product.company_short %} irá habilitar a implantação de {% data variables.product.product_name %} para sua assinatura do Azure. Se você ainda não comprou {% data variables.product.product_name %}, você pode entrar em contato com {% data variables.contact.contact_enterprise_sales %} para verificar sua elegibilidade para um teste. + +- Você deve ter permissão para executar a operação `/register/action` para o provedor de recursos no Azure. A permissão está incluída nas funções de `Colaborador` e `Proprietário`. Para obter mais informações, consulte [Provedores de recursos e tipos do Azure](https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/resource-providers-and-types#register-resource-provider) na documentação da Microsoft. + +## Implantando {% data variables.product.product_name %} com o {% data variables.actions.azure_portal %} + +O {% data variables.actions.azure_portal %} permite que você faça a implementação da conta do {% data variables.product.product_name %} no seu grupo de recursos do Azure. + +1. Clique em um dos seguintes dois links para começar a implantação de {% data variables.product.product_name %}. O link que você deve clicar depende da nuvem Azure onde você planeja implantar {% data variables.product.product_name %}. Para obter mais informações sobre o Governo do Azure, consulte [O que é o Azure? Government](https://docs.microsoft.com/en-us/azure/azure-government/documentation-government-welcome) na documentação Microsoft. + + - [Implantar {% data variables.product.product_name %} no Azure Commercial](https://aka.ms/create-github-ae-instance) + - [Implantar {% data variables.product.product_name %} no Azure Government](https://aka.ms/create-github-ae-instance-gov) +1. Para começar o processo de adicionar uma nova conta de {% data variables.product.product_name %}, clique em **Criar conta do GitHub AE**. +1. Insira as informações nos campos "Detalhes do projeto" e "Detalhes da instância".![Resultado da pesquisa de {% data variables.actions.azure_portal %}](/assets/images/azure/github-ae-azure-portal-form.png) + - **Nome da conta:** O nome do host da sua empresa + - **Nome de usuário administrador:** Um nome de usuário para o proprietário corporativo inicial que será criado em {% data variables.product.product_name %} + - E-mail do administrador **:** O endereço de e-mail que receberá as informações de login +1. Para revisar um resumo das alterações propostas, clique em **Revisão + criar**. +1. Após a conclusão do processo de validação, clique em **Criar**. + +O endereço de e-mail que você digitou acima receberá instruções sobre como acessar a sua empresa. Após ter acesso, você poderá começar seguindo os passos das configuração iniciais. Para obter mais informações, consulte "[Inicializar {% data variables.product.product_name %}](/admin/configuration/initializing-github-ae)". + +{% note %} + +**Observação:** As atualizações de software para a sua implantação de {% data variables.product.product_name %} são executadas por {% data variables.product.prodname_dotcom %}. Para obter mais informações, consulte[Sobre atualizações para novas versões de](/admin/overview/about-upgrades-to-new-releases)." + +{% endnote %} + +## Acessando a sua empresa + +Você pode usar o {% data variables.actions.azure_portal %} para navegar para a sua implantação de {% data variables.product.product_name %}. A lista resultante inclui todas as suas implantações de {% data variables.product.product_name %} na sua região do Azure. + +1. No {% data variables.actions.azure_portal %}, no painel esquerdo, clique em **Todos os recursos**. +1. Nos filtros disponíveis, clique em **Todos os tipos** e, em seguida, desmarque **Selecionar todos** e selecione **GitHub AE**: ![Resultado da pesquisa de {% data variables.actions.azure_portal %}](/assets/images/azure/github-ae-azure-portal-type-filter.png) + +## Próximas etapas + +- Uma vez fornecida a sua implantação, o próximo passo é inicializar {% data variables.product.product_name %}. Para obter mais informações, consulte "[Inicializar {% data variables.product.product_name %}](/github-ae@latest/admin/configuration/configuring-your-enterprise/initializing-github-ae)". +- Se você está estiver testando {% data variables.product.product_name %}, você poderá fazer a atualização para uma licença completa a qualquer momento durante o período de avaliação, entrando em contato com {% data variables.contact.contact_enterprise_sales %}. Se você não atualizou até o último dia de seu teste, a implantação será excluída automaticamente. Se precisar de mais tempo para avaliar o {% data variables.product.product_name %}, entre em contato com {% data variables.contact.contact_enterprise_sales %} para solicitar uma extensão. + +## Leia mais + +- "[Habilitando as funcionalidades de {% data variables.product.prodname_advanced_security %} em {% data variables.product.product_name %}](/github/getting-started-with-github/about-github-advanced-security#enabling-advanced-security-features-on-github-ae)" +- "[Notas de versão de {% data variables.product.product_name %}](/github-ae@latest/admin/overview/github-ae-release-notes)" diff --git a/translations/pt-BR/content/admin/configuration/configuring-your-enterprise/index.md b/translations/pt-BR/content/admin/configuration/configuring-your-enterprise/index.md index 229490c7c4..0636677fb6 100644 --- a/translations/pt-BR/content/admin/configuration/configuring-your-enterprise/index.md +++ b/translations/pt-BR/content/admin/configuration/configuring-your-enterprise/index.md @@ -16,6 +16,7 @@ topics: - Enterprise children: - /about-enterprise-configuration + - /deploying-github-ae - /initializing-github-ae - /accessing-the-management-console - /accessing-the-administrative-shell-ssh diff --git a/translations/pt-BR/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md b/translations/pt-BR/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md index 8fbdf432b2..54c752c8a2 100644 --- a/translations/pt-BR/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md +++ b/translations/pt-BR/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md @@ -19,25 +19,32 @@ O tempo do failover dependerá do tempo necessário para promover manualmente a {% data reusables.enterprise_installation.promoting-a-replica %} -1. Para permitir que a replicação termine antes de você alternar os appliances, coloque o appliance principal no modo de manutenção: - - Para usar o console de gerenciamento, consulte "[Habilitar e programar o modo de manutenção](/enterprise/admin/guides/installation/enabling-and-scheduling-maintenance-mode/)"; - - Você também pode usar o comando `ghe-maintenance -s`. +1. If the primary appliance is available, to allow replication to finish before you switch appliances, on the primary appliance, put the primary appliance into maintenance mode. + + - Put the appliance into maintenance mode. + + - Para usar o console de gerenciamento, consulte "[Habilitar e programar o modo de manutenção](/enterprise/admin/guides/installation/enabling-and-scheduling-maintenance-mode/)"; + + - Você também pode usar o comando `ghe-maintenance -s`. + ```shell + $ ghe-maintenance -s + ``` + + - Quando o número de operações ativas do Git, consultas MySQL e tarefas do Resque alcançam zero, aguarde 30 segundos. + + {% note %} + + **Observação:** O Nomad sempre terá trabalhos em execução, mesmo no modo de manutenção. Portanto, você pode ignorar esses trabalhos com segurança. + + {% endnote %} + + - Para verificar todos os canais de replicação que reportarem `OK`, use o comando `ghe-repl-status -vv`. + ```shell - $ ghe-maintenance -s + $ ghe-repl-status -vv ``` -2. Quando o número de operações ativas do Git, consultas MySQL e tarefas do Resque alcançam zero, aguarde 30 segundos. - {% note %} - - **Observação:** O Nomad sempre terá trabalhos em execução, mesmo no modo de manutenção. Portanto, você pode ignorar esses trabalhos com segurança. - - {% endnote %} - -3. Para verificar todos os canais de replicação que reportarem `OK`, use o comando `ghe-repl-status -vv`. - ```shell - $ ghe-repl-status -vv - ``` -4. Para parar a replicação e promover o appliance réplica ao status de primário, use o comando `ghe-repl-promote`. A ação também colocará automaticamente o nó primário no nó de manutenção, se ele for acessível. +4. On the replica appliance, to stop replication and promote the replica appliance to primary status, use the `ghe-repl-promote` command. A ação também colocará automaticamente o nó primário no nó de manutenção, se ele for acessível. ```shell $ ghe-repl-promote ``` diff --git a/translations/pt-BR/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md b/translations/pt-BR/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md index 9e763f278f..5df8a8e937 100644 --- a/translations/pt-BR/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md +++ b/translations/pt-BR/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md @@ -33,7 +33,7 @@ topics: {% data variables.product.prodname_actions %} ajuda a sua equipe a trabalhar mais rápido e em escala. Quando grandes repositórios começam a usar o {% data variables.product.prodname_actions %}, as equipes fazem merge de um número significativamente maior de pull requests por dia, e os pull requests são mesclados muito mais rapidamente. Para obter mais informações, consulte "[Gravação e envio mais rápido de código](https://octoverse.github.com/writing-code-faster/#scale-through-automation)" no estado do Octoverse. -Você pode criar suas próprias automações exclusivas ou você pode usar e adaptar os fluxos de trabalho do nosso ecossistema de mais de 10, 00 ações construídas por líderes do setor e pela comunidade de código aberto. Para obter mais informações, consulte "[Localizar e personalizar ações](/actions/learn-github-actions/finding-and-customizing-actions)". +Você pode criar suas próprias automações exclusivas ou você pode usar e adaptar os fluxos de trabalho do nosso ecossistema de mais de 10, 00 ações construídas por líderes do setor e pela comunidade de código aberto. {% ifversion ghec %}Para obter mais informações, consulte "[Encontrando e personalizando ações](/actions/learn-github-actions/finding-and-customizing-actions).{% else %}Você pode restringir seus desenvolvedores a usar ações que existem no {% data variables.product.product_location %} ou você pode permitir que seus desenvolvedores acessem ações em {% data variables.product.prodname_dotcom_the_website %}. Para obter mais informações, consulte "[Sobre o uso de ações na sua empresa](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise)".{% endif %} {% data variables.product.prodname_actions %} é intuitivo para o desenvolvedor, pois está integrado diretamente à experiência familiar de {% data variables.product.product_name %}. diff --git a/translations/pt-BR/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md b/translations/pt-BR/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md index 622a1f2668..1c1b8d6783 100644 --- a/translations/pt-BR/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md +++ b/translations/pt-BR/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md @@ -13,7 +13,7 @@ type: overview topics: - Actions - Enterprise -shortTitle: Adicionar ações à sua empresa +shortTitle: Sobre ações na sua empresa --- {% data reusables.actions.enterprise-beta %} @@ -23,13 +23,24 @@ shortTitle: Adicionar ações à sua empresa Os fluxos de trabalho de {% data variables.product.prodname_actions %} podem usar _ações_, que são tarefas individuais que você pode combinar para criar tarefas e personalizar seu fluxo de trabalho. Você pode criar suas próprias ações ou usar e personalizar ações compartilhadas pela comunidade {% data variables.product.prodname_dotcom %}. -{% data reusables.actions.enterprise-no-internet-actions %} +{% data reusables.actions.enterprise-no-internet-actions %} Você pode restringir seus desenvolvedores a usar ações que são armazenadas em {% data variables.product.product_location %}, o que inclui a maioria das ações oficiais de criadas por {% data variables.product.company_short %}, bem como quaisquer ações que seus desenvolvedores criarem. Como alternativa, para permitir que seus desenvolvedores se beneficiem de todo o ecossistema de ações criadas pelos líderes do setor e pela comunidade de código aberto você pode configurar o acesso a outras ações a partir de {% data variables.product.prodname_dotcom_the_website %}. + +Recomendamos permitir acesso automático a todas as ações de {% data variables.product.prodname_dotcom_the_website %}. {% ifversion ghes %}No entanto, isso exige que {% data variables.product.product_name %} faça conexões de saída para {% data variables.product.prodname_dotcom_the_website %}. Se você não quiser permitir essas conexões ou{% else %}Se{% endif %} se você quiser ter maior controle sobre quais ações são usadas em sua empresa, você pode sincronizar manualmente ações específicas de {% data variables.product.prodname_dotcom_the_website %}. ## Ações oficiais agrupadas com a sua instância corporativa {% data reusables.actions.actions-bundled-with-ghes %} -As ações oficiais empacotadas incluem `ações/checkout`, `actions/upload-artefact`, `actions/download-artefact`, `actions/labeler`, e várias ações de `actions/setup-`, entre outras. Para ver todas as ações oficiais incluídas na instância da sua empresa, acesse a organização das `ações` na sua instância: https://HOSTNAME/actions. +As acções oficiais agrupadas incluem, entre outras, as listadas a seguir. +- `actions/checkout` +- `actions/upload-artifact` +- `actions/download-artifact` +- `actions/labeler` +- Diversas ações de `actions/setup-` + +Para ver todas as ações oficiais incluídas na instância da sua empresa, acesse a organização das `ações` na sua instância: https://HOSTNAME/actions. + +Não há conexão necessária entre {% data variables.product.product_location %} e {% data variables.product.prodname_dotcom_the_website %} para usar essas ações. Cada ação é um repositório na organização de `ações`, e cada repositório de ação inclui as tags necessárias, branches e commit de SHAs que seus fluxos de trabalho podem usar para fazer referência à ação. Para obter informações sobre como atualizar as ações oficiais empacotadas, consulte "[Usar a versão mais recente das ações oficiais empacotadas](/admin/github-actions/using-the-latest-version-of-the-official-bundled-actions)". @@ -43,14 +54,21 @@ Cada ação é um repositório na organização de `ações`, e cada repositóri ## Configurar o acesso a ações no {% data variables.product.prodname_dotcom_the_website %} -{% ifversion ghes %} -Antes que você possa configurar o acesso a ações em {% data variables.product.prodname_dotcom_the_website %}, você deve configurar {% data variables.product.product_location %} para usar {% data variables.product.prodname_actions %}. Para obter mais informações, consulte "[Primeiros passos com {% data variables.product.prodname_actions %} para o GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." -{% endif %} - {% data reusables.actions.access-actions-on-dotcom %} A abordagem recomendada é habilitar o acesso automático para todas as ações a partir de {% data variables.product.prodname_dotcom_the_website %}. Você pode fazer isso usando {% data variables.product.prodname_github_connect %} para integrar {% data variables.product.product_name %} com {% data variables.product.prodname_ghe_cloud %}. Para obter mais informações, consulte "[Habilitar acesso automático a ações de {% data variables.product.prodname_dotcom_the_website %} usando {% data variables.product.prodname_github_connect %}](/enterprise/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect)". +{% ifversion ghes %} +{% note %} + +**Oservação:** Antes que você possa configurar o acesso a ações em {% data variables.product.prodname_dotcom_the_website %}, você deve configurar {% data variables.product.product_location %} para usar {% data variables.product.prodname_actions %}. Para obter mais informações, consulte "[Primeiros passos com {% data variables.product.prodname_actions %} para o GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." + + +{% endnote %} +{% endif %} + +{% data reusables.actions.self-hosted-runner-networking-to-dotcom %} + {% data reusables.actions.enterprise-limit-actions-use %} -Como alternativa, se você quiser ter um controle mais rigoroso sobre quais as ações que são permitidas na sua empresa, você pode fazer o download e sincronizar manualmente as ações na instância da sua empresa usando a ferramenta de `actions-sync`. Para obter mais informações, consulte "[Sincronizando ações manualmente com o {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)". +Como alternativa, se você quiser um controle mais rigoroso sobre quais as ações são permitidas na sua empresa, ou você não deseja permitir conexões de saída para {% data variables.product.prodname_dotcom_the_website %}, você pode fazer o download e sincronizar manualmente ações para a instância corporativa usando a ferramenta `actions-sync`. Para obter mais informações, consulte "[Sincronizando ações manualmente com o {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)". diff --git a/translations/pt-BR/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md b/translations/pt-BR/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md index 3dd10bccfe..b75787043a 100644 --- a/translations/pt-BR/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md +++ b/translations/pt-BR/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md @@ -21,11 +21,18 @@ shortTitle: Usar GitHub Connect para ações ## Sobre o acesso automático a ações de {% data variables.product.prodname_dotcom_the_website %} -Por padrão, os fluxos de trabalho {% data variables.product.prodname_actions %} em {% data variables.product.product_name %} não podem usar ações diretamente de {% data variables.product.prodname_dotcom_the_website %} ou [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions). +Por padrão, os fluxos de trabalho {% data variables.product.prodname_actions %} em {% data variables.product.product_name %} não podem usar ações diretamente de {% data variables.product.prodname_dotcom_the_website %} ou [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions). Para tornar todas as ações de {% data variables.product.prodname_dotcom_the_website %} disponíveis na sua instância corporativa, você pode usar {% data variables.product.prodname_github_connect %} para integrar {% data variables.product.product_name %} a {% data variables.product.prodname_ghe_cloud %}. -Para tornar todas as ações de {% data variables.product.prodname_dotcom_the_website %} disponíveis na sua instância corporativa, você pode usar {% data variables.product.prodname_github_connect %} para integrar {% data variables.product.product_name %} a {% data variables.product.prodname_ghe_cloud %}. Para saber outras formas de acessar ações a partir da {% data variables.product.prodname_dotcom_the_website %}, consulte "[Sobre o uso de ações na sua empresa](/admin/github-actions/about-using-actions-in-your-enterprise)". +{% data reusables.actions.self-hosted-runner-networking-to-dotcom %} -Para usar ações de {% data variables.product.prodname_dotcom_the_website %}, seus executores auto-hospedados devem conseguir fazer o download das ações públicas de `api.github.com`. +Como alternativa, se você quiser ter um controle mais rigoroso sobre quais as ações que são permitidas na sua empresa, você pode fazer o download e sincronizar manualmente as ações na instância da sua empresa usando a ferramenta de `actions-sync`. Para obter mais informações, consulte "[Sincronizando ações manualmente com o {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)". + +## Sobre resolução para ações usando {% data variables.product.prodname_github_connect %} + +{% data reusables.actions.github-connect-resolution %} + +Se um usuário tiver criado uma organização e um repositório em sua empresa, que corresponde a uma organização e nome do repositório em {% data variables.product.prodname_dotcom_the_website %}, o repositório da sua empresa será usado em vez do repositório de {% data variables.product.prodname_dotcom_the_website %}. {% ifversion ghes < 3.3 or ghae %}Um usuário malicioso poderia aproveitar esse comportamento para executar o código como parte de um fluxo de trabalho{% else %}Para obter mais informações, consulte "[Desativação automática de namespaces para ações acessadas em {% data variables.product.prodname_dotcom_the_website%}](#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom)". +{% endif %} ## Habilitar o acesso automático a todas as ações de {% data variables.product.prodname_dotcom_the_website %} @@ -33,8 +40,6 @@ Antes de permitir o acesso a todas as ações de {% data variables.product.prodn - Configure {% data variables.product.product_location %} para usar {% data variables.product.prodname_actions %}. Para obter mais informações, consulte "[Primeiros passos com {% data variables.product.prodname_actions %} para o GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." - Habilitar {% else %} habilitar{% endif %} {% data variables.product.prodname_github_connect %}. Para obter mais informações, consulte "[Gerenciando {% data variables.product.prodname_github_connect %}](/admin/configuration/configuring-github-connect/managing-github-connect)". -{% data reusables.actions.enterprise-github-connect-warning %} - {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.github-connect-tab %} 1. Em "Os usuários podem usar as ações do GitHub.com em execuções do fluxo de trabalho", use o menu suspenso e selecione **Habilitado**. ![Menu suspenso para ações do GitHub.com em execuções do fluxos de trabalho](/assets/images/enterprise/site-admin-settings/enable-marketplace-actions-drop-down-ae.png) diff --git a/translations/pt-BR/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md b/translations/pt-BR/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md index f237f1d527..830bb54632 100644 --- a/translations/pt-BR/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md +++ b/translations/pt-BR/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md @@ -54,7 +54,7 @@ O elemento `NameID` é obrigatório, mesmo que os outros atributos estejam prese {% note %} -**Observação**: Se o `NameID` para um usuário for alterado no IdP, o usuário verá uma mensagem de erro ao tentar entrar na sua instância do {% data variables.product.prodname_ghe_server %}. {% ifversion ghes %}Para restaurar o acesso do usuário, você precisa atualizar o mapeamento do `NameID` da conta do usuário. Para obter mais informações, consulte "[Atualizar o `NameIDo`](#updating-a-users-saml-nameid) do SAML.{% else %} Para obter mais informações, consulte "[Erro: 'Outro usuário já possui a conta'](#error-another-user-already-owns-the-account)."{% endif %} +**Obersvação**: Se `NameID` para um usuário mudar no IdP, o usuário verá uma mensagem de erro ao tentar acessar {% data variables.product.product_location %}. Para restaurar o acesso do usuário, você deverá atualizar o mapeamento de `NameID` da conta do usuário. Para obter mais informações, consulte "[Atualizando `NameID`](#updating-a-users-saml-nameid) do SAML de um usuário." {% endnote %} @@ -96,6 +96,14 @@ Para especificar mais de um valor para um atributo, use múltiplos elementos de ## Definir configurações SAML +Você pode habilitar ou desabilitar a autenticação do SAML para {% data variables.product.product_location %} ou você pode editar uma configuração existente. Você pode ver e editar as configurações de autenticação para {% data variables.product.product_name %} no {% data variables.enterprise.management_console %}. Para obter mais informações, consulte "[Acessando o console de gerenciamento](/admin/configuration/configuring-your-enterprise/accessing-the-management-console)". + +{% note %} + +**Observação**: {% data reusables.enterprise.test-in-staging %} + +{% endnote %} + {% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.management-console %} {% data reusables.enterprise_management_console.authentication %} @@ -118,19 +126,11 @@ Para especificar mais de um valor para um atributo, use múltiplos elementos de 1. Selecione **Disable administrator demotion/promotion** (Desabilitar rebaixamento/promoção do administrador) se você **não** quiser que o provedor SAML determine direitos de administrador para usuários no {% data variables.product.product_location %}. ![Opção da captura de tela para habilitar a opção de respeitar o atributo do "administrador" do IdP para habilitar ou desabilitar as permissões administrativas](/assets/images/enterprise/management-console/disable-admin-demotion-promotion.png) -1. Opcionalmente, para permitir que {% data variables.product.product_location %} envie e receba declarações criptografadas para e do seu IdP do SAML, selecione **Exigir declarações criptografadas**. Para obter mais informações, consulte "[Habilitando declarações criptografadas](#enabling-encrypted-assertions)". +{%- ifversion ghes > 3.3 %} +1. Opcionalmente, para permitir que {% data variables.product.product_location %} receba asserções criptografadas do IdP do seu SAML, selecione **Exigir declarações criptografadas**. Você deve garantir que seu IdP é compatível com declarações e que a criptografia e os métodos de transporte principais no console de gerenciamento correspondem aos valores configurados no seu IdP. Você também deve fornecer o certificado público de {% data variables.product.product_location %} ao seu IdP. Para obter mais informações, consulte "[Habilitando declarações criptografadas](#enabling-encrypted-assertions)". ![Captura de tela da caixa de seleção "Habilitar declarações criptografadas" na seção de gerenciamento do console "Autenticação"](/assets/images/help/saml/management-console-enable-encrypted-assertions.png) - - {% warning %} - - **Aviso**: A configuração incorreta de declarações criptografadas pode fazer com que toda autenticação de {% data variables.product.product_location %} falhe. - - - Você deve garantir que seu IdP é compatível com declarações e que a criptografia e os métodos de transporte principais no console de gerenciamento correspondem aos valores configurados no seu IdP. Você também deve fornecer o certificado público de {% data variables.product.product_location %} ao seu IdP. Para obter mais informações, consulte "[Habilitando declarações criptografadas](#enabling-encrypted-assertions)". - - - Antes de habilitar as declarações criptografadas, {% data variables.product.company_short %} recomenda verificações criptografadas de teste em um ambiente de preparo e confirma que a autenticação do SAML funciona como você espera. Para obter mais informações, consulte "[Configurar instância de preparo](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)". - - {% endwarning %} +{%- endif %} 1. No campo **URL de logon único**, digite o ponto de extremidade de HTTP ou HTTPS no seu IdP para solicitações de logon único. Esse valor é fornecido pela configuração do IdP. Se o host estiver disponível apenas na sua rede interna, você pode precisar que [configure {% data variables.product.product_location %} para usar servidores de nomes internos](/enterprise/{{ currentVersion }}/admin/guides/installation/configuring-dns-nameservers/). ![Captura de tela do campo de texto para a URL de acesso único](/assets/images/enterprise/management-console/saml-single-sign-url.png) @@ -153,37 +153,38 @@ Para especificar mais de um valor para um atributo, use múltiplos elementos de Para habilitar asserções criptografadas, seu IdP do SAML também deve ser comparível com as declarações criptografadas. Você deve fornecer o certificado público de {% data variables.product.product_location %} ao seu IdP e definir as configurações de criptografia que correspondem ao seu IdP. -{% warning %} +{% note %} -**Aviso**: A configuração incorreta de declarações criptografadas pode fazer com que toda autenticação de {% data variables.product.product_location %} falhe. {% data variables.product.company_short %} recomenda testar sua configuração SAML em um ambiente de preparo. Para obter mais informações sobre instâncias de preparo, consulte "[Configurando uma instância de preparo](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)". +**Observação**: {% data reusables.enterprise.test-in-staging %} -{% endwarning %} +{% endnote %} -1. Configurar o SAML para {% data variables.product.product_location %}. Para obter mais informações, consulte "[Definindo as configurações do SAML](#configuring-saml-settings)". -{% data reusables.enterprise_installation.ssh-into-instance %} -1. Executa o seguinte comando para a saída do certificado público de {% data variables.product.product_location %}. - - openssl pkcs12 -in /data/user/common/saml-sp.p12 -nokeys -passin pass: -1. Na saída, copie o texto que começa com `-----BEGIN CERTIFICATE-----` e que termina com `-----END CERTIFICATE-----` e cole a saída em um arquivo de texto simples. -1. Efetue o login no seu IdP do SAML como administrador. -1. No aplicativo para {% data variables.product.product_location %}, habilite as declarações criptografadas. - - Observe o método de criptografia e o método de transporte principal. - - Forneça o certificado público da etapa 3. +1. Opcionalmente, habilite a depuração do SAML. A depuração do SAML registra entradas detalhadas no registro de autenticação de {% data variables.product.product_name %} e pode ajudar você a solucionar problemas com falha nas tentativas de autenticação. Para obter mais informações, consulte "[Configurando a depuração do SAML](#configuring-saml-debugging)". {% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.management-console %} {% data reusables.enterprise_management_console.authentication %} 1. Selecione **Exigir declarações criptografadas**. ![Captura de tela da caixa de seleção "Habilitar declarações criptografadas" na seção de gerenciamento do console "Autenticação"](/assets/images/help/saml/management-console-enable-encrypted-assertions.png) -1. À direita de "Método de criptografia", selecione o método de criptografia para seu IdP a partir da etapa 5. +1. À direita do "Certificado de criptografia", clique em **Download** para salvar uma cópia do certificado público de {% data variables.product.product_location %} em sua máquina local. + + ![Captura de tela do botão "Download" para certificado público para declarações criptografadas](/assets/images/help/saml/management-console-encrypted-assertions-download-certificate.png) +1. Efetue o login no seu IdP do SAML como administrador. +1. No aplicativo para {% data variables.product.product_location %}, habilite as declarações criptografadas. + - Observe o método de criptografia e o método de transporte principal. + - Forneça o certificado público que você baixou na etapa 7. +1. Retorne ao console de gerenciamento em {% data variables.product.product_location %}. +1. À direita de "Método de criptografia", selecione o método de criptografia para seu IdP a partir da etapa 9. ![Captura de tela de "Método de criptografia" para declarações criptografadas](/assets/images/help/saml/management-console-encrypted-assertions-encryption-method.png) -1. À direita do "Principal método de transporte", selecione o principal método de transporte para seu IdP da etapa 5. +1. À direita do "Principal método de transporte", selecione o principal método de transporte para seu IdP da etapa 9. ![Captura de tela de "Principal método de transporte" para declarações criptografadas](/assets/images/help/saml/management-console-encrypted-assertions-key-transport-method.png) 1. Clique em **Save settings** (Salvar configurações). {% data reusables.enterprise_site_admin_settings.wait-for-configuration-run %} +Se você habilitou a depuração do SAML para testar a autenticação com declarações criptografadas, desabilite a depuração do SAML quando terminar o teste. Para obter mais informações, consulte "[Configurando a depuração do SAML](#configuring-saml-debugging)". + {% endif %} ## Atualizando `NameID` do SAML de um usuário @@ -240,11 +241,11 @@ Quando o usuário inicia a sessão novamente, {% data variables.product.prodname > Outro usuário já possui a conta. Solicite ao administrador que verifique o registro de autenticação. -De modo geral, a mensagem indica que o nome de usuário ou endereço de email da pessoa foi alterado no IdP. {% ifversion ghes %}Certifique-se de que o mapeamento do `NameID` para a conta do usuário no {% data variables.product.prodname_ghe_server %} corresponde ao `NameID` do usuário no seu IdP. Para obter mais informações, consulte "[Atualizar o `NameID`](#updating-a-users-saml-nameid) do SAML.{% else %}Para obter ajuda para atualizar o mapeamento do `NameID`, entre em contato com {% data variables.contact.contact_ent_support %}.{% endif %} +De modo geral, a mensagem indica que o nome de usuário ou endereço de email da pessoa foi alterado no IdP. Certifique-se de que o mapeamento do `NameID` para a conta do usuário no {% data variables.product.prodname_ghe_server %} corresponde ao `NameID` do usuário no seu IdP. Para obter mais informações, consulte "[Atualizando `NameID`](#updating-a-users-saml-nameid) do SAML de um usuário." ### Se a resposta SAML não estiver assinada ou se a assinatura não corresponder ao conteúdo, o log de autenticação mostrará a seguinte mensagem de erro: -Se o `Destinatário` não coincide com a URL do ACS para a sua instância de {% data variables.product.prodname_ghe_server %}, uma das seguintes duas mensagens de erro aparecerá no log de autenticação quando um usuário tentar efetuar a autenticação. +Se o `Destinatário` não coincidir com o URL do ACS para {% data variables.product.product_location %}, uma das seguintes duas mensagens de erro aparecerá no registro de autenticação quando um usuário tentar efetuar a autenticação. ``` Recipient na resposta SAML não pode ficar em branco. @@ -254,7 +255,7 @@ Recipient na resposta SAML não pode ficar em branco. Recipient na resposta SAML não era válido. ``` -Certifique-se de definir o valor de `Destinatário` no seu IdP como a URL do ACS completo para a sua instância do {% data variables.product.prodname_ghe_server %}. Por exemplo, `https://ghe.corp.example.com/saml/consume`. +Certifique-se de definir o valor para `Destinatário` no seu IdP para o URL doACS completo para {% data variables.product.product_location %}. Por exemplo, `https://ghe.corp.example.com/saml/consume`. ### Erro: "Resposta do SAML não foi assinada ou foi modificada" @@ -274,4 +275,40 @@ Se a resposta do IdP tiver um valor ausente ou incorreto para `Audiência`, a se Audience inválido. O atributo Audience não corresponde a url_sua_instância ``` -Certifique-se de definir o valor para `Audiência` no seu IdP para a `EntityId` para a sua instância do {% data variables.product.prodname_ghe_server %}, que é a URL completa para sua instância do {% data variables.product.prodname_ghe_server %}. Por exemplo, `https://ghe.corp.example.com`. +Certifique-se de que você definiu o valor para `Audiência` no seu IdP para `EntityId` para {% data variables.product.product_location %}, que é o URL completo para {% data variables.product.product_location %}. Por exemplo, `https://ghe.corp.example.com`. + +### Configurando a depuração do SAML + +Você pode configurar {% data variables.product.product_name %} para escrever registros de depuração detalhados em _/var/log/github/auth.log_ para cada tentativa de autenticação do SAML. É possível que você possa solucionar problemas com tentativas de autenticação com esta saída extra. + +{% warning %} + +**Avisos**: + +- Habilite apenas a depuração do SAML temporariamente e desabilite a depuração imediatamente após terminar a solução de problemas. Se você deixar a depuração habilitada, o tamanho do seu registro poderá aumentar muito mais rápido do que o normal, o que pode impactar negativamente o desempenho de {% data variables.product.product_name %}. +- Teste novas configurações de autenticação para {% data variables.product.product_location %} em um ambiente de teste antes de aplicar as configurações no seu ambiente de produção. Para obter mais informações, consulte "[Configurar instância de preparo](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)". + +{% endwarning %} + +{% data reusables.enterprise-accounts.access-enterprise %} +{% data reusables.enterprise-accounts.policies-tab %} +{% data reusables.enterprise-accounts.options-tab %} +1. Em "Depuração do SAML", selecione o menu suspenso e clique em **Habilitado**. + + ![Captura de tela da lista suspensa para habilitar a depuração do SAML](/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-enabled.png) + +1. Tentar efetuar o login no {% data variables.product.product_location %} por meio do IdP do seu SAML. + +1. Revise a saída de depuração em _/var/log/github/auth.log_ em {% data variables.product.product_location %}. + +1. Quando você estiver solucionando problemas, selecione o menu suspenso e clique em **Desabilitado**. + + ![Captura de tela da lista suspensa para desaabilitar a depuração do SAML](/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-disabled.png) + +### Decodificando respostas em _auth.log_ + +Alguma saída em _auth.log_ pode ser codificada em Base64. Você pode acessar o shell administrativo e usar o utilitário `base64` em {% data variables.product.product_location %} para decodificar essas respostas. Para obter mais informações, consulte "[Acessar o shell administrativo (SSH)](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh)". + +```shell +$ base64 --decode ENCODED OUTPUT +``` diff --git a/translations/pt-BR/content/admin/index.md b/translations/pt-BR/content/admin/index.md index 711994ff0c..53cbcfa612 100644 --- a/translations/pt-BR/content/admin/index.md +++ b/translations/pt-BR/content/admin/index.md @@ -96,7 +96,7 @@ featuredLinks: - '{% ifversion ghae %}/admin/identity-and-access-management/configuring-authentication-and-provisioning-for-your-enterprise-using-azure-ad{% endif %}' - '{% ifversion ghae %}/billing/managing-billing-for-your-github-account/about-billing-for-your-enterprise{% endif %}' - '{% ifversion ghae %}/admin/overview/about-upgrades-to-new-releases{% endif %}' - - '{% ifversion ghae %}/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae{% endif %}' + - '{% ifversion ghae %}/admin/configuration/configuring-your-enterprise/deploying-github-ae{% endif %}' - '{% ifversion ghes %}/billing/managing-your-license-for-github-enterprise{% endif %}' - '{% ifversion ghes %}/admin/configuration/command-line-utilities{% endif %}' - '{% ifversion ghec %}/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise{% endif %}' diff --git a/translations/pt-BR/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md b/translations/pt-BR/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md index d58f1fd37e..a285a8c6df 100644 --- a/translations/pt-BR/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md +++ b/translations/pt-BR/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md @@ -25,7 +25,7 @@ Você pode fazer três tipos de migração: Durante uma migração, tudo gira em torno do repositório. A maioria dos dados associados ao repositório pode ser migrada. Por exemplo, um repositório dentro de uma organização migrará o repositório *e* a organização, além dos usuários, equipes, problemas e pull requests associados ao repositório. -Os itens na tabela abaixo podem ser migrados com um repositório. Não é possível migrar os itens que não constam na lista. +Os itens na tabela abaixo podem ser migrados com um repositório. Any items not shown in the list of migrated data can not be migrated, including {% data variables.large_files.product_name_short %} assets. {% data reusables.enterprise_migrations.fork-persistence %} diff --git a/translations/pt-BR/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md b/translations/pt-BR/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md index 1f221de627..b13485f5c3 100644 --- a/translations/pt-BR/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md +++ b/translations/pt-BR/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md @@ -25,7 +25,7 @@ shortTitle: Verificar se há chave SSH existente # Lists the files in your .ssh directory, if they exist ``` -3. Verifique a listagem do diretório para verificar se você já tem uma chave SSH pública. Por padrão, o nome de arquivo {% ifversion ghae %} de uma chave pública compatível com {% data variables.product.product_name %} é *id_rsa.pub*.{% elsif fpt or ghes %}nomes de arquivos de chaves públicas compatíveis com {% data variables.product.product_name %} são um dos listados a seguir. +3. Verifique a listagem do diretório para verificar se você já tem uma chave SSH pública. Por padrão, o nome de arquivo {% ifversion ghae %} de uma chave pública compatível com {% data variables.product.product_name %} é *id_rsa.pub*.{% else %}nomes de arquivos de chaves públicas compatíveis com {% data variables.product.product_name %} são um dos listados a seguir. - *id_rsa.pub* - *id_ecdsa.pub* - *id_ed25519.pub*{% endif %} diff --git a/translations/pt-BR/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md b/translations/pt-BR/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md index 86376f693a..0e69fe4559 100644 --- a/translations/pt-BR/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md +++ b/translations/pt-BR/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md @@ -37,7 +37,7 @@ Quando você testar a conexão, precisará autenticar essa ação usando sua sen > Tem certeza de que deseja continuar com a conexão (sim/não)? ``` -3. Verifique se a impressão digital na mensagem em que você vê correspondências com {% ifversion fpt or ghec %}[{% data variables.product.prodname_dotcom %} é da chave pública de RSA de](/github/authenticating-to-github/githubs-ssh-key-fingerprints){% else %} é da chave pública da sua empresa{% endif %}. Se isso acontecer, digite `sim`: +3. Verifique se a impressão digital da mensagem que você vê corresponde à {% ifversion fpt or ghec %}[ impressão digital da chave pública de {% data variables.product.prodname_dotcom %}](/github/authenticating-to-github/githubs-ssh-key-fingerprints){% else %} impressão digital da chave pública da sua empresa{% endif %}. Se isso acontecer, digite `sim`: ```shell > Olá, username! You've successfully authenticated, but GitHub does not > provide shell access. diff --git a/translations/pt-BR/content/authentication/managing-commit-signature-verification/signing-tags.md b/translations/pt-BR/content/authentication/managing-commit-signature-verification/signing-tags.md index 53402836b1..77d6ab7ac8 100644 --- a/translations/pt-BR/content/authentication/managing-commit-signature-verification/signing-tags.md +++ b/translations/pt-BR/content/authentication/managing-commit-signature-verification/signing-tags.md @@ -23,7 +23,7 @@ topics: $ git tag -s mytag # Creates a signed tag ``` -2. Verify your signed tag by running `git tag -v [tag-name]`. +2. Verifique a tag assinada executando `git tag -v [tag-name]`. ```shell $ git tag -v mytag # Verifies the signed tag diff --git a/translations/pt-BR/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md b/translations/pt-BR/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md index 492e72e225..4c75b7f042 100644 --- a/translations/pt-BR/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md +++ b/translations/pt-BR/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md @@ -33,7 +33,7 @@ Se deu certo, ótimo! Caso contrário, [siga nosso guia para solução de proble Se você conseguir fazer SSH para `git@ssh.{% data variables.command_line.backticks %}` por meio da porta 443, você poderá substituir as configurações SSH para forçar qualquer conexão ao {% data variables.product.product_location %} a ser executada nesse servidor e nessa porta. -Para definir isso no seu arquivo de configuração do SSH, edite o arquivo em `~/.ssh/config` e adicione esta seção: +To set this in your SSH configuration file, edit the file at `~/.ssh/config`, and add this section: ``` Host {% data variables.command_line.codeblock %} diff --git a/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md b/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md index 3d628cfa43..60fc384867 100644 --- a/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md +++ b/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md @@ -27,7 +27,15 @@ By default, {% data variables.product.prodname_code_scanning %} analyzes your co Each alert highlights a problem with the code and the name of the tool that identified it. You can see the line of code that triggered the alert, as well as properties of the alert, such as the alert severity{% ifversion fpt or ghes > 3.1 or ghae or ghec %}, security severity,{% endif %} and the nature of the problem. Alerts also tell you when the issue was first introduced. For alerts identified by {% data variables.product.prodname_codeql %} analysis, you will also see information on how to fix the problem. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.alert-default-branch %} +{% endif %} + +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Example alert from {% data variables.product.prodname_code_scanning %}](/assets/images/help/repository/code-scanning-alert.png) +{% else %} +![Example alert from {% data variables.product.prodname_code_scanning %}](/assets/images/enterprise/3.4/repository/code-scanning-alert.png) +{% endif %} If you set up {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %}, you can also find data-flow problems in your code. Data-flow analysis finds potential security issues in code, such as: using data insecurely, passing dangerous arguments to functions, and leaking sensitive information. diff --git a/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md b/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md index 51cb41963c..e7c8cf69d3 100644 --- a/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md +++ b/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md @@ -45,8 +45,16 @@ Por padrão, a página de verificação de código de alertas é filtrada para m {% else %} ![Lista de alertas de {% data variables.product.prodname_code_scanning %}](/assets/images/enterprise/3.1/help/repository/code-scanning-click-alert.png) {% endif %} -1. Opcionalmente, se o alerta destacar um problema com o fluxo de dados, clique em **Mostrar caminhos** para exibir o caminho da fonte de dados até o destino onde é usado. ![O link "Exibir caminhos" em um alerta](/assets/images/help/repository/code-scanning-show-paths.png) -1. Alertas da análise de {% data variables.product.prodname_codeql %} incluem uma descrição do problema. Clique em **Mostrar mais** para obter orientação sobre como corrigir seu código. ![Detalhes para um alerta](/assets/images/help/repository/code-scanning-alert-details.png) +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} + {% data reusables.code-scanning.alert-default-branch %} + ![The "Affected branches" section in an alert](/assets/images/help/repository/code-scanning-affected-branches.png){% endif %} +1. Opcionalmente, se o alerta destacar um problema com o fluxo de dados, clique em **Mostrar caminhos** para exibir o caminho da fonte de dados até o destino onde é usado. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} + ![O link "Exibir caminhos" em um alerta](/assets/images/help/repository/code-scanning-show-paths.png) + {% else %} + ![O link "Exibir caminhos" em um alerta](/assets/images/enterprise/3.4/repository/code-scanning-show-paths.png) + {% endif %} +2. Alertas da análise de {% data variables.product.prodname_codeql %} incluem uma descrição do problema. Clique em **Mostrar mais** para obter orientação sobre como corrigir seu código. ![Detalhes para um alerta](/assets/images/help/repository/code-scanning-alert-details.png) Para obter mais informações, consulte "[Sobre alertas de {% data variables.product.prodname_code_scanning %}](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts)". @@ -75,6 +83,10 @@ O benefício de usar filtros de palavra-chave é que apenas os valores com resul Se você inserir vários filtros, a visualização mostrará alertas que correspondem a _todos_ esses filtros. Por exemplo, `is:closed severity:high branch:main` só exibirá alertas de alta gravidade fechados e que estão presentes no branch `principal`. A exceção são os filtros relacionados a refs (`ref`, `branch` e `pr`): `is:open branch:main branch:next` irá mostrar alertas abertos do branch `principal` do `próximo` branch. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.filter-non-default-branches %} +{% endif %} + {% ifversion fpt or ghes > 3.3 or ghec %} Você pode prefixar o filtro `tag` com `-` para excluir resultados com essa tag. Por exemplo, `-tag:style` mostra apenas alertas que não têm a tag `estilo`{% if codeql-ml-queries %} e `-tag:experimental` omitirá todos os alertas experimentais. Para obter mais informações, consulte "[Sobre alertas de{% data variables.product.prodname_code_scanning %}](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts#about-experimental-alerts)."{% else %}.{% endif %} @@ -91,11 +103,12 @@ Você pode usar o filtro "Apenas alertas no código do aplicativo" ou a palavra- Você pode pesquisar na lista de alertas. Isso é útil se houver um grande número de alertas no seu repositório, ou, por exemplo, se você não souber o nome exato de um alerta. {% data variables.product.product_name %} realiza a pesquisa de texto livre: - O nome do alerta -- A descrição do alerta - Os detalhes do alerta (isso também inclui as informações ocultas da visualização por padrão na seção ocultável **Mostrar mais**) - + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Informações de alerta usadas em pesquisas](/assets/images/help/repository/code-scanning-free-text-search-areas.png) - + {% else %} + ![Informações de alerta usadas em pesquisas](/assets/images/enterprise/3.4/repository/code-scanning-free-text-search-areas.png) +{% endif %} | Pesquisa compatível | Exemplo de sintaxe | Resultados | | -------------------------------------------------------- | ------------------ | ----------------------------------------------------------------------- | | Pesquisa de uma palavra | `injeção` | Retorna todos os alertas que contêm a palavra `injeção` | @@ -108,7 +121,7 @@ Você pode pesquisar na lista de alertas. Isso é útil se houver um grande núm **Dicas:** - A busca múltipla de palavras é equivalente a uma busca OU. -- A busca E retornará resultados em que os termos da pesquisa são encontrados _em qualquer lugar_, em qualquer ordem no nome do alerta, descrição ou detalhes. +- A pesquisa E retornará resultados em que os termos da pesquisa são encontrados _em qualquer lugar_, em qualquer ordem no nome ou informações do alerta. {% endtip %} @@ -137,7 +150,7 @@ Se você tem permissão de escrita em um repositório, você pode visualizar ale Você pode usar{% ifversion fpt or ghes > 3.1 or ghae or ghec %} a pesquisa de texto livre ou{% endif %} os filtros para exibir um subconjunto de alertas e, em seguida, marcar, por sua vez, todos os alertas correspondentes como fechados. -Alertas podem ser corrigidos em um branch, mas não em outro. Você pode usar o menu suspenso "Branch", no resumo dos alertas, para verificar se um alerta é corrigido em um branch específico. +Alertas podem ser corrigidos em um branch, mas não em outro. Você pode usar o filtro "Branch", no resumo dos alertas, para verificar se um alerta é corrigido em um branch específico. {% ifversion fpt or ghes > 3.1 or ghae or ghec %} ![Filtrar alertas por branch](/assets/images/help/repository/code-scanning-branch-filter.png) @@ -145,6 +158,9 @@ Alertas podem ser corrigidos em um branch, mas não em outro. Você pode usar o ![Filtrar alertas por branch](/assets/images/enterprise/3.1/help/repository/code-scanning-branch-filter.png) {% endif %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.filter-non-default-branches %} +{% endif %} ## Ignorar ou excluir alertas Há duas formas de fechar um alerta. Você pode corrigir o problema no código ou pode ignorar o alerta. Como alternativa, se você tiver permissões de administrador para o repositório, será possível excluir alertas. Excluir alertas é útil em situações em que você configurou uma ferramenta {% data variables.product.prodname_code_scanning %} e, em seguida, decidiu removê-la ou em situações em que você configurou a análise de {% data variables.product.prodname_codeql %} com um conjunto de consultas maior do que você deseja continuar usando, e, em seguida, você removeu algumas consultas da ferramenta. Em ambos os casos, excluir alertas permite limpar os seus resultados de {% data variables.product.prodname_code_scanning %}. Você pode excluir alertas da lista de resumo dentro da aba **Segurança**. diff --git a/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md b/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md index 6823f32df7..c4aeda1fe1 100644 --- a/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md +++ b/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md @@ -39,7 +39,11 @@ Você pode usar mais de um problema para rastrear o mesmo alerta de {% data vari - Uma seção "rastreado em" também será exibida na página de alerta correspondente. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![A anotação rastreada na página de alerta de digitalização do código](/assets/images/help/repository/code-scanning-alert-tracked-in-pill.png) + {% else %} + ![A anotação rastreada na página de alerta de digitalização do código](/assets/images/enterprise/3.4/repository/code-scanning-alert-tracked-in-pill.png) + {% endif %} - No problema de rastreado, {% data variables.product.prodname_dotcom %} exibe um ícone do selo de segurança na lista de tarefas e no hovercard. @@ -64,7 +68,12 @@ O status do alerta rastreado não mudará se você alterar o status da caixa de {% data reusables.code-scanning.explore-alert %} 1. Opcionalmente, para encontrar o alerta a rastrear, você pode usar a pesquisa de texto livre ou os menus suspensos para filtrar e localizar o alerta. Para obter mais informações, consulte "[Gerenciar alertas de varredura de código para seu repositório](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#filtering-code-scanning-alerts). " {% endif %} -1. Na parte superior da página, no lado direito, clique em **Criar problema**. ![Crie um problema de rastreamento para o alerta de digitalização de código](/assets/images/help/repository/code-scanning-create-issue-for-alert.png) +1. Na parte superior da página, no lado direito, clique em **Criar problema**. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} + ![Crie um problema de rastreamento para o alerta de digitalização de código](/assets/images/help/repository/code-scanning-create-issue-for-alert.png) + {% else %} + ![Crie um problema de rastreamento para o alerta de digitalização de código](/assets/images/enterprise/3.4/repository/code-scanning-create-issue-for-alert.png) + {% endif %} {% data variables.product.prodname_dotcom %} cria automaticamente um problema para acompanhar o alerta e adiciona o alerta como um item da lista de tarefas. {% data variables.product.prodname_dotcom %} preenche o problema: - O título contém o nome do alerta de {% data variables.product.prodname_code_scanning %}. diff --git a/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md b/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md index a7458d34b7..76ad288ab5 100644 --- a/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md +++ b/translations/pt-BR/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md @@ -74,10 +74,17 @@ Se você tiver permissão de gravação para o repositório, algumas anotações Para ver mais informações sobre um alerta, os usuários com permissão de gravação podem clicar no link **Mostrar mais detalhes**, exibido na anotação. Isso permite que você veja todos os contextos e metadados fornecidos pela ferramenta em uma exibição de alerta. No exemplo abaixo, você pode ver tags que mostram a gravidade, o tipo e as enumerações de fraquezas comuns relevantes (CWEs) para o problema. A vista mostra também quais commits introduziram o problema. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.alert-default-branch %} +{% endif %} + Na visualização detalhada de um alerta, algumas ferramentas de {% data variables.product.prodname_code_scanning %}, como a análise de {% data variables.product.prodname_codeql %} também incluem uma descrição do problema e um link **Mostrar mais** para obter orientações sobre como corrigir seu código. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Descrição do alerta e link para mostrar mais informações](/assets/images/help/repository/code-scanning-pr-alert.png) - +{% else %} +![Descrição do alerta e link para mostrar mais informações](/assets/images/enterprise/3.4/repository/code-scanning-pr-alert.png) +{% endif %} ## Corrigir de um alerta no seu pull request Qualquer pessoa com acesso push a um pull request pode corrigir um alerta de {% data variables.product.prodname_code_scanning %} que seja identificado nesse pull request. Se você fizer commit de alterações na solicitação do pull request, isto acionará uma nova execução das verificações do pull request. Se suas alterações corrigirem o problema, o alerta será fechado e a anotação removida. diff --git a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md b/translations/pt-BR/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md similarity index 94% rename from translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md rename to translations/pt-BR/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md index 19e990d76e..23b4e8f7f1 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md @@ -1,11 +1,12 @@ --- -title: Sobre alertas para dependências vulneráveis +title: Sobre alertas do Dependabot intro: 'O {% data variables.product.product_name %} envia {% data variables.product.prodname_dependabot_alerts %} quando detectamos vulnerabilidades que afetam o seu repositório.' redirect_from: - /articles/about-security-alerts-for-vulnerable-dependencies - /github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies - /github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies - /code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies versions: fpt: '*' ghes: '*' @@ -82,7 +83,7 @@ Para repositórios em que {% data variables.product.prodname_dependabot_security ## Acesso a {% data variables.product.prodname_dependabot_alerts %} -É possível ver todos os alertas que afetam um determinado projeto{% ifversion fpt or ghec %} na aba Segurança do repositório ou{% endif %} no gráfico de dependências do repositório. Para obter mais informações, consulte "[Visualizar e atualizar dependências vulneráveis no seu repositório](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository). " +É possível ver todos os alertas que afetam um determinado projeto{% ifversion fpt or ghec %} na aba Segurança do repositório ou{% endif %} no gráfico de dependências do repositório. Para obter mais informações, consulte "[Visualizando {% data variables.product.prodname_dependabot_alerts %} para dependências vulneráveis](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." Por padrão, notificamos as pessoas com permissões de administrador nos repositórios afetados sobre os novos {% data variables.product.prodname_dependabot_alerts %}. {% ifversion fpt or ghec %}{% data variables.product.product_name %} nunca divulga publicamente vulnerabilidades identificadas para qualquer repositório. Você também pode tornar o {% data variables.product.prodname_dependabot_alerts %} visível para pessoas ou repositórios de trabalho de equipes adicionais que você possui ou para os quais tem permissões de administrador. Para obter mais informações, consulte "[Gerenciar configurações de segurança e análise do repositório](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)". {% endif %} @@ -96,5 +97,5 @@ Você também pode ver todos os {% data variables.product.prodname_dependabot_al ## Leia mais - "[Sobre {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" -- "[Exibir e atualizar dependências vulneráveis no repositório](/articles/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% endif %} +- "[Visualizando {% data variables.product.prodname_dependabot_alerts %} para dependências vulneráveis](/articles/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% endif %} {% ifversion fpt or ghec %}- "[Privacidade em {% data variables.product.prodname_dotcom %}](/get-started/privacy-on-github)"{% endif %} diff --git a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md b/translations/pt-BR/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md similarity index 95% rename from translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md rename to translations/pt-BR/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md index b2d452d22f..f00c6a0e32 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md @@ -6,6 +6,7 @@ miniTocMaxHeadingLevel: 3 redirect_from: - /github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database - /code-security/supply-chain-security/browsing-security-vulnerabilities-in-the-github-advisory-database + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database versions: fpt: '*' ghec: '*' @@ -36,7 +37,7 @@ As consultorias revisadas por {% data variables.product.company_short %} são vu Analisamos cuidadosamente cada consultoria com relação à sua validade. Cada consultoria revisada por {% data variables.product.company_short %} tem uma descrição completa e contém informações de pacote e ecossistema. -Se você habilitar {% data variables.product.prodname_dependabot_alerts %} para os seus repositórios, você será notificado automaticamente quando uma nova consultoria revisada por {% data variables.product.company_short %} afetar pacotes dos quais você depende. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" +Se você habilitar {% data variables.product.prodname_dependabot_alerts %} para os seus repositórios, você será notificado automaticamente quando uma nova consultoria revisada por {% data variables.product.company_short %} afetar pacotes dos quais você depende. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)". ### Sobre consultorias não revisadas @@ -107,7 +108,7 @@ Você pode procurar no banco de dados e usar qualificadores para limitar sua bus ## Visualizar seus repositórios vulneráveis -Para qualquer consultoria revisada por {% data variables.product.company_short %} no {% data variables.product.prodname_advisory_database %}, você pode ver qual dos seus repositórios são afetados por essa vulnerabilidade de segurança. Para ver um repositório vulnerável, você deve ter acesso a {% data variables.product.prodname_dependabot_alerts %} para esse repositório. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)" +Para qualquer consultoria revisada por {% data variables.product.company_short %} no {% data variables.product.prodname_advisory_database %}, você pode ver qual dos seus repositórios são afetados por essa vulnerabilidade de segurança. Para ver um repositório vulnerável, você deve ter acesso a {% data variables.product.prodname_dependabot_alerts %} para esse repositório. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)". 1. Navegue até https://github.com/advisories. 2. Clique em uma consultoria. diff --git a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md b/translations/pt-BR/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md similarity index 92% rename from translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md rename to translations/pt-BR/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md index b6c03a41f0..f2b4d4e400 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md @@ -1,10 +1,11 @@ --- -title: Configurar notificações para dependências vulneráveis +title: Configurando notificações para alertas do Dependabot shortTitle: Configurar notificações intro: 'Otimize a forma como você recebe notificações sobre {% data variables.product.prodname_dependabot_alerts %}.' redirect_from: - /github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies - /code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies versions: fpt: '*' ghes: '*' @@ -59,7 +60,7 @@ Você pode definir as configurações de notificação para si mesmo ou para sua ## Como reduzir o ruído das notificações para dependências vulneráveis -Se você estiver preocupado em receber muitas notificações para {% data variables.product.prodname_dependabot_alerts %}, recomendamos que você opte pelo resumo semanal de e-mail ou desabilite as notificações enquanto mantém {% data variables.product.prodname_dependabot_alerts %} habilitado. Você ainda pode navegar para ver seu {% data variables.product.prodname_dependabot_alerts %} na aba Segurança do seu repositório. Para obter mais informações, consulte "[Visualizar e atualizar dependências vulneráveis no seu repositório](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository). " +Se você estiver preocupado em receber muitas notificações para {% data variables.product.prodname_dependabot_alerts %}, recomendamos que você opte pelo resumo semanal de e-mail ou desabilite as notificações enquanto mantém {% data variables.product.prodname_dependabot_alerts %} habilitado. Você ainda pode navegar para ver seu {% data variables.product.prodname_dependabot_alerts %} na aba Segurança do seu repositório. Para obter mais informações, consulte "[Visualizando {% data variables.product.prodname_dependabot_alerts %} para dependências vulneráveis](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." ## Leia mais diff --git a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md b/translations/pt-BR/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md similarity index 95% rename from translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md rename to translations/pt-BR/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md index 91ee6a0a3e..ec50e929e1 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md @@ -3,6 +3,7 @@ title: Editando consultorias de segurança no banco de dados consultivo do GitHu intro: 'Você pode enviar melhorias para qualquer consultoria publicada no {% data variables.product.prodname_advisory_database %}.' redirect_from: - /code-security/security-advisories/editing-security-advisories-in-the-github-advisory-database + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database versions: fpt: '*' ghec: '*' diff --git a/translations/pt-BR/content/code-security/dependabot/dependabot-alerts/index.md b/translations/pt-BR/content/code-security/dependabot/dependabot-alerts/index.md new file mode 100644 index 0000000000..2f23241ca5 --- /dev/null +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-alerts/index.md @@ -0,0 +1,24 @@ +--- +title: Identificando vulnerabilidades nas dependências do seu projeto com alertas do Dependabot +shortTitle: Alertas do Dependabot +intro: '{% data variables.product.prodname_dependabot %} gera {% data variables.product.prodname_dependabot_alerts %} quando as vulnerabilidades conhecidas são detectadas em dependências que o seu projeto usa.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +topics: + - Dependabot + - Alerts + - Vulnerabilities + - Repositories + - Dependencies +children: + - /browsing-security-vulnerabilities-in-the-github-advisory-database + - /editing-security-advisories-in-the-github-advisory-database + - /about-dependabot-alerts + - /viewing-and-updating-dependabot-alerts + - /configuring-notifications-for-dependabot-alerts +--- + diff --git a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md b/translations/pt-BR/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md similarity index 95% rename from translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md rename to translations/pt-BR/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md index b7079728ce..73864b1320 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md @@ -1,12 +1,13 @@ --- -title: Exibir e atualizar dependências vulneráveis no repositório +title: Visualizando e atualizando alertas do Dependabot intro: 'Se o {% data variables.product.product_name %} descobrir dependências vulneráveis no seu projeto, você poderá visualizá-las na aba de alertas do Dependabot no seu repositório. Em seguida, você pode atualizar seu projeto para resolver ou descartar a vulnerabilidade.' redirect_from: - /articles/viewing-and-updating-vulnerable-dependencies-in-your-repository - /github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository - /code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository permissions: Repository administrators and organization owners can view and update dependencies. -shortTitle: Visualizar as dependências vulneráveis +shortTitle: Ver alertas do Dependabot versions: fpt: '*' ghes: '*' @@ -25,7 +26,7 @@ topics: {% data reusables.dependabot.beta-security-and-version-updates %} {% data reusables.dependabot.enterprise-enable-dependabot %} -A aba de {% data variables.product.prodname_dependabot_alerts %} do seu repositório lista todos os {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt or ghec or ghes > 3.2 %} abertos e fechados correspondentes a {% data variables.product.prodname_dependabot_security_updates %}{% endif %}. Você pode{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} filtrar alertas por pacote, ecossistema ou manifesto. Você também pode{% endif %} ordernar a lista de alertas, além de poder clicar em alertas específicos para mais detalhes. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" +A aba de {% data variables.product.prodname_dependabot_alerts %} do seu repositório lista todos os {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt or ghec or ghes > 3.2 %} abertos e fechados correspondentes a {% data variables.product.prodname_dependabot_security_updates %}{% endif %}. Você pode{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} filtrar alertas por pacote, ecossistema ou manifesto. Você também pode{% endif %} ordernar a lista de alertas, além de poder clicar em alertas específicos para mais detalhes. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)". {% ifversion fpt or ghec or ghes > 3.2 %} É possível habilitar atualizações de segurança automáticas para qualquer repositório que usa o {% data variables.product.prodname_dependabot_alerts %} e o gráfico de dependências. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." @@ -98,7 +99,7 @@ Cada alerta de {% data variables.product.prodname_dependabot %} tem um identific ## Leia mais -- "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} - "[Configurar {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)"{% endif %} - "[Gerenciar as configurações de segurança e análise para o seu repositório](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" - "[Solução de problemas na detecção de dependências vulneráveis](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} diff --git a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md b/translations/pt-BR/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md similarity index 92% rename from translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md rename to translations/pt-BR/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md index b1e68c193b..4cd70ce83e 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md @@ -6,6 +6,7 @@ redirect_from: - /github/managing-security-vulnerabilities/about-github-dependabot-security-updates - /github/managing-security-vulnerabilities/about-dependabot-security-updates - /code-security/supply-chain-security/about-dependabot-security-updates + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates versions: fpt: '*' ghec: '*' @@ -27,7 +28,7 @@ topics: ## Sobre o {% data variables.product.prodname_dependabot_security_updates %} -{% data variables.product.prodname_dependabot_security_updates %} torna mais fácil para você corrigir dependências vulneráveis no seu repositório. Se você habilitar este recurso, quando um alerta de {% data variables.product.prodname_dependabot %} for criado para uma dependência vulnerável no gráfico de dependências do seu repositório, {% data variables.product.prodname_dependabot %} tenta corrigir isso automaticamente. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis de](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" e "[Configurar {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)". +{% data variables.product.prodname_dependabot_security_updates %} torna mais fácil para você corrigir dependências vulneráveis no seu repositório. Se você habilitar este recurso, quando um alerta de {% data variables.product.prodname_dependabot %} for criado para uma dependência vulnerável no gráfico de dependências do seu repositório, {% data variables.product.prodname_dependabot %} tenta corrigir isso automaticamente. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" e "[Configurando {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)". {% data variables.product.prodname_dotcom %} pode enviar {% data variables.product.prodname_dependabot_alerts %} para repositórios afetados por uma vulnerabilidade revelada por uma consultoria de segurança de {% data variables.product.prodname_dotcom %} recentemente publicada. {% data reusables.security-advisory.link-browsing-advisory-db %} diff --git a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md b/translations/pt-BR/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md similarity index 92% rename from translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md rename to translations/pt-BR/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md index 97d4eaa071..965fd7c827 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md @@ -9,6 +9,7 @@ redirect_from: - /github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates - /github/managing-security-vulnerabilities/configuring-dependabot-security-updates - /code-security/supply-chain-security/configuring-dependabot-security-updates + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates versions: fpt: '*' ghec: '*' @@ -70,12 +71,12 @@ O {% data variables.product.prodname_dependabot_security_updates %} exige config {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-security-and-analysis %} -1. Em "Segurança e análise de código" à direita de "atualizações de segurança de {% data variables.product.prodname_dependabot %}", clique em **Habilitar** ou **Desabilitar**. +1. Em "Segurança e análise de código", à direita de "atualizações de segurança de {% data variables.product.prodname_dependabot %}", clique em **Habilitar** para habilitar o recurso ou **Desabilitar** para desabilitá-lo. {% ifversion fpt or ghec %}Para repositórios públicos, o botão fica desabilitado se o recurso estiver sempre habilitado.{% endif %} {% ifversion fpt or ghec %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/help/repository/enable-dependabot-security-updates-button.png){% else %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/enterprise/3.3/repository/security-and-analysis-disable-or-enable-ghes.png){% endif %} ## Leia mais -- "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec %} +- "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec %} - "[Gerenciando configurações de uso de dados para o seu repositório privado](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)"{% endif %} - "[Ecossistemas de pacotes compatíveis](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)" diff --git a/translations/pt-BR/content/code-security/dependabot/dependabot-security-updates/index.md b/translations/pt-BR/content/code-security/dependabot/dependabot-security-updates/index.md new file mode 100644 index 0000000000..357aa2ce8c --- /dev/null +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-security-updates/index.md @@ -0,0 +1,20 @@ +--- +title: Atualizar dependências automaticamente com vulnerabilidades conhecidas com atualizações de segurança do Dependabot +intro: '{% data variables.product.prodname_dependabot %} pode ajudar você a corrigir dependências vulneráveis criando automaticamente pull requests para atualizar dependências para versões seguras.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Security updates + - Dependencies + - Pull requests +shortTitle: Atualizações de segurança do Dependabot +children: + - /about-dependabot-security-updates + - /configuring-dependabot-security-updates +--- + diff --git a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md b/translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md similarity index 90% rename from translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md rename to translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md index a48c403418..d02ca901ba 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md @@ -8,6 +8,7 @@ redirect_from: - /github/administering-a-repository/about-dependabot-version-updates - /code-security/supply-chain-security/about-dependabot-version-updates - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/upgrading-from-dependabotcom-to-github-native-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates versions: fpt: '*' ghec: '*' @@ -31,7 +32,7 @@ O {% data variables.product.prodname_dependabot %} facilita a manutenção de su Você habilita o {% data variables.product.prodname_dependabot_version_updates %} verificando um arquivo de configuração no seu repositório. O arquivo de configuração especifica a localização do manifesto ou de outros arquivos de definição de pacote, armazenados no seu repositório. O {% data variables.product.prodname_dependabot %} usa essas informações para verificar pacotes e aplicativos desatualizados. {% data variables.product.prodname_dependabot %} determina se há uma nova versão de uma dependência observando a versão semântica ([semver](https://semver.org/)) da dependência para decidir se deve atualizar para essa versão. Para certos gerentes de pacote, {% data variables.product.prodname_dependabot_version_updates %} também é compatível com armazenamento. Dependências de vendor (ou armazenadas) são dependências registradas em um diretório específico em um repositório, em vez de referenciadas em um manifesto. Dependências de vendor estão disponíveis no tempo de criação, ainda que os servidores de pacote estejam indisponíveis. {% data variables.product.prodname_dependabot_version_updates %} pode ser configurado para verificar as dependências de vendor para novas versões e atualizá-las, se necessário. -Quando {% data variables.product.prodname_dependabot %} identifica uma dependência desatualizada, ele cria uma pull request para atualizar o manifesto para a última versão da dependência. Para dependências de vendor, {% data variables.product.prodname_dependabot %} levanta um pull request para substituir diretamente a dependência desatualizada pela nova versão. Você verifica se os seus testes passam, revisa o changelog e lança observações incluídas no resumo do pull request e, em seguida, faz a mesclagem. Para obter mais informações, consulte "[Habilitando e desabilitando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)". +Quando {% data variables.product.prodname_dependabot %} identifica uma dependência desatualizada, ele cria uma pull request para atualizar o manifesto para a última versão da dependência. Para dependências de vendor, {% data variables.product.prodname_dependabot %} levanta um pull request para substituir diretamente a dependência desatualizada pela nova versão. Você verifica se os seus testes passam, revisa o changelog e lança observações incluídas no resumo do pull request e, em seguida, faz a mesclagem. Para obter mais informações, consulte "[Configurando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)". Se você habilitar _Atualizações de segurança_, {% data variables.product.prodname_dependabot %} também eleva pull requests para atualizar dependências vulneráveis. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." @@ -50,7 +51,7 @@ Se tiver habilitado atualizações de segurança, às vezes você verá atualiza ## Repositórios e ecossistemas suportados -É possível configurar atualizações de versão para repositórios que contenham um manifesto de dependência ou arquivo de bloqueio para um dos gerentes de pacotes suportados. Para alguns gerenciadores de pacotes, você também pode configurar o armazenamento para dependências. Para obter mais informações, consulte "[Opções de configuração para atualizações de dependências](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#vendor)". +É possível configurar atualizações de versão para repositórios que contenham um manifesto de dependência ou arquivo de bloqueio para um dos gerentes de pacotes suportados. Para alguns gerenciadores de pacotes, você também pode configurar o armazenamento para dependências. Para obter mais informações, consulte "[Opções de configuração para o arquivo dependabot.yml](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#vendor)". {% note %} {% data reusables.dependabot.private-dependencies-note %} diff --git a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md b/translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md similarity index 98% rename from translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md rename to translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md index 741b68509d..a561859e55 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md @@ -1,10 +1,12 @@ --- -title: Opções de configuração para atualizações de dependências +title: Opções de configuração para o arquivo dependabot.yml intro: 'Informações detalhadas para todas as opções que você pode usar para personalizar como o {% data variables.product.prodname_dependabot %} mantém seus repositórios.' permissions: 'People with write permissions to a repository can configure {% data variables.product.prodname_dependabot %} for the repository.' +allowTitleToDifferFromFilename: true redirect_from: - /github/administering-a-repository/configuration-options-for-dependency-updates - /code-security/supply-chain-security/configuration-options-for-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates miniTocMaxHeadingLevel: 3 versions: fpt: '*' @@ -17,7 +19,7 @@ topics: - Repositories - Dependencies - Pull requests -shortTitle: Opções de configuração +shortTitle: Configurar dependabot.yml --- {% data reusables.dependabot.beta-security-and-version-updates %} @@ -27,7 +29,7 @@ shortTitle: Opções de configuração O arquivo de configuração do {% data variables.product.prodname_dependabot %} , *dependabot.yml*, usa a sintaxe YAML. Se você não souber o que é YAMLe quiser saber mais, consulte "[Aprender a usar YAML em cinco minutos](https://www.codeproject.com/Articles/1214409/Learn-YAML-in-five-minutes)". -Você deve armazenar este arquivo no diretório `.github` do seu repositório. Ao adicionar ou atualizar o arquivo *dependabot.yml* , isso aciona uma verificação imediata de atualizações de versão. Para obter mais informações e exemplos, consulte "[Habilitando e desabilitando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-dependabot-version-updates)". +Você deve armazenar este arquivo no diretório `.github` do seu repositório. Ao adicionar ou atualizar o arquivo *dependabot.yml* , isso aciona uma verificação imediata de atualizações de versão. Para obter mais informações e um exemplo, consulte "[Configurando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-dependabot-version-updates)". Quaisquer opções que também afetem as atualizações de segurança são usadas na próxima vez que um alerta de segurança acionar um pull request para uma atualização de segurança. Para obter mais informações, consulte "[Configurando {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)." @@ -187,7 +189,7 @@ Use a opção `allow` para personalizar quais dependências são atualizadas. Is | -------------------- | --------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | | `direta` | Todas | Todas as dependências explicitamente definidas. | | `indireta` | `bundler`, `pip`, `composer`, `cargo` | Dependências de dependências diretas (também conhecidas como sub-dependências ou dependências transitórias). | - | `todos` | Todas | Todas as dependências explicitamente definidas. Para `bundler`, `pip`, `composer`, `cargo`, também as dependências de dependências diretas. | + | `tudo` | Todas | Todas as dependências explicitamente definidas. Para `bundler`, `pip`, `composer`, `cargo`, também as dependências de dependências diretas. | | `produção` | `bundler`, `composer`, `mix`, `maven`, `npm`, `pip` | Apenas dependências no "Grupo de dependência de produção". | | `desenvolvimento` | `bundler`, `composer`, `mix`, `maven`, `npm`, `pip` | Somente dependências no "grupo de dependência do desenvolvimento". | diff --git a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md b/translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md similarity index 93% rename from translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md rename to translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md index 70a3742479..6f58c413eb 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md @@ -1,11 +1,12 @@ --- -title: Habilitando e desabilitando as atualizações da versão do Dependabot +title: Configurando a versão das atualizações do Dependabot intro: 'Você pode configurar seu repositório para que o {% data variables.product.prodname_dependabot %} atualize automaticamente os pacotes que você usa.' permissions: 'People with write permissions to a repository can enable or disable {% data variables.product.prodname_dependabot_version_updates %} for the repository.' redirect_from: - /github/administering-a-repository/enabling-and-disabling-version-updates - /code-security/supply-chain-security/enabling-and-disabling-version-updates - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-version-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates versions: fpt: '*' ghec: '*' @@ -17,7 +18,7 @@ topics: - Repositories - Dependencies - Pull requests -shortTitle: Habilitar e desabilitar atualizações +shortTitle: Configurar atualizações da versão --- @@ -34,7 +35,7 @@ Você habilita {% data variables.product.prodname_dependabot_version_updates %}, ## Habilitar {% data variables.product.prodname_dependabot_version_updates %} -{% data reusables.dependabot.create-dependabot-yml %} Para obter informações, consulte "[Opções de configuração para atualizações de dependência](/github/administering-a-repository/configuration-options-for-dependency-updates)." +{% data reusables.dependabot.create-dependabot-yml %} Para obter informações, consulte "[Opções de configuração para o arquivo dependabot.yml](/github/administering-a-repository/configuration-options-for-dependency-updates)". 1. Adicione uma `versão`. 1. Opcionalmente, se você tiver dependências em um registro privado, adicione uma seção de `registros` que contém detalhes de autenticação. 1. Adicione uma seção de `atualizações` com uma entrada para cada gerenciador de pacotes que você deseja que {% data variables.product.prodname_dependabot %} monitore. @@ -138,4 +139,4 @@ updates: update-types: ["version-update:semver-patch"] ``` -Para obter mais informações sobre as verificações para preferências de ignore existentes, consulte "[Opções de configuração para atualizações de dependências](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)". +Para obter mais informações sobre a verificação de preferências de ignorados existentes, consulte "[Opções de configuração para o arquivo dependabot.yml](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)". diff --git a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md b/translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md similarity index 93% rename from translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md rename to translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md index ce35b8b783..085fc10df9 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md @@ -5,6 +5,7 @@ permissions: 'People with write permissions to a repository can configure {% dat redirect_from: - /github/administering-a-repository/customizing-dependency-updates - /code-security/supply-chain-security/customizing-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates versions: fpt: '*' ghec: '*' @@ -34,7 +35,7 @@ Depois que você habilitou as atualizações de versão, você pode personalizar - Alterar o número máximo de pull requests abertos para atualizações de versão a partir do padrão de 5: `open-pull-requests-limit` - Abrir pull requests para atualizações de versão para atingir um branch específico, em vez do branch padrão: `target-branch` -Para obter mais informações sobre as opções de configuração, consulte "[Opções de configuração para atualizações de dependências](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)". +Para obter mais informações sobre as opções de configuração, consulte "[Opções de configuração para o arquivo dependabot.yml](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)". Ao atualizar o arquivo *dependabot.yml* no seu repositório, o {% data variables.product.prodname_dependabot %} executa uma verificação imediata com a nova configuração. Dentro de minutos você verá uma lista atualizada de dependências na aba **{% data variables.product.prodname_dependabot %}**. Isso pode demorar mais se o repositório tiver muitas dependências. Você também pode ver novas pull requests para atualizações de versão. Para obter mais informações, consulte "[Listando dependências configuradas para atualizações da versão](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates)". @@ -140,4 +141,4 @@ updates: ## Mais exemplos -Para obter mais exemplos, consulte "[Opções de configuração para atualizações de dependências](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)". +Para obter mais exemplos, consulte "[Opções de configuração para o arquivo dependabot.yml](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates). ". diff --git a/translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/index.md b/translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/index.md new file mode 100644 index 0000000000..054c2a79d0 --- /dev/null +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/index.md @@ -0,0 +1,26 @@ +--- +title: Manter suas dependências atualizadas automaticamente com as atualizações da versão do Dependabot +intro: 'Você pode usar o {% data variables.product.prodname_dependabot %} para manter automaticamente as dependências e pacotes usados no repositório atualizados para a última versão mesmo quando não eles têm nenhuma vulnerabilidade conhecida.' +allowTitleToDifferFromFilename: true +redirect_from: + - /github/administering-a-repository/keeping-your-dependencies-updated-automatically + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Version updates + - Dependencies + - Pull requests +children: + - /about-dependabot-version-updates + - /configuring-dependabot-version-updates + - /listing-dependencies-configured-for-version-updates + - /customizing-dependency-updates + - /configuration-options-for-the-dependabot.yml-file +shortTitle: Atualizações de versão do Dependabot +--- + diff --git a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md b/translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md similarity index 86% rename from translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md rename to translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md index 9bfa039596..9c66ed3ed3 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md +++ b/translations/pt-BR/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md @@ -4,6 +4,7 @@ intro: 'Você pode visualizar as dependências que {% data variables.product.pro redirect_from: - /github/administering-a-repository/listing-dependencies-configured-for-version-updates - /code-security/supply-chain-security/listing-dependencies-configured-for-version-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates versions: fpt: '*' ghec: '*' @@ -22,7 +23,7 @@ shortTitle: Listar dependências configuradas ## Visualizando dependências monitoradas por {% data variables.product.prodname_dependabot %} -Depois de habilitar as atualizações de versão, você pode confirmar que a sua configuração está correta usando a aba **{% data variables.product.prodname_dependabot %}** no gráfico de dependências para o repositório. Para obter mais informações, consulte "[Habilitando e desabilitando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)". +Depois de habilitar as atualizações de versão, você pode confirmar que a sua configuração está correta usando a aba **{% data variables.product.prodname_dependabot %}** no gráfico de dependências para o repositório. Para obter mais informações, consulte "[Configurando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)". {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.accessing-repository-graphs %} diff --git a/translations/pt-BR/content/code-security/dependabot/index.md b/translations/pt-BR/content/code-security/dependabot/index.md new file mode 100644 index 0000000000..e080f0eaef --- /dev/null +++ b/translations/pt-BR/content/code-security/dependabot/index.md @@ -0,0 +1,23 @@ +--- +title: Mantendo sua cadeia de suprimentos em segurança com o Dependabot +shortTitle: Dependabot +intro: 'Monitore as vulnerabilidades em dependências usadas no seu projeto{% ifversion fpt or ghec or ghes > 3.2 %} e mantenha suas dependências atualizadas{% endif %} com {% data variables.product.prodname_dependabot %}.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +topics: + - Dependabot + - Alerts + - Vulnerabilities + - Repositories + - Dependencies +children: + - /dependabot-alerts + - /dependabot-security-updates + - /dependabot-version-updates + - /working-with-dependabot +--- + diff --git a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md similarity index 99% rename from translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md rename to translations/pt-BR/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md index 3347986c1d..ea6083fd93 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md +++ b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md @@ -17,6 +17,8 @@ topics: - Dependencies - Pull requests shortTitle: Use o Dependabot com ações +redirect_from: + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions --- {% data reusables.dependabot.beta-security-and-version-updates %} diff --git a/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/index.md b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/index.md new file mode 100644 index 0000000000..2a58fe8eec --- /dev/null +++ b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/index.md @@ -0,0 +1,24 @@ +--- +title: Trabalhando com Dependabot +shortTitle: Trabalhe com Dependabot +intro: 'Orientação e recomendações para trabalhar com {% data variables.product.prodname_dependabot %}, como gerenciar pull requests levantados por {% data variables.product.prodname_dependabot %}, usando {% data variables.product.prodname_actions %} com {% data variables.product.prodname_dependabot %} e solucionando erros de {% data variables.product.prodname_dependabot %}.' +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Version updates + - Security updates + - Dependencies + - Pull requests +children: + - /managing-pull-requests-for-dependency-updates + - /automating-dependabot-with-github-actions + - /keeping-your-actions-up-to-date-with-dependabot + - /managing-encrypted-secrets-for-dependabot + - /troubleshooting-the-detection-of-vulnerable-dependencies + - /troubleshooting-dependabot-errors +--- + diff --git a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md similarity index 90% rename from translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md rename to translations/pt-BR/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md index 7552586d98..62ee9f59f4 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md +++ b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md @@ -5,6 +5,7 @@ redirect_from: - /github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot - /github/administering-a-repository/keeping-your-actions-up-to-date-with-dependabot - /code-security/supply-chain-security/keeping-your-actions-up-to-date-with-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot versions: fpt: '*' ghec: '*' @@ -36,7 +37,7 @@ Ações são frequentemente atualizadas com correções de bugs e novos recursos 1. Defina um `schedule.interval` para especificar quantas vezes procurar por novas versões. {% data reusables.dependabot.check-in-dependabot-yml %} Se você tiver editado um arquivo existente, salve suas alterações. -Você também pode habilitar o {% data variables.product.prodname_dependabot_version_updates %} em bifurcações. Para obter mais informações, consulte "[Habilitando e desabilitando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-version-updates-on-forks)". +Você também pode habilitar o {% data variables.product.prodname_dependabot_version_updates %} em bifurcações. Para obter mais informações, consulte "[Configurando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-version-updates-on-forks)". ### Exemplo de arquivo *dependabot.yml* para {% data variables.product.prodname_actions %} @@ -57,7 +58,7 @@ updates: ## Configurando o {% data variables.product.prodname_dependabot_version_updates %} para ações -Ao habilitar {% data variables.product.prodname_dependabot_version_updates %} para ações, você deve especificar valores para `package-ecosystem`, `directory` e `schedule.interval`. Há muitas propriedades opcionais adicionais que você pode definir para personalizar ainda mais suas atualizações de versão. Para obter mais informações, consulte "[Opções de configuração para atualizações de dependências](/github/administering-a-repository/configuration-options-for-dependency-updates)". +Ao habilitar {% data variables.product.prodname_dependabot_version_updates %} para ações, você deve especificar valores para `package-ecosystem`, `directory` e `schedule.interval`. Há muitas propriedades opcionais adicionais que você pode definir para personalizar ainda mais suas atualizações de versão. Para obter mais informações, consulte "[Opções de configuração para o arquivo dependabot.yml](/github/administering-a-repository/configuration-options-for-dependency-updates)". ## Leia mais diff --git a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md similarity index 94% rename from translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md rename to translations/pt-BR/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md index 0281f2e30b..fb6d696ef6 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md +++ b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md @@ -4,6 +4,7 @@ intro: 'Você pode armazenar informações confidenciais como, por exemplo, senh redirect_from: - /github/administering-a-repository/managing-encrypted-secrets-for-dependabot - /code-security/supply-chain-security/managing-encrypted-secrets-for-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot versions: fpt: '*' ghec: '*' @@ -33,7 +34,7 @@ password: ${{secrets.MY_ARTIFACTORY_PASSWORD}} ``` {% endraw %} -Para obter mais informações, consulte "[Opções de configuração para atualizações de dependências](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)". +Para obter mais informações, consulte "[Opções de configuração para o arquivo dependabot.yml](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)". ### Nomear os seus segredos diff --git a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md similarity index 94% rename from translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md rename to translations/pt-BR/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md index d3b2dcda12..304da6b022 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md +++ b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md @@ -4,6 +4,7 @@ intro: 'Você gerencia pull requests criadas por {% data variables.product.prodn redirect_from: - /github/administering-a-repository/managing-pull-requests-for-dependency-updates - /code-security/supply-chain-security/managing-pull-requests-for-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates versions: fpt: '*' ghec: '*' @@ -41,7 +42,7 @@ Se você tem muitas dependências para gerenciar, você pode querer personalizar ## Alterando a estratégia de rebase para pull requests {% data variables.product.prodname_dependabot %} -Por padrão, o {% data variables.product.prodname_dependabot %} faz o rebasamento automaticamente das pull requests para resolver quaisquer conflitos. Se você preferir lidar com conflitos de merge manualmente, pode desativar isso usando a opção `rebase-strategy`. Para obter detalhes, consulte "[Opções de configuração para atualizações de dependências](/github/administering-a-repository/configuration-options-for-dependency-updates#rebase-strategy)". +Por padrão, o {% data variables.product.prodname_dependabot %} faz o rebasamento automaticamente das pull requests para resolver quaisquer conflitos. Se você preferir lidar com conflitos de merge manualmente, pode desativar isso usando a opção `rebase-strategy`. Para obter detalhes, consulte "[Opções de configuração para o arquivo dependabot.yml](/github/administering-a-repository/configuration-options-for-dependency-updates#rebase-strategy). ". ## Gerenciando pull requests {% data variables.product.prodname_dependabot %} com comandos de comentário @@ -62,4 +63,4 @@ Você pode usar qualquer um dos seguintes comandos em um pull request de {% data {% data variables.product.prodname_dependabot %} reagirá com um emoji "positivo" para reconhecer o comando e pode responder com um comentário no pull request. Embora {% data variables.product.prodname_dependabot %} normalmente responda rapidamente, alguns comandos podem levar vários minutos para serem concluídos se {% data variables.product.prodname_dependabot %} estiver ocupado processando outras atualizações ou comandos. -Se você executar algum comando para ignorar dependências ou versões, o {% data variables.product.prodname_dependabot %} armazena centralmente as preferências para o repositório. Embora esta seja uma solução rápida, para repositórios com mais de um colaborador é melhor definir explicitamente as dependências e versões para ignorar no arquivo de configuração. Isso facilita que todos os colaboradores vejam por que uma determinada dependência não está sendo atualizada automaticamente. Para obter mais informações, consulte "[Opções de configuração para atualizações de dependências](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)". +Se você executar algum comando para ignorar dependências ou versões, o {% data variables.product.prodname_dependabot %} armazena centralmente as preferências para o repositório. Embora esta seja uma solução rápida, para repositórios com mais de um colaborador é melhor definir explicitamente as dependências e versões para ignorar no arquivo de configuração. Isso facilita que todos os colaboradores vejam por que uma determinada dependência não está sendo atualizada automaticamente. Para obter mais informações, consulte "[Opções de configuração para o arquivo dependabot.yml](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)". diff --git a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md similarity index 91% rename from translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md rename to translations/pt-BR/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md index 2fd57be3ac..20b20c325c 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md +++ b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md @@ -6,6 +6,7 @@ redirect_from: - /github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors - /github/managing-security-vulnerabilities/troubleshooting-dependabot-errors - /code-security/supply-chain-security/troubleshooting-dependabot-errors + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors versions: fpt: '*' ghec: '*' @@ -76,7 +77,7 @@ Pull requests para atualizações de segurança atuam para atualizar uma depend Cada aplicativo com dependências tem um gráfico de dependências, ou seja, um gráfico direcionado acíclico de cada versão de pacote da qual o aplicativo depende direta ou indiretamente. Toda vez que uma dependência é atualizada, este gráfico deve ser resolvido. Caso contrário, o aplicativo não será criado. Quando um ecossistema tem um gráfico de dependência profundo e complexo, por exemplo, npm e RubyGems, geralmente é impossível atualizar uma única dependência sem atualizar todo o ecossistema. -A melhor maneira de evitar esse problema é manter-se atualizado com as versões mais recentes, habilitando, por exemplo, as atualizações de versões. Isso aumenta a probabilidade de que uma vulnerabilidade em uma dependência possa ser resolvida por meio de uma atualização simples que não afete o gráfico de dependência. Para obter mais informações, consulte "[Habilitando e desabilitando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)". +A melhor maneira de evitar esse problema é manter-se atualizado com as versões mais recentes, habilitando, por exemplo, as atualizações de versões. Isso aumenta a probabilidade de que uma vulnerabilidade em uma dependência possa ser resolvida por meio de uma atualização simples que não afete o gráfico de dependência. Para obter mais informações, consulte "[Configurando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)". ### {% data variables.product.prodname_dependabot %} não consegue atualizar para a versão necessária, pois já existe um pull request aberto para a última versão @@ -90,13 +91,13 @@ Existem duas opções: você pode revisar o pull request aberto e fazer o merge Este erro é difícil de ser corrigido. Se a atualização de uma versão expirar, você poderá especificar as dependências mais importantes para atualizar usando o parâmetro `permitir` ou, como alternativa, você pode usar o parâmetro `ignorar` para excluir algumas dependências de atualizações. Atualizar sua configuração pode permitir que {% data variables.product.prodname_dependabot %} revise a atualização da versão e gere o pull request no tempo disponível. -Se uma atualização de segurança expirar, você pode reduzir as chances de isso acontecer mantendo as dependências atualizadas, por exemplo, habilitando atualizações de versão. Para obter mais informações, consulte "[Habilitando e desabilitando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)". +Se uma atualização de segurança expirar, você pode reduzir as chances de isso acontecer mantendo as dependências atualizadas, por exemplo, habilitando atualizações de versão. Para obter mais informações, consulte "[Configurando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)". ### {% data variables.product.prodname_dependabot %} não consegue abrir mais nenhum pull request Há um limite no número de pull requests abertos que {% data variables.product.prodname_dependabot %} irá gerar. Quando este limite é atingido, nenhum pull request novo será aberto e este erro será relatado. A melhor maneira de resolver este erro é revisar e fazer merge alguns dos pull requests abertos. -Existem limites separados para solicitações de atualização de versões e segurança, para que os pull requests de atualização de versão aberta não possam bloquear a criação de uma solicitação de atualização de segurança. O limite para pull requests de atualização de segurança é 10. Por padrão, o limite para atualizações de versão é 5, mas você pode alterá-lo usando o parâmetro `open-pull-requests-limit` no arquivo de configuração. Para obter mais informações, consulte "[Opções de configuração para atualizações de dependências](/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit)". +Existem limites separados para solicitações de atualização de versões e segurança, para que os pull requests de atualização de versão aberta não possam bloquear a criação de uma solicitação de atualização de segurança. O limite para pull requests de atualização de segurança é 10. Por padrão, o limite para atualizações de versão é 5, mas você pode alterá-lo usando o parâmetro `open-pull-requests-limit` no arquivo de configuração. Para obter mais informações, consulte "[Opções de configuração para o arquivo dependabot.yml](/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit)". A melhor maneira de resolver este erro é fazer o merge ou fechar alguns dos pull requests existentes e acionar um novo pull request manualmente. Para obter mais informações, consulte "[Acionar um pull request de {% data variables.product.prodname_dependabot %} manualmente](#triggering-a-dependabot-pull-request-manually)". @@ -121,3 +122,8 @@ Se você desbloquear {% data variables.product.prodname_dependabot %}, você pod - **Atualizações de segurança**—exibe o alerta de {% data variables.product.prodname_dependabot %}, que mostra o erro que você corrigiu e clique em **Criar atualização de segurança de {% data variables.product.prodname_dependabot %}**. - **Atualização de versão**—na aba **Insights** do repositório, clique no **Gráfico de dependência** e, em seguida, clique na aba **Dependabot**. Clique em **Última verificação*há* hora** para ver o arquivo de registro que {% data variables.product.prodname_dependabot %} gerou durante a última verificação de atualizações de versão. Clique em **Verificar atualizações**. + +## Leia mais + +- "[Solucionando problemas do gráfico de dependências](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)" +- "[Solução de problemas na detecção de dependências vulneráveis](/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies)" diff --git a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md similarity index 68% rename from translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md rename to translations/pt-BR/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md index 0a8f3f1809..d9dc0f05af 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md +++ b/translations/pt-BR/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md @@ -1,10 +1,11 @@ --- title: Solução de problemas de detecção de dependências vulneráveis intro: 'Se as informações sobre dependências relatadas por {% data variables.product.product_name %} não são o que você esperava, há uma série de pontos a considerar, e várias coisas que você pode verificar.' -shortTitle: Detecção de solução de problemas +shortTitle: Solução de problemas de vulnerabilidade redirect_from: - /github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies - /code-security/supply-chain-security/troubleshooting-the-detection-of-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies versions: fpt: '*' ghes: '*' @@ -19,26 +20,31 @@ topics: - Security updates - Dependencies - Vulnerabilities - - Dependency graph - - Alerts - CVEs - Repositories --- {% data reusables.dependabot.beta-security-and-version-updates %} - -Os resultados da detecção de dependências relatados pelo {% data variables.product.product_name %} podem ser diferentes dos resultados retornados por outras ferramentas. Existem boas razões para isso e é útil entender como {% data variables.product.prodname_dotcom %} determina as dependências para o seu projeto. +{% data reusables.dependabot.result-discrepancy %} ## Por que algumas dependências parecem estar faltando? O {% data variables.product.prodname_dotcom %} gera e exibe dados de dependência de maneira diferente de outras ferramentas. Consequentemente, se você usou outra ferramenta para identificar dependências, quase certamente verá resultados diferentes. Considere o seguinte: * {% data variables.product.prodname_advisory_database %} é uma das fontes de dados que {% data variables.product.prodname_dotcom %} usa para identificar dependências vulneráveis. É um banco de dados gratuito e curado com informações sobre vulnerabilidade para ecossistemas de pacote comum em {% data variables.product.prodname_dotcom %}. Inclui tanto dados relatados diretamente para {% data variables.product.prodname_dotcom %} de {% data variables.product.prodname_security_advisories %} quanto os feeds oficiais e as fontes comunitárias. Estes dados são revisados e curados por {% data variables.product.prodname_dotcom %} para garantir que informações falsas ou não acionáveis não sejam compartilhadas com a comunidade de desenvolvimento. {% data reusables.security-advisory.link-browsing-advisory-db %} -* O gráfico de dependências analisa todos os arquivos conhecidos de manifesto de pacote no repositório de um usuário. Por exemplo, para o npm, ele irá analisar o arquivo _package-lock.json_. Ele constrói um gráfico de todas as dependências do repositório e dependências públicas. Isso acontece quando você habilita o gráfico de dependências e quando alguém faz push para o branch-padrão, e inclui commits que fazem alterações em um formato de manifesto compatível. Para obter mais informações, consulte "[Sobre o gráfico de dependência](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)". -* {% data variables.product.prodname_dependabot %} verifica qualquer push, para o branch-padrão, que contém um arquivo de manifesto. Quando um novo registro de vulnerabilidade é adicionado, ele verifica todos os repositórios existentes e gera um alerta para cada repositório vulnerável. {% data variables.product.prodname_dependabot_alerts %} são agregados ao nível do repositório, em vez de criar um alerta por vulnerabilidade. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" +* O gráfico de dependências analisa todos os arquivos conhecidos de manifesto de pacote no repositório de um usuário. Por exemplo, para o npm, ele irá analisar o arquivo _package-lock.json_. Ele constrói um gráfico de todas as dependências do repositório e dependências públicas. Isso acontece quando você habilita o gráfico de dependências e quando alguém faz push para o branch-padrão, e inclui commits que fazem alterações em um formato de manifesto compatível. Para obter mais informações, consulte "[Sobre o gráfico de dependências](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" e "[Solucionando problemas no gráfico de dependências](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)". +* {% data variables.product.prodname_dependabot %} verifica qualquer push, para o branch-padrão, que contém um arquivo de manifesto. Quando um novo registro de vulnerabilidade é adicionado, ele verifica todos os repositórios existentes e gera um alerta para cada repositório vulnerável. {% data variables.product.prodname_dependabot_alerts %} são agregados ao nível do repositório, em vez de criar um alerta por vulnerabilidade. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)". * {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} são acionados quando você recebe um alerta sobre uma dependência vulnerável no repositório. Sempre que possível, {% data variables.product.prodname_dependabot %} cria um pull request no repositório para atualizar a dependência vulnerável à versão mínima segura necessária para evitar a vulnerabilidade. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" e "[Solução de problemas de {% data variables.product.prodname_dependabot %}](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)". - {% endif %}{% data variables.product.prodname_dependabot %} não pesquisa repositórios com relação a dependências vulneráveis de uma programação, mas o faz quando algo muda. Por exemplo, aciona-se uma varredura quando uma nova dependência é adicionada ({% data variables.product.prodname_dotcom %} verifica isso em cada push), ou quando uma nova vulnerabilidade é adicionada ao banco de dados da consultoria{% ifversion ghes or ghae-issue-4864 %} e sincronizado com {% data variables.product.product_location %}{% endif %}. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)" + {% endif %}{% data variables.product.prodname_dependabot %} não pesquisa repositórios com relação a dependências vulneráveis de uma programação, mas o faz quando algo muda. Por exemplo, aciona-se uma varredura quando uma nova dependência é adicionada ({% data variables.product.prodname_dotcom %} verifica isso em cada push), ou quando uma nova vulnerabilidade é adicionada ao banco de dados da consultoria{% ifversion ghes or ghae-issue-4864 %} e sincronizado com {% data variables.product.product_location %}{% endif %}. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)". + +## {% data variables.product.prodname_dependabot_alerts %} só está relacionado a dependências vulneráveis nos manifestos e arquivos de bloqueio? + +Os {% data variables.product.prodname_dependabot_alerts %} aconselham você com relação a dependências que você deve atualizar, incluindo dependências transitivas, em que a versão pode ser determinada a partir de um manifesto ou de um arquivo de bloqueio. {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} sugere apenas uma mudança em que {% data variables.product.prodname_dependabot %} pode "corrigir" diretamente a dependência, ou seja, quando são: +* Dependências diretas, que são definidas explicitamente em um manifesto ou arquivo de bloqueio +* Dependências transitórias declaradas em um arquivo de bloqueio{% endif %} + +**Verifique**: A vulnerabilidade não detectada para um componente não especificado no manifesto ou no arquivo de bloqueio do repositório? ## Por que não recebo alertas de vulnerabilidade em alguns ecossistemas? @@ -48,44 +54,6 @@ Vale a pena observar que as consultorias de segurança de {% data variables.prod **Verificar**: A vulnerabilidade não capturada se aplica a um ecossistema não suportado? -## O gráfico de dependências só encontra dependências nos manifestos e nos arquivos de bloquei? - -O gráfico de dependências inclui informações sobre dependências explicitamente declaradas em seu ambiente. Ou seja, dependências que são especificadas em um manifesto ou um arquivo de bloqueio. O gráfico de dependências, geralmente, também inclui dependências transitivas, mesmo quando não são especificadas em um arquivo de travamento analisando as dependências das dependências em um arquivo de manifesto. - -Os {% data variables.product.prodname_dependabot_alerts %} aconselham você com relação a dependências que você deve atualizar, incluindo dependências transitivas, em que a versão pode ser determinada a partir de um manifesto ou de um arquivo de bloqueio. {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} sugere apenas uma mudança em que {% data variables.product.prodname_dependabot %} pode "corrigir" diretamente a dependência, ou seja, quando são: -* Dependências diretas, que são definidas explicitamente em um manifesto ou arquivo de bloqueio -* Dependências transitórias declaradas em um arquivo de bloqueio{% endif %} - -O gráfico de dependências não inclui dependências de "soltas". Dependências "soltas" são arquivos individuais copiados de outra fonte e verificados no repositório diretamente ou dentro de um arquivo (como um arquivo ZIP ou JAR), em vez de ser referenciadas pelo manifesto ou arquivo de bloqueio do gerenciador de pacotes. - -**Verifique**: A vulnerabilidade não detectada para um componente não especificado no manifesto ou no arquivo de bloqueio do repositório? - -## O gráfico de dependências detecta dependências especificadas usando variáveis? - -O gráfico de dependências analisa como são carregados para {% data variables.product.prodname_dotcom %}. O gráfico de dependência não tem acesso ao ambiente de construção do projeto. Portanto, ele não pode resolver variáveis usadas dentro dos manifestos. Se você usar variáveis dentro de um manifesto para especificar o nome, ou mais comumente, a versão de uma dependência, essa dependência não será incluída no gráfico de dependências. - -**Verifique**: A dependência ausente é declarada no manifesto usando uma variável para seu nome ou versão? - -## Existem limites que afetam os dados do gráfico de dependências? - -Sim, o gráfico de dependências tem duas categorias de limites: - -1. **Limites de processamento** - - Eles afetam o gráfico de dependências exibido dentro de {% data variables.product.prodname_dotcom %} e também impedem que sejam criados {% data variables.product.prodname_dependabot_alerts %}. - - Manifestos com tamanho superior a 0.5 MB são processados apenas para contas corporativas. Para outras contas, manifestos acima de 0,5 MB são ignorados e não criarão {% data variables.product.prodname_dependabot_alerts %}. - - Por padrão, o {% data variables.product.prodname_dotcom %} não processará mais de 20 manifestos por repositório. {% data variables.product.prodname_dependabot_alerts %} não foi criado para manifestos acima deste limite. Se você precisar aumentar o limite, entre em contato com {% data variables.contact.contact_support %}. - -2. **Limites de visualização** - - Eles afetam o que é exibido no gráfico de dependências dentro de {% data variables.product.prodname_dotcom %}. No entanto, eles não afetam {% data variables.product.prodname_dependabot_alerts %} que foram criados. - - A exibição de dependências do gráfico de dependências em um repositório só exibe 100 manifestos. De modo geral, isso é adequado, já que é significativamente maior do que o limite de processamento descrito acima. Em situações em que o limite de processamento é superior a 100, os {% data variables.product.prodname_dependabot_alerts %} são criados para quaisquer manifestos que não são mostrados dentro de {% data variables.product.prodname_dotcom %}. - -**Verifique**: A dependência que falta está em um arquivo de manifesto superior a 0,5 MB ou em um repositório com um grande número de manifestos? - ## O {% data variables.product.prodname_dependabot %} gera alertas de vulnerabilidades que são conhecidas há muitos anos? O {% data variables.product.prodname_advisory_database %} foi lançado em novembro de 2019 e preencheu, inicialmente, a inclusão de informações de vulnerabilidade para os ecossistemas compatíveis a partir de 2017. Ao adicionar CVEs ao banco de dados, priorizamos a curadoria de CVEs mais recentes e CVEs que afetam versões mais recentes do software. @@ -118,7 +86,8 @@ A contagem de {% data variables.product.prodname_dependabot_alerts %} em {% data ## Leia mais -- "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" -- "[Visualizar e atualizar dependências vulneráveis no seu repositório](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" -- "[Gerenciar as configurações de segurança e análise do repositório](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" +- "[Visualizando {% data variables.product.prodname_dependabot_alerts %} para dependências vulneráveis](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Gerenciar as configurações de segurança e análise para o seu repositório](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" +- "[Solucionando problemas do gráfico de dependências](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)"{% ifversion fpt or ghec or ghes > 3.2 %} - "[Solucionar problemas de {% data variables.product.prodname_dependabot %}](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"{% endif %} diff --git a/translations/pt-BR/content/code-security/getting-started/github-security-features.md b/translations/pt-BR/content/code-security/getting-started/github-security-features.md index 6ab7f8f602..6c4d6c538f 100644 --- a/translations/pt-BR/content/code-security/getting-started/github-security-features.md +++ b/translations/pt-BR/content/code-security/getting-started/github-security-features.md @@ -37,7 +37,7 @@ Discute em particular e corrige vulnerabilidades de segurança no código do seu ### {% data variables.product.prodname_dependabot_alerts %} e atualizações de segurança -Ver alertas sobre dependências conhecidas por conter vulnerabilidades de segurança e escolher se deseja gerar pull requests para atualizar essas dependências automaticamente. Para obter mais informações, consulte "[Sobre alertas de dependências vulneráveis](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies) e "[Sobre {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)". +Ver alertas sobre dependências conhecidas por conter vulnerabilidades de segurança e escolher se deseja gerar pull requests para atualizar essas dependências automaticamente. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" e "[Sobre {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)". {% endif %} {% ifversion ghes < 3.3 or ghae-issue-4864 %} @@ -45,7 +45,7 @@ Ver alertas sobre dependências conhecidas por conter vulnerabilidades de segura {% data reusables.dependabot.dependabot-alerts-beta %} -Exibir alertas sobre dependências conhecidas por conter vulnerabilidades de segurança e gerenciar esses alertas. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" +Exibir alertas sobre dependências conhecidas por conter vulnerabilidades de segurança e gerenciar esses alertas. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". {% endif %} {% ifversion fpt or ghec or ghes > 3.2 %} diff --git a/translations/pt-BR/content/code-security/getting-started/securing-your-organization.md b/translations/pt-BR/content/code-security/getting-started/securing-your-organization.md index e8a9671f16..9938941aa8 100644 --- a/translations/pt-BR/content/code-security/getting-started/securing-your-organization.md +++ b/translations/pt-BR/content/code-security/getting-started/securing-your-organization.md @@ -48,7 +48,7 @@ Você pode criar uma política de segurança padrão que será exibida em qualqu {% data reusables.dependabot.dependabot-alerts-beta %} {% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} -Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)," "[Explorar as dependências de um repositório](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository) e "[Gerenciar configurações de segurança e análise para sua organização](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)". +Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" "[Explorando as dependências de um repositório](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)" e "[Gerenciando as configurações de segurança e análise da sua organização](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)". {% endif %} {% ifversion fpt or ghes > 3.1 or ghae-issue-4864 or ghec %} @@ -79,7 +79,7 @@ Para obter mais informações, consulte "[Sobre {% data variables.product.prodna Você pode habilitar {% data variables.product.prodname_dependabot %} para aumentar automaticamente os pull requests para manter suas dependências atualizadas. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/about-dependabot-version-updates)". -Para habilitar {% data variables.product.prodname_dependabot_version_updates %}, você deve criar um arquivo de configuração *dependabot.yml*. Para obter mais informações, consulte "[Habilitando e desabilitando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)". +Para habilitar {% data variables.product.prodname_dependabot_version_updates %}, você deve criar um arquivo de configuração *dependabot.yml*. Para obter mais informações, consulte "[Configurando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)". {% endif %} @@ -135,7 +135,7 @@ Para obter mais informações, consulte "[Gerenciar configurações de seguranç ## Próximas etapas {% ifversion fpt or ghes > 3.1 or ghec %}Você pode visualizar, filtrar e organizar alertas de segurança em repositórios pertencentes à sua organização na visão geral de segurança. Para obter mais informações, consulte "[Sobre a visão geral de segurança](/code-security/security-overview/about-the-security-overview)".{% endif %} -Você pode visualizar e gerenciar alertas de funcionalidades de segurança para resolver dependências e vulnerabilidades no seu código. Para obter mais informações, consulte {% ifversion fpt or ghes or ghec %} "[Visualizar e atualizar as dependências vulneráveis no seu repositório](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Gerenciar pull requests para atualizações de dependência](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Gernciar {% data variables.product.prodname_code_scanning %} para o seu repositório](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," e "[Gerenciar alertas de {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." +Você pode visualizar e gerenciar alertas de funcionalidades de segurança para resolver dependências e vulnerabilidades no seu código. Para obter mais informações, consulte {% ifversion fpt or ghes or ghec %} "[Visualizando {% data variables.product.prodname_dependabot_alerts %} para dependências vulneráveis](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Gerenciando pull requests para atualizações de dependências](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates), {% endif %}"[Gerenciando {% data variables.product.prodname_code_scanning %} para o seu repositório](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)" e "[Gerenciando alertas de {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." {% ifversion fpt or ghec %}Se você tiver uma vulnerabilidade de segurança, você poderá criar uma consultoria de segurança para discutir em privado e corrigir a vulnerabilidade. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" e " "[Criar uma consultoria de segurança](/code-security/security-advisories/creating-a-security-advisory)". {% endif %} diff --git a/translations/pt-BR/content/code-security/getting-started/securing-your-repository.md b/translations/pt-BR/content/code-security/getting-started/securing-your-repository.md index f60cff5d8e..dfe6eed7c5 100644 --- a/translations/pt-BR/content/code-security/getting-started/securing-your-repository.md +++ b/translations/pt-BR/content/code-security/getting-started/securing-your-repository.md @@ -75,7 +75,7 @@ Para obter mais informações, consulte "[Explorar as dependências de um reposi {% data reusables.dependabot.dependabot-alerts-beta %} {% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} -Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt or ghec %}" e[Gerenciar as configurações de segurança e análise da sua conta de usuário](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account){% endif %}." +Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt or ghec %}" e "[Gerenciando configurações de segurança e análise da sua conta de usuário](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account){% endif %}". {% endif %} @@ -111,7 +111,7 @@ Para obter mais informações, consulte "[Sobre {% data variables.product.prodna Você pode habilitar {% data variables.product.prodname_dependabot %} para aumentar automaticamente os pull requests para manter suas dependências atualizadas. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/about-dependabot-version-updates)". -Para habilitar {% data variables.product.prodname_dependabot_version_updates %}, você deve criar um arquivo de configuração *dependabot.yml*. Para obter mais informações, consulte "[Habilitando e desabilitando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)". +Para habilitar {% data variables.product.prodname_dependabot_version_updates %}, você deve criar um arquivo de configuração *dependabot.yml*. Para obter mais informações, consulte "[Configurando as atualizações da versão de {% data variables.product.prodname_dependabot %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)". {% endif %} @@ -132,7 +132,7 @@ Você pode configurar {% data variables.product.prodname_code_scanning %} para i {% endif %} ## Próximas etapas -Você pode visualizar e gerenciar alertas de funcionalidades de segurança para resolver dependências e vulnerabilidades no seu código. Para obter mais informações, consulte {% ifversion fpt or ghes or ghec %} "[Visualizar e atualizar as dependências vulneráveis no seu repositório](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Gerenciar pull requests para atualizações de dependência](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Gernciar {% data variables.product.prodname_code_scanning %} para o seu repositório](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," e "[Gerenciar alertas de {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." +Você pode visualizar e gerenciar alertas de funcionalidades de segurança para resolver dependências e vulnerabilidades no seu código. Para obter mais informações, consulte {% ifversion fpt or ghes or ghec %} "[Visualizando {% data variables.product.prodname_dependabot_alerts %} para dependências vulneráveis](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Gerenciando pull requests para atualizações de dependências](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates), {% endif %}"[Gerenciando {% data variables.product.prodname_code_scanning %} para o seu repositório](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)" e "[Gerenciando alertas de {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." {% ifversion fpt or ghec %}Se você tiver uma vulnerabilidade de segurança, você poderá criar uma consultoria de segurança para discutir em privado e corrigir a vulnerabilidade. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" e " "[Criar uma consultoria de segurança](/code-security/security-advisories/creating-a-security-advisory)". {% endif %} diff --git a/translations/pt-BR/content/code-security/guides.md b/translations/pt-BR/content/code-security/guides.md index 44bdfbb5d3..a45a3085d7 100644 --- a/translations/pt-BR/content/code-security/guides.md +++ b/translations/pt-BR/content/code-security/guides.md @@ -18,6 +18,7 @@ learningTracks: - code_security_actions - code_security_ci - code_security_integration + - end_to_end_supply_chain includeGuides: - /code-security/getting-started/adding-a-security-policy-to-your-repository - /code-security/getting-started/github-security-features @@ -74,7 +75,6 @@ includeGuides: - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates diff --git a/translations/pt-BR/content/code-security/index.md b/translations/pt-BR/content/code-security/index.md index fcfa6ea933..66b325c347 100644 --- a/translations/pt-BR/content/code-security/index.md +++ b/translations/pt-BR/content/code-security/index.md @@ -19,6 +19,7 @@ featuredLinks: - '{% ifversion ghes < 3.3 or ghae %}/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories{% endif %}' - '{% ifversion ghae %}/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github{% endif %}' - '{% ifversion ghae %}/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system{% endif %}' + - /code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview popular: - '{% ifversion ghes %}/admin/release-notes{% endif %}' - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies @@ -53,6 +54,7 @@ children: - /code-scanning - /repository-security-advisories - /supply-chain-security + - /dependabot - /security-overview - /guides --- diff --git a/translations/pt-BR/content/code-security/secret-scanning/about-secret-scanning.md b/translations/pt-BR/content/code-security/secret-scanning/about-secret-scanning.md index 884e8b3e26..9549eaaae2 100644 --- a/translations/pt-BR/content/code-security/secret-scanning/about-secret-scanning.md +++ b/translations/pt-BR/content/code-security/secret-scanning/about-secret-scanning.md @@ -31,9 +31,9 @@ If your project communicates with an external service, you might use a token or {% ifversion fpt or ghec %} {% data variables.product.prodname_secret_scanning_caps %} is available on {% data variables.product.prodname_dotcom_the_website %} in two forms: -1. **{% data variables.product.prodname_secret_scanning_partner_caps %}.** Runs automatically on all public repositories. Any strings that match patterns that were provided by secret scanning partners are reported directly to the relvant partner. +1. **{% data variables.product.prodname_secret_scanning_partner_caps %}.** Runs automatically on all public repositories. Any strings that match patterns that were provided by secret scanning partners are reported directly to the relevant partner. -2. **{% data variables.product.prodname_secret_scanning_GHAS_caps %}.** You can enable and configure additional scanning for repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. Any strings that match patterns provided by secret scannng partners, by other service providers, or defined by your organization are reported as alerts in the "Security" tab of repositories. If a string in a public repository matches a partner pattern, it is also reported to the partner. +2. **{% data variables.product.prodname_secret_scanning_GHAS_caps %}.** You can enable and configure additional scanning for repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. Any strings that match patterns provided by secret scanning partners, by other service providers, or defined by your organization, are reported as alerts in the "Security" tab of repositories. If a string in a public repository matches a partner pattern, it is also reported to the partner. {% endif %} Service providers can partner with {% data variables.product.company_short %} to provide their secret formats for scanning. {% data reusables.secret-scanning.partner-program-link %} @@ -48,11 +48,12 @@ You cannot change the configuration of {% data variables.product.prodname_secret {% ifversion fpt %} {% note %} -**Note:** Organizations using {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_GH_advanced_security %} can also enable {% data variables.product.prodname_secret_scanning_GHAS %} on any repository they own, including private repositories. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/secret-security/about-secret-scanning#about-secret-scanning-for-advanced-security). +{% data reusables.secret-scanning.fpt-GHAS-scans %} {% endnote %} {% endif %} + {% endif %} {% ifversion not fpt %} diff --git a/translations/pt-BR/content/code-security/security-overview/about-the-security-overview.md b/translations/pt-BR/content/code-security/security-overview/about-the-security-overview.md index 0b94ea4993..3eb4d98fb4 100644 --- a/translations/pt-BR/content/code-security/security-overview/about-the-security-overview.md +++ b/translations/pt-BR/content/code-security/security-overview/about-the-security-overview.md @@ -26,9 +26,9 @@ shortTitle: Sobre a visão geral de segurança ## Sobre a visão geral de segurança -Você pode usar a visão geral de segurança para uma visão de alto nível do status de segurança da sua organização ou para identificar repositórios problemáticos que exigem intervenção. É possível visualizar as informações de segurança de tipo agregado ou específico do repositório na visão geral de segurança. You can also use the security overview to see which security features are enabled for your repositories and to configure any available security features that are not currently in use. +Você pode usar a visão geral de segurança para uma visão de alto nível do status de segurança da sua organização ou para identificar repositórios problemáticos que exigem intervenção. É possível visualizar as informações de segurança de tipo agregado ou específico do repositório na visão geral de segurança. Você também pode usar a visão geral de segurança para ver quais funcionalidades de segurança são habilitadas para os repositórios e para configurar quaisquer funcionalidades de segurança disponíveis que não estão em uso atualmente. -A visão geral de segurança indica se {% ifversion fpt or ghes > 3.1 or ghec %}os recursos de segurança{% endif %}{% ifversion ghae %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} estão habilitados para os repositórios pertencentes à sua organização e consolida os alertas para cada recurso.{% ifversion fpt or ghes > 3.1 or ghec %} As funcionalidades de segurança incluem funcionalidaes de {% data variables.product.prodname_GH_advanced_security %} como, por exemplo, {% data variables.product.prodname_code_scanning %} e {% data variables.product.prodname_secret_scanning %}, bem como {% data variables.product.prodname_dependabot_alerts %}.{% endif %} Para obter mais informações sobre as funcionalidades de {% data variables.product.prodname_GH_advanced_security %} conuslte "[Sobre {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)."{% ifversion fpt or ghes > 3.1 or ghec %} Para obter mais informações sobre {% data variables.product.prodname_dependabot_alerts %}, consulte "[Sobre alertas para dependências de vulnerabilidade](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)."{% endif %} +A visão geral de segurança indica se {% ifversion fpt or ghes > 3.1 or ghec %}os recursos de segurança{% endif %}{% ifversion ghae %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} estão habilitados para os repositórios pertencentes à sua organização e consolida os alertas para cada recurso.{% ifversion fpt or ghes > 3.1 or ghec %} As funcionalidades de segurança incluem funcionalidaes de {% data variables.product.prodname_GH_advanced_security %} como, por exemplo, {% data variables.product.prodname_code_scanning %} e {% data variables.product.prodname_secret_scanning %}, bem como {% data variables.product.prodname_dependabot_alerts %}.{% endif %} Para obter mais informações sobre as funcionalidades de {% data variables.product.prodname_GH_advanced_security %} conuslte "[Sobre {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)."{% ifversion fpt or ghes > 3.1 or ghec %} Para obter mais informações sobre {% data variables.product.prodname_dependabot_alerts %}, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)."{% endif %} Para obter mais informações sobre como proteger seu código nos níveis do repositório e da organização, consulte "[Protegendo seu repositório](/code-security/getting-started/securing-your-repository)" e "[Protegendo sua organização](/code-security/getting-started/securing-your-organization)". @@ -50,13 +50,13 @@ Para cada repositório na visão de segurança, você verá ícones para cada ti ![Ícones na visão geral de segurança](/assets/images/help/organizations/security-overview-icons.png) -| Ícone | Significado | -| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| {% octicon "code-square" aria-label="Code scanning alerts" %} | Alertas de {% data variables.product.prodname_code_scanning_capc %}. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/about-code-scanning) | -| {% octicon "key" aria-label="Secret scanning alerts" %} | Alertas de {% data variables.product.prodname_secret_scanning_caps %}. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/about-secret-scanning) | -| {% octicon "hubot" aria-label="Dependabot alerts" %} | {% data variables.product.prodname_dependabot_alerts %}. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" | -| {% octicon "check" aria-label="Check" %} | O recurso de segurança está habilitado, mas não envia alertas neste repositório. | -| {% octicon "x" aria-label="x" %} | O recurso de segurança não é compatível com este repositório. | +| Ícone | Significado | +| ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| {% octicon "code-square" aria-label="Code scanning alerts" %} | Alertas de {% data variables.product.prodname_code_scanning_capc %}. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/about-code-scanning) | +| {% octicon "key" aria-label="Secret scanning alerts" %} | Alertas de {% data variables.product.prodname_secret_scanning_caps %}. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/about-secret-scanning) | +| {% octicon "hubot" aria-label="Dependabot alerts" %} | {% data variables.product.prodname_dependabot_alerts %}. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)". | +| {% octicon "check" aria-label="Check" %} | O recurso de segurança está habilitado, mas não envia alertas neste repositório. | +| {% octicon "x" aria-label="x" %} | O recurso de segurança não é compatível com este repositório. | A visão geral de segurança exibe alertas ativos criados por funcionalidades de segurança. Se não houver alertas na visão geral de segurança de um repositório, as vulnerabilidades de segurança não detectadas ou erros de código ainda poderão existir. diff --git a/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md b/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md new file mode 100644 index 0000000000..a46fa05837 --- /dev/null +++ b/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md @@ -0,0 +1,38 @@ +--- +title: Protegendo sua cadeia de suprimentos de ponta a ponta +shortTitle: Visão Geral +allowTitleToDifferFromFilename: true +intro: 'Introduzindo os melhores guias práticos sobre segurança completa da cadeia de suprimentos, incluindo contas pessoais, código e processos de criação.' +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Organizations + - Teams + - Dependencies + - Advanced Security +--- + +## Qual é a cadeia de suprimentos de ponta a ponta? + +Basicamente, a segurança de abastecimento de software de ponta a ponta consiste em garantir que o código que você distribui não tenha sido adulterado. Anteriormente, os invasores focaram em direcionar as dependências que você usa, por exemplo, bibliotecas e estruturas. Os invasores agora expandiram o seu foco para incluir as contas de usuários direcionadas e criar processos. Portanto, esses sistemas também devem ser defendidos. + +## Sobre estes guias + +Esta série de guias explica como pensar em proteger sua cadeia de suprimentos de ponta a ponta: conta pessoal, código e processos de criação. Cada guia explica o risco para essa área e introduz as funcionalidades de {% data variables.product.product_name %} que podem ajudar você a resolver esse risco. + +As necessidades de todos são diferentes, portanto, cada guia começa com as mudanças de maior impacto e continua com melhorias adicionais que você deve considerar. Você deve sentir-se à vontade para pular e se concentrar nas melhorias que você considera que terão o maior benefício. O objetivo não é fazer tudo de uma só vez, mas melhorar continuamente a segurança em seus sistemas ao longo do tempo. + +- "[as Práticas recomendadas para proteger as contas](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)" + +- "[Práticas recomendadas para proteger o código na sua cadeia de suprimentos](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)" + +- "[Práticas recomendadas para proteger seu sistema de construção](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)" + +## Leia mais + +- [Salvaguardando a integridade do artefato em qualquer cadeia de suprimentos de software](https://slsa.dev/) +- [Modelo de Integridade da Cadeia de Suprimentos Microsoft](https://github.com/microsoft/scim) +- [Cadeia de Suprimentos de Software - Grupo Consultivo Técnico de Segurança CNCF](https://github.com/cncf/tag-security/blob/main/supply-chain-security/supply-chain-security-paper/CNCF_SSCP_v1.pdf) diff --git a/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md b/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md new file mode 100644 index 0000000000..f043886118 --- /dev/null +++ b/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md @@ -0,0 +1,20 @@ +--- +title: Cadeia de suprimentos de ponta a ponta +intro: 'Como pensar em proteger suas contas de usuário, seu código e seu processo de criação' +versions: + fpt: '*' + ghec: '*' + ghes: '*' +topics: + - Security overview + - Organizations + - Teams + - Dependencies + - Advanced Security +children: + - /end-to-end-supply-chain-overview + - /securing-accounts + - /securing-code + - /securing-builds +--- + diff --git a/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md b/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md new file mode 100644 index 0000000000..dcc3c2c7d1 --- /dev/null +++ b/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md @@ -0,0 +1,137 @@ +--- +title: Melhores práticas para proteger contas +shortTitle: Protegendo contas +allowTitleToDifferFromFilename: true +intro: Orientação sobre como proteger as contas com acesso à cadeia de suprimentos de software. +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Organizations + - Teams + - SSH + - Security + - Accounts +--- + +## Sobre este guia + +Este guia descreve as mudanças de maior impacto que você pode fazer para aumentar a segurança da conta. Cada seção descreve uma alteração que você pode fazer em seus processos para melhorar a segurança. As mudanças de maior impacto estão listadas primeiro. + +## Qual o risco? + +A segurança da conta é fundamental para a segurança da sua cadeia de suprimento. Se um invasor conseguir tomar a sua conta em {% data variables.product.product_name %}, ele poderá fazer alterações maliciosas no seu código ou no processo de compilação. Dessa forma, seu primeiro objetivo deve ser dificultar que alguém tome a sua conta e as contas de outros usuários de {% ifversion ghes %}{% else %}integrantes{% endif %} da {% ifversion fpt %}sua organização{% elsif ghec or ghae %}sua organização ou empresa{% elsif ghes %}{% data variables.product.product_location %}{% endif %}. + +{% ifversion ghec or ghes %} +## Centralizar autenticação +{% endif %} + +{% ifversion ghec %} +Se você é proprietário de uma empresa ou organização, você pode configurar a autenticação centralizada com SAML. Embora você possa adicionar ou remover integrantes manualmente, é mais simples e mais seguro configurar um logon único (SSO) e SCIM entre {% data variables.product.product_name %} e seu provedor de identidade (IdP) SAML. Isso também simplifica o processo de autenticação para todos os integrantes da sua empresa. + +Você pode configurar a autenticação SAML para uma conta corporativa ou da organização. Com o SAML, você pode conceder acesso às contas pessoais dos integrantes da sua empresa ou organização no {% data variables.product.product_location %} por meio do seu IdP, ou você pode criar e controlar as contas que pertencem à sua empresa usando {% data variables.product.prodname_emus %}. Para obter mais informações, consulte "[Sobre identidade e gerenciamento de acesso com o logon único SAML](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)". + +Depois de configurar a autenticação do SAML, quando os integrantes solicitarem acesso aos seus recursos, eles serão direcionados para o seu fluxo de SSO para garantir que sejam reconhecidos pelo seu IdP. Se não forem reconhecidos, o seu pedido será recusado. + +Alguns IdPs são compatíveis com um protocolo denominado SCIM, que pode prover ou desprovisionar automaticamente o acesso em {% data variables.product.product_name %} quando você fizer alterações no seu IdP. Com o SCIM, você pode simplificar a administração à medida que a sua equipe cresce, e você pode revogar rapidamente o acesso às contas. O SCIM está disponível para organizações individuais em {% data variables.product.product_name %}, ou para empresas que usam {% data variables.product.prodname_emus %}. Para obter mais informações, consulte "[Sobre o SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)". +{% endif %} + +{% ifversion ghes %} +Se você é o administrador do site para {% data variables.product.product_location %}, você pode simplificar a experiência de login para os usuários, escolhendo um método de autenticação que se conecta com seu provedor de identidade existente (IdP), como CAS, SAML ou LDAP. Isso significa que eles não precisam mais lembrar de uma senha adicional para {% data variables.product.prodname_dotcom %}. + +Alguns métodos de autenticação também são compatíveis com a comunicação de informações adicionais para {% data variables.product.product_name %}, por exemplo, de quais grupos o usuário é integrante ou sincronizando chaves criptográficas para o usuário. Esta é uma excelente maneira de simplificar a sua administração à medida que a sua organização cresce. + +Para obter mais informações sobre esses métodos de autenticação, consulte "[Usando CAS](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-cas), "[Usando SAML](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml)" e "[Usando LDAP](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-ldap)." +{% endif %} + +## Configurar autenticação de dois fatores + +A melhor maneira de melhorar a segurança da {% ifversion fpt %}sua conta pessoal{% elsif ghes %}sua conta pessoal ou {% data variables.product.product_location %}{% elsif ghec %}suas contas{% elsif ghae %}sua empresa em {% data variables.product.product_name %}{% endif %} é configurar a autenticação de dois fatores (2FA){% ifversion ghae %} no seu provedor de identidade SAML (IdP){% endif %}. As senhas por si só podem ser comprometidas por serem adivinhadas, por serem reutilizadas em outro local que foi comprometido, ou por engenharia social, como phishing. A 2FA dificulta muito mais o comprometimento das suas contas, mesmo que um invasor tenha sua senha. + +{% ifversion not ghae %} + +{% ifversion ghec %} +Se você for proprietário de uma empresa, você poderá configurar uma política que exija a 2FA para todas as organizações pertencentes à sua empresa. +{% endif %} + +{% ifversion ghes %} +Se você é o administrador do site para {% data variables.product.product_location %}, talvez você possa configurar a 2FA para todos os usuários da sua instância. A disponibilidade de 2FA no {% data variables.product.product_name %} depende do método de autenticação que você usa. Para obter mais informações, consulte "[Centralizar a autenticação de usuário](#centralize-user-authentication)". +{% endif %} + +Se você for um proprietário da organização, {% ifversion fpt %}pode{% else %}poderá{% endif %} exigir que todos os integrantes da organização habilitem a 2FA. + +{% ifversion ghec or ghes %} + +### Configure sua conta corporativa + +Os proprietários da empresa podem exigir a autenticação 2FA para todos os {% ifversion ghes %}usuários de{% elsif ghec %}integrantes da{% endif %} a instância {% ifversion ghes %}{% elsif ghec %}empresa{% endif %}. A disponibilidade das políticas de 2FA em {% data variables.product.product_name %} depende de como {% ifversion ghes %}usuários{% else %}integrantes{% endif %} efetuam a autenticação para acessar sua {% ifversion ghes %}instância{% elsif ghec %}recursos da empresa{% endif %}. + +{% ifversion ghes %} +- Se você efetuar o login em {% data variables.product.product_location %} por meio de um IdP externo usando CAS ou SSO SAML, você +{% elsif ghec %} +Se sua empresa usa o {% data variables.product.prodname_emus %} ou a autenticação do SAML for aplicada à sua empresa, você +{%- endif %} não pode configurar a autenticação 2FA em {% data variables.product.product_name %}. Alguém com acesso administrativo ao seu IdP deve configurar a autenticação 2FA para o IdP. + +{% ifversion ghes %} + +- Se você entrar em {% data variables.product.product_location %} por meio de um diretório LDAP externo, você poderá exigir a autenticação 2FA para sua empresa em {% data variables.product.product_name %}. Se você permitir a autenticação integrada para usuários fora do seu diretório, os usuários individuais poderão habilitar a autenticação 2FA, mas você não poderá exigir a autenticação 2FA para sua empresa. + +{% endif %} + +Para obter mais informações, consulte {% ifversion ghec %}"[Sobre a identidade e gerenciamento de acesso para sua empresa](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-identity-and-access-management-for-your-enterprise)" e {% endif %}"[Aplicando políticas para configurações de segurança na sua empresa](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#requiring-two-factor-authentication-for-organizations-in-your-enterprise)". + +{% endif %} + +### Configure a sua conta pessoal + +{% ifversion ghec or ghes %} +{% note %} + +**Observação**: Dependendo do método de autenticação que {% ifversion ghec %}o proprietário de uma empresa{% elsif ghes %}um administrador do site{% endif %} tenha configurado para {% ifversion ghec %}sua empresa em {% endif %}{% data variables.product.product_location %}, talvez você não consiga habilitar a autenticação 2FA para sua conta pessoal. + +{% endnote %} +{% endif %} + +{% data variables.product.product_name %} é compatível com várias opções para 2FA e embora qualquer um seja melhor do que nada, a opção mais segura é WebAuthn. A WebAuthn requer uma chave de segurança de hardware ou um dispositivo que o suporte por meio de coisas como Windows Hello ou Mac TouchID. É possível, apesar de ser difícil, fazer phish de outras formas de 2FA (por exemplo, quando alguém pede para ler a sua senha de um único dígito). No entanto, o WebAuthn não é passível de phishing, porque o escopo de domínio está incorporado no protocolo, o que impede que credenciais de um site representando uma página de login sejam usadas em {% data variables.product.product_name %}. + +Ao definir a autenticação de 2FA, você deve sempre fazer o download dos códigos de recuperação e definir mais de um fator. Isso garante que o acesso à sua conta não depende de um único dispositivo. Para obter mais informações, consulte "[Configurando autenticação de dois fatores](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication), "[Configurando os métodos de recuperação de autenticação de dois fatores](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication-recovery-methods) e [Chaves de segurança de hardware marcadas no GitHub](https://thegithubshop.com/products/github-branded-yubikey) na loja do GitHub. + +### Configurar a conta da sua organização + +{% ifversion ghec or ghes %} +{% note %} + +**Observação**: Dependendo do método de autenticação que {% ifversion ghec %}o proprietário de uma empresa{% elsif ghes %}um administrador do site{% endif %} tenha configurado para {% ifversion ghec %}sua empresa em {% endif %}{% data variables.product.product_location %}, talvez você não consiga exigir a autenticação 2FA para sua organização. + +{% endnote %} +{% endif %} + +Se você for proprietário de uma organização, você poderá ver quais usuários não estão habilitados com 2FA, poderá ajudá-los a configurá-la e, em seguida, exigir a autenticação 2FA para sua organização. Para guiar você nesse processo, consulte: + +1. "[Visualizando se os usuários na organização têm a 2FA habilitada](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled)" +2. "[Preparando-se para exigir autenticação de dois fatores na sua organização](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/preparing-to-require-two-factor-authentication-in-your-organization)" +3. "[Exigindo a autenticação de dois fatores na sua organização](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization)" + +{% endif %} + +## Conectar a {% data variables.product.product_name %} usando chaves SSH + +Existem outras maneiras de interagir com {% data variables.product.product_name %} além de entrar no site. Muitas pessoas autorizam o código que enviam por push para {% data variables.product.prodname_dotcom %} com uma chave privada SSH. Para obter mais informações, consulte[Sobre SSH](/authentication/connecting-to-github-with-ssh/about-ssh)". + +Assim como a senha da sua conta, se um invasor conseguir obter a sua chave SSH privada, ele poderá se passar por você e enviar código malicioso para qualquer repositório ao qual você tenha acesso de gravação. Se você armazenar sua chave SSH privada em um disco, é uma boa ideia protegê-la com uma senha. Para obter mais informações, consulte "[Trabalhar com frases secretas da chave SSH](/authentication/connecting-to-github-with-ssh/working-with-ssh-key-passphrases)". + +Outra opção é gerar chaves SSH em uma chave de segurança de hardware. Você pode usar a mesma chave que você está usando no 2FA. É muito difícil comprometer as chaves de segurança de hardware remotamente, porque a chave SSH privada permanece no hardware e não pode ser acessada diretamente por meio do software. Para obter mais informações, consulte "[Gerando uma nova chave SSH para uma chave de segurança de hardware](/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent#generating-a-new-ssh-key-for-a-hardware-security-key)". + +{% ifversion ghec or ghes or ghae %} +As chaves SSH são bastante seguras, mas a exigência de hardware pode não funcionar para algumas organizações. Uma abordagem alternativa é usar chaves SSH válidas por um curto período de tempo. Mesmo que a chave privada seja comprometida, ela não poderá ser explorada por muito tempo. Este é o conceito por trás da execução da sua própria autoridade de certificação SSH. Embora essa abordagem fornece a você um grande controle sobre como os usuários efetuam a autenticação e também vem com a responsabilidade da própria manutenção de uma autoridade certificada de SSH. Para obter mais informações, consulte "[Sobre autoridades certificadas de SSH](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities)". +{% endif %} + +## Próximas etapas + +- "[Protegendo sua cadeia de suprimentos de ponta a ponta](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)" + +- "[Práticas recomendadas para proteger o código na sua cadeia de suprimentos](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)" + +- "[Práticas recomendadas para proteger seu sistema de construção](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)" diff --git a/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md b/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md new file mode 100644 index 0000000000..909aed63ab --- /dev/null +++ b/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md @@ -0,0 +1,62 @@ +--- +title: Práticas recomendadas para proteger seu sistema de compilação +shortTitle: Protegendo compilações +allowTitleToDifferFromFilename: true +intro: Orientação sobre como proteger o final da sua cadeia de suprimentos — os sistemas que você usa para construir e distribuir artefatos. +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Fundamentals + - Security + - CI + - CD +--- + +## Sobre este guia + +Este guia descreve mudanças de maior impacto que você pode fazer para melhorar a segurança de seus sistemas de construção. Cada seção descreve uma alteração que você pode fazer em seus processos para melhorar a segurança. As mudanças de maior impacto estão listadas primeiro. + +## Qual o risco? + +Alguns ataques a cadeias de suprimentos de software visam diretamente o sistema de construção. Se um invasor pode modificar o processo de construção, ele pode explorar seu sistema sem o esforço de comprometer contas pessoais ou código. É importante garantir que você não se esqueça de proteger o sistema de compilação, bem como contas pessoais e código. + +## Proteja seu sistema de compilação + +Existem vários recursos de segurança que um sistema de construção deve ter: + +1. Os passos de compilação devem ser claros e repetitivos. + +2. Você deve saber exatamente o que foi executado durante o processo de compilação. + +3. Cada compilação deve começar em um ambiente fresco, então uma construção comprometida não persiste para afetar futuras compilações. + +{% data variables.product.prodname_actions %} pode ajudar você a atender a esses recursos. As instruções de compilação são armazenadas no seu repositório, junto com seu código. Você escolhe o ambiente em que sua compilação é executada, incluindo Windows, Mac, Linux ou executores que você mesmo hospeda. Cada compilação começa com um novo ambiente virtual, o que torna difícil para um ataque persistir no seu ambiente de compilação. + +Além dos benefícios de segurança, {% data variables.product.prodname_actions %} permite que você acione compilações manualmente, periodicamente ou em eventos do git no seu repositório para compilações frequentes e rápidas. + +{% data variables.product.prodname_actions %} é um grande tópico, mas um bom lugar para começar é "[Compreendendo o GitHub Actions](/actions/learn-github-actions/understanding-github-actions) e "[Escolhendo executores hospedados no GitHub](/actions/using-workflows/workflow-syntax-for-github-actions#choosing-github-hosted-runners)" e "[Acionando um fluxo de trabalho](/actions/using-workflows/triggering-a-workflow)". + +## Assine suas compilações + +Depois que o processo de compilação estiver seguro, você deverá evitar que alguém altere o resultado final do processo de compilação. Uma ótima maneira de fazer isso é assinar suas compilações. Ao distribuir software publicamente, isso é frequentemente feito com um par de chaves de criptografia pública/privada. Você usa a chave privada para assinar a compilação e você publica sua chave pública para que os usuários do seu software possam verificar a assinatura na compilação antes de usá-lo. Se os bytes da compilação forem modificados, a assinatura não será verificada. + +A forma como exatamente você assina a sua compilação dependerá do tipo de código que você está escrevendo e dos seus usuários. Muitas vezes, é difícil saber como armazenar com segurança a chave privada. Uma opção básica aqui é usar segredos criptografados de {% data variables.product.prodname_actions %}, embora você precise ter cuidado para limitar quem tem acesso a esses fluxos de trabalho de {% data variables.product.prodname_actions %}. {% ifversion fpt or ghec %}Se sua chave privada estiver armazenada em outro sistema acessível pela internet pública (como o Microsoft Azure ou o Cofre do HashiCorp), uma opção mais avançada é a autenticação com o OpenID Connect, para que você não tenha que compartilhar segredos entre sistemas.{% endif %} Se a sua chave privada puder ser acessada apenas a partir de uma rede privada, outra opção é usar executores auto-hospedados para {% data variables.product.prodname_actions %}. + +Para obter mais informações, consulte "[Segredos criptografados](/actions/security-guides/encrypted-secrets)"{% ifversion fpt or ghec %}, "[Sobre o fortalecimento da segurança com OpenID Connect](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)",{% endif %} e "[Sobre executores auto-hospedados](/actions/hosting-your-own-runners/about-self-hosted-runners)." + +## Segurança reforçada para {% data variables.product.prodname_actions %} + +Há muitas outras etapas que você pode seguir para garantir adicionalmente a segurança {% data variables.product.prodname_actions %}. Em particular, tenha cuidado ao avaliar fluxos de trabalho de terceiros, e considere usar `CODEOWNERS` para limitar quem pode fazer alterações nos seus fluxos de trabalho. + +Para obter mais informações, consulte "[Fortalecimento de segurança para o GitHub Actions](/actions/security-guides/security-hardening-for-github-actions); particularmente "[Usando ações de terceiros](/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions)" e "[Usando `CODEOWNERS` para monitorar as alterações](/actions/security-guides/security-hardening-for-github-actions#using-codeowners-to-monitor-changes)". + +## Próximas etapas + +- "[Protegendo sua cadeia de suprimentos de ponta a ponta](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)" + +- "[as Práticas recomendadas para proteger as contas](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)" + +- "[Práticas recomendadas para proteger o código na sua cadeia de suprimentos](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)" diff --git a/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md b/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md new file mode 100644 index 0000000000..c2358f8875 --- /dev/null +++ b/translations/pt-BR/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md @@ -0,0 +1,119 @@ +--- +title: Práticas recomendadas para proteger o código na sua cadeia de suprimentos +shortTitle: Protegendo o código +allowTitleToDifferFromFilename: true +intro: Orientação sobre como proteger o centro de sua cadeia de suprimentos — o código que você escreve e o código de que você depende. +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Dependabot + - Security updates + - Vulnerabilities + - Advanced Security + - Secret scanning +--- + +## Sobre este guia + +Este guia descreve mudanças de maior impacto que você pode fazer para melhorar a segurança do seu código. Cada seção descreve uma alteração que você pode fazer em seus processos para melhorar a segurança. As mudanças de maior impacto estão listadas primeiro. + +## Qual o risco? + +Os principais riscos no processo de desenvolvimento incluem: + +- Usar dependências com vulnerabilidades de segurança que um invasor pode explorar. +- Vazar as credenciais de autenticação ou um token que um invsor poderia usar para acessar seus recursos. +- Introduzir uma vulnerabilidade ao seu próprio código que um invasor poderia explorar. + +Esses riscos abrem seus recursos e projetos para serem atacados, aléme de serem enviados diretamente para qualquer um que utilize um pacote que você criar. As seções a seguir explicam como você pode proteger você mesmo e seus usuários desses riscos. + +## Crie um programa de gerenciamento de vulnerabilidades para dependências + +Você pode proteger o código do qual você depende criando um programa de gerenciamento de vulnerabilidades para dependências. Em alto nível, isto deve incluir processos para garantir que você: + +1. Crie um inventário de suas dependências. + +2. Saiba quando há uma vulnerabilidade de segurança em uma dependência. + +3. Avalie o impacto dessa vulnerabilidade no seu código e decida qual ação tomar. + +### Geração de inventário automática + +Como primeiro passo, você deverá fazer um inventário completo das suas dependências. O gráfico de dependências para um repositório mostra dependências para ecossistemas compatíveis. Se você verificar suas dependências, ou usar outros ecossistemas, você deverá completar isto com dados de ferramentas de terceiros ou listando dependências manualmente. Para obter mais informações, consulte "[Sobre o gráfico de dependência](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)". + +### Detecção automática de vulnerabilidades em dependências + +{% data variables.product.prodname_dependabot %} pode ajudar você a monitorar as suas dependências e notificar você quando contiverem uma vulnerabilidade conhecida. {% ifversion fpt or ghec or ghes > 3.2 %}Você pode até habilitar {% data variables.product.prodname_dependabot %} para elevar automaticamente os pull requests que atualizam a dependência para uma versão segura.{% endif %} Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} e "[Sobre atualizações de segurança do Dependabot](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)"{% endif %}. + +### Avaliação da exposição ao risco de uma dependência vulnerável + +Ao descobrir que você está usando uma dependência vulnerável, por exemplo, uma biblioteca ou uma estrutura, você deve avaliar o nível de exposição do seu projeto e determinar que ação deve tomar. Normalmente, as vulnerabilidades são relatadas com uma pontuação de gravidade para mostrar a gravidade do seu impacto. A pontuação de gravidade é um guia útil, mas não pode dizer o impacto total da vulnerabilidade no seu código. + +Para avaliar o impacto de uma vulnerabilidade no seu código, você também precisa considerar como usar a biblioteca e determinar o nível de risco que isso realmente representa para o seu sistema. Talvez a vulnerabilidade seja parte de um recurso que você não usa, e você pode atualizar a biblioteca afetada e continuar com o seu ciclo normal da versão. Ou talvez seu código esteja mal exposto a riscos e você precisa atualizar a biblioteca afetada e enviar uma construção atualizada imediatamente. Essa decisão depende de como você está usando a biblioteca em seu sistema, e é uma decisão que só você tem o conhecimento para tomar. + +## Proteja seus tokens de comunicação + +O código geralmente precisa se comunicar com outros sistemas por meio de uma rede e exige segredos (como uma senha, ou uma chave de API) para efetuar a autenticação. Seu sistema precisa de acesso a esses segredos para ser executado, mas a prática recomendada é não incluí-los no seu código-fonte. Isto é especialmente importante para repositórios públicos, mas também para repositórios privados aos quais muitas pessoas podem ter acesso. + +### Detecção automática de segredos confirmados em um repositório + +{% note %} + +**Observação:** {% data reusables.gated-features.secret-scanning-partner %} + +{% endnote %} + +{% data reusables.secret-scanning.enterprise-enable-secret-scanning %} + +{% ifversion fpt or ghec %} +Os parceiros de {% data variables.product.prodname_dotcom %} com muitos provedores para detectar automaticamente quando segredos são gravados ou armazenados em seus repositórios públicos e irão notificar o provedor para que eles possam tomar as ações necessárias para garantir que a sua conta permaneça segura. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_secret_scanning %} para padrões de parceiro](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-partner-patterns)." +{% endif %} + +{% ifversion fpt %} +{% data reusables.secret-scanning.fpt-GHAS-scans %} +{% elsif ghec %} +Se a sua organização usar {% data variables.product.prodname_GH_advanced_security %}, você poderá habilitar {% data variables.product.prodname_secret_scanning_GHAS %} em qualquer repositório pertencente à organização. Você também pode definir padrões personalizados para detectar segredos adicionais no repositório, organização ou empresa. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_secret_scanning_GHAS %}](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-advacned-security) +{% else %} +Você pode configurar {% data variables.product.prodname_secret_scanning %} para verificar se há segredos emitidos por muitos provedores de serviço e para notificar você quando algum for detectado. Você também pode definir padrões personalizados para detectar segredos adicionais no repositório, organização ou empresa. Para obter mais informações, consulte "[Sobre a digitalização de segredos](/code-security/secret-scanning/about-secret-scanning)" e "[Padrões de digitalização de segredos](/code-security/secret-scanning/secret-scanning-patterns)". +{% endif %} + +{% ifversion fpt or ghec or ghes > 3.2 %} +### Armazenamento seguro de segredos que você usa em {% data variables.product.product_name %} +{% endif %} + +{% ifversion fpt or ghec %} +Além do seu código, você provavelmente precisa usar segredos em outros lugares. Por exemplo, para permitir fluxos de trabalho de {% data variables.product.prodname_actions %}, {% data variables.product.prodname_dependabot %} ou seu ambiente de desenvolvimento {% data variables.product.prodname_codespaces %} para se comunicar com outros sistemas. Para obter mais informações sobre como armazenar e usar segredos de forma segura, consulte "[Segredos criptografados em Ações](/actions/security-guides/encrypted-secrets), "[Gerenciando segredos criptografados para Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)," e "[Gerenciando segredos criptografados para seus codespaces](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)." +{% endif %} + +{% ifversion ghes > 3.2 %} +Além do seu código, você provavelmente precisa usar segredos em outros lugares. Por exemplo, para permitir que os fluxos de trabalhos de {% data variables.product.prodname_actions %} ou {% data variables.product.prodname_dependabot %} se comuniquem com outros sistemas. Para obter mais informações sobre como armazenar e usar segredos com segurança, consulte "[Segredos criptografados em Ações](/actions/security-guides/encrypted-secrets)", e "[Gerenciando segredos criptografados para Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)." +{% endif %} + +## Mantenha padrões de codificação vulneráveis fora do seu repositório + +{% note %} + +**Observação:** {% data reusables.gated-features.code-scanning %} + +{% endnote %} + +{% data reusables.code-scanning.enterprise-enable-code-scanning %} + +### Criar um processo de revisão de pull request + +Você pode melhorar a qualidade e a segurança do seu código garantindo que todos os pull requests sejam revisados e testados antes do merge. {% data variables.product.prodname_dotcom %} tem muitas funcionalidades que você pode usar para controlar a revisão e o processo de merge. Para começar, consulte "[Sobre branches protegidos](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches)". + +### Digitalize o seu código para padrões vulneráveis + +Os padrões de código inseguro são muitas vezes difíceis para os revisores identificarem sem ajuda. Além de digitalizar seu código para encontrar segredos, você pode verificar se há padrões associados a vulnerabilidades de segurança. Por exemplo, uma função que não é segura na memória, ou falhar ao escapar de entrada do usuário que poderia levar a uma vulnerabilidade de injeção. {% data variables.product.prodname_dotcom %} oferece várias maneiras diferentes de abordar como e quando você digitaliza o seu código. Para começar, consulte "[Sobre a digitalização de código](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning)". + +## Próximas etapas + +- "[Protegendo sua cadeia de suprimentos de ponta a ponta](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)" + +- "[as Práticas recomendadas para proteger as contas](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)" + +- "[Práticas recomendadas para proteger seu sistema de construção](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)" diff --git a/translations/pt-BR/content/code-security/supply-chain-security/index.md b/translations/pt-BR/content/code-security/supply-chain-security/index.md index 41baad712e..613365f18f 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/index.md +++ b/translations/pt-BR/content/code-security/supply-chain-security/index.md @@ -16,7 +16,6 @@ topics: - Repositories children: - /understanding-your-software-supply-chain - - /keeping-your-dependencies-updated-automatically - - /managing-vulnerabilities-in-your-projects-dependencies + - /end-to-end-supply-chain --- diff --git a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md b/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md deleted file mode 100644 index 255783e4f8..0000000000 --- a/translations/pt-BR/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md +++ /dev/null @@ -1,29 +0,0 @@ ---- -title: Manter suas dependências atualizadas automaticamente -intro: 'O {% data variables.product.prodname_dependabot %} pode manter as dependências do seu repositório automaticamente.' -redirect_from: - - /github/administering-a-repository/keeping-your-dependencies-updated-automatically -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -topics: - - Repositories - - Dependabot - - Version updates - - Dependencies - - Pull requests -children: - - /about-dependabot-version-updates - - /enabling-and-disabling-dependabot-version-updates - - /listing-dependencies-configured-for-version-updates - - /managing-pull-requests-for-dependency-updates - - /automating-dependabot-with-github-actions - - /managing-encrypted-secrets-for-dependabot - - /customizing-dependency-updates - - /configuration-options-for-dependency-updates - - /keeping-your-actions-up-to-date-with-dependabot -shortTitle: Atualização automática de dependências ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} diff --git a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md b/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md deleted file mode 100644 index d147a4cd56..0000000000 --- a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md +++ /dev/null @@ -1,46 +0,0 @@ ---- -title: Sobre a gestão de dependências vulneráveis -intro: '{% data variables.product.product_name %} ajuda você a evitar o uso de software de terceiros que contém vulnerabilidades conhecidas.' -redirect_from: - - /github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies - - /code-security/supply-chain-security/about-managing-vulnerable-dependencies -versions: - fpt: '*' - ghes: '>=3.2' - ghae: issue-4864 - ghec: '*' -type: overview -topics: - - Dependabot - - Dependency graph - - Dependency review - - Vulnerabilities - - Repositories - - Dependencies - - Pull requests -shortTitle: Dependências vulneráveis ---- - - - -{% data variables.product.product_name %} fornece as ferramentas a seguir para remover e evitar dependências vulneráveis. - -## Gráfico de dependências -O gráfico de dependências é um resumo do manifesto e bloqueia arquivos armazenados em um repositório. Ele mostra os ecossistemas e pacotes dos quais a sua base de código depende (suas dependências) e os repositórios e pacotes que dependem do seu projeto (suas dependências). As informações no gráfico de dependências são usadas pela revisão das dependências e {% data variables.product.prodname_dependabot %}. Para obter mais informações, consulte "[Sobre o gráfico de dependência](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)". - -## Revisão de dependência - -{% data reusables.dependency-review.beta %} - -Ao verificar as revisões de dependências nos pull requests, você pode evitar a introdução de vulnerabilidades de dependências na sua base de código. Se os pull requests adicionarem uma dependência vulnerável, ou alterarem a dependência a uma versão vulnerável, isso será destacado na revisão de dependências. Você pode alterar a dependência para uma versão alterada antes de realizar o merge do pull request. Para obter mais informações, consulte "[Sobre a revisão de dependências](/code-security/supply-chain-security/about-dependency-review)". - -## {% data variables.product.prodname_dependabot_alerts %} -{% data variables.product.product_name %} pode criar {% data variables.product.prodname_dependabot_alerts %} quando detectar dependências vulneráveis no seu repositório. O alerta é exibido na aba Segurança do repositório. O alerta inclui um link para o arquivo afetado no projeto, e informações sobre uma versão corrigida. {% data variables.product.product_name %} também notifica os mantenedores do repositório, de acordo com as suas preferências de notificação. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" - -{% ifversion fpt or ghec or ghes > 3.2 %} -## {% data variables.product.prodname_dependabot_security_updates %} -Quando {% data variables.product.product_name %} gera um alerta de {% data variables.product.prodname_dependabot %} para uma dependência vulnerável no seu repositório, {% data variables.product.prodname_dependabot %} pode tentar corrigir automaticamente para você. {% data variables.product.prodname_dependabot_security_updates %} são pull requests gerados automaticamente que atualizam uma dependência vulnerável para uma versão fixa. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." - -## {% data variables.product.prodname_dependabot_version_updates %} -Habilitar {% data variables.product.prodname_dependabot_version_updates %} remove o esforço de manter suas dependências. Com {% data variables.product.prodname_dependabot_version_updates %}, sempre que {% data variables.product.prodname_dotcom %} identifica uma dependência desatualizada, ele cria um pull request para atualizar o manifesto para a última versão da dependência. Em contrapartida, {% data variables.product.prodname_dependabot_security_updates %} apenas cria pull requests para corrigir dependências vulneráveis. Para obter mais informações, consulte "[Sobre atualizações da versão do Dependabot](/github/administering-a-repository/about-dependabot-version-updates)". -{% endif %} diff --git a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md b/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md deleted file mode 100644 index 70acd4f9f5..0000000000 --- a/translations/pt-BR/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md +++ /dev/null @@ -1,36 +0,0 @@ ---- -title: Gerenciar vulnerabilidades nas dependências de seu projeto -intro: 'Você pode acompanhar as dependências do seu repositório e receber {% data variables.product.prodname_dependabot_alerts %} quando {% data variables.product.product_name %} detectar dependências vulneráveis.' -redirect_from: - - /articles/updating-your-project-s-dependencies - - /articles/updating-your-projects-dependencies - - /articles/managing-security-vulnerabilities-in-your-projects-dependencies - - /articles/managing-vulnerabilities-in-your-projects-dependencies - - /github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies -versions: - fpt: '*' - ghes: '*' - ghae: issue-4864 - ghec: '*' -topics: - - Repositories - - Dependabot - - Version updates - - Dependencies - - Pull requests - - Vulnerabilities - - Alerts -children: - - /about-managing-vulnerable-dependencies - - /browsing-security-vulnerabilities-in-the-github-advisory-database - - /editing-security-advisories-in-the-github-advisory-database - - /about-alerts-for-vulnerable-dependencies - - /configuring-notifications-for-vulnerable-dependencies - - /about-dependabot-security-updates - - /configuring-dependabot-security-updates - - /viewing-and-updating-vulnerable-dependencies-in-your-repository - - /troubleshooting-the-detection-of-vulnerable-dependencies - - /troubleshooting-dependabot-errors -shortTitle: Corrigir dependências vulneráveis ---- - diff --git a/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md b/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md index 6b47caf362..302942fcde 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md +++ b/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md @@ -28,10 +28,10 @@ redirect_from: Se um pull request for direcionado ao branch padrão do seu repositório e contiver alterações em manifestos de pacote ou arquivos de bloqueio, você poderá exibir um comentário de dependência para ver o que foi alterado. A revisão de dependências inclui detalhes de alterações nas dependências indiretas nos arquivos de bloqueio, e informa a você se alguma das dependências adicionadas ou atualizadas contém vulnerabilidades conhecidas. {% ifversion fpt %} -Dependency review is available in all public repositories in all products and cannot be disabled. Dependency review is available in private repositories owned by organizations that use GitHub Enterprise Cloud and have a license for {% data variables.product.prodname_GH_advanced_security %}. Para obter mais informações, consulte a [documentação de {% data variables.product.prodname_ghe_cloud %}](/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review). +A revisão de dependências está disponível em todos os repositórios públicos de todos os produtos e não pode ser desabilitada. A revisão de dependências está disponível em repositórios privados pertencentes a organizações que usam o GitHub Enterprise Cloud e têm uma licença para {% data variables.product.prodname_GH_advanced_security %}. Para obter mais informações, consulte a [documentação de {% data variables.product.prodname_ghe_cloud %}](/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review). {% elsif ghec %} -Dependency review is included in {% data variables.product.product_name %} for public repositories. To use dependency review in private repositories owned by organizations, you must have a license for {% data variables.product.prodname_GH_advanced_security %} and have the dependency graph enabled. Para obter mais informações, consulte "[Explorar as dependências de um repositório](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)". +Revisão de dependências está incluída em {% data variables.product.product_name %} para repositórios públicos. Para usar a revisão de dependências em repositórios privados pertencentes a organizações, você deve ter uma licença para {% data variables.product.prodname_GH_advanced_security %} e ter o gráfico de dependências habilitado. Para obter mais informações, consulte "[Explorar as dependências de um repositório](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)". {% elsif ghes or ghae %} A revisão de dependências está disponível quando o gráfico de dependências está habilitado para {% data variables.product.product_location %} e {% data variables.product.prodname_advanced_security %} está habilitado para a organização ou repositório. @@ -41,7 +41,7 @@ A revisão de dependências está disponível quando o gráfico de dependências Ao verificar as revisões de dependências em um pull request e alterar todas as dependências sinalizadas como vulneráveis, você pode evitar que vulnerabilidades sejam adicionadas ao seu projeto. Para obter mais informações sobre como funciona a revisão de dependências, consulte "[Revisar as alterações de dependência em um pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)". -{% data variables.product.prodname_dependabot_alerts %} encontrará vulnerabilidades que já estão nas suas dependências, mas é muito melhor evitar a introdução de possíveis problemas do que corrigir problemas em uma data posterior. Para obter mais informações sobre {% data variables.product.prodname_dependabot_alerts %}, consulte "[Sobre alertas para dependências vulneráveis](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)". +{% data variables.product.prodname_dependabot_alerts %} encontrará vulnerabilidades que já estão nas suas dependências, mas é muito melhor evitar a introdução de possíveis problemas do que corrigir problemas em uma data posterior. Para obter mais informações sobre {% data variables.product.prodname_dependabot_alerts %}, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)." A revisão de dependências é compatível com as mesmas linguagens e os mesmos ecossistemas de gestão de pacotes do gráfico de dependência. Para obter mais informações, consulte "[Sobre o gráfico de dependência](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)". diff --git a/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md b/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md new file mode 100644 index 0000000000..a15d93bf29 --- /dev/null +++ b/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md @@ -0,0 +1,154 @@ +--- +title: Sobre a segurança da cadeia de suprimento +intro: '{% data variables.product.product_name %} ajuda você a proteger sua cadeia de suprimentos, de entender as dependências do seu ambiente, conhecer as vulnerabilidades nessas dependências{% ifversion fpt or ghec or ghes > 3.2 %} e corrigi-las{% endif %}.' +miniTocMaxHeadingLevel: 3 +shortTitle: Segurança da cadeia de suprimento +redirect_from: + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +type: overview +topics: + - Advanced Security + - Dependency review + - Dependency graph + - Vulnerabilities + - Dependencies + - Pull requests + - Repositories +--- + +## Sobre a segurança da cadeia de suprimentos no GitHub + +Com o uso acelerado de código aberto, a maioria dos projetos depende de centenas de dependências de código aberto. Isso coloca um problema de segurança: e se as dependências que você estiver usando forem vulneráveis? Você poderia colocar os seus usuários em risco de ataque da cadeia de suprimentos. Uma das coisas mais importantes que você pode fazer para proteger sua cadeia de suprimentos é corrigir suas vulnerabilidades. + +Você adiciona dependências diretamente à sua cadeia de suprimentos ao especificá-las em um arquivo de manifesto ou um arquivo de bloqueio. As dependências também podem ser incluídas transitoriamente, ou seja, até mesmo se você não especificar uma dependência em particular, mas a sua dependência a usa, portanto, você também depende dessa dependência. + +{% data variables.product.product_name %} oferece uma variedade de recursos para ajudar você a entender as dependências do seu ambiente{% ifversion ghes < 3.3 or ghae %} e conhecer as vulnerabilidades dessas dependências{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %},conhecer as vulnerabilidades nessas dependências e corrigi-las{% endif %}. + +As funcionalidades da cadeia de suprimentos em {% data variables.product.product_name %} são: +- **Gráfico de dependências** +{% ifversion fpt or ghec or ghes > 3.1 or ghae %}- **Revisão de Dependência**{% endif %} +- **{% data variables.product.prodname_dependabot_alerts %} ** +{% ifversion fpt or ghec or ghes > 3.2 %}- **{% data variables.product.prodname_dependabot_updates %}** + - **{% data variables.product.prodname_dependabot_security_updates %}** + - **{% data variables.product.prodname_dependabot_version_updates %}**{% endif %} + +O gráfico de dependências é fundamental para fornecer segurança da cadeia de suprimentos. O gráfico de dependências identifica todas as dependências a montante e as dependências públicas a jusante de um repositório ou pacote. É possível ver as dependências e algumas de suas propriedades, como informações de vulnerabilidade, no gráfico de dependências do repositório. + +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +As outras funcionalidades da cadeia de suprimentos em {% data variables.product.prodname_dotcom %} dependem das informações fornecidas pelo gráfico de dependências. + +- A revisão de dependências usa o gráfico de dependências para identificar mudanças de dependências e ajuda você a entender o impacto de segurança dessas alterações ao revisar pull requests. +- Os dados de dependência de referência cruzada de {% data variables.product.prodname_dependabot %} fornecidos pelo gráfico de dependências com a lista de vulnerabilidades conhecidas publicadas no {% data variables.product.prodname_advisory_database %}, verifica suas dependências e gera {% data variables.product.prodname_dependabot_alerts %} quando uma potencial vulnerabilidade é detectada. +{% ifversion fpt or ghec or ghes > 3.2 %}- {% data variables.product.prodname_dependabot_security_updates %} usa o gráfico de dependências e {% data variables.product.prodname_dependabot_alerts %} para ajudar você a atualizar dependências com vulnerabilidades conhecidas no seu repositório. + +{% data variables.product.prodname_dependabot_version_updates %} não usa o gráfico de dependências e confia na versão semântica das dependências. {% data variables.product.prodname_dependabot_version_updates %} ajuda você a manter suas dependências atualizadas, mesmo quando elas não têm nenhuma vulnerabilidade. +{% endif %} +{% endif %} + +{% ifversion ghes < 3.2 %} +Os dados de dependência de referência cruzada de {% data variables.product.prodname_dependabot %} fornecidos pelo gráfico de dependências com a lista de vulnerabilidades conhecidas publicadas no {% data variables.product.prodname_advisory_database %}, verifica suas dependências e gera {% data variables.product.prodname_dependabot_alerts %} quando uma potencial vulnerabilidade é detectada. + {% endif %} + +## Visão geral de recursos + +### Qual é o gráfico de dependências + +Para gerar o gráfico de dependência, {% data variables.product.company_short %} analisa as dependências explícitas de um repositório declaradas no manifesto e no arquivo de bloqueio. Quando habilitado, o gráfico de dependências analisa automaticamente todos os arquivos de manifesto de pacote conhecidos no repositório, e usa isto para construir um gráfico com nomes e versões conhecidas das dependências. + +- O gráfico de dependências inclui informações sobre suas dependências _diretas_ e dependências _transitivas_. +- O gráfico de dependência é atualizado automaticamente quando você faz push de um commit para {% data variables.product.company_short %} que altera ou adiciona um manifesto compatível ou um arquivo de bloqueio para o branch padrão, e quando alguém fizer uma alteração no repositório de uma de suas dependências. +- É possível ver o gráfico de dependências abrindo a página principal do repositório no {% data variables.product.product_name %} e acessando a aba **Insights**. + +Para obter mais informações sobre o gráfico de dependências, consulte "[Sobre o gráfico de dependências](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)". + +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +### O que é revisão de dependências + +A revisão de dependências ajuda os revisores e colaboradores a entenderem as mudanças de dependência e seu impacto de segurança em cada pull request. + +- A revisão de dependências informa quais dependências foram adicionadas, removidas ou atualizadas em um pull request. Você pode usar as datas de versão, a popularidade das dependências e informações de vulnerabilidade para ajudar você a decidir se deseja aceitar a alteração. +- Você pode ver a revisão de dependências para um pull request mostrando o diff avançado na aba**Arquivos alterados**. + +Para obter mais informações sobre a análise de dependências, consulte "[Sobre a revisão de dependências](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)". + +{% endif %} + +### O que é o Dependabot + +{% data variables.product.prodname_dependabot %} mantém suas dependências atualizadas informando você de qualquer vulnerabilidade de segurança em suas dependências{% ifversion fpt or ghec or ghes > 3.2 or ghae %} e abre automaticamente os pull requests para atualizar suas dependências para a próxima versão segura disponível quando um alerta der {% data variables.product.prodname_dependabot %} é acionado ou, na última versão, quando uma versão é publicada{% else %} para que você possa atualizar essa dependência{% endif %}. + +{% ifversion fpt or ghec or ghes > 3.2 %} +O termo "{% data variables.product.prodname_dependabot %}" engloba as seguintes funcionalidades: +- {% data variables.product.prodname_dependabot_alerts %}—Notificação exibida na aba **Segurança** do repositório e no gráfico de dependências do repositório. O alerta inclui um link para o arquivo afetado no projeto, e informações sobre uma versão corrigida. +- {% data variables.product.prodname_dependabot_updates %}: + - {% data variables.product.prodname_dependabot_security_updates %}—Atualizações acionadas para atualizar suas dependências para uma versão segura quando um alerta é acionado. + - {% data variables.product.prodname_dependabot_version_updates %}— Atualizações agendadas para manter suas dependências atualizadas com a versão mais recente. +{% endif %} + +#### Quais são os alertas do Dependabot + +{% data variables.product.prodname_dependabot_alerts %} destaca repositórios afetados por uma vulnerabilidade recém-descoberta baseada no gráfico de dependências e no {% data variables.product.prodname_advisory_database %}, que contém as versões em listas de vulnerabilidades conhecidas. + +- {% data variables.product.prodname_dependabot %} faz a digitalização para detectar dependências vulneráveis e envia {% data variables.product.prodname_dependabot_alerts %} quando: +{% ifversion fpt or ghec %} + - Uma nova vulnerabilidade é adicionada ao {% data variables.product.prodname_advisory_database %}.{% else %} + - São sincronizados novos dados de consultoria com {% data variables.product.product_location %} a cada hora a partir de {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.security-advisory.link-browsing-advisory-db %}{% endif %} + - O gráfico de dependências para as alterações no repositório. +- {% data variables.product.prodname_dependabot_alerts %} são exibidos {% ifversion fpt or ghec or ghes > 3.0 %} na aba **Segurança** do repositório e{% endif %} no gráfico de dependências do repositório. O alerta inclui {% ifversion fpt or ghec or ghes > 3.0 %} um link para o arquivo afetado no projeto, e {% endif %}informações sobre uma versão fixa. + +Para obter mais informações sobre {% data variables.product.prodname_dependabot_alerts %}, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)". + +{% ifversion fpt or ghec or ghes > 3.2 %} +#### Quais são as atualizações do Dependabot + +Há dois tipos de {% data variables.product.prodname_dependabot_updates %}: {% data variables.product.prodname_dependabot %} atualizações de _segurança_ e atualizações de _versão_. {% data variables.product.prodname_dependabot %} gera pull requests automáticos para atualizar suas dependências em ambos os casos, mas existem várias diferenças. + +{% data variables.product.prodname_dependabot_security_updates %}: + - Acionado por um alerta de {% data variables.product.prodname_dependabot %} + - Atualizar dependências para a versão mínima que resolve uma vulnerabilidade conhecida + - Compatível para os ecossistemas que o gráfico de dependências suporta + +{% data variables.product.prodname_dependabot_version_updates %}: + - Executar em um calendário que você configura + - Atualizar dependências para a última versão que corresponde à configuração + - Compatível para um grupo diferente de ecossistemas + +Para obter mais informações sobre {% data variables.product.prodname_dependabot_updates %}, consulte "[Sobre {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)" e "[Sobre {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates)". +{% endif %} + +## Disponibilidade de recursos + +{% ifversion fpt or ghec %} + +Repositórios públicos: +- **Gráfico de dependência**—habilitado por padrão e não pode ser desabilitado. +- **Revisão de dependência**—habilitado por padrão e não pode ser desabilitado. +- **{% data variables.product.prodname_dependabot_alerts %}**—não habilitado por padrão. {% data variables.product.prodname_dotcom %} detecta dependências vulneráveis e exibe informações no gráfico de dependência, mas não gera {% data variables.product.prodname_dependabot_alerts %} por padrão. Os proprietários do repositório ou pessoas com acesso de administrador podem habilitar {% data variables.product.prodname_dependabot_alerts %}. Você também pode habilitar ou desabilitar alertas do Dependabot para todos os repositórios pertencentes à sua conta de usuário ou organização. Para obter mais informações, consulte "[Gerenciando configurações de segurança e análise da sua conta de usuário](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account)" ou "[Gerenciando configurações de segurança e análise da sua organização](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)". + +Repositórios privados: +- **Gráfico de dependência**—não habilitado por padrão. O recurso pode ser habilitado pelos administradores do repositório. Para obter mais informações, consulte "[Explorar as dependências de um repositório](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)". +{% ifversion fpt %} +- **Revisão de dependência**— disponível em repositórios privados pertencentes a organizações que usam {% data variables.product.prodname_ghe_cloud %} e têm uma licença para {% data variables.product.prodname_GH_advanced_security %}. Para obter mais informações, consulte a [documentação de {% data variables.product.prodname_ghe_cloud %}](/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review). +{% elsif ghec %} +- **Revisão de dependência**— disponível em repositórios privados pertencentes a organizações, desde que você tenha uma licença para {% data variables.product.prodname_GH_advanced_security %} e o gráfico de dependências habilitado. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)" e "[Explorando as dependências de um repositório](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)". +{% endif %} +- **{% data variables.product.prodname_dependabot_alerts %}**—não habilitado por padrão. Os proprietários de repositórios privados ou pessoas com acesso de administrador, podem habilitar o {% data variables.product.prodname_dependabot_alerts %} ativando o gráfico de dependências e {% data variables.product.prodname_dependabot_alerts %} para seus repositórios. Você também pode habilitar ou desabilitar alertas do Dependabot para todos os repositórios pertencentes à sua conta de usuário ou organização. Para obter mais informações, consulte "[Gerenciando configurações de segurança e análise da sua conta de usuário](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account)" ou "[Gerenciando configurações de segurança e análise da sua organização](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)". + +Qualquer tipo de repositório: +- **{% data variables.product.prodname_dependabot_security_updates %}**—não habilitado por padrão. É possível habilitar o {% data variables.product.prodname_dependabot_security_updates %} para qualquer repositório que use {% data variables.product.prodname_dependabot_alerts %} e o gráfico de dependências. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." +- **{% data variables.product.prodname_dependabot_version_updates %}**—não habilitado por padrão. As pessoas com permissões de gravação em um repositório podem habilitar {% data variables.product.prodname_dependabot_version_updates %}. Para obter mais informações sobre habilitar atualizações de segurança, consulte "[Configurar {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." +{% endif %} + +{% ifversion ghes or ghae %} +- **Gráfico de dependência** e **{% data variables.product.prodname_dependabot_alerts %}**—não habilitado por padrão. Ambas as funcionalidades são configuradas a nível empresarial pelo proprietário da empresa. For more information, see {% ifversion ghes %}"[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)" and {% endif %}"[Enabling {% data variables.product.prodname_dependabot %} for your enterprise](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)." +- **Revisão de dependência**—disponível quando o gráfico de dependências está habilitado para {% data variables.product.product_location %} e {% data variables.product.prodname_advanced_security %} está habilitado para a organização ou repositório. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)." +{% endif %} +{% ifversion ghes > 3.2 %} +- **{% data variables.product.prodname_dependabot_security_updates %}**—não habilitado por padrão. É possível habilitar o {% data variables.product.prodname_dependabot_security_updates %} para qualquer repositório que use {% data variables.product.prodname_dependabot_alerts %} e o gráfico de dependências. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." +- **{% data variables.product.prodname_dependabot_version_updates %}**—não habilitado por padrão. As pessoas com permissões de gravação em um repositório podem habilitar {% data variables.product.prodname_dependabot_version_updates %}. Para obter mais informações sobre habilitar atualizações de segurança, consulte "[Configurar {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." +{% endif %} diff --git a/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md b/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md index ab432637c0..e02389b368 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md +++ b/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md @@ -56,7 +56,7 @@ Você pode usar o gráfico de dependências para: - Explorar os repositórios dos quais o seu código depende{% ifversion fpt or ghec %} e aqueles que dependem dele{% endif %}. Para obter mais informações, consulte "[Explorar as dependências de um repositório](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)". {% ifversion fpt or ghec %} - Visualizar um resumo das dependências usadas nos repositórios da sua organização em um único painel. Para obter mais informações, consulte "[Visualizar informações na organização](/articles/viewing-insights-for-your-organization#viewing-organization-dependency-insights)".{% endif %} -- Ver e atualizar dependências vulneráveis no seu repositório. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)". {% ifversion fpt or ghes > 3.1 or ghec %} +- Ver e atualizar dependências vulneráveis no seu repositório. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."{% ifversion fpt or ghes > 3.1 or ghec %} - Veja as informações sobre dependências vulneráveis em pull requests. Para obter mais informações, consulte "[Revisar as alterações de dependências em um pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)".{% endif %} ## Habilitar o gráfico de dependências @@ -77,16 +77,16 @@ Os formatos recomendados definem explicitamente quais versões são usadas para | `dotnet` CLI | .NET languages (C#, C++, F#, VB) | `.csproj`, `.vbproj`, `.nuspec`, `.vcxproj`, `.fsproj` | `.csproj`, `.vbproj`, `.nuspec`, `.vcxproj`, `.fsproj`, `packages.config` | {%- if github-actions-in-dependency-graph %} -| {% data variables.product.prodname_actions %} workflows +| Fluxos de trabalho de {% data variables.product.prodname_actions %} [1] | YAML | `.yml`, `.yaml` | `.yml`, `.yaml` | {%- endif %} {%- ifversion fpt or ghes > 3.2 or ghae %} -| Go modules | Go | `go.sum` | `go.mod`, `go.sum` | +| Módulos do Go | Go | `go.sum` | `go.mod`, `go.sum` | {%- elsif ghes = 3.2 %} -| Go modules | Go | `go.mod` | `go.mod` | +| Módulos do Go | Go | `go.mod` | `go.mod` | {%- endif %} -| Maven | Java, Scala | `pom.xml` | `pom.xml` | | npm | JavaScript | `package-lock.json` | `package-lock.json`, `package.json`| | Python PIP | Python | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`{% if github-actions-in-dependency-graph %}[2]{% else %}[1]{% endif %} +| Maven | Java, Scala | `pom.xml` | `pom.xml` | | npm | JavaScript | `package-lock.json` | `package-lock.json`, `package.json`| | pip | Python | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`{% if github-actions-in-dependency-graph %}[2]{% else %}[1]{% endif %} {%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-4752 %} | Python Poetry | Python | `poetry.lock` | `poetry.lock`, `pyproject.toml` |{% endif %} | RubyGems | Ruby | `Gemfile.lock` | `Gemfile.lock`, `Gemfile`, `*.gemspec` | | Yarn | JavaScript | `yarn.lock` | `package.json`, `yarn.lock` | @@ -111,5 +111,5 @@ Os formatos recomendados definem explicitamente quais versões são usadas para - "[Gráfico de dependências](https://en.wikipedia.org/wiki/Dependency_graph)" na Wikipedia - "[Explorar as dependências de um repositório](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)"{% ifversion fpt or ghec %} - "[Visualizar informações da sua organização](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)"{% endif %} -- "[Visualizar e atualizar dependências vulneráveis no seu repositório](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Visualizando {% data variables.product.prodname_dependabot_alerts %} para dependências vulneráveis](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" - "[Solução de problemas na detecção de dependências vulneráveis](/github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies)" diff --git a/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md b/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md index dd788c0e89..490aabe6c5 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md +++ b/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md @@ -40,7 +40,7 @@ Os proprietários das empresas podem configurar o gráfico de dependências a n ### Vista de dependências {% ifversion fpt or ghec %} -As dependências são agrupadas por ecossistema. Você pode expandir sua dependência para visualizar suas dependências. Para dependências em repositórios públicos hospedadas no {% data variables.product.product_name %}, você também pode clicar em uma dependência para visualizar o repositório. Dependências de repositórios privados, pacotes privados ou arquivos não reconhecidos são exibidos em texto sem formatação. +As dependências são agrupadas por ecossistema. Você pode expandir sua dependência para visualizar suas dependências. Dependências de repositórios privados, pacotes privados ou arquivos não reconhecidos são exibidos em texto sem formatação. Se o gerenciador de pacotes para a dependência estiver em um repositório público, {% data variables.product.product_name %} irá exibir um link para o repositório. Se foram detectadas vulnerabilidades no repositório, estas são exibidas na parte superior da visualização para usuários com acesso ao {% data variables.product.prodname_dependabot_alerts %}. @@ -83,7 +83,10 @@ Você pode desabilitar o gráfico de dependências a qualquer momento clicando e ## Alterar o pacote "Usado por" -Se o gráfico de dependências estiver habilitado e o seu repositório contiver um pacote publicado em um ecossistema de pacote compatível, {% data variables.product.prodname_dotcom %} exibirá uma seção "Usado por" na barra lateral da aba do **Código** do seu repositório. Para obter mais informações sobre os ecossistemas de pacotes compatíveis, consulte "[Sobre o gráfico de dependências](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)". +Você pode notar que alguns repositórios têm uma seção "Usado por" na barra lateral da aba**Código**. Seu repositório terá uma seção "Usado por", se: + * O gráfico de dependências está habilitado para o repositório (consulte a seção acima para mais detalhes). + * Seu repositório contém um pacote que é publicado em um [ecossistema de pacote compatível](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems). + * Dentro do ecossistema, seu pacote tem um link para um repositório _público_ onde a fonte é armazenada. A seção "Usado por" mostra o número de referências públicas ao pacote que foi encontrado, e exibe os avatares de alguns dos proprietários dos projetos dependentes. @@ -112,7 +115,7 @@ Se um arquivo de manifesto ou de bloqueio não for processado, suas dependência ## Leia mais - "[Sobre o gráfico de dependências](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" -- "[Visualizar e atualizar dependências vulneráveis no seu repositório](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% ifversion fpt or ghec %} -- "[Visualizar informações da organização](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)" +- "[Visualizando {% data variables.product.prodname_dependabot_alerts %} para dependências vulneráveis](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% ifversion fpt or ghec %} +- "[Visualizar informações da sua organização](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)" - "[Entender como o {% data variables.product.prodname_dotcom %} usa e protege seus dados](/get-started/privacy-on-github)" {% endif %} diff --git a/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md b/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md index 2446fd7749..750ffd8773 100644 --- a/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md +++ b/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md @@ -9,10 +9,12 @@ topics: - Dependency graph - Dependencies - Repositories -children: - - /about-the-dependency-graph - - /exploring-the-dependencies-of-a-repository - - /about-dependency-review shortTitle: Entenda sua cadeia de suprimentos +children: + - /about-supply-chain-security + - /about-the-dependency-graph + - /about-dependency-review + - /exploring-the-dependencies-of-a-repository + - /troubleshooting-the-dependency-graph --- diff --git a/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md b/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md new file mode 100644 index 0000000000..a20d9100f4 --- /dev/null +++ b/translations/pt-BR/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md @@ -0,0 +1,62 @@ +--- +title: Solução de problemas para o gráfico de dependências +intro: 'Se as informações de dependências relatadas pelo gráfico de dependências não é o que você esperava, há uma série de pontos a considerar e várias coisas que você pode verificar.' +shortTitle: Solucionar problemas do gráfico de dependências +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +type: how_to +topics: + - Troubleshooting + - Errors + - Dependencies + - Vulnerabilities + - Dependency graph + - CVEs + - Repositories +--- + +{% data reusables.dependabot.result-discrepancy %} + +## O gráfico de dependências só encontra dependências nos manifestos e nos arquivos de bloquei? + +O gráfico de dependências inclui informações sobre dependências explicitamente declaradas em seu ambiente. Ou seja, dependências que são especificadas em um manifesto ou um arquivo de bloqueio. O gráfico de dependências, geralmente, também inclui dependências transitivas, mesmo quando não são especificadas em um arquivo de travamento analisando as dependências das dependências em um arquivo de manifesto. + +O gráfico de dependências não inclui dependências de "soltas". Dependências "soltas" são arquivos individuais copiados de outra fonte e verificados no repositório diretamente ou dentro de um arquivo (como um arquivo ZIP ou JAR), em vez de ser referenciadas pelo manifesto ou arquivo de bloqueio do gerenciador de pacotes. + +**Verificação**: A dependência ausente para um componente que não está especificado no manifesto ou arquivo de bloqueio do repositório? + +## O gráfico de dependências detecta dependências especificadas usando variáveis? + +O gráfico de dependências analisa como são carregados para {% data variables.product.prodname_dotcom %}. O gráfico de dependência não tem acesso ao ambiente de construção do projeto. Portanto, ele não pode resolver variáveis usadas dentro dos manifestos. Se você usar variáveis dentro de um manifesto para especificar o nome, ou mais comumente, a versão de uma dependência, essa dependência não será incluída no gráfico de dependências. + +**Verifique**: A dependência ausente é declarada no manifesto usando uma variável para seu nome ou versão? + +## Existem limites que afetam os dados do gráfico de dependências? + +Sim, o gráfico de dependências tem duas categorias de limites: + +1. **Limites de processamento** + + Eles afetam o gráfico de dependências exibido dentro de {% data variables.product.prodname_dotcom %} e também impedem que sejam criados {% data variables.product.prodname_dependabot_alerts %}. + + Manifestos com tamanho superior a 0.5 MB são processados apenas para contas corporativas. Para outras contas, manifestos acima de 0,5 MB são ignorados e não criarão {% data variables.product.prodname_dependabot_alerts %}. + + Por padrão, o {% data variables.product.prodname_dotcom %} não processará mais de 20 manifestos por repositório. {% data variables.product.prodname_dependabot_alerts %} não foi criado para manifestos acima deste limite. Se você precisar aumentar o limite, entre em contato com {% data variables.contact.contact_support %}. + +2. **Limites de visualização** + + Eles afetam o que é exibido no gráfico de dependências dentro de {% data variables.product.prodname_dotcom %}. No entanto, eles não afetam {% data variables.product.prodname_dependabot_alerts %} que foram criados. + + A exibição de dependências do gráfico de dependências em um repositório só exibe 100 manifestos. De modo geral, isso é adequado, já que é significativamente maior do que o limite de processamento descrito acima. Em situações em que o limite de processamento é superior a 100, os {% data variables.product.prodname_dependabot_alerts %} são criados para quaisquer manifestos que não são mostrados dentro de {% data variables.product.prodname_dotcom %}. + +**Verifique**: A dependência que falta está em um arquivo de manifesto superior a 0,5 MB ou em um repositório com um grande número de manifestos? + +## Leia mais + +- "[Sobre o gráfico de dependências](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)" +- "[Gerenciar as configurações de segurança e análise para o seu repositório](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" +- "[Solução de problemas na detecção de dependências vulneráveis](/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[Solucionar problemas de {% data variables.product.prodname_dependabot %}](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"{% endif %} diff --git a/translations/pt-BR/content/codespaces/managing-codespaces-for-your-organization/enabling-codespaces-for-your-organization.md b/translations/pt-BR/content/codespaces/managing-codespaces-for-your-organization/enabling-codespaces-for-your-organization.md index c6304dc1dc..e7558c57a9 100644 --- a/translations/pt-BR/content/codespaces/managing-codespaces-for-your-organization/enabling-codespaces-for-your-organization.md +++ b/translations/pt-BR/content/codespaces/managing-codespaces-for-your-organization/enabling-codespaces-for-your-organization.md @@ -26,7 +26,7 @@ Para usar codespaces na sua organização, você deve fazer o seguinte: - Certifique-se de que os usuários tenham [pelo menos acesso de gravação](/organizations/managing-access-to-your-organizations-repositories/repository-permission-levels-for-an-organization) nos repositórios onde desejam usar um codespace. - [Habilitar {% data variables.product.prodname_codespaces %} para os usuários da sua organização](#enable-codespaces-for-users-in-your-organization). Você pode escolher permitir {% data variables.product.prodname_codespaces %} para usuários selecionados ou apenas para usuários específicos. - [Definir um limite de gastos](/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-codespaces) -- Certifique-se de que a sua organização não tem um endereço IP permitir a lista habilitada. For more information, see "[Managing allowed IP addresses for your organization](/{% ifversion fpt %}enterprise-cloud@latest/{% endif %}organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %} +- Certifique-se de que a sua organização não tem um endereço IP permitir a lista habilitada. Para obter mais informações, consulte "[Gerenciar endereços IP permitidos para sua organização](/{% ifversion fpt %}enterprise-cloud@latest/{% endif %}organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list){% ifversion fpt %}" na documentação de {% data variables.product.prodname_ghe_cloud %}.{% else %}"{% endif %} Por padrão, um codespace só pode acessar o repositório no qual ele foi criado. Se você quiser que os codespaces na sua organização possam acessar outros repositórios da organização que o criador do codespace possa acessar, consulte "[Gerenciar acesso e segurança para {% data variables.product.prodname_codespaces %}](/codespaces/managing-codespaces-for-your-organization/managing-access-and-security-for-your-organizations-codespaces)". diff --git a/translations/pt-BR/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md b/translations/pt-BR/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md index bca802dfb3..1c7a015cf4 100644 --- a/translations/pt-BR/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md +++ b/translations/pt-BR/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md @@ -59,39 +59,39 @@ Lista completa de parâmetros de consulta, permissões e eventos disponíveis en Você pode selecionar permissões em uma string de consultas usando o nome da permissão na tabela a seguir como o nome do parâmetro de consulta e o tipo de permissão como valor da consulta. Por exemplo, para selecionar permissões de `Leitura & gravação` na interface de usuário para `conteúdo`, sua string de consulta incluiria `&contents=write`. Para selecionar as permissões `Somente leitura` na interface de usuário para `bloquear`, sua string de consulta incluiria `&blocking=read`. Para selecionar `sem acesso` na interface do usuário para `verificações`, sua string de consulta não incluiria a permissão `verificações`. -| Permissão | Descrição | -| -------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Permissão | Descrição | +| -------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [`administração`](/rest/reference/permissions-required-for-github-apps/#permission-on-administration) | Concede acesso a vários pontos finais para administração de organização e repositório. Pode ser: `nenhum`, `leitura` ou `gravação`.{% ifversion fpt or ghec %} | [`bloqueio`](/rest/reference/permissions-required-for-github-apps/#permission-on-blocking) | Concede acesso à [API de usuários de bloqueio](/rest/reference/users#blocking). Pode ser: `nenhum`, `leitura` ou `gravação`.{% endif %} | [`Verificações`](/rest/reference/permissions-required-for-github-apps/#permission-on-checks) | Concede acesso à [API de verificação](/rest/reference/checks). Pode ser: `nenhum`, `leitura` ou `gravação`.{% ifversion ghes < 3.4 %} | `content_references` | Concede acesso ao ponto final "[Criar um anexo de conteúdo](/rest/reference/apps#create-a-content-attachment). Pode ser: `nenhum`, `leitura` ou `gravação`.{% endif %} -| [`Conteúdo`](/rest/reference/permissions-required-for-github-apps/#permission-on-contents) | Concede acesso a vários pontos finais que permitem modificar o conteúdo do repositório. Pode ser: `nenhum`, `leitura` ou `gravação`. | +| [`Conteúdo`](/rest/reference/permissions-required-for-github-apps/#permission-on-contents) | Concede acesso a vários pontos finais que permitem modificar o conteúdo do repositório. Pode ser: `nenhum`, `leitura` ou `gravação`. | | [`Implantações`](/rest/reference/permissions-required-for-github-apps/#permission-on-deployments) | Concede acesso à [API de implementação](/rest/reference/repos#deployments). Pode ser: `nenhum`, `leitura` ou `gravação`.{% ifversion fpt or ghes or ghec %} | [`emails`](/rest/reference/permissions-required-for-github-apps/#permission-on-emails) | Concede acesso à [API de e-mails](/rest/reference/users#emails). Pode ser: `nenhum`, `leitura` ou `gravação`.{% endif %} -| [`seguidores`](/rest/reference/permissions-required-for-github-apps/#permission-on-followers) | Concede acesso à [API de seguidores](/rest/reference/users#followers). Pode ser: `nenhum`, `leitura` ou `gravação`. | -| [`gpg_keys`](/rest/reference/permissions-required-for-github-apps/#permission-on-gpg-keys) | Concede acesso à [API de chaves de GPG](/rest/reference/users#gpg-keys). Pode ser: `nenhum`, `leitura` ou `gravação`. | -| [`Problemas`](/rest/reference/permissions-required-for-github-apps/#permission-on-issues) | Concede acesso à [API de problemas](/rest/reference/issues). Pode ser: `nenhum`, `leitura` ou `gravação`. | -| [`chaves`](/rest/reference/permissions-required-for-github-apps/#permission-on-keys) | Concede acesso à [API de chaves públicas](/rest/reference/users#keys). Pode ser: `nenhum`, `leitura` ou `gravação`. | +| [`seguidores`](/rest/reference/permissions-required-for-github-apps/#permission-on-followers) | Concede acesso à [API de seguidores](/rest/reference/users#followers). Pode ser: `nenhum`, `leitura` ou `gravação`. | +| [`gpg_keys`](/rest/reference/permissions-required-for-github-apps/#permission-on-gpg-keys) | Concede acesso à [API de chaves de GPG](/rest/reference/users#gpg-keys). Pode ser: `nenhum`, `leitura` ou `gravação`. | +| [`Problemas`](/rest/reference/permissions-required-for-github-apps/#permission-on-issues) | Concede acesso à [API de problemas](/rest/reference/issues). Pode ser: `nenhum`, `leitura` ou `gravação`. | +| [`chaves`](/rest/reference/permissions-required-for-github-apps/#permission-on-keys) | Concede acesso à [API de chaves públicas](/rest/reference/users#keys). Pode ser: `nenhum`, `leitura` ou `gravação`. | | [`members`](/rest/reference/permissions-required-for-github-apps/#permission-on-members) | Concede acesso para gerenciar os membros de uma organização. Pode ser: `nenhum`, `leitura` ou `gravação`.{% ifversion fpt or ghec %} -| [`metadados`](/rest/reference/permissions-required-for-github-apps/#metadata-permissions) | Concede acesso a pontos finais somente leitura que não vazam dados confidenciais. Pode ser `leitura ` ou `nenhum`. O padrão é `leitura`, ao definir qualquer permissão, ou `nenhum` quando você não especificar nenhuma permissão para o {% data variables.product.prodname_github_app %}. | +| [`metadados`](/rest/reference/permissions-required-for-github-apps/#metadata-permissions) | Concede acesso a pontos finais somente leitura que não vazam dados confidenciais. Pode ser `leitura ` ou `nenhum`. O padrão é `leitura`, ao definir qualquer permissão, ou `nenhum` quando você não especificar nenhuma permissão para o {% data variables.product.prodname_github_app %}. | | [`organization_administration`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-administration) | Concede acesso ao ponto final "[Atualizar uma organização](/rest/reference/orgs#update-an-organization)" ponto final e Pa [API de restrições de interação da organização](/rest/reference/interactions#set-interaction-restrictions-for-an-organization). Pode ser: `nenhum`, `leitura` ou `gravação`.{% endif %} -| [`organization_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-hooks) | Concede acesso à [API de webhooks da organização](/rest/reference/orgs#webhooks/). Pode ser: `nenhum`, `leitura` ou `gravação`. | -| `organization_plan` | Concede acesso para obter informações sobre o plano de uma organização usando o ponto final "[Obter uma organização](/rest/reference/orgs#get-an-organization)". Pode ser: `nenhum` ou `leitura`. | +| [`organization_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-hooks) | Concede acesso à [API de webhooks da organização](/rest/reference/orgs#webhooks/). Pode ser: `nenhum`, `leitura` ou `gravação`. | +| `organization_plan` | Concede acesso para obter informações sobre o plano de uma organização usando o ponto final "[Obter uma organização](/rest/reference/orgs#get-an-organization)". Pode ser: `nenhum` ou `leitura`. | | [`organization_projects`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-projects) | Concede acesso à [API de Projetos](/rest/reference/projects). Pode ser: `nenhum`, `leitura`, `gravação` ou `administrador`.{% ifversion fpt or ghec %} | [`organization_user_blocking`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-projects) | Concede acesso à [API de usuários de bloqueio da organização](/rest/reference/orgs#blocking). Pode ser: `nenhum`, `leitura` ou `gravação`.{% endif %} -| [`Páginas`](/rest/reference/permissions-required-for-github-apps/#permission-on-pages) | Concede acesso à [API de páginas](/rest/reference/repos#pages). Pode ser: `nenhum`, `leitura` ou `gravação`. | -| `plano` | Concede acesso para obter informações sobre o plano de um usuário do GitHub que usa o ponto final "[Obter um usuário](/rest/reference/users#get-a-user)". Pode ser: `nenhum` ou `leitura`. | -| [`pull_requests`](/rest/reference/permissions-required-for-github-apps/#permission-on-pull-requests) | Concede acesso a vários pontos finais do pull request. Pode ser: `nenhum`, `leitura` ou `gravação`. | -| [`repository_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-hooks) | Concede acesso à [API de webhooks do repositório](/rest/reference/repos#hooks). Pode ser: `nenhum`, `leitura` ou `gravação`. | +| [`Páginas`](/rest/reference/permissions-required-for-github-apps/#permission-on-pages) | Concede acesso à [API de páginas](/rest/reference/repos#pages). Pode ser: `nenhum`, `leitura` ou `gravação`. | +| `plano` | Concede acesso para obter informações sobre o plano de um usuário do GitHub que usa o ponto final "[Obter um usuário](/rest/reference/users#get-a-user)". Pode ser: `nenhum` ou `leitura`. | +| [`pull_requests`](/rest/reference/permissions-required-for-github-apps/#permission-on-pull-requests) | Concede acesso a vários pontos finais do pull request. Pode ser: `nenhum`, `leitura` ou `gravação`. | +| [`repository_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-hooks) | Concede acesso à [API de webhooks do repositório](/rest/reference/repos#hooks). Pode ser: `nenhum`, `leitura` ou `gravação`. | | [`repository_projects`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-projects) | Concede acesso à [API de Projetos](/rest/reference/projects). Pode ser: `nenhum`, `leitura`, `gravação` ou `administrador`.{% ifversion fpt or ghes or ghec %} | [`secret_scanning_alerts`](/rest/reference/permissions-required-for-github-apps/#permission-on-secret-scanning-alerts) | Concede acesso à [API de varredura de segredo](/rest/reference/secret-scanning). Pode ser: `none`, `read` ou `write`.{% endif %}{% ifversion fpt or ghes or ghec %} | [`security_events`](/rest/reference/permissions-required-for-github-apps/#permission-on-security-events) | Concede acesso à [API de varredura de código](/rest/reference/code-scanning/). Pode ser: `nenhum`, `leitura` ou `gravação`.{% endif %} -| [`single_file`](/rest/reference/permissions-required-for-github-apps/#permission-on-single-file) | Concede acesso à [API de conteúdo](/rest/reference/repos#contents). Pode ser: `nenhum`, `leitura` ou `gravação`. | -| [`estrela`](/rest/reference/permissions-required-for-github-apps/#permission-on-starring) | Concede acesso à [API estrelada](/rest/reference/activity#starring). Pode ser: `nenhum`, `leitura` ou `gravação`. | -| [`Status`](/rest/reference/permissions-required-for-github-apps/#permission-on-statuses) | Concede acesso à [API de status](/rest/reference/commits#commit-statuses). Pode ser: `nenhum`, `leitura` ou `gravação`. | +| [`single_file`](/rest/reference/permissions-required-for-github-apps/#permission-on-single-file) | Concede acesso à [API de conteúdo](/rest/reference/repos#contents). Pode ser: `nenhum`, `leitura` ou `gravação`. | +| [`estrela`](/rest/reference/permissions-required-for-github-apps/#permission-on-starring) | Concede acesso à [API estrelada](/rest/reference/activity#starring). Pode ser: `nenhum`, `leitura` ou `gravação`. | +| [`Status`](/rest/reference/permissions-required-for-github-apps/#permission-on-statuses) | Concede acesso à [API de status](/rest/reference/commits#commit-statuses). Pode ser: `nenhum`, `leitura` ou `gravação`. | | [`team_discussions`](/rest/reference/permissions-required-for-github-apps/#permission-on-team-discussions) | Concede acesso à [API de discussões de equipe](/rest/reference/teams#discussions) e à [API de comentários de discussão de equipe](/rest/reference/teams#discussion-comments). Pode ser: `nenhum`, `leitura` ou `gravação`.{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} -| `vulnerability_alerts` | Concede acesso a alertas de segurança para dependências vulneráveis em um repositório. Consulte "[Sobre alertas para dependências vulneráveis](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)" para saber mais. Pode ser: `none` ou `read`.{% endif %} -| `inspecionando` | Concede acesso à lista e alterações de repositórios que um usuário assinou. Pode ser: `nenhum`, `leitura` ou `gravação`. | +| `vulnerability_alerts` | Concede acesso para receber {% data variables.product.prodname_dependabot_alerts %} para dependências vulneráveis em um repositório. Consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)" para saber mais. Pode ser: `none` ou `read`.{% endif %} +| `inspecionando` | Concede acesso à lista e alterações de repositórios que um usuário assinou. Pode ser: `nenhum`, `leitura` ou `gravação`. | ## Eventos webhook do {% data variables.product.prodname_github_app %} diff --git a/translations/pt-BR/content/developers/apps/building-github-apps/creating-a-github-app.md b/translations/pt-BR/content/developers/apps/building-github-apps/creating-a-github-app.md index af9a98dd52..ad9e22082c 100644 --- a/translations/pt-BR/content/developers/apps/building-github-apps/creating-a-github-app.md +++ b/translations/pt-BR/content/developers/apps/building-github-apps/creating-a-github-app.md @@ -46,7 +46,8 @@ topics: {% endif %} 1. Por padrão, para melhorar a segurança de seus aplicativos, seus aplicativos usarão os tokens de autorização do usuário. Para optar por não usar tokens do usuário expirados, você deverá desmarcar "Expirar tokens de autorização do usuário". Para saber mais sobre como configurar o fluxo de atualização do token e os benefícios de expirar os tokens do usuário, consulte "[Atualizando tokens de acesso do usuário para o servidor](/apps/building-github-apps/refreshing-user-to-server-access-tokens/)." ![Opção para expirar os tokens dos usuários durante a configuração dos aplicativos GitHub](/assets/images/github-apps/expire-user-tokens-selection.png) -1. Se seu aplicativo autoriza usuários a usar o fluxo OAuth, você pode selecionar **Solicitar autorização de usuário (OAuth) durante a instalação** para permitir que pessoas autorizem o aplicativo ao instalá-lo, economizando uma etapa. Se você selecionar esta opção, a "URL de configuração" irá tornar-se indisponível e os usuários serão redirecionados para a "URL de retorno de chamada de autorização do usuário" após a instalação do aplicativo. Consulte "[Autorizando usuários durante a instalação](/apps/installing-github-apps/#authorizing-users-during-installation)" para obter mais informações. ![Solicitar autorização de usuário durante a instalação](/assets/images/github-apps/github_apps_request_auth_upon_install.png) +1. Se seu aplicativo autoriza usuários a usar o fluxo OAuth, você pode selecionar **Solicitar autorização de usuário (OAuth) durante a instalação** para permitir que pessoas autorizem o aplicativo ao instalá-lo, economizando uma etapa. Se você selecionar esta opção, a "URL de configuração" irá tornar-se indisponível e os usuários serão redirecionados para a "URL de retorno de chamada de autorização do usuário" após a instalação do aplicativo. Consulte "[Autorizando usuários durante a instalação](/apps/installing-github-apps/#authorizing-users-during-installation)" para obter mais informações. ![Request user authorization during installation](/assets/images/github-apps/github_apps_request_auth_upon_install.png){% if device-flow-is-opt-in %} +1. Se o seu aplicativo GitHub usar o fluxo do dispositivo para identificar e autorizar usuários, clique em **Habilitar fluxo de dispositivo**. Para obter mais informações sobre o fluxo do dispositivo, consulte "[Autorizando aplicativos OAuth](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)". ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} 1. Se for necessária uma configuração adicional após a instalação, adicione um "Configurar URL" para redirecionar os usuários após a instalação do seu aplicativo. ![Campo para a URL de configuração do seu aplicativo GitHub ](/assets/images/github-apps/github_apps_setup_url.png) {% note %} diff --git a/translations/pt-BR/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md b/translations/pt-BR/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md index 553cf3be66..7decc5fba7 100644 --- a/translations/pt-BR/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md +++ b/translations/pt-BR/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md @@ -127,7 +127,7 @@ curl -H "Authorization: token OAUTH-TOKEN" {% data variables.product.api_url_pre O fluxo de dispositivos permite que você autorize usuários para um aplicativo sem cabeçalho, como uma ferramenta de CLI ou um gerenciador de credenciais do Git. -Para obter mais informações sobre autorização de usuários que usam o fluxo do dispositivo, consulte "[Autorizar aplicativos OAuth](/developers/apps/authorizing-oauth-apps#device-flow)". +{% if device-flow-is-opt-in %}Antes de poder usar usar o fluxo do dispositivo para identificar e autorizar usuários, primeiro você deve habilitá-lo nas configurações do aplicativo. Para obter mais informações sobre como habilitar o fluxo do dispositivo, consulte "[Modificando um aplicativo GitHub](/developers/apps/managing-github-apps/modifying-a-github-app)". {% endif %}Para obter mais informações sobre autorização de usuários que usam o fluxo do dispositivo, consulte "[Autorizar aplicativos OAuth](/developers/apps/authorizing-oauth-apps#device-flow)." ## Verifique quais recursos de instalação um usuário pode acessar diff --git a/translations/pt-BR/content/developers/apps/building-github-apps/managing-allowed-ip-addresses-for-a-github-app.md b/translations/pt-BR/content/developers/apps/building-github-apps/managing-allowed-ip-addresses-for-a-github-app.md index b689f7702c..ed2425e1fa 100644 --- a/translations/pt-BR/content/developers/apps/building-github-apps/managing-allowed-ip-addresses-for-a-github-app.md +++ b/translations/pt-BR/content/developers/apps/building-github-apps/managing-allowed-ip-addresses-for-a-github-app.md @@ -17,7 +17,7 @@ Os proprietários da empresa e da organização podem restringir o acesso aos at Quando uma organização tem uma lista de autorizações, aplicativos de terceiros que se conectam por meio de {% data variables.product.prodname_github_app %}, terá acesso negado, a menos que ambos os pontos a seguir sejam verdadeiros: * O criador do {% data variables.product.prodname_github_app %} configurou uma lista de permissões para o aplicativo que especifica os endereços IP em que o aplicativo é executado. Veja abaixo detalhes de como fazer isso. -* O proprietário da organização escolheu permitir que os endereços na lista de permitidos do {% data variables.product.prodname_github_app %} sejam adicionados à sua própria lista de permissões. For more information, see "[Managing allowed IP addresses for your organization](/{% ifversion fpt %}enterprise-cloud@latest/{% endif %}organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %} +* O proprietário da organização escolheu permitir que os endereços na lista de permitidos do {% data variables.product.prodname_github_app %} sejam adicionados à sua própria lista de permissões. Para obter mais informações, consulte "[Gerenciar endereços IP permitidos para sua organização](/{% ifversion fpt %}enterprise-cloud@latest/{% endif %}organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list){% ifversion fpt %}" na documentação de {% data variables.product.prodname_ghe_cloud %}.{% else %}"{% endif %} {% data reusables.apps.ip-allow-list-only-apps %} diff --git a/translations/pt-BR/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md b/translations/pt-BR/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md index 32a19a34fe..536a60b8f8 100644 --- a/translations/pt-BR/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md +++ b/translations/pt-BR/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md @@ -126,6 +126,12 @@ curl -H "Authorization: token OAUTH-TOKEN" {% data variables.product.api_url_pre O fluxo de dispositivos permite que você autorize usuários para um aplicativo sem cabeçalho, como uma ferramenta de CLI ou um gerenciador de credenciais do Git. +{% if device-flow-is-opt-in %} + +Antes de usar o fluxo do dispositivo para autorizar e identificar usuários, primeiro habilite-o nas configurações do aplicativo. Para obter mais informações sobre como habilitar o fluxo do dispositivo no seu aplicativo, consulte "[Modificando um aplicativo OAuth](/developers/apps/managing-oauth-apps/modifying-an-oauth-app)" para aplicativos OAuth e "[Modificando um aplicativo GitHub](/developers/apps/managing-github-apps/modifying-a-github-app)" para aplicativos GitHub. + +{% endif %} + ### Visão geral do fluxo do dispositivo 1. O seu aplicativo solicita o dispositivo e o código de verificação do usuário e obtém a URL de autorização em que o usuário digitará o código de verificação do usuário. @@ -255,10 +261,12 @@ Se você fizer mais de uma solicitação de token de acesso (`POST {% data varia | `unsupported_grant_type` | O tipo de concessão deve ser `urn:ietf:params:oauth:grant-type:device_code` e incluído como um parâmetro de entrada quando você faz a sondagem da solicitação do token do OAuth `POST {% data variables.product.oauth_host_code %}/login/oauth/oaccess_token`. | | `incorrect_client_credentials` | Para o fluxo do dispositivo, você deve passar o ID de cliente do aplicativo, que pode ser encontrado na página de configurações do aplicativo. O `client_secret` não é necessário para o fluxo do dispositivo. | | `incorrect_device_code` | O device_code fornecido não é válido. | -| `access_denied` | Quando um usuário clica em cancelar durante o processo de autorização, você receberá uma mensagem de erro de `access_denied` e o usuário não poderá usar o código de verificação novamente. | +| `access_denied` | Quando um usuário clica em cancelar durante o processo de autorização, você receberá um erro de `access_denied` e o usuário não poderá usar o código de verificação novamente.{% if device-flow-is-opt-in %} +| `device_flow_disabled` | O fluxo do dispositivo não foi habilitado nas configurações do aplicativo. Para obter mais informações, consulte "[fluxo do dispositivo](#device-flow)".{% endif %} Para obter mais informações, consulte "[Concessão de Autorização do Dispositivo OAuth 2.0](https://tools.ietf.org/html/rfc8628#section-3.5)". + ## Fluxo do aplicativo que não são da web A autenticação que não é da web está disponível para situações limitadas como testes. Se necessário, você pode usar a [autenticação básica](/rest/overview/other-authentication-methods#basic-authentication) para criar um token de acesso usando a sua [página pessoal de configurações de tokens de acesso](/articles/creating-an-access-token-for-command-line-use). Essa técnica permite ao usuário revogar o acesso a qualquer momento. diff --git a/translations/pt-BR/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md b/translations/pt-BR/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md index c9795bd0b3..7c33e21ab7 100644 --- a/translations/pt-BR/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md +++ b/translations/pt-BR/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md @@ -49,5 +49,6 @@ topics: **Observação:** Os aplicativos OAuth não podem ter várias URLs de retorno de chamada, diferente de {% data variables.product.prodname_github_apps %}. {% endnote %} -{% endif %} -10. Clique em **Register application** (Registrar aplicativo). ![Botão para registrar um aplicativo](/assets/images/oauth-apps/oauth_apps_register_application.png) +{% endif %}{% if device-flow-is-opt-in %} +1. Se o seu aplicativo OAuth usar o fluxo do dispositivo para identificar e autorizar usuários, clique em **Habilitar fluxo do dispositivo**. Para obter mais informações sobre o fluxo do dispositivo, consulte "[Autorizando aplicativos OAuth](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)". ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} +2. Clique em **Register application** (Registrar aplicativo). ![Botão para registrar um aplicativo](/assets/images/oauth-apps/oauth_apps_register_application.png) diff --git a/translations/pt-BR/content/developers/apps/managing-github-apps/modifying-a-github-app.md b/translations/pt-BR/content/developers/apps/managing-github-apps/modifying-a-github-app.md index 78b89f7d37..278d92386c 100644 --- a/translations/pt-BR/content/developers/apps/managing-github-apps/modifying-a-github-app.md +++ b/translations/pt-BR/content/developers/apps/managing-github-apps/modifying-a-github-app.md @@ -18,5 +18,6 @@ topics: {% data reusables.user-settings.developer_settings %} {% data reusables.user-settings.github_apps %} {% data reusables.user-settings.modify_github_app %} -5. Em "Informações básicas", modifique as informações do aplicativo GitHub que você gostaria de alterar. ![Seção de informações básicas para o seu aplicativo GitHub](/assets/images/github-apps/github_apps_basic_information.png) +5. Em "Informações básicas", modifique as informações do aplicativo GitHub que você gostaria de alterar. ![Basic information section for your GitHub App](/assets/images/github-apps/github_apps_basic_information.png){% if device-flow-is-opt-in %} +1. Se o seu aplicativo GitHub usar o fluxo do dispositivo para identificar e autorizar usuários, clique em **Habilitar fluxo do dispositivo**. Para obter mais informações sobre o fluxo do dispositivo, consulte "[Autorizando aplicativos OAuth](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)". ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} 6. Clique em **Save changes** (Salvar alterações). ![Botão para salvar alterações para o seu aplicativo GitHub](/assets/images/github-apps/github_apps_save_changes.png) diff --git a/translations/pt-BR/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md b/translations/pt-BR/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md index c18c63e27b..6b85ed274f 100644 --- a/translations/pt-BR/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md +++ b/translations/pt-BR/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md @@ -50,7 +50,7 @@ Ao terminar de criar seu aplicativo, você poderá compartilhá-lo com outros us 1. Adicionar um plano de preços. Para obter mais informações, consulte "[Configurar planos de preços para sua listagem](/developers/github-marketplace/setting-pricing-plans-for-your-listing)". -1. Leia e aceite os termos do "\[Contrato de desenvolvedor de {% data variables.product.prodname_marketplace %}\](/free-pro-team@latest/github/site-policy/github-marketplace-developer-agreement." +1. Leia e aceite os termos do "[Contrato do Desenvolvedor de {% data variables.product.prodname_marketplace %}](/free-pro-team@latest/github/site-policy/github-marketplace-developer-agreement)". 1. Envie seu anúncio para publicação em {% data variables.product.prodname_marketplace %}. Para obter mais informações, consulte "[Enviar sua listagem para publicação](/developers/github-marketplace/submitting-your-listing-for-publication)". diff --git a/translations/pt-BR/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md b/translations/pt-BR/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md index f07e143008..e13f6fc941 100644 --- a/translations/pt-BR/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md +++ b/translations/pt-BR/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md @@ -46,17 +46,17 @@ O objeto `marketplace_purchase` tem as seguintes chaves: O objeto `plano` tem as chaves a seguir: -| Tecla | Tipo | Descrição | -| ------------------------ | ------------------ | ------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | `inteiro` | O identificador exclusivo para este plano. | -| `name` | `string` | O nome do plano. | -| `descrição` | `string` | Descrição deste plano. | -| `monthly_price_in_cents` | `inteiro` | O preço mensal deste plano em centavos (moeda americana). Por exemplo, uma listagem que custa 10 dólares por mês será 1000 centavos. | -| `yearly_price_in_cents` | `inteiro` | O preço anual deste plano em centavos (moeda americana). Por exemplo, uma listagem que custa 100 dólares por mês será 10000 centavos. | -| `price_model` | `string` | O modelo de preço para esta listagem. Pode ser uma das `tarifas fixas`, `por unidade`, ou `grátis`. | -| `has_free_trial` | `boolean` | `verdadeiro` quando esta listagem oferece um teste grátis. | -| `unit_name` | `string` | O nome da unidade. Se o modelo de preços não é `por unidade`, será `nulo`. | -| `marcador` | `array de strigns` | Os nomes dos marcadores estabelecidos no plano de preços. | +| Tecla | Tipo | Descrição | +| ------------------------ | ------------------ | -------------------------------------------------------------------------------------------------------------------------------------- | +| `id` | `inteiro` | O identificador exclusivo para este plano. | +| `name` | `string` | O nome do plano. | +| `descrição` | `string` | Descrição deste plano. | +| `monthly_price_in_cents` | `inteiro` | O preço mensal deste plano em centavos (moeda americana). Por exemplo, uma listagem que custa 10 dólares por mês será 1000 centavos. | +| `yearly_price_in_cents` | `inteiro` | O preço anual deste plano em centavos (moeda americana). Por exemplo, uma listagem que custa 100 dólares por mês será 120000 centavos. | +| `price_model` | `string` | O modelo de preço para esta listagem. Pode ser uma das `tarifas fixas`, `por unidade`, ou `grátis`. | +| `has_free_trial` | `boolean` | `verdadeiro` quando esta listagem oferece um teste grátis. | +| `unit_name` | `string` | O nome da unidade. Se o modelo de preços não é `por unidade`, será `nulo`. | +| `marcador` | `array de strigns` | Os nomes dos marcadores estabelecidos no plano de preços. |
diff --git a/translations/pt-BR/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md b/translations/pt-BR/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md index ed641e68df..202063cae2 100644 --- a/translations/pt-BR/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md +++ b/translations/pt-BR/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md @@ -1246,7 +1246,7 @@ Este evento ocorre quando um {% data variables.product.prodname_github_app %} en Atividade relacionada a uma consultoria de segurança que foi revisada por {% data variables.product.company_short %}. Uma consultoria de segurança revisada por {% data variables.product.company_short %} fornece informações sobre vulnerabilidades relacionadas à segurança no software em {% data variables.product.prodname_dotcom %}. -O conjunto de dados consultivos de segurança também alimentam o GitHub {% data variables.product.prodname_dependabot_alerts %}. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)" +O conjunto de dados consultivos de segurança também alimentam o GitHub {% data variables.product.prodname_dependabot_alerts %}. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)". ### Disponibilidade diff --git a/translations/pt-BR/content/get-started/importing-your-projects-to-github/importing-source-code-to-github/adding-locally-hosted-code-to-github.md b/translations/pt-BR/content/get-started/importing-your-projects-to-github/importing-source-code-to-github/adding-locally-hosted-code-to-github.md index 1160c4c258..4d04cdaa7c 100644 --- a/translations/pt-BR/content/get-started/importing-your-projects-to-github/importing-source-code-to-github/adding-locally-hosted-code-to-github.md +++ b/translations/pt-BR/content/get-started/importing-your-projects-to-github/importing-source-code-to-github/adding-locally-hosted-code-to-github.md @@ -1,6 +1,6 @@ --- -title: Adding locally hosted code to GitHub -intro: 'Learn how to add existing source code or repositories to {% data variables.product.product_name %} from the command line using {% data variables.product.prodname_cli %} or Git Commands. Then, share your code and invite others to work with you.' +title: Adicionando o código localmente hospedado no GitHub +intro: 'Aprenda a adicionar código-fonte ou repositórios existentes em {% data variables.product.product_name %} pela linha de comando usando {% data variables.product.prodname_cli %} ou Comandos do Git. Em seguida, compartilhe seu código e convide outras pessoas a trabalhar com você.' redirect_from: - /articles/add-an-existing-project-to-github - /articles/adding-an-existing-project-to-github-using-the-command-line @@ -12,12 +12,12 @@ versions: ghes: '*' ghae: '*' ghec: '*' -shortTitle: Add locally hosted code +shortTitle: Adicionar código hospedado localmente --- -## About adding existing source code to {% data variables.product.product_name %} +## Sobre a adição do código-fonte existente para {% data variables.product.product_name %} -If you have existing source code or repositories stored locally on your computer or private network you can add them to {% data variables.product.product_name %} by typing commands in a terminal. You can do this by typing Git commands directly, or by using {% data variables.product.prodname_cli %}. +Se você tiver código-fonte ou repositórios armazenados localmente no computador ou em uma rede privada, você poderá adicioná-los a {% data variables.product.product_name %}, digitando comandos em um terminal. Você pode fazer isso digitando comandos do Git diretamente ou usando {% data variables.product.prodname_cli %}. {% data variables.product.prodname_cli %} é uma ferramenta de código aberto para usar {% data variables.product.prodname_dotcom %} a partir da linha de comando do seu computador. {% data variables.product.prodname_cli %} pode simplificar o processo de adicionar um projeto existente a {% data variables.product.product_name %} usando a linha de comando. Para saber mais sobre {% data variables.product.prodname_cli %}, consulte "[Sobre {% data variables.product.prodname_cli %}](/github-cli/github-cli/about-github-cli)." @@ -29,7 +29,7 @@ If you have existing source code or repositories stored locally on your computer {% data reusables.repositories.sensitive-info-warning %} -## Adding a local repository to {% data variables.product.product_name %} with {% data variables.product.prodname_cli %} +## Adicionando um repositório local para {% data variables.product.product_name %} com {% data variables.product.prodname_cli %} 1. Na linha de comando, acesse o diretório raiz do seu projeto. 1. Inicialize o diretório local como um repositório Git. @@ -50,7 +50,7 @@ If you have existing source code or repositories stored locally on your computer 1. Como alternativa, para pular todas as instruções, fornecer o caminho do repositório com o sinalizador `--source` e passar um sinalizador de visibilidade (`--public`, `--privado` ou `--interno`). Por exemplo, `gh repo create --source=. --public`. Especifique um controle remoto com o o sinalizador `--remote`. Para fazer push dos seus commits, passe o sinalizador `--push`. Para obter mais informações sobre possíveis argumentos, consulte o [manual da CLI do GitHub](https://cli.github.com/manual/gh_repo_create). -## Adding a local repository to {% data variables.product.product_name %} using Git +## Adicionando um repositório local para {% data variables.product.product_name %} usando o Git {% mac %} diff --git a/translations/pt-BR/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md b/translations/pt-BR/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md index 93c37f4c99..3c2a75885c 100644 --- a/translations/pt-BR/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md +++ b/translations/pt-BR/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md @@ -28,7 +28,7 @@ Anunciaremos novos recursos importantes que usam metadados ou dados agregados no ## Como os dados melhoram as recomendações de segurança -Para dar um exemplo de como os dados podem ser usados, podemos detectar e alertar você para uma vulnerabilidade de segurança nas dependências do seu repositório público. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" +Para dar um exemplo de como os dados podem ser usados, podemos detectar e alertar você para uma vulnerabilidade de segurança nas dependências do seu repositório público. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". Para detectar possíveis vulnerabilidades de segurança, o {% data variables.product.product_name %} verifica o conteúdo do arquivo de manifesto de dependência para extrair uma lista de dependências do seu projeto. diff --git a/translations/pt-BR/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md b/translations/pt-BR/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md index 2abf438204..16c7423f9b 100644 --- a/translations/pt-BR/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md +++ b/translations/pt-BR/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md @@ -16,7 +16,7 @@ shortTitle: Gerenciar o uso de dados para repositório privado ## Sobre o uso de dados para seu repositório privado -Ao habilitar o uso de dados para seu repositório privado, poderá acessar o gráfico de dependências, em que você pode acompanhar as dependências do repositório e receber {% data variables.product.prodname_dependabot_alerts %} quando o {% data variables.product.product_name %} detectar dependências vulneráveis. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)" +Ao habilitar o uso de dados para seu repositório privado, poderá acessar o gráfico de dependências, em que você pode acompanhar as dependências do repositório e receber {% data variables.product.prodname_dependabot_alerts %} quando o {% data variables.product.product_name %} detectar dependências vulneráveis. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)". ## Habilitar ou desabilitar os recursos de uso de dados @@ -31,5 +31,5 @@ Ao habilitar o uso de dados para seu repositório privado, poderá acessar o gr ## Leia mais - "[Sobre o uso de seus dados pelo {% data variables.product.prodname_dotcom %}](/articles/about-github-s-use-of-your-data)" -- "[Visualizar e atualizar dependências vulneráveis no seu repositório](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Visualizando {% data variables.product.prodname_dependabot_alerts %} para dependências vulneráveis](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" - "[Gerenciar as configurações de segurança e análise para o seu repositório](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" diff --git a/translations/pt-BR/content/get-started/quickstart/fork-a-repo.md b/translations/pt-BR/content/get-started/quickstart/fork-a-repo.md index 2118f2f7ac..93ff618687 100644 --- a/translations/pt-BR/content/get-started/quickstart/fork-a-repo.md +++ b/translations/pt-BR/content/get-started/quickstart/fork-a-repo.md @@ -22,7 +22,7 @@ topics: ## Sobre bifurcações -O uso mais comum das bifurcações são propostas de mudanças no projeto de alguma outra pessoa ou o uso do projeto de outra pessoa como ponto de partida para sua própria ideia. Você pode bifurcar um repositório para criar uma cópia do repositório e fazer alterações sem afetar o repositório upstream. Para obter mais informações, consulte "[Trabalhando com as bifurcações](/github/collaborating-with-issues-and-pull-requests/working-with-forks)". +Most commonly, forks are used to either propose changes to someone else's project to which you don't have write access, or to use someone else's project as a starting point for your own idea. Você pode bifurcar um repositório para criar uma cópia do repositório e fazer alterações sem afetar o repositório upstream. Para obter mais informações, consulte "[Trabalhando com as bifurcações](/github/collaborating-with-issues-and-pull-requests/working-with-forks)". ### Proponha mudanças no projeto de outra pessoa diff --git a/translations/pt-BR/content/get-started/signing-up-for-github/index.md b/translations/pt-BR/content/get-started/signing-up-for-github/index.md index 2109bc2453..dc26d93e53 100644 --- a/translations/pt-BR/content/get-started/signing-up-for-github/index.md +++ b/translations/pt-BR/content/get-started/signing-up-for-github/index.md @@ -16,6 +16,5 @@ children: - /verifying-your-email-address - /setting-up-a-trial-of-github-enterprise-cloud - /setting-up-a-trial-of-github-enterprise-server - - /setting-up-a-trial-of-github-ae --- diff --git a/translations/pt-BR/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae.md b/translations/pt-BR/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae.md deleted file mode 100644 index 93bc5d9d48..0000000000 --- a/translations/pt-BR/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae.md +++ /dev/null @@ -1,66 +0,0 @@ ---- -title: Configurando um teste do GitHub AE -intro: 'Você pode avaliar o {% data variables.product.prodname_ghe_managed %} gratuitamente.' -versions: - ghae: '*' -topics: - - Accounts -shortTitle: Teste do GitHub AE ---- - -## Sobre o teste de {% data variables.product.prodname_ghe_managed %} - -Você pode definir uma avaliação de 90 dias para avaliar {% data variables.product.prodname_ghe_managed %}. Este processo permite que você implemente uma conta do {% data variables.product.prodname_ghe_managed %} na sua região do Azure existente. - -- **Conta de {% data variables.product.prodname_ghe_managed %}**: O recurso do Azure que contém a implantação de {% data variables.product.prodname_ghe_managed %}. -- **{% data variables.product.prodname_ghe_managed %} portal**: A ferramenta de gerenciamento do Azure em [https://portal.azure.com](https://portal.azure.com). Ela é usada para implantar a conta de {% data variables.product.prodname_ghe_managed %}. - -## Configurar a versão de avaliação do {% data variables.product.prodname_ghe_managed %} - - -Antes de poder iniciar o seu teste de {% data variables.product.prodname_ghe_managed %}, você deverá solicitar o acesso entrando em contato com sua equipe de conta de {% data variables.product.prodname_dotcom %}. {% data variables.product.prodname_dotcom %} irá habilitar o teste {% data variables.product.prodname_ghe_managed %} para sua assinatura do Azure. - -Entre em contato com {% data variables.contact.contact_enterprise_sales %} para verificar a sua elegibilidade para um teste de {% data variables.product.prodname_ghe_managed %}. - -## Implantando {% data variables.product.prodname_ghe_managed %} com o {% data variables.actions.azure_portal %} - -O {% data variables.actions.azure_portal %} permite que você faça a implementação da conta do {% data variables.product.prodname_ghe_managed %} no seu grupo de recursos do Azure. - -1. No {% data variables.actions.azure_portal %}, digite `GitHub AE` no campo de busca. Em seguida, em _Serviços_, clique em {% data variables.product.prodname_ghe_managed %}. ![Resultado da pesquisa de {% data variables.actions.azure_portal %}](/assets/images/azure/github-ae-azure-portal-search.png) -1. Para começar o processo de adicionar uma nova conta de {% data variables.product.prodname_ghe_managed %}, clique em **Criar conta do GitHub AE**. -1. Insira as informações nos campos "Detalhes do projeto" e "Detalhes da instância". ![Resultado da pesquisa de {% data variables.actions.azure_portal %}](/assets/images/azure/github-ae-azure-portal-form.png) - - **Nome da conta:** O nome do host da sua empresa - - **Nome de usuário administrador:** Um nome de usuário para o proprietário corporativo inicial que será criado em {% data variables.product.prodname_ghe_managed %} - - E-mail do administrador **:** O endereço de e-mail que receberá as informações de login -1. Para revisar um resumo das alterações propostas, clique em **Revisão + criar**. -1. Após a conclusão do processo de validação, clique em **Criar**. - -O endereço de e-mail que você digitou acima receberá instruções sobre como acessar a sua empresa. Após ter acesso, você poderá começar seguindo os passos das configuração iniciais. Para obter mais informações, consulte "[Inicializar {% data variables.product.prodname_ghe_managed %}](/admin/configuration/initializing-github-ae)". - -{% note %} - -**Observação:** As atualizações de software para a sua implantação de {% data variables.product.prodname_ghe_managed %} são executadas por {% data variables.product.prodname_dotcom %}. Para obter mais informações, consulte[Sobre atualizações para novas versões de](/admin/overview/about-upgrades-to-new-releases)." - -{% endnote %} - -## Acessando a sua empresa - -Você pode usar o {% data variables.actions.azure_portal %} para navegar para a sua implantação de {% data variables.product.prodname_ghe_managed %}. A lista resultante inclui todas as suas implantações de {% data variables.product.prodname_ghe_managed %} na sua região do Azure. - -1. No {% data variables.actions.azure_portal %}, no painel esquerdo, clique em **Todos os recursos**. -1. Nos filtros disponíveis, clique em **Todos os tipos** e, em seguida, desmarque **Selecionar todos** e selecione **GitHub AE**: ![Resultado da pesquisa de {% data variables.actions.azure_portal %}](/assets/images/azure/github-ae-azure-portal-type-filter.png) - -## Próximas etapas - -Uma vez fornecida a sua implantação, o próximo passo é inicializar {% data variables.product.prodname_ghe_managed %}. Para obter mais informações, consulte "[Inicializar {% data variables.product.prodname_ghe_managed %}](/github-ae@latest/admin/configuration/configuring-your-enterprise/initializing-github-ae)". - -## Finalizar a versão de avaliação - -Você pode fazer a atualização para uma licença completa a qualquer momento durante o período de avaliação, entrando em contato com {% data variables.contact.contact_enterprise_sales %}. Se você não atualizou até o último dia de seu teste, a implantação será excluída automaticamente. - -Se precisar de mais tempo para avaliar o {% data variables.product.prodname_ghe_managed %}, entre em contato com {% data variables.contact.contact_enterprise_sales %} para solicitar uma extensão. - -## Leia mais - -- "[Habilitando as funcionalidades de {% data variables.product.prodname_advanced_security %} em {% data variables.product.prodname_ghe_managed %}](/github/getting-started-with-github/about-github-advanced-security#enabling-advanced-security-features-on-github-ae)" -- "[Notas de versão de {% data variables.product.prodname_ghe_managed %}](/github-ae@latest/admin/overview/github-ae-release-notes)" diff --git a/translations/pt-BR/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md b/translations/pt-BR/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md index ffaf48e6e8..c770b9af3d 100644 --- a/translations/pt-BR/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md +++ b/translations/pt-BR/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md @@ -19,7 +19,7 @@ shortTitle: Teste do servidor corporativo Você pode solicitar uma versão de avaliação por 45 dias do {% data variables.product.prodname_ghe_server %}. A versão de avaliação será instalada como um appliance virtual, com opções para implementação local ou na nuvem. Consulte a lista de plataformas de visualização compatíveis em "[Configurar uma instância do GitHub Enterprise Server](/enterprise-server@latest/admin/installation/setting-up-a-github-enterprise-server-instance)". -{% ifversion ghes %}{% data variables.product.prodname_dependabot %}{% else %}Alertas de Segurança{% endif %} e {% data variables.product.prodname_github_connect %} não estão disponíveis atualmente nos testes de {% data variables.product.prodname_ghe_server %}. Para uma demonstração desses recursos, entre em contato com {% data variables.contact.contact_enterprise_sales %}. Para mais informações sobre esses recursos, consulte "[Sobre alertas para dependências vulneráveis](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" e "[Conectando a sua conta corporativa a {% data variables.product.prodname_ghe_cloud %}](/enterprise-server@latest/admin/configuration/managing-connections-between-your-enterprise-accounts/connecting-your-enterprise-account-to-github-enterprise-cloud)" +{% ifversion ghes %}{% data variables.product.prodname_dependabot %}{% else %}Alertas de Segurança{% endif %} e {% data variables.product.prodname_github_connect %} não estão disponíveis atualmente nos testes de {% data variables.product.prodname_ghe_server %}. Para uma demonstração desses recursos, entre em contato com {% data variables.contact.contact_enterprise_sales %}. Para obter mais informações sobre essas funcionalidades, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" e "[Conectando sua conta corporativa a {% data variables.product.prodname_ghe_cloud %}](/enterprise-server@latest/admin/configuration/managing-connections-between-your-enterprise-accounts/connecting-your-enterprise-account-to-github-enterprise-cloud)". As versões de avaliação também estão disponíveis para {% data variables.product.prodname_ghe_cloud %}. Para obter mais informações, consulte "[Configurar uma versão de avaliação do {% data variables.product.prodname_ghe_cloud %}](/articles/setting-up-a-trial-of-github-enterprise-cloud)". diff --git a/translations/pt-BR/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md b/translations/pt-BR/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md index 21385c67f4..57693d2503 100644 --- a/translations/pt-BR/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md +++ b/translations/pt-BR/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md @@ -70,10 +70,9 @@ Usamos [Linguist](https://github.com/github/linguist) para executar a detecção {% if mermaid %} ## Criando diagramas -Você pode usar a sintaxe do Mermaid para adicionar diagramas. Para obter mais informações, consulte "[Criando diagramas](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams)". +Você também pode usar blocos de código para criar diagramas em Markdown. O GitHub é compatível com a sintaxe do Mermaid, geoJSON, topoJSON e ASCII STL. Para obter mais informações, consulte "[Criando diagramas](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams)". {% endif %} - ## Leia mais - [Especificações de markdown em estilo {% data variables.product.prodname_dotcom %}](https://github.github.com/gfm/) diff --git a/translations/pt-BR/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md b/translations/pt-BR/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md index bedce5206d..4fd49d27e1 100644 --- a/translations/pt-BR/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md +++ b/translations/pt-BR/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md @@ -6,7 +6,13 @@ versions: shortTitle: Crie diagramas --- -Você pode usar a sintaxe do Mermaid para criar diagramas. O Mermeid é uma ferramenta inspirada em Markdown que transforma texto em diagramas. Por exemplo, o Mermeid pode interpretar gráficos de fluxo, diagramas de sequência, gráficos de pizza e muito mais. Para obter mais informações, consulte a documentação do [Mermaid](https://mermaid-js.github.io/mermaid/#/). +## Sobre a criação de diagramas + +Você pode criar diagramas em Markdown usando três sintaxes diferentes: mermaid, geoJSON e topoJSON e ASCII STL. + +## Criando diagramas do mermaid + +O Mermeid é uma ferramenta inspirada em Markdown que transforma texto em diagramas. Por exemplo, o Mermeid pode interpretar gráficos de fluxo, diagramas de sequência, gráficos de pizza e muito mais. Para obter mais informações, consulte a documentação do [Mermaid](https://mermaid-js.github.io/mermaid/#/). Para criar um diagrama do Mermaid, adicione a sintaxe do Mermeid dentro de um bloco de código cercado com o identificador da linguagem do `mermaid`. Para obter mais informações sobre a criação de blocos de código, consulte "[Criando e destacando blocos de código](/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks)". @@ -31,3 +37,122 @@ graph TD; **Observação:** Você pode observar erros se você executar um plugin de terceiros do Mermaid ao usar sintaxe do Mermaid em {% data variables.product.company_short %}. {% endnote %} + +## Criando mapas do geoJSON e topoJSON + +Você pode usar a sintaxe geo/topoJSON para criar mapas interativos. Para criar um mapa, adicione geoJSON ou topoJSON dentro de um bloco de código cercado com o identificador de sintaxe de `geojson` ou `topojson`. Para obter mais informações, consulte "[Criar e destacar blocos de código](/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks)". + +### Usando geoJSON + +Por exemplo, você pode criar um mapa simples: + +
+```geojson
+{
+  "type": "Polygon",
+  "coordinates": [
+      [
+          [-90,30],
+          [-90,35],
+          [-90,35],
+          [-85,35],
+          [-85,30]
+      ]
+  ]
+}
+```
+
+ +![Mapa interpretado](/assets/images/help/writing/fenced-geojson-rendered-map.png) + +### Usando topoJSON + +Por exemplo, você pode criar um mapa topoJSON simples: + +
+```topojson
+{
+  "type": "Topology",
+  "transform": {
+    "scale": [0.0005000500050005, 0.00010001000100010001],
+    "translate": [100, 0]
+  },
+  "objects": {
+    "example": {
+      "type": "GeometryCollection",
+      "geometries": [
+        {
+          "type": "Point",
+          "properties": {"prop0": "value0"},
+          "coordinates": [4000, 5000]
+        },
+        {
+          "type": "LineString",
+          "properties": {"prop0": "value0", "prop1": 0},
+          "arcs": [0]
+        },
+        {
+          "type": "Polygon",
+          "properties": {"prop0": "value0",
+            "prop1": {"this": "that"}
+          },
+          "arcs": [[1]]
+        }
+      ]
+    }
+  },
+  "arcs": [[[4000, 0], [1999, 9999], [2000, -9999], [2000, 9999]],[[0, 0], [0, 9999], [2000, 0], [0, -9999], [-2000, 0]]]
+}
+```
+
+ +![Mapa do topojson interpretado](/assets/images/help/writing/fenced-topojson-rendered-map.png) + +Para obter mais informações sobre como trabalhar com arquivos `.geojson` e `.topojson`, consulte[Trabalhando com arquivos que não são de código](/repositories/working-with-files/using-files/working-with-non-code-files#mapping-geojson-files-on-github)". + + +## Criando modelos de STL 3D + +Você pode usar a sintaxe do ASCII STL diretamente no markdown para criar modelos 3D interativos. Para exibir um modelo, adicione a sintaxe ASCII STL dentro de um bloco de código isolado com o identificador de sintaxe `stl`. Para obter mais informações, consulte "[Criar e destacar blocos de código](/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks)". + +Por exemplo, você pode criar um modelo 3D simples: + +
+```stl
+solid cube_corner
+  facet normal 0.0 -1.0 0.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 1.0 0.0 0.0
+      vertex 0.0 0.0 1.0
+    endloop
+  endfacet
+  facet normal 0.0 0.0 -1.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 0.0 1.0 0.0
+      vertex 1.0 0.0 0.0
+    endloop
+  endfacet
+  facet normal -1.0 0.0 0.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 0.0 0.0 1.0
+      vertex 0.0 1.0 0.0
+    endloop
+  endfacet
+  facet normal 0.577 0.577 0.577
+    outer loop
+      vertex 1.0 0.0 0.0
+      vertex 0.0 1.0 0.0
+      vertex 0.0 0.0 1.0
+    endloop
+  endfacet
+endsolid
+```
+
+ +![Modelo 3D interpretado](/assets/images/help/writing/fenced-stl-rendered-object.png) + +Para mais informações sobre como trabalhar com arquivos `.stl`, consulte[Trabalhando com arquivos que não são de código](/repositories/working-with-files/using-files/working-with-non-code-files#3d-file-viewer)". + diff --git a/translations/pt-BR/content/github/index.md b/translations/pt-BR/content/github/index.md index 4451d46f00..3f90906c79 100644 --- a/translations/pt-BR/content/github/index.md +++ b/translations/pt-BR/content/github/index.md @@ -12,7 +12,6 @@ versions: ghae: '*' children: - /copilot - - /site-policy - /site-policy-deprecated --- diff --git a/translations/pt-BR/content/github/site-policy/github-community-guidelines.md b/translations/pt-BR/content/github/site-policy/github-community-guidelines.md deleted file mode 100644 index f80a972b8b..0000000000 --- a/translations/pt-BR/content/github/site-policy/github-community-guidelines.md +++ /dev/null @@ -1,108 +0,0 @@ ---- -title: Diretrizes da comunidade do GitHub -redirect_from: - - /community-guidelines - - /articles/github-community-guidelines -versions: - fpt: '*' -topics: - - Policy - - Legal ---- - -Milhões de desenvolvedores hospedam milhões de projetos no GitHub — tanto código aberto quanto fechado — e temos orgulho de viabilizarmos a colaboração de toda a comunidade todos os dias. Juntos, temos uma empolgante oportunidade e a responsabilidade de tornar esta comunidade algo do qual podemos nos orgulhar. - -Usuários do GitHub em todo o mundo trazem perspectivas, ideias e experiências extremamente diferentes, abrangendo desde pessoas que criaram seu primeiro projeto "Olá Mundo" na semana passada até os mais conhecidos desenvolvedores de software do mundo. Estamos empenhados em fazer do GitHub um ambiente acolhedor para todas as diferentes vozes e perspectivas da nossa comunidade, mantendo um espaço onde as pessoas são livres para se expressarem. - -Contamos com os membros de nossa comunidade para comunicar expectativas, [moderar](#what-if-something-or-someone-offends-you) seus projetos e {% data variables.contact.report_abuse %} ou {% data variables.contact.report_content %}. Ao definir o que esperamos ver em nossa comunidade, esperamos ajudá-lo a entender a melhora forma para colaborar no GitHub e que tipo de ações ou conteúdo podem violar nossos [Termos de Serviço](#legal-notices), que incluem nossas [Políticas de Uso Aceitáveis](/github/site-policy/github-acceptable-use-policies). Investigaremos quaisquer denúncias de abuso e podemos moderar o conteúdo público em nosso site que definirmos como violador de nossos Termos de Serviço. - -## Criar uma comunidade integrada - -A finalidade principal da comunidade do GitHub é colaborar em projetos de software. Queremos que as pessoas trabalhem melhor em conjunto. Embora mantenhamos o site, essa é uma comunidade que construímos *juntos*, e precisamos da sua ajuda para torná-la a melhor possível. - -* **Seja bem-vindo e venha com a mente aberta!** - Outros colaboradores podem não ter o mesmo nível de experiência ou o mesmo histórico que você, mas isso não significa que eles não tenham boas ideias para contribuir. Nós o encorajamos a receber com boas-vindas os novos colaboradores e aqueles que acabaram de chegar. - -* **Respeitem-se.** - Nada sabota tanto as conversas saudáveis quanto a grosseria. Seja cordial e profissional, e não publique nada que uma pessoa de bom senso considere como discurso ofensivo, abusivo ou de ódio. Não assedie ou constranja ninguém. Trate uns aos outros com dignidade e consideração em todas as interações. - - Você pode querer responder a algo discordando sobre o assunto. Tudo bem. Mas lembre-se de criticar ideias, não pessoas. Evite xingamentos, ataques diretos ad hominem, respondendo ao tom de um post em vez de seu conteúdo real, e reações impulsivas. Em vez disso, forneça contra-argumentos fundamentados que melhorem a conversa. - -* **Comunique-se com a empatia** - Discordâncias ou diferenças de opinião são um fato da vida. Fazer parte de uma comunidade significa interagir com pessoas de diversas experiências e perspectivas, muitas das quais podem não ser as mesmas que as nossas. Se você discorda de alguém, tente se colocar no lugar da pessoa antes de se dirigir a ela. Isto promoverá uma atmosfera respeitosa e amigável, onde as pessoas se sentem confortáveis em fazer perguntas, participar de discussões e dar suas contribuições. - -* **Seja claro e não fuja do assunto** - As pessoas usam o GitHub para trabalharem e serem mais produtivas. Comentários fora do assunto são uma distração (às vezes, bem-vinda, mas geralmente não) para o trabalho produtivo. Manter-se dentro do assunto ajuda a fomentar debates positivos e produtivos. - - Além disso, comunicar-se com estranhos na internet pode ser desafiador. É difícil comunicar ou ler no tom desejado, e o sarcasmo é frequentemente mal interpretado. Tente usar uma linguagem clara, e pense em como ela será recebida pela outra pessoa. - -## E se algo ou alguém ofender você? - -Contamos com a comunidade para nos informar quando um problema precisa ser resolvido. Não monitoramos ativamente o site para conteúdo ofensivo. Se você encontrar alguma coisa ou alguém no site que você considere censurável, aqui estão algumas ferramentas que o GitHub fornece para ajudá-lo a agir imediatamente: - -* **Comunicar expectativas** - Se você participa de uma comunidade que não definiu as diretrizes específicas para a comunidade, incentive-os a fazê-lo no arquivo README ou [no arquivo CONTRIBUTING](/articles/setting-guidelines-for-repository-contributors/), ou em [um código de conduta dedicado](/articles/adding-a-code-of-conduct-to-your-project/), enviando um pull request. - -* **Comentários moderados** - Se você tem [privilégios de acesso de gravação](/articles/repository-permission-levels-for-an-organization/) para um repositório, você pode editar, excluir ou ocultar comentários de qualquer pessoa em commits, pull requests e problemas. Qualquer pessoa com acesso de leitura em um repositório pode visualizar o histórico de edição do comentário. Autores do comentário e pessoas com acesso de gravação a um repositório podem excluir informações confidenciais do histórico de edição de um comentário. Para obter mais informações, consulte "[Rastreando alterações em um comentário](/articles/tracking-changes-in-a-comment)" e "[Gerenciando comentários inconvenientes](/articles/managing-disruptive-comments)". - -* **Bloquear conversas** - Se uma discussão em um problema ou pull request fica fora de controle, você pode [bloquear a conversa](/articles/locking-conversations/). - -* **Bloquear Usuários** - Se você encontrar um usuário que continua demonstrando um comportamento ruim, você pode [bloquear o usuário de sua conta pessoal](/articles/blocking-a-user-from-your-personal-account/) ou [bloquear o usuário da sua organização](/articles/blocking-a-user-from-your-organization/). - -Claro, você sempre pode entrar em contato conosco em {% data variables.contact.report_abuse %} se precisar de mais ajuda para lidar com uma situação. - -## O que não é permitido? - -Estamos comprometidos em manter uma comunidade onde os usuários são livres para se expressarem e desafiarem as ideias uns dos outros, tanto ideias técnicas como outras. No entanto, essas discussões não promovem diálogos frutíferos quando as ideias são silenciadas porque membros da comunidade estão sendo constrangidos ou têm medo de falar. Isso significa que devemos ser sempre respeitosos e cordiais, e evitarmos atacar os outros com base no que eles são. Não toleramos comportamentos que cruzam os seguintes limites: - -- #### Ameaças de violência Você não pode ameaçar terceiros ou usar o site para organizar, promover ou incitar atos de violência ou terrorismo no mundo real. Pense cuidadosamente sobre as palavras que você usa, as imagens que você publica, e até mesmo o software que você escreve, e como podem ser interpretados pelos outros. Mesmo que pretenda fazer uma piada, isso poderá ser interpretado de outra forma. Se você acha que outra pessoa *pode* interpretar o conteúdo que você postou como uma ameaça, ou como uma promoção da violência ou como terrorismo, pare. Não publique isso no GitHub. Em casos excepcionais, podemos relatar ameaças de violência às autoridades competentes, se acreditarmos que pode haver um risco genuíno de danos físicos ou uma ameaça à segurança pública. - -- #### Discurso de ódio e discriminação Embora não seja proibido abordar tópicos como idade, tamanho do corpo, deficiência física, etnia, identidade e expressão de gênero, nível de experiência, nacionalidade, aparência pessoal, raça, religião ou identidade e orientação sexual, não toleramos discursos que ataquem uma pessoa ou um grupo de pessoas com base em quem elas são. Perceba que quando abordados de forma agressiva ou insultante, estes (e outros) tópicos sensíveis podem fazer com que terceiros se sintam indesejados, ou até mesmo vulneráveis. Embora haja sempre o potencial para mal-entendidos, esperamos que os membros da nossa comunidade permaneçam respeitosos e cordiais quando discutirem temas sensíveis. - -- #### Bullying e assédio Não toleramos bullying ou assédio. Isto significa qualquer tipo de insulto ou intimidação habitual dirigida a uma pessoa ou grupo específico de pessoas. Em geral, se suas ações são indesejadas e você continua com o mesmo comportamento, há uma boa chance de você estar praticando bullying ou assédio. - -- #### Interromper a experiência de outros usuários Ser parte de uma comunidade inclui reconhecer como seu comportamento afeta os outros e envolver-se em interações significativas e produtivas com as pessoas e a plataforma de que dependem. Não são permitidos comportamentos como postar repetidamente comentários que fogem ao tópico, abrir problemas ou pull requests vazios ou sem sentido ou usar qualquer recurso de outra plataforma de uma forma que perturbe continuamente a experiência de outros usuários. Embora incentivemos os mantenedores a moderar os seus próprios projetos individualmente, a equipe do GitHub pode ter uma ação restritiva contra contas que estão se envolvendo com esses tipos de comportamento. - -- #### Personificação Você não pode personificar outra pessoa, copiando o seu avatar, postando conteúdo no seu endereço de e-mail e usando um nome de usuário similar ou passar-se por outra pessoa. A falsidade ideológica é uma forma de assédio. - -- #### Doxxing e invasão de privacidade Não poste informações pessoais de outras pessoas, como endereços de e-mail pessoais e privados, números de telefone, endereços físicos, números de cartão de crédito, números de previdência social/identidade nacional ou senhas. Dependendo do contexto, como no caso de intimidação ou assédio, podemos considerar que outras informações, como fotos ou vídeos que foram tirados ou distribuídos sem o consentimento do indivíduo, constituem invasão da privacidade, especialmente quando esse material representa um risco para a segurança do indivíduo. - -- #### Conteúdo sexualmente obsceno Não publique conteúdo pornográfico. Isto não significa que seja proibida qualquer nudez, ou qualquer código ou conteúdo relacionados com sexualidade. Reconhecemos que a sexualidade faz parte da vida e que o conteúdo sexual não pornográfico pode fazer parte do seu projeto, ou que possa ser apresentado para fins educacionais ou artísticos. Não permitimos conteúdos sexuais obscenos ou conteúdos que possam envolver a exploração ou a sexualização de menores. - -- #### Conteúdo gratuitamente violento Não publique imagens, texto ou outro conteúdo violento sem um contexto razoável ou avisos. Embora muitas vezes não haja problema em incluir conteúdo violento em videogames, boletins e descrições de eventos históricos, não permitimos conteúdos violentos que sejam publicados indiscriminadamente, ou que sejam postados de uma forma que seja difícil evitar ter acesso a eles (como um avatar de perfil ou um comentário de problema). Um aviso claro ou uma declaração em outros contextos ajudam os usuários a tomarem uma decisão sobre se querem ou não se envolver com tal conteúdo. - -- #### Informação errada e desinformação Você não pode postar conteúdo que apresente uma visão distorcida da realidade, seja ela imprecisa ou falsa (informação errada) ou intencionalmente enganosa (desinformação) porque esse conteúdo provavelmente resultará em danos ao público ou interferirá em oportunidades justas e iguais para todos participarem da vida pública. Por exemplo, não permitimos conteúdo que possa colocar o bem-estar de grupos de pessoas em risco ou limitar sua capacidade de participar de uma sociedade livre e aberta. Incentivamos a participação ativa na expressão de ideias, perspectivas e experiências e não se pode estar em posição de disputar contas ou observações pessoais. Geralmente, permitimos paródias e sátiras alinhadas com nossas Políticas de Uso Aceitável, e consideramos o contexto importante na forma como as informações são recebidas e compreendidas; portanto, pode ser apropriado esclarecer suas intenções através de isenções de responsabilidade ou outros meios, bem como a fonte(s) de suas informações. - -- #### Active malware or exploits Being part of a community includes not taking advantage of other members of the community. Não permitimos que ninguém utilize a nossa plataforma em apoio direto de ataques ilegais que causam danos técnicos, como usar o GitHub como um meio de fornecer executáveis maliciosos ou como infraestrutura de ataque, por exemplo, organizando ataques de negação serviço ou gerenciando servidores de comando e controle. Prejuízos técnicos significam excesso de recursos, danos físicos, tempo de inatividade, negação de serviço ou perda de dados, sem qualquer propósito implícito ou explícito de dupla utilização antes de ocorrer o abuso. - - Observe que o GitHub permite conteúdo de dupla utilização e é compatível com a postagem de conteúdo usado para pesquisa em vulnerabilidades, malware, ou exploração, uma vez que a publicação e distribuição de tal conteúdo tem valor educacional e proporciona um benefício líquido para a comunidade de segurança. Nós supomos uma intenção positiva e a utilização destes projetos para promover e gerar melhoria do ecossistema. - - Em casos raros de abuso muito generalizado de conteúdo de dupla utilização, podemos restringir o acesso a essa instância específica do conteúdo para interromper um ataque ilegal ou uma campanha de malware que aproveita a plataforma GitHub como um exploit ou malware CDN. Na maioria dessas instâncias, a restrição assume a forma de colocar o conteúdo por trás da autenticação. No entanto, como opção de último recurso, pode envolver a desabilitação do acesso ou a remoção total quando isso não for possível (p. ex., quando postado como um gist). Também entraremos em contato com os proprietários dos projetos sobre restrições implementadas sempre que possível. - - As restrições são temporárias quando possíveis e não servem o propósito de eliminar ou restringir qualquer conteúdo específico de dupla utilização ou cópias desse conteúdo da plataforma. Embora procuremos fazer desses raros casos de restrição um processo de colaboração com os proprietários do projeto, se você sentir que seu conteúdo foi restrito indevidamente, temos um [processo de recursos](#appeal-and-reinstatement) em vigor. - - Para facilitar um caminho para a resolução de abuso com os próprios mantenedores do projeto, antes da escalada aos relatórios de abuso do GitHub, recomendamos, embora não exigimos, que os proprietários do repositório sigam as etapas a seguir ao postar conteúdo de pesquisa de segurança potencialmente prejudicial: - - * Identifique e descreva claramente qualquer conteúdo potencialmente nocivo em uma isenção de responsabilidade no arquivo README.md do projeto ou comentários do código-fonte. - * Forneça um método de contato preferido para qualquer consulta referente ao abuso de terceiros por meio de um arquivo SECURITY.md no repositório (por exemplo, "Crie um problema neste repositório para quaisquer dúvidas ou preocupações"). Esse método de contato permite que terceiros entrem em contato com os mantenedores do projeto diretamente e possivelmente resolvam as questões sem a necessidade de abrir relatórios de abuso. - - *O GitHub considera o registro npm como uma plataforma usada principalmente para o uso do código em tempo de execução e não para pesquisas.* - - -## O que acontece se alguém violar as regras? - -Há uma variedade de ações que podemos tomar quando um usuário reportar comportamento ou conteúdo inapropriado. Normalmente, depende das circunstâncias exatas de um caso específico. Reconhecemos que, por vezes, as pessoas podem dizer ou fazer coisas inapropriadas por várias razões. Talvez não tenha percebido a forma como suas palavras seriam entendidas. Ou talvez apenas deixam que suas emoções o conduzam. É claro que, muitas vezes, há pessoas que querem apenas fazer spam ou causar problemas. - -Cada caso requer uma abordagem diferente e tentamos adaptar a nossa resposta às necessidades da situação que foi comunicada. Vamos avaliar denúncias de abuso caso a caso. Para cada situação, teremos uma equipe diversificada investigando o conteúdo e os fatos envolvidos e responderemos de forma apropriada utilizando estas orientações para guiar nossa decisão. - -Ações que podemos fazer em resposta a uma denúncia de abuso incluem, mas não estão limitados a: - -* Remoção de Conteúdo -* Bloqueio de Conteúdo -* Suspensão de Conta -* Encerramento da Conta - -## Apelação e reinstauração - -Em alguns casos, pode haver uma base para reverter uma ação, por exemplo, com base em informações adicionais fornecidas por um usuário ou quando um usuário tiver resolvido a violação e concordado em seguir nossas Políticas de Uso Aceitáveis desse momento em diante. Se você deseja recorrer de uma ação de execução, entre em contato com o [suporte](https://support.github.com/contact?tags=docs-policy). - -## Avisos Legais - -Colocamos essas Diretrizes da Comunidade em domínio público para que qualquer pessoa use, reutilize, adapte, ou seja o que for, nos termos de [CC0-1.0](https://creativecommons.org/publicdomain/zero/1.0/). - -Estas são apenas diretrizes; elas não modificam nossos [Termos de Serviço](/articles/github-terms-of-service/) e não pretendem ser uma lista completa. O GitHub detém total critério conforme os [Termos de Serviço](/articles/github-terms-of-service/#c-acceptable-use) para remover qualquer conteúdo ou cancelar quaisquer contas por atividade que viole os Termos de Uso Aceitável. Estas diretrizes descrevem quando iremos exercer esse critério. diff --git a/translations/pt-BR/content/github/site-policy/index.md b/translations/pt-BR/content/github/site-policy/index.md deleted file mode 100644 index 1cc9c9b72f..0000000000 --- a/translations/pt-BR/content/github/site-policy/index.md +++ /dev/null @@ -1,52 +0,0 @@ ---- -title: Política do site -redirect_from: - - /categories/61/articles - - /categories/site-policy -versions: - fpt: '*' -topics: - - Policy - - Legal -children: - - /github-terms-of-service - - /github-corporate-terms-of-service - - /github-privacy-statement - - /github-data-protection-agreement - - /global-privacy-practices - - /github-sponsors-additional-terms - - /github-codespaces-privacy-statement - - /github-terms-for-additional-products-and-features - - /github-logo-policy - - /github-username-policy - - /submitting-content-removal-requests - - /dmca-takedown-policy - - /guide-to-submitting-a-dmca-takedown-notice - - /guide-to-submitting-a-dmca-counter-notice - - /github-trademark-policy - - /github-private-information-removal-policy - - /github-subprocessors-and-cookies - - /github-bug-bounty-program-legal-safe-harbor - - /coordinated-disclosure-of-security-vulnerabilities - - /guidelines-for-legal-requests-of-user-data - - /github-government-takedown-policy - - /github-acceptable-use-policies - - /githubs-notice-about-the-california-consumer-privacy-act - - /github-community-guidelines - - /github-community-forum-code-of-conduct - - /github-registered-developer-agreement - - /github-marketplace-terms-of-service - - /github-marketplace-developer-agreement - - /github-research-program-terms - - /github-open-source-applications-terms-and-conditions - - /github-and-trade-controls - - /github-deceased-user-policy - - /github-statement-against-modern-slavery-and-child-labor - - /github-anti-bribery-statement - - /github-candidate-privacy-policy - - /github-gifts-and-entertainment-policy - - /github-event-terms - - /github-event-code-of-conduct - - /github-gpl-cooperation-commitment ---- - diff --git a/translations/pt-BR/content/index.md b/translations/pt-BR/content/index.md index 0af507e14f..13d12da105 100644 --- a/translations/pt-BR/content/index.md +++ b/translations/pt-BR/content/index.md @@ -21,6 +21,7 @@ children: - github - admin - billing + - site-policy - organizations - code-security - pull-requests @@ -49,6 +50,7 @@ childGroups: - account-and-profile - authentication - billing + - site-policy - name: Collaborative coding octicon: CommentDiscussionIcon children: diff --git a/translations/pt-BR/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md b/translations/pt-BR/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md index 101e3088c9..b80b65ad12 100644 --- a/translations/pt-BR/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md +++ b/translations/pt-BR/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md @@ -18,7 +18,11 @@ shortTitle: Transferir um problema Para transferir um problema aberto para outro repositório, é preciso ter acesso de gravação no repositório em que o problema está e no repositório para onde você está transferindo o problema. Para obter mais informações, consulte "[Funções do repositório para uma organização](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)". -Você somente pode transferir problemas entre repositórios pertencentes à mesma conta de usuário ou organização. {% ifversion fpt or ghes or ghec %}Você não pode transferir um problema de um repositório privado para um repositório público.{% endif %} +{% note %} + +**Observação**: Você só pode transferir problemas entre repositórios pertencentes à mesma conta de usuário ou de organização. {% ifversion fpt or ghes or ghec %}Um problema de repositório privado não pode ser transferido para um repositório público.{% endif %} + +{% endnote %} Ao transferir um problema, os comentários, etiquetas e responsáveis são mantidos. Os marcos do problema não são mantidos. Esse problema permanecerá em qualquer quadro de projeto pertencente ao usuário ou à organização e será removido dos quadros de projeto de todos os repositórios. Para obter mais informações, consulte "[Sobre quadros de projeto](/articles/about-project-boards)". diff --git a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/about-projects.md b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/about-projects.md index 7f9bd1cf76..d27ff65385 100644 --- a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/about-projects.md +++ b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/about-projects.md @@ -29,7 +29,7 @@ Você pode usar campos personalizados para adicionar metadados às suas tarefas. - um campo numérico para monitorar a complexidade de uma tarefa - um único campo de seleção para rastrear se uma tarefa tem prioridade baixa, média ou alta - um campo de texto para adicionar uma observação rápida -- an iteration field to plan work week-by-week, including support for breaks +- um campo de iteração para planejar o trabalho semanalmente, incluindo suporte para pausas ### Visualizando seu projeto de diferentes perspectivas diff --git a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/best-practices-for-managing-projects.md b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/best-practices-for-managing-projects.md index f0a1cf683b..c57f9a9744 100644 --- a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/best-practices-for-managing-projects.md +++ b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/best-practices-for-managing-projects.md @@ -75,7 +75,7 @@ Além disso, {% data variables.product.prodname_actions %} e a API do GraphQL pe Aproveite os vários tipos de campo para atender às suas necessidades. -Use um campo de iteração para agendar o trabalho ou criar uma linha do tempo. Você pode agrupar por iteração para ver se os itens estão equilibrados entre iterações, ou você pode filtrar para focar em uma única iteração. Os campos de iteração também permitem ver o trabalho que você realizou em iterações anteriores, o que pode ajudar no planejamento de velocidade e refletir sobre as realizações da sua equipe. Iteration fields also support breaks to show when you and your team are taking time away from their iterations. For more information, see "[Managing iterations in projects](/issues/trying-out-the-new-projects-experience/managing-iterations)." +Use um campo de iteração para agendar o trabalho ou criar uma linha do tempo. Você pode agrupar por iteração para ver se os itens estão equilibrados entre iterações, ou você pode filtrar para focar em uma única iteração. Os campos de iteração também permitem ver o trabalho que você realizou em iterações anteriores, o que pode ajudar no planejamento de velocidade e refletir sobre as realizações da sua equipe. Os campos de iteração também são compatíveis com pausas para mostrar quando você e sua equipe estão tirando tempo de suas iterações. Para obter mais informações, consulte "[Gerenciando iterações nos projetos](/issues/trying-out-the-new-projects-experience/managing-iterations). " Use um único campo de seleção para rastrear informações sobre uma tarefa com base em uma lista de valores predefinidos. Por exemplo, monitore a prioridade ou a fase do projeto. Como os valores são selecionados a partir de uma lista predefinida, você pode facilmente agrupar ou filtrar focar em itens com um valor específico. diff --git a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/creating-a-project.md b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/creating-a-project.md index 474fee8a4b..69b961d37f 100644 --- a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/creating-a-project.md +++ b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/creating-a-project.md @@ -131,7 +131,7 @@ Os campos personalizados podem ser texto, número, data, seleção única ou ite - Número: O valor deve ser um número. - Data: O valor deve ser uma data. - Seleção única: O valor deve ser selecionado a partir de um conjunto de valores especificados. -- Iteração: O valor deve ser selecionado a partir de um conjunto de intervalos de datas (iterações). As iterações anteriores são automaticamente marcadas como "concluídas", e a iteração que cobre o intervalo de datas atual é marcada como "atual". For more information, see "[Managing iterations in projects](/issues/trying-out-the-new-projects-experience/managing-iterations)." +- Iteração: O valor deve ser selecionado a partir de um conjunto de intervalos de datas (iterações). As iterações anteriores são automaticamente marcadas como "concluídas", e a iteração que cobre o intervalo de datas atual é marcada como "atual". Para obter mais informações, consulte "[Gerenciando iterações nos projetos](/issues/trying-out-the-new-projects-experience/managing-iterations). " 1. {% data reusables.projects.open-command-palette %} Comece a digitar qualquer parte de "Criar novo campo". Quando "Criar novo campo" for exibido na paleta de comandos, selecione-o. 2. Como alternativa, clique em {% octicon "plus" aria-label="the plus icon" %} no cabeçalho do campo mais à direita. Será exibido um menu suspenso com os campos do projeto. Clique em **Novo campo**. @@ -148,7 +148,7 @@ Posteriormente, você poderá editar as opções de seleção única e iteraçã 1. Para campos de seleção única, você pode adicionar, excluir ou reordenar as opções. 1. Para campos de iteração, você pode adicionar ou excluir as iterações, alterar nomes da iteração e alterar a data e a duração de início da iteração. - For more information on modifying iteration fields, see "[Managing iterations in projects](/issues/trying-out-the-new-projects-experience/managing-iterations)." + Para obter mais informações sobre como modificar campos de iteração, consulte "[Gerenciando iterações nos projetos](/issues/trying-out-the-new-projects-experience/managing-iterations). ## Personalizando as suas visualizações diff --git a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/customizing-your-project-views.md b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/customizing-your-project-views.md index 6b8e35d9ab..7ad0629f9a 100644 --- a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/customizing-your-project-views.md +++ b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/customizing-your-project-views.md @@ -136,7 +136,7 @@ Como alternativa, use a paleta de comando. No layout da tabela, você pode clicar nos dados de item para filtrar para itens com esse valor. Por exemplo, clique em um responsável para mostrar apenas itens para ele. Para remover o filtro, clique nos dados do item novamente. -For more information, see "[Filtering projects](/issues/trying-out-the-new-projects-experience/filtering-projects)." +Para obter mais informações, consulte "[Filtrando projetos](/issues/trying-out-the-new-projects-experience/filtering-projects)". ## Criando uma visualização do projeto diff --git a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/filtering-projects.md b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/filtering-projects.md index 38831043da..4ee30b4ef7 100644 --- a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/filtering-projects.md +++ b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/filtering-projects.md @@ -1,6 +1,6 @@ --- -title: Filtering projects (beta) -intro: You can filter your projects to focus on specific information. +title: Filtrando projetos (beta) +intro: Você pode filtrar seus projetos para focar em informações específicas. allowTitleToDifferFromFilename: true miniTocMaxHeadingLevel: 2 versions: @@ -13,14 +13,14 @@ topics: {% data reusables.projects.projects-beta %} -## About filtering projects +## Sobre a filtragem de projetos -You can customize views using filters for item metadata, such as assignees and the labels applied to issues, and by the fields in your project. You can combine filters and save them as views. Para obter mais informações, consulte "[Personalizar as visualizações do seu projeto](/issues/trying-out-the-new-projects-experience/customizing-your-project-views)". +Você pode personalizar as visualizações usando filtros para os metadados do item, como os responsáveis e as etiquetas aplicadas aos problemas e pelos campos no seu projeto. Você pode combinar filtros e salvá-los como visualizações. Para obter mais informações, consulte "[Personalizar as visualizações do seu projeto](/issues/trying-out-the-new-projects-experience/customizing-your-project-views)". -To filter a project, click {% octicon "filter" aria-label="The Filter icon" %} and start typing the fields and values you would like to filter for. À medida que você digita, serão exibidos os possíveis valores. You can also open the command pallet and type "Filter by" to choose from the available filters. +Para filtrar um projeto, clique em {% octicon "filter" aria-label="The Filter icon" %} e comece a digitar os campos e valores que você gostaria de filtrar. À medida que você digita, serão exibidos os possíveis valores. Você também pode abrir a paleta de comandos e digitar "Filtrar por" para escolher um dos filtros disponíveis. -The same filters are available for insights, allowing you to filter the data used to create your charts. For more information, see "[Using insights with projects](/issues/trying-out-the-new-projects-experience/using-insights-with-projects)." +Os mesmos filtros estão disponíveis para indights, permitindo que você filtre os dados usados para criar seus gráficos. Para obter mais informações, consulte "[Usando insights com projetos](/issues/trying-out-the-new-projects-experience/using-insights-with-projects)". -## Syntax for filtering projects +## Sintaxe para filtrar projetos {% data reusables.projects.projects-filters %} diff --git a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/managing-iterations.md b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/managing-iterations.md index f4b1e66612..1a6f7c474f 100644 --- a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/managing-iterations.md +++ b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/managing-iterations.md @@ -1,6 +1,6 @@ --- -title: Managing iterations in projects (beta) -intro: You can create iterations to plan upcoming work and group items. +title: Gerenciando iterações em projetos (beta) +intro: Você pode criar iterações para planejar os itens de trabalho e grupos futuros. allowTitleToDifferFromFilename: true miniTocMaxHeadingLevel: 2 versions: @@ -13,52 +13,52 @@ topics: {% data reusables.projects.projects-beta %} -## About iterations +## Sobre iterações -You can create an iteration field to associate items with specific repeating blocks of time. Iterations can be set to any length of time, can include breaks, and can be individually edited to modify name and date range. With projects, you can group by iteration to visualize the balance of upcoming work, use filters to focus on a single iteration, and sort by iteration. +Você pode criar um campo de iteração para associar itens com blocos de tempo repetidos específicos. As iterações podem ser definidas para qualquer período de tempo, podem incluir intervalos e podem ser editadas individualmente para modificar o nome e o intervalo de datas. Com os projetos, você pode agrupar por iteração para visualizar o equilíbrio do trabalho futuro, usar filtros para focar em uma única iteração, bem como ordenar por iteração. -When you first create an iteration field, three iterations are automatically created. You can add additional iterations and make other changes on your project's settings page. +Ao criar um campo de iteração, três iterações serão criadas automaticamente. Você pode adicionar iterações adicionais e fazer outras alterações na página de configurações do seu projeto. -![Screenshot showing the settings for an iteration field](/assets/images/help/issues/iterations-example.png) +![Captura de tela que mostra as configurações para um campo de iteração](/assets/images/help/issues/iterations-example.png) -## Creating an iteration field +## Criando um campo de iteração -You can create an iteration field using the command palette or the project's interface. +Você pode criar um campo de iteração usando a paleta de comandos ou a interface do projeto. 1. {% data reusables.projects.open-command-palette %} Comece a digitar qualquer parte de "Criar novo campo". Quando "Criar novo campo" for exibido na paleta de comandos, selecione-o. Como alternativa, clique em {% octicon "plus" aria-label="the plus icon" %} no cabeçalho do campo mais à direita. Será exibido um menu suspenso com os campos do projeto. Clique em **Novo campo**. -1. In the text box, enter a name for the new iteration field. -1. Select the dropdown menu below and click **Iteration**. -1. Optionally, if you want to change the starting date from the current day, select the calendar dropdown next to "Starts on" and click on a new starting date. -2. To change the duration of each iteration, type a new number, then select the dropdown and click either **days** or **weeks**. -3. Click **Save & create**. +1. Na caixa de texto, digite um nome para o novo campo de iteração. +1. Selecione o menu suspenso abaixo e clique em **Iteração**. +1. Opcionalmente, se quiser mudar a data de início a partir do dia atual, selecione o calendário suspenso ao lado de "Começa em" e clique em uma nova data de início. +2. Para mudar a duração de cada iteração, digite um novo número, em seguida, selecione o menu suspenso e clique em **dias** ou **semanas**. +3. Clique em **Salvar & Criar**. -## Adding new iterations +## Adicionando novas iterações {% data reusables.projects.project-settings %} -1. Click the name of the iteration field you want to adjust. -1. To add a new iteration of the same duration, click **Add iteration**. -1. Optionally, to customize the duration of the new iteration and when it will start, click {% octicon "triangle-down" aria-label="The triangle icon" %} next to "Add iteration", select a starting date and duration, and click **Add**. +1. Clique no nome do campo de iteração que você deseja ajustar. +1. Para adicionar uma nova iteração da mesma duração, clique em **Adicionar iteração**. +1. Opcionalmente, para personalizar a duração da nova iteração e quando ela vai começar, clique em {% octicon "triangle-down" aria-label="The triangle icon" %} ao lado de "Adicionar iteração", selecione uma data e duração iniciais, e clique em **Adicionar**. 1. Clique em **Save changes** (Salvar alterações). -## Editing an iteration +## Editando uma iteração -You can edit iterations in your project settings. You can also access the settings for an iteration field by clicking {% octicon "triangle-down" aria-label="The triangle icon" %} in the table header for the field and clicking **Edit values**. +Você pode editar as iterações nas configurações do seu projeto. Você também pode acessar as configurações para um campo de iteração clicando em {% octicon "triangle-down" aria-label="The triangle icon" %} no cabeçalho da tabela para o campo e clicando em **Editar valores**. {% data reusables.projects.project-settings %} -1. Click the name of the iteration field you want to adjust. -1. To change the name of an iteration, click on the name and start typing. -1. To change the date or duration of an iteration, click on the date to open the calendar. Click on the start day, then click the end day, and then click **Apply**. -1. Optionally, to delete an iteration, click {% octicon "trash" aria-label="The trash icon" %}. +1. Clique no nome do campo de iteração que você deseja ajustar. +1. Para alterar o nome de uma iteração, clique no nome e comece a digitar. +1. Para alterar a data ou a duração de uma iteração, clique na data para abrir o calendário. Clique no dia de início, depois clique no dia de fim e depois clique em **Aplicar**. +1. Opcionalmente, para excluir uma iteração, clique em {% octicon "trash" aria-label="The trash icon" %}. 1. Clique em **Save changes** (Salvar alterações). -## Inserting a break +## Inserindo uma pausa -You can insert breaks into your iterations to communicate when you are taking time away from scheduled work. The duration of a new break defaults to the length of the most recently created iteration. +Você pode inserir pausas em suas iterações para se comunicar quando você está tirando o tempo do trabalho agendado. O padrão da duração de uma nova pausa é o comprimento da iteração criada mais recentemente. {% data reusables.projects.project-settings %} -1. Click the name of the iteration field you want to adjust. -2. On the dividing line above an iteration and to the right, click **Insert break**. ![Screenshot showing location of "Insert break" button](/assets/images/help/issues/iteration-insert-break.png) -3. Optionally, to change the duration of the break, click on the date to open the calendar. Click on the start day, then click the end day, and then click **Apply**. +1. Clique no nome do campo de iteração que você deseja ajustar. +2. Na linha de divisão acima de uma iteração e à direita, clique em **Inserir pausa**. ![Captura de tela que mostra a localização do botão "Inserir pausa"](/assets/images/help/issues/iteration-insert-break.png) +3. Opcionalmente, para alterar a duração da pausa, clique na data para abrir o calendário. Clique no dia de início, depois clique no dia de fim e depois clique em **Aplicar**. 4. Clique em **Save changes** (Salvar alterações). diff --git a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/using-insights-with-projects.md b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/using-insights-with-projects.md index 2a4e3bf43d..c84daa2b90 100644 --- a/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/using-insights-with-projects.md +++ b/translations/pt-BR/content/issues/trying-out-the-new-projects-experience/using-insights-with-projects.md @@ -1,6 +1,6 @@ --- -title: Using insights with projects (beta) -intro: You can view and customize charts that are built from your project's data. +title: Usando insights com projetos (beta) +intro: Você pode visualizar e personalizar gráficos construídos a partir dos dados do seu projeto. allowTitleToDifferFromFilename: true miniTocMaxHeadingLevel: 2 versions: @@ -13,17 +13,17 @@ topics: {% data reusables.projects.insights-alpha %} -## About insights +## Sobre insights -You can use insights to view and customize charts that use the items added to your project as their source data. The default "Burn up" chart shows item status over time, allowing you to visualize progress. You can apply filters to the default chart and also customize and save charts that are available to everyone that can view the project. +Você pode usar os insights para visualizar e personalizar gráficos que usam os itens adicionados ao seu projeto como seus dados de origem. The default "Burn up" chart shows item status over time, allowing you to visualize progress. Você pode aplicar filtros para o gráfico padrão e também personalizar e salvar gráficos que estejam disponíveis para todos que possam visualizar o projeto. ![Screenshot showing an example of the default burn up chart for the current iteration](/assets/images/help/issues/burnup-example.png) -## Creating a chart +## Criando um gráfico 1. Navigate to your project. -2. In the top-right, click {% octicon "graph" aria-label="the graph icon" %} to access insights. This feature is currently in a private preview and is not yet available to all organizations. If insights is not yet enabled for your organization, the {% octicon "graph" aria-label="the graph icon" %} icon will not be available. -3. In the menu on the left, click **New chart**. -4. Optionally, to change the name of the new chart, click {% octicon "triangle-down" aria-label="The triangle icon" %}, type a new name, and press Return. -5. Above the chart, type filters to change the data used to build the chart. For more information, see "[Filtering projects](/issues/trying-out-the-new-projects-experience/filtering-projects)." -6. To the right of the filter text box, click **Save changes**. +2. No canto superior direito, clique {% octicon "graph" aria-label="the graph icon" %} para acessar os insights. Este recurso está atualmente em uma visualização privada e ainda não está disponível para todas as organizações. Se os insights ainda não estiverem habilitados para a sua organização, o ícone {% octicon "graph" aria-label="the graph icon" %} não estará disponível. +3. No menu à esquerda, clique em **Novo gráfico**. +4. Opcionalmente, para alterar o nome do novo gráfico, clique em {% octicon "triangle-down" aria-label="The triangle icon" %}, digite um novo nome e pressione Retornar. +5. Acima do gráfico, digite os filtros para alterar os dados utilizados para a construção do gráfico. Para obter mais informações, consulte "[Filtrando projetos](/issues/trying-out-the-new-projects-experience/filtering-projects)". +6. À direita da caixa de texto do filtro, clique em **Salvar alterações**. diff --git a/translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization.md b/translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization.md index 009f28fc2c..88cf8656de 100644 --- a/translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization.md +++ b/translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization.md @@ -21,7 +21,7 @@ Você pode restringir o acesso a ativos privados da organização configurando u {% ifversion ghec %} {% note %} -**Note:** Only organizations that use {% data variables.product.prodname_ghe_cloud %} can use IP allow lists. {% data reusables.enterprise.link-to-ghec-trial %} +**Observação:** Apenas organizações que usam {% data variables.product.prodname_ghe_cloud %} podem usar listas de permissão de IP. {% data reusables.enterprise.link-to-ghec-trial %} {% endnote %} {% endif %} diff --git a/translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md b/translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md index e3aa0724de..f259df5ec1 100644 --- a/translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md +++ b/translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md @@ -122,7 +122,7 @@ Você pode habilitar ou desabilitar funcionalidades para todos os repositórios. Por padrão, {% data variables.product.prodname_dependabot %} não pode atualizar as dependências que estão localizadas em repositórios privados ou registros de pacotes privados. Entretanto, se uma dependência estiver em um repositório privado de {% data variables.product.prodname_dotcom %} dentro da mesma organização que o projeto que usa essa dependência, você pode permitir que {% data variables.product.prodname_dependabot %} atualize a versão com sucesso, dando-lhe acesso à hospedagem do repositório. -Se seu código depende de pacotes em um registro privado, você pode permitir que {% data variables.product.prodname_dependabot %} atualize as versões dessas dependências configurando isso no nível do repositório. Você faz isso adicionando detalhes de autenticação ao arquivo _dependabot.yml_ do repositório. Para obter mais informações, consulte "[Opções de configuração para atualizações de dependências](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)". +Se seu código depende de pacotes em um registro privado, você pode permitir que {% data variables.product.prodname_dependabot %} atualize as versões dessas dependências configurando isso no nível do repositório. Você faz isso adicionando detalhes de autenticação ao arquivo _dependabot.yml_ do repositório. Para obter mais informações, consulte "[Opções de configuração para o arquivo dependabot.yml](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)". Para permitir que {% data variables.product.prodname_dependabot %} acesse um repositório privado de {% data variables.product.prodname_dotcom %}: @@ -157,6 +157,5 @@ Você pode gerenciar o acesso a funcionalidades de {% data variables.product.pro - "[Protegendo o seu repositório](/code-security/getting-started/securing-your-repository)"{% ifversion not fpt %} - "[Sobre a verificação de segredo](/github/administering-a-repository/about-secret-scanning)"{% endif %}{% ifversion not ghae %} -- "[Sobre o gráfico de dependências](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" -- "[Gerenciar vulnerabilidades nas dependências do seu projeto](/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies)"{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %} -- "[Manter suas dependências atualizadas automaticamente](/github/administering-a-repository/keeping-your-dependencies-updated-automatically)"{% endif %} +- "[Sobre o gráfico de dependências](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)"{% endif %}{% ifversion fpt or ghec or ghes or ghae-issue-4864 %} +- "[Sobre a segurança da cadeia de suprimentos](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)"{% endif %} diff --git a/translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md b/translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md index c8eb80ee20..f6d67a50f8 100644 --- a/translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md +++ b/translations/pt-BR/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md @@ -42,7 +42,7 @@ To search for specific events, use the `action` qualifier in your query. Actions | [`billing`](#billing-category-actions) | Contains all activities related to your organization's billing. | [`business`](#business-category-actions) | Contains activities related to business settings for an enterprise. | | [`codespaces`](#codespaces-category-actions) | Contains all activities related to your organization's codespaces. |{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %} -| [`dependabot_alerts`](#dependabot_alerts-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in existing repositories. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +| [`dependabot_alerts`](#dependabot_alerts-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in existing repositories. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." | [`dependabot_alerts_new_repos`](#dependabot_alerts_new_repos-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in new repositories created in the organization. | [`dependabot_security_updates`](#dependabot_security_updates-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_security_updates %} in existing repositories. For more information, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." | [`dependabot_security_updates_new_repos`](#dependabot_security_updates_new_repos-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_security_updates %} for new repositories created in the organization.{% endif %}{% ifversion fpt or ghec %} @@ -508,10 +508,10 @@ For more information, see "[Managing the publication of {% data variables.produc | Action | Description | |--------|-------------| | `package_version_published` | Triggered when a package version is published. | -| `package_version_deleted` | Triggered when a specific package version is deleted. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." -| `package_deleted` | Triggered when an entire package is deleted. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." -| `package_version_restored` | Triggered when a specific package version is deleted. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." -| `package_restored` | Triggered when an entire package is restored. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)." +| `package_version_deleted` | Triggered when a specific package version is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_deleted` | Triggered when an entire package is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_version_restored` | Triggered when a specific package version is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_restored` | Triggered when an entire package is restored.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} {% endif %} @@ -680,7 +680,7 @@ For more information, see "[Managing the publication of {% data variables.produc | Action | Description |------------------|------------------- -| `create` | Triggered when {% data variables.product.product_name %} creates a {% data variables.product.prodname_dependabot %} alert for a repository that uses a vulnerable dependency. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +| `create` | Triggered when {% data variables.product.product_name %} creates a {% data variables.product.prodname_dependabot %} alert for a repository that uses a vulnerable dependency. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." | `dismiss` | Triggered when an organization owner or person with admin access to the repository dismisses a {% data variables.product.prodname_dependabot %} alert about a vulnerable dependency. | `resolve` | Triggered when someone with write access to a repository pushes changes to update and resolve a vulnerability in a project dependency. diff --git a/translations/pt-BR/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization.md b/translations/pt-BR/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization.md index 81f1fd21a5..e9c4bd2c00 100644 --- a/translations/pt-BR/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization.md +++ b/translations/pt-BR/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization.md @@ -41,11 +41,11 @@ As suas opções para a função herdada são padronizadas para diferentes tipos Aqui estão alguns exemplos de funções de repositórios personalizados que você pode configurar. -| Função do repositório personalizado | Sumário | Função herdada | Permissões adicionais | -| ----------------------------------- | ------------------------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Engenheiro de segurança | Capaz de contribuir com código e manter o pipeline de segurança | **Manutenção** | Excluir resultados da varredura de código | -| Contratado | Capaz de desenvolver integrações de webhooks | **Gravação** | Gerenciar webhooks | -| Gerente de comunidade | Capaz de lidar com todas as interações da comunidade sem ser capaz de contribuir com código | **Leitura** | - Mark an issue as duplicate
- Manage GitHub Page settings
- Manage wiki settings
- Set the social preview
- Edit repository metadata
- Triage discussions | +| Função do repositório personalizado | Sumário | Função herdada | Permissões adicionais | +| ----------------------------------- | ------------------------------------------------------------------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Engenheiro de segurança | Capaz de contribuir com código e manter o pipeline de segurança | **Manutenção** | Excluir resultados da varredura de código | +| Contratado | Capaz de desenvolver integrações de webhooks | **Gravação** | Gerenciar webhooks | +| Gerente de comunidade | Capaz de lidar com todas as interações da comunidade sem ser capaz de contribuir com código | **Leitura** | - Marcar um problema como duplicado
- Gerenciar configurações da Página do GitHub
- Gerenciar configurações da wiki
- Definir a visualização social
- Editar metadados
- Triar discussões | ## Permissões adicionais para funções personalizadas @@ -81,67 +81,67 @@ Você só pode escolher uma permissão adicional se já não estiver incluída n - **Gerenciar webhooks**: Adicione webhooks ao repositório. - **Gerenciar chaves de implantação**: Adicione chaves de deploy ao repositório. - **Editar os metadados do repositório**: Atualize a descrição do repositório, bem como os tópicos do repositório. -- **Definir limites de interação**: Restrinja temporariamente certos usuários de comentários, problemas de abertura ou criação de pull requests no seu repositório público para aplicar um período de atividade limitada. For more information, see "[Limiting interactions in your repository](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)." -- **Set the social preview**: Add an identifying image to your repository that appears on social media platforms when your repository is linked. Para obter mais informações, consulte "[Personalizar a exibição das redes sociais do repositório](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/customizing-your-repositorys-social-media-preview)". -- **Push commits to protected branches**: Push to a branch that is marked as a protected branch. -- **Create protected tags**: Create tags that match a tag protection rule. For more information, see "[Configuring tag protection rules](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules)." -- **Delete protected tags**: Delete tags that match a tag protection rule. For more information, see "[Configuring tag protection rules](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules)." +- **Definir limites de interação**: Restrinja temporariamente certos usuários de comentários, problemas de abertura ou criação de pull requests no seu repositório público para aplicar um período de atividade limitada. Para obter mais informações, consulte "[Restringir interações no seu repositório](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)". +- **Defina a visualização social**: Adicione uma imagem de identificação ao repositório que aparece nas plataformas de mídia social quando seu repositório é vinculado. Para obter mais informações, consulte "[Personalizar a exibição das redes sociais do repositório](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/customizing-your-repositorys-social-media-preview)". +- **Faça push commits para branches protegidos**: Faça push para um branch que é marcado como um branch protegido. +- **Crie etiquetas protegidas**: Crie etiquetas que correspondam a uma regra de proteção de tags. Para obter mais informações, consulte "[Configurando regras de proteção de tagsde](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules)". +- **Excluir tags protegidas**: Excluir tags que correspondam a uma regra de proteção de tags. Para obter mais informações, consulte "[Configurando regras de proteção de tagsde](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules)". ### Segurança -- **View {% data variables.product.prodname_code_scanning %} results**: Ability to view {% data variables.product.prodname_code_scanning %} alerts. -- **Dismiss or reopen {% data variables.product.prodname_code_scanning %} results**: Ability to dismiss or reopen {% data variables.product.prodname_code_scanning %} alerts. -- **Delete {% data variables.product.prodname_code_scanning %} results**: Ability to delete {% data variables.product.prodname_code_scanning %} alerts. -- **View {% data variables.product.prodname_dependabot_alerts %}**: Ability to view {% data variables.product.prodname_dependabot_alerts %}. -- **Dismiss or reopen {% data variables.product.prodname_dependabot_alerts %}**: Ability to dismiss or reopen {% data variables.product.prodname_dependabot_alerts %}. -- **View {% data variables.product.prodname_secret_scanning %} results**: Ability to view {% data variables.product.prodname_secret_scanning %} alerts. -- **Dismiss or reopen {% data variables.product.prodname_secret_scanning %} results**: Ability to dismiss or reopen {% data variables.product.prodname_secret_scanning %} alerts. +- **Ver resultados de {% data variables.product.prodname_code_scanning %}**: Habilidade de ver alertas de {% data variables.product.prodname_code_scanning %}. +- **Ignorar ou reabrir {% data variables.product.prodname_code_scanning %} resultados**: Habilidade de ignorar ou reabrir alertas de {% data variables.product.prodname_code_scanning %}. +- **Excluir {% data variables.product.prodname_code_scanning %} resultados**: Habilidade de excluir alertas de {% data variables.product.prodname_code_scanning %}. +- **Visualizar {% data variables.product.prodname_dependabot_alerts %}**: Habilidade de visualizar {% data variables.product.prodname_dependabot_alerts %}. +- **Ignorarou reabrir {% data variables.product.prodname_dependabot_alerts %}**: Habilidade de ignorar ou reabrir {% data variables.product.prodname_dependabot_alerts %}. +- **Visualizar {% data variables.product.prodname_secret_scanning %} resultados**: Habilidade de visualizar alertas de {% data variables.product.prodname_secret_scanning %}. +- **Ignorar ou reabrir {% data variables.product.prodname_secret_scanning %} resultados**: Habilidade de ignorar ou reabrir alertas de {% data variables.product.prodname_secret_scanning %}. -## Precedence for different levels of access +## Precedência para diferentes níveis de acesso -If a person is given different levels of access through different avenues, such as team membership and the base permissions for an organization, the highest access overrides the others. For example, if an organization owner gives an organization member a custom role that uses the "Read" inherited role, and then an organization owner sets the organization's base permission to "Write", then this custom role will have write access, along with any additional permissions included in the custom role. +Se uma pessoa receber diferentes níveis de acesso por meio de caminhos diferentes como, por exemplo, a associação a uma equipe e as permissões básicas para uma organização, o maior acesso substitui os outros. Por exemplo, se um proprietário da organização dá a um integrante da organização uma função personalizada que use a função de "ler" herdada e, em seguida, o proprietário da organização definir a permissão de base da organização para "gravar", essa função personalizada terá acesso de gravação, junto com quaisquer permissões adicionais incluídas na função personalizada. {% data reusables.organizations.mixed-roles-warning %} -To resolve conflicting access, you can adjust your organization's base permissions or the team's access, or edit the custom role. Para obter mais informações, consulte: +Para resolver o acesso conflitante, você pode ajustar as permissões básicas da sua organização ou o acesso da equipe ou editar a função personalizada. Para obter mais informações, consulte: - "[Configurando permissões de base para uma organização](/github/setting-up-and-managing-organizations-and-teams/setting-base-permissions-for-an-organization)" - "[Gerenciar o acesso da equipe a um repositório da organização](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)" - - "[Editing a repository role](#editing-a-repository-role)" + - "[Editando uma função do repositório](#editing-a-repository-role)" -## Creating a repository role +## Criando a função de um repositório -To create a new repository role, you add permissions to an inherited role and give the custom role a name. +Para criar uma nova função do repositório, você deve adicionar permissões a uma função herdada e dar um nome à função personalizada. {% data reusables.profile.access_profile %} {% data reusables.profile.access_org %} {% data reusables.organizations.org_settings %} {% data reusables.organizations.org-list %} {% data reusables.organizations.org-settings-repository-roles %} -5. Click **Create a Role**. ![Screenshot of "Create a Role" button](/assets/images/help/organizations/repository-role-create-role.png) -4. Under "Name", type the name of your repository role. ![Field to type a name for the repository role](/assets/images/help/organizations/repository-role-name.png) -5. Under "Description", type a description of your repository role. ![Field to type a description for the repository role](/assets/images/help/organizations/repository-role-description.png) -6. Under "Choose a role to inherit", select the role you want to inherit. ![Selecting repository role base role option](/assets/images/help/organizations/repository-role-base-role-option.png) -7. Under "Add Permissions", use the drop-down menu to select the permissions you want your custom role to include. ![Selecting permission levels from repository role drop-down](/assets/images/help/organizations/repository-role-drop-down.png) -7. Click **Create role**. ![Confirm creating a repository role](/assets/images/help/organizations/repository-role-creation-confirm.png) +5. Clique **Criar uma função**. ![Captura de tela do botão "Criar uma função"](/assets/images/help/organizations/repository-role-create-role.png) +4. Em "Nome", digite o nome da função do seu repositório. ![Campo para digitar um nome para a função de um repositório](/assets/images/help/organizations/repository-role-name.png) +5. Em "Descrição", digite uma descrição da função do repositório. ![Campo para digitar uma descrição para o papel do repositório](/assets/images/help/organizations/repository-role-description.png) +6. Em "Escolha uma função para herdar", selecione a função que deseja herdar. ![Selecionando a opção da função de base do repositório](/assets/images/help/organizations/repository-role-base-role-option.png) +7. Em "Adicionar permissões", use o menu suspenso para selecionar as permissões que você deseja que a sua função personalizada inclua. ![Selecionando níveis de permissão da função a partir do menu suspenso da função do repositório](/assets/images/help/organizations/repository-role-drop-down.png) +7. Clique em **Criar função**. ![Confirmar a criação de função de repositório](/assets/images/help/organizations/repository-role-creation-confirm.png) -## Editing a repository role +## Editando a função de um repositório {% data reusables.profile.access_profile %} {% data reusables.profile.access_org %} {% data reusables.organizations.org_settings %} {% data reusables.organizations.org-list %} {% data reusables.organizations.org-settings-repository-roles %} -3. To the right of the role you want to edit, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %}, then click **Edit**. ![Edit option in drop-down menu for repository roles](/assets/images/help/organizations/repository-role-edit-setting.png) -4. Edit, then click **Update role**. ![Edit fields and update repository roles](/assets/images/help/organizations/repository-role-update.png) +3. À direita da função que você deseja editar, clique em {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} e, em seguida, clique em **Editar**. ![Editar opção no menu suspenso para funções de repositório](/assets/images/help/organizations/repository-role-edit-setting.png) +4. Edite e, em seguida, clique em **Atualizar função**. ![Editar campos e atualizar funções do repositório](/assets/images/help/organizations/repository-role-update.png) -## Deleting a repository role +## Excluindo a função de um repositório -If you delete an existing repository role, all pending invitations, teams, and users with the custom role will be reassigned to the organization's base permissions. +Se você excluir a função de um repositório existente, todos os convites pendentes, equipes e usuários com a função personalizada serão reatribuidos às permissões básicas da organização. {% data reusables.profile.access_profile %} {% data reusables.profile.access_org %} {% data reusables.organizations.org_settings %} {% data reusables.organizations.org-list %} {% data reusables.organizations.org-settings-repository-roles %} -3. To the right of the role you want to delete, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %}, then click **Delete**. ![Edit option in drop-down menu for repository roles](/assets/images/help/organizations/repository-role-delete-setting.png) +3. À direita da função que você deseja excluir, clique em {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %} e, em seguida, clique em **Excluir**. ![Editar opção no menu suspenso para funções de repositório](/assets/images/help/organizations/repository-role-delete-setting.png) 4. Revise as alterações para a função que você deseja remover e, em seguida, clique em **Excluir função**. ![Confirme a exclusão de uma função do repositório](/assets/images/help/organizations/repository-role-delete-confirm.png) diff --git a/translations/pt-BR/content/packages/learn-github-packages/about-permissions-for-github-packages.md b/translations/pt-BR/content/packages/learn-github-packages/about-permissions-for-github-packages.md index 65e695db6f..0a2002bec9 100644 --- a/translations/pt-BR/content/packages/learn-github-packages/about-permissions-for-github-packages.md +++ b/translations/pt-BR/content/packages/learn-github-packages/about-permissions-for-github-packages.md @@ -47,8 +47,7 @@ Para usar ou gerenciar um pacote hospedado por um registro de pacotes, você dev Por exemplo: - Para fazer o download e instalar pacotes de um repositório, seu token deve ter o escopo `read:packages` e sua conta de usuário deve ter permissão de leitura. -- {% ifversion fpt or ghes or ghec %}Para excluir um pacote em {% data variables.product.product_name %}, o seu token deve ter pelo menos o escopo `delete:packages` e `read:packages`. O escopo do `repositório` também é necessário para pacotes com escopo do repositório.{% elsif ghae %}Para excluir uma versão especificada de um pavote em {% data variables.product.product_name %}, o seu token deve ter o escopo `delete:packages` e `repo` scope.{% endif %} Para obter mais informações, consulte "[Excluindo e restaurando um pacote](/packages/learn-github-packages/deleting-and-restoring-a-package)." - +- |{% ifversion fpt or ghes > 3.1 or ghec %}Para excluir um pacote em {% data variables.product.product_name %}, o seu token deve ter pelo menos o escopo `delete:packages` e `read:packages`. O escopo do `repositório` também é necessário para pacotes com escopo de repositório. Para obter mais informações, consulte "format@@0[Excluindo e restaurando um pacote](/packages/learn-github-packages/deleting-and-restoring-a-package).{% elsif ghae %}Para excluir uma versão específica de um pacote em {% data variables.product.product_name %}, seu token deve ter os escopos `delete:packages` e `repositório`. Para obter mais informações, consulte "[Excluindo e restaurando um pacote](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} | Escopo | Descrição | Permissão necessária | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------- | -------------------- | | `read:packages` | Faça o download e instale pacotes do {% data variables.product.prodname_registry %} | leitura | diff --git a/translations/pt-BR/content/packages/learn-github-packages/deleting-and-restoring-a-package.md b/translations/pt-BR/content/packages/learn-github-packages/deleting-and-restoring-a-package.md index 0c2df5d4d1..772bd0bd15 100644 --- a/translations/pt-BR/content/packages/learn-github-packages/deleting-and-restoring-a-package.md +++ b/translations/pt-BR/content/packages/learn-github-packages/deleting-and-restoring-a-package.md @@ -9,7 +9,7 @@ redirect_from: - /packages/guides/deleting-a-container-image versions: fpt: '*' - ghes: '*' + ghes: '>=3.2' ghec: '*' ghae: '*' shortTitle: Excluir & restaurar um pacote diff --git a/translations/pt-BR/content/packages/learn-github-packages/introduction-to-github-packages.md b/translations/pt-BR/content/packages/learn-github-packages/introduction-to-github-packages.md index 1292276a7b..2f92adc46d 100644 --- a/translations/pt-BR/content/packages/learn-github-packages/introduction-to-github-packages.md +++ b/translations/pt-BR/content/packages/learn-github-packages/introduction-to-github-packages.md @@ -108,7 +108,7 @@ You can delete a private or public package in the {% data variables.product.prod You can delete a version of a package in the {% data variables.product.product_name %} user interface or using the GraphQL API. {% endif %} -When you use the GraphQL API to query and delete private packages, you must use the same token you use to authenticate to {% data variables.product.prodname_registry %}. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" and "[Forming calls with GraphQL]({% ifversion ghec %}/free-pro-team@latest{% endif %}/graphql/guides/forming-calls-with-graphql)." +When you use the GraphQL API to query and delete private packages, you must use the same token you use to authenticate to {% data variables.product.prodname_registry %}. For more information, see {% ifversion fpt or ghec or ghes > 3.1 or ghae %}"[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" and {% endif %}"[Forming calls with GraphQL]({% ifversion ghec %}/free-pro-team@latest{% endif %}/graphql/guides/forming-calls-with-graphql)." You can configure webhooks to subscribe to package-related events, such as when a package is published or updated. For more information, see the "[`package` webhook event](/webhooks/event-payloads/#package)." diff --git a/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md b/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md index 724f57e18d..c18396b6fa 100644 --- a/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md +++ b/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md @@ -190,5 +190,5 @@ To install an Apache Maven package from {% data variables.product.prodname_regis ## Further reading -- "[Working with the Gradle registry](/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry)" -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +- "[Working with the Gradle registry](/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry)"{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)"{% endif %} diff --git a/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md b/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md index dc433c384c..f114ecd455 100644 --- a/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md +++ b/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md @@ -261,8 +261,12 @@ $ docker pull HOSTNAME/OWNER/REPOSITORY/IMAGE_NAME:TAG_NAME {% endnote %} +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} + ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +{% endif %} + {% endif %} diff --git a/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md b/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md index 7ff16231a5..62c520c70b 100644 --- a/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md +++ b/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md @@ -215,5 +215,5 @@ To use a published package from {% data variables.product.prodname_registry %}, ## Further reading -- "[Working with the Apache Maven registry](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)" -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +- "[Working with the Apache Maven registry](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)"{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)"{% endif %} diff --git a/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md b/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md index b7d14dcd6a..f34f6977a1 100644 --- a/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md +++ b/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md @@ -27,7 +27,7 @@ If you publish over 1,000 npm package versions to {% data variables.product.prod In the future, to improve performance of the service, you won't be able to publish more than 1,000 versions of a package on {% data variables.product.prodname_dotcom %}. Any versions published before hitting this limit will still be readable. -If you reach this limit, consider deleting package versions or contact Support for help. When this limit is enforced, our documentation will be updated with a way to work around this limit. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" or "[Contacting Support](/packages/learn-github-packages/about-github-packages#contacting-support)." +If you reach this limit, consider deleting package versions or contact Support for help. When this limit is enforced, our documentation will be updated with a way to work around this limit. For more information, see {% ifversion fpt or ghec or ghes > 3.1 or ghae %}"[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" or {% endif %}"[Contacting Support](/packages/learn-github-packages/about-github-packages#contacting-support)." ## Authenticating to {% data variables.product.prodname_registry %} @@ -212,7 +212,3 @@ If your instance has subdomain isolation disabled: {% data variables.product.prodname_registry %} allows you to access the official NPM registry at `registry.npmjs.com`, if your {% data variables.product.prodname_ghe_server %} administrator has enabled this feature. For more information, see [Connecting to the official NPM registry](/admin/packages/configuring-packages-support-for-your-enterprise#connecting-to-the-official-npm-registry). {% endif %} - -## Further reading - -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" diff --git a/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md b/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md index 0fb8b99987..cd835bf35f 100644 --- a/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md +++ b/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md @@ -232,6 +232,8 @@ Your NuGet package may fail to push if the `RepositoryUrl` in *.csproj* is not s If you're using a nuspec file, ensure that it has a `repository` element with the required `type` and `url` attributes. +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +{% endif %} diff --git a/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md b/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md index c17c6eaa13..01a56b4478 100644 --- a/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md +++ b/translations/pt-BR/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md @@ -136,7 +136,7 @@ You can use gems from {% data variables.product.prodname_registry %} much like y end ``` -3. For Bundler versions earlier than 1.7.0, you need to add a new global `source`. For more information on using Bundler, see the [bundler.io documentation](http://bundler.io/v1.5/gemfile.html). +3. For Bundler versions earlier than 1.7.0, you need to add a new global `source`. For more information on using Bundler, see the [bundler.io documentation](https://bundler.io/gemfile.html). ```ruby source "https://{% ifversion fpt or ghec %}rubygems.pkg.github.com{% else %}REGISTRY-URL{% endif %}/OWNER" @@ -151,6 +151,10 @@ You can use gems from {% data variables.product.prodname_registry %} much like y $ gem install octo-gem --version "0.1.1" ``` +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} + ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" + +{% endif %} diff --git a/translations/pt-BR/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md b/translations/pt-BR/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md index f1928a2f18..1852cc5437 100644 --- a/translations/pt-BR/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md +++ b/translations/pt-BR/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md @@ -50,6 +50,12 @@ Antes de usar o Jekyll para testar um site, você deve: ``` 3. Para visualizar o site, navegue para `http://localhost:4000` no navegador da web. +{% note %} + +**Observação:** Se você estiver usando o Ruby 3.0 e Jekyll 4.2 ou versão anterior, você deverá adicionar o gem do `webrick` ao arquivo do seu projeto antes de executar `bundle install`. + +{% endnote %} + ## Atualizar o gem do {% data variables.product.prodname_pages %} O Jekyll é um projeto ativo de código aberto que é atualizado com frequência. Se o gem `github-pages` no seu computador estiver desatualizado em relação ao gem `github-pages` no servidor do {% data variables.product.prodname_pages %}, seu site poderá ter uma aparência diferente da criada localmente quando for publicado no {% data variables.product.product_name %}. Para evitar isso, atualize regularmente o gem `github-pages` no seu computador. diff --git a/translations/pt-BR/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md b/translations/pt-BR/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md index f80dd0d34d..f40e97b670 100644 --- a/translations/pt-BR/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md +++ b/translations/pt-BR/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md @@ -17,9 +17,11 @@ topics: shortTitle: Solicitar revisão de PR --- -Proprietários e colaboradores de um repositório pertencente a uma conta de usuário podem atribuir revisões de pull requests. Os integrantes da organização com permissões de triagem em um repositório podem atribuir uma revisão de pull request. +Repositories belong to a personal account (a single individual owner) or an organization account (a shared account with numerous collaborators or maintainers). Para obter mais informações, consulte "[Tipos de contas de {% data variables.product.prodname_dotcom %}](/get-started/learning-about-github/types-of-github-accounts)". Owners and collaborators on a repository owned by a personal account can assign pull request reviews. Organization members with triage permissions can also assign a reviewer for a pull request. -Os proprietários e colaboradores podem atribuir uma revisão de pull request a qualquer pessoa que recebeu explicitamente [acesso de leitura](/articles/access-permissions-on-github) em um repositório pertencente a um usuário. Os integrantes da organização podem atribuir uma revisão de pull request para qualquer pessoa ou equipe com acesso de leitura em um repositório. O revisor ou a equipe receberão uma notificação informando que você solicitou a revisão de uma pull request. {% ifversion fpt or ghae or ghes or ghec %}Se você solicitar uma revisão de uma equipe e a atribuição de revisão de código estiver ativada, integrantes específicos serão solicitados e a equipe será removida como revisora. Para obter mais informações, consulte "[Gerenciando configurações de revisão de código para sua equipe](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)".{% endif %} +To assign a reviewer to a pull request, you will need write access to the repository. For more information about repository access, see "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)." If you have write access, you can assign anyone who has read access to the repository as a reviewer. + +Organization members with write access can also assign a pull request review to any person or team with read access to a repository. O revisor ou a equipe receberão uma notificação informando que você solicitou a revisão de uma pull request. {% ifversion fpt or ghae or ghes or ghec %}Se você solicitar uma revisão de uma equipe e a atribuição de revisão de código estiver ativada, integrantes específicos serão solicitados e a equipe será removida como revisora. Para obter mais informações, consulte "[Gerenciando configurações de revisão de código para sua equipe](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)".{% endif %} {% note %} diff --git a/translations/pt-BR/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md b/translations/pt-BR/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md index 990f1faecb..93b6a9420b 100644 --- a/translations/pt-BR/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md +++ b/translations/pt-BR/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request.md @@ -29,7 +29,7 @@ shortTitle: Revisar alterações de dependência {% data reusables.dependency-review.feature-overview %} -{% ifversion ghec %}Before you can use dependency review in a private repository, you must enable the dependency graph. For more information, see "[Exploring the dependencies of a repository](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)."{% endif %} +{% ifversion ghec %}Antes de usar a revisão de dependências em um repositório privado, você deve habilitar o gráfico de dependências. Para obter mais informações, consulte "[Explorando as dependências de um repositório](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)"{% endif %} {% ifversion ghes > 3.1 %} Antes de você poder usar a revisão de dependências, você deverá habilitar o gráfico de dependências e conectar {% data variables.product.product_location %} a {% data variables.product.prodname_dotcom_the_website %}. Para obter mais informações, consulte "[Habilitar alertas para dependências vulneráveis em {% data variables.product.prodname_ghe_server %}](/admin/configuration/managing-connections-between-github-enterprise-server-and-github-enterprise-cloud/enabling-alerts-for-vulnerable-dependencies-on-github-enterprise-server){% endif %} diff --git a/translations/pt-BR/content/pull-requests/index.md b/translations/pt-BR/content/pull-requests/index.md index 8d7d2bc412..667545b1ff 100644 --- a/translations/pt-BR/content/pull-requests/index.md +++ b/translations/pt-BR/content/pull-requests/index.md @@ -1,6 +1,6 @@ --- title: Pull requests -intro: 'Learn how to use pull requests to suggest changes to a project, receive suggested changes to your own projects, and address issues in pull requests, such as merge conflicts.' +intro: 'Aprenda a usar pull requests para sugerir alterações a um projeto, receber alterações sugeridas em seus próprios projetos e resolver problemas em pull requests, como conflitos de merge.' introLinks: overview: /pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests featuredLinks: diff --git a/translations/pt-BR/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md b/translations/pt-BR/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md index 61f927b13a..d172f0cbf3 100644 --- a/translations/pt-BR/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md +++ b/translations/pt-BR/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md @@ -38,7 +38,7 @@ Cada arquivo CODEOWNERS atribui os proprietários do código para um único bran Para que os proprietários do código recebam solicitações de revisão, o arquivo CODEOWNERS deve estar no branch base da pull request. Por exemplo, se você atribuir `@octocat` como o proprietário do código para arquivos *.js* no branch `gh-pages` do seu repositório, `@octocat` receberá solicitações de revisão quando uma pull request com alterações nos arquivos *.js* for aberta entre o branch head e `gh-pages`. -{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-9273 %} +{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4675 %} ## Tamanho do arquivo CODEOWNERS Os arquivos CODEOWNERS devem ter menos de 3 MB. Um arquivo CODEOWNERS acima deste limite não será carregado, o que significa que as informações do proprietário do código não serão mostradas e não será solicitado que os proprietários do código apropriado revise as alterações em um pull request. diff --git a/translations/pt-BR/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md b/translations/pt-BR/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md index 8ff77db4bd..9c84b433b3 100644 --- a/translations/pt-BR/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md +++ b/translations/pt-BR/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md @@ -7,7 +7,7 @@ versions: fpt: '*' ghec: '*' ghes: '>3.2' - ghae-issue-4974: '*' + ghae: issue-4974 topics: - Repositories --- diff --git a/translations/pt-BR/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md b/translations/pt-BR/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md index 00cfe5f70e..a1e310ab16 100644 --- a/translations/pt-BR/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md +++ b/translations/pt-BR/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md @@ -73,5 +73,5 @@ Quase todos os softwares dependem do código desenvolvido e mantido por outros d O gráfico de dependências fornece uma ótima maneira de visualizar e explorar as dependências de um repositório. Para obter mais informações, consulte "[Sobre o gráfico de dependências](/code-security/supply-chain-security/about-the-dependency-graph)" e "[Explorar as dependências de um repositório](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository)". -Você também pode configurar o seu repositório para que {% data variables.product.company_short %} alerte você automaticamente sempre que uma vulnerabilidade de segurança for encontrada em uma das suas dependências. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" +Você também pode configurar o seu repositório para que {% data variables.product.company_short %} alerte você automaticamente sempre que uma vulnerabilidade de segurança for encontrada em uma das suas dependências. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". {% endif %} diff --git a/translations/pt-BR/content/repositories/working-with-files/managing-files/adding-a-file-to-a-repository.md b/translations/pt-BR/content/repositories/working-with-files/managing-files/adding-a-file-to-a-repository.md index 0baefc3ba9..a4c3dd0208 100644 --- a/translations/pt-BR/content/repositories/working-with-files/managing-files/adding-a-file-to-a-repository.md +++ b/translations/pt-BR/content/repositories/working-with-files/managing-files/adding-a-file-to-a-repository.md @@ -69,4 +69,4 @@ Você pode enviar um arquivo existente para um repositório em {% ifversion ghae ## Leia mais -- "[Adding locally hosted code to {% data variables.product.product_name %}](/get-started/importing-your-projects-to-github/importing-source-code-to-github//adding-locally-hosted-code-to-github)" +- "[Adicionando um código localmente hospedado em {% data variables.product.product_name %}](/get-started/importing-your-projects-to-github/importing-source-code-to-github//adding-locally-hosted-code-to-github)" diff --git a/translations/pt-BR/content/repositories/working-with-files/using-files/working-with-non-code-files.md b/translations/pt-BR/content/repositories/working-with-files/using-files/working-with-non-code-files.md index f19da986f1..206dae6014 100644 --- a/translations/pt-BR/content/repositories/working-with-files/using-files/working-with-non-code-files.md +++ b/translations/pt-BR/content/repositories/working-with-files/using-files/working-with-non-code-files.md @@ -130,6 +130,12 @@ Por padrão, o renderizador incorporado tem 420 pixels de largura por 620 pixels {% endtip %} +{% if mermaid %} +### Interpretação em Markdown + +Você pode incorporar a sintaxe do ASCII STL diretamente ao Markdown. Para obter mais informações, consulte "[Criando diagramas](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-stl-3d-models)". +{% endif %} + ## Renderizar dados CSV e TSV O GitHub oferece suporte à renderização de dados tabulares na forma de arquivos *.csv* (separados por vírgula) e .*tsv* (separados por tubulação). @@ -233,7 +239,7 @@ Quando você clicar no ícone de folha de papel à direita, também verá as alt ![Captura de tela seletor Source Render (Renderizar fonte)](/assets/images/help/repository/source-render-toggle-geojson.png) -### Tipos geométricos +### Tipos de geometria Os mapas no {% data variables.product.product_name %} usam [Leaflet.js](http://leafletjs.com) e são compatíveis com todos os tipos geométricos descritos nas [especificações geoJSON](http://www.geojson.org/geojson-spec.html) (Ponto, LineString, Polígono, Múltiplos Pontos, MultiLineString, MultiPolygon e GeometryCollection). Os arquivos TopoJSON devem ser do tipo "Topology" (Topologia) e estar de acordo com as [especificações topoJSON](https://github.com/mbostock/topojson/wiki/Specification). @@ -274,6 +280,12 @@ Por padrão, o mapa incorporado tem 420px x 620px, mas é possível personalizar {% endtip %} +{% if mermaid %} +### Mapeamento em Markdown + +Você pode incorporar geoJSON e topoJSON diretamente ao Markdown. Para obter mais informações, consulte "[Criando diagramas](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-geojson-and-topojson-maps)". +{% endif %} + ### Clustering Se o seu mapa contém um número grande de marcadores (aproximadamente mais de 750), em níveis de zoom maiores, o GitHub automaticamente fará cluster de marcadores próximos. Simplesmente clique em cluster ou aumentar o zoom para ver os marcadores individuais. @@ -292,7 +304,7 @@ Além disso, se o seu arquivo `.geojson` for particularmente grande (acima de 10 Ainda pode ser possível renderizar os dados convertendo o arquivo `.geojson` em [TopoJSON](https://github.com/mbostock/topojson), um formato compactado que pode reduzir o tamanho dos arquivos em até 80%, em alguns casos. Claro que você sempre pode quebrar os arquivos em pedaços menores (como por estado ou por ano) e armazenar os dados em vários arquivos no repositório. -### Recursos adicionais +### Leia mais * [Documentação geojson Leaflet.js](http://leafletjs.com/examples/geojson.html) * [Documentação MapBox marcadores de estilo](http://www.mapbox.com/developers/simplestyle/) @@ -320,3 +332,44 @@ $ jupyter nbconvert --to html NOTEBOOK-NAME.ipynb - [Repositório do GitHub do Jupyter Notebook](https://github.com/jupyter/jupyter_notebook) - [Galeria de Jupyter Notebooks](https://github.com/jupyter/jupyter/wiki/A-gallery-of-interesting-Jupyter-Notebooks) + +{% if mermaid %} +## Exibindo arquivos do Mermaid em {% data variables.product.prodname_dotcom %} + +{% data variables.product.product_name %} é compatível com os arquivos de interpretação do Mermaid dentro dos repositórios. Faça o commit do arquivo como você faria normalmente, usando a extensão `.mermaid` ou `.mmd`. Em seguida, acesse o caminho do arquivo do Mermaid em {% data variables.product.prodname_dotcom %}. + +Por exemplo, se você adicionar um arquivo `.mmd` com o seguinte conteúdo para o repositório: + +``` +graph TD + A[Friend's Birthday] -->|Get money| B(Go shopping) + B --> C{Let me think} + C -->|One| D["Cool
Laptop"] + C -->|Two| E[iPhone] + C -->|Three| F[fa:fa-car Car] +``` + +Ao visualizar o arquivo no repositório, ele é interpretado como um gráfico de fluxo. ![Diagrama de arquivo do mermaid interpretado](/assets/images/help/repository/mermaid-file-diagram.png) + +### Solução de Problemas + +Se o seu gráfico não faz nenhuma interpretação, verifique se ele contém uma sintaxe válida do Markdown do Mermaid, verificando sua carta com [editor ativo do Mermaid](https://mermaid.live/edit). + +Se o gráfico é exibido, mas não aparece como você esperava, você pode criar uma nova discussão de feedback [](https://github.com/github/feedback/discussions/categories/general-feedback) e adicionar a tag `mermaid`. + +#### Problemas conhecidos + +* O gráfico do diagrama de sequência é frequentemente interpretado com preenchimento adicional abaixo do gráfico, com preenchimento adicional acrescentado à medida que o tamanho do gráfico aumenta. Este é um problema conhecido com a biblioteca do Mermaid. +* Os nós do ator com menus popover não funcionam como esperado dentro de gráficos de diagrama de sequência. Isto se deve uma discrepância na forma como eventos do JavaScript são adicionados a um gráfico quando a API da biblioteca do Mermaid é usada para interpretar um gráfico. +* Nem todos os gráficos são conformes com a11y. Isso pode afetar os usuários que dependem de um leitor de tela. + +### Mermaid no Markdown + +Você pode incorporar a sintaxe do Mermaid diretamente no Markdown. Para obter mais informações, consulte "[Criando diagramas](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-mermaid-diagrams)". + +### Leia mais + +* [Documentação do Mermaid.js](https://mermaid-js.github.io/mermaid/#/) +* [Editor ativo do Mermaid.js](https://mermaid.live/edit) +{% endif %} + diff --git a/translations/pt-BR/content/rest/overview/permissions-required-for-github-apps.md b/translations/pt-BR/content/rest/overview/permissions-required-for-github-apps.md index 270c6e7939..3d2dbe81ab 100644 --- a/translations/pt-BR/content/rest/overview/permissions-required-for-github-apps.md +++ b/translations/pt-BR/content/rest/overview/permissions-required-for-github-apps.md @@ -121,6 +121,9 @@ _Pesquisar_ - [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#get-an-artifact) (:read) - [`DELETE /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#delete-an-artifact) (:write) - [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id/zip`](/rest/reference/actions#download-an-artifact) (:read) +{% if actions-cache-management -%} +- [`GET /repos/:owner/:repo/actions/cache/usage`](/rest/reference/actions#get-github-actions-cache-usage-for-a-repository) (:read) +{% endif -%} - [`GET /repos/:owner/:repo/actions/jobs/:job_id`](/rest/reference/actions#get-a-job-for-a-workflow-run) (:read) - [`GET /repos/:owner/:repo/actions/jobs/:job_id/logs`](/rest/reference/actions#download-job-logs-for-a-workflow-run) (:read) - [`GET /repos/:owner/:repo/actions/runs`](/rest/reference/actions#list-workflow-runs-for-a-repository) (:read) @@ -644,6 +647,10 @@ _Equipes_ ### Permissão em "administração da organização" - [`PATCH /orgs/:org`](/rest/reference/orgs#update-an-organization) (:write) +{% if actions-cache-management -%} +- [`GET /orgs/:org/actions/cache/usage`](/rest/reference/actions#get-github-actions-cache-usage-for-an-organization) (:read) +- [`GET /orgs/:org/actions/cache/usage-by-repository`](/rest/reference/actions#list-repositories-with-github-actions-cache-usage-for-an-organization) (:read) +{% endif -%} {% ifversion fpt -%} - [`GET /orgs/:org/interaction-limits`](/rest/reference/interactions#get-interaction-restrictions-for-an-organization) (:read) {% endif -%} diff --git a/translations/pt-BR/content/rest/reference/deploy_keys.md b/translations/pt-BR/content/rest/reference/deploy_keys.md new file mode 100644 index 0000000000..03aca4d663 --- /dev/null +++ b/translations/pt-BR/content/rest/reference/deploy_keys.md @@ -0,0 +1,17 @@ +--- +title: Chave de implantação +intro: A API das chaves de implantação permite criar uma chave de SSH que é armazenada no seu servidor e permite acesso a um repositório do GitHub. +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: '*' + ghec: '*' +topics: + - API +miniTocMaxHeadingLevel: 3 +--- + + diff --git a/translations/pt-BR/content/rest/reference/deployments.md b/translations/pt-BR/content/rest/reference/deployments.md index e3455e2c40..4a1aaf921c 100644 --- a/translations/pt-BR/content/rest/reference/deployments.md +++ b/translations/pt-BR/content/rest/reference/deployments.md @@ -1,6 +1,6 @@ --- title: Implantações -intro: 'A API de implantação permite que você crie e exclua chaves de implantação, implantações e ambientes de implantação.' +intro: A API de implantações permite que você crie e exclua implantações e ambientes de implantação. allowTitleToDifferFromFilename: true versions: fpt: '*' diff --git a/translations/pt-BR/content/rest/reference/index.md b/translations/pt-BR/content/rest/reference/index.md index 8589197328..f1c1ae1e64 100644 --- a/translations/pt-BR/content/rest/reference/index.md +++ b/translations/pt-BR/content/rest/reference/index.md @@ -22,6 +22,7 @@ children: - /collaborators - /commits - /dependabot + - /deploy_keys - /deployments - /emojis - /enterprise-admin diff --git a/translations/pt-BR/content/github/site-policy/github-acceptable-use-policies.md b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md similarity index 57% rename from translations/pt-BR/content/github/site-policy/github-acceptable-use-policies.md rename to translations/pt-BR/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md index 28b42d9340..328d6c5522 100644 --- a/translations/pt-BR/content/github/site-policy/github-acceptable-use-policies.md +++ b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md @@ -2,6 +2,7 @@ title: Políticas de uso aceitável do GitHub redirect_from: - /articles/github-acceptable-use-policies + - /github/site-policy/github-acceptable-use-policies versions: fpt: '*' topics: @@ -9,66 +10,70 @@ topics: - Legal --- -**Versão curta:** _hospedamos uma ampla variedade de projetos colaborativos de todo o mundo, e essa colaboração só funciona quando todos os nossos usuários conseguem trabalhar juntos de boa fé. Ao usar o Serviço, você deve estar de acordo com nossas Políticas de Uso Aceitável, que inclui algumas restrições sobre o conteúdo que você pode publicar, conduta no serviço e outras limitações. Em resumo, sejam excelentes uns com os outros._ +**Versão curta:** _hospedamos uma ampla variedade de projetos colaborativos de todo o mundo, e essa colaboração só funciona quando todos os nossos usuários conseguem trabalhar juntos de boa fé. Ao usar o Serviço, você deve cumprir nossas Políticas de Uso Aceitável, que incluem algumas restrições ao conteúdo e conduta no GitHub relacionadas à segurança dos usuários, propriedade intelectual, privacidade, autenticidade e outras limitações. Em resumo, sejam excelentes uns com os outros._ Termos com iniciais em letras maiúsculas, mas não definidos nestas Políticas de Uso Aceitável, têm o significado atribuído a eles em nossos [Termos de serviço](/articles/github-terms-of-service), [Termos de serviço corporativos](/articles/github-corporate-terms-of-service) e [Declaração de privacidade](/articles/github-privacy-statement). Para clientes sujeitos aos [Termos de serviço corporativos](/articles/github-corporate-terms-of-service), "você", "seu(sua)" e "seus(suas)" referem-se ao "Cliente" ou "Usuários". "Nós", "nos", "nosso(a)", "nossos(as)" referem-se ao "GitHub". ## 1. Cumprimento de leis e regulamentos Você é responsável por usar o Serviço em conformidade com as leis aplicáveis, regulamentos e todas as nossas Políticas de Uso Aceitável. Essas políticas podem ser atualizadas periodicamente e estão dispostas abaixo, assim como em nossos [Termos de serviço](/articles/github-terms-of-service) e [Termos de serviço corporativos](/articles/github-corporate-terms-of-service). -## 2. Restrições de conteúdo -Em hipótese alguma, os usuários irão fazer o upload, postagem, hospedagem, executar out transmitir qualquer conteúdo que: +## 2. Segurança do Usuário +Nós não permitimos conteúdo ou atividade no GitHub que: - seja ilegal ou promova atividades ilegais; -- seja ou contenha[conteúdo sexualmente obsceno](/github/site-policy/github-community-guidelines#sexually-obscene-content); +- seja [sexualmente obsceno](/github/site-policy/github-sexually-obscene-content) ou esteja relacionado à exploração ou abuso sexual, incluindo menores; - seja injurioso, difamatório ou fraudulento; -- seja [discriminatório ou abusivo](/github/site-policy/github-community-guidelines#hate-speech-and-discrimination) para qualquer indivíduo ou grupo; +- seja [discriminatório ou abusivo](/github/site-policy/github-hate-speech-and-discrimination) para qualquer indivíduo ou grupo; -- [retrate gratuitamente ou exalte a violência](/github/site-policy/github-community-guidelines#gratuitously-violent-content), incluindo imagens violentas; +- seja [falsa, imprecisa ou intencionalmente enganosa](/github/site-policy/github-misinformation-and-disinformation) e provável de afetar negativamente o interesse público (incluindo saúde, segurança, integridade eleitoral e participação cívica); -- seja ou contenha [informações falsas, imprecisas ou intencionalmente enganosas](/github/site-policy/github-community-guidelines#misinformation-and-disinformation) susceptíveis de afetar negativamente o interesse público (incluindo a saúde, segurança, integridade eleitoral e participação cívica); +- [persegiga ou abuse](/github/site-policy/github-bullying-and-harassment) de outro indivíduo ou grupo, incluindo nossos funcionários, oficiais e agentes ou outros usuários; -- suporta diretamente [campanhas ativas ilegais ou de malware](/github/site-policy/github-community-guidelines#active-malware-or-exploits) que estão causando danos técnicos como, por exemplo, o uso de nossa plataforma para fornecer executáveis maliciosos ou como infraestrutura de ataques, por exemplo, organizando a negação de ataques de serviço ou gerenciando servidores de comando e controle — sem fins implícitos ou explícitos com finalidade de dupla utilização antes do abuso ocorrer ou +- [ameace ou incita à violência](/github/site-policy/github-threats-of-violence-and-gratuitously-violent-content) referente a qualquer indivíduo ou grupo, especialmente com base em quem é; -- compartilha chaves de licenciamento de produtos não autorizadas, software para gerar chaves de licenciamento de produtos não autorizadas ou software para ignorar as verificações de chaves de licenciamento de produtos, incluindo a extensão de uma licença grátis além do seu período de teste; ou +- [retrate gratuitamente ou exalte a violência](/github/site-policy/github-threats-of-violence-and-gratuitously-violent-content), incluindo imagens violentas; ou -- infrinja qualquer direito de propriedade de qualquer parte, incluindo patentes, marcas comerciais, segredos comerciais, direitos autorais, direito de publicidade ou outros direitos. +- poste conteúdo que foge ao tópico ou interaja com as funcionalidades da plataforma, de forma a [interromper de forma significativa ou reiteradamente a experiência de outros usuários](/github/site-policy/github-disrupting-the-experience-of-other-users). -Consulte nossas [Diretrizes da Comunidade](/github/site-policy/github-community-guidelines#what-is-not-allowed) para obter mais informações. -## 3. Restrições de conduta -Ao usar o Serviço, em nenhuma circunstância você irá: +## 3. Propriedade intelectual, Autenticidade e Informações Privadas +Nós não permitimos conteúdo ou atividade no GitHub que: -- [assédio, abuso](/github/site-policy/github-community-guidelines#bullying-and-harassment), [ameaça ou incitação da violência](/github/site-policy/github-community-guidelines#threats-of-violence) com relação a qualquer indivíduo ou grupo, incluindo nossos funcionários, oficiais e agentes ou outros usuários; +- infrinja qualquer direito de propriedade de qualquer parte, incluindo patentes, marcas comerciais, segredos comerciais, direitos autorais, direito de publicidade ou outros direitos; -- postar conteúdo que foge ao tópico ou interagir com os recursos da plataforma, de forma que [interrompe de forma significativa ou reiteradamente a experiência de outros usuários](/github/site-policy/github-community-guidelines#disrupting-the-experience-of-other-users); +- compartilha ilicitamente chaves de licenciamento de produtos não autorizadas, software para gerar chaves de licenciamento de produtos não autorizadas ou software para ignorar as verificações de chaves de licenciamento de produtos, incluindo a extensão de uma licença grátis além do seu período de teste; -- usar nossos servidores para qualquer forma de [atividade em massa automatizada excessiva](/github/site-policy/github-acceptable-use-policies#4-spam-and-inauthentic-activity-on-github) (por exemplo, spam ou mineração de criptomoedas), colocar sobrecarga indevida nos nossos servidores por meios automatizados, ou retransmitir qualquer forma de publicidade ou solicitação não solicitada por meio de nossos servidores, como esquemas para enriquecer rápido; +- [passa por qualquer pessoa ou entidade](/github/site-policy/github-impersonation), incluindo qualquer um dos nossos funcionários ou representantes, inclusive por meio de uma associação falsa com o GitHub ou representar, de modo fraudulento, a sua identidade ou o propósito do site; ou -- usar nossos servidores para interromper ou tentar interromper, ou ganhar ou tentar ganhar acesso não autorizado a qualquer serviço, dispositivo, dados, conta ou rede (a menos que autorizado pelo [programa GitHub Bug Bounty](https://bounty.github.com)); - -- [passar por qualquer pessoa ou entidade](/github/site-policy/github-community-guidelines#impersonation), incluindo qualquer um dos nossos funcionários ou representantes, inclusive por meio de uma associação falsa com o GitHub ou representar, de modo fraudulento, a sua identidade ou o propósito do site; ou - -- [violar a privacidade de qualquer terceiro](/github/site-policy/github-community-guidelines#doxxing-and-invasion-of-privacy) como, por exemplo, postar informações pessoais de outra pessoa sem consentimento. - -Consulte nossas [Diretrizes da Comunidade](/github/site-policy/github-community-guidelines#what-is-not-allowed) para obter mais informações. +- [viola a privacidade de qualquer terceiro](/github/site-policy/github-doxxing-and-invasion-of-privacy) como, por exemplo, postar informações pessoais de outra pessoa sem consentimento. ## 4. Spam e Atividade Inautêntica no GitHub -Atividade em massa excessiva automatizada e atividade coordenada inautêntica, como spamming, são proibidas no GitHub. As atividades proibidas incluem: -* distribuição em massa de promoções e publicidade proibida pelos termos e políticas do GitHub -* interações inautênticas, como contas falsas e atividade inautêntica automatizada -* abuso de classificação, como estrelas ou following automatizados -* criação ou participação em mercados secundários para efeitos da proliferação de atividades inautênticas -* usar o GitHub como uma plataforma para disseminar abusos em outras plataformas -* phishing ou tentativa de phishing +Nós não permitimos conteúdo ou atividade no GitHub que seja: +- atividade automática em massa excessiva e autividade não autêntica coordenada, como + * spam + * mineração de criptomoedas; +* distribuição em massa de promoções e publicidade proibida pelos termos e políticas do GitHub; +* interações inautênticas, como contas falsas e atividade inautêntica automatizada; +* abuso de classificação, como estrelas ou following automatizados; +* criação ou participação em mercados secundários para efeitos da proliferação de atividades inautênticas; +* usar o GitHub como uma plataforma para disseminar abusos em outras plataformas; +* phishing ou tentativa de phishing; ou +* usar nossos servidores para qualquer forma de atividade em massa automatizada excessiva, a fim de colocar sobrecarga indevida em nossos servidores por meio de meios automatizados ou retransmitir qualquer forma de publicidade ou solicitação não solicitada por meio dos nossos servidores, como esquemas para enriquecer rapidamente. -## 5. Limites de uso dos serviços +## 5. Acesso ao Site e Segurança +Nós não permitimos conteúdo ou atividade no GitHub que: + +- suporta diretamente [campanhas ativas ilegais ou de malware](/github/site-policy/github-active-malware-or-exploits) que estão causando danos técnicos como, por exemplo, o uso de nossa plataforma para fornecer executáveis maliciosos ou como infraestrutura de ataques, por exemplo, organizando a negação de ataques de serviço ou gerenciando servidores de comando e controle — sem fins implícitos ou explícitos com finalidade de dupla utilização antes do abuso ocorrer ou +- usa nossos servidores para interromper ou tentar interromper, ou para obter ou tentar obter acesso não autorizado, qualquer serviço, dispositivo, dados, conta ou rede. Observe que as atividades permitidas em programas de recompensa de erros, como o [Programa de Recompensa de Erros do GitHub](https://bounty.github.com), não são considerados "não autorizados". + + +## 6. Limites de uso dos serviços Você não reproduzirá, duplicará, copiará, venderá, revenderá ou explorará qualquer parte do Serviço, uso do Serviço ou acesso ao Serviço sem nossa permissão expressa por escrito. -## 6. Restrições de uso de informações +## 7. Restrições de uso de informações Você pode usar as informações do nosso Serviço pelos motivos a seguir, independentemente de as informações terem sido processadas, coletadas pela nossa API ou obtidas de outra forma: - Os pesquisadores podem utilizar informações públicas e não pessoais do Serviço para fins de pesquisa, se todas as publicações resultantes dessa pesquisa forem de [acesso público](https://en.wikipedia.org/wiki/Open_access). @@ -80,24 +85,28 @@ Você não pode usar as informações do Serviço (quer seja por meio de raspage Seu uso de informações do Serviço deve estar em conformidade com a [Declaração de Privacidade do GitHub](/github/site-policy/github-privacy-statement). -## 7. Privacidade +## 8. Privacidade Uso indevido de Informações Pessoais é proibido. Qualquer pessoa, entidade ou serviço que colete dados do Serviço deve estar em conformidade com a [Declaração de privacidade do GitHub](/articles/github-privacy-statement), especialmente no que diz respeito à coleta de Informações Pessoais do Usuário. Se você coletar qualquer Informação Pessoal do Usuário a partir do Serviço, você concorda que somente usará essa Informação Pessoal do Usuário para os fins autorizados pelo usuário. Você concorda que protegerá de forma razoável qualquer Informação Pessoal do Usuário que você coletou do Serviço, e que você responderá prontamente a reclamações, solicitações de remoção e solicitações de "não contatar" nossas e de outros usuários. -## 8. Uso excessivo da largura de banda +## 9. Uso excessivo da largura de banda As limitações de largura de banda do Serviço variam com base nos recursos que você usa. Se constatarmos que seu uso de largura de banda é significativamente excessivo em relação a outros usuários com recursos similares, reservamos o direito de suspender sua Conta, reduzir a hospedagem de seu arquivo ou até mesmo limitar sua atividade até que você possa reduzir seu consumo de largura de banda. Também reservamos o direito — depois de fornecer aviso prévio — de excluir repositórios que avaliamos estar colocando pressão indevida em nossa infraestrutura. Para obter orientação sobre o uso aceitável do armazenamento de objetos em repositórios, consulte "[Qual é a minha cota de disco?](/github/managing-large-files/what-is-my-disk-quota)". Para obter mais detalhes sobre as limitações de largura de banda de recursos específicos, consulte os [Termos Adicionais do Produto GitHub](/github/site-policy/github-additional-product-terms). -## 9. Publicidade no GitHub +## 10. Publicidade no GitHub **Versão reduzida:***Geralmente não proibimos o uso do GitHub para publicidade. No entanto, esperamos que nossos usuários sigam certas limitações, de forma que o GitHub não se torne um paraíso do spam. Ninguém quer isso.* Embora entendamos que você pode querer promover seu Conteúdo publicando nomes de patrocinadores ou logotipos em sua Conta, o foco principal do Conteúdo postado em ou através de sua Conta para o Serviço não deve ser a publicidade ou o marketing promocional. Isto inclui Conteúdo publicado em ou através de Pages, pacotes, repositórios e todas as outras partes do Serviço. Você pode incluir imagens estáticas, links e texto promocional nos documentos LEIAME ou seções de descrição do projeto associadas à sua Conta, mas eles devem estar relacionados ao projeto que você está hospedando no GitHub. Você não pode fazer propaganda em Contas de outros Usuários, por exemplo, postando conteúdo em massa excessivo ou monetizado em "problemas". -Você não pode promover ou distribuir conteúdo ou atividade ilegal ou proibida por nossos [Termos de Serviço](/github/site-policy/github-terms-of-service/), [Diretrizes da Comunidade](/github/site-policy/github-community-guidelines/), ou [Política de Uso Aceitável](/github/site-policy/github-acceptable-use-policies/), incluindo a atividade em massa excessiva automatizada (por exemplo, spamming), esquemas do tipo fique rico rápido e erros de representação ou armadilhas relacionados com sua promoção. +Você não pode promover ou distribuir conteúdo ou atividade ilegal ou proibido por nossos [Termos de Serviço](/github/site-policy/github-terms-of-service/)ou [Políticas de Uso Aceitáveis](/github/site-policy/github-acceptable-use-policies/), incluindo a excessiva atividade automatizada em massa (por exemplo, spamming), esquemas para enriquecer rapidamente e a deturpação ou engano relacionados à sua promoção. Se você decidir postar quaisquer materiais promocionais em sua Conta, você é o único responsável por cumprir todas as leis e regulamentos aplicáveis, inclusive, sem limitações, as Diretrizes da Comissão Federal de Comércio dos EUA sobre Endossos e Depoimentos. Diretrizes da Comissão Federal do Comércio sobre Recomendações e Depoimentos. Nós nos reservamos o direito de remover quaisquer materiais promocionais ou anúncios que, a nosso exclusivo critério, violem quaisquer termos ou políticas do GitHub. -O GitHub reserva-se o direito de remover qualquer Conteúdo que viole essa política. +## 11. Proteção do usuário +Você não deve se envolver em atividades que prejudicam significativamente outros usuários. -## 10. Proteção do usuário -Você não deve se envolver em atividades que prejudicam significativamente outros usuários. Resolveremos disputas em favor da proteção dos usuários como um todo. +Interpretaremos nossas políticas e resolveremos nossas disputas a favor de proteger os usuários como um todo. + +--- + +O GitHub mantém total discrição para [tomar a ação](/github/site-policy/github-community-guidelines#what-happens-if-someone-violates-githubs-policies) em resposta a uma violação dessas políticas, incluindo a suspensão da conta, [cancelamento](/github/site-policy/github-terms-of-service#3-github-may-terminate) da conta ou [remoção](/github/site-policy/github-terms-of-service#2-github-may-remove-content) de conteúdo. diff --git a/translations/pt-BR/content/site-policy/acceptable-use-policies/github-active-malware-or-exploits.md b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-active-malware-or-exploits.md new file mode 100644 index 0000000000..b49ec39d44 --- /dev/null +++ b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-active-malware-or-exploits.md @@ -0,0 +1,27 @@ +--- +title: GitHub Active Malware or Exploits +shortTitle: Active Malware or Exploits +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-active-malware-or-exploits + - /github/site-policy/github-community-guidelines#active-malware-or-exploits +--- + +Ser parte de uma comunidade inclui não tirar proveito de outros integrantes da comunidade. Não permitimos que ninguém utilize a nossa plataforma em apoio direto de ataques ilegais que causam danos técnicos, como usar o GitHub como um meio de fornecer executáveis maliciosos ou como infraestrutura de ataque, por exemplo, organizando ataques de negação serviço ou gerenciando servidores de comando e controle. Prejuízos técnicos significam excesso de recursos, danos físicos, tempo de inatividade, negação de serviço ou perda de dados, sem qualquer propósito implícito ou explícito de dupla utilização antes de ocorrer o abuso. + + Observe que o GitHub permite conteúdo de dupla utilização e é compatível com a postagem de conteúdo usado para pesquisa em vulnerabilidades, malware, ou exploração, uma vez que a publicação e distribuição de tal conteúdo tem valor educacional e proporciona um benefício líquido para a comunidade de segurança. Nós supomos uma intenção positiva e a utilização destes projetos para promover e gerar melhoria do ecossistema. + + Em casos raros de abuso muito generalizado de conteúdo de dupla utilização, podemos restringir o acesso a essa instância específica do conteúdo para interromper um ataque ilegal ou uma campanha de malware que aproveita a plataforma GitHub como um exploit ou malware CDN. Na maioria dessas instâncias, a restrição assume a forma de colocar o conteúdo por trás da autenticação. No entanto, como opção de último recurso, pode envolver a desabilitação do acesso ou a remoção total quando isso não for possível (p. ex., quando postado como um gist). Também entraremos em contato com os proprietários dos projetos sobre restrições implementadas sempre que possível. + + As restrições são temporárias quando possíveis e não servem o propósito de eliminar ou restringir qualquer conteúdo específico de dupla utilização ou cópias desse conteúdo da plataforma. Embora procuremos fazer desses raros casos de restrição um processo de colaboração com os proprietários do projeto, se você sentir que seu conteúdo foi restrito indevidamente, temos um [processo de recursos](/github/site-policy/github-community-guidelines#appeal-and-reinstatement) em vigor. + + Para facilitar um caminho para a resolução de abuso com os próprios mantenedores do projeto, antes da escalada aos relatórios de abuso do GitHub, recomendamos, embora não exigimos, que os proprietários do repositório sigam as etapas a seguir ao postar conteúdo de pesquisa de segurança potencialmente prejudicial: + +* Identifique e descreva claramente qualquer conteúdo potencialmente nocivo em uma isenção de responsabilidade no arquivo README.md do projeto ou comentários do código-fonte. +* Forneça um método de contato preferido para qualquer consulta referente ao abuso de terceiros por meio de um arquivo SECURITY.md no repositório (por exemplo, "Crie um problema neste repositório para quaisquer dúvidas ou preocupações"). Esse método de contato permite que terceiros entrem em contato com os mantenedores do projeto diretamente e possivelmente resolvam as questões sem a necessidade de abrir relatórios de abuso. + + *O GitHub considera o registro npm como uma plataforma usada principalmente para o uso do código em tempo de execução e não para pesquisas.* diff --git a/translations/pt-BR/content/site-policy/acceptable-use-policies/github-appeal-and-reinstatement.md b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-appeal-and-reinstatement.md new file mode 100644 index 0000000000..bd445e2d77 --- /dev/null +++ b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-appeal-and-reinstatement.md @@ -0,0 +1,38 @@ +--- +title: GitHub Appeal and Reinstatement +versions: + fpt: '*' +topics: + - Policy + - Legal +--- + +## Apelação e reinstauração + +Enquanto a maioria das interações entre indivíduos na comunidade do GitHub se enquadram em nossas Políticas de Uso Aceitáveis e Diretrizes da Comunidade. Âs vezes, ocorrem violações dessas políticas ocorrem. Quando ocorrem, a equipe do GitHub pode precisar tomar medidas de execução para resolver as violações. No entanto, em alguns casos, pode haver uma base para reverter uma medida de moderação tomada pelo pessoal do GitHub. + +## What are appeals and reinstatements? + +Both appeals and reinstatements arise in relation to disabling of content or restrictions to access an account. + +**Reinstatement**: The user wishes to regain access to their account or content and is willing to make any necessary changes to address the violation and must agree not to violate our terms going forward. + +**Appeal**: The user disputes that a violation occurred and can provide additional information to show that a different decision should have been reached. + +## How this works + +If you seek reinstatement or wish to appeal an enforcement action, please fill out our [Appeal and Reinstatement form](https://support.github.com/contact/reinstatement). + +GitHub staff will review the information provided in the form to determine whether there is sufficient information to warrant reinstatement or granting of an appeal. + +* **Reinstatement**: Where a user can agree to abide by our Acceptable Use Policies moving forward and has made the changes necessary to address the violation(s), we may choose to reinstate their account or content depending on the circumstances and severity of the initial violation. + +All legitimate reinstatement requests will be reviewed initially by GitHub staff and will be answered with a decision. + +* **Appeal**: Where a user seeks to dispute a decision, they can use the form to explain their basis for disputing the decision and to provide any additional information regarding the alleged violation that they believe should have led to a different decision. If the information provided demonstrates that a different conclusion should have been reached, we may be able to grant an appeal. + +If the GitHub staff reviewer is the same person who made the initial determination and that staff member believes their initial conclusion was correct (and thus would be inclined to deny the appeal), a different member of GitHub’s staff will independently review the appeal. All legitimate appeals will be answered with a final decision. + +## Transparência + +We track appeals and reinstatements in our [transparency reports](https://github.blog/2022-01-27-2021-transparency-report/#Appeals_and_other_reinstatements). diff --git a/translations/pt-BR/content/site-policy/acceptable-use-policies/github-bullying-and-harassment.md b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-bullying-and-harassment.md new file mode 100644 index 0000000000..36be10dced --- /dev/null +++ b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-bullying-and-harassment.md @@ -0,0 +1,23 @@ +--- +title: Bullying e assédio no GitHub +shortTitle: Bullying e Assédio +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-bullying-and-harassment + - /github/site-policy/github-community-guidelines#bullying-and-harassment +--- + +Não toleramos assédio, assédio, bullying ou abuso de qualquer tipo, seja diretamente seja incentivando os outros a participar da conduta proibida. Isto inclui: + +- Ataques pessoais direcionados +- Piling on to or orchestrating [disruptive](/github/site-policy/github-disrupting-the-experience-of-other-users) activity in a way that amounts to abuse +- Seguir outro usuário em na plataforma de forma maneira que cause intimidação +- Insinuações sexuais ou comentários dirigidos a outro indivíduo +- Participar ingenuamente em conversas de uma forma que desencadeie conflitos ou comprometa a discussão sincera +- Criar contas alternativas especificamente para evitar as ações de moderação tomadas pelo pessoal ou usuários do GitHub + +Observe que nem todas as condutas indesejadas são necessariamente consideradas assédio. Por exemplo, discordar de outro usuário ou recusar os seus comentários pode não configurar assédio na nossa plataforma. Além disso, partilhar críticas a figuras ou projectos públicos, ou a temas de interesse público, não se insere necessariamente no escopor dessa política. No entanto, recomendamos que você esteja atento à forma como se envolve com os outros usuários e com a plataforma, dado que esta atividade pode ainda violar as nossas restrições à interrupção da experiência de outros usuários. diff --git a/translations/pt-BR/content/site-policy/acceptable-use-policies/github-disrupting-the-experience-of-other-users.md b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-disrupting-the-experience-of-other-users.md new file mode 100644 index 0000000000..f14f05190a --- /dev/null +++ b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-disrupting-the-experience-of-other-users.md @@ -0,0 +1,27 @@ +--- +title: GitHub Interrompendo a Experiência de Outros Usuários +shortTitle: Interromper a experiência de outros usuários +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-disrupting-the-experience-of-other-users + - /github/site-policy/github-community-guidelines#disrupting-the-experience-of-other-users +--- + +Ser parte de uma comunidade inclui reconhecer como o seu comportamento afeta os outros e envolver-se em interações significativas e produtivas com as pessoas e a plataforma de que dependem. + +Nós não permitimos comportamentos que interrompem de forma significativa ou contínua a experiência de outros usuários. Isto inclui: + +- Publicando comentários que fogem do assunto +- Abrindo problemas vazios ou sem sentido ou pull requests +- Favoritando e ou seguindo um grande número de contas ou repositórios em um curto período de tempo +- Criando revisões de código absurdas ou irrelevantes +- Envolver-se com os recursos da plataforma de forma que cause notificações excessivas para outros usuários +- Usar qualquer outro recurso da plataforma de forma que crie disrupção + +Embora incentivemos os mantenedores a moderar os seus próprios projetos individualmente, a equipe do GitHub pode ter uma ação restritiva contra contas que estão se envolvendo com esses tipos de comportamento. + +Observe que a conduta acima também pode violar outras restrições nas nossas [Políticas de Uso aceitável](/github/site-policy/github-acceptable-use-policies). Por exemplo, dependendo da natureza e gravidade da atividade, pode configurar [bullying e assédio](/github/site-policy/github-bullying-and-harassment). diff --git a/translations/pt-BR/content/site-policy/acceptable-use-policies/github-doxxing-and-invasion-of-privacy.md b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-doxxing-and-invasion-of-privacy.md new file mode 100644 index 0000000000..61a711de83 --- /dev/null +++ b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-doxxing-and-invasion-of-privacy.md @@ -0,0 +1,30 @@ +--- +title: Doxxing e Invasão da Privacidade no GitHub +shortTitle: Doxxing e Invasão de Privacidade +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-doxxing-and-invasion-of-privacy + - /github/site-policy/github-community-guidelines#doxxing-and-invasion-of-privacy +--- + +Não poste informações pessoais de outras pessoas. Isto inclui: + +- Endereços de e-mail pessoais, privados +- Números de telefone +- Endereços físicos ou outras informações privadas de localização +- Informações da conta bancária ou números de cartão de crédito +- Números de Segurança Social/Número de identidade +- Senhas +- Informações eleitorais +- Informações médicas e dados biométricos pessoais +- Outras informações privadas que podem representar risco de segurança + +Podemos considerar outras informações, como fotos ou vídeos que foram tirados ou distribuídos sem o consentimento do indivíduo se tratam de uma invasão da privacidade, especialmente quando esse material representa um risco para a segurança do titular, por exemplo, no caso de intimidação ou assédio. + +O GitHub terá o contexto em conta, bem como se o conteúdo relatado está disponível ao público em outros lugares. Observe, no entanto, que embora compartilhar conteúdo disponível para o público possa não ser uma violação desta política, se as informações forem compartilhadas com a intenção de assediar ou incitar a outros comportamentos abusivos, isso poderá violar a nossa proibição contra [assédio e intimidação](/github/site-policy/github-bullying-and-harassment). + +Para mais informações, ou para aprender a denunciar uma violação, consulte nossa [Política de Remoção de Informações Privadas](/github/site-policy/github-private-information-removal-policy) e nossas instruções para [Denunciar abuso](/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam). diff --git a/translations/pt-BR/content/site-policy/acceptable-use-policies/github-hate-speech-and-discrimination.md b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-hate-speech-and-discrimination.md new file mode 100644 index 0000000000..e5691f0d17 --- /dev/null +++ b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-hate-speech-and-discrimination.md @@ -0,0 +1,24 @@ +--- +title: Discriminação e discurso de ódio no GitHub +shortTitle: Discriminação e discurso de ódio +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-hate-speech-and-discrimination + - /github/site-policy/github-community-guidelines#hate-speech-and-discrimination +--- + +O GitHub não tolera o discurso que ataca ou promove o ódio a um indivíduo ou grupo de pessoas com base em quem eles são, incluindo idade, tamanho do corpo, capacidade, etnia, identidade e expressão de gênero, nível de experiência, nacionalidade, aparência pessoal, raça, religião, identidade sexual ou orientação sexual. Isto inclui: + +- Humilhar, atacar ou excluir uma pessoa ou grupo com base em suas crenças ou nas características listadas acima +- Exibir clara afiliação ou identificação com organizações extremistas conhecidas ou terroristas violentas +- Apoiar ou promover grupos de ódio ou teorias de conspiração com base no ódio +- Compartilhar símbolos ou imagens associadas ao ódio +- Usar estereótipos perigosos, insultors ou discurso desumanizado +- Atacae um indivíduo com base no seu gênero percebido +- Apito de cachorro ou uso de uma linguagem ou símbolos codificados ou sugestivos para promover abuso ou ódio + +Embora o GitHub leve a sério todos os abusos e assédio na plataforma, estamos especialmente empenhados em combater os abusos com base no ódio, nos casos em que afetam de forma desproporcionada as comunidades que historicamente vêm sendo alvo desses abusos. Nosso objetivo é fazer do GitHub um lugar onde todos os indivíduos se sintam bem-vindos e seguros. diff --git a/translations/pt-BR/content/site-policy/acceptable-use-policies/github-impersonation.md b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-impersonation.md new file mode 100644 index 0000000000..b7f70fc087 --- /dev/null +++ b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-impersonation.md @@ -0,0 +1,23 @@ +--- +title: Roubo de identidade no GitHub +shortTitle: Roubo de Identidade +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-impersonation + - /github/site-policy/github-community-guidelines#impersonation +--- + +Você não pode representar mal sua identidade ou sua associação com outra pessoa ou organização. Isto inclui fazer qualquer uma das seguintes coisas de uma forma a enganar outras pessoas: + +- Copiando o avatar de outro usuário ou outras informações pessoais +- Postar conteúdo usando o endereço de e-mail de outro usuário +- Usar enganosamente um nome de usuário, nome de organização ou outro nome similar +- Fazer postagens como outro indivíduo ou organização + +O roubo de identidade é uma forma de assédio e a violação desta política pode levar à perda de acesso à sua conta. + +Observe que ter um nome de usuário semelhante a outro não é necessariamente eoubo de identidade. O GitHub levará em em conta o contexto. Por exemplo, como em casos que envolvem reclamações de [informações invorretas](/github/site-policy/github-misinformation-and-disinformation), de modo geral, permitimos paródia e sátira que esteja de acordo com a nossa [Políticas de Uso Aceitáveis](/github/site-policy/github-acceptable-use-policies). diff --git a/translations/pt-BR/content/site-policy/acceptable-use-policies/github-misinformation-and-disinformation.md b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-misinformation-and-disinformation.md new file mode 100644 index 0000000000..5a973887f3 --- /dev/null +++ b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-misinformation-and-disinformation.md @@ -0,0 +1,21 @@ +--- +title: Informações incorretas no GitHub +shortTitle: Informações incorretas +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-misinformation-and-disinformation + - /github/site-policy/github-community-guidelines#misinformation-and-disinformation +--- + +Você não pode publicar conteúdo que apresente uma visão distorcida da realidade, seja ela imprecisa ou falsa (informações erradas) ou intencionalmente enganosa (desinformação), nos casos em que tal conteúdo venha a prejudicar o público ou a interferir em oportunidades justas e iguais para todos participarem numa sociedade livre e aberta. Isso pode incluir: +- Reivindivações médicas inexadas ou sem respaldo cientófico que põem em perigo a saúde ou a segurança pública +- Mídia manipulada, áudio ou visual, suscetível de enganar de uma forma que possa prejudicar o interesse público +- Conteúdo falso ou enganoso suscetível a interferir com a capacidade de um indivíduo participar de atividades cívicas +- Declarações sem fundamento que poderiam promover o ódio ou assédio específico de grupos específicos de pessoas + +Incentivamos a participação ativa na expressão de ideias, perspectivas e experiências e não se pode estar em posição de disputar contas ou observações pessoais. De modo geral, permitimos paródia e sátira que esteja de acordo com as nossas [Políticas de Uso Aceitável](/github/site-policy/github-acceptable-use-policies), e consideramos que o contexto é importante na forma como a informação é recebida e compreendida. Ao revisar conteúdo com base nesta política, o GitHub irá considerar o impacto de vários fatores que podem ajudar a guiar o visualizador como se o conteúdo tivesse sido fornecido com claros avisos e citações para fontes credíveis, ou incluir outros detalhes que expliquem a exactidão da informação que está sendo compartilhada. + diff --git a/translations/pt-BR/content/site-policy/acceptable-use-policies/github-sexually-obscene-content.md b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-sexually-obscene-content.md new file mode 100644 index 0000000000..da6747e05b --- /dev/null +++ b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-sexually-obscene-content.md @@ -0,0 +1,20 @@ +--- +title: Conteúdo sexualmente obsceno do GitHub +shortTitle: Conteúdo Sexualmente Obsceno +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-sexually-obscene-content + - /github/site-policy/github-community-guidelines#sexually-obscene-content +--- + +Não toleramos conteúdos associados à exploração sexual ou ao abuso de outro indivíduo, inclusive no que se refere aos menores. Não permitimos conteúdos com temas sexuais ou sugestivos que não têm utilidade além de solicitar uma resposta erótica ou chocante, particularmente quando esse conteúdo é amplificado pela sua colocação em perfis ou outros contextos sociais. Isto inclui: + +- Conteúdo pornográfico +- Imagens íntimas não consensuais +- Representações gráficas de atos sexuais incluindo fotos, vídeo, animação, desenhos, imagens geradas por computador ou conteúdo baseado em texto + +Reconhecemos que nem toda a nudez ou todo o conteúdo relacionado à sexualidade é obsceno. Podemos permitir representações visuais e/ou textuais em contextos artísticos, educacionais, históricos ou jornalísticos, ou no que se refere à defesa de vítimas. Em alguns casos, um denunciante pode ajudar a comunicar o contexto do projeto. No entanto, entenda que podemos limitar o conteúdo, dando aos usuários a opção de optar ppor participar antes de visualizar. diff --git a/translations/pt-BR/content/site-policy/acceptable-use-policies/github-threats-of-violence-and-gratuitously-violent-content.md b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-threats-of-violence-and-gratuitously-violent-content.md new file mode 100644 index 0000000000..25efd29ba2 --- /dev/null +++ b/translations/pt-BR/content/site-policy/acceptable-use-policies/github-threats-of-violence-and-gratuitously-violent-content.md @@ -0,0 +1,22 @@ +--- +title: Ameaças de Violência e Conteúdo Gratuitamente Violento no GitHub +shortTitle: Ameaças de Violência e Conteúdo Gratuitamente Violento +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-threats-of-violence-and-gratuitously-violent-content + - /github/site-policy/github-community-guidelines#threats-of-violence + - /github/site-policy/github-community-guidelines#gratuitously-violent-content +--- + + +Você não pode usar o GitHub para organizar, promover, incentivar, ameaçar ou incitar a atos de violência. Você não pode postar conteúdo que retrata ou glorifica a violência ou o dano físico contra seres humanos ou animais. Isto inclui: + +- Ameaçar outro indivíduo ou grupo com abuso, danos, violência sexual ou morte +- Publicação de texto, imagem ou conteúdo de áudio que enaltece ou contém representação gráfica da violência contra si mesmo, outro indivíduo, grupo ou animal +- Incentivando outra pessoa a se envolver em danos contra si + +Não permitimos que conteúdos violentos sejam afixados indiscriminadamente ou de forma difícil de evitar para outros usuários. como um avatar de perfil ou comentário de problema. No entanto, entendemos que pode haver razões legítimas para postar conteúdo violento como, por exemplo, para fins educativos ou documentários, trabalhos criativos ou representações de eventos históricos. Nesses casos, um aviso ou uma isenção de responsabilidade pode ajudar os usuários a tomarem uma decisão informada sobre se querem ou não envolver com tal conteúdo. Ainda assim, o GitHub pode decidir limitar a visibilidade de tal conteúdo para aqueles que optarem por participar. diff --git a/translations/pt-BR/content/site-policy/acceptable-use-policies/index.md b/translations/pt-BR/content/site-policy/acceptable-use-policies/index.md new file mode 100644 index 0000000000..dd582df975 --- /dev/null +++ b/translations/pt-BR/content/site-policy/acceptable-use-policies/index.md @@ -0,0 +1,21 @@ +--- +title: Políticas de uso aceitável +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - github-sexually-obscene-content + - github-disrupting-the-experience-of-other-users + - github-doxxing-and-invasion-of-privacy + - github-hate-speech-and-discrimination + - github-acceptable-use-policies + - github-bullying-and-harassment + - github-active-malware-or-exploits + - github-threats-of-violence-and-gratuitously-violent-content + - github-impersonation + - github-misinformation-and-disinformation + - github-appeal-and-reinstatement +--- + diff --git a/translations/pt-BR/content/github/site-policy/dmca-takedown-policy.md b/translations/pt-BR/content/site-policy/content-removal-policies/dmca-takedown-policy.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/dmca-takedown-policy.md rename to translations/pt-BR/content/site-policy/content-removal-policies/dmca-takedown-policy.md index a6da3af453..0cd9b5e624 100644 --- a/translations/pt-BR/content/github/site-policy/dmca-takedown-policy.md +++ b/translations/pt-BR/content/site-policy/content-removal-policies/dmca-takedown-policy.md @@ -6,6 +6,7 @@ redirect_from: - /dmca-takedown-policy - /articles/dmca-takedown - /articles/dmca-takedown-policy + - /github/site-policy/dmca-takedown-policy versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-private-information-removal-policy.md b/translations/pt-BR/content/site-policy/content-removal-policies/github-private-information-removal-policy.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-private-information-removal-policy.md rename to translations/pt-BR/content/site-policy/content-removal-policies/github-private-information-removal-policy.md index 7af890031e..ba5972909b 100644 --- a/translations/pt-BR/content/github/site-policy/github-private-information-removal-policy.md +++ b/translations/pt-BR/content/site-policy/content-removal-policies/github-private-information-removal-policy.md @@ -3,6 +3,7 @@ title: Política de Remoção de Informações Privadas do GitHub redirect_from: - /articles/github-sensitive-data-removal-policy - /github/site-policy/github-sensitive-data-removal-policy + - /github/site-policy/github-private-information-removal-policy versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-trademark-policy.md b/translations/pt-BR/content/site-policy/content-removal-policies/github-trademark-policy.md similarity index 98% rename from translations/pt-BR/content/github/site-policy/github-trademark-policy.md rename to translations/pt-BR/content/site-policy/content-removal-policies/github-trademark-policy.md index 48a5ca9faf..148d8a7418 100644 --- a/translations/pt-BR/content/github/site-policy/github-trademark-policy.md +++ b/translations/pt-BR/content/site-policy/content-removal-policies/github-trademark-policy.md @@ -2,6 +2,7 @@ title: Política de marca registrada do GitHub redirect_from: - /articles/github-trademark-policy + - /github/site-policy/github-trademark-policy versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/guide-to-submitting-a-dmca-counter-notice.md b/translations/pt-BR/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-counter-notice.md similarity index 88% rename from translations/pt-BR/content/github/site-policy/guide-to-submitting-a-dmca-counter-notice.md rename to translations/pt-BR/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-counter-notice.md index 538ab12dca..5c3f0f9b49 100644 --- a/translations/pt-BR/content/github/site-policy/guide-to-submitting-a-dmca-counter-notice.md +++ b/translations/pt-BR/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-counter-notice.md @@ -4,6 +4,7 @@ redirect_from: - /dmca-counter-notice-how-to - /articles/dmca-counter-notice-how-to - /articles/guide-to-submitting-a-dmca-counter-notice + - /github/site-policy/guide-to-submitting-a-dmca-counter-notice versions: fpt: '*' topics: @@ -19,11 +20,11 @@ Como em todas as questões jurídicas, é sempre melhor consultar um profissiona ## Antes de começar -***Diga a verdade.*** A DMCA requer que você jure pelos fatos relatados no seu contra-aviso, *sob pena de perjúrio*. Nos Estados Unidos, é crime federal mentir intencionalmente numa declaração juramentada. (*Veja* [Código dos EUA, Título 18, Seção 1621](https://www.gpo.gov/fdsys/pkg/USCODE-2011-title18/html/USCODE-2011-title18-partI-chap79-sec1621.htm). Código, Título 18, Seção 1621.) (*Veja* [Código dos EUA, Título 18, Seção 1621](https://www.gpo.gov/fdsys/pkg/USCODE-2011-title18/html/USCODE-2011-title18-partI-chap79-sec1621.htm).) O envio de informações falsas também pode resultar em responsabilidade civil — ou seja, você poderia ser processado por danos financeiros. +***Diga a verdade.*** A DMCA requer que você jure pelos fatos relatados no seu contra-aviso, *sob pena de perjúrio*. Nos Estados Unidos, é crime federal mentir intencionalmente numa declaração juramentada. (*Consulte* [U.S. Código, Título 18, Seção 1621](https://www.gpo.gov/fdsys/pkg/USCODE-2011-title18/html/USCODE-2011-title18-partI-chap79-sec1621.htm).) (*Veja* [Código dos EUA, Título 18, Seção 1621](https://www.gpo.gov/fdsys/pkg/USCODE-2011-title18/html/USCODE-2011-title18-partI-chap79-sec1621.htm).) O envio de informações falsas também pode resultar em responsabilidade civil — ou seja, você poderia ser processado por danos financeiros. ***Investigação.*** Enviar um contra-aviso DMCA pode ter consequências legais reais. Se a parte reclamante discordar que o aviso de retirada dela foi um erro, ela pode decidir instaurar uma queixa contra você para manter o conteúdo desativado. Você deve conduzir uma investigação exaustiva sobre as alegações feitas no aviso de retirada e, provavelmente, falar com um advogado antes de enviar um contra-aviso. -***Você precisa ter uma boa razão para enviar um contra-aviso.*** Para registrar um contra-aviso, você deve ter "o entendimento, de boa-fé, de que o material foi removido ou desabilitado como resultado de erro ou identificação incorreta do material a ser removido ou desabilitado". ([U.S. Código, Título 17, Seção 512(g)](https://www.copyright.gov/title17/92chap5.html#512).) ([Código EUA, Título 17, Seção 512(g)](http://www.copyright.gov/title17/92chap5.html#512)) A decisão de explicar por que você acredita que houve um erro depende de você e de seu advogado, mas você *realmente* precisa identificar um erro antes de enviar um contra-aviso. No passado, recebemos contra-avisos que citavam erros no aviso de retirada, tais como: a parte reclamante não possui os direitos de autor; eu tenho uma licença; o código foi publicado sob uma licença de código aberto que permite meu uso; ou a reclamação não conta o fato de que meu uso está protegido pela doutrina de uso justo. É claro que poderiam existir outros defeitos em relação ao aviso de retirada. +***Você precisa ter uma boa razão para enviar um contra-aviso.*** Para registrar um contra-aviso, você deve ter "o entendimento, de boa-fé, de que o material foi removido ou desabilitado como resultado de erro ou identificação incorreta do material a ser removido ou desabilitado". ([U.S. Código, Título 17, Seção 512(g)](https://www.copyright.gov/title17/92chap5.html#512).) Se você decide explicar o porquê de acreditar que houve um erro, cabe a você e ao seu advogado, mas você *precisa* identificar um erro antes de enviar uma notificação. No passado, recebemos contra-avisos que citavam erros no aviso de retirada, tais como: a parte reclamante não possui os direitos de autor; eu tenho uma licença; o código foi publicado sob uma licença de código aberto que permite meu uso; ou a reclamação não conta o fato de que meu uso está protegido pela doutrina de uso justo. É claro que poderiam existir outros defeitos em relação ao aviso de retirada. ***As leis de direitos autorais são complicadas.*** Às vezes, um aviso de retirada pode alegar violação de uma forma que parece atípica ou indireta. As leis de direitos autorais são complicadas e podem dar origem a alguns resultados inesperados. Em alguns casos, um aviso de retirada pode alegar que o seu código-fonte infringe os direitos por causa do que ele pode fazer após ser compilado e executado. Por exemplo: - O aviso pode afirmar que seu software é usado para [contornar controles de acesso](https://www.copyright.gov/title17/92chap12.html) de trabalhos protegidos por direitos autorais. diff --git a/translations/pt-BR/content/github/site-policy/guide-to-submitting-a-dmca-takedown-notice.md b/translations/pt-BR/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-takedown-notice.md similarity index 95% rename from translations/pt-BR/content/github/site-policy/guide-to-submitting-a-dmca-takedown-notice.md rename to translations/pt-BR/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-takedown-notice.md index 1323cbd663..1afcb839f1 100644 --- a/translations/pt-BR/content/github/site-policy/guide-to-submitting-a-dmca-takedown-notice.md +++ b/translations/pt-BR/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-takedown-notice.md @@ -4,6 +4,7 @@ redirect_from: - /dmca-notice-how-to - /articles/dmca-notice-how-to - /articles/guide-to-submitting-a-dmca-takedown-notice + - /github/site-policy/guide-to-submitting-a-dmca-takedown-notice versions: fpt: '*' topics: @@ -19,7 +20,7 @@ Como em todas as questões jurídicas, é sempre melhor consultar um profissiona ## Antes de começar -***Diga a verdade.*** A DMCA requer que você jure pelos fatos relatados na reclamação dos direitos autorais, *sob pena de perjúrio*. Nos Estados Unidos, é crime federal mentir intencionalmente numa declaração juramentada. (*Veja* [Código dos EUA, Título 18, Seção 1621](https://www.gpo.gov/fdsys/pkg/USCODE-2011-title18/html/USCODE-2011-title18-partI-chap79-sec1621.htm). Código, Título 18, Seção 1621.) O envio de informações falsas também poderia resultar em responsabilidade civil — ou seja, você poderia ser processado por danos financeiros. A própria DMCA [prevê danos](https://en.wikipedia.org/wiki/Online_Copyright_Infringement_Liability_Limitation_Act#%C2%A7_512(f)_Misrepresentations) contra qualquer pessoa que, intencionalmente, deturpe materialmente o material ou a atividade que está sendo alvo de denúncia de violação de direitos autorais. +***Diga a verdade.*** A DMCA requer que você jure pelos fatos relatados na reclamação dos direitos autorais, *sob pena de perjúrio*. Nos Estados Unidos, é crime federal mentir intencionalmente numa declaração juramentada. (*Consulte* [U.S. Código, Título 18, Seção 1621](https://www.gpo.gov/fdsys/pkg/USCODE-2011-title18/html/USCODE-2011-title18-partI-chap79-sec1621.htm).) O envio de informações falsas também poderia resultar em responsabilidade civil — ou seja, você poderia ser processado por danos financeiros. A própria DMCA [prevê danos](https://en.wikipedia.org/wiki/Online_Copyright_Infringement_Liability_Limitation_Act#%C2%A7_512(f)_Misrepresentations) contra qualquer pessoa que, intencionalmente, deturpe materialmente o material ou a atividade que está sendo alvo de denúncia de violação de direitos autorais. ***Investigue.*** Milhões de usuários e organizações dedicam seus corações e mentes aos projetos para os quais eles contribuem e criam no GitHub. Apresentar uma queixa DMCA contra um projeto deste tipo é uma acusação jurídica grave que acarreta consequências reais para pessoas reais. Por causa disso, solicitamos que procedam a uma investigação minuciosa e consultem um advogado antes de apresentar um requerimento para se certificar de que tal uso não seja realmente permitido. diff --git a/translations/pt-BR/content/site-policy/content-removal-policies/index.md b/translations/pt-BR/content/site-policy/content-removal-policies/index.md new file mode 100644 index 0000000000..fce5748d30 --- /dev/null +++ b/translations/pt-BR/content/site-policy/content-removal-policies/index.md @@ -0,0 +1,16 @@ +--- +title: Políticas de remoção de conteúdo +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /submitting-content-removal-requests + - /github-private-information-removal-policy + - /github-trademark-policy + - /guide-to-submitting-a-dmca-counter-notice + - /guide-to-submitting-a-dmca-takedown-notice + - /dmca-takedown-policy +--- + diff --git a/translations/pt-BR/content/github/site-policy/submitting-content-removal-requests.md b/translations/pt-BR/content/site-policy/content-removal-policies/submitting-content-removal-requests.md similarity index 94% rename from translations/pt-BR/content/github/site-policy/submitting-content-removal-requests.md rename to translations/pt-BR/content/site-policy/content-removal-policies/submitting-content-removal-requests.md index db9c0d0e71..605f000be5 100644 --- a/translations/pt-BR/content/github/site-policy/submitting-content-removal-requests.md +++ b/translations/pt-BR/content/site-policy/content-removal-policies/submitting-content-removal-requests.md @@ -2,6 +2,8 @@ title: Solicitações de remoção de conteúdo redirect_from: - /articles/submitting-content-removal-requests + - /github/site-policy/submitting-content-removal-requests + - /github/site-policy/github-terms-and-other-site-policies/submitting-content-removal-requests versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-anti-bribery-statement.md b/translations/pt-BR/content/site-policy/github-company-policies/github-anti-bribery-statement.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-anti-bribery-statement.md rename to translations/pt-BR/content/site-policy/github-company-policies/github-anti-bribery-statement.md index bec6b7023b..911a246064 100644 --- a/translations/pt-BR/content/github/site-policy/github-anti-bribery-statement.md +++ b/translations/pt-BR/content/site-policy/github-company-policies/github-anti-bribery-statement.md @@ -2,6 +2,7 @@ title: Declaração antissuborno do GitHub redirect_from: - /articles/github-anti-bribery-statement + - /github/site-policy/github-anti-bribery-statement versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-gifts-and-entertainment-policy.md b/translations/pt-BR/content/site-policy/github-company-policies/github-gifts-and-entertainment-policy.md similarity index 94% rename from translations/pt-BR/content/github/site-policy/github-gifts-and-entertainment-policy.md rename to translations/pt-BR/content/site-policy/github-company-policies/github-gifts-and-entertainment-policy.md index 87bb7585c6..7c770788b8 100644 --- a/translations/pt-BR/content/github/site-policy/github-gifts-and-entertainment-policy.md +++ b/translations/pt-BR/content/site-policy/github-company-policies/github-gifts-and-entertainment-policy.md @@ -2,6 +2,7 @@ title: Política de presentes e entretenimento do GitHub redirect_from: - /articles/github-gifts-and-entertainment-policy + - /github/site-policy/github-gifts-and-entertainment-policy versions: fpt: '*' topics: @@ -63,4 +64,4 @@ O que acontece se você não seguir a política e o GitHub acabar pagando para u MULTAS e PRISÃO. Não necessariamente apenas para o GitHub. Você pode passar alguns anos na cadeia, você mesmo, e não importa se o cliente alguma vez enviou um pedido ao GitHub após sua viagem ao Japão ou se o funcionário do governo mesmo pegou a mala de dinheiro. Basicamente, não importa se você realmente _fez_ um suborno. Apesar disso, caro Yoda, tentativa é o que importa. ## Mais informações -Para obter mais informações e contexto sobre regras, aplicação e sanções, os EUA. Para obter mais informações e contexto sobre regras, aplicação da lei e penalidades, o [Guia de Recursos para a Lei de Práticas de Corrupção no Exterior dos EUA](https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2015/01/16/guide.pdf) do Departamento de Justiça dos EUA é um excelente recurso. A Lei das Práticas Internacionais de Corrupção é um excelente recurso. +Para obter mais informações e contexto sobre regras, aplicação e sanções, os EUA. [Guia de Recursos do Departamento de Justiça dos EUA A Lei das Práticas Internacionais de Corrupção](https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2015/01/16/guide.pdf) é um excelente recurso. diff --git a/translations/pt-BR/content/github/site-policy/github-gpl-cooperation-commitment.md b/translations/pt-BR/content/site-policy/github-company-policies/github-gpl-cooperation-commitment.md similarity index 98% rename from translations/pt-BR/content/github/site-policy/github-gpl-cooperation-commitment.md rename to translations/pt-BR/content/site-policy/github-company-policies/github-gpl-cooperation-commitment.md index f307612f78..7a68570ab9 100644 --- a/translations/pt-BR/content/github/site-policy/github-gpl-cooperation-commitment.md +++ b/translations/pt-BR/content/site-policy/github-company-policies/github-gpl-cooperation-commitment.md @@ -2,6 +2,7 @@ title: Compromisso de cooperação GPL do GitHub redirect_from: - /articles/github-gpl-cooperation-commitment + - /github/site-policy/github-gpl-cooperation-commitment versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-statement-against-modern-slavery-and-child-labor.md b/translations/pt-BR/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md similarity index 91% rename from translations/pt-BR/content/github/site-policy/github-statement-against-modern-slavery-and-child-labor.md rename to translations/pt-BR/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md index 2e888d1d5a..cbb6bc5ba0 100644 --- a/translations/pt-BR/content/github/site-policy/github-statement-against-modern-slavery-and-child-labor.md +++ b/translations/pt-BR/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md @@ -2,6 +2,7 @@ title: Declaração do GitHub contra a escravidão moderna e o trabalho infantil redirect_from: - /articles/github-statement-against-modern-slavery-and-child-labor + - /github/site-policy/github-statement-against-modern-slavery-and-child-labor versions: fpt: '*' topics: @@ -18,7 +19,7 @@ De acordo com a Organização Internacional do Trabalho (OIT), [40 milhões de p O GitHub lamenta a presença e persistência da escravatura moderna e do trabalho infantil, e leva a sério a sua responsabilidade de garantir que nem a escravatura moderna, nem o trabalho infantil se realizem na sua cadeia de fornecedores ou em qualquer parte do seu negócio. ("Escravidão moderna", nesta declaração, refere-se à escravatura, ao trabalho forçado ou obrigatório, ao tráfico, à servidão e aos trabalhadores que são presos, coagidos ou obrigados. "Trabalho infantil" refere-se ao trabalho realizado por alguém menor de 16 anos de idade, ou menor de 14 anos, para trabalho leve, desde que não se limite a períodos que interfiram na escolaridade da criança nem em condições que interfiram na saúde ou o bem-estar da criança.) -In accordance with the [UK Modern Slavery Act](https://www.legislation.gov.uk/ukpga/2015/30/section/54/enacted), and in alignment with the [ILO 2014 Protocol to its Forced Labour Convention](https://www.ilo.org/dyn/normlex/en/f?p=NORMLEXPUB:12100:0::NO::P12100_ILO_CODE:P029), [ILO Declaration on Fundamental Principles and Rights at Work](https://www.ilo.org/declaration/thedeclaration/textdeclaration/lang--en/index.htm), and [United Nations Sustainable Development Goals target 8.7](https://www.unodc.org/roseap/en/sustainable-development-goals.html#:~:text=Target%208.7%20%2D%20Take%20immediate%20and,labour%20in%20all%20its%20forms), this 2018 Statement Against Modern Slavery and Child Labor ("the Statement") describes the steps GitHub has taken to prevent modern slavery and child labor from occurring in its business or supply chain. +De acordo com a [Lei da Escravidão Moderna do Reino Unido](https://www.legislation.gov.uk/ukpga/2015/30/section/54/enacted) e em alinhamento com o Protocolo [ da OIT de 2014 referente à Convenção do Trabalho Forçado](https://www.ilo.org/dyn/normlex/en/f?p=NORMLEXPUB:12100:0::NO::P12100_ILO_CODE:P029), [Declaração da OIT sobre os princípios fundamentais e os direitos do trabalho](https://www.ilo.org/declaration/thedeclaration/textdeclaration/lang--en/index.htm)e [objetivos das Nações Unidas para o desenvolvimento sustentável 8.7](https://www.unodc.org/roseap/en/sustainable-development-goals.html#:~:text=Target%208.7%20%2D%20Take%20immediate%20and,labour%20in%20all%20its%20forms), esta declaração sobre 2018 contra a Escravidão Moderna e o Trabalho Infantil ("a Declaração") descreve as etapas tomadas pelo GitHub para evitar que a escravidão moderna e o trabalho infantil ocorram nos seus negócios ou na cadeia de suprimentos. ## Estrutura, negócios e cadeias de fornecedores do GitHub @@ -45,7 +46,7 @@ A cadeia de fornecedores do GitHub consiste em bens e serviços para nossos prod **O Padrão de Conduta do GitHub** proíbe condutas inseguras e ilegais, incluindo o uso consciente, a participação, o apoio ou a tolerância à escravidão moderna (escravidão, trabalho forçado ou obrigatório, tráfico, servidão ou trabalhadores presos, coagidos ou obrigados) ou ao trabalho infantil. -O GitHub está em conformidade com as leis que proíbem o tráfico e o trabalho infantil nas jurisdições em que opera, incluindo o [Regulamento Federal de Aquisição dos EUA 22.17 sobre a luta contra o tráfico de seres humanos](https://www.govinfo.gov/content/pkg/CFR-2009-title48-vol1/pdf/CFR-2009-title48-vol1-part22-subpart22-17.pdf). Regulamento 2.17 da Aquisição Federal sobre o combate ao tráfico de seres humanos. +O GitHub está em conformidade com as leis que proíbem o tráfico e o trabalho infantil nas jurisdições em que opera, incluindo [EUA. Regulamento 2.17 da Aquisição Federal sobre o combate ao tráfico de seres humanos](https://www.govinfo.gov/content/pkg/CFR-2009-title48-vol1/pdf/CFR-2009-title48-vol1-part22-subpart22-17.pdf). Além disso, o GitHub estabeleceu uma parceria com o Programa FairHotel, o que significa que o GitHub encoraja os seus funcionários a escolherem os hotéis endossados pelo FairHotel, certificando que os trabalhadores têm salários justos, benefícios adequados e têm suas opiniões ouvidas no ambiente de trabalho. Ser um parceiro do FairHotel também significa que o GitHub oferece negócios para hotéis como um empregador justo. diff --git a/translations/pt-BR/content/site-policy/github-company-policies/index.md b/translations/pt-BR/content/site-policy/github-company-policies/index.md new file mode 100644 index 0000000000..894715ebaf --- /dev/null +++ b/translations/pt-BR/content/site-policy/github-company-policies/index.md @@ -0,0 +1,14 @@ +--- +title: Políticas corporativas do GitHub +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-statement-against-modern-slavery-and-child-labor + - /github-anti-bribery-statement + - /github-gpl-cooperation-commitment + - /github-gifts-and-entertainment-policy +--- + diff --git a/translations/pt-BR/content/github/site-policy/github-community-forum-code-of-conduct.md b/translations/pt-BR/content/site-policy/github-terms/github-community-forum-code-of-conduct.md similarity index 85% rename from translations/pt-BR/content/github/site-policy/github-community-forum-code-of-conduct.md rename to translations/pt-BR/content/site-policy/github-terms/github-community-forum-code-of-conduct.md index cd07cebbfb..5adb3ce070 100644 --- a/translations/pt-BR/content/github/site-policy/github-community-forum-code-of-conduct.md +++ b/translations/pt-BR/content/site-policy/github-terms/github-community-forum-code-of-conduct.md @@ -2,6 +2,8 @@ title: Código de conduta do fórum da comunidade do GitHub redirect_from: - /articles/github-community-forum-code-of-conduct + - /github/site-policy/github-community-forum-code-of-conduct + - /github/site-policy/acceptable-use-policies/github-community-forum-code-of-conduct versions: fpt: '*' topics: @@ -11,13 +13,13 @@ topics: ## Visão geral e objetivo -Milhões de desenvolvedores hospedam milhões de projetos no GitHub — tanto os de código aberto quanto os de código fechado — e ficamos muito honrados em viabilizar a colaboração de toda a comunidade de desenvolvedores todos os dias. Juntos, temos uma empolgante oportunidade e a responsabilidade de tornar esta comunidade algo do qual podemos nos orgulhar. +Milhões de desenvolvedores em todo o mundo hospedam milhões de projetos, tanto de código aberto como de código fechado, no GitHub. Nós temos sorte de poder participar da colaboração em toda a comunidade de desenvolvedores todos os dias que é uma responsabilidade que não aceitamos de de forma leviana. Juntos, todos nós temos a oportunidade interessante de fazer desta uma comunidade de que nos podemos orgulhar. O Fórum Comunitário do GitHub pretende ser um lugar para mais colaboração, suporte e brainstorming. Este é um lugar civilizado para se conectar com outros usuários, aprender novas habilidades, compartilhar feedbacks e ideias e encontrar todo o suporte necessário para seus projetos do GitHub. Ao participar nesta Comunidade, você concorda com os mesmos [Termos de Serviço](/github/site-policy/github-terms-of-service/) e [Políticas de Uso Aceitáveis do GitHub](/github/site-policy/github-acceptable-use-policies) que se aplicam ao GitHub, bem como este Código de Conduta específico da Comunidade. Com este Código de Conduta, esperamos ajudá-lo a entender a melhor forma de colaborar no Fórum Comunitário do GitHub, o que você pode esperar dos moderadores e que tipo de ações ou conteúdo pode resultar em suspensão temporária ou permanente da participação na Comunidade. Investigaremos quaisquer relatos de abuso e poderemos moderar o conteúdo público dentro da Comunidade que determinarmos estar violando os Termos de Serviço do GitHub ou este Código de Conduta. -Usuários do GitHub em todo o mundo trazem perspectivas, ideias e experiências extremamente diferentes, abrangendo desde pessoas que criaram seu primeiro projeto "Olá Mundo" na semana passada até os mais conhecidos desenvolvedores de software do mundo. Estamos comprometidos em fazer do GitHub e do Fórum Comunitário do GitHub um ambiente acolhedor para todas as diferentes vozes e perspectivas aqui, mantendo um espaço onde as pessoas são livres para se expressar. +Nossa base de usuários diversificada traz perspectivas, ideias e experiências diferentes, e varia entre pessoas que criaram seu primeiro projeto "Hello World" na semana passada e os desenvolvedores de software mais conhecidos do mundo. Temos o compromisso de fazer do GitHub um ambiente que acolhe todas as diferentes vozes e perspectivas que a nossa comunidade tem a oferecer, mantendo um lugar seguro para os desenvolvedores fazerem o seu melhor trabalho. ## Compromisso @@ -29,23 +31,26 @@ Trate com respeito o Fórum Comunitário do GitHub. Somos um recurso compartilha As seguintes regras não são rígidas, elas apenas auxiliam no julgamento humano da nossa Comunidade. Use essas diretrizes para manter este lugar limpo e bem iluminado para um debate público civilizado. -### *Melhores práticas para a construção de uma comunidade forte* +### *Práticas recomendadas para manter uma comunidade forte* -- Seja respeitoso e educado. - - **Seja acolhedor e de mente aberta.** Outros membros da Comunidade podem não ter o mesmo nível de experiência ou background que você, mas isso não significa que eles não tenham boas ideias para contribuir. Nós o incentivamos a ser acolhedor com os novos membros e aqueles que estão apenas começando. - - **Respeitem-se.** Nada sabota tanto as conversas saudáveis quanto a grosseria. Seja cordial e profissional, e não publique nada que uma pessoa de bom senso considere como discurso ofensivo, abusivo ou de ódio. Não assedie ou constranja ninguém. Trate uns aos outros com dignidade e consideração em todas as interações. +A finalidade principal da comunidade do GitHub é colaborar em projetos de software. Estamos comprometidos em manter uma comunidade onde os usuários são livres para se expressarem e desafiarem as ideias uns dos outros, tanto ideias técnicas como outras. Ao mesmo tempo, é importante que os usuários permaneçam respeitosos e permitam espaço para que outros contribuam abertamente. A fim de promover um ambiente seguro e produtivo, recomendamos que os integrantes da nossa comunidade recorram a essas diretrizes para informar como interagem em nossa plataforma. Abaixo, você encontrará algumas sugestões de como ter interações bem-sucedidas como um integrante valioso da comunidade do GitHub. + +- Envolva-se com consideração e respeito. + + - **Seja receptivo e mente aberta** - Novos usuários juntam-se à nossa comunidade diariamente. Alguns são desenvolvedores bem estabelecidos, enquanto outros estão apenas começando. Esteja aberto a outras ideias e níveis de experiência. Abra espaço para opiniões diferentes das suas e dê as boas-vindas aos novos colaboradores e aqueles que estão apenas começando. + + - **Seja respeitoso** - Trabalhar em um ambiente colaborativo significa que pode haver desacordos. Mas lembre-se de criticar ideias, não pessoas. Compartilhe críticas ponderadas e construtivas e seja cortês com aqueles com quem você interagem. Se você não conseguir interagir com respeito, considere dar um passo atrás ou usar algumas de nossas ferramentas de moderação para desescalar uma situação tensa. + + - **Ser empático** - O GitHub é uma comunidade global com pessoas de diversas origens e perspectivas que podem não ser as mesmas das suas. Tente se colocar na pele dos demais e compreender seus sentimentos antes de abordá-los. Faça o seu melhor para ajudar a fazer do GitHub uma comunidade onde as pessoas se sintam seguras para fazer contribuições, participar de discussões e compartilhar ideias diferentes. - Você pode querer responder a algo discordando sobre o assunto. Tudo bem. Mas lembre-se de criticar ideias, não pessoas. Evite xingamentos, ataques diretos ad hominem, respondendo ao tom de um post em vez de seu conteúdo real, e reações impulsivas. Em vez disso, forneça contra-argumentos fundamentados que melhorem a conversa. - - **Comunique-se com empatia.** Discordâncias ou diferenças de opinião são um fato da vida. Fazer parte de uma comunidade significa interagir com pessoas de diversas experiências e perspectivas, muitas das quais podem não ser as mesmas que as nossas. Se você discorda de alguém, tente se colocar no lugar da pessoa antes de se dirigir a ela. Isto promoverá uma atmosfera respeitosa e amigável, onde as pessoas se sentem confortáveis em fazer perguntas, participar de discussões e dar suas contribuições. - Contribua de forma positiva e construtiva. - **Melhore a discussão.** Ajude-nos a tornar este um ótimo lugar para discussão, sempre trabalhando para melhorar o debate de alguma forma, por menor que seja. Se você não tem certeza que seu comentário vai acrescentar algo à conversa, pense no que você quer dizer e tente novamente mais tarde. Os assuntos aqui discutidos importam para nós, e queremos que você aja como se eles importassem para você também. Respeite os temas e as pessoas que os discutem, mesmo que discorde de algumas coisas que estão sendo ditas. - - **Seja claro e não desvie do assunto.** Comunicar-se com estranhos na internet pode ser estranho. É difícil comunicar ou ler no tom desejado, e o sarcasmo é frequentemente mal interpretado. Tente usar uma linguagem clara, e pense em como ela será recebida pela outra pessoa. + - **Seja claro e não fuja do assunto.** O Fórum da Comunidade GitHub é para colaboração, compartilhamento de ideias e para ajudar uns aos outros a fazer as coisas. Comentários fora do assunto são uma distração (às vezes, bem-vinda, mas geralmente não) para o trabalho produtivo. Manter-se dentro do assunto ajuda a fomentar debates positivos e produtivos. Isso também se aplica ao compartilhamento de links. Quaisquer links compartilhados no Fórum Comunitário devem ser compartilhados com a intenção de fornecer informações relevantes e apropriadas. Os links não devem ser postados para simplesmente direcionar o tráfego ou a atenção para um site. Os links devem ser sempre acompanhados de uma explicação completa do conteúdo e da finalidade do link. Postar links, especialmente os não solicitados, sem contexto relevante e valioso, pode aparecer publicidade ou servir a propósitos ainda mais maliciosos. - Além disso, o Fórum Comunitário GitHub é para colaboração, compartilhamento de ideias e ajuda mútua para fazermos o nosso trabalho. Comentários fora do assunto são uma distração (às vezes, bem-vinda, mas geralmente não) para o trabalho produtivo. Manter-se dentro do assunto ajuda a fomentar debates positivos e produtivos. - **Compartilhe conscientemente.** Ao pedir que outros lhe dêem feedback ou colaborem em um projeto, compartilhe recursos valiosos e relevantes apenas para fornecer contexto. Não poste links que não adicionem valor ao assunto e não publique links não solicitados para seus próprios projetos ou sites em tópicos de outros usuários. Além disso, não compartilhe informações confidenciais. Isso inclui o seu próprio endereço de e-mail. Não permitimos a partilha de tal informação neste Fórum Comunitário, já que isso pode criar riscos à segurança e privacidade para o usuário que postou, bem como para outros usuários. Se você quiser convidar outros membros do Fórum para colaborar em um projeto ou trabalhar com você, compartilhe um link para o repositório no qual o projeto em que você está trabalhando se localiza. Ao compartilhar o link para o repositório do seu projeto - com algumas informações sobre o que é o seu projeto e que tipo de ajuda ou feedback você está procurando - você pode convidar outros usuários para colaborar com você por meio de problemas ou pull requests sem ter que compartilhar suas informações privadas. Você também pode adicionar outras pessoas como colaborador externo no seu repositório de projeto para lhes dar permissões especiais e ajudá-lo a desenvolver o seu projeto. diff --git a/translations/pt-BR/content/site-policy/github-terms/github-community-guidelines.md b/translations/pt-BR/content/site-policy/github-terms/github-community-guidelines.md new file mode 100644 index 0000000000..90dea21aac --- /dev/null +++ b/translations/pt-BR/content/site-policy/github-terms/github-community-guidelines.md @@ -0,0 +1,86 @@ +--- +title: Diretrizes da comunidade do GitHub +redirect_from: + - /community-guidelines + - /articles/github-community-guidelines + - /github/site-policy/github-community-guidelines + - /github/site-policy/acceptable-use-policies/github-community-guidelines +versions: + fpt: '*' +topics: + - Policy + - Legal +--- + +Milhões de desenvolvedores em todo o mundo hospedam milhões de projetos, tanto de código aberto como de código fechado, no GitHub. Nós temos sorte de poder participar da colaboração em toda a comunidade de desenvolvedores todos os dias que é uma responsabilidade que não aceitamos de de forma leviana. Juntos, todos nós temos a oportunidade interessante de fazer desta uma comunidade de que nos podemos orgulhar. + +Nossa base de usuários diversificada traz perspectivas, ideias e experiências diferentes, e varia entre pessoas que criaram seu primeiro projeto "Hello World" na semana passada e os desenvolvedores de software mais conhecidos do mundo. Temos o compromisso de fazer do GitHub um ambiente que acolhe todas as diferentes vozes e perspectivas que a nossa comunidade tem a oferecer, mantendo um lugar seguro para os desenvolvedores fazerem o seu melhor trabalho. + +Ao definiro conceito de uma comunidade [é segura, receptiva e produtiva](https://opensource.guide/building-community/) no GitHub, esperamos ajudar você a entender a melhor maneira de interagir e colaborar na nossa plataforma de acordo com os nossos [Termos de Serviço](/github/site-policy/github-terms-of-service) e [Políticas de Uso Aceitável](/github/site-policy/github-acceptable-use-policies). + +Nós incentivamos os integrantes da comunidade a comunicarem as expectativas claramente, [moderar](#what-if-something-or-someone-offends-you) seus projetos quando possível e [reporte](https://github.com/contact/report-abuse) qualquer conteúdo que possa violar as nossas [políticas](/github/site-policy/github-terms-of-service). A equipe do GitHub irá investigar quaisquer denúncias de abusos e poderá moderar o conteúdo público em nosso site que determinamos estar em violação dos nossos Termos de Serviço. + + +## Mantendo uma comunidade forte + +A finalidade principal da comunidade do GitHub é colaborar em projetos de software. Estamos comprometidos em manter uma comunidade onde os usuários são livres para se expressarem e desafiarem as ideias uns dos outros, tanto ideias técnicas como outras. Ao mesmo tempo, é importante que os usuários permaneçam respeitosos e permitam espaço para que outros contribuam abertamente. A fim de promover um ambiente seguro e produtivo, recomendamos que os integrantes da nossa comunidade recorram a essas diretrizes para informar como interagem em nossa plataforma. Abaixo, você encontrará algumas sugestões de como ter interações bem-sucedidas como um integrante valioso da comunidade do GitHub. + +* **Seja receptivo e mente aberta** - Novos usuários juntam-se à nossa comunidade diariamente. Alguns são desenvolvedores bem estabelecidos, enquanto outros estão apenas começando. Esteja aberto a outras ideias e níveis de experiência. Abra espaço para opiniões diferentes das suas e dê as boas-vindas aos novos colaboradores e aqueles que estão apenas começando. + +* **Seja respeitoso** - Trabalhar em um ambiente colaborativo significa que pode haver desacordos. Mas lembre-se de criticar ideias, não pessoas. Compartilhe críticas ponderadas e construtivas e seja cortês com aqueles com quem você interagem. Se você não conseguir interagir com respeito, considere dar um passo atrás ou usar algumas de nossas ferramentas de moderação para desescalar uma situação tensa. + +* **Ser empático** - O GitHub é uma comunidade global com pessoas de diversas origens e perspectivas que podem não ser as mesmas das suas. Tente se colocar na pele dos demais e compreender seus sentimentos antes de abordá-los. Faça o seu melhor para ajudar a fazer do GitHub uma comunidade onde as pessoas se sintam seguras para fazer contribuições, participar de discussões e compartilhar ideias diferentes. + + +## E se algo ou alguém ofender você? + +Embora alguns desacordos possam ser resolvidos com comunicação direta e respeitosa entre os integrantes da comunidade, nós entendemos que nem sempre é esse o caso. Incentivamos a nossa comunidade a [nos informar](https://support.github.com/contact/report-abuse?category=report-abuse&report=other&report_type=unspecified) quando acreditarem que o conteúdo ou atividade que encontraram viola nossas políticas. No entanto, se você encontrar algo ou alguém no site que você considere censurável, aqui estão algumas maneiras que o GitHub lhe permite tomar medidas: + +* **Comunicar expectativas** - Os mantenedores podem definir diretrizes específicas da comunidade para ajudar os usuários a entender como interagir com seus projetos, por exemplo, no README de um repositório, em um [arquivo de CONTRIBUIÇÃO](/articles/setting-guidelines-for-repository-contributors/) ou [código de conduta dedicado](/articles/adding-a-code-of-conduct-to-your-project/). Você pode encontrar informações adicionais sobre a criação da comunidades [aqui](/communities). + + +* **Comentários moderados** - Os usuários com privilégios de acesso de gravação [](/articles/repository-permission-levels-for-an-organization/) em um repositório [podem editar, excluir ou ocultar comentários de alguém](/communities/moderating-comments-and-conversations/managing-disruptive-comments) em commits, pull requests e problemas. Qualquer pessoa com acesso de leitura em um repositório pode visualizar o histórico de edição do comentário. Os autores de comentários e as pessoas com acesso de gravação a um repositório também podem excluir informações confidenciais do [histórico de edição dos comentários](/communities/moderating-comments-and-conversations/tracking-changes-in-a-comment). Moderar os seus projetos pode parecer uma grande tarefa se houver muita atividade, mas você pode [adicionar colaboradores](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository#collaborator-access-for-a-repository-owned-by-a-user-account) para ajudar você a gerenciar a sua comunidade. + +* **Bloquear conversas**- Se uma discussão em um problema, pull request, ou commit fugir do assunto ou do tema, ou violar o código de conduta do seu projeto ou as políticas do GitHub, os proprietários, colaboradores, e qualquer pessoa com acesso de gravação poderá [bloquear](/articles/locking-conversations/) permanentemente a conversa. + +* **Bloquear Usuários** - Se você encontrar um usuário específico com quem você prefere não se relacionar, você pode [bloquear o usuário na sua conta pessoal](/articles/blocking-a-user-from-your-personal-account/) ou [na sua organização](/articles/blocking-a-user-from-your-organization/). + +* **Limite de interações** - Se seu projeto público estiver recebendo atenção indesejada, sendo ridicularizado, recebendo spam ou se você não tiver a opção de configurar [limites temporários de interação](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository) para impedir que certos usuários interajam com seu repositório. Você pode até mesmo definir [limites de revisão de código](https://github.blog/2021-11-01-github-keeps-getting-better-for-open-source-maintainers/#preventing-drive-by-pull-request-approvals-and-requested-changes) para garantir contribuições de qualidade nos seus projetos. + + +Embora sejamos apaixonados por capacitar os mantenedores a moderar os seus próprios projetos, entre em contato conosco por {% data variables.contact.report_abuse %} se precisar de apoio adicional para lidar com uma situação. + +## O que acontece se alguém violar as políticas do GitHub? + +Nós contamos com relatórios da comunidade, bem como detecção proativa, para ajudar a garantir que o GitHub seja uma plataforma segura, receptiva e produtiva para desenvolvedores de software. Há uma série de fatores que consideramos quando estamos cientes de um comportamento ou conteúdo que não estão de acordo com as políticas do GitHub. No entanto, a nossa abordagem de aplicação de políticas e moderação de conteúdo prioriza a nossa visão para ser o abrigo para todos os desenvolvedores. Isso significa que: + +- Otimizamos a colaboração com código. Reconhecemos que o código pode ter várias utilizações e distinguimos entre como o código está sendo usado na plataforma e outros usos possíveis. Também pensamos em como nossas ações de execução podem afetar uma rede potencialmente complicada de interdependências em toda a plataforma e procurar restringir o mínimo de conteúdo legítimo possível. + +- Temos uma abordagem antropocêntrica para moderar o conteúdo e talhamos as nossas respostas para atender às necessidades de uma situação específica. Nossa equipe global investiga os relatórios que recebemos caso a caso - considerando o contexto e os fatos circundantes antes de agir. Isso pode incluir levar em conta conteúdo potencialmente ofensivo postado de maneira que não tenha contexto ou facilite a visualização ou interação indesejada enquanto usam o GitHub. Nesses casos, podemos favorecer a moderação a fim de proteger a nossa comunidade. + +- As nossas decisões estão enraizadas na nossa convicção fundamental de que servir uma comunidade interligada e capacitar o progresso humano por meio da colaboração de desenvolvedores exige um compromisso com a diversidade. inclusão e pertencimento. + +Nos casos em que decidimos que se justifica uma ação de moderação, estas são algumas das formas de responder: + +* Remover o conteúdo ofensivo +* Bloquear ou desabilitar o conteúdo ofensivo +* Desatualizando a visibilidade do conteúdo ofensivo +* Ocultar uma conta de usuário ou organização da visualização pública +* Suspender uma conta de usuário ou organização + + +## Apelação e reinstauração + +Em alguns casos, pode haver justificativa para reverter uma ação de moderação tomada pela equipe do GitHub. + +* **Restabelecimento**: Quando um usuário deseja corrigir a violação e está disposto a aceitar o cumprimento de nossas Políticas de Uso Aceitáveis dali em diante, podemos optar por restabelecar a sua conta ou conteúdo dependendo da gravidade da violação inicial. + +* **Recurso**: Se um usuário deseja contestar o fundamento de uma ação de execução e puder fornecer informações adicionais sobre a alegada violação, reanalisaremos essas informações e poderemos interpor recurso sempre que tivermos determinado que não ocorreu uma violação. + +Se você procurar restabelecer ou recorrer de uma ação de execução, entre em contato com [suporte](https://support.github.com/contact?tags=docs-policy). + +## Avisos Legais + +Colocamos essas Diretrizes da Comunidade em domínio público para que qualquer pessoa use, reutilize, adapte, ou seja o que for, nos termos de [CC0-1.0](https://creativecommons.org/publicdomain/zero/1.0/). + +Estas são apenas diretrizes; elas não modificam nossos [Termos de Serviço](/articles/github-terms-of-service/) e não pretendem ser uma lista completa. Nesses termos, o GitHub mantém o critério completo para remover qualquer conteúdo ou encerrar quaisquer contas de atividade que violem as nossas [Políticas de uso aceitável](/articles/github-acceptable-use-policies). Estas diretrizes descrevem quando iremos exercer esse critério. diff --git a/translations/pt-BR/content/github/site-policy/github-corporate-terms-of-service.md b/translations/pt-BR/content/site-policy/github-terms/github-corporate-terms-of-service.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-corporate-terms-of-service.md rename to translations/pt-BR/content/site-policy/github-terms/github-corporate-terms-of-service.md index 893e05f60e..63b27dd9c2 100644 --- a/translations/pt-BR/content/github/site-policy/github-corporate-terms-of-service.md +++ b/translations/pt-BR/content/site-policy/github-terms/github-corporate-terms-of-service.md @@ -2,6 +2,7 @@ title: Termos de Serviço Corporativos do GitHub redirect_from: - /articles/github-corporate-terms-of-service + - /github/site-policy/github-corporate-terms-of-service versions: fpt: '*' topics: @@ -76,7 +77,7 @@ Este Contrato aplica-se às seguintes ofertas do GitHub, conforme definido a seg **"Representantes"** significa funcionários, dirigentes, agentes, contratados independentes, consultores, advogados e consultores financeiros da Parte. -**"Scraping"** (raspagem) significa extrair dados do Serviço por meio de um processo automatizado, como um bot ou rastreador web (webcrawler), e não inclui a coleta de informações por meio da API do GitHub. +**"Scraping"** (raspagem) significa extrair dados do Serviço por meio de um processo automatizado, como um bot ou rastreador web (webcrawler), e não inclui a coleta de informações por meio da API do GitHub. **"Serviço"** significa o serviço hospedado pelo GitHub e qualquer Documentação aplicável. @@ -123,7 +124,7 @@ O compromisso trimestral de tempo de atividade do GitHub para o GitHub Enterpris ### 1. Cumprimento de leis e regulamentos O uso dos Produtos pelo Cliente não deve violar quaisquer leis aplicáveis, inclusive leis de direitos autorais ou de marcas registradas, leis de controle de exportação ou regulamentos em sua jurisdição. -### 2. Uso Aceitável +### 2. Uso aceitável O uso do Serviço pelo Cliente deve estar em conformidade com a [Política de Uso Aceitável do GitHub](/articles/github-acceptable-use-policies) e as [Diretrizes da Comunidade do GitHub](/articles/github-community-guidelines). O Cliente não deve usar o Serviço em qualquer jurisdição para atividade ou Conteúdo ilegal, obsceno, ofensivo ou fraudulento, como defender ou causar danos, interferir ou violar a integridade ou a segurança de uma rede ou um sistema, enganar os filtros, enviar vírus ou código nocivo e mensagens não solicitadas, abusivas ou enganosas ou violar direitos de terceiros. ### 3. Privacidade @@ -285,7 +286,7 @@ O GitHub altera o Serviço através de Atualizações e adição de novos recurs ## S. Suporte O GitHub fornecerá suporte técnico padrão para o Serviço sem cobrança adicional, vinte e quatro (24) horas por dia, cinco (5) dias por semana, excluindo fins de semana e feriados americanos. feriados. O Suporte padrão só é oferecido por meio de tíquetes na Web pelo Suporte do GitHub, e as solicitações de Suporte devem ser iniciadas a partir de um Usuário com o qual a equipe de Suporte do GitHub possa interagir. O GitHub pode oferecer Suporte premium (sujeito aos termos do [Suporte Premium para Enterprise Cloud](/articles/about-github-premium-support) ) ou Suporte técnico dedicado para o Serviço no nível de Suporte, Taxas e Termos de Assinatura especificados em um Formulário de Pedido ou SOW. -## T. Disposições Gerais +## T. Diversos ### 1. Lei Governamental Se o escritório principal do cliente estiver localizado nas Américas, este Contrato será regido e interpretado pelas leis do Estado da Califórnia, sem acionar os princípios de conflito da lei, qualquer processo ou ação judicial decorrente do presente Contrato será levado exclusivamente aos tribunais localizados na comarca do Norte da Califórnia e as Partes concordam com a jurisdição e o foro nesse local. Se o escritório principal do cliente estiver localizado fora das Américas, este Contrato será regido pelas leis da Irlanda, qualquer ação judicial ou processo decorrente do presente Contrato será levado exclusivamente aos tribunais localizados em Dublin e as Partes concordam com a jurisdição e o foro nesse local. As Partes concordam expressamente que a Convenção das Nações Unidas para a Venda Internacional de Mercadorias e a Lei Uniforme Para Transação de Informações no Computador não se aplicarão a este Contrato. Não obstante qualquer disposição em contrário no acima exposto, o GitHub pode apresentar um pedido de recurso em equidade em qualquer tribunal com jurisdição adequada. diff --git a/translations/pt-BR/content/github/site-policy/github-event-code-of-conduct.md b/translations/pt-BR/content/site-policy/github-terms/github-event-code-of-conduct.md similarity index 98% rename from translations/pt-BR/content/github/site-policy/github-event-code-of-conduct.md rename to translations/pt-BR/content/site-policy/github-terms/github-event-code-of-conduct.md index a7f04150e8..6f40080714 100644 --- a/translations/pt-BR/content/github/site-policy/github-event-code-of-conduct.md +++ b/translations/pt-BR/content/site-policy/github-terms/github-event-code-of-conduct.md @@ -2,6 +2,7 @@ title: Código de conduta de eventos do GitHub redirect_from: - /articles/github-event-code-of-conduct + - /github/site-policy/github-event-code-of-conduct versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-event-terms.md b/translations/pt-BR/content/site-policy/github-terms/github-event-terms.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-event-terms.md rename to translations/pt-BR/content/site-policy/github-terms/github-event-terms.md index ccf296669e..2a3a3b93f9 100644 --- a/translations/pt-BR/content/github/site-policy/github-event-terms.md +++ b/translations/pt-BR/content/site-policy/github-terms/github-event-terms.md @@ -2,6 +2,7 @@ title: Termos de eventos do GitHub redirect_from: - /articles/github-event-terms + - /github/site-policy/github-event-terms versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-marketplace-developer-agreement.md b/translations/pt-BR/content/site-policy/github-terms/github-marketplace-developer-agreement.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-marketplace-developer-agreement.md rename to translations/pt-BR/content/site-policy/github-terms/github-marketplace-developer-agreement.md index d3ff9c7dc1..2c22daa47c 100644 --- a/translations/pt-BR/content/github/site-policy/github-marketplace-developer-agreement.md +++ b/translations/pt-BR/content/site-policy/github-terms/github-marketplace-developer-agreement.md @@ -2,6 +2,7 @@ title: Contrato de desenvolvedor do GitHub Marketplace redirect_from: - /articles/github-marketplace-developer-agreement + - /github/site-policy/github-marketplace-developer-agreement versions: fpt: '*' topics: @@ -65,12 +66,12 @@ Não obstante qualquer um dos requisitos estabelecidos na Seção 2 acima, Prop - 2\. Contenha ou instale qualquer malware ou explorações ativas, ou use nossa plataforma para explorar a entrega (como uma parte de um comando ou sistema de controle); - 3\. Interfira, interrompa, danifique, prejudique ou acesse de forma não autorizada as máquinas, sistemas, hardware, servidores, redes, dispositivos, dados ou outros bens ou serviços de terceiros; - 4\. Inclua conteúdo falso ou enganoso; -- 5\. Infrinja qualquer direito de propriedade de qualquer parte, incluindo patentes, marcas comerciais, segredos comerciais, direito de publicidade ou outros direitos; +- 5\. Infringe qualquer direito de propriedade de qualquer parte, incluindo patentes, marcas comerciais, segredos comerciais, direito de publicidade ou outros direitos; - 6\. Seja injurioso, difamatório ou fraudulento; - 7\. Permita o download não autorizado de conteúdo ou mídia de streaming; - 8\. Exiba ou linque conteúdo ilegal; - 9\. assedie, abuse, ameace ou incite a violência contra qualquer indivíduo ou grupo, incluindo nossos funcionários, dirigentes e agentes ou outros usuários; -- 10\. Seja ou tenha conteúdo sexualmente obsceno; +- 10\. é ou tem conteúdo sexualmente obsceno; - 11\. Seja discriminatório ou abusivo contra qualquer indivíduo ou grupo; - 12\. Desvie Usuários Finais ou forneça links para qualquer outro site que imite o Marketplace ou finja ser o o Marketplace. diff --git a/translations/pt-BR/content/github/site-policy/github-marketplace-terms-of-service.md b/translations/pt-BR/content/site-policy/github-terms/github-marketplace-terms-of-service.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-marketplace-terms-of-service.md rename to translations/pt-BR/content/site-policy/github-terms/github-marketplace-terms-of-service.md index 221a27a9f3..4716bf5c5f 100644 --- a/translations/pt-BR/content/github/site-policy/github-marketplace-terms-of-service.md +++ b/translations/pt-BR/content/site-policy/github-terms/github-marketplace-terms-of-service.md @@ -2,6 +2,7 @@ title: Termos de serviço do GitHub Marketplace redirect_from: - /articles/github-marketplace-terms-of-service + - /github/site-policy/github-marketplace-terms-of-service versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-open-source-applications-terms-and-conditions.md b/translations/pt-BR/content/site-policy/github-terms/github-open-source-applications-terms-and-conditions.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-open-source-applications-terms-and-conditions.md rename to translations/pt-BR/content/site-policy/github-terms/github-open-source-applications-terms-and-conditions.md index 7de454f368..578f801b09 100644 --- a/translations/pt-BR/content/github/site-policy/github-open-source-applications-terms-and-conditions.md +++ b/translations/pt-BR/content/site-policy/github-terms/github-open-source-applications-terms-and-conditions.md @@ -2,6 +2,7 @@ title: Termos e condições dos aplicativos de código aberto do GitHub redirect_from: - /articles/github-open-source-applications-terms-and-conditions + - /github/site-policy/github-open-source-applications-terms-and-conditions versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-registered-developer-agreement.md b/translations/pt-BR/content/site-policy/github-terms/github-registered-developer-agreement.md similarity index 87% rename from translations/pt-BR/content/github/site-policy/github-registered-developer-agreement.md rename to translations/pt-BR/content/site-policy/github-terms/github-registered-developer-agreement.md index 8528a967c5..646c2e8489 100644 --- a/translations/pt-BR/content/github/site-policy/github-registered-developer-agreement.md +++ b/translations/pt-BR/content/site-policy/github-terms/github-registered-developer-agreement.md @@ -2,6 +2,7 @@ title: Contrato de desenvolvedor registrado do GitHub redirect_from: - /articles/github-registered-developer-agreement + - /github/site-policy/github-registered-developer-agreement versions: fpt: '*' topics: @@ -55,7 +56,7 @@ Este Contrato é um acordo legal entre você ("você") e o GitHub, Inc. ("GitHub As obrigações desta Seção 6 não se aplicam a informações que você pode provar que: (i) estavam, geralmente, disponíveis ao público antes de nós a termos divulgado para você; (ii) tornaram-se, geralmente, disponíveis ao público depois que as divulgamos a você, através de nenhuma ação ou inação de sua parte, ou por parte de seus funcionários ou fornecedores; (iii) você as conhecia antes de as divulgarmos a você; (iv) foram divulgadas a você por um terceiro, que não tinha nenhuma obrigação de confidencialidade em relação a elas; (v) você as desenvolveu independentemente sem violação de qualquer obrigação de confidencialidade para nós ou qualquer terceiro; ou (vi) demos permissão a você para divulgá-las, assinado por escrito, através de um de nossos representantes autorizados. - Se dermos a você algum software de pré-lançamento ou documentação ou materiais relacionados, que podem incluir vídeos ou outras formas de conteúdo ("Materiais de pré-lançamento"), você estará sujeito à conformidade com os termos e condições deste Contrato e do TOS; concedemos a você um direito e uma licença não-exclusivos, intransferíveis e revogáveis para usar os Materiais de Pré-Lançamento exclusivamente para suportar seus testes e/ou desenvolvimento de produtos ou serviços que foram projetados para operar em combinação com os sistemas ou programas para os quais os Materiais de Pré-lançamento são projetados. Se os Materiais de Pré-Lançamento forem acompanhados de um contrato de licença a parte, você concorda que o contrato de licença a parte (além de quaisquer disposições mais restritivas contidas neste Contrato ou no TOS) será aplicado. Você concorda em não descompilar, fazer engenharia reversa, desmontar ou reduzir de qualquer forma os Materiais de Pré-Lançamento a uma forma percebível pelo homem, e promete não modificar, fazer rede, alugar, fazer leasing, transmitir, vender ou emprestar os Materiais de Pré-lançamento, no todo ou em parte. Você entende que não somos obrigados a fornecer quaisquer materiais de pré-lançamento para você, para fornecer-lhe atualizações, melhorias ou correções para os Materiais de Pré-lançamento, ou para notificá-lo de alterações que fazemos em nossos produtos e serviços, agora ou no futuro. + Se dermos a você algum software de pré-lançamento ou documentação ou materiais relacionados, que podem incluir vídeos ou outras formas de conteúdo ("Materiais de pré-lançamento"), você estará sujeito à conformidade com os termos e condições deste Contrato e do TOS; concedemos a você um direito e uma licença não-exclusivos, intransferíveis e revogáveis para usar os Materiais de Pré-Lançamento exclusivamente para suportar seus testes e/ou desenvolvimento de produtos ou serviços que foram projetados para operar em combinação com os sistemas ou programas para os quais os Materiais de Pré-lançamento são projetados. Se os Materiais de Pré-Lançamento forem acompanhados de um contrato de licença a parte, você concorda que o contrato de licença a parte (além de quaisquer disposições mais restritivas contidas neste Contrato ou no TOS) será aplicado. Você concorda em não descompilar, fazer engenharia reversa, desmontar ou reduzir os Materiais de Pré-Lançamento a uma forma perceptível rede pelo homem, e se compromete a não modificar, interligar, alugar, fazer leasing, transmitir, vender ou emprestar os Materiais de Pré-lançamento, no todo ou em parte. Você compreende que não somos obrigados a fornecer quaisquer Materiais de Pré-lançamento a você, atualizações, melhorias ou correções para os Materiais de Pré-lançamento, ou notificá-lo de alterações que fazemos em nossos produtos e serviços, agora ou no futuro. 7. **Taxas e Pagamento** @@ -73,7 +74,7 @@ Este Contrato é um acordo legal entre você ("você") e o GitHub, Inc. ("GitHub Você nos garante que: (i) tem autoridade para executar este Contrato e cumprir suas obrigações; (ii) conduzirá negócios de forma favorável em todos os momentos sobre os produtos e serviços do GitHub e nosso bom nome, boa vontade e reputação; (iii) não fará declarações ou representações falsas ou enganosas sobre o GitHub ou nossos produtos e serviços; (iv) não assumirá qualquer obrigação ou responsabilidade, ou fará qualquer representação, garantia, aval ou endosso a qualquer pessoa em nosso nome (incluindo, sem limitação, qualquer um de nossos produtos ou serviços); e (v) não declarará ou implicará que desenvolvemos, endossamos, revisamos ou aprovamos qualquer um de seus Produtos. - O PROGRAMA, A API E QUAISQUER INFORMAÇÕES CONFIDENCIAIS QUE DAMOS A VOCÊ (INCLUINDO, SEM LIMITAÇÃO, OS MATERIAIS DE PRÉ-LANÇAMENTO) SÃO FORNECIDOS "COMO ESTÁ", E SEM GARANTIA DE QUALQUER TIPO, EXPRESSA OU IMPLÍCITA. NÓS, ESPECIFICAMENTE, REJEITAMOS QUAISQUER E TODAS AS GARANTIAS OU CONDIÇÕES IMPLÍCITAS DE COMERCIALIZAÇÃO, ADEQUAÇÃO A UM OBJETIVO ESPECÍFICO E NÃO INFRAÇÃO. NÃO GARANTIMOS QUE QUAISQUER SERVIÇOS OU PRODUTOS QUE DISPONIBILIZAMOS PARA VOCÊ ATENDERÃO ÀS SUAS NECESSIDADES OU A DE SEUS USUÁRIOS FINAIS. + O PROGRAMA, A API E QUAISQUER INFORMAÇÕES CONFIDENCIAIS QUE DAMOS A VOCÊ (INCLUINDO, SEM LIMITAÇÃO, OS MATERIAIS DE PRÉ-LANÇAMENTO) SÃO FORNECIDOS "COMO ESTÁ", E SEM GARANTIA DE QUALQUER TIPO, EXPRESSA OU IMPLÍCITA. NÓS ESPECIFICAMENTE REJEITAMOS QUALQUER E TODAS AS GARANTIAS OU CONDIÇÕES IMPLÍCITAS DE COMERCIALIZAÇÃO, ADEQUAÇÃO A UM OBJETIVO ESPECÍFICO E NÃO INFRAÇÃO. NÃO GARANTIMOS QUE QUAISQUER SERVIÇOS OU PRODUTOS QUE DISPONIBILIZAMOS PARA VOCÊ ATENDERÃO ÀS SUAS NECESSIDADES OU A DE SEUS USUÁRIOS FINAIS. 10. **Indenização** @@ -81,11 +82,11 @@ Este Contrato é um acordo legal entre você ("você") e o GitHub, Inc. ("GitHub 11. **Limitação de responsabilidade** - EM NENHUM CASO, SEREMOS RESPONSÁVEIS POR VOCÊ OU QUALQUER TERCEIRO POR QUAISQUER DANOS INDIRETOS, ESPECIAIS, INCIDENTAIS, CONSEQUENCIAIS, EXEMPLARES OU PUNITIVOS, INCLUINDO MAS NÃO SE LIMITANDO A DANOS POR DADOS PERDIDOS, LUCROS CESSANTES OU CUSTOS DE AQUISIÇÃO DE MERCADORIAS OU SERVIÇOS SUBSTITUTOS, QUALQUER QUE SEJA A CAUSA E SOB QUALQUER TEORIA DE RESPONSABILIDADE, SEJA POR CONTRATO, RESPONSABILIDADE CIVIL (INCLUINDO, SEM LIMITAÇÕES, RESPONSABILIDADE SOBRE PRODUTOS, RESPONSABILIDADE ESTRITA E NEGLIGÊNCIA) OU QUALQUER OUTRA TEORIA, E SE CONHECÍAMOS OU DEVERÍAMOS CONHECER A POSSIBILIDADE DE TAL DANO. EM NENHUMA HIPÓTESE, A NOSSA RESPONSABILIDADE AGREGADA A VOCÊ DECORRENDO OU RELACIONADA A ESTE CONTRATO POR QUALQUER CAUSA, E INDEPENDENTE DA FORMA DE AÇÃO, SEJA POR CONTRATO OU RESPONSABILIDADE CIVIL, EXCEDERÁ O MAIOR VALOR (I) QUE VOCÊ REALMENTE PAGOU SOB ESTE CONTRATO; OU (II) QUINHENTOS DÓLARES (US$ 500). AS LIMITAÇÕES SUPRACITADAS SERÃO APLICÁVEIS NÃO OBSTANTE A FALHA DO PROPÓSITO ESSENCIAL DE QUALQUER RECURSO LIMITADO INDICADO NESTE CONTRATO. + SOB NENHUMA CIRCUNSTÂNCIA, SEREMOS RESPONSABILIZADOS POR VOCÊ OU POR TERCEIROS POR DANOS INDIRETOS, ESPECIAIS, INCIDENTAIS, CONSEQUENCIAIS, EXEMPLARES OU PUNITIVOS, INCLUINDO MAS NÃO SE LIMITANDO A DANOS POR DADOS PERDIDOS, LUCROS PERDIDOS OU CUSTOS COM A COMPRA DE MERCADORIAS OU SERVIÇOS SUBSTITUTOS, POR QUAISQUER CAUSAS E SOB QUALQUER TEORIA DE RESPONSABILIDADE, SEJA EM CONTRATO OU RESPONSABILIDADE CIVIL (INCLUINDO MAS NÃO SE LIMITANDO A RESPONSABILIDADE DOS PRODUTOS, RESPONSABILIDADE ESTRITA E NEGLIGÊNCIA), OU QUALQUER OUTRA TEORIA, E SE CONHECEMOS OU DEVEMOS CONHECER A POSSIBILIDADE DE TAIS DANOS. EM NENHUMA HIPÓTESE, A NOSSA RESPONSABILIDADE AGREGADA A VOCÊ DECORRENDO OU RELACIONADA A ESTE CONTRATO POR QUALQUER CAUSA, E INDEPENDENTE DA FORMA DE AÇÃO, SEJA EM CONTRATO OU EM RESPONSABILIDADE CIVIL, EXCEDERÁ O MAIOR VALOR (I) QUE VOCÊ REALMENTE PAGOU SOB ESTE CONTRATO; OU (II) QUINHENTOS DÓLARES (US$ 500). AS LIMITAÇÕES SUPRACITADAS SERÃO APLICÁVEIS NÃO OBSTANTE A FALHA DO PROPÓSITO ESSENCIAL DE QUALQUER RECURSO LIMITADO INDICADO NESTE CONTRATO. 12. **Controle de exportação** - Você não tem permissão para exportar ou reexportar nenhuma das nossas Informações Confidenciais, exceto conforme autorizado pela lei dos Estados Unidos e pelas leis da jurisdição em que as Informações Confidenciais foram obtidas. Particularmente, você não está autorizado a exportar ou reexportar nossas Informações Confidenciais para qualquer país embargado pelos EUA, para qualquer pessoa na lista de Nacionais Especialmente Designados do Departamento do Tesouro dos EUA, ou para qualquer pessoa na Lista de Pessoas e Entidades do Departamento de Comércio dos EUA. países embargados, para qualquer um nos Estados Unidos Lista do Departamento do Tesouro dos Nacionais Designados Especialmente ou para qualquer pessoa dos EUA. Departamento de Comércio da Lista de Pessoas Indeferidas ou Lista de Entidades. Ao aderir ao Programa ou receber qualquer uma de nossas Informações Confidenciais, você declara e garante que não está localizado em nenhum desses países ou em qualquer lista. + Você não tem permissão para exportar ou reexportar quaiquer Informações Confidenciais, exceto conforme autorizado pela lei dos Estados Unidos e pelas leis da jurisdição em que as Informações Confidenciais foram obtidas. Particularmente, você não está autorizado a exportar ou reexportar nossas Informações Confidenciais para qualquer país embargado pelos EUA, para qualquer pessoa na lista de Nacionais Especialmente Designados do Departamento do Tesouro dos EUA, ou para qualquer pessoa na Lista de Pessoas e Entidades do Departamento de Comércio dos EUA. países embargados, para qualquer um nos Estados Unidos Lista do Departamento do Tesouro dos Nacionais Designados Especialmente ou para qualquer pessoa dos EUA. Departamento de Comércio da Lista de Pessoas Indeferidas ou Lista de Entidades. Ao aderir ao Programa ou receber qualquer uma de nossas Informações Confidenciais, você declara e garante que não está localizado em nenhum desses países ou em qualquer lista. 13. **Direitos Proprietários** diff --git a/translations/pt-BR/content/github/site-policy/github-research-program-terms.md b/translations/pt-BR/content/site-policy/github-terms/github-research-program-terms.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-research-program-terms.md rename to translations/pt-BR/content/site-policy/github-terms/github-research-program-terms.md index 02e9dbeb81..e95646de66 100644 --- a/translations/pt-BR/content/github/site-policy/github-research-program-terms.md +++ b/translations/pt-BR/content/site-policy/github-terms/github-research-program-terms.md @@ -2,6 +2,7 @@ title: Termos do programa de pesquisa do GitHub redirect_from: - /articles/github-research-program-terms + - /github/site-policy/github-research-program-terms versions: fpt: '*' topics: @@ -51,7 +52,7 @@ Exceto conforme proibido por lei, você entende e concorda que não seremos resp Nossa responsabilidade está limitada ao fato de termos ou não sido informados da possibilidade de tais danos, e mesmo que se encontre uma solução neste Contrato que não tenha falhado em seu propósito essencial. Não teremos qualquer responsabilidade por qualquer falha ou atraso devido a questões que não sejam passíveis de um controle razoável. -## H. Disposições Gerais +## H. Diversos ### 1. Lei Governamental Exceto se a lei aplicável prever o contrário, este Contrato entre você e o GitHub e qualquer acesso ou uso do Site ou do Serviço são regidos pelas leis federais dos Estados Unidos da América e pelas leis do Estado da Califórnia, sem ter em conta as disposições em matéria de conflito de leis. Você e o GitHub aceitam submeterem-se à jurisdição exclusiva e aos tribunais localizados na Cidade e no Condado de São Francisco, Califórnia. diff --git a/translations/pt-BR/content/github/site-policy/github-sponsors-additional-terms.md b/translations/pt-BR/content/site-policy/github-terms/github-sponsors-additional-terms.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-sponsors-additional-terms.md rename to translations/pt-BR/content/site-policy/github-terms/github-sponsors-additional-terms.md index 91b0611637..b7de24c490 100644 --- a/translations/pt-BR/content/github/site-policy/github-sponsors-additional-terms.md +++ b/translations/pt-BR/content/site-policy/github-terms/github-sponsors-additional-terms.md @@ -2,6 +2,7 @@ title: Termos Adicionais do GitHub Sponsors redirect_from: - /articles/github-sponsors-additional-terms + - /github/site-policy/github-sponsors-additional-terms versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-terms-for-additional-products-and-features.md b/translations/pt-BR/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-terms-for-additional-products-and-features.md rename to translations/pt-BR/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md index 3fe5b95186..70b364630f 100644 --- a/translations/pt-BR/content/github/site-policy/github-terms-for-additional-products-and-features.md +++ b/translations/pt-BR/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md @@ -2,6 +2,7 @@ title: Termos do GitHub para Produtos e Funcionalidades Adicionais redirect_from: - /github/site-policy/github-additional-product-terms + - /github/site-policy/github-terms-for-additional-products-and-features versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-terms-of-service.md b/translations/pt-BR/content/site-policy/github-terms/github-terms-of-service.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-terms-of-service.md rename to translations/pt-BR/content/site-policy/github-terms/github-terms-of-service.md index aa07a18f30..45d632776e 100644 --- a/translations/pt-BR/content/github/site-policy/github-terms-of-service.md +++ b/translations/pt-BR/content/site-policy/github-terms/github-terms-of-service.md @@ -6,6 +6,7 @@ redirect_from: - /terms-of-service - /github-terms-of-service-draft - /articles/github-terms-of-service + - /github/site-policy/github-terms-of-service versions: fpt: '*' topics: @@ -21,7 +22,7 @@ Obrigado por usar o GitHub! Estamos felizes por você estar aqui. Por favor, lei | ------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [A. Definições](#a-definitions) | Alguns termos básicos estão definidos de forma a lhe ajudar a compreender este contrato. Consulte novamente esta seção para quaisquer esclarecimentos. | | [B. Termos da conta](#b-account-terms) | Estes são os requisitos básicos para ter uma Conta no GitHub. | -| [C. Uso Aceitável](#c-acceptable-use) | Estas são as regras básicas que você deve seguir ao usar sua Conta no GitHub. | +| [C. Uso aceitável](#c-acceptable-use) | Estas são as regras básicas que você deve seguir ao usar sua Conta no GitHub. | | [D. Conteúdo gerado pelo usuário](#d-user-generated-content) | Você é o proprietário do conteúdo que posta no GitHub. No entanto, você tem algumas responsabilidades relativamente a esta questão, e nós pedimos que você nos conceda alguns direitos para que possamos fornecer-lhe serviços. | | [E. Repositórios privados](#e-private-repositories) | Esta seção fala como o GitHub tratará o conteúdo que você publicar em repositórios privados. | | [F. Copyright & Política DMCA](#f-copyright-infringement-and-dmca-policy) | Esta seção fala sobre como o GitHub irá responder se você acredita que alguém esteja violando seus direitos autorais no GitHub. | @@ -36,7 +37,7 @@ Obrigado por usar o GitHub! Estamos felizes por você estar aqui. Por favor, lei | [O. Limitação de responsabilidade](#o-limitation-of-liability) | Não seremos responsáveis por danos ou prejuízos resultantes da sua utilização ou incapacidade de utilizar o serviço ou de outra forma decorrente deste contrato. **Por favor, leia esta seção cuidadosamente; ela limita nossas obrigações para com você.** | | [P. Versão e Indenização](#p-release-and-indemnification) | Você é totalmente responsável pelo uso do serviço. | | [Q. Eu concordo com estes Termos de Serviço](#q-changes-to-these-terms) | Podemos modificar este contrato, mas vamos dar a você um aviso de 30 dias sobre as alterações materiais. | -| [R. Disposições Gerais](#r-miscellaneous) | Por favor, veja esta seção para detalhes legais, incluindo a nossa escolha de legislação. | +| [R. Diversos](#r-miscellaneous) | Por favor, veja esta seção para detalhes legais, incluindo a nossa escolha de legislação. | ## Termos de Serviço do GitHub Data de vigência: 16 de novembro de 2020 @@ -87,7 +88,7 @@ Se você é um Usuário do governo ou, de outro modo, acessar ou usar qualquer S Se você se inscreveu para o GitHub Enterprise Cloud, o [Adendo Enterprise Cloud](/articles/github-enterprise-cloud-addendum/) aplica-se a você, e você concorda com suas provisões. -## C. Uso Aceitável +## C. Uso aceitável **Versão curta:** *GitHub hospeda uma grande variedade de projetos colaborativos de todo o mundo, e essa colaboração só funciona quando nossos usuários são capazes de trabalhar em conjunto de boa fé. Ao usar o serviço, você deve estar de acordo com os termos desta seção, que inclui algumas restrições sobre o conteúdo que você pode publicar, conduta no serviço e outras limitações. Em resumo, sejam excelentes uns com os outros.* O seu uso do Site e Serviço não deve violar nenhuma lei aplicável, incluindo leis de direitos autorais ou de marcas registradas, controle de exportação ou leis de sanções, ou outras leis em sua jurisdição. Você é responsável por se certificar de que o uso do Serviço está em conformidade com as leis e quaisquer regulamentos aplicáveis. @@ -294,7 +295,7 @@ Nós nos reservamos o direito, a nosso exclusivo critério, de alterar estes Ter Nós nos reservamos o direito de, a qualquer momento e de vez em quando, modificar ou descontinuar, temporariamente ou permanentemente, o Site (ou qualquer parte dele) com ou sem aviso prévio. -## R. Disposições Gerais +## R. Diversos ### 1. Lei Governamental Exceto se a lei aplicável prever o contrário, este Contrato entre você e o GitHub e qualquer acesso ou uso do Site ou do Serviço são regidos pelas leis federais dos Estados Unidos da América e pelas leis do Estado da Califórnia, sem ter em conta as disposições em matéria de conflito de leis. Você e o GitHub aceitam submeterem-se à jurisdição exclusiva e aos tribunais localizados na Cidade e no Condado de São Francisco, Califórnia. diff --git a/translations/pt-BR/content/site-policy/github-terms/index.md b/translations/pt-BR/content/site-policy/github-terms/index.md new file mode 100644 index 0000000000..380f74a082 --- /dev/null +++ b/translations/pt-BR/content/site-policy/github-terms/index.md @@ -0,0 +1,23 @@ +--- +title: Termos do GitHub +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-corporate-terms-of-service + - /github-community-forum-code-of-conduct + - /github-community-guidelines + - /github-terms-of-service + - /github-sponsors-additional-terms + - /github-terms-for-additional-products-and-features + - /github-registered-developer-agreement + - /github-marketplace-terms-of-service + - /github-marketplace-developer-agreement + - /github-research-program-terms + - /github-open-source-applications-terms-and-conditions + - /github-event-terms + - /github-event-code-of-conduct +--- + diff --git a/translations/pt-BR/content/site-policy/index.md b/translations/pt-BR/content/site-policy/index.md new file mode 100644 index 0000000000..669441b4ce --- /dev/null +++ b/translations/pt-BR/content/site-policy/index.md @@ -0,0 +1,21 @@ +--- +title: Política do site +redirect_from: + - /categories/61/articles + - /categories/site-policy + - /github/site-policy +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-terms + - /acceptable-use-policies + - /privacy-policies + - /other-site-policies + - /content-removal-policies + - /security-policies + - /github-company-policies +--- + diff --git a/translations/pt-BR/content/github/site-policy/github-and-trade-controls.md b/translations/pt-BR/content/site-policy/other-site-policies/github-and-trade-controls.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-and-trade-controls.md rename to translations/pt-BR/content/site-policy/other-site-policies/github-and-trade-controls.md index bdec877688..99302bbc49 100644 --- a/translations/pt-BR/content/github/site-policy/github-and-trade-controls.md +++ b/translations/pt-BR/content/site-policy/other-site-policies/github-and-trade-controls.md @@ -5,6 +5,8 @@ redirect_from: - /articles/github-and-trade-control - /articles/github-and-trade-controls - /github/site-policy/github-and-export-controls + - /github/site-policy/github-and-trade-controls + - /github/site-policy/github-terms-and-other-site-policies/github-and-trade-controls versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-deceased-user-policy.md b/translations/pt-BR/content/site-policy/other-site-policies/github-deceased-user-policy.md similarity index 92% rename from translations/pt-BR/content/github/site-policy/github-deceased-user-policy.md rename to translations/pt-BR/content/site-policy/other-site-policies/github-deceased-user-policy.md index df80df52b3..40aded8910 100644 --- a/translations/pt-BR/content/github/site-policy/github-deceased-user-policy.md +++ b/translations/pt-BR/content/site-policy/other-site-policies/github-deceased-user-policy.md @@ -5,6 +5,9 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/github-deceased-user-policy + - /github/site-policy/github-terms-and-other-site-policies/github-deceased-user-policy --- No caso de um usuário do GitHub falecer, podemos trabalhar com um indivíduo autorizado para determinar o que acontecerá com o conteúdo da conta. diff --git a/translations/pt-BR/content/github/site-policy/github-government-takedown-policy.md b/translations/pt-BR/content/site-policy/other-site-policies/github-government-takedown-policy.md similarity index 95% rename from translations/pt-BR/content/github/site-policy/github-government-takedown-policy.md rename to translations/pt-BR/content/site-policy/other-site-policies/github-government-takedown-policy.md index 3ee4d7adbe..766bd6018a 100644 --- a/translations/pt-BR/content/github/site-policy/github-government-takedown-policy.md +++ b/translations/pt-BR/content/site-policy/other-site-policies/github-government-takedown-policy.md @@ -5,6 +5,9 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/github-government-takedown-policy + - /github/site-policy/github-terms-and-other-site-policies/github-government-takedown-policy --- ## O que é? diff --git a/translations/pt-BR/content/github/site-policy/github-logo-policy.md b/translations/pt-BR/content/site-policy/other-site-policies/github-logo-policy.md similarity index 89% rename from translations/pt-BR/content/github/site-policy/github-logo-policy.md rename to translations/pt-BR/content/site-policy/other-site-policies/github-logo-policy.md index 862caa3377..02ebc8032b 100644 --- a/translations/pt-BR/content/github/site-policy/github-logo-policy.md +++ b/translations/pt-BR/content/site-policy/other-site-policies/github-logo-policy.md @@ -4,6 +4,8 @@ redirect_from: - /articles/i-m-developing-a-third-party-github-app-what-do-i-need-to-know - /articles/using-an-octocat-to-link-to-github-or-your-github-profile - /articles/github-logo-policy + - /github/site-policy/github-logo-policy + - /github/site-policy/github-terms-and-other-site-policies/github-logo-policy versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-username-policy.md b/translations/pt-BR/content/site-policy/other-site-policies/github-username-policy.md similarity index 91% rename from translations/pt-BR/content/github/site-policy/github-username-policy.md rename to translations/pt-BR/content/site-policy/other-site-policies/github-username-policy.md index 7f15ca63e1..6eb320fdaf 100644 --- a/translations/pt-BR/content/github/site-policy/github-username-policy.md +++ b/translations/pt-BR/content/site-policy/other-site-policies/github-username-policy.md @@ -3,6 +3,8 @@ title: Política de nome de usuário do GitHub redirect_from: - /articles/name-squatting-policy - /articles/github-username-policy + - /github/site-policy/github-username-policy + - /github/site-policy/github-terms-and-other-site-policies/github-username-policy versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md b/translations/pt-BR/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md rename to translations/pt-BR/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md index 8e18e49215..d296ed74b5 100644 --- a/translations/pt-BR/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md +++ b/translations/pt-BR/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md @@ -3,6 +3,8 @@ title: Diretrizes para solicitações legais de dados do usuário redirect_from: - /law-enforcement-guidelines - /articles/guidelines-for-legal-requests-of-user-data + - /github/site-policy/guidelines-for-legal-requests-of-user-data + - /github/site-policy/github-terms-and-other-site-policies/guidelines-for-legal-requests-of-user-data versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/site-policy/other-site-policies/index.md b/translations/pt-BR/content/site-policy/other-site-policies/index.md new file mode 100644 index 0000000000..95a31a1f10 --- /dev/null +++ b/translations/pt-BR/content/site-policy/other-site-policies/index.md @@ -0,0 +1,16 @@ +--- +title: Outras políticas do site +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-and-trade-controls + - /github-deceased-user-policy + - /github-logo-policy + - /github-government-takedown-policy + - /github-username-policy + - /guidelines-for-legal-requests-of-user-data +--- + diff --git a/translations/pt-BR/content/github/site-policy/github-candidate-privacy-policy.md b/translations/pt-BR/content/site-policy/privacy-policies/github-candidate-privacy-policy.md similarity index 98% rename from translations/pt-BR/content/github/site-policy/github-candidate-privacy-policy.md rename to translations/pt-BR/content/site-policy/privacy-policies/github-candidate-privacy-policy.md index 0fbcef4199..67c71ce4de 100644 --- a/translations/pt-BR/content/github/site-policy/github-candidate-privacy-policy.md +++ b/translations/pt-BR/content/site-policy/privacy-policies/github-candidate-privacy-policy.md @@ -5,6 +5,8 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/github-candidate-privacy-policy --- Data de vigência: 8 de março de 2021 diff --git a/translations/pt-BR/content/github/site-policy/github-codespaces-privacy-statement.md b/translations/pt-BR/content/site-policy/privacy-policies/github-codespaces-privacy-statement.md similarity index 95% rename from translations/pt-BR/content/github/site-policy/github-codespaces-privacy-statement.md rename to translations/pt-BR/content/site-policy/privacy-policies/github-codespaces-privacy-statement.md index 0437c03400..7bf885072e 100644 --- a/translations/pt-BR/content/github/site-policy/github-codespaces-privacy-statement.md +++ b/translations/pt-BR/content/site-policy/privacy-policies/github-codespaces-privacy-statement.md @@ -2,6 +2,7 @@ title: Declaração de Privacidade do GitHub Codespaces redirect_from: - /github/site-policy/github-codespaces-privacy-policy + - /github/site-policy/github-codespaces-privacy-statement versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-data-protection-agreement.md b/translations/pt-BR/content/site-policy/privacy-policies/github-data-protection-agreement.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-data-protection-agreement.md rename to translations/pt-BR/content/site-policy/privacy-policies/github-data-protection-agreement.md index 953a39cf9e..b3d0f3a842 100644 --- a/translations/pt-BR/content/github/site-policy/github-data-protection-agreement.md +++ b/translations/pt-BR/content/site-policy/privacy-policies/github-data-protection-agreement.md @@ -4,6 +4,7 @@ redirect_from: - /github/site-policy/github-data-protection-addendum - /github/site-policy-deprecated/github-data-protection-addendum - /github/site-policy/github-data-protection-agreement-non-enterprise-customers + - /github/site-policy/github-data-protection-agreement versions: fpt: '*' --- @@ -492,8 +493,8 @@ O importador de dados só divulgará os dados pessoais a terceiros com base em i
  1. [Onde o exportador de dados é estabelecido em Estado-membro da UE:] A autoridade supervisora responsável pelo cumprimento da regulamentação (UE) 2016/679 relativa à transferência de dados, por parte do exportador de dados, conforme indicado no Anexo I.C, atuará como autoridade supervisora competente.

    - [Where the data exporter is not established in an EU Member State, but falls within the territorial scope of application of Regulation (EU) 2016/679 in accordance with its Article 3(2) and has appointed a representative pursuant to Article 27(1) of Regulation (EU) 2016/679:] The supervisory authority of the Member State in which the representative within the meaning of Article 27(1) of Regulation (EU) 2016/679 is established, as indicated in Annex I.C, shall act as competent supervisory authority.

    - [Where the data exporter is not established in an EU Member State, but falls within the territorial scope of application of Regulation (EU) 2016/679 in accordance with its Article 3(2) without however having to appoint a representative pursuant to Article 27(2) of Regulation (EU) 2016/679:] The supervisory authority of one of the Member States in which the data subjects whose personal data is transferred under these Clauses in relation to the offering of goods or services to them, or whose behaviour is monitored, are located, as indicated in Annex I.C, shall act as competent supervisory authority.

    2. + [Quando o exportador de dados não estiver estabelecido em Estado-membro da UE, mas estiver inserido no escopo da aplicação do Regulamento (EU) 2016/679 nos termos do seu artigo 3(2) e nomear um representante nos termos do artigo 27(1) do Regulamento (UE) 2016/679:] A autoridade reguladora do Estado-membro em que o representante no âmbito do artigo 27(1) do Regulamento 2016/679 foi estabelecida, conforme indicado no Anexo I.C, atuará como autoridade supervisora competente.

    + [Quando o exportador de dados não tiver sido estabelecido em Estado-membro da UE, mas inserir-se no escopo de aplicação do Regulamento (CE) 2016/679 nos termos do seu artigo 3(2), sem, no entanto, ter de nomear um representante nos termos do artigo 27(2) do artigo do Regulamento (UE) 2016/679:] A autoridade reguladora de um dos Estados-membros em que os titulares dos dados são transferidos ao abrigo destas cláusulas em relação à oferta de bens ou serviços, ou cujo comportamento é monitorizado encontram-se localizados, tal como indicado no Anexo I.C, atuará como autoridade supervisora competente.
  2. O importador de dados concorda em submeter-se à jurisdição e em cooperar com a autoridade supervisora competente em todos os procedimentos que visem a assegurar o cumprimento destas alegações. Em particular, o importador de dados concorda em responder a dúvidas, submeter-se a auditorias e cumprir as medidas adotadas pelas autoridades de supervisão, incluindo medidas corretivas e compensatórias. Ele dará à autoridade de supervisão uma confirmação escrita de que foram tomadas as medidas necessárias.
diff --git a/translations/pt-BR/content/github/site-policy/github-privacy-statement.md b/translations/pt-BR/content/site-policy/privacy-policies/github-privacy-statement.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-privacy-statement.md rename to translations/pt-BR/content/site-policy/privacy-policies/github-privacy-statement.md index 966dcac926..f53d150ad4 100644 --- a/translations/pt-BR/content/github/site-policy/github-privacy-statement.md +++ b/translations/pt-BR/content/site-policy/privacy-policies/github-privacy-statement.md @@ -7,6 +7,7 @@ redirect_from: - /github-privacy-policy - /articles/github-privacy-policy - /articles/github-privacy-statement + - /github/site-policy/github-privacy-statement versions: fpt: '*' topics: @@ -64,7 +65,7 @@ Solicitaremos algumas informações básicas no momento de criação da conta. Q #### Informações de pagamento Se você fizer um registro de Conta paga conosco, enviar fundos pelo Programa de Patrocinadores do GitHub ou comprar um aplicativo no GitHub Marketplace, coletaremos seu nome completo, endereço e informações do PayPal ou do cartão de crédito. Observe que o GitHub não processa ou armazena suas informações de cartão de crédito ou do PayPal, mas nosso processador de pagamento de terceiros o fará. -Se você listar e vender um aplicativo no [GitHub Marketplace](https://github.com/marketplace), precisaremos das suas informações bancárias. Se você angariar fundos pelo [Programa de Patrocinadores do GitHub](https://github.com/sponsors), solicitaremos algumas [informações adicionais](/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-user-account#submitting-your-bank-information) no processo de registro para você participar e receber fundos por esses serviços e para fins de conformidade. +Se você listar e vender um aplicativo no [GitHub Marketplace](https://github.com/marketplace), precisaremos das suas informações bancárias. Se você angariar fundos pelo [Programa de Patrocinadores do GitHub](https://github.com/sponsors), solicitaremos algumas [informações adicionais](/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-user-account#submitting-your-bank-information) no processo de registro para você participar e receber fundos através desses serviços e para fins de compliance. #### Informações do perfil Você pode optar por nos enviar mais informações para o perfil da sua Conta, como nome completo, avatar com foto, biografia, localidade, empresa e URL para um site de terceiros. Essas informações podem incluir Informações Pessoais de Usuário. Observe que as suas informações de perfil podem ficar visíveis para outros Usuários do nosso Serviço. @@ -335,7 +336,7 @@ Envie suas perguntas sobre nossas práticas de coleta de informações ou a Decl Consulte abaixo este documento traduzido para outros idiomas. Em caso de conflito, incerteza ou aparente incoerência entre quaisquer versões traduzidas e a versão original em inglês, o documento em inglês prevalecerá. ### French -Clique aqui para consultar a versão em francês: [Déclaration de confidentialité de GitHub](/assets/images/help/site-policy/github-privacy-statement(12.20.19)(FR).pdf) +Clique aqui para consultar a versão em francês: [Déclaration de confidentialité de GitHub](/assets/images/help/site-policy/github-privacy-statement(07.22.20)(FR).pdf) ### Outras traduções diff --git a/translations/pt-BR/content/github/site-policy/github-subprocessors-and-cookies.md b/translations/pt-BR/content/site-policy/privacy-policies/github-subprocessors-and-cookies.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/github-subprocessors-and-cookies.md rename to translations/pt-BR/content/site-policy/privacy-policies/github-subprocessors-and-cookies.md index ea01438ad5..88ab2cd2c6 100644 --- a/translations/pt-BR/content/github/site-policy/github-subprocessors-and-cookies.md +++ b/translations/pt-BR/content/site-policy/privacy-policies/github-subprocessors-and-cookies.md @@ -6,6 +6,7 @@ redirect_from: - /github-tracking - /github-cookies - /articles/github-subprocessors-and-cookies + - /github/site-policy/github-subprocessors-and-cookies versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/githubs-notice-about-the-california-consumer-privacy-act.md b/translations/pt-BR/content/site-policy/privacy-policies/githubs-notice-about-the-california-consumer-privacy-act.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/githubs-notice-about-the-california-consumer-privacy-act.md rename to translations/pt-BR/content/site-policy/privacy-policies/githubs-notice-about-the-california-consumer-privacy-act.md index 0e1bd6785c..c633027aaa 100644 --- a/translations/pt-BR/content/github/site-policy/githubs-notice-about-the-california-consumer-privacy-act.md +++ b/translations/pt-BR/content/site-policy/privacy-policies/githubs-notice-about-the-california-consumer-privacy-act.md @@ -5,6 +5,8 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/githubs-notice-about-the-california-consumer-privacy-act --- Data de vigência: 1 de janeiro de 2020 diff --git a/translations/pt-BR/content/github/site-policy/global-privacy-practices.md b/translations/pt-BR/content/site-policy/privacy-policies/global-privacy-practices.md similarity index 99% rename from translations/pt-BR/content/github/site-policy/global-privacy-practices.md rename to translations/pt-BR/content/site-policy/privacy-policies/global-privacy-practices.md index 40126e0bc5..d1180fcbd3 100644 --- a/translations/pt-BR/content/github/site-policy/global-privacy-practices.md +++ b/translations/pt-BR/content/site-policy/privacy-policies/global-privacy-practices.md @@ -3,6 +3,7 @@ title: Práticas de privacidade global redirect_from: - /eu-safe-harbor - /articles/global-privacy-practices + - /github/site-policy/global-privacy-practices versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/site-policy/privacy-policies/index.md b/translations/pt-BR/content/site-policy/privacy-policies/index.md new file mode 100644 index 0000000000..f8cd745d3d --- /dev/null +++ b/translations/pt-BR/content/site-policy/privacy-policies/index.md @@ -0,0 +1,17 @@ +--- +title: Políticas de Privacidade +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-codespaces-privacy-statement + - /global-privacy-practices + - /github-data-protection-agreement + - /github-privacy-statement + - /github-subprocessors-and-cookies + - /githubs-notice-about-the-california-consumer-privacy-act + - /github-candidate-privacy-policy +--- + diff --git a/translations/pt-BR/content/github/site-policy/coordinated-disclosure-of-security-vulnerabilities.md b/translations/pt-BR/content/site-policy/security-policies/coordinated-disclosure-of-security-vulnerabilities.md similarity index 88% rename from translations/pt-BR/content/github/site-policy/coordinated-disclosure-of-security-vulnerabilities.md rename to translations/pt-BR/content/site-policy/security-policies/coordinated-disclosure-of-security-vulnerabilities.md index 958c146b82..5aed3d37c0 100644 --- a/translations/pt-BR/content/github/site-policy/coordinated-disclosure-of-security-vulnerabilities.md +++ b/translations/pt-BR/content/site-policy/security-policies/coordinated-disclosure-of-security-vulnerabilities.md @@ -4,7 +4,8 @@ redirect_from: - /responsible-disclosure - /coordinated-disclosure - /articles/responsible-disclosure-of-security-vulnerabilities - - /site-policy/responsible-disclosure-of-security-vulnerabilities + - /github/site-policy/responsible-disclosure-of-security-vulnerabilities + - /github/site-policy/coordinated-disclosure-of-security-vulnerabilities versions: fpt: '*' topics: diff --git a/translations/pt-BR/content/github/site-policy/github-bug-bounty-program-legal-safe-harbor.md b/translations/pt-BR/content/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor.md similarity index 100% rename from translations/pt-BR/content/github/site-policy/github-bug-bounty-program-legal-safe-harbor.md rename to translations/pt-BR/content/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor.md diff --git a/translations/pt-BR/content/site-policy/security-policies/index.md b/translations/pt-BR/content/site-policy/security-policies/index.md new file mode 100644 index 0000000000..e6fdb1d80a --- /dev/null +++ b/translations/pt-BR/content/site-policy/security-policies/index.md @@ -0,0 +1,12 @@ +--- +title: Políticas de Segurança +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /coordinated-disclosure-of-security-vulnerabilities + - /github-bug-bounty-program-legal-safe-harbor +--- + diff --git a/translations/pt-BR/data/features/actions-cache-management.yml b/translations/pt-BR/data/features/actions-cache-management.yml new file mode 100644 index 0000000000..9d28e9b9db --- /dev/null +++ b/translations/pt-BR/data/features/actions-cache-management.yml @@ -0,0 +1,8 @@ +--- +#Reference: #6154 +#Documentation for Actions cache management APIs (initial ship) +versions: + fpt: '*' + ghec: '*' + ghes: '> 3.4' + ghae: 'issue-6154' diff --git a/translations/pt-BR/data/features/device-flow-is-opt-in.yml b/translations/pt-BR/data/features/device-flow-is-opt-in.yml new file mode 100644 index 0000000000..1b66880f95 --- /dev/null +++ b/translations/pt-BR/data/features/device-flow-is-opt-in.yml @@ -0,0 +1,6 @@ +--- +#docs-content 6307. OAuth device auth flow is opt in. +versions: + fpt: '*' + ghec: '*' + ghae: 'issue-6307' diff --git a/translations/pt-BR/data/features/mermaid.yml b/translations/pt-BR/data/features/mermaid.yml index 09870e35f9..db633f907d 100644 --- a/translations/pt-BR/data/features/mermaid.yml +++ b/translations/pt-BR/data/features/mermaid.yml @@ -1,8 +1,8 @@ --- -#Issue 5812 and 6172 -#Mermaid syntax support +#Issues 5812 and 6172, also 6411 +#Mermaid syntax support, also ASCII STL and geoJSON/topoJSON syntax support versions: fpt: '*' ghec: '*' - ghes: '>=3.5' + ghes: '>=3.6' ghae: 'issue-6172' diff --git a/translations/pt-BR/data/features/re-run-jobs.yml b/translations/pt-BR/data/features/re-run-jobs.yml new file mode 100644 index 0000000000..8090de2387 --- /dev/null +++ b/translations/pt-BR/data/features/re-run-jobs.yml @@ -0,0 +1,8 @@ +--- +#Issue 4722 +#Re-running failed jobs in an Actions workflow +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.5' + ghae: 'issue-4722' diff --git a/translations/pt-BR/data/learning-tracks/admin.yml b/translations/pt-BR/data/learning-tracks/admin.yml index 7f2fb0c376..fb97a92a27 100644 --- a/translations/pt-BR/data/learning-tracks/admin.yml +++ b/translations/pt-BR/data/learning-tracks/admin.yml @@ -8,6 +8,7 @@ get_started_with_github_ae: guides: - /admin/overview/about-github-ae - /admin/overview/about-data-residency + - /admin/configuration/configuring-your-enterprise/deploying-github-ae - /admin/configuration/initializing-github-ae - /admin/configuration/restricting-network-traffic-to-your-enterprise - /admin/github-actions/getting-started-with-github-actions-for-github-ae diff --git a/translations/pt-BR/data/learning-tracks/code-security.yml b/translations/pt-BR/data/learning-tracks/code-security.yml index 9a86b3b5fb..cec735f872 100644 --- a/translations/pt-BR/data/learning-tracks/code-security.yml +++ b/translations/pt-BR/data/learning-tracks/code-security.yml @@ -18,39 +18,39 @@ dependabot_alerts: title: 'Obter notificações para dependências vulneráveis' description: 'Configure o Dependabot para alertá-lo sobre novas vulnerabilidades nas suas dependências.' guides: - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies + - /code-security/dependabot/dependabot-alerts/about-dependabot-alerts - '{% ifversion fpt or ghec or ghes > 3.2 %}/github/administering-a-repository/managing-repository-settings/managing-security-and-analysis-settings-for-your-repository{% endif %}' - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors + - /code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts + - /code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies + - /code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors #Feature available on dotcom and GHES 3.3+, so articles available on GHAE and earlier GHES hidden to hide the learning track dependabot_security_updates: title: 'Obtenha pull requests para atualizar suas dependências vulneráveis' description: 'Configurar o Dependabot para criar pull requests quando novas vulnerabilidades forem relatadas.' guides: - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates + - /code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates + - /code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates - '{% ifversion fpt or ghec or ghes > 3.2 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies{% endif %}' - '{% ifversion fpt or ghec or ghes > 3.2 %}/github/administering-a-repository/managing-repository-settings/managing-security-and-analysis-settings-for-your-repository{% endif %}' - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates - '{% ifversion fpt or ghec or ghes > 3.2 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies{% endif %}' #Feature available only on dotcom and GHES 3.3+ dependency_version_updates: title: 'Mantenha suas dependências atualizadas' description: 'Use o Dependabot para verificar novas versões e criar pull requests para atualizar suas dependências.' guides: - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors + - /code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates + - /code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates + - /code-security/dependabot/dependabot-version-updates/customizing-dependency-updates + - /code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + - /code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot + - /code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions + - /code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates + - /code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors #Feature available in GHEC, GHES 3.0 up, and GHAE. Feature limited on FPT so hidden there. secret_scanning: title: 'Escanear em busca de segredos' @@ -103,3 +103,12 @@ code_security_ci: - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/migrating-from-the-codeql-runner-to-codeql-cli - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/troubleshooting-codeql-runner-in-your-ci-system +#Feature available in all versions +end_to_end_supply_chain: + title: 'Cadeia de suprimentos de ponta a ponta' + description: 'Como pensar em proteger suas contas de usuário, seu código e seu processo de criação.' + guides: + - /code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-code + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-builds diff --git a/translations/pt-BR/data/product-examples/code-security/code-examples.yml b/translations/pt-BR/data/product-examples/code-security/code-examples.yml index 3a4681c534..d28572c171 100644 --- a/translations/pt-BR/data/product-examples/code-security/code-examples.yml +++ b/translations/pt-BR/data/product-examples/code-security/code-examples.yml @@ -22,9 +22,9 @@ - GitHub Actions - #Security policies - title: Microsoft security policy template + title: Modelo de política de segurança da Microsoft description: Exemplo de política de segurança - href: https://github.com/microsoft/repo-templates/blob/main/shared/SECURITY.md + href: /microsoft/repo-templates/blob/main/shared/SECURITY.md tags: - Política de segurança - diff --git a/translations/pt-BR/data/release-notes/enterprise-server/3-1/0.yml b/translations/pt-BR/data/release-notes/enterprise-server/3-1/0.yml index e239d7dff7..9a68bab074 100644 --- a/translations/pt-BR/data/release-notes/enterprise-server/3-1/0.yml +++ b/translations/pt-BR/data/release-notes/enterprise-server/3-1/0.yml @@ -78,6 +78,7 @@ sections: - A versão mais recente do CLI do CodeQL é compatível com o upload dos resultados da análise para o GitHub. Isso facilita a execução da análise de código para clientes que desejem usar sistemas de CI/CD diferentes de {% data variables.product.prodname_actions %}. Anteriormente, esses usuários tinham de usar o executor do CodeQL separado, que continuará disponível. Para obter mais informações, consulte "[Sobre o escaneamento de código CodeQL no seu sistema de CI](/enterprise-server@3.1/code-security/secure-coding/about-codeql-code-scanning-in-your-ci-system)." - '{% data variables.product.prodname_actions %} agora é compatível com a ação de ignorar os fluxos de trabalho `push` e `pull_request`, ao procurar algumas palavras-chave comuns na sua mensagem de commit.' - Serão arquivadas as anotações com mais de quatro meses de anotações de verificação. + - Scaling of worker allocation for background tasks has been revised. We recommend validating that the new defaults are appropriate for your workload. Custom background worker overrides should be unset in most cases. [Updated 2022-03-18] - heading: Alterações de segurança notes: diff --git a/translations/pt-BR/data/release-notes/enterprise-server/3-2/0-rc1.yml b/translations/pt-BR/data/release-notes/enterprise-server/3-2/0-rc1.yml index ccd6fe5c4e..78b6c13d56 100644 --- a/translations/pt-BR/data/release-notes/enterprise-server/3-2/0-rc1.yml +++ b/translations/pt-BR/data/release-notes/enterprise-server/3-2/0-rc1.yml @@ -60,7 +60,7 @@ sections: - heading: Alterações na administração notes: - - A 'User Agent Referrer Policy' setting has been added to the enterprise settings. This allows an admin to set a stricter `Referrer-Policy` to hide the hostname of a {% data variables.product.prodname_ghe_server %} installation from external sites. The setting is disabled by default and is tracked by audit log events for staff and enterprise owners when enabled or disabled. For more information, see "[Configuring Referrer Policy for your enterprise](/admin/configuration/configuring-your-enterprise/configuring-the-referrer-policy-for-your-enterprise)." + - Uma definição da 'Política de Indicação de Agente de Usuário' foi adicionada às configurações da empresa. Isso permite que um administrador defina uma `Política de Indicação-` mais rigorosa para ocultar o nome do host de uma instalação de {% data variables.product.prodname_ghe_server %} a partir de sites externos. A configuração está desabilitada por padrão e é rastreada pelos eventos de log de auditoria para funcionários e proprietários da empresa quando habilitado ou desabilitado. Para obter mais informações, consulte "[Configurar a Política de Indicação para a sua empresa](/admin/configuration/configuring-your-enterprise/configuring-the-referrer-policy-for-your-enterprise)." - A verificação de integridade do MySQL foi alterada para usar `mysqladmin ping` em vez de verificações TCP, o que remove algum ruído desnecessário no registro de erros do MySQL. Além disso, as verificações de falha do Orchestrator foram aprimoradas para evitar falhas desnecessárias do MySQL ao aplicar alterações de configuração de cluster. - 'O serviço do Resque, que é compatível com o processamento de trabalhos em segundo plano, foi substituído pelo Aqueduct Lite. Esta alteração facilita o gerenciamento do sistema de trabalho e não deve afetar a experiência do usuário. Para os novos comandos de administração e depuração para Aqueduct, consulte "[Utilitários de linha de comando](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-aqueduct)."' - @@ -137,19 +137,19 @@ sections: - heading: 'Digitalização de código e alterações na digitalização de segredo' notes: - - '{% data variables.product.prodname_code_scanning_capc %} with {% data variables.product.prodname_codeql %} now generates diagnostic information for all supported languages. This helps check the state of the created database to understand the status and quality of performed analysis. The diagnostic information is available starting in [version 2.5.6](https://github.com/github/codeql-cli-binaries/releases) of the [{% data variables.product.prodname_codeql_cli %}](https://codeql.github.com/docs/codeql-cli/). You can see the detailed diagnostic information in the {% data variables.product.prodname_actions %} logs for {% data variables.product.prodname_codeql %}. For more information, see "[Viewing code scanning logs](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/viewing-code-scanning-logs)."' - - '{% data variables.product.prodname_code_scanning_capc %} with {% data variables.product.prodname_codeql_cli %} now supports analyzing several languages during a single build. This makes it easier to run code analysis to use CI/CD systems other than {% data variables.product.prodname_actions %}. The new mode of the `codeql database create` command is available starting [version 2.5.6](https://github.com/github/codeql-cli-binaries/releases) of the [{% data variables.product.prodname_codeql_cli %}](https://codeql.github.com/docs/codeql-cli/). For more information about setting this up, see "[Installing {% data variables.product.prodname_codeql_cli %} in your CI system](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-cli-in-your-ci-system)."' - - '{% data variables.product.prodname_code_scanning_capc %} alerts from all enabled tools are now shown in one consolidated list, so that you can easily prioritize across all alerts. You can view alerts from a specific tool by using the "Tool" filter, and the "Rule" and "Tag" filters will dynamically update based on your "Tool" selection.' - - '{% data variables.product.prodname_code_scanning_capc %} with {% data variables.product.prodname_codeql %} now includes beta support for analyzing C++20 code. This is only available when building codebases with GCC on Linux. C++20 modules are not supported yet.' + - '{% data variables.product.prodname_code_scanning_capc %} com {% data variables.product.prodname_codeql %} agora gera informações de diagnóstico para todos os idiomas compatíveis. Isso ajuda a verificar o estado da base de dados criada para entender o status e a qualidade da análise realizada. As informações de diagnóstico estão disponíveis a partir da [versão 2.5.6](https://github.com/github/codeql-cli-binaries/releases) do [{% data variables.product.prodname_codeql_cli %}](https://codeql. ithub.com/docs/codeql-cli/). Você pode ver as informações detalhadas de diagnóstico nos registros de {% data variables.product.prodname_actions %} para {% data variables.product.prodname_codeql %}. Para obter mais informações, consulte "[Exibindo registros de digitalização de código](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/viewing-code-scanning-logs)."' + - '{% data variables.product.prodname_code_scanning_capc %} com {% data variables.product.prodname_codeql_cli %} agora é compatível com a análise de várias linguagens durante uma única compilação. Isso torna mais fácil executar a análise de código para usar sistemas CI/CD diferentes de {% data variables.product.prodname_actions %}. O novo modo do `codeql database create` está disponível a partir da [versão 2.5.6](https://github. om/github/codeql-cli-binaries/releases) de [{% data variables.product.prodname_codeql_cli %}](https://codeql.github.com/docs/codeql-cli/). Para obter mais informações sobre a configuração desse item, consulte "[Instalando {% data variables.product.prodname_codeql_cli %} no seu sistema de CI](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-cli-in-your-ci-system)."' + - 'Os alertas de {% data variables.product.prodname_code_scanning_capc %} de todas as ferramentas habilitadas agora são exibidos em uma lista consolidada para que você possa facilmente priorizar em todos os alertas. Você pode ver os alertas a partir de uma ferramenta específica, usando o filtro "Ferramenta", e os filtros de "Regra" e "Tag" serão atualizados dinamicamente com base na sua seleção de "ferramenta".' + - '{% data variables.product.prodname_code_scanning_capc %} com {% data variables.product.prodname_codeql %} agora inclui suporte de beta para a análise de código C+20. Isto só está disponível quando a criação de bases de códigos com GCC no Linux. Os módulos C++20 ainda não são compatíveis.' - The depth of {% data variables.product.prodname_codeql %}'s analysis has been improved by adding support for more [libraries and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/) and increasing the coverage of our existing library and framework models for several languages ([C++](https://github.com/github/codeql/tree/main/cpp), [JavaScript](https://github.com/github/codeql/tree/main/javascript), [Python](https://github.com/github/codeql/tree/main/python), and [Java](https://github.com/github/codeql/tree/main/java)). As a result, {% data variables.product.prodname_codeql %} can now detect even more potential sources of untrusted user data, review the steps through which that data flows, and identify potentially dangerous sinks in which this data could end up. This results in an overall improvement of the quality of the {% data variables.product.prodname_code_scanning %} alerts. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-07-01-codeql-code-scanning-now-recognizes-more-sources-and-uses-of-untrusted-user-data/). - | - {% data variables.product.prodname_code_scanning_capc %} now shows `security-severity` levels for CodeQL security alerts. You can configure which `security-severity` levels will cause a check failure for a pull request. The severity level of security alerts can be `critical`, `high`, `medium`, or `low`. By default, any {% data variables.product.prodname_code_scanning %} alerts with a `security-severity` of `critical` or `high` will cause a pull request check failure. + {% data variables.product.prodname_code_scanning_capc %} agora mostra níveis de "gravidade" para alertas de segurança do CodeQL. Você pode configurar quais níveis de 'security-severity´ causarão uma falha de verificação para um pull request. O nível de gravidade dos alertas de segurança pode ser `crítico`, `alto`, `médio` ou `baixo`. Por padrão, todos os alertas de {% data variables.product.prodname_code_scanning %} com `security-severity` `crítico` ou `alto` causarão falha de verificação de pull request. - Additionally, you can now also configure which severity levels will cause a pull request check to fail for non-security alerts. You can configure this behavior at the repository level, and define whether alerts with the severity `error`, `warning`, or `note` will cause a pull request check to fail. By default, non-security {% data variables.product.prodname_code_scanning %} alerts with a severity of `error` will cause a pull request check failure. + Além disso, agora você também pode configurar quais níveis de gravidade causarão uma falha na verificação de pull request para alertas que não são de segurança. Você pode configurar este comportamento no nível do repositório e definir se os alertas com a gravidade`erro`, `aviso`, ou `nota` farão com que uma verificação de pull request falhe. Por padrão, os alertas que não são de segurança de {% data variables.product.prodname_code_scanning %} com uma gravidade de 'erro' causarão uma falha de verificação de pull request. - For more information see "[Defining which alert severity levels cause pull request check failure](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#defining-the-severities-causing-pull-request-check-failure)." + Para obter mais informações, consulte "[Definir quais níveis de gravidade de alerta causam falha de verificação de pull request](/code-security/code-scanning/automaticamente-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#defining-the-severities-causing-request-check-failure). - ![List of code scanning alerts with security levels](/assets/images/enterprise/3.2/release-notes/code-scanning-alerts.png) + ![Lista de alertas de digitalização de código com níveis de segurança](/assets/images/enterprise/3.2/release-notes/code-scanning-alerts.png) - | As melhorias no filtro de branch para alertas de {% data variables.product.prodname_code_scanning %} tornam mais claro quais alertas de {% data variables.product.prodname_code_scanning %} estão sendo exibidos na página de alertas. Por padrão, os alertas de {% data variables.product.prodname_code_scanning %} são filtrados para mostrar alertas somente para o branch padrão do repositório. Você pode usar o filtro de branch para exibir os alertas em qualquer um dos branches não padrão. Qualquer filtro de branch que foi aplicado é mostrado na barra de pesquisa. @@ -191,33 +191,33 @@ sections: notes: - '**{% data variables.product.prodname_ghe_server %} 2.21 tornou-se obsoleto em 6 de junho de 2021**. Isso significa que não serão feitas versões de patch, mesmo para questões essenciais de segurança, após esta data. Para obter melhor desempenho, melhorar a segurança e novas funcionalidades, [faça a atualização para a versão mais recente de {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.2/admin/enterprise-management/upgrading-github-enterprise-server) assim que possível.' - - heading: Deprecation of GitHub Enterprise Server 2.22 + heading: Obsoletização do GitHub Enterprise Server 2.22 notes: - - '**{% data variables.product.prodname_ghe_server %} 2.22 will be discontinued on September 23, 2021**. That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.2/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - '**{% data variables.product.prodname_ghe_server %} 2.22 irá tornar-se obsoleto em 23 de setembro de 2021**. Isso significa que não serão feitas versões de patch, mesmo para questões essenciais de segurança, após esta data. Para obter melhor desempenho, melhorar a segurança e novas funcionalidades, [faça a atualização para a versão mais recente de {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.2/admin/enterprise-management/upgrading-github-enterprise-server) assim que possível.' - heading: Obsolescência do suporte para Hypervisor XenServer notes: - - Beginning in {% data variables.product.prodname_ghe_server %} 3.1, we will begin discontinuing support for Xen Hypervisor. The complete deprecation is scheduled for {% data variables.product.prodname_ghe_server %} 3.3, following the standard one year deprecation window. Please contact [GitHub Support](https://support.github.com/contact) with questions or concerns. + - A partir de {% data variables.product.prodname_ghe_server %} 3.1, começaremos a cancelar o suporte para o Hypervisor Xen. A obsolescência completa está agendada para {% data variables.product.prodname_ghe_server %} 3.3, seguindo o padrão de janela de obsolescência de um ano. Em caso de dúvidas, entre em contato com o [suporte do GitHub](https://support.github.com/contact). - - heading: Removal of Legacy GitHub Services + heading: Remoção dos Serviços de legado do GitHub notes: - - '{% data variables.product.prodname_ghe_server %} 3.2 removes unused GitHub Service database records. More information is available in the [deprecation announcement post](https://developer.github.com/changes/2018-04-25-github-services-deprecation/).' + - '{% data variables.product.prodname_ghe_server %} 3.2 remove registros de banco de dados do GitHub Service não utilizados. Mais informações estão disponíveis no [post de anúncio da obsolescência](https://developer.github.com/changes/2018-04-25-github-services-deprecation/).' - - heading: Deprecation of OAuth Application API endpoints and API authentication via query parameters + heading: A obsolescência dos pontos de extremidade da API do aplicativo OAuth e autenticação da API por meio parâmetros de consulta notes: - | - To prevent accidental logging or exposure of `access_tokens`, we discourage the use of OAuth Application API endpoints and the use of API auth via query params. Visit the following posts to see the proposed replacements: + Para evitar o registro acidental ou a exposição de `access_tokens`, não incentivamos o uso de pontos de extremidade da API do aplicativo OAuth e o uso da autenticação da API usando parâmetros de consulta. Veja os seguintes posts para ver as substituições propostas: - * [Replacement OAuth Application API endpoints](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#changes-to-make) - * [Replacement auth via headers instead of query param](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make) + * [Substituição da API do aplicativo OAuth](https://developer.github. om/changes/2020-02-14-deprecating-oauth-app-endpoint/#changes-to-make) + * [Substituição da autenticação usando cabeçalhos em vez de parâmetros de consulta](https://developer.github. om/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make) - These endpoints and auth route are planned to be removed from {% data variables.product.prodname_ghe_server %} in {% data variables.product.prodname_ghe_server %} 3.4. + Estes pontos de extremidade e rota de autenticação estão planejados para serem removidos de {% data variables.product.prodname_ghe_server %} em {% data variables.product.prodname_ghe_server %} 3.4. - - heading: Removal of legacy GitHub App webhook events and endpoints + heading: Remoção dos eventos de webhook do legado do aplicativo GitHub e pontos de extremidade notes: - | - Two legacy GitHub Apps-related webhook events have been removed: `integration_installation` and `integration_installation_repositories`. You should instead be listening to the `installation` and `installation_repositories` events. + Dois eventos de webhook relacionados a aplicativos legados foram removidos: `integration_installation` e `integration_installation_repositories`. Em vez disso, você deveria estar ouvindo os eventos `installation` e `installation_repositories`. - | - The following REST API endpoint has been removed: `POST /installations/{installation_id}/access_tokens`. You should instead be using the namespaced equivalent `POST /app/installations/{installation_id}/access_tokens`. + O ponto de extremidade a seguir da API REST foi removido: `POST /installations/{installation_id}/access_tokens`. Você deverá usar o namespaced equivalente `POST /app/installations/{installation_id}/access_tokens`. backups: - - '{% data variables.product.prodname_ghe_server %} 3.2 requires at least [GitHub Enterprise Backup Utilities 3.2.0](https://github.com/github/backup-utils) for [Backups and Disaster Recovery](/enterprise-server@3.2/admin/configuration/configuring-backups-on-your-appliance).' + - '{% data variables.product.prodname_ghe_server %} 3.2 exige pelo menos uma versão dos [Utilitários de Backup 3.2.0 do GitHub Enterprise](https://github.com/github/backup-utils) para [Backups Recuperação de Desastre](/enterprise-server@3.2/admin/configuration/configuring-backups-on-your-appliance).' diff --git a/translations/pt-BR/data/release-notes/enterprise-server/3-2/0.yml b/translations/pt-BR/data/release-notes/enterprise-server/3-2/0.yml index 5d80d8630c..d582fc578c 100644 --- a/translations/pt-BR/data/release-notes/enterprise-server/3-2/0.yml +++ b/translations/pt-BR/data/release-notes/enterprise-server/3-2/0.yml @@ -58,7 +58,7 @@ sections: - heading: Alterações na administração notes: - - A 'User Agent Referrer Policy' setting has been added to the enterprise settings. This allows an admin to set a stricter `Referrer-Policy` to hide the hostname of a {% data variables.product.prodname_ghe_server %} installation from external sites. The setting is disabled by default and is tracked by audit log events for staff and enterprise owners when enabled or disabled. For more information, see "[Configuring Referrer Policy for your enterprise](/admin/configuration/configuring-your-enterprise/configuring-the-referrer-policy-for-your-enterprise)." + - Uma definição da 'Política de Indicação de Agente de Usuário' foi adicionada às configurações da empresa. Isso permite que um administrador defina uma `Política de Indicação-` mais rigorosa para ocultar o nome do host de uma instalação de {% data variables.product.prodname_ghe_server %} a partir de sites externos. A configuração está desabilitada por padrão e é rastreada pelos eventos de log de auditoria para funcionários e proprietários da empresa quando habilitado ou desabilitado. Para obter mais informações, consulte "[Configurar a Política de Indicação para a sua empresa](/admin/configuration/configuring-your-enterprise/configuring-the-referrer-policy-for-your-enterprise)." - A verificação de integridade do MySQL foi alterada para usar `mysqladmin ping` em vez de verificações TCP, o que remove algum ruído desnecessário no registro de erros do MySQL. Além disso, as verificações de falha do Orchestrator foram aprimoradas para evitar falhas desnecessárias do MySQL ao aplicar alterações de configuração de cluster. - 'O serviço do Resque, que é compatível com o processamento de trabalhos em segundo plano, foi substituído pelo Aqueduct Lite. Esta alteração facilita o gerenciamento do sistema de trabalho e não deve afetar a experiência do usuário. Para os novos comandos de administração e depuração para Aqueduct, consulte "[Utilitários de linha de comando](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-aqueduct)."' - @@ -138,19 +138,19 @@ sections: - heading: 'Digitalização de código e alterações na digitalização de segredo' notes: - - '{% data variables.product.prodname_code_scanning_capc %} with {% data variables.product.prodname_codeql %} now generates diagnostic information for all supported languages. This helps check the state of the created database to understand the status and quality of performed analysis. The diagnostic information is available starting in [version 2.5.6](https://github.com/github/codeql-cli-binaries/releases) of the [{% data variables.product.prodname_codeql_cli %}](https://codeql.github.com/docs/codeql-cli/). You can see the detailed diagnostic information in the {% data variables.product.prodname_actions %} logs for {% data variables.product.prodname_codeql %}. For more information, see "[Viewing code scanning logs](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/viewing-code-scanning-logs)."' - - '{% data variables.product.prodname_code_scanning_capc %} with {% data variables.product.prodname_codeql_cli %} now supports analyzing several languages during a single build. This makes it easier to run code analysis to use CI/CD systems other than {% data variables.product.prodname_actions %}. The new mode of the `codeql database create` command is available starting [version 2.5.6](https://github.com/github/codeql-cli-binaries/releases) of the [{% data variables.product.prodname_codeql_cli %}](https://codeql.github.com/docs/codeql-cli/). For more information about setting this up, see "[Installing {% data variables.product.prodname_codeql_cli %} in your CI system](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-cli-in-your-ci-system)."' - - '{% data variables.product.prodname_code_scanning_capc %} alerts from all enabled tools are now shown in one consolidated list, so that you can easily prioritize across all alerts. You can view alerts from a specific tool by using the "Tool" filter, and the "Rule" and "Tag" filters will dynamically update based on your "Tool" selection.' - - '{% data variables.product.prodname_code_scanning_capc %} with {% data variables.product.prodname_codeql %} now includes beta support for analyzing C++20 code. This is only available when building codebases with GCC on Linux. C++20 modules are not supported yet.' + - '{% data variables.product.prodname_code_scanning_capc %} com {% data variables.product.prodname_codeql %} agora gera informações de diagnóstico para todos os idiomas compatíveis. Isso ajuda a verificar o estado da base de dados criada para entender o status e a qualidade da análise realizada. As informações de diagnóstico estão disponíveis a partir da [versão 2.5.6](https://github.com/github/codeql-cli-binaries/releases) do [{% data variables.product.prodname_codeql_cli %}](https://codeql. ithub.com/docs/codeql-cli/). Você pode ver as informações detalhadas de diagnóstico nos registros de {% data variables.product.prodname_actions %} para {% data variables.product.prodname_codeql %}. Para obter mais informações, consulte "[Exibindo registros de digitalização de código](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/viewing-code-scanning-logs)."' + - '{% data variables.product.prodname_code_scanning_capc %} com {% data variables.product.prodname_codeql_cli %} agora é compatível com a análise de várias linguagens durante uma única compilação. Isso torna mais fácil executar a análise de código para usar sistemas CI/CD diferentes de {% data variables.product.prodname_actions %}. O novo modo do `codeql database create` está disponível a partir da [versão 2.5.6](https://github. om/github/codeql-cli-binaries/releases) de [{% data variables.product.prodname_codeql_cli %}](https://codeql.github.com/docs/codeql-cli/). Para obter mais informações sobre a configuração desse item, consulte "[Instalando {% data variables.product.prodname_codeql_cli %} no seu sistema de CI](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-cli-in-your-ci-system)."' + - 'Os alertas de {% data variables.product.prodname_code_scanning_capc %} de todas as ferramentas habilitadas agora são exibidos em uma lista consolidada para que você possa facilmente priorizar em todos os alertas. Você pode ver os alertas a partir de uma ferramenta específica, usando o filtro "Ferramenta", e os filtros de "Regra" e "Tag" serão atualizados dinamicamente com base na sua seleção de "ferramenta".' + - '{% data variables.product.prodname_code_scanning_capc %} com {% data variables.product.prodname_codeql %} agora inclui suporte de beta para a análise de código C+20. Isto só está disponível quando a criação de bases de códigos com GCC no Linux. Os módulos C++20 ainda não são compatíveis.' - The depth of {% data variables.product.prodname_codeql %}'s analysis has been improved by adding support for more [libraries and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/) and increasing the coverage of our existing library and framework models for several languages ([C++](https://github.com/github/codeql/tree/main/cpp), [JavaScript](https://github.com/github/codeql/tree/main/javascript), [Python](https://github.com/github/codeql/tree/main/python), and [Java](https://github.com/github/codeql/tree/main/java)). As a result, {% data variables.product.prodname_codeql %} can now detect even more potential sources of untrusted user data, review the steps through which that data flows, and identify potentially dangerous sinks in which this data could end up. This results in an overall improvement of the quality of the {% data variables.product.prodname_code_scanning %} alerts. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-07-01-codeql-code-scanning-now-recognizes-more-sources-and-uses-of-untrusted-user-data/). - | - {% data variables.product.prodname_code_scanning_capc %} now shows `security-severity` levels for CodeQL security alerts. You can configure which `security-severity` levels will cause a check failure for a pull request. The severity level of security alerts can be `critical`, `high`, `medium`, or `low`. By default, any {% data variables.product.prodname_code_scanning %} alerts with a `security-severity` of `critical` or `high` will cause a pull request check failure. + {% data variables.product.prodname_code_scanning_capc %} agora mostra níveis de "gravidade" para alertas de segurança do CodeQL. Você pode configurar quais níveis de 'security-severity´ causarão uma falha de verificação para um pull request. O nível de gravidade dos alertas de segurança pode ser `crítico`, `alto`, `médio` ou `baixo`. Por padrão, todos os alertas de {% data variables.product.prodname_code_scanning %} com `security-severity` `crítico` ou `alto` causarão falha de verificação de pull request. - Additionally, you can now also configure which severity levels will cause a pull request check to fail for non-security alerts. You can configure this behavior at the repository level, and define whether alerts with the severity `error`, `warning`, or `note` will cause a pull request check to fail. By default, non-security {% data variables.product.prodname_code_scanning %} alerts with a severity of `error` will cause a pull request check failure. + Além disso, agora você também pode configurar quais níveis de gravidade causarão uma falha na verificação de pull request para alertas que não são de segurança. Você pode configurar este comportamento no nível do repositório e definir se os alertas com a gravidade`erro`, `aviso`, ou `nota` farão com que uma verificação de pull request falhe. Por padrão, os alertas que não são de segurança de {% data variables.product.prodname_code_scanning %} com uma gravidade de 'erro' causarão uma falha de verificação de pull request. - For more information see "[Defining which alert severity levels cause pull request check failure](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#defining-the-severities-causing-pull-request-check-failure)." + Para obter mais informações, consulte "[Definir quais níveis de gravidade de alerta causam falha de verificação de pull request](/code-security/code-scanning/automaticamente-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#defining-the-severities-causing-request-check-failure). - ![List of code scanning alerts with security levels](/assets/images/enterprise/3.2/release-notes/code-scanning-alerts.png) + ![Lista de alertas de digitalização de código com níveis de segurança](/assets/images/enterprise/3.2/release-notes/code-scanning-alerts.png) - | As melhorias no filtro de branch para alertas de {% data variables.product.prodname_code_scanning %} tornam mais claro quais alertas de {% data variables.product.prodname_code_scanning %} estão sendo exibidos na página de alertas. Por padrão, os alertas de {% data variables.product.prodname_code_scanning %} são filtrados para mostrar alertas somente para o branch padrão do repositório. Você pode usar o filtro de branch para exibir os alertas em qualquer um dos branches não padrão. Qualquer filtro de branch que foi aplicado é mostrado na barra de pesquisa. @@ -192,33 +192,33 @@ sections: notes: - '**{% data variables.product.prodname_ghe_server %} 2.21 tornou-se obsoleto em 6 de junho de 2021**. Isso significa que não serão feitas versões de patch, mesmo para questões essenciais de segurança, após esta data. Para obter melhor desempenho, melhorar a segurança e novas funcionalidades, [faça a atualização para a versão mais recente de {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.2/admin/enterprise-management/upgrading-github-enterprise-server) assim que possível.' - - heading: Deprecation of GitHub Enterprise Server 2.22 + heading: Obsoletização do GitHub Enterprise Server 2.22 notes: - - '**{% data variables.product.prodname_ghe_server %} 2.22 will be discontinued on September 23, 2021**. That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.2/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - '**{% data variables.product.prodname_ghe_server %} 2.22 irá tornar-se obsoleto em 23 de setembro de 2021**. Isso significa que não serão feitas versões de patch, mesmo para questões essenciais de segurança, após esta data. Para obter melhor desempenho, melhorar a segurança e novas funcionalidades, [faça a atualização para a versão mais recente de {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.2/admin/enterprise-management/upgrading-github-enterprise-server) assim que possível.' - heading: Obsolescência do suporte para Hypervisor XenServer notes: - - Beginning in {% data variables.product.prodname_ghe_server %} 3.1, we will begin discontinuing support for Xen Hypervisor. The complete deprecation is scheduled for {% data variables.product.prodname_ghe_server %} 3.3, following the standard one year deprecation window. Please contact [GitHub Support](https://support.github.com/contact) with questions or concerns. + - A partir de {% data variables.product.prodname_ghe_server %} 3.1, começaremos a cancelar o suporte para o Hypervisor Xen. A obsolescência completa está agendada para {% data variables.product.prodname_ghe_server %} 3.3, seguindo o padrão de janela de obsolescência de um ano. Em caso de dúvidas, entre em contato com o [suporte do GitHub](https://support.github.com/contact). - - heading: Removal of Legacy GitHub Services + heading: Remoção dos Serviços de legado do GitHub notes: - - '{% data variables.product.prodname_ghe_server %} 3.2 removes unused GitHub Service database records. More information is available in the [deprecation announcement post](https://developer.github.com/changes/2018-04-25-github-services-deprecation/).' + - '{% data variables.product.prodname_ghe_server %} 3.2 remove registros de banco de dados do GitHub Service não utilizados. Mais informações estão disponíveis no [post de anúncio da obsolescência](https://developer.github.com/changes/2018-04-25-github-services-deprecation/).' - - heading: Deprecation of OAuth Application API endpoints and API authentication via query parameters + heading: A obsolescência dos pontos de extremidade da API do aplicativo OAuth e autenticação da API por meio parâmetros de consulta notes: - | - To prevent accidental logging or exposure of `access_tokens`, we discourage the use of OAuth Application API endpoints and the use of API auth via query params. Visit the following posts to see the proposed replacements: + Para evitar o registro acidental ou a exposição de `access_tokens`, não incentivamos o uso de pontos de extremidade da API do aplicativo OAuth e o uso da autenticação da API usando parâmetros de consulta. Veja os seguintes posts para ver as substituições propostas: - * [Replacement OAuth Application API endpoints](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#changes-to-make) - * [Replacement auth via headers instead of query param](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make) + * [Substituição da API do aplicativo OAuth](https://developer.github. om/changes/2020-02-14-deprecating-oauth-app-endpoint/#changes-to-make) + * [Substituição da autenticação usando cabeçalhos em vez de parâmetros de consulta](https://developer.github. om/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make) - These endpoints and auth route are planned to be removed from {% data variables.product.prodname_ghe_server %} in {% data variables.product.prodname_ghe_server %} 3.4. + Estes pontos de extremidade e rota de autenticação estão planejados para serem removidos de {% data variables.product.prodname_ghe_server %} em {% data variables.product.prodname_ghe_server %} 3.4. - - heading: Removal of legacy GitHub App webhook events and endpoints + heading: Remoção dos eventos de webhook do legado do aplicativo GitHub e pontos de extremidade notes: - | - Two legacy GitHub Apps-related webhook events have been removed: `integration_installation` and `integration_installation_repositories`. You should instead be listening to the `installation` and `installation_repositories` events. + Dois eventos de webhook relacionados a aplicativos legados foram removidos: `integration_installation` e `integration_installation_repositories`. Em vez disso, você deveria estar ouvindo os eventos `installation` e `installation_repositories`. - | - The following REST API endpoint has been removed: `POST /installations/{installation_id}/access_tokens`. You should instead be using the namespaced equivalent `POST /app/installations/{installation_id}/access_tokens`. + O ponto de extremidade a seguir da API REST foi removido: `POST /installations/{installation_id}/access_tokens`. Você deverá usar o namespaced equivalente `POST /app/installations/{installation_id}/access_tokens`. backups: - - '{% data variables.product.prodname_ghe_server %} 3.2 requires at least [GitHub Enterprise Backup Utilities 3.2.0](https://github.com/github/backup-utils) for [Backups and Disaster Recovery](/enterprise-server@3.2/admin/configuration/configuring-backups-on-your-appliance).' + - '{% data variables.product.prodname_ghe_server %} 3.2 exige pelo menos uma versão dos [Utilitários de Backup 3.2.0 do GitHub Enterprise](https://github.com/github/backup-utils) para [Backups Recuperação de Desastre](/enterprise-server@3.2/admin/configuration/configuring-backups-on-your-appliance).' diff --git a/translations/pt-BR/data/release-notes/enterprise-server/3-3/0-rc1.yml b/translations/pt-BR/data/release-notes/enterprise-server/3-3/0-rc1.yml index 28d3886883..5cc865e2a6 100644 --- a/translations/pt-BR/data/release-notes/enterprise-server/3-3/0-rc1.yml +++ b/translations/pt-BR/data/release-notes/enterprise-server/3-3/0-rc1.yml @@ -176,7 +176,7 @@ sections: - Os limites de recursos que são específicos para processamento de hooks pre-receive podem causar falha em alguns hooks pre-receive. deprecations: - - heading: Deprecation of GitHub Enterprise Server 2.22 + heading: Obsoletização do GitHub Enterprise Server 2.22 notes: - '**{% data variables.product.prodname_ghe_server %} 2.22 tornou-se obsoleto em 23 de setembro de 2021**. Isso significa que não serão feitas versões de patch, mesmo para questões essenciais de segurança, após esta data. Para obter melhor desempenho, melhorar a segurança e novas funcionalidades, [faça a atualização para a versão mais recente de {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.3/admin/enterprise-management/upgrading-github-enterprise-server) assim que possível.' - diff --git a/translations/pt-BR/data/release-notes/enterprise-server/3-3/0.yml b/translations/pt-BR/data/release-notes/enterprise-server/3-3/0.yml index 6988bdc82b..c912835c21 100644 --- a/translations/pt-BR/data/release-notes/enterprise-server/3-3/0.yml +++ b/translations/pt-BR/data/release-notes/enterprise-server/3-3/0.yml @@ -171,7 +171,7 @@ sections: - 'As configurações de armazenamento de {% data variables.product.prodname_actions %} não podem ser validadas e salvas no {% data variables.enterprise.management_console %} quando "Forçar estilo de caminho" for selecionado e deverão ser definidas com a ferramenta de linha de comando `ghe-actions-precheck`.' deprecations: - - heading: Deprecation of GitHub Enterprise Server 2.22 + heading: Obsoletização do GitHub Enterprise Server 2.22 notes: - '**{% data variables.product.prodname_ghe_server %} 2.22 tornou-se obsoleto em 23 de setembro de 2021**. Isso significa que não serão feitas versões de patch, mesmo para questões essenciais de segurança, após esta data. Para obter melhor desempenho, melhorar a segurança e novas funcionalidades, [faça a atualização para a versão mais recente de {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.3/admin/enterprise-management/upgrading-github-enterprise-server) assim que possível.' - diff --git a/translations/pt-BR/data/release-notes/enterprise-server/3-4/0-rc1.yml b/translations/pt-BR/data/release-notes/enterprise-server/3-4/0-rc1.yml index cfc765ecfd..8ad0476919 100644 --- a/translations/pt-BR/data/release-notes/enterprise-server/3-4/0-rc1.yml +++ b/translations/pt-BR/data/release-notes/enterprise-server/3-4/0-rc1.yml @@ -1,7 +1,7 @@ --- date: '2022-02-15' release_candidate: true -deprecated: false +deprecated: true intro: | {% note %} @@ -35,7 +35,7 @@ sections: heading: Segurança do Dependabot e atualizações da versão em beta pública notes: - | - {% data variables.product.prodname_dependabot %} is now available in {% data variables.product.prodname_ghe_server %} 3.4 as a public beta, offering both version updates and security updates for several popular ecosystems. {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_ghe_server %} requires {% data variables.product.prodname_actions %} and a pool of self-hosted runners configured for {% data variables.product.prodname_dependabot %} use. {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_ghe_server %} also requires {% data variables.product.prodname_github_connect %} and {% data variables.product.prodname_dependabot %} to be enabled by an administrator. Beta feedback and suggestions can be shared in the [{% data variables.product.prodname_dependabot %} Feedback GitHub discussion](https://github.com/github/feedback/discussions/categories/dependabot-feedback). For more information and to try the beta, see "[Setting up {% data variables.product.prodname_dependabot %} security and version updates on your enterprise](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/setting-up-dependabot-updates)." + {% data variables.product.prodname_dependabot %} agora está disponível em {% data variables.product.prodname_ghe_server %} 3.4 como beta público, oferecendo atualizações de versão e segurança para vários ecossistemas populares. {% data variables.product.prodname_dependabot %} em {% data variables.product.prodname_ghe_server %} exige {% data variables.product.prodname_actions %} e um grupo de executores auto-hospedados configurado para uso de {% data variables.product.prodname_dependabot %}. {% data variables.product.prodname_dependabot %} em {% data variables.product.prodname_ghe_server %} também exige {% data variables.product.prodname_github_connect %} e {% data variables.product.prodname_dependabot %} para ser habilitado por um administrador. Feedback de beta e sugestões podem ser compartilhados na [discussão de feedback do GitHub{% data variables.product.prodname_dependabot %}](https://github.com/github/feedback/discussions/categories/dependabot-feedback). Para obter mais informações e testar a versão beta, consulte "[Configurar {% data variables.product.prodname_dependabot %} de segurança e versão de atualizações](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/setting-up-dependabot-updates)." changes: - heading: Alterações na administração @@ -100,41 +100,41 @@ sections: - heading: 'Alterações do GitHub Actions' notes: - - '{% data variables.product.prodname_actions %} workflows triggered by {% data variables.product.prodname_dependabot %} for the `create`, `deployment`, and `deployment_status` events now always receive a read-only token and no secrets. Similarly, workflows triggered by {% data variables.product.prodname_dependabot %} for the `pull_request_target` event on pull requests where the base ref was created by {% data variables.product.prodname_dependabot %}, now always receive a read-only token and no secrets. These changes are designed to prevent potentially malicious code from executing in a privileged workflow. For more information, see "[Automating {% data variables.product.prodname_dependabot %} with {% data variables.product.prodname_actions %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)."' - - Workflow runs on `push` and `pull_request` events triggered by {% data variables.product.prodname_dependabot %} will now respect the permissions specified in your workflows, allowing you to control how you manage automatic dependency updates. The default token permissions will remain read-only. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-06-github-actions-workflows-triggered-by-dependabot-prs-will-respect-permissions-key-in-workflows/)." - - '{% data variables.product.prodname_actions %} workflows triggered by {% data variables.product.prodname_dependabot %} will now be sent the {% data variables.product.prodname_dependabot %} secrets. You can now pull from private package registries in your CI using the same secrets you have configured for {% data variables.product.prodname_dependabot %} to use, improving how {% data variables.product.prodname_actions %} and {% data variables.product.prodname_dependabot %} work together. For more information, see "[Automating {% data variables.product.prodname_dependabot %} with {% data variables.product.prodname_actions %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)."' + - 'Os fluxos de trabalho de {% data variables.product.prodname_actions %} acionados por {% data variables.product.prodname_dependabot %} para os eventos `create`, `deployment` e `deployment_status` agora sempre recebem um token somente leitura e sem segredos. Da mesma forma, os fluxos de trabalho acionados por {% data variables.product.prodname_dependabot %} para o evento `pull_request_target` em pull requests onde o ref base foi criado por {% data variables.product.prodname_dependabot %}, agora sempre recebe um token somente leitura e sem segredos. Essas alterações foram projetadas para impedir que códigos potencialmente maliciosos sejam executados em um fluxo de trabalho privilegiado. Para obter mais informações, consulte "[Automatizar {% data variables.product.prodname_dependabot %} com {% data variables.product.prodname_actions %}](/code-security/supply chain-security/keeping-your-dependencies-updated-automaticamente/automating-dependabot-with-github-actions)."' + - As execuções do fluxo de trabalho em eventos `push` e `pull_request` acionados por {% data variables.product.prodname_dependabot %} agora respeitarão as permissões especificadas nos seus fluxos de trabalho, permitindo que você controle como gerencia atualizações automáticas de dependências. As permissões do token padrão permanecerão somente leitura. Para obter mais informações, consulte, consulte "[o registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-10-06-github-actions-workflows-triggered-by-dependabot-prs-will-respect-permissions-key-in-workflows/)." + - 'Os fluxos de trabalho de {% data variables.product.prodname_actions %} acionados por {% data variables.product.prodname_dependabot %} serão agora enviados para os segredos de {% data variables.product.prodname_dependabot %}. Agora você pode retirá-los de registros de pacotes privados no seu CI usando os mesmos segredos que você configurou para {% data variables.product.prodname_dependabot %} usar, melhorando como {% data variables.product.prodname_actions %} e {% data variables.product.prodname_dependabot %} trabalham juntos. Para obter mais informações, consulte "[Automatizar {% data variables.product.prodname_dependabot %} com {% data variables.product.prodname_actions %}](/code-security/supply chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)."' - Agora você pode gerenciar os grupos de executores e ver o status dos seus executores auto-hospedados usando as novas páginas de executores e grupos de executores na interface do usuário. A página de configurações de ações do seu repositório ou organização agora mostra uma visualização resumo dos seus executores e permite que você se aprofunde em um executor específico para editá-lo ou ver qual trabalho ele pode estar executando atualmente. Para obter mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-09-20-github-actions-experience-refresh-for-the-management-of-self-hosted-runners/)." - 'Autores das ações agora podem ter sua ação executada no Node.js 16 especificando [`runs.using` como `node16` no `action.yml`](/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-javascript-actions). Além do suporte existente ao Node.js 12; as ações podem continuar a especificar `runs.using: node12` para usar o tempo de execução do Node.js 12.' - 'Para fluxos de trabalho acionados manualmente, {% data variables.product.prodname_actions %} agora é compatível com os tipos de entrada `choice`, `boolean` e `environment` além do tipo `string` padrão. Para obter mais informações, consulte "[`on.workflow_dispatch.inputs`](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_dispatchinputs)."' - - Actions written in YAML, also known as composite actions, now support `if` conditionals. This lets you prevent specific steps from executing unless a condition has been met. Like steps defined in workflows, you can use any supported context and expression to create a conditional. - - The search order behavior for self-hosted runners has now changed, so that the first available matching runner at any level will run the job in all cases. This allows jobs to be sent to self-hosted runners much faster, especially for organizations and enterprises with lots of self-hosted runners. Previously, when running a job that required a self-hosted runner, {% data variables.product.prodname_actions %} would look for self-hosted runners in the repository, organization, and enterprise, in that order. - - 'Runner labels for {% data variables.product.prodname_actions %} self-hosted runners can now be listed, added and removed using the REST API. For more information about using the new APIs at a repository, organization, or enterprise level, see "[Repositories](/rest/reference/actions#list-labels-for-a-self-hosted-runner-for-a-repository)", "[Organizations](/rest/reference/actions#add-custom-labels-to-a-self-hosted-runner-for-an-organization)", and "[Enterprises](/rest/reference/enterprise-admin#list-labels-for-a-self-hosted-runner-for-an-enterprise)" in the REST API documentation.' + - As ações escritas no YAML, também conhecidas como ações compostas, agora são compatíveis com as condicionais `if`. Isso permite que você impeça a execução de etapas específicas, a menos que uma condição tenha sido atendida. Como as etapas definidas nos fluxos de trabalho, você pode usar qualquer contexto e expressão compatível para criar uma condicional. + - O comportamento da ordem de busca para executores auto-hospedados foi alterado, para que o primeiro executor de correspondência disponível em qualquer nível execute o trabalho em todos os casos. Isso permite que os trabalhos sejam enviados para executores auto-hospedados muito mais rápido, especialmente para organizações e empresas com muitos executores hospedados. Anteriormente, ao executar um trabalho que exigia um executor auto-hospedado, {% data variables.product.prodname_actions %} procuraria por executores auto-hospedados no repositório, organização e empresa, nessa ordem. + - 'As etiquetas do executor para {% data variables.product.prodname_actions %} auto-hospedado agora podem ser listadas, adicionadas e removidas usando a API REST. Para obter mais informações sobre como usar as novas APIs em um repositório, organização ou empresa, consulte "[Repositories](/rest/reference/actions#list-labels-for-a-autohosted-runner-for-a-repository)", "[Organizations](/rest/reference/actions#add-custom-labels-to-autohosted-runner-for-an-organization)", e "[Enterprises](/rest/reference/enterprise-admin#list-labels-for-a-autohosted-runner-for-an-enterprise)" na documentação da API REST.' - heading: 'Alterações no dependabot e no gráfico de Dependência' notes: - O gráfico de dependência agora é compatível com a detecção de dependências do Python em repositórios que usam o gerenciador de pacotes do Poetry. As dependências serão detectadas a partir de arquivos manifestos 'pyproject.toml' e 'poetry.lock'. - - When configuring {% data variables.product.prodname_dependabot %} security and version updates on GitHub Enterprise Server, we recommend you also enable {% data variables.product.prodname_dependabot %} in {% data variables.product.prodname_github_connect %}. This will allow {% data variables.product.prodname_dependabot %} to retrieve an updated list of dependencies and vulnerabilities from {% data variables.product.prodname_dotcom_the_website %}, by querying for information such as the changelogs of the public releases of open source code that you depend upon. For more information, see "[Enabling the dependency graph and Dependabot alerts for your enterprise](/admin/configuration/configuring-github-connect/enabling-the-dependency-graph-and-dependabot-alerts-for-your-enterprise)." + - Ao configurar as atualizações de segurança e versão de {% data variables.product.prodname_dependabot %} no GitHub Enterprise Server, recomendamos que você também habilite {% data variables.product.prodname_dependabot %} em {% data variables.product.prodname_github_connect %}. Isso permitirá que {% data variables.product.prodname_dependabot %} recupere uma lista atualizada de dependências e vulnerabilidades de {% data variables.product.prodname_dotcom_the_website %}, consultando informações, como os registros de alterações das versões públicas do código aberto do qual você depende. Para obter mais informações, consulte "[Habilitando o gráfico de dependências e alertas de Dependabot para a sua empresa](/admin/configuration/configuring-github-connect/enabling-the-dependency-graph-and-dependabot-alerts-for-your-enterprise)." - 'Os alertas de {% data variables.product.prodname_dependabot_alerts %} agora podem ser ignorados usando a API do GraphQL. Para obter mais informações, consulte a "[dismissRepositoryVulnerabilityAlert](/graphql/reference/mutations#dismissyvulnerabilityalert)" mutação na documentação da API do GraphQL.' - heading: 'Digitalização de código e alterações na digitalização de segredo' notes: - - The {% data variables.product.prodname_codeql %} CLI now supports including markdown-rendered query help in SARIF files, so that the help text can be viewed in the {% data variables.product.prodname_code_scanning %} UI when the query generates an alert. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-23-display-help-text-for-your-custom-codeql-queries-in-code-scanning/)." - - The {% data variables.product.prodname_codeql %} CLI and {% data variables.product.prodname_vscode %} extension now support building databases and analyzing code on machines powered by Apple Silicon, such as Apple M1. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-codeql-now-supports-apple-silicon-m1/)." + - A CLI de {% data variables.product.prodname_codeql %} agora é compatível com a ajuda de consulta interpretada por markdown em arquivos SARIF, para que o texto de ajuda possa ser visto na interface do usuário de {% data variables.product.prodname_code_scanning %} quando a consulta gerar um alerta. Para obter mais informações, consulte o "[registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-display-help-text-for-your-codeql-queries-in-code-scanning/)." + - A extensão da CLI de {% data variables.product.prodname_codeql %} e {% data variables.product.prodname_vscode %} agora é compatível com a criação de bancos de dados e a análise de código em máquinas alimentadas por Apple Silicon, como a Apple M1. Para obter mais informações, consulte o "[registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-10-codeql-now-supports-apple-silicon-m1/)." - | - The depth of {% data variables.product.prodname_codeql %}'s analysis has been improved by adding support for more [libraries and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/) from the Python ecosystem. As a result, {% data variables.product.prodname_codeql %} can now detect even more potential sources of untrusted user data, steps through which that data flows, and potentially dangerous sinks where the data could end up. This results in an overall improvement of the quality of {% data variables.product.prodname_code_scanning %} alerts. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-24-codeql-code-scanning-now-recognizes-more-python-libraries-and-frameworks/)." - - Code scanning with {% data variables.product.prodname_codeql %} now includes beta support for analyzing code in all common Ruby versions, up to and including 3.02. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-27-codeql-code-scanning-adds-beta-support-for-ruby/)." + A profundidade da análise de {% data variables.product.prodname_codeql %} foi aprimorada adicionando suporte para mais [bibliotecas e estruturas](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/) do ecossistema do Python. Como resultado, {% data variables.product.prodname_codeql %} agora pode detectar ainda mais possíveis fontes de dados de usuário não confiáveis, passos por meio dos quais esses dados fluem, e coletores possivelmente perigosos onde os dados podem acabar. Isso resulta em uma melhoria geral da qualidade dos alertas de {% data variables.product.prodname_code_scanning %}. Para obter mais informações, consulte, consulte o "[registro de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-24-codeql-code-scanning-now-recognizes-more-python-libraries-and-frameworks/)". + - A digitalização de código com {% data variables.product.prodname_codeql %} agora inclui suporte beta para a análise de código em todas as versões comuns do ruby, incluindo 3.02. Para obter mais informações, consulte o "[registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-10-27-codeql-code-scanning-adds-beta-support-for-ruby/)." - | - Several improvements have been made to the {% data variables.product.prodname_code_scanning %} API: + Várias melhorias foram feitas na API de {% data variables.product.prodname_code_scanning %} : - * The `fixed_at` timestamp has been added to alerts. This timestamp is the first time that the alert was not detected in an analysis. - * Alert results can now be sorted using `sort` and `direction` on either `created`, `updated` or `number`. For more information, see "[List code scanning alerts for a repository](/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository)." - * A `Last-Modified` header has been added to the alerts and alert endpoint response. For more information, see [`Last-Modified`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Last-Modified) in the Mozilla documentation. - * The `relatedLocations` field has been added to the SARIF response when you request a code scanning analysis. The field may contain locations which are not the primary location of the alert. See an example in the [SARIF spec](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html#_Toc16012616) and for more information see "[Get a code scanning analysis for a repository](/rest/reference/code-scanning#get-a-code-scanning-analysis-for-a-repository)." - * Both `help` and `tags` data have been added to the webhook response alert rule object. For more information, see "[Code scanning alert webhooks events and payloads](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#code_scanning_alert)." - * Personal access tokens with the `public_repo` scope now have write access for code scanning endpoints on public repos, if the user has permission. + * O registro de hora `fixed_at` foi adicionado aos alertas. Este registro de hora representa a primeira vez que o alerta não foi detectado em uma análise. + * Os resultados de alerta agora podem ser classificados usando `sort` e `direction` em `created`, `updated` ou `number`. Para obter mais informações, consulte "[Lista de alertas de digitalização de código para um repositório ](/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository). + * Um cabeçalho `Last-Modified` foi adicionado aos alertas e alerta de resposta de pontos de extremidade. Para obter mais informações, consulte [`Last-Modified`](https://developer.mozilla. rg/en-US/docs/Web/HTTP/Headers/Last-Modified) na documentação Mozilla. + * O campo `relatedLocations` foi adicionado à resposta do SARIF ao solicitar uma análise de digitalização de código. O campo pode conter locais que não são a localização principal do alerta. Veja um exemplo na [especificação do SARIF](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01. tml#_Toc16012616) e para obter mais informações, consulte "[Obtenha uma análise de verificação de código para um repositório](/rest/reference/code-scanning#get-a-code-scanning-analyis-for-a-repository). + * Os dados `help` e `tags` foram adicionados ao objeto de regra de alerta de resposta de webhook. Para obter mais informações, consulte "[Eventos de digitalização de alerta de códigos e cargas](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#code_scanning_alert). + * Os tokens de acesso pessoal com o escopo `public_repo` agora têm acesso de gravação para digitalização de pontos de extremidade de código em repositórios públicos, se o usuário tiver permissão. - For more information, see "[Code scanning](/rest/reference/code-scanning)" in the REST API documentation. - - '{% data variables.product.prodname_GH_advanced_security %} customers can now use the REST API to retrieve private repository secret scanning results at the enterprise level. The new endpoint supplements the existing repository-level and organization-level endpoints. For more information, see "[Secret scanning](/rest/reference/secret-scanning)" in the REST API documentation.' + Para obter mais informações, consulte "[Digitalização de código](/rest/reference/scanning)" na documentação da API REST. + - 'Os clientes de {% data variables.product.prodname_GH_advanced_security %} agora podem usar a API REST para recuperar resultados privados da digitalização de código do repositório no nível corporativo. O novo ponto de extremidade complementa o nível de repositório existente e os pontos de extremidade no nível de organização. Para obter mais informações, consulte "[Digitalização de segredo](/rest/reference/secret-scanning)" na documentação da API REST.' #No security/bug fixes for the RC release #security_fixes: #- PLACEHOLDER @@ -148,7 +148,7 @@ sections: - Quando "Usuários podem pesquisar pelo GitHub.com" está habilitado com o GitHub Connect, os problemas em repositórios privados e internos não estão incluídos nos resultados de pesquisa do GitHub.com. - O registro npm de {% data variables.product.prodname_registry %} não retorna mais o valor de tempo em respostas de metadados. Isso foi feito para permitir melhorias substanciais de desempenho. Continuamos a ter todos os dados necessários para devolver um valor de tempo como parte da resposta aos metadados e retomaremos o retorno desse valor no futuro, assim que tivermos resolvido os problemas de desempenho existentes. - Os limites de recursos que são específicos para processamento de hooks pre-receive podem causar falha em alguns hooks pre-receive. - - Actions services needs to be restarted after restoring appliance from backup taken on a different host. + - Os serviços de ação devem ser reiniciados após a restauração do dispositivo a partir do backup tomado em um host diferente. deprecations: - heading: Obsoletização do GitHub Enterprise Server 3.0 @@ -165,30 +165,30 @@ sections: - heading: Obsolescência da visualização dos anexos do conteúdo da API notes: - - Due to low usage, we have deprecated the Content References API preview in {% data variables.product.prodname_ghe_server %} 3.4. The API was previously accessible with the `corsair-preview` header. Users can continue to navigate to external URLs without this API. Any registered usages of the Content References API will no longer receive a webhook notification for URLs from your registered domain(s) and we no longer return valid response codes for attempted updates to existing content attachments. + - Devido a baixo uso, nós descontinuamos a visualização da API de Referências de Conteúdo em {% data variables.product.prodname_ghe_server %} 3.4. Anteriormente, a API podia ser acessada com o cabeçalho `corsair-preview`. Os usuários podem continuar acessando os URLs externos sem esta API. Qualquer uso registrado da API de Referências de Conteúdo não receberá mais uma notificação de webhook para os URLs do(s) seu(s) domínio(s) registrado(s) e não retornaremos mais códigos de resposta válidos para tentativas de atualizar anexos de conteúdo existentes. - - heading: Deprecation of the Codes of Conduct API preview + heading: Obsolescência da visualização da API dos códigos de conduta notes: - - 'The Codes of Conduct API preview, which was accessible with the `scarlet-witch-preview` header, is deprecated and no longer accessible in {% data variables.product.prodname_ghe_server %} 3.4. We instead recommend using the "[Get community profile metrics](/rest/reference/repos#get-community-profile-metrics)" endpoint to retrieve information about a repository''s code of conduct. For more information, see the "[Deprecation Notice: Codes of Conduct API preview](https://github.blog/changelog/2021-10-06-deprecation-notice-codes-of-conduct-api-preview/)" in the {% data variables.product.prodname_dotcom %} changelog.' + - 'A visualização da API dos códigos de conduta, que podia ser acessada com o cabeçalho `scarlet-witch-preview`, foi descontinuada e não pode ser mais acessada em {% data variables.product.prodname_ghe_server %} 3.4. Em vez disso, recomendamos usar o ponto de extremidade "[Obter métricas do perfil da comunidade](/rest/reference/repos#get-community-profile-metrics)" para obter informações sobre o código de conduta de um repositório. Para obter mais informações, consulte "[Aviso de obsolescência: Visualização da API dos códigos de conduta](https://github.blog/changelog/2021-10-06-deprecation-notice-codes-of-conduct-api-preview/)" no registro de alterações de {% data variables.product.prodname_dotcom %}.' - heading: A obsolescência dos pontos de extremidade da API do aplicativo OAuth e autenticação da API usando parâmetros de consulta notes: - | - Starting with {% data variables.product.prodname_ghe_server %} 3.4, the [deprecated version of the OAuth Application API endpoints](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#endpoints-affected) have been removed. If you encounter 404 error messages on these endpoints, convert your code to the versions of the OAuth Application API that do not have `access_tokens` in the URL. We've also disabled the use of API authentication using query parameters. We instead recommend using [API authentication in the request header](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make). + A partir de {% data variables.product.prodname_ghe_server %} 3.4, a [versão obsoleta dos pontos da API dos aplicativos OAuth](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#endpoints-affected) foi removida. Se você encontrar mensagens de erro 404 nesses pontos de extremidade, converta o seu código para as versões da API do aplicativo OAuth que não tem `access_tokens` no URL. Nós também desabilitamos o uso da autenticação API usando parâmetros de consulta. Em vez disso, recomendamos usar [autenticação de API no cabeçalho de solicitação](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make). - heading: Obosolescência do executor do CodeQL notes: - - The {% data variables.product.prodname_codeql %} runner is deprecated in {% data variables.product.prodname_ghe_server %} 3.4 and is no longer supported. The deprecation only affects users who use {% data variables.product.prodname_codeql %} code scanning in third party CI/CD systems; {% data variables.product.prodname_actions %} users are not affected. We strongly recommend that customers migrate to the {% data variables.product.prodname_codeql %} CLI, which is a feature-complete replacement for the {% data variables.product.prodname_codeql %} runner. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/). + - O executor de {% data variables.product.prodname_codeql %} foi descontinuado em {% data variables.product.prodname_ghe_server %} 3.4 e não é mais compatível. A obsolescência afeta apenas usuários que usam a digitalização de código de {% data variables.product.prodname_codeql %} em sistemas de terceiros CI/CD; os usuários de {% data variables.product.prodname_actions %} não são afetados. É altamente recomendável que os clientes migrem para a CLI de {% data variables.product.prodname_codeql %}, que é um substituto com recursos completos para o executor de {% data variables.product.prodname_codeql %}. Para obter mais informações, consulte o [registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/). - heading: Obsolescência das extensões personalizadas do bit-cache notes: - | - Starting in {% data variables.product.prodname_ghe_server %} 3.1, support for {% data variables.product.company_short %}'s proprietary bit-cache extensions began to be phased out. These extensions are deprecated in {% data variables.product.prodname_ghe_server %} 3.3 onwards. + Começando em {% data variables.product.prodname_ghe_server %} 3.1, o suporte para extensões de bit-cache de {% data variables.product.company_short %} começou a ser eliminado gradualmente. Essas extensões estão obsoletas a partir de {% data variables.product.prodname_ghe_server %} 3.3. - Any repositories that were already present and active on {% data variables.product.product_location %} running version 3.1 or 3.2 will have been automatically updated. + Todos os repositórios que já estavam presentes e ativos na {% data variables.product.product_location %} versão 3.1 ou 3.2 serão atualizados automaticamente. - Repositories which were not present and active before upgrading to {% data variables.product.prodname_ghe_server %} 3.3 may not perform optimally until a repository maintenance task is run and has successfully completed. + Os repositórios que não estavam presentes e ativos antes de atualizar para {% data variables.product.prodname_ghe_server %} 3.3 podem não ser executados da forma ideal até que uma tarefa de manutenção de repositório seja executada e concluída com sucesso. - To start a repository maintenance task manually, browse to `https:///stafftools/repositories///network` for each affected repository and click the Schedule button. + Para iniciar uma tarefa de manutenção do repositório manualmente, acesse https:///stafftools/repositórios///network` para cada repositório afetado e clique no botão Cronograma. backups: - - '{% data variables.product.prodname_ghe_server %} 3.4 requires at least [GitHub Enterprise Backup Utilities 3.4.0](https://github.com/github/backup-utils) for [Backups and Disaster Recovery](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance).' + - '{% data variables.product.prodname_ghe_server %} 3.4 exige pelo menos [GitHub Enterprise Backup Utilities 3.4.0](https://github.com/github/backup-utils) para [Backups e recuperação de desastre](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance).' diff --git a/translations/pt-BR/data/release-notes/enterprise-server/3-4/0.yml b/translations/pt-BR/data/release-notes/enterprise-server/3-4/0.yml new file mode 100644 index 0000000000..0f21e64cc9 --- /dev/null +++ b/translations/pt-BR/data/release-notes/enterprise-server/3-4/0.yml @@ -0,0 +1,193 @@ +--- +date: '2022-03-15' +intro: | + + Para obter instruções de atualização, consulte "[Atualizando {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server). + + > Esta versão é dedicada ao nosso colega e amigo John, um Hubber que sempre esteve disposto a ajudar. Sentiremos muito a sua falta. + > + > **John "Ralph" Wiebalk 1986–2021** +sections: + features: + - + heading: A API REST de digitalização de segredo agora retorna locais + notes: + - | + Os clientes de {% data variables.product.prodname_GH_advanced_security %} agora podem usar a API REST para recuperar detalhes de commit de segredos detectados em verificações de repositório privado. O novo ponto de extremidade retorna detalhes da primeira detecção de um segredo em um arquivo, incluindo a localização do segredo e o commit SHA. Para obter mais informações, consulte "[Digitalização de segredo](/rest/reference/secret-scanning)" na documentação da API REST. + - + heading: Exportar dados de licença da cobrança baseada no committer para o GitHub Advanced Security + notes: + - | + Os proprietários da empresa e da organização agora podem exportar os dados do us oda sua licença de {% data variables.product.prodname_GH_advanced_security %} para um arquivo CSV. Os dados de cobrança de {% data variables.product.prodname_advanced_security %} também podem ser recuperados por meio de pontos de extremidade de cobrança na API REST. Para obter mais informações, consulte "[Registro de alterações {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-export-github-advanced-security-license-usage-data/)." + - + heading: Os fluxos de trabalho reutilizáveis do GitHub Actions na versão beta pública + notes: + - | + Agora você pode reutilizar todos os fluxos de trabalho como se eles fossem uma ação. Esse recurso está disponível na versão beta pública. Em vez de copiar e colar as definições de fluxo de trabalho entre repositórios, agora você pode fazer referência a um fluxo de trabalho existente com uma única linha de configuração. Para obter mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-10-05-github-actions-dry-your-github-actions-configuration-by-reusing-workflows/)." + - + heading: Segurança do Dependabot e atualizações da versão em beta pública + notes: + - | + {% data variables.product.prodname_dependabot %} agora está disponível em {% data variables.product.prodname_ghe_server %} 3.4 como beta público, oferecendo atualizações de versão e segurança para vários ecossistemas populares. {% data variables.product.prodname_dependabot %} em {% data variables.product.prodname_ghe_server %} exige {% data variables.product.prodname_actions %} e um grupo de executores auto-hospedados configurado para uso de {% data variables.product.prodname_dependabot %}. {% data variables.product.prodname_dependabot %} em {% data variables.product.prodname_ghe_server %} também exige {% data variables.product.prodname_github_connect %} e {% data variables.product.prodname_dependabot %} para ser habilitado por um administrador. Feedback de beta e sugestões podem ser compartilhados na [discussão de feedback do GitHub{% data variables.product.prodname_dependabot %}](https://github.com/github/feedback/discussions/categories/dependabot-feedback). Para obter mais informações e testar a versão beta, consulte "[Configurar {% data variables.product.prodname_dependabot %} de segurança e versão de atualizações](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/setting-up-dependabot-updates)." + - + heading: SAML authentication supports encrypted assertions + notes: + - | + If you use SAML authentication for {% data variables.product.prodname_ghe_server %}, you can now configure encrypted assertions from your IdP to improve security. Encrypted assertions add an additional layer of encryption when your IdP transmits information to {% data variables.product.product_location %}. For more information, see "[Using SAML](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml#enabling-encrypted-assertions)." + changes: + - + heading: Alterações na administração + notes: + - Os usuários agora podem escolher o número de espaços ao qual uma aba equivale, definindo o seu tamanho da aba preferido nas configurações de "Aparência" da sua conta de usuário. Todos os códigos com um recuo de aba serão interpretados utilizando o tamanho preferido da aba. + - O registro de conexão de dados de {% data variables.product.prodname_github_connect %} agora inclui uma contagem do número de usuários ativos e inativos e o período de inavitidade configurado. + - Agora você pode dar aos usuários acesso a links específicos para empresas adicionando rodapés personalizados a {% data variables.product.prodname_ghe_server %}. Para obter mais informações, consulte "[Configurar rodapés personalizados](/admin/configuration/configuring-your-enterprise/configuring-custom-footers)." + - + heading: Mudanças de desempenho + notes: + - WireGuard, usado para garantir a comunicação entre as instâncias de {% data variables.product.prodname_ghe_server %} em uma configuração de alta disponibilidade, foi transferido para a implementação do Kernel. + - + heading: Alterações de notificação + notes: + - Os proprietários da organização podem agora cancelar a inscrição das notificações de e-mail quando novas chaves de implantação forem adicionadas aos repositórios pertencentes às suas organizações. Para obter mais informações, consulte "[Configurar notificações](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications)". + - 'Os e-mails de notificação de problemas e pull requests recém-criados agora incluem `(Issue #xx)` ou `(PR #xx)` no assunto do e-mail para que você possa reconhecer e filtrar e-mails que faxem referência a esse tipo de problema.' + - + heading: Alterações na organização + notes: + - As organizações agora podem exibir um arquivo `README.md` na sua visão geral do perfil. Para obter mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-09-14-readmes-for-organization-profiles/)." + - 'Os integrantes das organizações agora podem ver uma lista de proprietários da empresa na guia "Pessoas" da organização. A lista de proprietários corporativos agora pode ser acessadal usando a API do GraphQL. Para obter mais informações, consulte o campo "[`enterpriseOwners`](/graphql/reference/objects#organization)" no objeto Organização na documentação da API do GraphQL.' + - + heading: Alterações nos repositórios + notes: + - | + Agora, uma seção "Gerenciar acesso" é exibida nas configurações do repositório na página "Colaboradores e equipes". A nova seção torna mais fácil para os administradores do repositório verem e gerenciarem quem tem acesso ao repositório e o nível de acesso concedido a cada usuário. Os administradores podem agora: + + * Pesquisar todos os integrantes, equipes e colaboradores com acesso ao repositório. + * Visualizar quando os integrantes têm atribuições mistas de funções, concedidas a eles diretamente como indivíduos ou indiretamente por meio de uma equipe. Isto pode ser visualizado por meio de um novo aviso de "funções mistas", que exibe o cargo de nível mais alto que o usuário é concedido se o seu nível de permissão for maior do que a sua função atribuída. + * Gerenviar o acesso a repositórios populares de forma confiável, com a paginação e menos tempos de inatividade quando grandes grupos de usuários tiverem acesso. + - '{% data variables.product.prodname_ghe_server %} 3.4 inclui melhorias na experiência de convite de repositório, como notificações de convites de repositórios privados, uma instrução de interface de usuário ao visitar um repositório privado, para o qual você tem um convite pendente, e um banner na página de visão geral do repositório público quando há um convite pendente.' + - 'Agora você pode usar prefixos de um caractere único para autolinks personalizados. Os prefixos de autolinks agora permitem os caracteres `. , `-`, `_`, `+`, `=`, `:`, `/`, e `#`, bem como caracteres alfanuméricos. Para obter mais informações sobre autolinks personalizados, consulte "[Configurar autolinks para fazer referência a recursos externos](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources)."' + - Um arquivo `CODE_OF_CONDUCT.md` na raiz de um repositório agora está destacado na barra lateral "Sobre" na página de visão geral do repositório. + - + heading: 'Alterações das versões' + notes: + - '{% data variables.product.prodname_ghe_server %} 3.4 inclui melhorias na interface de usuário da bersão como, por exemplo, as notas de versão geradas automaticamente que exibem um resumo de todos os pull requests para uma determinada versão. Para obter mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-10-20-improvements-to-github-releases-generally-available/)".' + - Quando uma versão é publicada, uma lista de avatares agora é exibida na parte inferior da versão. São exibidos avatares para todas as contas de usuário mencionadas nas observa~] pes da versão. Para obter mais informações, consulte "[Gerenciar versões em um repositório](/repositórios/releasing-projects-on-github/managing-releases-in-a-repository)". + - + heading: 'Alterações de Markdown' + notes: + - Agora você pode usar a nova página de configurações de "Acessibilidade" para gerenciar seus atalhos de teclado. Você pode optar por desabilitar atalhos de teclado que usam apenas caracteres únicos como S, G C e . (a chave do ponto). Para mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-16-managing-keyboard-shortcuts-using-accessibility-settings/)." + - Agora você pode optar por usar uma fonte de largura fixa em campos habilitados por markdown, como comentários de problemas e descrições de pull request. Para obter mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-10-12-fixed-width-font-support-in-markdown-enabled-fields/)." + - Agora você pode colar umURL no texto selecionado para criar rapidamente um link de Markdown. Isto funciona em todos os campos habilitados por Markdown, como comentários de problemas e descrições de pull request. Para obter mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-10-linkify-selected-text-on-url-paste/)." + - 'Agora a URL de uma imagem pode ser anexada com um contexto de tema, como `#gh-dark-mode-only`, para definir como a imagem do Markdown é exibida no visualizador. Para obter mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-24-specify-theme-context-for-images-in-markdown/)."' + - Ao criar ou editar um arquivo gist com a extensão do arquivo do Markdown (`.md`), agora você pode usar a guia "Pré-visualizar" ou "Pré-visualizar alterações" para exibir uma interpretação do Markdown do conteúdo do arquivo. Para obter mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-17-preview-the-markdown-rendering-of-gists/)." + - Ao digitar o nome de um usuário do {% data variables.product.prodname_dotcom %} em problemas, pull requests e discussões, a sugestão de @mention agora classifica os participantes existentes mais altos que os outros usuários de {% data variables.product.prodname_dotcom %}, para que seja mais provável que o usuário que você está procurando esteja listado. + - Idiomas da direita para a esquerda agora são compatíveis nativamente em arquivos Markdown, problemas, pull requests, discussões e comentários. + - + heading: 'Problemas e alterações de pull requests' + notes: + - A configuração de diff para ocultar alterações de espaço em branco na guia "Arquivos alterados" de pull request agora é mantida para sua conta de usuário para esse pull request. A configuração escolhida é reaplicada automaticamente se você sair da página e voltar a usar a guia "Arquivos alterados" do mesmo pull request. + - Ao usar a atribuição automática para análises de código de pull request, agora você pode optar por notificar apenas os integrantes da equipe solicitados, independentemente das suas configurações de atribuição automática. Essa configuração é útil em cenários em que muitos usuários são atribuídos automaticamente, mas nem todos os usuários exigem notificação. Para obter mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-10-team-member-pull-request-review-notifications-can-be-configured-independently-of-auto-assignment/)." + - + heading: 'Alterações de branches' + notes: + - 'Os administradores da organização e do repositório agora podem acionar os webhooks para ouvir alterações nas regras de proteção de branch em seus repositórios. Para obter mais informações, consulte o evento "[branch_protection_rule](/developers/webhooks-and-events/webhook/webhook-events-and-payloads#branch_protection_rule)" nos eventos de webhook e na documentação da carga.' + - Ao configurar os branches protegidos, agora você pode impor que uma verificação de estado necessária é fornecida por um {% data variables.product.prodname_github_app %} específico. Se um status for fornecido por um aplicativo diferente ou por um usuário por meio de um status de commit, a fusão é impedida. Isso garante que todas as alterações sejam validadas pelo aplicativo pretendido. Para obter mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-12-01-ensure-required-status-checks-provided-by-intended-app/)." + - Apenas usuários com permissões de administrador agora podem renomear branches protegidos e modificar as regras de proteção de branch. Anteriormente, com exceção do branch padrão, um colaborador podia renomear um branch e, consequentemente, todas as regras de proteção do branch não curinga que foram aplicadas a esse branch também foram renomeadas. Para obter mais informações, consulte "[Renomear um branch](/repositórios/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch)" e "[Gerenciar uma regra de proteção de branch](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule)." + - Agora os administradores podem permitir que apenas usuários e equipes específicos ignorem requisitos de pull request. Para obter mais informações, consulte "[Registro de altrações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-allow-bypassing-required-pull-requests/)." + - Agora os administradores podem permitir que apenas usuários e equipes específicos façam push forçado para um repositório. Para obter mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-12-21-specify-who-can-force-push-to-a-repository/)." + - Ao exigir pull requests para todas as alterações de um branch protegido, os administradores agora podem escolher se revisões aprovadas também são obrigatórias. Para obter mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-require-pull-requests-without-requiring-reviews/)". + - + heading: 'Alterações do GitHub Actions' + notes: + - 'Os fluxos de trabalho de {% data variables.product.prodname_actions %} acionados por {% data variables.product.prodname_dependabot %} para os eventos `create`, `deployment` e `deployment_status` agora sempre recebem um token somente leitura e sem segredos. Da mesma forma, os fluxos de trabalho acionados por {% data variables.product.prodname_dependabot %} para o evento `pull_request_target` em pull requests onde o ref base foi criado por {% data variables.product.prodname_dependabot %}, agora sempre recebe um token somente leitura e sem segredos. Essas alterações foram projetadas para impedir que códigos potencialmente maliciosos sejam executados em um fluxo de trabalho privilegiado. Para obter mais informações, consulte "[Automatizar {% data variables.product.prodname_dependabot %} com {% data variables.product.prodname_actions %}](/code-security/supply chain-security/keeping-your-dependencies-updated-automaticamente/automating-dependabot-with-github-actions)."' + - As execuções do fluxo de trabalho em eventos `push` e `pull_request` acionados por {% data variables.product.prodname_dependabot %} agora respeitarão as permissões especificadas nos seus fluxos de trabalho, permitindo que você controle como gerencia atualizações automáticas de dependências. As permissões do token padrão permanecerão somente leitura. Para obter mais informações, consulte, consulte "[o registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-10-06-github-actions-workflows-triggered-by-dependabot-prs-will-respect-permissions-key-in-workflows/)." + - 'Os fluxos de trabalho de {% data variables.product.prodname_actions %} acionados por {% data variables.product.prodname_dependabot %} serão agora enviados para os segredos de {% data variables.product.prodname_dependabot %}. Agora você pode retirá-los de registros de pacotes privados no seu CI usando os mesmos segredos que você configurou para {% data variables.product.prodname_dependabot %} usar, melhorando como {% data variables.product.prodname_actions %} e {% data variables.product.prodname_dependabot %} trabalham juntos. Para obter mais informações, consulte "[Automatizar {% data variables.product.prodname_dependabot %} com {% data variables.product.prodname_actions %}](/code-security/supply chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)."' + - Agora você pode gerenciar os grupos de executores e ver o status dos seus executores auto-hospedados usando as novas páginas de executores e grupos de executores na interface do usuário. A página de configurações de ações do seu repositório ou organização agora mostra uma visualização resumo dos seus executores e permite que você se aprofunde em um executor específico para editá-lo ou ver qual trabalho ele pode estar executando atualmente. Para obter mais informações, consulte "[Registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-09-20-github-actions-experience-refresh-for-the-management-of-self-hosted-runners/)." + - 'Autores das ações agora podem ter sua ação executada no Node.js 16 especificando [`runs.using` como `node16` no `action.yml`](/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-javascript-actions). Além do suporte existente ao Node.js 12; as ações podem continuar a especificar `runs.using: node12` para usar o tempo de execução do Node.js 12.' + - 'Para fluxos de trabalho acionados manualmente, {% data variables.product.prodname_actions %} agora é compatível com os tipos de entrada `choice`, `boolean` e `environment` além do tipo `string` padrão. Para obter mais informações, consulte "[`on.workflow_dispatch.inputs`](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_dispatchinputs)."' + - As ações escritas no YAML, também conhecidas como ações compostas, agora são compatíveis com as condicionais `if`. Isso permite que você impeça a execução de etapas específicas, a menos que uma condição tenha sido atendida. Como as etapas definidas nos fluxos de trabalho, você pode usar qualquer contexto e expressão compatível para criar uma condicional. + - O comportamento da ordem de busca para executores auto-hospedados foi alterado, para que o primeiro executor de correspondência disponível em qualquer nível execute o trabalho em todos os casos. Isso permite que os trabalhos sejam enviados para executores auto-hospedados muito mais rápido, especialmente para organizações e empresas com muitos executores hospedados. Anteriormente, ao executar um trabalho que exigia um executor auto-hospedado, {% data variables.product.prodname_actions %} procuraria por executores auto-hospedados no repositório, organização e empresa, nessa ordem. + - 'As etiquetas do executor para {% data variables.product.prodname_actions %} auto-hospedado agora podem ser listadas, adicionadas e removidas usando a API REST. Para obter mais informações sobre como usar as novas APIs em um repositório, organização ou empresa, consulte "[Repositories](/rest/reference/actions#list-labels-for-a-autohosted-runner-for-a-repository)", "[Organizations](/rest/reference/actions#add-custom-labels-to-autohosted-runner-for-an-organization)", e "[Enterprises](/rest/reference/enterprise-admin#list-labels-for-a-autohosted-runner-for-an-enterprise)" na documentação da API REST.' + - + heading: 'Alterações no dependabot e no gráfico de Dependência' + notes: + - O gráfico de dependência agora é compatível com a detecção de dependências do Python em repositórios que usam o gerenciador de pacotes do Poetry. As dependências serão detectadas a partir de arquivos manifestos 'pyproject.toml' e 'poetry.lock'. + - Ao configurar as atualizações de segurança e versão de {% data variables.product.prodname_dependabot %} no GitHub Enterprise Server, recomendamos que você também habilite {% data variables.product.prodname_dependabot %} em {% data variables.product.prodname_github_connect %}. Isso permitirá que {% data variables.product.prodname_dependabot %} recupere uma lista atualizada de dependências e vulnerabilidades de {% data variables.product.prodname_dotcom_the_website %}, consultando informações, como os registros de alterações das versões públicas do código aberto do qual você depende. Para obter mais informações, consulte "[Habilitando o gráfico de dependências e alertas de Dependabot para a sua empresa](/admin/configuration/configuring-github-connect/enabling-the-dependency-graph-and-dependabot-alerts-for-your-enterprise)." + - 'Os alertas de {% data variables.product.prodname_dependabot_alerts %} agora podem ser ignorados usando a API do GraphQL. Para obter mais informações, consulte a "[dismissRepositoryVulnerabilityAlert](/graphql/reference/mutations#dismissyvulnerabilityalert)" mutação na documentação da API do GraphQL.' + - + heading: 'Digitalização de código e alterações na digitalização de segredo' + notes: + - A CLI de {% data variables.product.prodname_codeql %} agora é compatível com a ajuda de consulta interpretada por markdown em arquivos SARIF, para que o texto de ajuda possa ser visto na interface do usuário de {% data variables.product.prodname_code_scanning %} quando a consulta gerar um alerta. Para obter mais informações, consulte o "[registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-display-help-text-for-your-codeql-queries-in-code-scanning/)." + - A extensão da CLI de {% data variables.product.prodname_codeql %} e {% data variables.product.prodname_vscode %} agora é compatível com a criação de bancos de dados e a análise de código em máquinas alimentadas por Apple Silicon, como a Apple M1. Para obter mais informações, consulte o "[registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-10-codeql-now-supports-apple-silicon-m1/)." + - | + A profundidade da análise de {% data variables.product.prodname_codeql %} foi aprimorada adicionando suporte para mais [bibliotecas e estruturas](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/) do ecossistema do Python. Como resultado, {% data variables.product.prodname_codeql %} agora pode detectar ainda mais possíveis fontes de dados de usuário não confiáveis, passos por meio dos quais esses dados fluem, e coletores possivelmente perigosos onde os dados podem acabar. Isso resulta em uma melhoria geral da qualidade dos alertas de {% data variables.product.prodname_code_scanning %}. Para obter mais informações, consulte, consulte o "[registro de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-11-24-codeql-code-scanning-now-recognizes-more-python-libraries-and-frameworks/)". + - A digitalização de código com {% data variables.product.prodname_codeql %} agora inclui suporte beta para a análise de código em todas as versões comuns do ruby, incluindo 3.02. Para obter mais informações, consulte o "[registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-10-27-codeql-code-scanning-adds-beta-support-for-ruby/)." + - | + Várias melhorias foram feitas na API de {% data variables.product.prodname_code_scanning %} : + + * O registro de hora `fixed_at` foi adicionado aos alertas. Este registro de hora representa a primeira vez que o alerta não foi detectado em uma análise. + * Os resultados de alerta agora podem ser classificados usando `sort` e `direction` em `created`, `updated` ou `number`. Para obter mais informações, consulte "[Lista de alertas de digitalização de código para um repositório ](/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository). + * Um cabeçalho `Last-Modified` foi adicionado aos alertas e alerta de resposta de pontos de extremidade. Para obter mais informações, consulte [`Last-Modified`](https://developer.mozilla. rg/en-US/docs/Web/HTTP/Headers/Last-Modified) na documentação Mozilla. + * O campo `relatedLocations` foi adicionado à resposta do SARIF ao solicitar uma análise de digitalização de código. O campo pode conter locais que não são a localização principal do alerta. Veja um exemplo na [especificação do SARIF](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01. tml#_Toc16012616) e para obter mais informações, consulte "[Obtenha uma análise de verificação de código para um repositório](/rest/reference/code-scanning#get-a-code-scanning-analyis-for-a-repository). + * Os dados `help` e `tags` foram adicionados ao objeto de regra de alerta de resposta de webhook. Para obter mais informações, consulte "[Eventos de digitalização de alerta de códigos e cargas](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#code_scanning_alert). + * Os tokens de acesso pessoal com o escopo `public_repo` agora têm acesso de gravação para digitalização de pontos de extremidade de código em repositórios públicos, se o usuário tiver permissão. + + Para obter mais informações, consulte "[Digitalização de código](/rest/reference/scanning)" na documentação da API REST. + - 'Os clientes de {% data variables.product.prodname_GH_advanced_security %} agora podem usar a API REST para recuperar resultados privados da digitalização de código do repositório no nível corporativo. O novo ponto de extremidade complementa o nível de repositório existente e os pontos de extremidade no nível de organização. Para obter mais informações, consulte "[Digitalização de segredo](/rest/reference/secret-scanning)" na documentação da API REST.' + #No security/bug fixes for the GA release + #security_fixes: + #- PLACEHOLDER + #bugs: + #- PLACEHOLDER + known_issues: + - Em uma instância de {% data variables.product.prodname_ghe_server %} recém-configurada sem usuários, um invasor pode criar o primeiro usuário administrador. + - As regras de firewall personalizadas são removidas durante o processo de atualização. + - Arquivos LFS do Git [enviados através da interface web](https://github.com/blog/2105-upload-files-to-your-repositories) são adicionados diretamente ao repositório e de forma incorreta. + - Os problemas não podem ser fechados se contiverem um permalink para um blob no mesmo repositório, onde o caminho do arquivo blob's é maior que 255 caracteres. + - Quando "Usuários podem pesquisar pelo GitHub.com" está habilitado com o GitHub Connect, os problemas em repositórios privados e internos não estão incluídos nos resultados de pesquisa do GitHub.com. + - O registro npm de {% data variables.product.prodname_registry %} não retorna mais o valor de tempo em respostas de metadados. Isso foi feito para permitir melhorias substanciais de desempenho. Continuamos a ter todos os dados necessários para devolver um valor de tempo como parte da resposta aos metadados e retomaremos o retorno desse valor no futuro, assim que tivermos resolvido os problemas de desempenho existentes. + - Os limites de recursos que são específicos para processamento de hooks pre-receive podem causar falha em alguns hooks pre-receive. + - Os serviços de ação devem ser reiniciados após a restauração do dispositivo a partir do backup tomado em um host diferente. + deprecations: + - + heading: Obsoletização do GitHub Enterprise Server 3.0 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.0 tornou-se obsoleto em 16 de fevereiro de 2022**. Isso significa que não serão feitas versões de patch, mesmo para questões essenciais de segurança, após esta data. Para obter melhor desempenho, melhorar a segurança e novas funcionalidades, [faça a atualização para a versão mais recente de {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) assim que possível.' + - + heading: Obsolescência do GitHub Enterprise Server 3.1 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.1 irá tornar-se obsoleto em 3 de junho de 2022**. Isso significa que não serão feitas versões de patch, mesmo para questões essenciais de segurança, após esta data. Para obter melhor desempenho, melhorar a segurança e novas funcionalidades, [faça a atualização para a versão mais recente de {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) assim que possível.' + - + heading: Obsolescência do suporte para Hypervisor XenServer + notes: + - Começando com {% data variables.product.prodname_ghe_server %} 3.3, {% data variables.product.prodname_ghe_server %} no XenServer tornou-se obsoleto e não é mais compatível. Entre em contato com o [suporte do GitHub](https://support.github.com) em caso de dúvidas. + - + heading: Obsolescência da visualização dos anexos do conteúdo da API + notes: + - Devido a baixo uso, nós descontinuamos a visualização da API de Referências de Conteúdo em {% data variables.product.prodname_ghe_server %} 3.4. Anteriormente, a API podia ser acessada com o cabeçalho `corsair-preview`. Os usuários podem continuar acessando os URLs externos sem esta API. Qualquer uso registrado da API de Referências de Conteúdo não receberá mais uma notificação de webhook para os URLs do(s) seu(s) domínio(s) registrado(s) e não retornaremos mais códigos de resposta válidos para tentativas de atualizar anexos de conteúdo existentes. + - + heading: Obsolescência da visualização da API dos códigos de conduta + notes: + - 'A visualização da API dos códigos de conduta, que podia ser acessada com o cabeçalho `scarlet-witch-preview`, foi descontinuada e não pode ser mais acessada em {% data variables.product.prodname_ghe_server %} 3.4. Em vez disso, recomendamos usar o ponto de extremidade "[Obter métricas do perfil da comunidade](/rest/reference/repos#get-community-profile-metrics)" para obter informações sobre o código de conduta de um repositório. Para obter mais informações, consulte "[Aviso de obsolescência: Visualização da API dos códigos de conduta](https://github.blog/changelog/2021-10-06-deprecation-notice-codes-of-conduct-api-preview/)" no registro de alterações de {% data variables.product.prodname_dotcom %}.' + - + heading: A obsolescência dos pontos de extremidade da API do aplicativo OAuth e autenticação da API usando parâmetros de consulta + notes: + - | + A partir de {% data variables.product.prodname_ghe_server %} 3.4, a [versão obsoleta dos pontos da API dos aplicativos OAuth](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#endpoints-affected) foi removida. Se você encontrar mensagens de erro 404 nesses pontos de extremidade, converta o seu código para as versões da API do aplicativo OAuth que não tem `access_tokens` no URL. Nós também desabilitamos o uso da autenticação API usando parâmetros de consulta. Em vez disso, recomendamos usar [autenticação de API no cabeçalho de solicitação](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make). + - + heading: Obosolescência do executor do CodeQL + notes: + - O executor de {% data variables.product.prodname_codeql %} foi descontinuado em {% data variables.product.prodname_ghe_server %} 3.4 e não é mais compatível. A obsolescência afeta apenas usuários que usam a digitalização de código de {% data variables.product.prodname_codeql %} em sistemas de terceiros CI/CD; os usuários de {% data variables.product.prodname_actions %} não são afetados. É altamente recomendável que os clientes migrem para a CLI de {% data variables.product.prodname_codeql %}, que é um substituto com recursos completos para o executor de {% data variables.product.prodname_codeql %}. Para obter mais informações, consulte o [registro de alterações de {% data variables.product.prodname_dotcom %}](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/). + - + heading: Obsolescência das extensões personalizadas do bit-cache + notes: + - | + Começando em {% data variables.product.prodname_ghe_server %} 3.1, o suporte para extensões de bit-cache de {% data variables.product.company_short %} começou a ser eliminado gradualmente. Essas extensões estão obsoletas a partir de {% data variables.product.prodname_ghe_server %} 3.3. + + Todos os repositórios que já estavam presentes e ativos na {% data variables.product.product_location %} versão 3.1 ou 3.2 serão atualizados automaticamente. + + Os repositórios que não estavam presentes e ativos antes de atualizar para {% data variables.product.prodname_ghe_server %} 3.3 podem não ser executados da forma ideal até que uma tarefa de manutenção de repositório seja executada e concluída com sucesso. + + Para iniciar uma tarefa de manutenção do repositório manualmente, acesse https:///stafftools/repositórios///network` para cada repositório afetado e clique no botão Cronograma. + backups: + - '{% data variables.product.prodname_ghe_server %} 3.4 exige pelo menos [GitHub Enterprise Backup Utilities 3.4.0](https://github.com/github/backup-utils) para [Backups e recuperação de desastre](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance).' diff --git a/translations/pt-BR/data/release-notes/github-ae/2021-06/2021-12-06.yml b/translations/pt-BR/data/release-notes/github-ae/2021-06/2021-12-06.yml index cf83f34b12..9c485d1c2d 100644 --- a/translations/pt-BR/data/release-notes/github-ae/2021-06/2021-12-06.yml +++ b/translations/pt-BR/data/release-notes/github-ae/2021-06/2021-12-06.yml @@ -76,7 +76,7 @@ sections: - | Agora você pode autenticar as conexões do SSH em {% data variables.product.product_name %} usando uma chave de segurança FIDO2 adicionando uma chave SSH `sk-ecdsa-sha2-nistp256@openssh.com` para a sua conta. As chaves de segurança SSH armazenam material da chave de secredo em um dispositivo de hardware separado que exige verificação, como, por exemplo, um toque, para operar. Armazenar a chave em hardware separado e exigir a interação física para a sua chave SSH oferece segurança adicional. Como a chave é armazenada em hardware e não pode ser retirada, a chave não pode ser lida ou roubada pelo software em execução no computador. A interação física impede o uso não autorizado da chave, uma vez que a chave de segurança não funcionará até que você interaja fisicamente com ela. Para obter mais informações, consulte "[Gerando uma nova chave SSH e adicionando-a ao ssh-agent](/github/authenticating-to-github/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent#generating-a-new-ssh-key-for-a-hardware-security-key)." - | - Git Credential Manager (GCM) Core versions 2.0.452 and later now provide secure credential storage and multi-factor authentication support for {% data variables.product.product_name %}. GCM Core with support for {% data variables.product.product_name %} is included with [Git for Windows](https://gitforwindows.org) versions 2.32 and later. GCM Core is not included with Git for macOS or Linux, but can be installed separately. For more information, see the [latest release](https://github.com/microsoft/Git-Credential-Manager-Core/releases/) and [installation instructions](https://github.com/microsoft/Git-Credential-Manager-Core/releases/) in the `microsoft/Git-Credential-Manager-Core` repository. + O Gerenciador de Credenciais do Git (GCM) Core versões 2.0.452 e posteriores agora fornecem armazenamento de credenciais seguro e suporte para a autenticação de vários fatores para {% data variables.product.product_name %}. O GCM Core com suporte para {% data variables.product.product_name %} está incluído em [Git para Windows](https://gitforwindows.org) versões 2.32 ou posteriores. O GCM Core não está incluído no Git para macOS ou Linux, mas pode ser instalado separadamente. Para obter mais informações, consulte a [versão mais recente](https://github. om/microsoft/Git-Credential-Manager-Core/releases/) e as [instruções de instalação](https://github.com/microsoft/Git-Credential-Manager-Core/releases/) no repositório `microsoft/Git-Credential-Manager-Core`. - heading: 'Notificações' notes: @@ -100,52 +100,52 @@ sections: - | Para evitar o merge de alterações inesperadas depois de habilitar o merge automático para um pull request, o merge automático agora será desabilitado automaticamente quando novas alterações forem enviadas por push por um usuário sem acesso de gravação ao repositório. Os usuários sem acesso de gravação ainda podem atualizar o pull request com alterações do branch base quando o merge automático estiver habilitado. Para evitar que um usuário malicioso use um conflito de merge para introduzir alterações inesperadas no pull request, {% data variables.product.product_name %} desabilitará o merge automático do pull request se a atualização causar um conflito de merge. Para obter mais informações sobre merge automático, consulte "[Fazer merge automaticamente de um pull request](/github/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automaticamente, merging-a-pull-request)." - | - People with maintain access can now manage the repository-level "Allow auto-merge" setting. This setting, which is off by default, controls whether auto-merge is available on pull requests in the repository. Previously, only people with admin access could manage this setting. Additionally, this setting can now by controlled using the "[Create a repository](/rest/reference/repos#create-an-organization-repository)" and "[Update a repository](/rest/reference/repos#update-a-repository)" REST APIs. For more information, see "[Managing auto-merge for pull requests in your repository](/github/administering-a-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository)." + As pessoas com acesso de manutenção agora podem gerenciar a configuração para "Permitir merge automático". Esta configuração, que está desabilitada por padrão, controla se o merge automático está disponível em pull requests no repositório. Anteriormente, apenas pessoas com acesso de administrador poderiam gerenciar essa configuração. Além disso, essa configuração agora pode usar as API REST "[Criar um repositório](/rest/reference/repos#create-an-organization-repository)" e "[Atualizar um repositório](/rest/reference/repos#update-a-repository)". Para obter mais informações, consulte "[Gerenciar merge automático para pull requests no seu repositório](/github/administering-a-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository)." - | A seleção de responsáveis para problemas e pull requests agora é compatível com a digitação antecipada para que você possa encontrar usuários na sua organização mais rapidamente. Além disso, as classificações do resultado da pesquisa foram atualizadas para preferir as partidas no início do nome de usuário de uma pessoa ou nome do perfil. - heading: 'Repositórios' notes: - | - When viewing the commit history for a file, you can now click {% octicon "file-code" aria-label="The code icon" %} to view the file at the specified time in the repository's history. + Ao visualizar o histórico de commit de um arquivo, agora você pode clicar em {% octicon "file-code" aria-label="The code icon" %} para ver o arquivo no momento especificado no histórico do repositório. - | Agora você pode usar a interface do usuário web para sincronizar um branch desatualizado para uma bifurcação com a bifurcação upstream. Se não houver conflitos de merge entre os branches, {% data variables.product.product_name %} irá atualizar seu branch seja por adiantamento ou por merge do upstream. Se houver conflitos, o {% data variables.product.product_name %} solicitará a abertura do pull request para resolver os conflitos. Para obter mais informações, consulte "[Sincronizando um fork](/github/collaborating-with-pull-requests/working-with-forks/syncing-a-fork#syncing-a-fork-from-the-web-ui)". - | Agora você pode classificar os repositórios no perfil de um usuário ou organização por contagem de estrelas. - | - The Repositories REST API's "compare two commits" endpoint, which returns a list of commits reachable from one commit or branch, but unreachable from another, now supports pagination. The API can also now return the results for comparisons over 250 commits. For more information, see the "[Commits](/rest/reference/commits#compare-two-commits)" REST API documentation and "[Traversing with pagination](/rest/guides/traversing-with-pagination)." + O ponto de extrenudade "comparar dois commits" dos repositórios da REST API, que retorna uma lista de commits acessíveis a partir de um commit ou branch, mas que não pode ser acessado a partir de outro, agora é compatível com paginação. A API agora também pode devolver os resultados para comparações com mais de 250 commits. Para obter mais informações, consulte "[Commits](/rest/reference/commits#compare-two-commits)" a documentação da API REST e "[Traversing with pagination](/rest/guides/traversing-with-pagination)." - | - When you define a submodule in {% data variables.product.product_location %} with a relative path, the submodule is now clickable in the web UI. Clicking the submodule in the web UI will take you to the linked repository. Previously, only submodules with absolute URLs were clickable. Relative paths for repositories with the same owner that follow the pattern ../REPOSITORY or relative paths for repositories with a different owner that follow the pattern ../OWNER/REPOSITORY are supported. For more information about working with submodules, see [Working with submodules](https://github.blog/2016-02-01-working-with-submodules/) on {% data variables.product.prodname_blog %}. + Ao definir um submódulo em {% data variables.product.product_location %} com um caminho relativo, é possível clicar no submódulo na interface do usuário web. Clicar no submódulo na interface do usuário web irá levá-lo para o repositório vinculado. Anteriormente, era possível clicar apenas em submódulos com URLs absolutas. Caminhos relativos para repositórios com o mesmo proprietário que seguem o padrão .REPOSITORY ou caminhos relativos para repositórios com um proprietário diferente que segue o padrão . /OWNER/REPOSITÓRIO são compatíveis. Para obter mais informações sobre como trabalhar com submódulos, consulte [Trabalhar com submódulos](https://github.blog/2016-02-01-working-with-submodules/) em {% data variables.product.prodname_blog %}. - | - By precomputing checksums, the amount of time a repository is under lock has reduced dramatically, allowing more write operations to succeed immediately and improving monorepo performance. + Ao pré-calcular as comprovações, a quantidade de tempo que um repositório está sob o bloqueio foi reduzida drasticamente, o que permitiu mais operações de escrita com sucesso e melhorando o desempenho do monorrepositório. - heading: 'Versões' notes: - | - You can now react with emoji to all releases on {% data variables.product.product_name %}. For more information, see "[About releases](/github/administering-a-repository/releasing-projects-on-github/about-releases)." + Agora você pode reagir com emojis a todas as versões do {% data variables.product.product_name %}. Para obter mais informações, consulte "[Sobre versões](/github/administering-a-repository/releasing-projects-on-github/about-releases)". - heading: 'Temas' notes: - | - Dark and dark dimmed themes are now available for the web UI. {% data variables.product.product_name %} will match your system preferences when you haven't set theme preferences in {% data variables.product.product_name %}. You can also customize the themes that are active during day and night. For more information, see "[Managing your theme settings](/github/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-your-theme-settings)." + Temas escuros e com níveis de opacidade agora estão disponíveis para a interface do usuário da web. {% data variables.product.product_name %} irá coincidir com suas preferências de sistema quando você não definiu preferências de tema em {% data variables.product.product_name %}. Você também pode personalizar os temas ativos durante o dia e a noite. Para obter mais informações, consulte "[Gerenciando as suas configurações de tema](/github/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-your-theme-settings)." - heading: 'markdown' notes: - | - Markdown files in your repositories now automatically generate a table of contents in the header the file has two or more headings. The table of contents is interactive and links to the corresponding section. All six Markdown heading levels are supported. For more information, see "[About READMEs](/github/creating-cloning-and-archiving-repositories/creating-a-repository-on-github/about-readmes#auto-generated-table-of-contents-for-readme-files)." + Os arquivos de Markdown nos seus repositórios agora geram automaticamente um índice no cabeçalho do arquivo que tem dois ou mais cabeçalhos. O índice é interativo e contém links para a seção correspondente. Todos os seis níveis de cabeçalho do Markdown são compatíveis. Para obter mais informações, consulte "[Sobre READMEs](/github/creating-cloning-and-archiving-repositories/creating-a-repository-on-github/about-readmes#auto-generated-table-of-contents-for-readme-files)." - | - `code` markup is now supported in titles for issues and pull requests. Text within backticks (`` ` ``) will appear rendered in a fixed-width font anywhere the issue or pull request title appears in the web UI for {% data variables.product.product_name %}. + O markup `code` agora écompatível com títulos para problemas e pull requests. O texto dentro das aspas inversas (`` ` ``) aparecerá interpretado em uma fonte de largura fixa em qualquer lugar que o problema ou o título do pull request apareça na interface web de {% data variables.product.product_name %}. - | - While editing Markdown in files, issues, pull requests, or comments, you can now use a keyboard shortcut to insert a code block. The keyboard shortcut is command + E on a Mac or Ctrl + E on other devices. For more information, see "[Basic writing and formatting syntax](/github/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#quoting-code)." + Ao editar o Markdown em arquivos, problemas, pull requests ou comentários, agora você pode usar um atalho de teclado para inserir um bloco de código. O atalho do teclado é command + E no Mac ou Ctrl + E em outros dispositivos. Para obter mais informações, consulte "[Sintaxe de escrita e formatação básica](/github/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#quoting-code)." - | - You can append `?plain=1` to the URL for any Markdown file to display the file without rendering and with line numbers. You can use the plain view to link other users to specific lines. For example, appending `?plain=1#L52` will highlight line 52 of a plain text Markdown file. For more information, "[Creating a permanent link to a code snippet](/github/writing-on-github/working-with-advanced-formatting/creating-a-permanent-link-to-a-code-snippet#linking-to-markdown)." + Você pode adicionar `?plain=1` ao URL para qualquer arquivo de Markdown para exibir o arquivo sem interpretação e com números de linha. Você pode usar a visão plano para vincular outros usuários a linhas específicas. Por exemplo, ao adicionar `?plain=1#L52`, você destacará a linha 52 de um arquivo de Markdown em texto simples. Para mais informações, "[Criar um link permanente para um trecho de código](/github/writing-on-github/working-with-advanced-formatting/creating-a-permanent-link-to-a-code-snippet#linking-to-markdown)". - heading: 'Aplicativos do GitHub' notes: - | - API requests to create an installation access token now respect IP allow lists for an enterprise or organization. Any API requests made with an installation access token for a GitHub App installed on your organization already respect IP allow lists. This feature does not currently consider any Azure network security group (NSG) rules that {% data variables.product.company_short %} Support has configured for {% data variables.product.product_location %}. For more information, see "[Restricting network traffic to your enterprise](/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise#about-ip-allow-lists)," "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization)," and "[Apps](https://docs.github.com/en/rest/reference/apps#create-an-installation-access-token-for-an-app)" in the REST API documentation. + As solicitações da API para a criação de um token de acesso de instalação agora respeita as listas de permissão de IP para empresas ou organização. Qualquer solicitação da API feita com um token de acesso de instalação para um aplicativo GitHub instalado na sua organização respeitas as listas de permissão de IP. Esse recurso não considera atualmente nenhuma regra do grupo de segurança de rede do Azure (NSG) com suporte de {% data variables.product.company_short %} configurado para {% data variables.product.product_location %}. Para obter mais informações, consulte "[Restringir tráfego de rede para a sua empresa](/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise#about-ip-allow-lists)," "[Gerenciar endereços IP permitidos para sua organização](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization)," e "[Apps](https://docs. ithub.com/pt/rest/reference/apps#create-an-installation-token-for-an-app)" na documentação da API REST. - heading: 'Webhooks' notes: - | - You can now programmatically resend or check the status of webhooks through the REST API. For more information, see "[Repositories](https://docs.github.com/en/rest/reference/repos#webhooks)," "[Organizations](https://docs.github.com/en/rest/reference/orgs#webhooks)," and "[Apps](https://docs.github.com/en/rest/reference/apps#webhooks)" in the REST API documentation. + Agora você pode reenviar programaticamente ou verificar o status dos webhooks por meio da API REST. Para obter mais informações, consulte "[Repositories](https://docs.github.com/en/rest/reference/repos#webhooks),"[Organizations](https://docs. ithub.com/en/rest/reference/orgs#webhooks)," e "[Apps](https://docs.github.com/en/rest/reference/apps#webhooks)" na documentação da API REST. diff --git a/translations/pt-BR/data/reusables/actions/cd-templates-actions.md b/translations/pt-BR/data/reusables/actions/cd-templates-actions.md index de538b108c..f76a60fc13 100644 --- a/translations/pt-BR/data/reusables/actions/cd-templates-actions.md +++ b/translations/pt-BR/data/reusables/actions/cd-templates-actions.md @@ -1,3 +1,3 @@ -{% data variables.product.product_name %} offers deployment starter workflows for several popular services, such as Azure Web App. Para aprender como começar a usar um fluxo de trabalho inicial, consulte "[Usando fluxos de trabalho iniciais](/actions/learn-github-actions/using-starter-workflows)" ou [procure a lista completa de starter de implantação fluxos de trabalho](https://github.com/actions/starter-workflows/tree/main/deployments). Você também pode conferir nossos guias mais detalhados de fluxos de trabalho específicos para implantação como, por exemplo, "[Efetuando a implantação no Azure App Service](/actions/deployment/deploying-to-azure-app-service)". +{% data variables.product.product_name %} oferece fluxos de trabalho iniciantes de implantação para vários serviços populares, como o aplicativo Azure Web. Para aprender como começar a usar um fluxo de trabalho inicial, consulte "[Usando fluxos de trabalho iniciais](/actions/learn-github-actions/using-starter-workflows)" ou [procure a lista completa de starter de implantação fluxos de trabalho](https://github.com/actions/starter-workflows/tree/main/deployments). Você também pode conferir nossos guias mais detalhados de fluxos de trabalho específicos para implantação como, por exemplo, "[Efetuando a implantação no Azure App Service](/actions/deployment/deploying-to-azure-app-service)". Muitos prestadores de serviço também oferecem ações em {% data variables.product.prodname_marketplace %} para implantar no seu serviço. Para a lista completa, consulte [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?category=deployment&type=actions). diff --git a/translations/pt-BR/data/reusables/actions/enterprise-github-connect-warning.md b/translations/pt-BR/data/reusables/actions/enterprise-github-connect-warning.md deleted file mode 100644 index 8da7379ebd..0000000000 --- a/translations/pt-BR/data/reusables/actions/enterprise-github-connect-warning.md +++ /dev/null @@ -1,15 +0,0 @@ -{% ifversion ghes > 3.2 or ghae-issue-4815 %} -{% note %} - -**Observação:** Quando um fluxo de trabalho usa uma ação fazendo referência ao repositório onde a ação é armazenada, {% data variables.product.prodname_actions %} tentará encontrar o repositório na sua instância de {% data variables.product.prodname_ghe_server %} antes de voltar para {% data variables.product.prodname_dotcom_the_website %}. Se um usuário tiver criado uma organização e um repositório em sua empresa, que corresponde a uma organização e nome do repositório em {% data variables.product.prodname_dotcom %}, o repositório da sua empresa será usado no lugar do repositório de {% data variables.product.prodname_dotcom %}. Para obter mais informações, consulte "[Desativação automática de namespaces para ações acessadas em {% data variables.product.prodname_dotcom_the_website%}](#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom)". - -{% endnote %} -{% endif %} - -{% ifversion ghes < 3.3 or ghae %} -{% note %} - -**Observação:** Quando um fluxo de trabalho usa uma ação fazendo referência ao repositório onde a ação é armazenada, {% data variables.product.prodname_actions %} tentará encontrar o repositório na sua instância de {% data variables.product.prodname_ghe_server %} antes de voltar para {% data variables.product.prodname_dotcom_the_website %}. Se um usuário criar uma organização e um repositório em sua empresa, que corresponde a uma organização e nome do repositório em {% data variables.product.prodname_dotcom %}, o repositório da sua empresa será usado no lugar do repositório de {% data variables.product.prodname_dotcom %}. Um usuário malicioso pode aproveitar este comportamento para executar o código como parte de um fluxo de trabalho. - -{% endnote %} -{% endif %} diff --git a/translations/pt-BR/data/reusables/actions/github-connect-resolution.md b/translations/pt-BR/data/reusables/actions/github-connect-resolution.md new file mode 100644 index 0000000000..b313096713 --- /dev/null +++ b/translations/pt-BR/data/reusables/actions/github-connect-resolution.md @@ -0,0 +1 @@ +Quando um fluxo de trabalho usa uma ação, fazendo referência ao repositório onde a ação é armazenada, {% data variables.product.prodname_actions %} primeiro tentará encontrar o repositório em {% data variables.product.product_location %}. Se o repositório não existir em {% data variables.product.product_location %} e se você tiver acesso automático para {% data variables.product.prodname_dotcom_the_website %} habilitado, {% data variables.product.prodname_actions %} tentará encontrar o repositório em {% data variables.product.prodname_dotcom_the_website %}. \ No newline at end of file diff --git a/translations/pt-BR/data/reusables/actions/github-token-expiration.md b/translations/pt-BR/data/reusables/actions/github-token-expiration.md new file mode 100644 index 0000000000..6c4c246ab4 --- /dev/null +++ b/translations/pt-BR/data/reusables/actions/github-token-expiration.md @@ -0,0 +1 @@ +O `GITHUB_TOKEN` vence quando um trabalho for concluído ou após um máximo de 24 horas. \ No newline at end of file diff --git a/translations/pt-BR/data/reusables/actions/message-parameters.md b/translations/pt-BR/data/reusables/actions/message-parameters.md index fd9358b1a0..662e5cf41f 100644 --- a/translations/pt-BR/data/reusables/actions/message-parameters.md +++ b/translations/pt-BR/data/reusables/actions/message-parameters.md @@ -1 +1 @@ -| Parameter | Value | | :- | :- |{% ifversion fpt or ghes > 3.2 or ghae-issue-4929 or ghec %} | `title` | Custom title |{% endif %} | `file` | Filename | | `col` | Column number, starting at 1 |{% ifversion fpt or ghes > 3.2 or ghae-issue-4929 or ghec %} | `endColumn` | End column number |{% endif %} | `line` | Line number, starting at 1 |{% ifversion fpt or ghes > 3.2 or ghae-issue-4929 or ghec %} | `endLine` | End line number |{% endif %} +| Parâmetro | Valor | | :- | :- |{% ifversion fpt or ghes > 3.2 or ghae-issue-4929 or ghec %} | `title` | Custom title |{% endif %} | `file` | Título personalizado| | `col` | Número da colina, começando com 1 |{% ifversion fpt or ghes > 3.2 or ghae-issue-4929 or ghec %} | `endColumn` | Número final da coluna |{% endif %} | `line` | Número final da linha, começando com 1 |{% ifversion fpt or ghes > 3.2 or ghae-issue-4929 or ghec %} | `endLine` | Número final da linha |{% endif %} diff --git a/translations/pt-BR/data/reusables/actions/oidc-permissions-token.md b/translations/pt-BR/data/reusables/actions/oidc-permissions-token.md index e9ebdbe242..888ec3bc9c 100644 --- a/translations/pt-BR/data/reusables/actions/oidc-permissions-token.md +++ b/translations/pt-BR/data/reusables/actions/oidc-permissions-token.md @@ -5,7 +5,7 @@ A configuração `id-token: write` permite que o JWT seja solicitado do provedor - Usando variáveis de ambiente no executor (`ACTIONS_ID_TOKEN_REQUEST_URL` e `ACTIONS_ID_TOKEN_REQUEST_TOKEN`). - Usando `getIDToken()` do conjunto de ferramentas de ações. -If you only need to fetch an OIDC token for a single job, then this permission can be set within that job. Por exemplo: +Se você só precisa obter um token OIDC para um único trabalho, essa permissão poderá ser definida dentro desse trabalho. Por exemplo: ```yaml{:copy} permissions: diff --git a/translations/pt-BR/data/reusables/actions/oidc-updating-workflow-overview.md b/translations/pt-BR/data/reusables/actions/oidc-updating-workflow-overview.md index fbbabdca65..09cf5dbefb 100644 --- a/translations/pt-BR/data/reusables/actions/oidc-updating-workflow-overview.md +++ b/translations/pt-BR/data/reusables/actions/oidc-updating-workflow-overview.md @@ -1,6 +1,6 @@ -To add OIDC integration to your cloud deployment workflows, you will need to add the following code changes: +Para adicionar integração OIDC aos seus fluxos de trabalho para implantação na nuvem, você deverá adicionar as seguintes alterações de código: -- Grant permission to fetch the token from the {% data variables.product.prodname_dotcom %} OIDC provider: - - The workflow needs a `permissions` setting with a defined `id-token` value. This lets you fetch the OIDC token from every job in the workflow. If you only need to fetch an OIDC token for a single job, then this permission can be set within that job. -- Request the JSON Web Token (JWT) from the {% data variables.product.prodname_dotcom %} OIDC provider, and present it to your cloud provider to receive an access token: - - You could use the Actions toolkit to fetch the tokens in your job, or you can use the official action created by your cloud provider to fetch the JWT and receive the access token from the cloud. +- Conceder permissão para obter o token do provedor do OIDC de {% data variables.product.prodname_dotcom %}: + - O fluxo de trabalho precisa de uma configuração de `permissões` com um valor de `id-token` definido. Isso permite obter o token do OIDC de cada trabalho do fluxo de trabalho. Se você só precisa obter um token OIDC para um único trabalho, essa permissão poderá ser definida dentro desse trabalho. +- Solicite o Token do JSON Web (JWT) do provedor OIDC de {% data variables.product.prodname_dotcom %} e apresente-o ao seu provedor de nuvem para receber um token de acesso: + - Você pode usar o kit de ferramentas de ações para obter os tokens no seu trabalho ou você pode usar a ação oficial criada pelo seu provedor de nuvem para obter o JWT e receber o token de acesso da nuvem. diff --git a/translations/pt-BR/data/reusables/actions/perform-blob-storage-precheck.md b/translations/pt-BR/data/reusables/actions/perform-blob-storage-precheck.md index b369adb066..e6105e24bf 100644 --- a/translations/pt-BR/data/reusables/actions/perform-blob-storage-precheck.md +++ b/translations/pt-BR/data/reusables/actions/perform-blob-storage-precheck.md @@ -1 +1 @@ -1. Run the `ghe-actions-precheck` command to test your blob storage configuration. Para obter mais informações, consulte "[Utilitários de linha de comando](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-actions-precheck)". +1. Execute o comando `ghe-actions-precheck` para testar a sua configuração de armazenamento do blob. Para obter mais informações, consulte "[Utilitários de linha de comando](/admin/configuration/configuring-your-enterprise/command-line-utilities#ghe-actions-precheck)". diff --git a/translations/pt-BR/data/reusables/actions/private-repository-forks-overview.md b/translations/pt-BR/data/reusables/actions/private-repository-forks-overview.md index 41c69fec07..e49adc1642 100644 --- a/translations/pt-BR/data/reusables/actions/private-repository-forks-overview.md +++ b/translations/pt-BR/data/reusables/actions/private-repository-forks-overview.md @@ -1 +1 @@ -Se você depende do uso das bifurcações dos seus repositórios privados, você pode configurar políticas que controlam como os usuários podem executar fluxos de trabalho em eventos `pull_request`. Available to private {% ifversion ghec or ghes or ghae %}and internal{% endif %} repositories only, you can configure these policy settings for {% ifversion ghec %}enterprises, {% elsif ghes or ghae %}your enterprise, {% endif %}organizations, or repositories. +Se você depende do uso das bifurcações dos seus repositórios privados, você pode configurar políticas que controlam como os usuários podem executar fluxos de trabalho em eventos `pull_request`. Disponível apenas para {% ifversion ghec or ghes or ghae %}e repositórios internos de{% endif %}, você pode configurar essas configurações de política para {% ifversion ghec %}empresas, {% elsif ghes or ghae %}sua empresa, {% endif %}organizações ou repositórios. diff --git a/translations/pt-BR/data/reusables/actions/ref_name-description.md b/translations/pt-BR/data/reusables/actions/ref_name-description.md index 4a39dc1922..a57beeadee 100644 --- a/translations/pt-BR/data/reusables/actions/ref_name-description.md +++ b/translations/pt-BR/data/reusables/actions/ref_name-description.md @@ -1 +1 @@ -The branch or tag name that triggered the workflow run. +O nome da branch ou tag que acionou a execução do fluxo de trabalho. diff --git a/translations/pt-BR/data/reusables/actions/ref_protected-description.md b/translations/pt-BR/data/reusables/actions/ref_protected-description.md index 9975dc406a..04b9cfdbfa 100644 --- a/translations/pt-BR/data/reusables/actions/ref_protected-description.md +++ b/translations/pt-BR/data/reusables/actions/ref_protected-description.md @@ -1 +1 @@ -`true` if branch protections are configured for the ref that triggered the workflow run. +`verdadeiro` se as proteções dos branches estiverem configuradas para o ref, que acionou a execução do fluxo de trabalho. diff --git a/translations/pt-BR/data/reusables/actions/ref_type-description.md b/translations/pt-BR/data/reusables/actions/ref_type-description.md index 74888dee73..8ad52dfbc9 100644 --- a/translations/pt-BR/data/reusables/actions/ref_type-description.md +++ b/translations/pt-BR/data/reusables/actions/ref_type-description.md @@ -1 +1 @@ -The type of ref that triggered the workflow run. Valid values are `branch` or `tag`. +O tipo de ref que acionou a execução do fluxo de trabalho. Os valores válidos são `branch` ou `tag`. diff --git a/translations/pt-BR/data/reusables/actions/registry-credentials.md b/translations/pt-BR/data/reusables/actions/registry-credentials.md index 52c09696d7..ebeadd3b98 100644 --- a/translations/pt-BR/data/reusables/actions/registry-credentials.md +++ b/translations/pt-BR/data/reusables/actions/registry-credentials.md @@ -1 +1 @@ -If the image's container registry requires authentication to pull the image, you can use `jobs..container.credentials` to set a `map` of the `username` and `password`. As credenciais são os mesmos valores que você forneceria para o comando [`login do docker`](https://docs.docker.com/engine/reference/commandline/login/). +Se o registro de contêiner da imagem exigir autenticação para extrair a imagem, você pode usar as funções de `..container.credentials` para definir um `mapa` do `nome de usuário` e `senha`. As credenciais são os mesmos valores que você forneceria para o comando [`login do docker`](https://docs.docker.com/engine/reference/commandline/login/). diff --git a/translations/pt-BR/data/reusables/actions/restrict-runner-workflow-beta.md b/translations/pt-BR/data/reusables/actions/restrict-runner-workflow-beta.md index 77949eb08b..c81dc5a793 100644 --- a/translations/pt-BR/data/reusables/actions/restrict-runner-workflow-beta.md +++ b/translations/pt-BR/data/reusables/actions/restrict-runner-workflow-beta.md @@ -1,7 +1,7 @@ {% if restrict-groups-to-workflows %} {% note %} -**Note:** Configuring the workflows that can access a runner group is currently in beta and subject to change. +**Nota:** A configuração dos fluxos de trabalho que podem acessar um grupo de executores está atualmente na versão beta e sujeita a alterações. {% endnote %} {% endif %} diff --git a/translations/pt-BR/data/reusables/actions/reusable-workflow-calling-syntax.md b/translations/pt-BR/data/reusables/actions/reusable-workflow-calling-syntax.md index e842a2b090..dc5018fc5b 100644 --- a/translations/pt-BR/data/reusables/actions/reusable-workflow-calling-syntax.md +++ b/translations/pt-BR/data/reusables/actions/reusable-workflow-calling-syntax.md @@ -1,4 +1,4 @@ -* `{owner}/{repo}/{path}/{filename}@{ref}`{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6000 %} for reusable workflows in public {% ifversion ghes or ghec or ghae %}or internal{% endif %} repositories. -* `./{path}/{filename}` for reusable workflows in the same repository.{% endif %} +* `{owner}/{repo}/{path}/{filename}@{ref}`{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6000 %} para fluxos de trabalho nos repositórios públicos {% ifversion ghes or ghec or ghae %}or internos{% endif %}. +* `./{path}/{filename}` para fluxos de trabalho reutilizáveis no mesmo repositório.{% endif %} -`{ref}` pode ser um SHA, uma tag de de versão ou um nome de branch. Usar o commit SHA é o mais seguro para a estabilidade e segurança. Para obter mais informações, consulte "[Enrijecimento de segurança para o GitHub Actions](/actions/learn-github-actions/security-hardening-for-github-actions#reusing-third-party-workflows)". {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6000 %}If you use the second syntax option (without `{owner}/{repo}` and `@{ref}`) the called workflow is from the same commit as the caller workflow.{% endif %} +`{ref}` pode ser um SHA, uma tag de de versão ou um nome de branch. Usar o commit SHA é o mais seguro para a estabilidade e segurança. Para obter mais informações, consulte "[Enrijecimento de segurança para o GitHub Actions](/actions/learn-github-actions/security-hardening-for-github-actions#reusing-third-party-workflows)". {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6000 %}se você usar a segunda opção de sintaxe (sem `{owner}/{repo}` e `@{ref}`), o fluxo de trabalho chamado é do mesmo commit que o fluxo de trabalho de chamada.{% endif %} diff --git a/translations/pt-BR/data/reusables/actions/reusable-workflows-ghes-beta.md b/translations/pt-BR/data/reusables/actions/reusable-workflows-ghes-beta.md index 6fb3ef2e4f..ab0cad1bf7 100644 --- a/translations/pt-BR/data/reusables/actions/reusable-workflows-ghes-beta.md +++ b/translations/pt-BR/data/reusables/actions/reusable-workflows-ghes-beta.md @@ -2,7 +2,7 @@ {% note %} -**Note**: Reusable workflows are currently in beta and subject to change. +**Observação**: Os fluxos de trabalho reutilizáveis estão atualmente na versão beta e sujeitos a alterações. {% endnote %} diff --git a/translations/pt-BR/data/reusables/actions/reusable-workflows.md b/translations/pt-BR/data/reusables/actions/reusable-workflows.md index 958dad192c..d0bdd01da3 100644 --- a/translations/pt-BR/data/reusables/actions/reusable-workflows.md +++ b/translations/pt-BR/data/reusables/actions/reusable-workflows.md @@ -1,4 +1,4 @@ {% ifversion fpt or ghes > 3.3 or ghae-issue-4757 or ghec %} -{% ifversion ghes or ghec or ghae %}You can share workflows with your organization, publicly or privately, by calling{% else %} You can call{% endif %} one workflow from within another workflow. Isso permite a reutilização de fluxos de trabalho, evitando duplicação e tornando seus fluxos de trabalho mais fáceis de manter. Para obter mais informações, consulte "[Reutilizando fluxos de trabalho](/actions/learn-github-actions/reusing-workflows)". +{% ifversion ghes or ghec or ghae %}Você pode compartilhar fluxos de trabalho com sua organização, pública ou privadamente, chamando{% else %} Você pode chamar{% endif %} um fluxo de trabalho de dentro de outro fluxo de trabalho. Isso permite a reutilização de fluxos de trabalho, evitando duplicação e tornando seus fluxos de trabalho mais fáceis de manter. Para obter mais informações, consulte "[Reutilizando fluxos de trabalho](/actions/learn-github-actions/reusing-workflows)". {% endif %} diff --git a/translations/pt-BR/data/reusables/actions/run_id_description.md b/translations/pt-BR/data/reusables/actions/run_id_description.md index 0d222af4ae..179bb1229e 100644 --- a/translations/pt-BR/data/reusables/actions/run_id_description.md +++ b/translations/pt-BR/data/reusables/actions/run_id_description.md @@ -1 +1 @@ -A unique number for each workflow run within a repository. Este número não muda se você executar novamente o fluxo de trabalho. +Um número exclusivo para cada fluxo de trabalho executado em um repositório. Este número não muda se você executar novamente o fluxo de trabalho. diff --git a/translations/pt-BR/data/reusables/actions/runner-arch-description.md b/translations/pt-BR/data/reusables/actions/runner-arch-description.md index 60a9d02739..09c886d08b 100644 --- a/translations/pt-BR/data/reusables/actions/runner-arch-description.md +++ b/translations/pt-BR/data/reusables/actions/runner-arch-description.md @@ -1 +1 @@ -The architecture of the runner executing the job. Possible values are `X86`, `X64`, `ARM`, or `ARM64`. +A arquitetura do executor que está executando o trabalho. Os valores poss[iveis são `X86`, `X64`, `ARM` ou `ARM64`. diff --git a/translations/pt-BR/data/reusables/actions/runner-group-assign-policy-workflow.md b/translations/pt-BR/data/reusables/actions/runner-group-assign-policy-workflow.md index 27cb070783..557e545a8a 100644 --- a/translations/pt-BR/data/reusables/actions/runner-group-assign-policy-workflow.md +++ b/translations/pt-BR/data/reusables/actions/runner-group-assign-policy-workflow.md @@ -1,6 +1,6 @@ {%- if restrict-groups-to-workflows %} 1. Assign a policy for workflow access. - You can configure a runner group to be accessible to a specific list of workflows, or to all workflows. This setting can't be overridden if you are configuring an organization's runner group that was shared by an enterprise. If you specify what workflow can access the runner group, you must use the full path to the workflow, including the repository name and owner, and you must pin the workflow to a branch, tag, or full SHA. For example: `octo-org/octo-repo/.github/workflows/build.yml@v2, octo-org/octo-repo/.github/workflows/deploy.yml@d6dc6c96df4f32fa27b039f2084f576ed2c5c2a5, monalisa/octo-test/.github/workflows/test.yml@main`. + You can configure a runner group to be accessible to a specific list of workflows, or to all workflows. This setting can't be overridden if you are configuring an organization's runner group that was shared by an enterprise. If you specify what workflow can access the runner group, you must use the full path to the workflow, including the repository name and owner, and you must pin the workflow to a branch, tag, or full SHA. Por exemplo: `octo-org/octo-repo/.github/workflows/build.yml@v2, octo-org/octo-repo/.github/workflows/deploy.yml@d6dc6c96df4f32fa27b039f2084f576ed2c5c2a5, monalisa/octo-test/.github/workflows/test.yml@main`. Only jobs directly defined within the selected workflows will have access to the runner group.{%- endif %} diff --git a/translations/pt-BR/data/reusables/actions/runner-tool-cache-description.md b/translations/pt-BR/data/reusables/actions/runner-tool-cache-description.md index 956500fdcb..1afa28cebb 100644 --- a/translations/pt-BR/data/reusables/actions/runner-tool-cache-description.md +++ b/translations/pt-BR/data/reusables/actions/runner-tool-cache-description.md @@ -1 +1 @@ -O caminho para o diretório que contém ferramentas pré-instaladas para executores hospedados em {% data variables.product.prodname_dotcom %}. For more information, see "[About {% data variables.product.prodname_dotcom %}-hosted runners](/actions/reference/specifications-for-github-hosted-runners/#supported-software)". +O caminho para o diretório que contém ferramentas pré-instaladas para executores hospedados em {% data variables.product.prodname_dotcom %}. Para obter mais informações, consulte "[Sobre executores hospedados em {% data variables.product.prodname_dotcom %}](/actions/reference/specifications-for-github-hosted-runners/#supported-software)". diff --git a/translations/pt-BR/data/reusables/actions/self-hosted-runner-check-installation-success.md b/translations/pt-BR/data/reusables/actions/self-hosted-runner-check-installation-success.md index e8dafca686..3233cf5b48 100644 --- a/translations/pt-BR/data/reusables/actions/self-hosted-runner-check-installation-success.md +++ b/translations/pt-BR/data/reusables/actions/self-hosted-runner-check-installation-success.md @@ -1,8 +1,8 @@ ### Verificando se o seu executor auto-hospedado foi adicionado com sucesso -After completing the steps to add a self-hosted runner, the runner and its status are now listed under {% ifversion fpt or ghec %}"Runners"{% elsif ghae or ghes %}"Self-hosted runners"{% endif %}. +Depois de completar as etapas para adicionar um executor auto-hospedado, o executor e seu status serão listados em {% ifversion fpt or ghec %}"Runners"{% elsif ghae or ghes %}"Executores auto-hospedados"{% endif %}. -A aplicação dos executores auto-hospedados deve estar activa para que o executor aceite os trabalhos. When the runner application is connected to {% data variables.product.product_name %} and ready to receive jobs, you will see the following message on the machine's terminal. +A aplicação dos executores auto-hospedados deve estar activa para que o executor aceite os trabalhos. Quando o aplicativo do executor estiver conectado a {% data variables.product.product_name %} e pronto para receber trabalhos, você verá a seguinte mensagem no terminal da máquina. {% data reusables.actions.self-hosted-runner-connected-output %} diff --git a/translations/pt-BR/data/reusables/actions/self-hosted-runner-communications-for-ghae.md b/translations/pt-BR/data/reusables/actions/self-hosted-runner-communications-for-ghae.md deleted file mode 100644 index 48239a161e..0000000000 --- a/translations/pt-BR/data/reusables/actions/self-hosted-runner-communications-for-ghae.md +++ /dev/null @@ -1,7 +0,0 @@ -{% ifversion ghae %} - -You must ensure that the self-hosted runner has appropriate network access to communicate with your {% data variables.product.prodname_ghe_managed %} URL and its subdomains. Por exemplo, se o o nome da sua instância for `octoghae`, você deverá permitir que o executor auto-hospedado acesse `octoghae.githubenterprise.com`, `api.octoghae.githubenterprise.com` e `codeload.octoghae.githubenterprise.com`. - -If you use an IP address allow list for your organization or enterprise account on {% data variables.product.prodname_dotcom %}, you must add your self-hosted runner's IP address to the allow list. Para obter mais informações, consulte "[Gerenciar endereços IP permitidos para a sua organização](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)". - -{% endif %} diff --git a/translations/pt-BR/data/reusables/actions/self-hosted-runner-configure-runner-group-access.md b/translations/pt-BR/data/reusables/actions/self-hosted-runner-configure-runner-group-access.md index c84ca8a027..5c0b2a2e09 100644 --- a/translations/pt-BR/data/reusables/actions/self-hosted-runner-configure-runner-group-access.md +++ b/translations/pt-BR/data/reusables/actions/self-hosted-runner-configure-runner-group-access.md @@ -1,5 +1,5 @@ {% data reusables.actions.self-hosted-runner-configure-runner-group %} -1. Modify your policy options. +1. Modifique suas opções de política. {% ifversion not ghae %} {% warning %} diff --git a/translations/pt-BR/data/reusables/actions/self-hosted-runner-navigate-to-repo-org-enterprise.md b/translations/pt-BR/data/reusables/actions/self-hosted-runner-navigate-to-repo-org-enterprise.md index 450f4fd390..029c537cf1 100644 --- a/translations/pt-BR/data/reusables/actions/self-hosted-runner-navigate-to-repo-org-enterprise.md +++ b/translations/pt-BR/data/reusables/actions/self-hosted-runner-navigate-to-repo-org-enterprise.md @@ -1,5 +1,5 @@ {% ifversion fpt %} -1. Navigate to the main page of the organization or repository where your self-hosted runner group is registered. +1. Acesse a página principal da organização ou repositório onde o grupo de executor auto-hospedado está registrado. 2. Clique em {% octicon "gear" aria-label="The Settings gear" %} **Configurações**. 3. Na barra lateral esquerda, clique em **Actions** (Ações). 4. Click **Runners**. @@ -12,6 +12,6 @@ 2. Na barra lateral esquerda, clique em **Visão geral da empresa**. 3. In the enterprise sidebar, click {% octicon "law" aria-label="The law icon" %} **Policies**.{% endif %} 2. Navegue até as configurações {% data variables.product.prodname_actions %}: - * **In an organization or repository**: Click **Actions** in the left sidebar{% ifversion fpt or ghes > 3.1 or ghae or ghec %}, then click **Runners**{% endif %}.{% ifversion ghec or ghae or ghes %} - * {% ifversion ghec %}**If using an enterprise account**:{% elsif ghes or ghae %}**If using an enterprise-level runner**:{% endif %} Click **Actions** under "{% octicon "law" aria-label="The law icon" %} Policies"{% ifversion ghes > 3.1 or ghae or ghec %}, then click the **Runners** tab{% endif %}.{% endif %} + * **Em uma organização ou repositório**: Clique em **Ações** na barra lateral esquerda{% ifversion fpt or ghes > 3.1 or ghae or ghec %}, depois clique em **Executores**{% endif %}.{% ifversion ghec or ghae or ghes %} + * {% ifversion ghec %}**Se estiver usando uma conta corporativa**:{% elsif ghes or ghae %}**Se estiver usando um executor de nível empresarial**:{% endif %} Clique em **Ações** em "Políticas de {% octicon "law" aria-label="The law icon" %} "{% ifversion ghes > 3.1 or ghae or ghec %} e, em seguida, clique na aba **Executores**{% endif %}.{% endif %} {% endif %} diff --git a/translations/pt-BR/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md b/translations/pt-BR/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md new file mode 100644 index 0000000000..7c20610c66 --- /dev/null +++ b/translations/pt-BR/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md @@ -0,0 +1 @@ +Para usar ações de {% data variables.product.prodname_dotcom_the_website %},{% ifversion ghes %}, {% data variables.product.product_location %} e {% endif %} seus executores auto-hospedados devem poder fazer conexões de saída para {% data variables.product.prodname_dotcom_the_website %}. Nenhuma conexão de entrada de {% data variables.product.prodname_dotcom_the_website %} é necessária. For more information. Para obter mais informações, consulte "[Sobre executores auto-hospedados](/actions/hosting-your-own-runners/about-self-hosted-runners#communication-betweens-self-hosted-runners-and-githubcom)." \ No newline at end of file diff --git a/translations/pt-BR/data/reusables/actions/self-hosted-runner-ports-protocols.md b/translations/pt-BR/data/reusables/actions/self-hosted-runner-ports-protocols.md index 57f16b0906..e622d937db 100644 --- a/translations/pt-BR/data/reusables/actions/self-hosted-runner-ports-protocols.md +++ b/translations/pt-BR/data/reusables/actions/self-hosted-runner-ports-protocols.md @@ -1 +1,3 @@ -Self-hosted runners must be able to communicate with {% ifversion ghae %}your enterprise on {% data variables.product.product_name %}{% elsif fpt or ghec or ghes %}{% data variables.product.product_location %}{% endif %} over HTTP (port 80) and HTTPS (port 443). +{% ifversion ghes or ghae %} +A conexão entre runners auto-hospedados e {% data variables.product.product_name %} é por meio de {% ifversion ghes %}HTTP (porta 80) ou {% endif %}HTTPS (porta 443). {% ifversion ghes %}Para garantir conectividade por meio de HTTPS, configure TLS para {% data variables.product.product_location %}. Para obter mais informações, consulte "[Configurando TLS](/admin/configuration/configuring-network-settings/configuring-tls)".{% endif %} +{% endif %} diff --git a/translations/pt-BR/data/reusables/actions/workflows/section-run-on-specific-branches-or-tags.md b/translations/pt-BR/data/reusables/actions/workflows/section-run-on-specific-branches-or-tags.md index 6351bff0f3..a44447876f 100644 --- a/translations/pt-BR/data/reusables/actions/workflows/section-run-on-specific-branches-or-tags.md +++ b/translations/pt-BR/data/reusables/actions/workflows/section-run-on-specific-branches-or-tags.md @@ -1,11 +1,11 @@ Ao usar o evento `push`, você pode configurar um fluxo de trabalho para ser executado em branches ou tags específicos. -Use the `branches` filter when you want to include branch name patterns or when you want to both include and exclude branch names patterns. Use the `branches-ignore` filter when you only want to exclude branch name patterns. Você não pode usar ambos os filtros `branches` e `branches-ignore` para o mesmo evento em um fluxo de trabalho. +Use o filtro `branches` quando você deseja incluir padrões de nomes de branches ou quando você deseja incluir e excluir padrões de nomes de branches. Use o filtro `branches-ignore` quando você deseja excluir apenas padrões de nome de branches. Você não pode usar ambos os filtros `branches` e `branches-ignore` para o mesmo evento em um fluxo de trabalho. Use o filtro `tags` quando você deseja incluir padrões de nomes de tags ou quando você deseja incluir e excluir padrões de nomes de tags. Use o filtro `tags-ignore` quando você deseja excluir apenas padrões de nome de tag. Não é possível usar os filtros `tags` e `tags-ignore` para o mesmo evento em um fluxo de trabalho. -If you define only `tags`/`tags-ignore` or only `branches`/`branches-ignore`, the workflow won't run for events affecting the undefined Git ref. If you define neither `tags`/`tags-ignore` or `branches`/`branches-ignore`, the workflow will run for events affecting either branches or tags. If you define both `branches`/`branches-ignore` and [`paths`](#onpushpull_requestpull_request_targetpathspaths-ignore), the workflow will only run when both filters are satisfied. +Se você definir apenas `tags`/`tags-ignore` ou apenas `branches`/`branches-ignore`, o fluxo de trabalho não será executado para eventos que afetam o ref indefinido do Git. Se você não definir `tags`/`tags-ignore` ou `branches`/`branches-ignore`, o fluxo de trabalho será executado para eventos que afetam branches ou tags. Se você definir os `branches`/`branches-ignore` e [`caminhos`](#onpushpull_requestpull_request_targetpathspaths-ignore), o fluxo de trabalho só será executado quando ambos os filtros forem satisfeitos. As palavras-chave `branches`, `branches-ignore`, `tags`, and `tags-ignore` aceitam padrões do glob que usam caracteres como `*`, `**`, `+`, `?`, `!` e outros para corresponder a mais de um nome do branch ou tag. Se um nome contiver qualquer um desses caracteres e você quiser uma correspondência literal, você deverá *escapar* de cada um desses caracteres especiais com `\`. Para obter mais informações sobre padrões de glob, consulte a "[Folha de informações para filtrar padrões](/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet)". @@ -13,9 +13,9 @@ As palavras-chave `branches`, `branches-ignore`, `tags`, and `tags-ignore` aceit Os padrões definidos nos `branches` e `tags` são avaliados relativamente ao nome do Git ref. Por exemplo, o fluxo de trabalho seguinte seria executado sempre que houver um evento `push` para: -- A branch named `main` (`refs/heads/main`) -- A branch named `mona/octocat` (`refs/heads/mona/octocat`) -- A branch whose name starts with `releases/`, like `releases/10` (`refs/heads/releases/10`) +- Uma branch denominado `principal` (`refs/heads/main`) +- Uma branch denominado `mona/octocat` (`refs/heads/mona/octocat`) +- Um branch cujo nome começa com `releases/`, como `releases/10` (`refs/heads/releases/10`) - Uma tag denominada `v2` (`refs/tags/v2`) - Uma tag cujo nome começa com `v1.`, como `v1.9.1` (`refs/tags/v1.9.1`) @@ -37,8 +37,8 @@ on: Quando um padrão corresponde ao padrão de `branches-ignore` ou `tags-ignore` o fluxo de trabalho não será executado. Os padrões definidos nos `branches` e `tags` são avaliados relativamente ao nome do Git ref. Por exemplo, o fluxo de trabalho a seguir seria executado a cada evento de `push`, a menos que o evento `push` seja para: -- A branch named `mona/octocat` (`refs/heads/mona/octocat`) -- A branch whose name matches `releases/**-alpha`, like `beta/3-alpha` (`refs/releases/beta/3-alpha`) +- Uma branch denominado `mona/octocat` (`refs/heads/mona/octocat`) +- Uma branch cujo nome corresponde a `releases/**-alpha`, como `beta/3-alpha` (`refs/releases/beta/3-alpha`) - Uma tag denominada `v2` (`refs/tags/v2`) - Uma tag cujo nome começa com `v1.`, como `v1.9` (`refs/tags/v1.9`) @@ -59,7 +59,7 @@ on: Você não pode usar `branches` e `branches-ignore` para filtrar o mesmo evento em um único fluxo de trabalho. Da mesma forma, você não pode usar `tags` e `tags-ignore` para filtrar o mesmo evento em um único fluxo de trabalho. Se você deseja incluir e excluir padrões de branches ou tags para um único evento, use o filtro `branches` ou `tags` junto com o caractere `!` para indicar quais branches ou tags devem ser excluídos. -If you define a branch with the `!` character, you must also define at least one branch without the `!` character. If you only want to exclude branches, use `branches-ignore` instead. Da mesma forma, se você definir uma tag com o caractere `!`, você também deverá definir pelo menos uma tag sem o caractere `!`. Se você deseja apenas excluir tags, use `tags-ignore`. +Se você definir um branch com o caractere `!`, você deverá definir pelo menos um branch sem o caractere `!`. Se você deseja apenas excluir branches, use `branches-ignore`. Da mesma forma, se você definir uma tag com o caractere `!`, você também deverá definir pelo menos uma tag sem o caractere `!`. Se você deseja apenas excluir tags, use `tags-ignore`. A ordem de definição dos padrões é importante. diff --git a/translations/pt-BR/data/reusables/actions/workflows/section-triggering-a-workflow-branches.md b/translations/pt-BR/data/reusables/actions/workflows/section-triggering-a-workflow-branches.md index 00cdd60209..727932277d 100644 --- a/translations/pt-BR/data/reusables/actions/workflows/section-triggering-a-workflow-branches.md +++ b/translations/pt-BR/data/reusables/actions/workflows/section-triggering-a-workflow-branches.md @@ -1,18 +1,18 @@ -When using the `pull_request` and `pull_request_target` events, you can configure a workflow to run only for pull requests that target specific branches. +Ao usar os eventos de `pull_request` e `pull_request_target`, é possível configurar um fluxo de trabalho para que seja executado somente para pull requests que apontem para branches específicos. -Use the `branches` filter when you want to include branch name patterns or when you want to both include and exclude branch names patterns. Use the `branches-ignore` filter when you only want to exclude branch name patterns. Você não pode usar ambos os filtros `branches` e `branches-ignore` para o mesmo evento em um fluxo de trabalho. +Use o filtro `branches` quando você deseja incluir padrões de nomes de branches ou quando você deseja incluir e excluir padrões de nomes de branches. Use o filtro `branches-ignore` quando você deseja excluir apenas padrões de nome de branches. Você não pode usar ambos os filtros `branches` e `branches-ignore` para o mesmo evento em um fluxo de trabalho. -If you define both `branches`/`branches-ignore` and [`paths`](#onpushpull_requestpull_request_targetpathspaths-ignore), the workflow will only run when both filters are satisfied. +Se você definir os `branches`/`branches-ignore` e [`caminhos`](#onpushpull_requestpull_request_targetpathspaths-ignore), o fluxo de trabalho só será executado quando ambos os filtros forem satisfeitos. -The `branches` and `branches-ignore` keywords accept glob patterns that use characters like `*`, `**`, `+`, `?`, `!` and others to match more than one branch name. If a name contains any of these characters and you want a literal match, you need to escape each of these special characters with `\`. Para obter mais informações sobre padrões de glob, consulte a "[Folha de informações para filtrar padrões](/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet)". +As palavras-chave `branches` e `branches-ignore` aceitam padrões do glob que usam caracteres como `*`, `**`, `+`, `?`, `!` e outros para combinar com mais de um nome de branch. Se um nome contiver qualquer um desses caracteres e você quiser uma correspondência literal, você deverá escapar de cada um desses caracteres especiais com `\`. Para obter mais informações sobre padrões de glob, consulte a "[Folha de informações para filtrar padrões](/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet)". -#### Example: Including branches +#### Exemplo: Incluindo branches -The patterns defined in `branches` are evaluated against the Git ref's name. For example, the following workflow would run whenever there is a `pull_request` event for a pull request targeting: +Os padrões definidos em `branches` são avaliados com base no nome do ref do Git. Por exemplo, o fluxo de trabalho a seguir seria executado sempre que houvesse um evento `pull_request` para um direcionamento de pull request: -- A branch named `main` (`refs/heads/main`) -- A branch named `mona/octocat` (`refs/heads/mona/octocat`) -- A branch whose name starts with `releases/`, like `releases/10` (`refs/heads/releases/10`) +- Uma branch denominado `principal` (`refs/heads/main`) +- Uma branch denominado `mona/octocat` (`refs/heads/mona/octocat`) +- Um branch cujo nome começa com `releases/`, como `releases/10` (`refs/heads/releases/10`) ```yaml on: @@ -24,12 +24,12 @@ on: - 'releases/**' ``` -#### Example: Excluding branches +#### Exemplo: Excluir branches -When a pattern matches the `branches-ignore` pattern, the workflow will not run. The patterns defined in `branches` are evaluated against the Git ref's name. For example, the following workflow would run whenever there is a `pull_request` event unless the pull request is targeting: +Quando um padrão corresponde ao padrão `branches-ignore`, o fluxo de trabalho não será executado. Os padrões definidos em `branches` são avaliados com base no nome do ref do Git. Por exemplo, o fluxo de trabalho a seguir seria executado sempre que houver um evento `pull_request`, a menos que o pull request esteja apontando para: -- A branch named `mona/octocat` (`refs/heads/mona/octocat`) -- A branch whose name matches `releases/**-alpha`, like `beta/3-alpha` (`refs/releases/beta/3-alpha`) +- Uma branch denominado `mona/octocat` (`refs/heads/mona/octocat`) +- Uma branch cujo nome corresponde a `releases/**-alpha`, como `beta/3-alpha` (`refs/releases/beta/3-alpha`) ```yaml on: @@ -40,18 +40,18 @@ on: - 'releases/**-alpha' ``` -#### Example: Including and excluding branches +#### Exemplo: Incluindo e excluindo branches -You cannot use `branches` and `branches-ignore` to filter the same event in a single workflow. Se você deseja incluir e excluir padrões de branch para um único evento, use o filtro `branches` junto com o caractere `!` para indicar quais branches devem ser excluídos. +Você não pode usar `branches` e `branches-ignore` para filtrar o mesmo evento em um único fluxo de trabalho. Se você deseja incluir e excluir padrões de branch para um único evento, use o filtro `branches` junto com o caractere `!` para indicar quais branches devem ser excluídos. -If you define a branch with the `!` character, you must also define at least one branch without the `!` character. If you only want to exclude branches, use `branches-ignore` instead. +Se você definir um branch com o caractere `!`, você deverá definir pelo menos um branch sem o caractere `!`. Se você deseja apenas excluir branches, use `branches-ignore`. A ordem de definição dos padrões é importante. - Um padrão negativo (precedido por `!`) depois de uma correspondência positiva excluirá o Git ref. - Um padrão positivo correspondente após uma correspondência negativa incluirá a Git ref novamente. -The following workflow will run on `pull_request` events for pull requests that target `releases/10` or `releases/beta/mona`, but for pull requests that target `releases/10-alpha` or `releases/beta/3-alpha` because the negative pattern `!releases/**-alpha` follows the positive pattern. +O fluxo de trabalho a seguir será executado em eventos `pull_request` para pull requests que apontem para `releases/10` ou `releases/beta/mona`, mas para pull requests que apontma para `releases/10-alpha` ou `releases/beta/3-alpha` porque o padrão negativo `!releases/**-alpha` segue o padrão positivo. ```yaml on: diff --git a/translations/pt-BR/data/reusables/code-scanning/alert-default-branch.md b/translations/pt-BR/data/reusables/code-scanning/alert-default-branch.md new file mode 100644 index 0000000000..c6a6029e70 --- /dev/null +++ b/translations/pt-BR/data/reusables/code-scanning/alert-default-branch.md @@ -0,0 +1 @@ +The status and details on the alert page only reflect the state of the alert on the default branch of the repository, even if the alert exists in other branches. You can see the status of the alert on non-default branches in the **Affected branches** section on the right-hand side of the alert page. If an alert doesn't exist in the default branch, the status of the alert will display as "in pull request" or "in branch" and will be colored grey. \ No newline at end of file diff --git a/translations/pt-BR/data/reusables/code-scanning/beta.md b/translations/pt-BR/data/reusables/code-scanning/beta.md index 004594d702..f8dd643a8d 100644 --- a/translations/pt-BR/data/reusables/code-scanning/beta.md +++ b/translations/pt-BR/data/reusables/code-scanning/beta.md @@ -1,4 +1,8 @@ -{% ifversion ghae %} +{% ifversion ghae-issue-5752 %} + + + +{% elsif ghae %} {% note %} diff --git a/translations/pt-BR/data/reusables/code-scanning/filter-non-default-branches.md b/translations/pt-BR/data/reusables/code-scanning/filter-non-default-branches.md new file mode 100644 index 0000000000..4df28a76d5 --- /dev/null +++ b/translations/pt-BR/data/reusables/code-scanning/filter-non-default-branches.md @@ -0,0 +1 @@ +Please note that if you have filtered for alerts on a non-default branch, but the same alerts exist on the default branch, the alert page for any given alert will still only reflect the alert's status on the default branch, even if that status conflicts with the status on a non-default branch. For example, an alert that appears in the "Open" list in the summary of alerts for `branch-x` could show a status of "Fixed" on the alert page, if the alert is already fixed on the default branch. You can view the status of the alert for the branch you filtered on in the **Affected branches** section on the right side of the alert page. \ No newline at end of file diff --git a/translations/pt-BR/data/reusables/dependabot/private-dependencies-note.md b/translations/pt-BR/data/reusables/dependabot/private-dependencies-note.md index 6ab9fa7a4a..cacadee6b9 100644 --- a/translations/pt-BR/data/reusables/dependabot/private-dependencies-note.md +++ b/translations/pt-BR/data/reusables/dependabot/private-dependencies-note.md @@ -1 +1 @@ -Ao executar atualizações de segurança ou versão, alguns ecossistemas devem ser capazes de resolver todas as dependências de sua fonte para verificar se as atualizações foram bem-sucedidas. Se o seu manifesto ou arquivos de bloqueio contiverem dependências privadas, {% data variables.product.prodname_dependabot %} deverá ser capaz de acessar o local em que essas dependências estão hospedadas. Os proprietários da organização podem conceder a {% data variables.product.prodname_dependabot %} acesso a repositórios privados que contêm dependências para um projeto dentro da mesma organização. Para obter mais informações, consulte "[Gerenciar configurações de segurança e análise para sua organização](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)". É possível configurar o acesso a registros privados no arquivo de configuração de _dependabot.yml_ de um repositório. Para obter mais informações, consulte "[Opções de configuração para atualizações de dependências](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)". +Ao executar atualizações de segurança ou versão, alguns ecossistemas devem ser capazes de resolver todas as dependências de sua fonte para verificar se as atualizações foram bem-sucedidas. Se o seu manifesto ou arquivos de bloqueio contiverem dependências privadas, {% data variables.product.prodname_dependabot %} deverá ser capaz de acessar o local em que essas dependências estão hospedadas. Os proprietários da organização podem conceder a {% data variables.product.prodname_dependabot %} acesso a repositórios privados que contêm dependências para um projeto dentro da mesma organização. Para obter mais informações, consulte "[Gerenciar configurações de segurança e análise para sua organização](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)". É possível configurar o acesso a registros privados no arquivo de configuração de _dependabot.yml_ de um repositório. Para obter mais informações, consulte "[Opções de configuração para o arquivo dependabot.yml](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)". diff --git a/translations/pt-BR/data/reusables/dependabot/result-discrepancy.md b/translations/pt-BR/data/reusables/dependabot/result-discrepancy.md new file mode 100644 index 0000000000..fe37e0946d --- /dev/null +++ b/translations/pt-BR/data/reusables/dependabot/result-discrepancy.md @@ -0,0 +1 @@ +Os resultados da detecção de dependências relatados pelo {% data variables.product.product_name %} podem ser diferentes dos resultados retornados por outras ferramentas. Existem boas razões para isso e é útil entender como {% data variables.product.prodname_dotcom %} determina as dependências para o seu projeto. diff --git a/translations/pt-BR/data/reusables/enterprise/test-in-staging.md b/translations/pt-BR/data/reusables/enterprise/test-in-staging.md new file mode 100644 index 0000000000..79443b3d9f --- /dev/null +++ b/translations/pt-BR/data/reusables/enterprise/test-in-staging.md @@ -0,0 +1 @@ +{% data variables.product.company_short %} strongly recommends that you verify any new configuration for authentication in a staging environment. An incorrect configuration could result in downtime for {% data variables.product.product_location %}. Para obter mais informações, consulte "[Configurar instância de preparo](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)". diff --git a/translations/pt-BR/data/reusables/gated-features/dependency-review.md b/translations/pt-BR/data/reusables/gated-features/dependency-review.md index bd88b5b182..94713cb4dd 100644 --- a/translations/pt-BR/data/reusables/gated-features/dependency-review.md +++ b/translations/pt-BR/data/reusables/gated-features/dependency-review.md @@ -2,7 +2,7 @@ Dependency review is enabled on public repositories. Dependency review is also available in private repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. {%- elsif ghec %} -Dependency review is included in {% data variables.product.product_name %} for public repositories. To use dependency review in private repositories owned by organizations, you must have a license for {% data variables.product.prodname_GH_advanced_security %}. +Revisão de dependências está incluída em {% data variables.product.product_name %} para repositórios públicos. To use dependency review in private repositories owned by organizations, you must have a license for {% data variables.product.prodname_GH_advanced_security %}. {%- elsif ghes > 3.1 %} Dependency review is available for organization-owned repositories in {% data variables.product.product_name %}. This feature requires a license for {% data variables.product.prodname_GH_advanced_security %}. diff --git a/translations/pt-BR/data/reusables/repositories/github-reviews-security-advisories.md b/translations/pt-BR/data/reusables/repositories/github-reviews-security-advisories.md index 7f16a7761f..2d00ded619 100644 --- a/translations/pt-BR/data/reusables/repositories/github-reviews-security-advisories.md +++ b/translations/pt-BR/data/reusables/repositories/github-reviews-security-advisories.md @@ -1,3 +1,3 @@ {% data variables.product.prodname_dotcom %} irá revisar cada consultoria de segurança publicada, adicioná-la ao {% data variables.product.prodname_advisory_database %}, e poderá utilizar a consultoria de segurança para enviar {% data variables.product.prodname_dependabot_alerts %} aos repositórios afetados. Se a consultoria de segurança vier de uma bifurcação, só enviaremos um alerta se a bifurcação possuir um pacote, publicado com um nome único, em um registro de pacote público. Este processo pode levar até 72 horas e {% data variables.product.prodname_dotcom %} pode entrar em contato com você para obter mais informações. -Para obter mais informações sobre {% data variables.product.prodname_dependabot_alerts %}, consulte "[Sobre alertas para dependências vulneráveis](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)" e "[Sobre {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-dependabot-security-updates)". Para obter mais informações sobre {% data variables.product.prodname_advisory_database %}, consulte "[Procurar vulnerabilidades de segurança no {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database). +For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-dependabot-security-updates)." Para obter mais informações sobre {% data variables.product.prodname_advisory_database %}, consulte "[Procurar vulnerabilidades de segurança no {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database). diff --git a/translations/pt-BR/data/reusables/repositories/security-alert-delivery-options.md b/translations/pt-BR/data/reusables/repositories/security-alert-delivery-options.md index 47cb923aa0..10cf02b7b8 100644 --- a/translations/pt-BR/data/reusables/repositories/security-alert-delivery-options.md +++ b/translations/pt-BR/data/reusables/repositories/security-alert-delivery-options.md @@ -1,4 +1,4 @@ {% ifversion not ghae %} Se o seu repositório tem um manifesto de dependência compatível -{% ifversion fpt or ghec %} (e se você configurou o gráfico de dependências se for um repositório privado){% endif %}, sempre que {% data variables.product.product_name %} detectar uma dependência vulnerável no repositório, você receberá um e-mail com o resumo semanal. Você também pode configurar os seus alertas de segurança como notificações web, notificações individuais de e-mail, resumo de e-mail diários ou alertas na interface de {% data variables.product.product_name %}. Para obter mais informações, consulte "[Sobre alertas para dependências vulneráveis](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" +{% ifversion fpt or ghec %} (e se você configurou o gráfico de dependências se for um repositório privado){% endif %}, sempre que {% data variables.product.product_name %} detectar uma dependência vulnerável no repositório, você receberá um e-mail com o resumo semanal. Você também pode configurar os seus alertas de segurança como notificações web, notificações individuais de e-mail, resumo de e-mail diários ou alertas na interface de {% data variables.product.product_name %}. Para obter mais informações, consulte "[Sobre {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)". {% endif %} diff --git a/translations/pt-BR/data/reusables/rest-reference/actions/cache.md b/translations/pt-BR/data/reusables/rest-reference/actions/cache.md new file mode 100644 index 0000000000..e0934bead7 --- /dev/null +++ b/translations/pt-BR/data/reusables/rest-reference/actions/cache.md @@ -0,0 +1,3 @@ +## Cache + +The cache API allows you to query and manage the {% data variables.product.prodname_actions %} cache for repositories. Para obter mais informações, consulte "[Memorizar dependências para acelerar fluxos de trabalho](/actions/advanced-guides/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy)". \ No newline at end of file diff --git a/translations/pt-BR/data/reusables/rest-reference/deployments/keys.md b/translations/pt-BR/data/reusables/rest-reference/deploy_keys/deploy_keys.md similarity index 91% rename from translations/pt-BR/data/reusables/rest-reference/deployments/keys.md rename to translations/pt-BR/data/reusables/rest-reference/deploy_keys/deploy_keys.md index 0fdc320773..c2ae00dc51 100644 --- a/translations/pt-BR/data/reusables/rest-reference/deployments/keys.md +++ b/translations/pt-BR/data/reusables/rest-reference/deploy_keys/deploy_keys.md @@ -1,5 +1,3 @@ -## Chaves de implantação - {% data reusables.repositories.deploy-keys %} Chaves de implantação podem ser configuradas usando os seguintes pontos de extremidades da API ou usando o GitHub. Para saber como configurar as chaves de implantação no GitHub, consulte "[Gerenciar chaves de implantação](/developers/overview/managing-deploy-keys)". \ No newline at end of file diff --git a/translations/pt-BR/data/reusables/rest-reference/packages/packages.md b/translations/pt-BR/data/reusables/rest-reference/packages/packages.md index e35aa68550..25753d0f21 100644 --- a/translations/pt-BR/data/reusables/rest-reference/packages/packages.md +++ b/translations/pt-BR/data/reusables/rest-reference/packages/packages.md @@ -1,4 +1,4 @@ -A API de {% data variables.product.prodname_registry %} permite gerenciar pacotes usando a API REST. Para saber mais sobre como restaurar ou excluir pacotes, consulte "[Restaurar e excluir pacotes](/packages/learn-github-packages/deleting-and-restoring-a-package)"". +The {% data variables.product.prodname_registry %} API enables you to manage packages using the REST API.{% ifversion fpt or ghec or ghes > 3.1 or ghae %} To learn more about restoring or deleting packages, see "[Restoring and deleting packages](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} Para usar essa API, você deve efetuar a autenticação usando um token de acesso pessoal. - Para acessar os metadados do pacote, seu token deve incluir o escopo `read:packages`. diff --git a/translations/pt-BR/data/reusables/secret-scanning/beta.md b/translations/pt-BR/data/reusables/secret-scanning/beta.md index bdb7348272..3d3c9fd759 100644 --- a/translations/pt-BR/data/reusables/secret-scanning/beta.md +++ b/translations/pt-BR/data/reusables/secret-scanning/beta.md @@ -1,4 +1,9 @@ -{% ifversion ghae %} +{% ifversion ghae-issue-5752 %} + + + +{% elsif ghae %} + {% note %} **Observação:** {% data variables.product.prodname_secret_scanning_caps %} para repositórios pertencentes à organização, está atualmente na versão beta e sujeita a alterações. diff --git a/translations/pt-BR/data/reusables/secret-scanning/fpt-GHAS-scans.md b/translations/pt-BR/data/reusables/secret-scanning/fpt-GHAS-scans.md new file mode 100644 index 0000000000..fa91dd861f --- /dev/null +++ b/translations/pt-BR/data/reusables/secret-scanning/fpt-GHAS-scans.md @@ -0,0 +1 @@ +**Observação:** As organizações que usam{% data variables.product.prodname_ghe_cloud %} com {% data variables.product.prodname_GH_advanced_security %} também podem habilitar {% data variables.product.prodname_secret_scanning_GHAS %} em qualquer repositório que possuam, incluindo repositórios privados. Para obter mais informações, consulte a [documentação de {% data variables.product.prodname_ghe_cloud %}](/enterprise-cloud@latest/code-security/secret-security/about-secret-scanning#about-secret-scanning-for-advanced-security). diff --git a/translations/pt-BR/data/reusables/secret-scanning/partner-secret-list-public-repo.md b/translations/pt-BR/data/reusables/secret-scanning/partner-secret-list-public-repo.md index 34b598c265..bd8a8ce498 100644 --- a/translations/pt-BR/data/reusables/secret-scanning/partner-secret-list-public-repo.md +++ b/translations/pt-BR/data/reusables/secret-scanning/partner-secret-list-public-repo.md @@ -58,6 +58,7 @@ | Meta | Facebook Access Token | | npm | Token de acesso de npm | | NuGet | Chave de API de NuGet | +| Octopus Deploy | Octopus Deploy API Key | | OpenAI | OpenAI API Key | | Palantir | Token web de JSON de Palantir | | PlanetScale | PlanetScale Database Password | diff --git a/translations/pt-BR/data/reusables/ssh/key-type-support.md b/translations/pt-BR/data/reusables/ssh/key-type-support.md index 4d8f1bf494..7bfdf23c4b 100644 --- a/translations/pt-BR/data/reusables/ssh/key-type-support.md +++ b/translations/pt-BR/data/reusables/ssh/key-type-support.md @@ -1,8 +1,8 @@ {% note %} -**Note:** {% data variables.product.company_short %} is improving security by dropping older, insecure key types. +**Note:** {% data variables.product.company_short %} improved security by dropping older, insecure key types on March 15, 2022. -DSA keys (`ssh-dss`) are no longer supported. Existing keys will continue to function through March 15, 2022. You cannot add new DSA keys to your user account on {% data variables.product.product_location %}. +As of that date, DSA keys (`ssh-dss`) are no longer supported. You cannot add new DSA keys to your user account on {% data variables.product.product_location %}. RSA keys (`ssh-rsa`) with a `valid_after` before November 2, 2021 may continue to use any signature algorithm. RSA keys generated after that date must use a SHA-2 signature algorithm. Some older clients may need to be upgraded in order to use SHA-2 signatures. diff --git a/translations/pt-BR/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md b/translations/pt-BR/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md index ed778669b8..f125d87259 100644 --- a/translations/pt-BR/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md +++ b/translations/pt-BR/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md @@ -1 +1 @@ -Atividade relacionada a alertas de vulnerabilidade de segurança em um repositório. {% data reusables.webhooks.action_type_desc %} For more information, see the "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)". +Atividade relacionada a alertas de vulnerabilidade de segurança em um repositório. {% data reusables.webhooks.action_type_desc %} For more information, see the "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)". diff --git a/translations/pt-BR/data/ui.yml b/translations/pt-BR/data/ui.yml index c814364600..2779006e86 100644 --- a/translations/pt-BR/data/ui.yml +++ b/translations/pt-BR/data/ui.yml @@ -103,6 +103,8 @@ products: notes: Observações parameters: Parâmetros response: Resposta + error_codes: Error Codes + http_status_code: HTTP Status Code code_sample: Amostra de código code_samples: Amostras de código preview_notice: Aviso de pré-visualização diff --git a/translations/pt-BR/data/variables/release_candidate.yml b/translations/pt-BR/data/variables/release_candidate.yml index 08448113ee..ec65ef6f94 100644 --- a/translations/pt-BR/data/variables/release_candidate.yml +++ b/translations/pt-BR/data/variables/release_candidate.yml @@ -1,2 +1,2 @@ --- -version: enterprise-server@3.4 +version: '' diff --git a/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md b/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md index 286b7b089f..066ef4eb97 100644 --- a/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md +++ b/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md @@ -134,7 +134,7 @@ Email notifications from {% data variables.product.product_location %} contain t | `To` field | This field connects directly to the thread.{% ifversion not ghae %} If you reply to the email, you'll add a new comment to the conversation.{% endif %} | | `Cc` address | {% data variables.product.product_name %} will `Cc` you if you're subscribed to a conversation. The second `Cc` email address matches the notification reason. The suffix for these notification reasons is {% data variables.notifications.cc_address %}. The possible notification reasons are:
  • `assign`: You were assigned to an issue or pull request.
  • `author`: You created an issue or pull request.
  • `ci_activity`: A {% data variables.product.prodname_actions %} workflow run that you triggered was completed.
  • `comment`: You commented on an issue or pull request.
  • `manual`: There was an update to an issue or pull request you manually subscribed to.
  • `mention`: You were mentioned on an issue or pull request.
  • `push`: Someone committed to a pull request you're subscribed to.
  • `review_requested`: You or a team you're a member of was requested to review a pull request.
    • {% ifversion fpt or ghes or ghae-issue-4864 or ghec %}
  • `security_alert`: {% data variables.product.prodname_dotcom %} detected a vulnerability in a repository you receive alerts for.
    • {% endif %}
  • `state_change`: An issue or pull request you're subscribed to was either closed or opened.
  • `subscribed`: There was an update in a repository you're watching.
  • `team_mention`: A team you belong to was mentioned on an issue or pull request.
  • `your_activity`: You opened, commented on, or closed an issue or pull request.
| | `mailing list` field | This field identifies the name of the repository and its owner. The format of this address is always `..{% data variables.command_line.backticks %}`. |{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} -| `X-GitHub-Severity` field | {% data reusables.repositories.security-alerts-x-github-severity %} The possible severity levels are:
  • `low`
  • `moderate`
  • `high`
  • `critical`
For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." |{% endif %} +| `X-GitHub-Severity` field | {% data reusables.repositories.security-alerts-x-github-severity %} The possible severity levels are:
  • `low`
  • `moderate`
  • `high`
  • `critical`
For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." |{% endif %} ## Choosing your notification settings diff --git a/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md b/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md index f3324c4381..0ed1b08711 100644 --- a/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md +++ b/translations/zh-CN/content/account-and-profile/managing-subscriptions-and-notifications-on-github/viewing-and-triaging-notifications/managing-notifications-from-your-inbox.md @@ -174,7 +174,7 @@ shortTitle: 从收件箱管理 - `reason:security_alert`,显示 {% data variables.product.prodname_dependabot_alerts %} 的通知和安全更新拉取请求。 - `author:app/dependabot`,显示 {% data variables.product.prodname_dependabot %} 生成的通知。 这包括 {% data variables.product.prodname_dependabot_alerts %}、安全更新拉取请求和版本更新拉取请求。 -有关 {% data variables.product.prodname_dependabot %} 的更多信息,请参阅“[关于管理有漏洞的依赖项](/github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies)”。 +有关 {% data variables.product.prodname_dependabot %} 的更多信息,请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)”。 {% endif %} {% ifversion ghes < 3.3 or ghae-issue-4864 %} @@ -183,7 +183,7 @@ shortTitle: 从收件箱管理 - `is:repository_vulnerability_alert` - `reason:security_alert` -有关 {% data variables.product.prodname_dependabot %} 的更多信息,请参阅“[关于有漏洞依赖项的警报](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 +有关 {% data variables.product.prodname_dependabot %} 的更多信息,请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 {% endif %} {% endif %} diff --git a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md index 5d837f51da..6ca63900e4 100644 --- a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md +++ b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account.md @@ -50,5 +50,5 @@ shortTitle: 管理安全和分析 ## 延伸阅读 - “[关于依赖关系图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)” -- "[管理项目依赖项中的漏洞](/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies)" +- "[关于 {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" - "[自动更新依赖项](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically)" diff --git a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-your-tab-size-rendering-preference.md b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-your-tab-size-rendering-preference.md index 6b5dae9360..4e38324651 100644 --- a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-your-tab-size-rendering-preference.md +++ b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-your-tab-size-rendering-preference.md @@ -1,6 +1,6 @@ --- -title: Managing your tab size rendering preference -intro: You can manage the number of spaces a tab is equal to for your user account. +title: 管理选项卡大小呈现首选项 +intro: 您可以管理选项卡占用户帐户多少空间。 versions: fpt: '*' ghae: issue-5083 @@ -8,11 +8,11 @@ versions: ghec: '*' topics: - Accounts -shortTitle: Managing your tab size +shortTitle: 管理选项卡大小 --- -If you feel that tabbed indentation in code rendered on {% data variables.product.product_name %} takes up too much, or too little space, you can change this in your settings. +如果您觉得在 {% data variables.product.product_name %} 上呈现的选项卡式代码缩进占用了太多或太少的空间,可以在设置中更改。 {% data reusables.user-settings.access_settings %} -1. In the left sidebar, click **{% octicon "paintbrush" aria-label="The paintbrush icon" %} Appearance**. -2. Under "Tab size preference", select the drop-down menu and choose your preference. ![Tab size preference button](/assets/images/help/settings/tab-size-preference.png) +1. 在左侧边栏中,单击 **{% octicon "paintbrush" aria-label="The paintbrush icon" %} 外观**。 +2. 在“Tab size preference(选项卡大小首选项)”下,选择下拉菜单,然后选择您的首选项。 ![选项卡大小首选项按钮](/assets/images/help/settings/tab-size-preference.png) diff --git a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md index 2aab6abb35..d6b0243b88 100644 --- a/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md +++ b/translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository.md @@ -49,7 +49,7 @@ shortTitle: 权限用户仓库 | 自定义仓库的社交媒体预览 | "[自定义仓库的社交媒体预览](/github/administering-a-repository/customizing-your-repositorys-social-media-preview)" | | 从仓库创建模板 | "[创建模板仓库](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)" |{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} | 控制对易受攻击依赖项的 {% data variables.product.prodname_dependabot_alerts %} 访问 | "[管理仓库的安全和分析设置](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)" |{% endif %}{% ifversion fpt or ghec %} -| 忽略仓库中的 {% data variables.product.prodname_dependabot_alerts %} | "[查看和更新仓库中的漏洞依赖项](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" | +| 忽略仓库中的 {% data variables.product.prodname_dependabot_alerts %} | "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" | | 管理私有仓库的数据使用 | “[管理私有仓库的数据使用设置](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)” {% endif %} | 定义仓库的代码所有者 | "[关于代码所有者](/github/creating-cloning-and-archiving-repositories/about-code-owners)" | diff --git a/translations/zh-CN/content/actions/automating-builds-and-tests/building-and-testing-nodejs-or-python.md b/translations/zh-CN/content/actions/automating-builds-and-tests/building-and-testing-nodejs-or-python.md index 345025427d..f2e2f5924c 100644 --- a/translations/zh-CN/content/actions/automating-builds-and-tests/building-and-testing-nodejs-or-python.md +++ b/translations/zh-CN/content/actions/automating-builds-and-tests/building-and-testing-nodejs-or-python.md @@ -1,7 +1,7 @@ --- title: 构建并测试 Node.js 或 Python -shortTitle: Build & test Node.js or Python -intro: You can create a continuous integration (CI) workflow to build and test your project. Use the language selector to show examples for your language of choice. +shortTitle: 构建和测试 Node.js 或 Python +intro: 您可以创建持续集成 (CI) 工作流程来构建和测试您的项目。 使用语言选择器显示所选语言的示例。 redirect_from: - /actions/guides/building-and-testing-nodejs-or-python versions: diff --git a/translations/zh-CN/content/actions/automating-builds-and-tests/building-and-testing-ruby.md b/translations/zh-CN/content/actions/automating-builds-and-tests/building-and-testing-ruby.md index 29b2241ea9..0465fa4aa9 100644 --- a/translations/zh-CN/content/actions/automating-builds-and-tests/building-and-testing-ruby.md +++ b/translations/zh-CN/content/actions/automating-builds-and-tests/building-and-testing-ruby.md @@ -65,7 +65,7 @@ jobs: ## 指定 Ruby 版本 -指定 Ruby 版本的最简单方法是使用 Ruby 组织在 GitHub 上提供的 `ruby/setup-ruby` 操作。 该操作将任何受支持的 Ruby 版本添加到工作流程中运行的每个作业的 `PATH`。 For more information and available Ruby versions, see [`ruby/setup-ruby`](https://github.com/ruby/setup-ruby). +指定 Ruby 版本的最简单方法是使用 Ruby 组织在 GitHub 上提供的 `ruby/setup-ruby` 操作。 该操作将任何受支持的 Ruby 版本添加到工作流程中运行的每个作业的 `PATH`。 有关详细信息和可用的 Ruby 版本,请参阅 [`ruby/setup-ruby`](https://github.com/ruby/setup-ruby)。 使用 Ruby 的 `ruby/setup-ruby` 操作是 Python 与 GitHub Actions 结合使用时的推荐方式,因为它能确保不同运行器和不同版本的 Ruby 行为一致。 diff --git a/translations/zh-CN/content/actions/creating-actions/developing-a-third-party-cli-action.md b/translations/zh-CN/content/actions/creating-actions/developing-a-third-party-cli-action.md index f3e2a42907..a76178680f 100644 --- a/translations/zh-CN/content/actions/creating-actions/developing-a-third-party-cli-action.md +++ b/translations/zh-CN/content/actions/creating-actions/developing-a-third-party-cli-action.md @@ -1,7 +1,7 @@ --- -title: Developing a third party CLI action -shortTitle: CLI setup action -intro: 'Learn how to develop an action to set up a CLI on {% data variables.product.prodname_actions %} runners.' +title: 开发第三方 CLI 操作 +shortTitle: CLI 设置操作 +intro: '了解如何开发操作以在 {% data variables.product.prodname_actions %} 运行器上设置 CLI。' redirect_from: [] versions: fpt: '*' @@ -13,27 +13,27 @@ topics: ## 简介 -You can write an action to provide a way for users to access your servers via a configured CLI environment on {% data variables.product.prodname_actions %} runners. +您可以编写操作,为用户提供一种通过 {% data variables.product.prodname_actions %} 运行器上配置的 CLI 环境访问服务器的方法。 -Your action should: +您的操作应: -- Make it simple for users to specify the version of the CLI to install -- Support multiple operating systems -- Run in an efficient fashion to minimize run-time and associated costs -- Work across {% data variables.product.product_name %}-hosted and self-hosted runners -- Leverage community tooling when possible +- 使用户能够轻松指定要安装的 CLI 版本 +- 支持多种操作系统 +- 以高效的方式运行,以最大限度地减少运行时间和相关成本 +- 跨 {% data variables.product.product_name %} 托管和自托管运行器工作 +- 尽可能利用社区工具 -This article will demonstrate how to write an action that retrieves a specific version of your CLI, installs it, adds it to the path, and (optionally) caches it. This type of action (an action that sets up a tool) is often named `setup-$TOOL`. +本文将演示如何编写一个操作来检索特定版本的 CLI、安装它、将其添加到路径以及(可选)缓存它。 这种类型的操作(设置工具的操作)通常命名为 `setup-$TOOL`。 ## 基本要求 -You should have an understanding of how to write a custom action. For more information, see "[About custom actions](/actions/creating-actions/about-custom-actions)". For a more detailed guide on how to write a custom action, see "[Creating a JavaScript action](/actions/creating-actions/creating-a-javascript-action)." +您应该了解如何编写自定义操作。 更多信息请参阅“[关于自定义操作](/actions/creating-actions/about-custom-actions)”。 有关如何编写自定义操作的更详细指南,请参阅“[创建 JavaScript 操作](/actions/creating-actions/creating-a-javascript-action)”。 ## 示例 -The following script demonstrates how you can get a user-specified version as input, download and extract the specific version of your CLI, then add the CLI to the path. +以下脚本演示如何获取用户指定的版本作为输入,下载并提取 CLI 的特定版本,然后将 CLI 添加到路径中。 -{% data variables.product.prodname_dotcom %} provides [`actions/toolkit`](https://github.com/actions/toolkit), which is a set of packages that helps you create actions. This example uses the [`actions/core`](https://github.com/actions/toolkit/tree/main/packages/core) and [`actions/tool-cache`](https://github.com/actions/toolkit/tree/main/packages/tool-cache) packages. +{% data variables.product.prodname_dotcom %} 提供了 [`actions/toolkit`](https://github.com/actions/toolkit),这是一组可帮助您创建操作的包。 此示例使用 [`actions/core`](https://github.com/actions/toolkit/tree/main/packages/core) 和 [`actions/tool-cache`](https://github.com/actions/toolkit/tree/main/packages/tool-cache) 包。 {% raw %} ```javascript{:copy} @@ -58,13 +58,13 @@ module.exports = setup ``` {% endraw %} -To use this script, replace `getDownloadURL` with a function that downloads your CLI. You will also need to create an actions metadata file (`action.yml`) that accepts a `version` input and that runs this script. For full details about how to create an action, see "[Creating a JavaScript action](/actions/creating-actions/creating-a-javascript-action)." +要使用此脚本,请将 `getDownloadURL` 替换为下载 CLI 的函数。 您还需要创建接受 `version` 输入并运行此脚本的操作元数据文件 (`action.yml`)。 有关如何创建操作的完整详细信息,请参阅“[创建 JavaScript 操作](/actions/creating-actions/creating-a-javascript-action)”。 -For a full example of how to set up this action, see [example-setup-gh](https://github.com/github-developer/example-setup-gh). +有关如何设置此操作的完整示例,请参阅 [example-setup-gh](https://github.com/github-developer/example-setup-gh)。 ## 延伸阅读 -This pattern is employed in several actions. For more examples, see: +此模式用于多个操作。 有关更多示例,请参阅: * [`ruby/setup-ruby`](https://github.com/ruby/setup-ruby) * [`google-github-actions/setup-gcloud`](https://github.com/google-github-actions/setup-gcloud) diff --git a/translations/zh-CN/content/actions/creating-actions/releasing-and-maintaining-actions.md b/translations/zh-CN/content/actions/creating-actions/releasing-and-maintaining-actions.md index 835ef553ff..e50b3ad25c 100644 --- a/translations/zh-CN/content/actions/creating-actions/releasing-and-maintaining-actions.md +++ b/translations/zh-CN/content/actions/creating-actions/releasing-and-maintaining-actions.md @@ -1,7 +1,7 @@ --- -title: Releasing and maintaining actions -shortTitle: Releasing and maintaining actions -intro: You can leverage automation and open source best practices to release and maintain actions. +title: 发布和维护操作 +shortTitle: 发布和维护操作 +intro: 您可以利用自动化和开源最佳实践来发布和维护操作。 type: tutorial topics: - Action development @@ -19,77 +19,77 @@ versions: ## 简介 -After you create an action, you'll want to continue releasing new features while working with community contributions. This tutorial describes an example process you can follow to release and maintain actions in open source. The example: +创建操作后,您需要继续发布新功能,同时处理社区贡献。 本教程介绍了一个示例过程,您可以遵循该过程在开源中发布和维护操作。 示例: -* Leverages {% data variables.product.prodname_actions %} for continuous integration, dependency updates, release management, and task automation. -* Provides confidence through automated tests and build badges. -* Indicates how the action can be used, ideally as part of a broader workflow. -* Signal what type of community contributions you welcome. (For example, issues, pull requests, or vulnerability reports.) +* 利用 {% data variables.product.prodname_actions %} 实现持续集成、依赖项更新、版本管理和任务自动化。 +* 通过自动化测试和构建徽章提供信心。 +* 指示如何使用操作,理想情况下,作为更广泛的工作流程的一部分。 +* 表明您欢迎哪种类型的社区贡献。 (例如,议题、拉取请求或漏洞报告。) -For an applied example of this process, see [github-developer/javascript-action](https://github.com/github-developer/javascript-action). +有关此过程的应用示例,请参阅 [github-developer/javascript-action](https://github.com/github-developer/javascript-action)。 -## Developing and releasing actions +## 开发和发布操作 -In this section, we discuss an example process for developing and releasing actions and show how to use {% data variables.product.prodname_actions %} to automate the process. +在本节中,我们将讨论开发和发布操作的示例流程,并演示如何使用 {% data variables.product.prodname_actions %} 自动执行该过程。 -### About JavaScript actions +### 关于 JavaScript 操作 -JavaScript actions are Node.js repositories with metadata. However, JavaScript actions have additional properties compared to traditional Node.js projects: +JavaScript 操作是具有元数据的 Node.js 存储库。 但是,与传统的 Node.js 项目相比,JavaScript 操作具有其他属性: -* Dependent packages are committed alongside the code, typically in a compiled and minified form. This means that automated builds and secure community contributions are important. +* Dependent 包与代码一起提交,通常采用编译和缩小的形式。 这意味着自动化构建和安全的社区贡献非常重要。 {% ifversion fpt or ghec %} -* Tagged releases can be published directly to {% data variables.product.prodname_marketplace %} and consumed by workflows across {% data variables.product.prodname_dotcom %}. +* 标记的版本可以直接发布到 {% data variables.product.prodname_marketplace %} ,并由跨 {% data variables.product.prodname_dotcom %} 工作流程使用。 {% endif %} -* Many actions make use of {% data variables.product.prodname_dotcom %}'s APIs and third party APIs, so we encourage robust end-to-end testing. +* 许多操作都使用 {% data variables.product.prodname_dotcom %} 的 API 和第三方 API,因此我们鼓励进行强大的端到端测试。 -### Setting up {% data variables.product.prodname_actions %} workflows +### 设置 {% data variables.product.prodname_actions %} 工作流程 -To support the developer process in the next section, add two {% data variables.product.prodname_actions %} workflows to your repository: +要在下一节中支持开发人员流程,请将两个 {% data variables.product.prodname_actions %} 工作流程添加到存储库中: -1. Add a workflow that triggers when a commit is pushed to a feature branch or to `main` or when a pull request is created. Configure the workflow to run your unit and integration tests. For an example, see [this workflow](https://github.com/github-developer/javascript-action/blob/963a3b9a9c662fd499419a240ed8c49411ff5add/.github/workflows/test.yml). -2. Add a workflow that triggers when a release is published or edited. Configure the workflow to ensure semantic tags are in place. You can use an action like [JasonEtco/build-and-tag-action](https://github.com/JasonEtco/build-and-tag-action) to compile and bundle the JavaScript and metadata file and force push semantic major, minor, and patch tags. For an example, see [this workflow](https://github.com/github-developer/javascript-action/blob/963a3b9a9c662fd499419a240ed8c49411ff5add/.github/workflows/publish.yml). For more information about semantic tags, see "[About semantic versioning](https://docs.npmjs.com/about-semantic-versioning)." +1. 添加在将提交推送到功能分支或 `main` 分支或者创建拉取请求时触发的工作流程。 配置工作流程以运行单元和集成测试。 有关示例,请参阅[此工作流程](https://github.com/github-developer/javascript-action/blob/963a3b9a9c662fd499419a240ed8c49411ff5add/.github/workflows/test.yml)。 +2. 添加在发布或编辑发布时触发的工作流程。 配置工作流程以确保语义标记已就位。 您可以使用像 [JasonEtco/build-and-tag-action](https://github.com/JasonEtco/build-and-tag-action) 这样的操作来编译和捆绑 JavaScript 和元数据文件,并强制推送语义主要、次要和补丁标记。 有关示例,请参阅[此工作流程](https://github.com/github-developer/javascript-action/blob/963a3b9a9c662fd499419a240ed8c49411ff5add/.github/workflows/publish.yml)。 有关语义标记的详细信息,请参阅“[关于语义版本控制](https://docs.npmjs.com/about-semantic-versioning)”。 -### Example developer process +### 示例开发者流程 -Here is an example process that you can follow to automatically run tests, create a release{% ifversion fpt or ghec%} and publish to {% data variables.product.prodname_marketplace %}{% endif %}, and publish your action. +下面是一个示例过程,您可以遵循该过程来自动运行测试、创建发行版{% ifversion fpt or ghec%}并发布到 {% data variables.product.prodname_marketplace %}{% endif %},然后发布您的操作。 -1. Do feature work in branches per GitHub flow. For more information, see "[GitHub flow](/get-started/quickstart/github-flow)." - * Whenever a commit is pushed to the feature branch, your testing workflow will automatically run the tests. +1. 在每个 GitHub 流程的分支中执行功能工作。 更多信息请参阅“[GitHub 流](/get-started/quickstart/github-flow)”。 + * 每当将提交推送到功能分支时,测试工作流程将自动运行测试。 -2. Create pull requests to the `main` branch to initiate discussion and review, merging when ready. +2. 创建对 `main` 分支的拉取请求,以启动讨论和审阅,并在准备就绪时合并。 - * When a pull request is opened, either from a branch or a fork, your testing workflow will again run the tests, this time with the merge commit. + * 当从分支或复刻打开拉取请求时,测试工作流将再次运行测试,这次是合并提交。 - * **Note:** for security reasons, workflows triggered by `pull_request` from forks have restricted `GITHUB_TOKEN` permissions and do not have access to secrets. If your tests or other workflows triggered upon pull request require access to secrets, consider using a different event like a [manual trigger](/actions/reference/events-that-trigger-workflows#manual-events) or a [`pull_request_target`](/actions/reference/events-that-trigger-workflows#pull_request_target). Read more [here](/actions/reference/events-that-trigger-workflows#pull-request-events-for-forked-repositories). + * **注意:**出于安全原因,由复刻中的 `pull_request` 触发的工作流程限制了 `GITHUB_TOKEN` 权限,并且无法访问机密。 如果在拉取请求时触发的测试或其他工作流程需要访问机密,请考虑使用其他事件,如 [manual trigger](/actions/reference/events-that-trigger-workflows#manual-events) 或 [`pull_request_target`](/actions/reference/events-that-trigger-workflows#pull_request_target)。 [在此](/actions/reference/events-that-trigger-workflows#pull-request-events-for-forked-repositories)处阅读更多。 -3. Create a semantically tagged release. {% ifversion fpt or ghec %} You may also publish to {% data variables.product.prodname_marketplace %} with a simple checkbox. {% endif %} For more information, see "[Managing releases in a repository](/github/administering-a-repository/managing-releases-in-a-repository#creating-a-release)"{% ifversion fpt or ghec %} and "[Publishing actions in {% data variables.product.prodname_marketplace %}](/actions/creating-actions/publishing-actions-in-github-marketplace#publishing-an-action)"{% endif %}. +3. 创建语义标记的版本。 {% ifversion fpt or ghec %} 您也可以使用简单的复选框发布到 {% data variables.product.prodname_marketplace %}。 {% endif %} 更多信息请参阅“[管理存储库中的版本](/github/administering-a-repository/managing-releases-in-a-repository#creating-a-release)”{% ifversion fpt or ghec %}和“[在 {% data variables.product.prodname_marketplace %} 中发布操作](/actions/creating-actions/publishing-actions-in-github-marketplace#publishing-an-action)”{% endif %}。 - * When a release is published or edited, your release workflow will automatically take care of compilation and adjusting tags. + * 发布或编辑版本时,发行版工作流程将自动负责编译和调整标记。 - * We recommend creating releases using semantically versioned tags – for example, `v1.1.3` – and keeping major (`v1`) and minor (`v1.1`) tags current to the latest appropriate commit. For more information, see "[About custom actions](/actions/creating-actions/about-custom-actions#using-release-management-for-actions)" and "[About semantic versioning](https://docs.npmjs.com/about-semantic-versioning). + * 我们建议使用语义版本化的标记(例如,`v1.1.3` )创建版本,并将主要(`v1`)和次要(`v1.1`)标记保持最新适当的提交。 更多信息请参阅“[关于自定义操作](/actions/creating-actions/about-custom-actions#using-release-management-for-actions)”和“[关于语义版本控制](https://docs.npmjs.com/about-semantic-versioning)”。 ### 结果 -Unlike some other automated release management strategies, this process intentionally does not commit dependencies to the `main` branch, only to the tagged release commits. By doing so, you encourage users of your action to reference named tags or `sha`s, and you help ensure the security of third party pull requests by doing the build yourself during a release. +与其他一些自动化版本管理策略不同,此过程有意不将依赖项提交到 `main` 分支,而只提交到标记的版本提交。 这样可以鼓励操作的用户引用命名标记或 `sha`s,并且通过在发布期间自己执行构建来帮助确保第三方拉取请求的安全性。 -Using semantic releases means that the users of your actions can pin their workflows to a version and know that they might continue to receive the latest stable, non-breaking features, depending on their comfort level: +使用语义发行版意味着操作的用户可以将其工作流程固定到某个版本,并且知道他们可能会继续接收最新的稳定、不间断功能,具体取决于他们的舒适度: -## Working with the community +## 与社区合作 -{% data variables.product.product_name %} provides tools and guides to help you work with the open source community. Here are a few tools we recommend setting up for healthy bidirectional communication. By providing the following signals to the community, you encourage others to use, modify, and contribute to your action: +{% data variables.product.product_name %} 提供工具和指南,帮助您与开源社区合作。 以下是我们建议为健康的双向通信设置的一些工具。 通过向社区提供以下信号,您可以鼓励其他人使用、修改和参与您的操作: -* Maintain a `README` with plenty of usage examples and guidance. 更多信息请参阅“[关于自述文件](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-readmes)”。 -* Include a workflow status badge in your `README` file. 更多信息请参阅“[添加工作流程状态徽章](/actions/managing-workflow-runs/adding-a-workflow-status-badge)”。 Also visit [shields.io](https://shields.io/) to learn about other badges that you can add.{% ifversion fpt or ghec %} -* Add community health files like `CODE_OF_CONDUCT`, `CONTRIBUTING`, and `SECURITY`. For more information, see "[Creating a default community health file](/github/building-a-strong-community/creating-a-default-community-health-file#supported-file-types)."{% endif %} -* Keep issues current by utilizing actions like [actions/stale](https://github.com/actions/stale). +* 维护一个其中包含大量使用示例和指南的 `README`。 更多信息请参阅“[关于自述文件](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-readmes)”。 +* 在 `README` 文件中包括工作流程状态徽章。 更多信息请参阅“[添加工作流程状态徽章](/actions/managing-workflow-runs/adding-a-workflow-status-badge)”。 另请访问 [shields.io](https://shields.io/),了解您可以添加的其他徽章。{% ifversion fpt or ghec %} +* 添加社区健康文件,如 `CODE_OF_CONDUCT`、`CONTRIBUTING` 和 `SECURITY`。 更多信息请参阅“[创建默认社区健康文件](/github/building-a-strong-community/creating-a-default-community-health-file#supported-file-types)”。{% endif %} +* 利用 [actions/stale](https://github.com/actions/stale)等操作使议题保持最新。 ## 延伸阅读 -Examples where similar patterns are employed include: +采用类似模式的示例包括: * [github/super-linter](https://github.com/github/super-linter) * [octokit/request-action](https://github.com/octokit/request-action) diff --git a/translations/zh-CN/content/actions/deployment/about-deployments/about-continuous-deployment.md b/translations/zh-CN/content/actions/deployment/about-deployments/about-continuous-deployment.md index d419866754..715aeb3218 100644 --- a/translations/zh-CN/content/actions/deployment/about-deployments/about-continuous-deployment.md +++ b/translations/zh-CN/content/actions/deployment/about-deployments/about-continuous-deployment.md @@ -1,6 +1,6 @@ --- -title: About continuous deployment -intro: 'You can create custom continuous deployment (CD) workflows directly in your {% data variables.product.prodname_dotcom %} repository with {% data variables.product.prodname_actions %}.' +title: 关于持续部署 +intro: '您可以直接在 {% data variables.product.prodname_dotcom %} 仓库中通过 {% data variables.product.prodname_actions %} 创建自定义持续部署 (CD) 工作流程。' versions: fpt: '*' ghes: '*' @@ -11,41 +11,41 @@ redirect_from: - /actions/deployment/about-continuous-deployment topics: - CD -shortTitle: About continuous deployment +shortTitle: 关于持续部署 --- {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -## About continuous deployment +## 关于持续部署 -_Continuous deployment_ (CD) is the practice of using automation to publish and deploy software updates. As part of the typical CD process, the code is automatically built and tested before deployment. +_持续部署_ (CD) 是使用自动化发布和部署软件更新的做法。 作为典型 CD 过程的一部分,代码在部署之前会自动构建并测试。 -Continuous deployment is often coupled with continuous integration. For more information about continuous integration, see "[About continuous integration](/actions/guides/about-continuous-integration)". +持续部署通常与持续集成相结合。 有关持续集成的更多信息,请参阅“[关于持续集成](/actions/guides/about-continuous-integration)”。 -## About continuous deployment using {% data variables.product.prodname_actions %} +## 关于使用 {% data variables.product.prodname_actions %} 的持续部署 -You can set up a {% data variables.product.prodname_actions %} workflow to deploy your software product. To verify that your product works as expected, your workflow can build the code in your repository and run your tests before deploying. +您可以设置 {% data variables.product.prodname_actions %} 工作流程来部署软件产品。 要验证产品是否按预期工作,您的工作流程可以在存储库中构建代码,并在部署之前运行测试。 -You can configure your CD workflow to run when a {% data variables.product.product_name %} event occurs (for example, when new code is pushed to the default branch of your repository), on a set schedule, manually, or when an external event occurs using the repository dispatch webhook. For more information about when your workflow can run, see "[Events that trigger workflows](/actions/reference/events-that-trigger-workflows)." +您可以配置 CD 工作流程在发生 {% data variables.product.product_name %} 事件(例如,将新代码推送到存储库的默认分支)时运行、按设定的时间表运行、手动运行或者在使用存储库分发 web 挂钩的外部事件发生时运行。 有关工作流程何时可以运行的更多信息,请参阅“[触发工作流程的事件](/actions/reference/events-that-trigger-workflows)”。 -{% data variables.product.prodname_actions %} provides features that give you more control over deployments. For example, you can use environments to require approval for a job to proceed, restrict which branches can trigger a workflow, or limit access to secrets. {% ifversion fpt or ghae or ghes > 3.1 or ghec %}You can use concurrency to limit your CD pipeline to a maximum of one in-progress deployment and one pending deployment. {% endif %}For more information about these features, see "[Deploying with GitHub Actions](/actions/deployment/deploying-with-github-actions)" and "[Using environments for deployment](/actions/deployment/using-environments-for-deployment)." +{% data variables.product.prodname_actions %} 提供的功能使您可以更好地控制部署。 例如,您可以使用环境来要求批准才能继续作业,限制哪些分支可以触发工作流程,或限制对机密的访问。 {% ifversion fpt or ghae or ghes > 3.1 or ghec %} 可以使用并发性将 CD 管道限制为最多一个正在进行的部署和一个挂起的部署。 {% endif %}有关这些功能的详细信息,请参阅“[使用 GitHub Actions 进行部署](/actions/deployment/deploying-with-github-actions)”和“[使用环境进行部署](/actions/deployment/using-environments-for-deployment)”。 {% ifversion fpt or ghec or ghae-issue-4856 %} -## Using OpenID Connect to access cloud resources +## 使用 OpenID Connect 访问云资源 {% data reusables.actions.about-oidc-short-overview %} {% endif %} -## Starter workflows and third party actions +## 初学者工作流程和第三方操作 {% data reusables.actions.cd-templates-actions %} ## 延伸阅读 -- [Deploying with GitHub Actions](/actions/deployment/deploying-with-github-actions) -- [Using environments for deployment](/actions/deployment/using-environments-for-deployment){% ifversion fpt or ghec %} -- "[Managing billing for {% data variables.product.prodname_actions %}](/billing/managing-billing-for-github-actions)"{% endif %} +- [使用 GitHub Actions 进行部署](/actions/deployment/deploying-with-github-actions) +- [使用环境进行部署](/actions/deployment/using-environments-for-deployment){% ifversion fpt or ghec %} +- "[管理 {% data variables.product.prodname_actions %} 的计费](/billing/managing-billing-for-github-actions)"{% endif %} diff --git a/translations/zh-CN/content/actions/deployment/about-deployments/deploying-with-github-actions.md b/translations/zh-CN/content/actions/deployment/about-deployments/deploying-with-github-actions.md index c93b5c3c42..f84c550826 100644 --- a/translations/zh-CN/content/actions/deployment/about-deployments/deploying-with-github-actions.md +++ b/translations/zh-CN/content/actions/deployment/about-deployments/deploying-with-github-actions.md @@ -17,9 +17,9 @@ shortTitle: Deploy with GitHub Actions {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -## 简介 +## Introduction -{% data variables.product.prodname_actions %} offers features that let you control deployments. 您可以: +{% data variables.product.prodname_actions %} offers features that let you control deployments. You can: - Trigger workflows with a variety of events. - Configure environments to set rules before a job can proceed and to limit access to secrets. @@ -27,9 +27,9 @@ shortTitle: Deploy with GitHub Actions For more information about continuous deployment, see "[About continuous deployment](/actions/deployment/about-continuous-deployment)." -## 基本要求 +## Prerequisites -You should be familiar with the syntax for {% data variables.product.prodname_actions %}. 更多信息请参阅“[Learn {% data variables.product.prodname_actions %}](/actions/learn-github-actions)”。 +You should be familiar with the syntax for {% data variables.product.prodname_actions %}. For more information, see "[Learn {% data variables.product.prodname_actions %}](/actions/learn-github-actions)." ## Triggering your deployment @@ -52,15 +52,15 @@ on: workflow_dispatch: ``` -更多信息请参阅“[触发工作流程的事件](/actions/reference/events-that-trigger-workflows)”。 +For more information, see "[Events that trigger workflows](/actions/reference/events-that-trigger-workflows)." -## 使用环境 +## Using environments {% data reusables.actions.about-environments %} ## Using concurrency -Concurrency 确保只有使用相同并发组的单一作业或工作流程才会同时运行。 您可以使用并发,以便环境中每次最多有一个正在进行的部署和一个待处理的部署。 +Concurrency ensures that only a single job or workflow using the same concurrency group will run at a time. You can use concurrency so that an environment has a maximum of one deployment in progress and one deployment pending at a time. {% note %} @@ -134,15 +134,15 @@ jobs: For guidance on writing deployment-specific steps, see "[Finding deployment examples](#finding-deployment-examples)." -## 查看部署历史记录 +## Viewing deployment history When a {% data variables.product.prodname_actions %} workflow deploys to an environment, the environment is displayed on the main page of the repository. For more information about viewing deployments to environments, see "[Viewing deployment history](/developers/overview/viewing-deployment-history)." ## Monitoring workflow runs -每个工作流程运行都会生成一个实时图表,说明运行进度。 You can use this graph to monitor and debug deployments. For more information see, "[Using the visualization graph](/actions/monitoring-and-troubleshooting-workflows/using-the-visualization-graph)." +Every workflow run generates a real-time graph that illustrates the run progress. You can use this graph to monitor and debug deployments. For more information see, "[Using the visualization graph](/actions/monitoring-and-troubleshooting-workflows/using-the-visualization-graph)." -You can also view the logs of each workflow run and the history of workflow runs. 更多信息请参阅“[查看工作流程运行历史记录](/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history)”。 +You can also view the logs of each workflow run and the history of workflow runs. For more information, see "[Viewing workflow run history](/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history)." ## Tracking deployments through apps @@ -154,7 +154,7 @@ You can also build an app that uses deployment and deployment status webhooks to {% ifversion fpt or ghes or ghec %} -## 选择运行器 +## Choosing a runner You can run your deployment workflow on {% data variables.product.company_short %}-hosted runners or on self-hosted runners. Traffic from {% data variables.product.company_short %}-hosted runners can come from a [wide range of network addresses](/rest/reference/meta#get-github-meta-information). If you are deploying to an internal environment and your company restricts external traffic into private networks, {% data variables.product.prodname_actions %} workflows running on {% data variables.product.company_short %}-hosted runners may not be communicate with your internal services or resources. To overcome this, you can host your own runners. For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners)" and "[About GitHub-hosted runners](/actions/using-github-hosted-runners/about-github-hosted-runners)." @@ -164,7 +164,7 @@ You can run your deployment workflow on {% data variables.product.company_short You can use a status badge to display the status of your deployment workflow. {% data reusables.repositories.actions-workflow-status-badge-intro %} -更多信息请参阅“[添加工作流程状态徽章](/actions/managing-workflow-runs/adding-a-workflow-status-badge)”。 +For more information, see "[Adding a workflow status badge](/actions/managing-workflow-runs/adding-a-workflow-status-badge)." ## Finding deployment examples diff --git a/translations/zh-CN/content/actions/deployment/about-deployments/index.md b/translations/zh-CN/content/actions/deployment/about-deployments/index.md index 921a8c1fbd..fae4e48330 100644 --- a/translations/zh-CN/content/actions/deployment/about-deployments/index.md +++ b/translations/zh-CN/content/actions/deployment/about-deployments/index.md @@ -1,7 +1,7 @@ --- -title: About deployments -shortTitle: About deployments -intro: 'Learn how deployments can run with {% data variables.product.prodname_actions %} workflows.' +title: 关于部署 +shortTitle: 关于部署 +intro: '了解如何使用 {% data variables.product.prodname_actions %} 工作流程运行部署。' versions: fpt: '*' ghes: '*' diff --git a/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md b/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md index 4d9cac1104..1c706cab39 100644 --- a/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md +++ b/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service.md @@ -22,15 +22,15 @@ shortTitle: 部署到 Amazon ECS ## 简介 -This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application, push it to [Amazon Elastic Container Registry (ECR)](https://aws.amazon.com/ecr/), and deploy it to [Amazon Elastic Container Service (ECS)](https://aws.amazon.com/ecs/) when there is a push to the `main` branch. +本指南介绍如何使用 {% data variables.product.prodname_actions %} 构建容器化应用程序,将其推送到 [Amazon Elastic Container Registry (ECR)](https://aws.amazon.com/ecr/),以及要推送到 `main` 分支时将其部署到 [Amazon Elastic Container Service (ECS)](https://aws.amazon.com/ecs/)。 -On every new push to `main` in your {% data variables.product.company_short %} repository, the {% data variables.product.prodname_actions %} workflow builds and pushes a new container image to Amazon ECR, and then deploys a new task definition to Amazon ECS. +在每次推送到 {% data variables.product.company_short %} 仓库中的 `main` 时,{% data variables.product.prodname_actions %} 工作流程将构建新的容器映像并将其推送到 Amazon ECR,然后将新的任务定义部署到 Amazon ECS。 {% ifversion fpt or ghec or ghae-issue-4856 %} {% note %} -**Note**: {% data reusables.actions.about-oidc-short-overview %} and ["Configuring OpenID Connect in Amazon Web Services"](/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services). +**注意**:{% data reusables.actions.about-oidc-short-overview %} 和[“在 Amazon Web Services 中配置 OpenID Connect”](/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services)。 {% endnote %} @@ -161,7 +161,7 @@ jobs: ## 其他资源 -For the original starter workflow, see [`aws.yml`](https://github.com/actions/starter-workflows/blob/main/deployments/aws.yml) in the {% data variables.product.prodname_actions %} `starter-workflows` repository. +有关原始入门工作流程,请参阅 {% data variables.product.prodname_actions %} `starter-workflows` 仓库中的 [`aws.yml`](https://github.com/actions/starter-workflows/blob/main/deployments/aws.yml)。 有关这些示例中使用的服务的详细信息,请参阅以下文档: diff --git a/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md b/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md index 16ffd39eb8..db72ee4f92 100644 --- a/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md +++ b/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/deploying-to-google-kubernetes-engine.md @@ -14,7 +14,7 @@ topics: - CD - Containers - Google Kubernetes Engine -shortTitle: Deploy to Google Kubernetes Engine +shortTitle: 部署到 Google Kubernetes Engine --- {% data reusables.actions.enterprise-beta %} @@ -22,7 +22,7 @@ shortTitle: Deploy to Google Kubernetes Engine ## 简介 -This guide explains how to use {% data variables.product.prodname_actions %} to build a containerized application, push it to Google Container Registry (GCR), and deploy it to Google Kubernetes Engine (GKE) when there is a push to the `main` branch. +本指南介绍如何使用 {% data variables.product.prodname_actions %} 构建容器化应用程序,将其推送到 Google Container Registry (GCR),以及要推送到 `main` 分支时将其部署到 Google Kubernetes Engine (GKE)。 GKE 是 Google Cloud 的托管 Kubernetes 群集服务,可以在云中或您自己的数据中心中托管您的容器化工作负载。 更多信息请参阅 [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine)。 @@ -71,7 +71,7 @@ $ gcloud services enable \ ### 配置服务帐户并存储其凭据 -此程序显示如何为您的 GKE 集成创建服务帐户。 It explains how to create the account, add roles to it, retrieve its keys, and store them as a base64-encoded encrypted repository secret named `GKE_SA_KEY`. +此程序显示如何为您的 GKE 集成创建服务帐户。 它说明了如何创建帐户、向其添加角色、检索其密钥,以及将它们存储为名为 `GKE_SA_KEY` 的加密仓库机密。 1. 创建新服务帐户: {% raw %} @@ -111,16 +111,16 @@ $ gcloud services enable \ $ export GKE_SA_KEY=$(cat key.json | base64) ``` {% endraw %} - For more information about how to store a secret, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)." + 有关如何存储机密的更多信息,请参阅“[加密密码](/actions/security-guides/encrypted-secrets)”。 -### Storing your project name +### 存储项目名称 -Store the name of your project as a secret named `GKE_PROJECT`. For more information about how to store a secret, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)." +将项目名称存储为名为 `GKE_PROJECT` 的机密。 有关如何存储机密的更多信息,请参阅“[加密密码](/actions/security-guides/encrypted-secrets)”。 ### (可选)配置 kustomize -Kustomize 是用于管理 YAML 规范的可选工具。 After creating a `kustomization` file, the workflow below can be used to dynamically set fields of the image and pipe in the result to `kubectl`. 更多信息请参阅 [kustomize 的用法](https://github.com/kubernetes-sigs/kustomize#usage)。 +Kustomize 是用于管理 YAML 规范的可选工具。 在创建 `kustomization` 文件之后, 下面的工作流可用于将结果中的图像和管道字段动态设置为 `kubectl`。 更多信息请参阅 [kustomize 的用法](https://github.com/kubernetes-sigs/kustomize#usage)。 -### (Optional) Configure a deployment environment +### (可选)配置部署环境 {% data reusables.actions.about-environments %} @@ -130,7 +130,7 @@ Kustomize 是用于管理 YAML 规范的可选工具。 After creating a `kustom 下面的示例工作流程演示如何生成容器映像并推送到 GCR。 然后,它使用 Kubernetes 工具(如 `kubectl` 和 `kustomize`)将映像拉入群集部署。 -Under the `env` key, change the value of `GKE_CLUSTER` to the name of your cluster, `GKE_ZONE` to your cluster zone, `DEPLOYMENT_NAME` to the name of your deployment, and `IMAGE` to the name of your image. +在 `env` 键下,将 `GKE_CLUSTER` 的值更改为群集的名称,将 `GKE_ZONE` 更改为群集区域,将 `DEPLOYMENT_NAME` 更改为部署的名称,以及将 `IMAGE` 更改为映像的名称。 {% data reusables.actions.delete-env-key %} diff --git a/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/index.md b/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/index.md index a31cb4f532..1e0568977e 100644 --- a/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/index.md +++ b/translations/zh-CN/content/actions/deployment/deploying-to-your-cloud-provider/index.md @@ -1,7 +1,7 @@ --- -title: Deploying to your cloud provider -shortTitle: Deploying to your cloud provider -intro: 'You can deploy to various cloud providers, such as AWS, Azure, and GKE.' +title: 部署到云提供商 +shortTitle: 部署到云提供商 +intro: 您可以部署到各种云提供商,例如 AWS、Azure 和 GKE。 versions: fpt: '*' ghae: '*' diff --git a/translations/zh-CN/content/actions/deployment/deploying-xcode-applications/index.md b/translations/zh-CN/content/actions/deployment/deploying-xcode-applications/index.md index 857ef66b1e..ccbd0e8bb4 100644 --- a/translations/zh-CN/content/actions/deployment/deploying-xcode-applications/index.md +++ b/translations/zh-CN/content/actions/deployment/deploying-xcode-applications/index.md @@ -1,6 +1,6 @@ --- -title: Deploying Xcode applications -shortTitle: Deploying Xcode applications +title: 部署 Xcode 应用程序 +shortTitle: 部署 Xcode 应用程序 intro: '您可以在 {% data variables.product.prodname_actions %} 运行器上安装 Apple 代码签名证书,以在持续集成 (CI) 工作流程中对 Xcode 应用签名。' versions: fpt: '*' diff --git a/translations/zh-CN/content/actions/deployment/managing-your-deployments/index.md b/translations/zh-CN/content/actions/deployment/managing-your-deployments/index.md index 46b6374261..518435c120 100644 --- a/translations/zh-CN/content/actions/deployment/managing-your-deployments/index.md +++ b/translations/zh-CN/content/actions/deployment/managing-your-deployments/index.md @@ -1,7 +1,7 @@ --- -title: Managing your deployments -shortTitle: Managing your deployments -intro: You can review the past activity of your deployments. +title: 管理部署 +shortTitle: 管理部署 +intro: 您可以查看您的部署中过去的活动。 versions: fpt: '*' ghes: '*' diff --git a/translations/zh-CN/content/actions/deployment/managing-your-deployments/viewing-deployment-history.md b/translations/zh-CN/content/actions/deployment/managing-your-deployments/viewing-deployment-history.md index 142e2755d9..6772eedef4 100644 --- a/translations/zh-CN/content/actions/deployment/managing-your-deployments/viewing-deployment-history.md +++ b/translations/zh-CN/content/actions/deployment/managing-your-deployments/viewing-deployment-history.md @@ -15,14 +15,14 @@ redirect_from: --- -You can deliver deployments through {% data variables.product.prodname_actions %} and environments or with the REST API and third party apps. {% ifversion fpt or ghae ghes > 3.0 or ghec %}For more information about using environments to deploy with {% data variables.product.prodname_actions %}, see "[Using environments for deployment](/actions/deployment/using-environments-for-deployment)." {% endif %}有关使用 REST API 进行部署的更多信息,请参阅“[仓库](/rest/reference/repos#deployments)”。 +您可以通过 {% data variables.product.prodname_actions %} 和环境或使用 REST API 和第三方应用交付部署。 {% ifversion fpt or ghae ghes > 3.0 or ghec %}有关使用环境进行部署 {% data variables.product.prodname_actions %}的详细信息,请参阅“[使用环境进行部署](/actions/deployment/using-environments-for-deployment)”。 {% endif %}有关使用 REST API 进行部署的更多信息,请参阅“[仓库](/rest/reference/repos#deployments)”。 要查看当前和过去的部署,请在仓库的主页上单击 **Environments(环境)**。 {% ifversion ghae %} ![环境](/assets/images/enterprise/2.22/environments-sidebar.png){% else %} ![Environments](/assets/images/environments-sidebar.png){% endif %} -部署页显示仓库中每个环境的最新活动部署。 If the deployment includes an environment URL, a **View deployment** button that links to the URL is shown next to the deployment. +部署页显示仓库中每个环境的最新活动部署。 如果部署包含环境 URL,则部署旁边将显示链接到 URL 的 **View deployment(查看部署)**按钮。 活动日志显示环境的部署历史记录。 默认情况下,只有环境的最新部署具有 `Active` 状态;所有先前的活动部署具有 `Inactive` 状态。 有关自动失活部署的更多信息,请参阅“[非活动部署](/rest/reference/deployments#inactive-deployments)”。 diff --git a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md index 11b5d04f8d..f90b8b9df1 100644 --- a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md +++ b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md @@ -1,7 +1,7 @@ --- -title: About security hardening with OpenID Connect -shortTitle: About security hardening with OpenID Connect -intro: OpenID Connect allows your workflows to exchange short-lived tokens directly from your cloud provider. +title: 关于使用 OpenID Connect 进行安全强化 +shortTitle: 关于使用 OpenID Connect 进行安全强化 +intro: OpenID Connect 允许您的工作流程直接从云提供商交换短期令牌。 miniTocMaxHeadingLevel: 4 versions: fpt: '*' @@ -15,45 +15,45 @@ topics: {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -## Overview of OpenID Connect +## OpenID Connect 概述 -{% data variables.product.prodname_actions %} workflows are often designed to access a cloud provider (such as AWS, Azure, GCP, or HashiCorp Vault) in order to deploy software or use the cloud's services. Before the workflow can access these resources, it will supply credentials, such as a password or token, to the cloud provider. These credentials are usually stored as a secret in {% data variables.product.prodname_dotcom %}, and the workflow presents this secret to the cloud provider every time it runs. +{% data variables.product.prodname_actions %} 工作流程通常设计为访问云提供商(如 AWS、Azure、GCP 或 HashiCorp Vault),以便部署软件或使用云的服务。 在工作流程可以访问这些资源之前,它将向云提供商提供凭据(如密码或令牌)。 这些凭据通常作为机密存储在 {% data variables.product.prodname_dotcom %} 中,工作流程在每次运行时都会将此机密呈现给云提供商。 -However, using hardcoded secrets requires you to create credentials in the cloud provider and then duplicate them in {% data variables.product.prodname_dotcom %} as a secret. +但是,使用硬编码的机密需要在云提供商中创建凭据,然后在 {% data variables.product.prodname_dotcom %} 中将其复制为机密。 -With OpenID Connect (OIDC), you can take a different approach by configuring your workflow to request a short-lived access token directly from the cloud provider. Your cloud provider also needs to support OIDC on their end, and you must configure a trust relationship that controls which workflows are able to request the access tokens. Providers that currently support OIDC include Amazon Web Services, Azure, Google Cloud Platform, and HashiCorp Vault, among others. +借助 OpenID Connect (OIDC),您可以采用不同的方法,将工作流程配置为直接从云提供商请求短期访问令牌。 您的云提供商还需要在其终端上支持 OIDC,并且您必须配置信任关系,以控制哪些工作流程能够请求访问令牌。 目前支持 OIDC 的提供商包括 Amazon Web Services、Azure、Google Cloud Platform 和 HashiCorp Vault 等。 -### Benefits of using OIDC +### 使用 OIDC 的好处 -By updating your workflows to use OIDC tokens, you can adopt the following good security practices: +通过更新工作流程以使用 OIDC 令牌,您可以采用以下良好的安全实践: -- **No cloud secrets**: You won't need to duplicate your cloud credentials as long-lived {% data variables.product.prodname_dotcom %} secrets. Instead, you can configure the OIDC trust on your cloud provider, and then update your workflows to request a short-lived access token from the cloud provider through OIDC. -- **Authentication and authorization management**: You have more granular control over how workflows can use credentials, using your cloud provider's authentication (authN) and authorization (authZ) tools to control access to cloud resources. -- **Rotating credentials**: With OIDC, your cloud provider issues a short-lived access token that is only valid for a single job, and then automatically expires. +- **无云机密**:无需将云凭据复制为长期 {% data variables.product.prodname_dotcom %} 机密。 相反,您可以在云提供商上配置 OIDC 信任,然后更新您的工作流程,通过 OIDC 向云提供商请求短期访问令牌。 +- **身份验证和授权管理**:您可以更细致地控制工作流程如何使用凭据,使用云提供商的身份验证 (authN) 和授权 (authZ) 工具来控制对云资源的访问。 +- **轮换凭证**:借助 OIDC,您的云提供商会颁发仅对单个作业有效的短期访问令牌,然后自动过期。 -### Getting started with OIDC +### 开始使用 OIDC -The following diagram gives an overview of how {% data variables.product.prodname_dotcom %}'s OIDC provider integrates with your workflows and cloud provider: +下图概述了 {% data variables.product.prodname_dotcom %} 的 OIDC 提供商如何与您的工作流程和云提供商集成: -![OIDC diagram](/assets/images/help/images/oidc-architecture.png) +![OIDC 图](/assets/images/help/images/oidc-architecture.png) -1. In your cloud provider, create an OIDC trust between your cloud role and your {% data variables.product.prodname_dotcom %} workflow(s) that need access to the cloud. -2. Every time your job runs, {% data variables.product.prodname_dotcom %}'s OIDC Provider auto-generates an OIDC token. This token contains multiple claims to establish a security-hardened and verifiable identity about the specific workflow that is trying to authenticate. -3. You could include a step or action in your job to request this token from {% data variables.product.prodname_dotcom %}'s OIDC provider, and present it to the cloud provider. -4. Once the cloud provider successfully validates the claims presented in the token, it then provides a short-lived cloud access token that is available only for the duration of the job. +1. 在云提供商中,在您的云角色和需要访问云的 {% data variables.product.prodname_dotcom %} 工作流程之间创建 OIDC 信任。 +2. 每次作业运行时,{% data variables.product.prodname_dotcom %}的 OIDC 提供商都会自动生成一个 OIDC 令牌。 此令牌包含多个声明,用于建立有关尝试进行身份验证的特定工作流程的经安全强化且可验证的身份。 +3. 您可以在作业中包含一个步骤或操作,以从 {% data variables.product.prodname_dotcom %} 的 OIDC 提供商请求此令牌,并将其提供给云提供商。 +4. 云提供商成功验证令牌中提供的声明后,将提供仅在作业期间可用的短期云访问令牌。 -## Configuring the OIDC trust with the cloud +## 通过云配置 OIDC 信任 -When you configure your cloud to trust {% data variables.product.prodname_dotcom %}'s OIDC provider, you **must** add conditions that filter incoming requests, so that untrusted repositories or workflows can’t request access tokens for your cloud resources: +将云配置为信任 {% data variables.product.prodname_dotcom %} 的 OIDC 提供商时,**必须**添加过滤传入请求的条件,使不受信任的存储库或工作流程无法为您的云资源请求访问令牌: -- Before granting an access token, your cloud provider checks that the [`subject`](https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims) and other claims used to set conditions in its trust settings match those in the request's JSON Web Token (JWT). As a result, you must take care to correctly define the _subject_ and other conditions in your cloud provider. -- The OIDC trust configuration steps and the syntax to set conditions for cloud roles (using _Subject_ and other claims) will vary depending on which cloud provider you're using. For some examples, see "[Example subject claims](#example-subject-claims)." +- 在授予访问令牌之前,云提供商会检查[`主题`](https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims)以及用于在其信任设置中设置条件的其他声明是否与请求的 JSON Web 令牌 (JWT) 中的声明匹配。 因此,您必须注意正确定义云提供商中的_主题_和其他条件。 +- OIDC 信任配置步骤和为云角色设置条件的语法(使用_主题_和其他声明)将因您使用的云提供商而异。 有关一些示例,请参阅“[示例主题声明](#example-subject-claims)”。 -### Understanding the OIDC token +### 了解 OIDC 令牌 -Each job requests an OIDC token from {% data variables.product.prodname_dotcom %}'s OIDC provider, which responds with an automatically generated JSON web token (JWT) that is unique for each workflow job where it is generated. When the job runs, the OIDC token is presented to the cloud provider. To validate the token, the cloud provider checks if the OIDC token's subject and other claims are a match for the conditions that were preconfigured on the cloud role's OIDC trust definition. +每个作业都从 {% data variables.product.prodname_dotcom %} 的 OIDC 提供商请求一个 OIDC 令牌,提供商使用自动生成的 JSON Web 令牌 (JWT) 进行响应,该令牌对于生成它的每个工作流程作业都是唯一的。 当作业运行时,OIDC 令牌将呈现给云提供商。 要验证令牌,云提供商会检查 OIDC 令牌的主题和其他声明是否与云角色的 OIDC 信任定义上预配置的条件匹配。 -The following example OIDC token uses a subject (`sub`) that references a job environment named `prod` in the `octo-org/octo-repo` repository. +以下示例 OIDC 令牌使用引用 `octo-org/octo-repo` 存储库中名为 `prod` 的作业环境的主题 (`sub`)。 ```yaml { @@ -88,116 +88,116 @@ The following example OIDC token uses a subject (`sub`) that references a job en } ``` -To see all the claims supported by {% data variables.product.prodname_dotcom %}'s OIDC provider, review the `claims_supported` entries at https://token.actions.githubusercontent.com/.well-known/openid-configuration. +要查看 {% data variables.product.prodname_dotcom %} 的 OIDC 提供商支持的所有声明,请查看 https://token.actions.githubusercontent.com/.well-known/openid-configuration 中的 `claims_supported` 条目。 -The token includes the standard audience, issuer, and subject claims: +令牌包括标准受众、颁发者和主题声明: -| Claim | 描述 | -| ----- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| `aud` | _(Audience)_ By default, this is the URL of the repository owner, such as the organization that owns the repository. This is the only claim that can be customized. You can set a custom audience with a toolkit command: [`core.getIDToken(audience)`](https://www.npmjs.com/package/@actions/core/v/1.6.0) | -| `iss` | _(Issuer)_ The issuer of the OIDC token: `https://token.actions.githubusercontent.com` | -| `sub` | _(Subject)_ Defines the subject claim that is to be validated by the cloud provider. This setting is essential for making sure that access tokens are only allocated in a predictable way. | +| 声明 | 描述 | +| ----- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `aud` | _(受众)_ 默认情况下,这是存储库所有者(如拥有存储库的组织)的 URL。 这是唯一可以自定义的声明。 您可以使用工具包命令设置自定义受众:[`core.getIDToken(audience)`](https://www.npmjs.com/package/@actions/core/v/1.6.0) | +| `iss` | _(发行人)_ OIDC 令牌的发行人:`https://token.actions.githubusercontent.com` | +| `sub` | _(主题)_ 定义要由云提供商验证的主题声明。 此设置对于确保仅以可预测的方式分配访问令牌至关重要。 | -The OIDC token also includes additional standard claims: +OIDC 令牌还包括其他标准声明: -| Claim | 描述 | -| ----- | --------------------------------------------------------------------- | -| `alg` | _(Algorithm)_ The algorithm used by the OIDC provider. | -| `exp` | _(Expires at)_ Identifies the expiry time of the JWT. | -| `iat` | _(Issued at)_ The time when the JWT was issued. | -| `jti` | _(JWT token identifier)_ Unique identifier for the OIDC token. | -| `kid` | _(Key identifier)_ Unique key for the OIDC token. | -| `nbf` | _(Not before)_ JWT is not valid for use before this time. | -| `typ` | _(Type)_ Describes the type of token. This is a JSON Web Token (JWT). | +| 声明 | 描述 | +| ----- | ------------------------------------- | +| `alg` | _(算法)_OIDC 提供商使用的算法。 | +| `exp` | _(到期时间)_ 标识 JWT 的到期时间。 | +| `iat` | _(发行时间)_ JWT 的发行时间。 | +| `jti` | _(JWT 令牌标识符)_ OIDC 令牌的唯一标识符。 | +| `kid` | _(密钥标识符)_ OIDC 令牌的唯一密钥。 | +| `nbf` | _(在此之前无效)_ JWT 在此时间之前无效。 | +| `typ` | _(类型)_ 描述令牌的类型。 这是 JSON Web 令牌 (JWT)。 | -The token also includes custom claims provided by {% data variables.product.prodname_dotcom %}: +令牌还包括 {% data variables.product.prodname_dotcom %} 提供的自定义声明: -| Claim | 描述 | -| ------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `actor` | The user account that initiated the workflow run. | -| `base_ref` | The target branch of the pull request in a workflow run. | -| `environment` | The name of the environment used by the job. | -| `event_name` | 触发工作流程运行的事件的名称。 | -| `head_ref` | The source branch of the pull request in a workflow run. | -| `job_workflow_ref` | This is the ref path to the reusable workflow used by this job. For more information, see "["Using OpenID Connect with reusable workflows"](/actions/deployment/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows)." | -| `ref` | _(Reference)_ The git ref that triggered the workflow run. | -| `ref_type` | The type of `ref`, for example: "branch". | -| `仓库` | The repository from where the workflow is running. | -| `repository_owner` | The name of the organization in which the `repository` is stored. | -| `run_id` | The ID of the workflow run that triggered the workflow. | -| `run_number` | The number of times this workflow has been run. | -| `run_attempt` | The number of times this workflow run has been retried. | -| `工作流程` | 工作流程的名称。 | +| 声明 | 描述 | +| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| `actor` | 发起工作流程运行的用户帐户。 | +| `base_ref` | 工作流程运行中拉取请求的目标分支。 | +| `environment` | 作业使用的环境的名称。 | +| `event_name` | 触发工作流程运行的事件的名称。 | +| `head_ref` | 工作流程运行中拉取请求的来源分支。 | +| `job_workflow_ref` | 这是此作业使用的可重用工作流程的引用路径。 更多信息请参阅“[使用 OpenID 连接和可重用工作流程](/actions/deployment/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows)”。 | +| `ref` | _(引用)_ 触发工作流程运行的 git 引用。 | +| `ref_type` | `ref` 的类型,例如:"branch"。 | +| `仓库` | 运行工作流程的存储库。 | +| `repository_owner` | 存储 `repository` 的组织的名称。 | +| `run_id` | 触发工作流程的工作流程运行的 ID。 | +| `run_number` | 此工作流程已运行的次数。 | +| `run_attempt` | 此工作流程运行的重试次数。 | +| `工作流程` | 工作流程的名称。 | -### Defining trust conditions on cloud roles using OIDC claims +### 使用 OIDC 声明定义云角色的信任条件 -With OIDC, a {% data variables.product.prodname_actions %} workflow requires a token in order to access resources in your cloud provider. The workflow requests an access token from your cloud provider, which checks the details presented by the JWT. If the trust configuration in the JWT is a match, your cloud provider responds by issuing a temporary token to the workflow, which can then be used to access resources in your cloud provider. You can configure your cloud provider to only respond to requests that originate from a specific organization's repository; you can also specify additional conditions, described below. +借助 OIDC,{% data variables.product.prodname_actions %} 工作流程需要令牌才能访问云提供商中的资源。 工作流程从云提供商请求访问令牌,以检查 JWT 提供的详细信息。 如果 JWT 中的信任配置匹配,则云提供商将通过向工作流程颁发临时令牌来做出响应,然后可以使用该令牌访问云提供商中的资源。 您可以将云提供商配置为仅响应来自特定组织的存储库的请求;您还可以指定其他条件,如下所述。 -Audience and Subject claims are typically used in combination while setting conditions on the cloud role/resources to scope its access to the GitHub workflows. -- **Audience**: By default, this value uses the URL of the organization or repository owner. This can be used to set a condition that only the workflows in the specific organization can access the cloud role. -- **Subject**: Has a predefined format and is a concatenation of some of the key metadata about the workflow, such as the {% data variables.product.prodname_dotcom %} organization, repository, branch, or associated [`job`](/actions/learn-github-actions/workflow-syntax-for-github-actions#jobsjob_idenvironment) environment. See "[Example subject claims](#example-subject-claims)" to see how the subject claim is assembled from concatenated metadata. +在云角色/资源上设置条件以限定其对 GitHub 工作流程的访问范围时,受众和主题声明通常结合使用。 +- **受众**:默认情况下,此值使用组织或存储库所有者的 URL。 这可用于设置只有特定组织中的工作流程才能访问云角色的条件。 +- **主题**:具有预定义的格式,并且是有关工作流程的某些关键元数据的串联,如 {% data variables.product.prodname_dotcom %} 组织、存储库、分支或关联的[`作业`](/actions/learn-github-actions/workflow-syntax-for-github-actions#jobsjob_idenvironment)环境。 请参阅“[示例主题声明](#example-subject-claims)”,了解如何从串联的元数据汇编主题声明。 -There are also many additional claims supported in the OIDC token that can also be used for setting these conditions. +OIDC 令牌中还支持许多其他声明,这些声明也可用于设置这些条件。 -In addition, your cloud provider could allow you to assign a role to the access tokens, letting you specify even more granular permissions. +此外,云提供商可以允许你为访问令牌分配角色,从而允许你指定更精细的权限。 {% note %} -**Note**: To control how your cloud provider issues access tokens, you **must** define at least one condition, so that untrusted repositories can’t request access tokens for your cloud resources. +**注意**:要控制云提供商颁发访问令牌的方式,**必须**至少定义一个条件,使不受信任的存储库无法为云资源请求访问令牌。 {% endnote %} -### Example subject claims +### 示例主题声明 -The following examples demonstrate how to use "Subject" as a condition, and explain how the "Subject" is assembled from concatenated metadata. The [subject](https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims) uses information from the [`job` context](/actions/learn-github-actions/contexts#job-context), and instructs your cloud provider that access token requests may only be granted for requests from workflows running in specific branches, environments. The following sections describe some common subjects you can use. +以下示例演示如何使用“主题”作为条件,并说明如何从串联的元数据汇编“主题”。 [主题](https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims)使用 [`作业`上下文](/actions/learn-github-actions/contexts#job-context)中的信息,并指示云提供商只能为来自特定分支、环境中运行的工作流程的请求授予访问令牌请求。 以下各节介绍了您可以使用的一些常见主题。 -#### Filtering for a specific environment +#### 筛选特定环境 -The subject claim includes the environment name when the job references an environment. +当作业引用环境时,主题声明包括环境名称。 -You can configure a subject that filters for a specific [environment](/actions/deployment/using-environments-for-deployment) name. In this example, the workflow run must have originated from a job that has an environment named `Production`, in a repository named `octo-repo` that is owned by the `octo-org` organization: +您可以配置针对特定[环境](/actions/deployment/using-environments-for-deployment)进行筛选的主题名称。 在此示例中,工作流程运行必须源自具有环境 `Production`、位于 `octo-org` 组织拥有的存储库 `octo-repo` 中的作业: | | | | --- | ------------------------------------------------------------------- | | 语法: | `repo::environment:` | | 示例: | `repo:octo-org/octo-repo:environment:Production` | -#### Filtering for `pull_request` events +#### 筛选 `pull_request` 事件 -The subject claim includes the `pull_request` string when the workflow is triggered by a pull request event, but only if the job doesn't reference an environment. +当工作流程由拉取请求事件触发时,主题声明包括 `pull_request` 字符串,但前提是作业未引用环境。 -You can configure a subject that filters for the [`pull_request`](/actions/learn-github-actions/events-that-trigger-workflows#pull_request) event. In this example, the workflow run must have been triggered by a `pull_request` event in a repository named `octo-repo` that is owned by the `octo-org` organization: +您可以配置筛选 [`pull_request`](/actions/learn-github-actions/events-that-trigger-workflows#pull_request) 事件的主题。 在此示例中,工作流程运行必须由 `octo-org` 组织拥有的存储库 `octo-repo` 中的 `pull_request` 事件触发: | | | | --- | -------------------------------------------- | | 语法: | `repo::pull_request` | | 示例: | `repo:octo-org/octo-repo:pull_request` | -#### Filtering for a specific branch +#### 筛选特定分支 -The subject claim includes the branch name of the workflow, but only if the job doesn't reference an environment, and if the workflow is not triggered by a pull request event. +主题声明包括工作流程的分支名称,但前提是作业未引用环境,并且工作流程不是由拉取请求事件触发的。 -You can configure a subject that filters for a specific branch name. In this example, the workflow run must have originated from a branch named `demo-branch`, in a repository named `octo-repo` that is owned by the `octo-org` organization: +您可以配置筛选特定分支名称的主题。 在此示例中,工作流程运行必须源自 `octo-org` 组织拥有的存储库 `octo-repo` 中的 `demo-branch` 分支: | | | | --- | --------------------------------------------------------- | | 语法: | `repo::ref:refs/heads/branchName` | | 示例: | `repo:octo-org/octo-repo:ref:refs/heads/demo-branch` | -#### Filtering for a specific tag +#### 筛选特定标记 -The subject claim includes the tag name of the workflow, but only if the job doesn't reference an environment, and if the workflow is not triggered by a pull request event. +主题声明包括工作流程的标记名称,但前提是作业未引用环境,并且工作流程不是由拉取请求事件触发的。 -You can create a subject that filters for specific tag. In this example, the workflow run must have originated with a tag named `demo-tag`, in a repository named `octo-repo` that is owned by the `octo-org` organization: +您可以创建筛选特定标记的主题。 在此示例中,工作流程运行必须源自 `octo-org` 组织拥有的存储库 `octo-repo` 中的 `demo-tag` 标记: | | | | --- | ------------------------------------------------------------- | | 语法: | `repo::ref:refs/tags/` | | 示例: | `repo:octo-org/octo-repo:ref:refs/tags/demo-tag` | -### Configuring the subject in your cloud provider +### 在云提供商中配置主题 -To configure the subject in your cloud provider's trust relationship, you must add the subject string to its trust configuration. The following examples demonstrate how various cloud providers can accept the same `repo:octo-org/octo-repo:ref:refs/heads/demo-branch` subject in different ways: +要在云提供商的信任关系中配置主题,必须将主题字符串添加到其信任配置中。 以下示例演示了各种云提供商如何以不同的方式接受相同的 `repo:octo-org/octo-repo:ref:refs/heads/demo-branch` 主题: | | | | ------------------- | ------------------------------------------------------------------------------------------------- | @@ -206,18 +206,18 @@ To configure the subject in your cloud provider's trust relationship, you must a | Google Cloud 平台 | `(assertion.sub=='repo:octo-org/octo-repo:ref:refs/heads/demo-branch')` | | HashiCorp Vault | `bound_subject="repo:octo-org/octo-repo:ref:refs/heads/demo-branch"` | -For more information, see the guides listed in "[Enabling OpenID Connect for your cloud provider](#enabling-openid-connect-for-your-cloud-provider)." +更多信息请参阅“[为云提供商启用 OpenID Connect](#enabling-openid-connect-for-your-cloud-provider)”中列出的指南。 -## Updating your actions for OIDC +## 更新用于 OIDC 的操作 -To update your custom actions to authenticate using OIDC, you can use `getIDToken()` from the Actions toolkit to request a JWT from {% data variables.product.prodname_dotcom %}'s OIDC provider. For more information, see "OIDC Token" in the [npm package documentation](https://www.npmjs.com/package/@actions/core/v/1.6.0). +要更新您的自定义操作以使用 OIDC 进行身份验证,您可以使用 Actions 工具包中的 `getIDToken()` 从 {% data variables.product.prodname_dotcom %} 的 OIDC 提供商请求 JWT。 更多信息请参阅 [npm 包文档](https://www.npmjs.com/package/@actions/core/v/1.6.0)中的“OIDC 令牌”。 -You could also use a `curl` command to request the JWT, using the following environment variables: +您还可以使用 `curl` 命令来请求 JWT,方法是使用以下环境变量: -| | | -| -------------------------------- | ------------------------------------------------------------------------- | -| `ACTIONS_ID_TOKEN_REQUEST_URL` | The URL for {% data variables.product.prodname_dotcom %}'s OIDC provider. | -| `ACTIONS_ID_TOKEN_REQUEST_TOKEN` | Bearer token for the request to the OIDC provider. | +| | | +| -------------------------------- | ------------------------------------------------------------- | +| `ACTIONS_ID_TOKEN_REQUEST_URL` | {% data variables.product.prodname_dotcom %} 的 OIDC 提供商的 URL。 | +| `ACTIONS_ID_TOKEN_REQUEST_TOKEN` | 向 OIDC 提供商发出请求的持有者令牌。 | 例如: @@ -226,24 +226,24 @@ You could also use a `curl` command to request the JWT, using the following envi curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=api://AzureADTokenExchange" ``` -### Adding permissions settings +### 添加权限设置 {% data reusables.actions.oidc-permissions-token %} -## Updating your workflows for OIDC +## 更新 OIDC 的工作流程 -You can now update your YAML workflows to use OIDC access tokens instead of secrets. Popular cloud providers have published their official login actions that make it easy for you to get started with OIDC. For more information about updating your workflows, see the cloud-specific guides listed below in "[Enabling OpenID Connect for your cloud provider](#enabling-openid-connect-for-your-cloud-provider)." +现在,您可以更新 YAML 工作流程,以使用 OIDC 访问令牌而不是机密。 常用的云提供商已发布其官方登录操作,使您可以轻松开始使用 OIDC。 有关更新工作流程的详细信息,请参阅下面“[为云提供商启用 OpenID Connect ](#enabling-openid-connect-for-your-cloud-provider)”中列出的云特定指南。 -## Enabling OpenID Connect for your cloud provider +## 为云提供商启用 OpenID Connect -To enable and configure OIDC for your specific cloud provider, see the following guides: +要为您的特定云提供商启用和配置 OIDC,请参阅以下指南: -- ["Configuring OpenID Connect in Amazon Web Services"](/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services) -- ["Configuring OpenID Connect in Azure"](/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure) -- ["Configuring OpenID Connect in Google Cloud Platform"](/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-google-cloud-platform) -- ["Configuring OpenID Connect in Hashicorp Vault"](/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault) +- ["在 Amazon Web Services 中配置 OpenID Connect"](/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services) +- ["在 Azure 中配置 OpenID Connect"](/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure) +- ["在 Google Cloud Platform 中配置 OpenID Connect"](/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-google-cloud-platform) +- ["在 Hashicorp Vault 中配置 OpenID Connect"](/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault) -To enable and configure OIDC for another cloud provider, see the following guide: +要为其他云提供商启用和配置 OIDC,请参阅以下指南: -- ["Configuring OpenID Connect in cloud providers"](/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers) +- ["在云提供商中配置 OpenID Connect"](/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers) diff --git a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services.md b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services.md index 9924912b82..8f9715ed11 100644 --- a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services.md +++ b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services.md @@ -1,7 +1,7 @@ --- -title: Configuring OpenID Connect in Amazon Web Services -shortTitle: Configuring OpenID Connect in Amazon Web Services -intro: Use OpenID Connect within your workflows to authenticate with Amazon Web Services. +title: 在 Amazon Web Services 中配置 OpenID Connect +shortTitle: 在 Amazon Web Services 中配置 OpenID Connect +intro: 在工作流程中使用 OpenID Connect 向 Amazon Web Services 进行身份验证。 miniTocMaxHeadingLevel: 3 versions: fpt: '*' @@ -17,9 +17,9 @@ topics: ## 概览 -OpenID Connect (OIDC) allows your {% data variables.product.prodname_actions %} workflows to access resources in Amazon Web Services (AWS), without needing to store the AWS credentials as long-lived {% data variables.product.prodname_dotcom %} secrets. +OpenID Connect (OIDC) 允许您的 {% data variables.product.prodname_actions %} 工作流程访问 Amazon Web Services (AWS) 中的资源,而无需将任何 AWS 凭据存储为长期 {% data variables.product.prodname_dotcom %} 机密。 -This guide explains how to configure AWS to trust {% data variables.product.prodname_dotcom %}'s OIDC as a federated identity, and includes a workflow example for the [`aws-actions/configure-aws-credentials`](https://github.com/aws-actions/configure-aws-credentials) that uses tokens to authenticate to AWS and access resources. +本指南介绍如何配置 AWS 信任 {% data variables.product.prodname_dotcom %} 的 OIDC 作为联合标识,并包括使用令牌向 AWS 验证并访问资源的 [`aws-actions/configure-aws-credentials`](https://github.com/aws-actions/configure-aws-credentials) 工作流程示例。 ## 基本要求 @@ -27,18 +27,18 @@ This guide explains how to configure AWS to trust {% data variables.product.prod {% data reusables.actions.oidc-security-notice %} -## Adding the identity provider to AWS +## 将身份提供商添加到 AWS -To add the {% data variables.product.prodname_dotcom %} OIDC provider to IAM, see the [AWS documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html). +要将 {% data variables.product.prodname_dotcom %} OIDC 提供商添加到 IAM,请参阅 [AWS 文档](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html)。 -- For the provider URL: Use `https://token.actions.githubusercontent.com` -- For the "Audience": Use `sts.amazonaws.com` if you are using the [official action](https://github.com/aws-actions/configure-aws-credentials). +- 对于提供商 URL:使用 `https://token.actions.githubusercontent.com` +- 对于“受众”:如果您使用的是[官方操作](https://github.com/aws-actions/configure-aws-credentials),请使用 `sts.amazonaws.com`。 -### Configuring the role and trust policy +### 配置角色和信任策略 -To configure the role and trust in IAM, see the AWS documentation for ["Assuming a Role"](https://github.com/aws-actions/configure-aws-credentials#assuming-a-role) and ["Creating a role for web identity or OpenID connect federation"](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_oidc.html). +要在 IAM 中配置角色和信任,请参阅 AWS 文档中的[“假定角色”](https://github.com/aws-actions/configure-aws-credentials#assuming-a-role)和[“为 Web 身份或 OpenID Connect Federation 创建角色”](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_oidc.html)。 -Edit the trust relationship to add the `sub` field to the validation conditions. 例如: +编辑信任关系以将 `sub` 字段添加到验证条件。 例如: ```json{:copy} "Condition": { @@ -51,21 +51,21 @@ Edit the trust relationship to add the `sub` field to the validation conditions. ## 更新 {% data variables.product.prodname_actions %} 工作流程 -To update your workflows for OIDC, you will need to make two changes to your YAML: -1. Add permissions settings for the token. -2. Use the [`aws-actions/configure-aws-credentials`](https://github.com/aws-actions/configure-aws-credentials) action to exchange the OIDC token (JWT) for a cloud access token. +要更新 OIDC 的工作流程,您需要对 YAML 进行两项更改: +1. 为令牌添加权限设置。 +2. 使用 [`aws-actions/configure-aws-credentials`](https://github.com/aws-actions/configure-aws-credentials) 操作将 OIDC 令牌 (JWT) 交换为云访问令牌。 -### Adding permissions settings +### 添加权限设置  {% data reusables.actions.oidc-permissions-token %} -### Requesting the access token +### 请求访问令牌 -The `aws-actions/configure-aws-credentials` action receives a JWT from the {% data variables.product.prodname_dotcom %} OIDC provider, and then requests an access token from AWS. For more information, see the AWS [documentation](https://github.com/aws-actions/configure-aws-credentials). +`aws-actions/configure-aws-credentials` 操作从 {% data variables.product.prodname_dotcom %} OIDC 提供商接收 JWT,然后从 AWS 请求访问令牌。 更多信息请参阅 AWS [文档](https://github.com/aws-actions/configure-aws-credentials)。 -- ``: Add the name of your S3 bucket here. -- ``: Replace the example with your AWS role. -- ``: Add the name of your AWS region here. +- ``:在此处添加 S3 存储桶的名称。 +- ``:将示例替换为您的 AWS 角色。 +- ``:在此处添加您的 AWS 区域的名称。 ```yaml{:copy} # Sample workflow to access AWS resources when workflow is tied to branch diff --git a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure.md b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure.md index ee6c4342fa..0d0f10e75d 100644 --- a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure.md +++ b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure.md @@ -1,7 +1,7 @@ --- -title: Configuring OpenID Connect in Azure -shortTitle: Configuring OpenID Connect in Azure -intro: Use OpenID Connect within your workflows to authenticate with Azure. +title: 在 Azure 中配置 OpenID Connect +shortTitle: 在 Azure 中配置 OpenID Connect +intro: 在工作流程中使用 OpenID Connect 向 Azure 进行身份验证。 miniTocMaxHeadingLevel: 3 versions: fpt: '*' @@ -17,9 +17,9 @@ topics: ## 概览 -OpenID Connect (OIDC) allows your {% data variables.product.prodname_actions %} workflows to access resources in Azure, without needing to store the Azure credentials as long-lived {% data variables.product.prodname_dotcom %} secrets. +OpenID Connect (OIDC) 允许您的 {% data variables.product.prodname_actions %} 工作流程访问 Azure 中的资源,而无需将任何 Azure 凭据存储为长期 {% data variables.product.prodname_dotcom %} 机密。 -This guide gives an overview of how to configure Azure to trust {% data variables.product.prodname_dotcom %}'s OIDC as a federated identity, and includes a workflow example for the [`azure/login`](https://github.com/Azure/login) action that uses tokens to authenticate to Azure and access resources. +本指南概述了如何配置 Azure 信任 {% data variables.product.prodname_dotcom %} 的 OIDC 作为联合标识,并包括 [`azure/login`](https://github.com/Azure/login) 操作的工作流程示例,该操作使用令牌向 Azure 进行身份验证和访问资源。 ## 基本要求 @@ -27,36 +27,36 @@ This guide gives an overview of how to configure Azure to trust {% data variable {% data reusables.actions.oidc-security-notice %} -## Adding the Federated Credentials to Azure +## 将联合凭据添加到 Azure -{% data variables.product.prodname_dotcom %}'s OIDC provider works with Azure's workload identity federation. For an overview, see Microsoft's documentation at "[Workload identity federation](https://docs.microsoft.com/en-us/azure/active-directory/develop/workload-identity-federation)." +{% data variables.product.prodname_dotcom %} 的 OIDC 提供商与 Azure 的工作负载联合身份验证配合使用。 有关概述,请参阅 Microsoft 的文档“[工作负载联合身份验证](https://docs.microsoft.com/en-us/azure/active-directory/develop/workload-identity-federation)”。 -To configure the OIDC identity provider in Azure, you will need to perform the following configuration. For instructions on making these changes, refer to [the Azure documentation](https://docs.microsoft.com/en-us/azure/developer/github/connect-from-azure). +要在 Azure 中配置 OIDC 身份提供商,您需要执行以下配置。 有关进行这些更改的说明,请参阅 [Azure 文档](https://docs.microsoft.com/en-us/azure/developer/github/connect-from-azure)。 -1. Create an Azure Active Directory application and a service principal. -2. Add federated credentials for the Azure Active Directory application. -3. Create {% data variables.product.prodname_dotcom %} secrets for storing Azure configuration. +1. 创建 Azure Active Directory 应用程序和服务主体。 +2. 为 Azure Active Directory 应用程序添加联合凭据。 +3. 创建用于存储 Azure 配置的 {% data variables.product.prodname_dotcom %} 机密。 -Additional guidance for configuring the identity provider: +配置身份提供商的附加指导: -- For security hardening, make sure you've reviewed ["Configuring the OIDC trust with the cloud"](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud). For an example, see ["Configuring the subject in your cloud provider"](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-subject-in-your-cloud-provider). -- For the `audience` setting, `api://AzureADTokenExchange` is the recommended value, but you can also specify other values here. +- 为强化安全,请确保您已查看[“使用云配置 OIDC 信任”](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud)。 有关示例,请参阅[“在云提供商中配置主题”](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-subject-in-your-cloud-provider)。 +- 对于`受众`设置,建议的值为 `api://AzureADTokenExchange`,但您也可以在此处指定其他值。 ## 更新 {% data variables.product.prodname_actions %} 工作流程 -To update your workflows for OIDC, you will need to make two changes to your YAML: -1. Add permissions settings for the token. -2. Use the [`azure/login`](https://github.com/Azure/login) action to exchange the OIDC token (JWT) for a cloud access token. +要更新 OIDC 的工作流程,您需要对 YAML 进行两项更改: +1. 为令牌添加权限设置。 +2. 使用 [`azure/login`](https://github.com/Azure/login) 操作将 OIDC 令牌 (JWT) 交换为云访问令牌。 -### Adding permissions settings +### 添加权限设置  {% data reusables.actions.oidc-permissions-token %} -### Requesting the access token +### 请求访问令牌 -The [`azure/login`](https://github.com/Azure/login) action receives a JWT from the {% data variables.product.prodname_dotcom %} OIDC provider, and then requests an access token from Azure. For more information, see the [`azure/login`](https://github.com/Azure/login) documentation. +[`azure/login`](https://github.com/Azure/login) 操作从 {% data variables.product.prodname_dotcom %} OIDC 提供商接收 JWT,然后从 Azure 请求访问令牌。 更多信息请参阅 [`azure/login`](https://github.com/Azure/login) 文档。 -The following example exchanges an OIDC ID token with Azure to receive an access token, which can then be used to access cloud resources. +以下示例将 OIDC ID 令牌与 Azure 交换以接收访问令牌,然后可以使用该令牌访问云资源。 {% raw %} ```yaml{:copy} diff --git a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers.md b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers.md index d0823e7108..994275f4be 100644 --- a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers.md +++ b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers.md @@ -1,7 +1,7 @@ --- -title: Configuring OpenID Connect in cloud providers -shortTitle: Configuring OpenID Connect in cloud providers -intro: Use OpenID Connect within your workflows to authenticate with cloud providers. +title: 在云提供商中配置 OpenID Connect +shortTitle: 在云提供商中配置 OpenID Connect +intro: 在工作流程中使用 OpenID Connect 向云提供商进行身份验证。 miniTocMaxHeadingLevel: 3 versions: fpt: '*' @@ -17,9 +17,9 @@ topics: ## 概览 -OpenID Connect (OIDC) allows your {% data variables.product.prodname_actions %} workflows to access resources in your cloud provider, without having to store any credentials as long-lived {% data variables.product.prodname_dotcom %} secrets. +OpenID Connect (OIDC) 允许您的 {% data variables.product.prodname_actions %} 工作流程访问云提供商中的资源,而无需将任何凭据存储为长期 {% data variables.product.prodname_dotcom %} 机密。 -To use OIDC, you will first need to configure your cloud provider to trust {% data variables.product.prodname_dotcom %}'s OIDC as a federated identity, and must then update your workflows to authenticate using tokens. +要使用 OIDC,需要先配置云提供商信任 {% data variables.product.prodname_dotcom %} 的 OIDC 作为联合身份,然后必须更新工作流程以使用令牌进行验证。 ## 基本要求 @@ -29,35 +29,35 @@ To use OIDC, you will first need to configure your cloud provider to trust {% da ## 更新 {% data variables.product.prodname_actions %} 工作流程 -To update your workflows for OIDC, you will need to make two changes to your YAML: -1. Add permissions settings for the token. -2. Use the official action from your cloud provider to exchange the OIDC token (JWT) for a cloud access token. +要更新 OIDC 的工作流程,您需要对 YAML 进行两项更改: +1. 为令牌添加权限设置。 +2. 使用云提供商的官方操作将 OIDC 令牌 (JWT) 交换为云访问令牌。 -If your cloud provider doesn't yet offer an official action, you can update your workflows to perform these steps manually. +如果您的云提供商尚未提供官方操作,您可以更新工作流程以手动执行这些步骤。 -### Adding permissions settings +### 添加权限设置  {% data reusables.actions.oidc-permissions-token %} -### Using official actions +### 使用官方操作 -If your cloud provider has created an official action for using OIDC with {% data variables.product.prodname_actions %}, it will allow you to easily exchange the OIDC token for an access token. You can then update your workflows to use this token when accessing cloud resources. +如果您的云提供商已创建将 OIDC 与 {% data variables.product.prodname_actions %} 结合使用的官方操作,它将允许您轻松地将 OIDC 令牌交换为访问令牌。 然后,可以更新工作流程,以便在访问云资源时使用此令牌。 -## Using custom actions +## 使用自定义操作 -If your cloud provider doesn't have an official action, or if you prefer to create custom scripts, you can manually request the JSON Web Token (JWT) from {% data variables.product.prodname_dotcom %}'s OIDC provider. +如果您的云提供商没有官方操作,或者您更喜欢创建自定义脚本,则可以手动向 {% data variables.product.prodname_dotcom %}的 OIDC 提供商请求 JSON Web 令牌 (JWT)。 -If you're not using an official action, then {% data variables.product.prodname_dotcom %} recommends that you use the Actions core toolkit. Alternatively, you can use the following environment variables to retrieve the token: `ACTIONS_RUNTIME_TOKEN`, `ACTIONS_ID_TOKEN_REQUEST_URL`. +如果您没有使用官方操作,则 {% data variables.product.prodname_dotcom %} 建议您使用 Actions 核心工具包。 或者,可以使用以下环境变量来检索令牌:`ACTIONS_RUNTIME_TOKEN`、`ACTIONS_ID_TOKEN_REQUEST_URL`。 -To update your workflows using this approach, you will need to make three changes to your YAML: +要使用此方法更新工作流程,您需要对 YAML 进行三项更改: -1. Add permissions settings for the token. -2. Add code that requests the OIDC token from {% data variables.product.prodname_dotcom %}'s OIDC provider. -3. Add code that exchanges the OIDC token with your cloud provider for an access token. +1. 为令牌添加权限设置。 +2. 添加从 {% data variables.product.prodname_dotcom %} 的 OIDC 提供商请求 OIDC 令牌的代码。 +3. 添加用于将 OIDC 令牌与您的云提供商交换为访问令牌的代码。 -### Requesting the JWT using the Actions core toolkit +### 使用 Actions 核心工具包请求 JWT -The following example demonstrates how to use `actions/github-script` with the `core` toolkit to request the JWT from {% data variables.product.prodname_dotcom %}'s OIDC provider. For more information, see "[Adding actions toolkit packages](/actions/creating-actions/creating-a-javascript-action#adding-actions-toolkit-packages)." +以下示例演示如何使用 `actions/github-script` 与 `core` 工具包,从 {% data variables.product.prodname_dotcom %} 的 OIDC 提供程序请求 JWT。 更多信息请参阅“[添加 Actions 工具包](/actions/creating-actions/creating-a-javascript-action#adding-actions-toolkit-packages)”。 ```yaml jobs: @@ -77,11 +77,11 @@ jobs: coredemo.setOutput('id_token', id_token) ``` -### Requesting the JWT using environment variables +### 使用环境变量请求 JWT -The following example demonstrates how to use enviroment variables to request a JSON Web Token. +下面的示例演示如何使用环境变量来请求 JSON Web 令牌。 -For your deployment job, you will need to define the token settings, using `actions/github-script` with the `core` toolkit. For more information, see "[Adding actions toolkit packages](/actions/creating-actions/creating-a-javascript-action#adding-actions-toolkit-packages)." +对于部署作业,需要使用 `actions/github-script` 与 `core` 工具包定义令牌设置。 更多信息请参阅“[添加 Actions 工具包](/actions/creating-actions/creating-a-javascript-action#adding-actions-toolkit-packages)”。 例如: @@ -102,7 +102,7 @@ jobs: core.setOutput('IDTOKENURL', runtimeUrl.trim()) ``` -You can then use `curl` to retrieve a JWT from the {% data variables.product.prodname_dotcom %} OIDC provider. 例如: +然后,您可以使用 `curl` 从 {% data variables.product.prodname_dotcom %} OIDC 提供商检索 JWT。 例如: ```yaml - run: | @@ -119,14 +119,14 @@ You can then use `curl` to retrieve a JWT from the {% data variables.product.pro id: tokenid ``` -### Getting the access token from the cloud provider +### 从云提供商获取访问令牌 -You will need to present the OIDC JSON web token to your cloud provider in order to obtain an access token. +您需要向云提供商提供 OIDC JSON Web 令牌,以便获取访问令牌。 -For each deployment, your workflows must use cloud login actions (or custom scripts) that fetch the OIDC token and present it to your cloud provider. The cloud provider then validates the claims in the token; if successful, it provides a cloud access token that is available only to that job run. The provided access token can then be used by subsequent actions in the job to connect to the cloud and deploy to its resources. +对于每个部署,您的工作流程必须使用云登录操作(或自定义脚本),以提取 OIDC 令牌并将其提供给您的云提供商。 然后,云提供商验证令牌中的声明;如果成功,它将提供仅可用于该作业运行的云访问令牌。 然后,作业中的后续操作可以使用提供的访问令牌连接到云并部署到其资源。 -The steps for exchanging the OIDC token for an access token will vary for each cloud provider. +将 OIDC 令牌交换为访问令牌的步骤因每个云提供商而异。 -### Accessing resources in your cloud provider +### 访问云提供商中的资源 -Once you've obtained the access token, you can use specific cloud actions or scripts to authenticate to the cloud provider and deploy to its resources. These steps could differ for each cloud provider. In addition, the default expiration time of this access token could vary between each cloud and can be configurable at the cloud provider's side. +获取访问令牌后,可以使用特定的云操作或脚本向云提供商进行身份验证并部署到其资源。 对于每个云提供商,这些步骤可能会有所不同。 此外,此访问令牌的默认过期时间可能因每个云而异,并且可以在云提供商端进行配置。 diff --git a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-google-cloud-platform.md b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-google-cloud-platform.md index 068cb10739..b36b348e7e 100644 --- a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-google-cloud-platform.md +++ b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-google-cloud-platform.md @@ -1,7 +1,7 @@ --- -title: Configuring OpenID Connect in Google Cloud Platform -shortTitle: Configuring OpenID Connect in Google Cloud Platform -intro: Use OpenID Connect within your workflows to authenticate with Google Cloud Platform. +title: 在 Google Cloud Platform 中配置 OpenID Connect +shortTitle: 在 Google Cloud Platform 中配置 OpenID Connect +intro: 在工作流程中使用 OpenID Connect 向 Google Cloud 平台进行身份验证。 miniTocMaxHeadingLevel: 3 versions: fpt: '*' @@ -17,9 +17,9 @@ topics: ## 概览 -OpenID Connect (OIDC) allows your {% data variables.product.prodname_actions %} workflows to access resources in Google Cloud Platform (GCP), without needing to store the GCP credentials as long-lived {% data variables.product.prodname_dotcom %} secrets. +OpenID Connect (OIDC) 允许您的 {% data variables.product.prodname_actions %} 工作流程访问 Google Cloud 平台中的资源,而无需将任何 GCP 凭据存储为长期 {% data variables.product.prodname_dotcom %} 机密。 -This guide gives an overview of how to configure GCP to trust {% data variables.product.prodname_dotcom %}'s OIDC as a federated identity, and includes a workflow example for the [`google-github-actions/auth`](https://github.com/google-github-actions/auth) action that uses tokens to authenticate to GCP and access resources. +本指南概述了如何配置 GCP 信任 {% data variables.product.prodname_dotcom %} 的 OIDC 作为联合标识,并包括 [`google-github-actions/auth`](https://github.com/google-github-actions/auth) 操作的工作流程示例,该操作使用令牌向 GCP 进行身份验证和访问资源。 ## 基本要求 @@ -27,41 +27,41 @@ This guide gives an overview of how to configure GCP to trust {% data variables. {% data reusables.actions.oidc-security-notice %} -## Adding a Google Cloud Workload Identity Provider +## 添加 Google Cloud 工作负载身份提供商 -To configure the OIDC identity provider in GCP, you will need to perform the following configuration. For instructions on making these changes, refer to [the GCP documentation](https://github.com/google-github-actions/auth). +要在 GCP 中配置 OIDC 身份提供商,您需要执行以下配置。 有关进行这些更改的说明,请参阅 [GCP 文档](https://github.com/google-github-actions/auth)。 -1. Create a new identity pool. -2. Configure the mapping and add conditions. -3. Connect the new pool to a service account. +1. 创建新的身份池。 +2. 配置映射并添加条件。 +3. 将新池连接到服务帐户。 -Additional guidance for configuring the identity provider: +配置身份提供商的附加指导: -- For security hardening, make sure you've reviewed ["Configuring the OIDC trust with the cloud"](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud). For an example, see ["Configuring the subject in your cloud provider"](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-subject-in-your-cloud-provider). -- For the service account to be available for configuration, it needs to be assigned to the `roles/iam.workloadIdentityUser` role. For more information, see [the GCP documentation](https://cloud.google.com/iam/docs/workload-identity-federation?_ga=2.114275588.-285296507.1634918453#conditions). -- The Issuer URL to use: `https://token.actions.githubusercontent.com` +- 为强化安全,请确保您已查看[“使用云配置 OIDC 信任”](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud)。 有关示例,请参阅[“在云提供商中配置主题”](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-subject-in-your-cloud-provider)。 +- 要使服务帐户可用于配置,需要将其分配给 `roles/iam.workloadIdentityUser` 角色。 更多信息请参阅 [GCP 文档](https://cloud.google.com/iam/docs/workload-identity-federation?_ga=2.114275588.-285296507.1634918453#conditions)。 +- 要使用的颁发者 URL:`https://token.actions.githubusercontent.com` ## 更新 {% data variables.product.prodname_actions %} 工作流程 -To update your workflows for OIDC, you will need to make two changes to your YAML: -1. Add permissions settings for the token. -2. Use the [`google-github-actions/auth`](https://github.com/google-github-actions/auth) action to exchange the OIDC token (JWT) for a cloud access token. +要更新 OIDC 的工作流程,您需要对 YAML 进行两项更改: +1. 为令牌添加权限设置。 +2. 使用 [`google-github-actions/auth`](https://github.com/google-github-actions/auth) 操作将 OIDC 令牌 (JWT) 交换为云访问令牌。 -### Adding permissions settings +### 添加权限设置  {% data reusables.actions.oidc-permissions-token %} -### Requesting the access token +### 请求访问令牌 -The `google-github-actions/auth` action receives a JWT from the {% data variables.product.prodname_dotcom %} OIDC provider, and then requests an access token from GCP. For more information, see the GCP [documentation](https://github.com/google-github-actions/auth). +`google-github-actions/auth` 操作从 {% data variables.product.prodname_dotcom %} OIDC 提供商接收 JWT,然后从 GCP 请求访问令牌。 更多信息请参阅 GCP [文档](https://github.com/google-github-actions/auth)。 -This example has a job called `Get_OIDC_ID_token` that uses actions to request a list of services from GCP. +此示例有一个名为 `Get_OIDC_ID_token` 的作业,该作业使用操作从 GCP 请求服务列表。 -- ``: Replace this with the path to your identity provider in GCP. For example, `projects//locations/global/workloadIdentityPools/` -- ``: Replace this with the name of your service account in GCP. -- ``: Replace this with the ID of your GCP project. +- ``:将此值替换为指向 GCP 中身份提供商的路径。 例如 `projects//locations/global/workloadIdentityPools/` +- ``:将此值替换为您在 GCP 中的服务帐户的名称。 +- ``:将此值替换为 GCP 项目的 ID。 -This action exchanges a {% data variables.product.prodname_dotcom %} OIDC token for a Google Cloud access token, using [Workload Identity Federation](https://cloud.google.com/iam/docs/workload-identity-federation). +此操作使用[工作负载联合身份验证](https://cloud.google.com/iam/docs/workload-identity-federation)将 {% data variables.product.prodname_dotcom %} OIDC 令牌交换为 Google Cloud 访问令牌。 {% raw %} ```yaml{:copy} diff --git a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault.md b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault.md index e2f45d1934..ce7e5e6f93 100644 --- a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault.md +++ b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault.md @@ -1,7 +1,7 @@ --- -title: Configuring OpenID Connect in HashiCorp Vault -shortTitle: Configuring OpenID Connect in HashiCorp Vault -intro: Use OpenID Connect within your workflows to authenticate with HashiCorp Vault. +title: 在 HashiCorp Vault 中配置 OpenID Connect +shortTitle: 在 HashiCorp Vault 中配置 OpenID Connect +intro: 在工作流程中使用 OpenID Connect 通过 HashiCorp Vault 进行身份验证。 miniTocMaxHeadingLevel: 3 versions: fpt: '*' @@ -17,9 +17,9 @@ topics: ## 概览 -OpenID Connect (OIDC) allows your {% data variables.product.prodname_actions %} workflows to authenticate with a HashiCorp Vault to retrieve secrets. +OpenID Connect (OIDC) 允许您的 {% data variables.product.prodname_actions %} 工作流程使用 HashiCorp Vault 进行身份验证以检索机密。 -This guide gives an overview of how to configure HashiCorp Vault to trust {% data variables.product.prodname_dotcom %}'s OIDC as a federated identity, and demonstrates how to use this configuration in the [hashicorp/vault-action](https://github.com/hashicorp/vault-action) action to retrieve secrets from HashiCorp Vault. +本指南概述如何配置 HashiCorp Vault 信任 {% data variables.product.prodname_dotcom %} 的 OIDC 作为联合身份,并演示如何在 [hashicorp/vault-action](https://github.com/hashicorp/vault-action) 操作中使用此配置从 HashiCorp Vault 检索机密。 ## 基本要求 @@ -27,45 +27,45 @@ This guide gives an overview of how to configure HashiCorp Vault to trust {% dat {% data reusables.actions.oidc-security-notice %} -## Adding the identity provider to HashiCorp Vault +## 将身份提供商添加到 HashiCorp Vault -To use OIDC with HashiCorp Vault, you will need to add a trust configuration for the {% data variables.product.prodname_dotcom %} OIDC provider. For more information, see the HashiCorp Vault [documentation](https://www.vaultproject.io/docs/auth/jwt). +要将 OIDC 与 HashiCorp Vault 配合使用,您需要为 {% data variables.product.prodname_dotcom %} OIDC 提供商添加信任配置。 更多信息请参阅 HashiCorp Vault [文档](https://www.vaultproject.io/docs/auth/jwt)。 -Configure the vault to accept JSON Web Tokens (JWT) for authentication: -- For the `oidc_discovery_url`, use `https://token.actions.githubusercontent.com` -- For `bound_issuer`, use `https://token.actions.githubusercontent.com` -- Ensure that `bound_subject` is correctly defined for your security requirements. For more information, see ["Configuring the OIDC trust with the cloud"](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud) and [`hashicorp/vault-action`](https://github.com/hashicorp/vault-action). +配置 Vault 接受 JSON Web 令牌 (JWT) 进行身份验证: +- 对于 `oidc_discovery_url`,请使用 `https://token.actions.githubusercontent.com` +- 对于 `bound_issuer`,请使用 `https://token.actions.githubusercontent.com` +- 确保针对您的安全要求正确定义了 `bound_subject`。 更多信息请参阅[“使用云配置 OIDC 信任”](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud)和 [`hashicorp/vault-action`](https://github.com/hashicorp/vault-action)。 ## 更新 {% data variables.product.prodname_actions %} 工作流程 -To update your workflows for OIDC, you will need to make two changes to your YAML: -1. Add permissions settings for the token. -2. Use the [`hashicorp/vault-action`](https://github.com/hashicorp/vault-action) action to exchange the OIDC token (JWT) for a cloud access token. +要更新 OIDC 的工作流程,您需要对 YAML 进行两项更改: +1. 为令牌添加权限设置。 +2. 使用 [`hashicorp/vault-action`](https://github.com/hashicorp/vault-action) 操作将 OIDC 令牌 (JWT) 交换为云访问令牌。 -To add OIDC integration to your workflows that allow them to access secrets in Vault, you will need to add the following code changes: +要将 OIDC 集成添加到您的工作流程中,以允许他们访问 Vault 中的密钥,您需要添加以下代码更改: - Grant permission to fetch the token from the {% data variables.product.prodname_dotcom %} OIDC provider: - - The workflow needs `permissions:` settings with the `id-token` value set to `write`. This lets you fetch the OIDC token from every job in the workflow. -- Request the JWT from the {% data variables.product.prodname_dotcom %} OIDC provider, and present it to HashiCorp Vault to receive an access token: - - You could use the [Actions toolkit](https://github.com/actions/toolkit/) to fetch the tokens for your job, or you can use the [`hashicorp/vault-action`](https://github.com/hashicorp/vault-action) action to fetch the JWT and receive the access token from the Vault. + - 工作流需要 `permissions:` 设置将 `id-token` 值设为 `write`。 This lets you fetch the OIDC token from every job in the workflow. +- 向 {% data variables.product.prodname_dotcom %} OIDC 提供商请求 JWT,并将其提供给 HashiCorp Vault 以接收访问令牌: + - 您可以使用[操作工具包](https://github.com/actions/toolkit/)来获取作业的令牌,也可以使用 [`hashicorp/vault-action`](https://github.com/hashicorp/vault-action) 操作来获取 JWT 并从 Vault 接收访问令牌。 -This example demonstrates how to use OIDC with the official action to request a secret from HashiCorp Vault. +此示例演示如何将 OIDC 与官方操作结合使用,以向 HashiCorp Vault 请求机密。 -### Adding permissions settings +### 添加权限设置  {% data reusables.actions.oidc-permissions-token %} -### Requesting the access token +### 请求访问令牌 -The `hashicorp/vault-action` action receives a JWT from the {% data variables.product.prodname_dotcom %} OIDC provider, and then requests an access token from your HashiCorp Vault instance to retrieve secrets. For more information, see the HashiCorp Vault [documentation](https://github.com/hashicorp/vault-action). +`hashicorp/vault-action` 操作从 {% data variables.product.prodname_dotcom %} OIDC 提供商接收 JWT,然后从 HashiCorp Vault 实例请求访问令牌以检索机密。 更多信息请参阅 HashiCorp Vault [文档](https://github.com/hashicorp/vault-action)。 -This example demonstrates how to create a job that requests a secret from HashiCorp Vault. +此示例演示如何创建从 HashiCorp Vault请求机密的作业。 -- ``: Replace this with the URL of your HashiCorp Vault. -- ``: Replace this with the role you've set in the HashiCorp Vault trust relationship. -- ``: Replace this with the audience you've defined in the HashiCorp Vault trust relationship. -- ``: Replace this with the path to the secret you're retrieving from HashiCorp Vault. For example: `secret/data/ci npmToken`. +- ``:将此值替换为您的 HashiCorp Vault 的URL。 +- ``:将此值替换为您在 HashiCorp Vault 信任关系中设置的角色。 +- ``:将此值替换为您在 HashiCorp Vault 信任关系中定义的受众。 +- ``:将此值替换为您从 HashiCorp Vault 检索的机密的路径。 例如:`secret/data/ci npmToken`。 ```yaml{:copy} jobs: diff --git a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/index.md b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/index.md index 8a6f5e6066..28f93c40b4 100644 --- a/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/index.md +++ b/translations/zh-CN/content/actions/deployment/security-hardening-your-deployments/index.md @@ -1,7 +1,7 @@ --- -title: Security hardening your deployments -shortTitle: Security hardening your deployments -intro: Use OpenID Connect within your workflows to authenticate with your cloud provider. +title: 安全强化您的部署 +shortTitle: 安全强化您的部署 +intro: 在工作流程中使用 OpenID Connect 向云提供商进行身份验证。 versions: fpt: '*' ghae: issue-4856 diff --git a/translations/zh-CN/content/actions/deployment/targeting-different-environments/index.md b/translations/zh-CN/content/actions/deployment/targeting-different-environments/index.md index a3360b7e02..48d573190c 100644 --- a/translations/zh-CN/content/actions/deployment/targeting-different-environments/index.md +++ b/translations/zh-CN/content/actions/deployment/targeting-different-environments/index.md @@ -1,7 +1,7 @@ --- -title: Targeting different environments -shortTitle: Targeting different environments -intro: 您可以使用保护规则和机密配置环境。 A workflow job that references an environment must follow any protection rules for the environment before running or accessing the environment's secrets. +title: 针对不同的环境 +shortTitle: 针对不同的环境 +intro: 您可以使用保护规则和机密配置环境。 引用环境的工作流程作业在运行或访问环境的机密之前,必须遵循环境的任何保护规则。 versions: fpt: '*' ghes: '*' diff --git a/translations/zh-CN/content/actions/deployment/targeting-different-environments/using-environments-for-deployment.md b/translations/zh-CN/content/actions/deployment/targeting-different-environments/using-environments-for-deployment.md index 52d5005266..b836c1139b 100644 --- a/translations/zh-CN/content/actions/deployment/targeting-different-environments/using-environments-for-deployment.md +++ b/translations/zh-CN/content/actions/deployment/targeting-different-environments/using-environments-for-deployment.md @@ -1,7 +1,7 @@ --- -title: Using environments for deployment -shortTitle: Use environments for deployment -intro: 您可以使用保护规则和机密配置环境。 A workflow job that references an environment must follow any protection rules for the environment before running or accessing the environment's secrets. +title: 使用环境进行部署 +shortTitle: 使用环境进行部署 +intro: 您可以使用保护规则和机密配置环境。 引用环境的工作流程作业在运行或访问环境的机密之前,必须遵循环境的任何保护规则。 product: '{% data reusables.gated-features.environments %}' miniTocMaxHeadingLevel: 3 redirect_from: @@ -18,16 +18,16 @@ versions: ## 关于环境 -Environments are used to describe a general deployment target like `production`, `staging`, or `development`. When a {% data variables.product.prodname_actions %} workflow deploys to an environment, the environment is displayed on the main page of the repository. For more information about viewing deployments to environments, see "[Viewing deployment history](/developers/overview/viewing-deployment-history)." +Environments are used to describe a general deployment target like `production`, `staging`, or `development`. When a {% data variables.product.prodname_actions %} workflow deploys to an environment, the environment is displayed on the main page of the repository. 有关查看环境部署的详细信息,请参阅“[查看部署历史记录](/developers/overview/viewing-deployment-history)”。 您可以使用保护规则和机密配置环境。 当工作流程引用环境时,作业在环境的所有保护规则通过之前不会开始。 在所有环境保护规则通过之前,作业也不能访问在环境中定义的机密。 {% ifversion fpt %} {% note %} -**Note:** You can only configure environments for public repositories. 如果您将仓库从公开转换为私密,任何配置的保护规则或环境机密将被忽略, 并且您将无法配置任何环境。 如果将仓库转换回公共,您将有权访问以前配置的任何保护规则和环境机密。 +**注意:** 您只能为公共存储库配置环境。 如果您将仓库从公开转换为私密,任何配置的保护规则或环境机密将被忽略, 并且您将无法配置任何环境。 如果将仓库转换回公共,您将有权访问以前配置的任何保护规则和环境机密。 -Organizations that use {% data variables.product.prodname_ghe_cloud %} can configure environments for private repositories. 更多信息请参阅 [{% data variables.product.prodname_ghe_cloud %} 文档](/enterprise-cloud@latest/actions/deployment/targeting-different-environments/using-environments-for-deployment)。 {% data reusables.enterprise.link-to-ghec-trial %} +使用 {% data variables.product.prodname_ghe_cloud %} 的组织可以为私有仓库配置环境。 更多信息请参阅 [{% data variables.product.prodname_ghe_cloud %} 文档](/enterprise-cloud@latest/actions/deployment/targeting-different-environments/using-environments-for-deployment)。 {% data reusables.enterprise.link-to-ghec-trial %} {% endnote %} {% endif %} @@ -63,7 +63,7 @@ Organizations that use {% data variables.product.prodname_ghe_cloud %} can confi {% note %} -**注意:** 在自托管运行器上运行的工作流程不会在一个孤立的容器中运行,即使它们使用环境。 Environment secrets should be treated with the same level of security as repository and organization secrets. 更多信息请参阅“[GitHub Actions 的安全性增强](/actions/learn-github-actions/security-hardening-for-github-actions#hardening-for-self-hosted-runners)”。 +**注意:** 在自托管运行器上运行的工作流程不会在一个孤立的容器中运行,即使它们使用环境。 环境机密应与存储库和组织机密的安全级别相同。 更多信息请参阅“[GitHub Actions 的安全性增强](/actions/learn-github-actions/security-hardening-for-github-actions#hardening-for-self-hosted-runners)”。 {% endnote %} @@ -76,30 +76,30 @@ Organizations that use {% data variables.product.prodname_ghe_cloud %} can confi {% data reusables.actions.sidebar-environment %} {% data reusables.actions.new-environment %} {% data reusables.actions.name-environment %} -1. Optionally, specify people or teams that must approve workflow jobs that use this environment. - 1. Select **Required reviewers**. - 1. Enter up to 6 people or teams. 只有一个必需的审查者需要批准该作业才能继续。 - 1. Click **Save protection rules**. -2. Optionally, specify the amount of time to wait before allowing workflow jobs that use this environment to proceed. - 1. Select **Wait timer**. - 1. Enter the number of minutes to wait. - 1. Click **Save protection rules**. -3. Optionally, specify what branches can deploy to this environment. For more information about the possible values, see "[Deployment branches](#deployment-branches)." - 1. Select the desired option in the **Deployment branches** dropdown. - 1. If you chose **Selected branches**, enter the branch name patterns that you want to allow. -4. Optionally, add environment secrets. These secrets are only available to workflow jobs that use the environment. Additionally, workflow jobs that use this environment can only access these secrets after any configured rules (for example, required reviewers) pass. 有关机密的更多信息,请参阅“[加密密码](/actions/reference/encrypted-secrets)”。 - 1. Under **Environment secrets**, click **Add Secret**. - 1. Enter the secret name. - 1. Enter the secret value. +1. (可选)指定必须批准使用此环境的工作流程作业的人员或团队。 + 1. 选择 **Required reviewers(必需的审查者)**。 + 1. 最多可输入 6 人或团队。 只有一个必需的审查者需要批准该作业才能继续。 + 1. 单击 **Save protection rules(保存保护规则)**。 +2. (可选)指定在允许使用此环境的工作流程作业继续之前要等待的时长。 + 1. 选择 **Wait timer(等待计时器)**。 + 1. 输入要等待的分钟数。 + 1. 单击 **Save protection rules(保存保护规则)**。 +3. (可选)指定哪些分支可以部署到此环境。 有关可能值的详细信息,请参阅“[部署分支](#deployment-branches)”。 + 1. 在 **Deployment branches(部署分支)**下拉列表中选择所需的选项。 + 1. 如果选择 **Selected branches(选定分支)**,请输入要允许的分支名称模式。 +4. (可选)添加环境机密。 这些机密仅可用于使用环境的工作流程作业。 此外,使用此环境的工作流程作业只能在任何配置的规则(例如,必需的审查者)通过后才能访问这些机密。 有关机密的更多信息,请参阅“[加密密码](/actions/reference/encrypted-secrets)”。 + 1. 在 **Environment secrets(环境机密)**下,单击 **Add Secret(添加机密)**。 + 1. 输入机密名称。 + 1. 输入机密值。 1. 单击 **Add secret(添加密码)**。 {% ifversion fpt or ghae or ghes > 3.1 or ghec %}您也可以通过 REST API 创建和配置环境。 更多信息请参阅“[环境](/rest/reference/repos#environments)”和“[密码](/rest/reference/actions#secrets)”。{% endif %} 运行引用不存在的环境的工作流程将使用引用的名称创建环境。 新创建的环境将不配置任何保护规则或机密。 可在仓库中编辑工作流程的任何人都可以通过工作流程文件创建环境,但只有仓库管理员才能配置环境。 -## Using an environment +## 使用环境 -工作流程中的每个作业都可以引用单个环境。 在将引用环境的作业发送到运行器之前,必须通过为环境配置的任何保护规则。 The job can access the environment's secrets only after the job is sent to a runner. +工作流程中的每个作业都可以引用单个环境。 在将引用环境的作业发送到运行器之前,必须通过为环境配置的任何保护规则。 只有在将作业发送给运行器后,作业才能访问环境的机密。 当工作流程引用环境时,环境将显示在仓库的部署中。 有关查看当前和以前的部署的详细信息,请参阅“[查看部署历史记录](/developers/overview/viewing-deployment-history)”。 @@ -119,12 +119,12 @@ Organizations that use {% data variables.product.prodname_ghe_cloud %} can confi {% ifversion fpt or ghae or ghes > 3.1 or ghec %}您也可以通过 REST API 删除环境。 更多信息请参阅“[环境](/rest/reference/repos#environments)”。{% endif %} -## How environments relate to deployments +## 环境与部署的关系 {% data reusables.actions.environment-deployment-event %} -You can access these objects through the REST API or GraphQL API. You can also subscribe to these webhook events. For more information, see "[Repositories](/rest/reference/repos#deployments)" (REST API), "[Objects]({% ifversion ghec %}/free-pro-team@latest{% endif %}/graphql/reference/objects#deployment)" (GraphQL API), or "[Webhook events and payloads](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#deployment)." +您可以通过 REST API 或 GraphQL API 访问这些对象。 您还可以订阅这些 web 挂钩事件。 更多信息请参阅“[存储库](/rest/reference/repos#deployments)”(REST API)、“[对象]({% ifversion ghec %}/free-pro-team@latest{% endif %}/graphql/reference/objects#deployment)”(GraphQL API)或“[web 挂钩事件和有效负载](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#deployment)”。 ## 后续步骤 -{% data variables.product.prodname_actions %} provides several features for managing your deployments. For more information, see "[Deploying with GitHub Actions](/actions/deployment/deploying-with-github-actions)." +{% data variables.product.prodname_actions %} 具有多个用于管理部署的功能。 更多信息请参阅“[使用 GitHub Actions 进行部署](/actions/deployment/deploying-with-github-actions)”。 diff --git a/translations/zh-CN/content/actions/guides.md b/translations/zh-CN/content/actions/guides.md index 67574a1620..5e9bb538b2 100644 --- a/translations/zh-CN/content/actions/guides.md +++ b/translations/zh-CN/content/actions/guides.md @@ -1,5 +1,5 @@ --- -title: Guides for GitHub Actions +title: GitHub Actions 指南 intro: '{% data variables.product.prodname_actions %} 的这些指南包含具体的使用案例和示例来帮助您配置工作流程。' allowTitleToDifferFromFilename: true layout: product-guides diff --git a/translations/zh-CN/content/actions/hosting-your-own-runners/about-self-hosted-runners.md b/translations/zh-CN/content/actions/hosting-your-own-runners/about-self-hosted-runners.md index f2904902c9..472e15ed55 100644 --- a/translations/zh-CN/content/actions/hosting-your-own-runners/about-self-hosted-runners.md +++ b/translations/zh-CN/content/actions/hosting-your-own-runners/about-self-hosted-runners.md @@ -133,16 +133,30 @@ Some extra configuration might be required to use actions from {% data variables ## Communication between self-hosted runners and {% data variables.product.product_name %} -The self-hosted runner polls {% data variables.product.product_name %} to retrieve application updates and to check if any jobs are queued for processing. The self-hosted runner uses a HTTPS _long poll_ that opens a connection to {% data variables.product.product_name %} for 50 seconds, and if no response is received, it then times out and creates a new long poll. The application must be running on the machine to accept and run {% data variables.product.prodname_actions %} jobs. +The self-hosted runner connects to {% data variables.product.product_name %} to receive job assignments and to download new versions of the runner application. The self-hosted runner uses an {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} _long poll_ that opens a connection to {% data variables.product.product_name %} for 50 seconds, and if no response is received, it then times out and creates a new long poll. The application must be running on the machine to accept and run {% data variables.product.prodname_actions %} jobs. {% data reusables.actions.self-hosted-runner-ports-protocols %} -{% data reusables.actions.self-hosted-runner-communications-for-ghae %} +{% ifversion fpt or ghec %} +Since the self-hosted runner opens a connection to {% data variables.product.product_location %}, you do not need to allow {% data variables.product.prodname_dotcom %} to make inbound connections to your self-hosted runner. +{% elsif ghes or ghae %} +Only an outbound connection from the runner to {% data variables.product.product_location %} is required. There is no need for an inbound connection from {% data variables.product.product_location %} to the runner. +{%- endif %} + +{% ifversion ghes %} + +{% data variables.product.product_name %} must accept inbound connections from your runners over {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} at {% data variables.product.product_location %}'s hostname and API subdomain, and your runners must allow outbound connections over {% ifversion ghes %}HTTP(S){% else %}HTTPS{% endif %} to {% data variables.product.product_location %}'s hostname and API subdomain. + +{% elsif ghae %} + +You must ensure that the self-hosted runner has appropriate network access to communicate with your {% data variables.product.product_name %} URL and its subdomains. For example, if your subdomain for {% data variables.product.product_name %} is `octoghae`, then you will need to allow the self-hosted runner to access `octoghae.githubenterprise.com`, `api.octoghae.githubenterprise.com`, and `codeload.octoghae.githubenterprise.com`. + +If you use an IP address allow list, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)." + +{% endif %} {% ifversion fpt or ghec %} -Since the self-hosted runner opens a connection to {% data variables.product.prodname_dotcom %}, you do not need to allow {% data variables.product.prodname_dotcom %} to make inbound connections to your self-hosted runner. - You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} hosts listed below. Some hosts are required for essential runner operations, while other hosts are only required for certain functionality. {% note %} @@ -191,27 +205,25 @@ If you use an IP address allow list for your {% data variables.product.prodname_ {% else %} -You must ensure that the machine has the appropriate network access to communicate with {% data variables.product.product_location %}.{% ifversion ghes %} Self-hosted runners connect directly to {% data variables.product.product_location %} and do not require any external internet access in order to function. As a result, you can use network routing to direct communication between the self-hosted runner and {% data variables.product.product_location %}. For example, you can assign a private IP address to your self-hosted runner and configure routing to send traffic to {% data variables.product.product_location %}, with no need for traffic to traverse a public network.{% endif %} +{% ifversion ghes %}Self-hosted runners do not require any external internet access in order to function. As a result, you can use network routing to direct communication between the self-hosted runner and {% data variables.product.product_location %}. For example, you can assign a private IP address to your self-hosted runner and configure routing to send traffic to {% data variables.product.product_location %}, with no need for traffic to traverse a public network.{% endif %} {% endif %} +{% ifversion ghae %} +If you use an IP address allow list for your {% data variables.product.prodname_dotcom %} organization or enterprise account, you must add your self-hosted runner's IP address to the allow list. For more information, see "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)." +{% endif %} + You can also use self-hosted runners with a proxy server. For more information, see "[Using a proxy server with self-hosted runners](/actions/automating-your-workflow-with-github-actions/using-a-proxy-server-with-self-hosted-runners)." For more information about troubleshooting common network connectivity issues, see "[Monitoring and troubleshooting self-hosted runners](/actions/hosting-your-own-runners/monitoring-and-troubleshooting-self-hosted-runners#troubleshooting-network-connectivity)." -{% ifversion ghes %} +{% ifversion ghes or ghae %} ## Communication between self-hosted runners and {% data variables.product.prodname_dotcom_the_website %} -Self-hosted runners do not need to connect to {% data variables.product.prodname_dotcom_the_website %} unless you have [enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect). +Self-hosted runners do not need to connect to {% data variables.product.prodname_dotcom_the_website %} unless you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions for {% data variables.product.product_location %}. For more information, see "[About using actions in your enterprise](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise)." -If you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}, then the self-hosted runner will connect directly to {% data variables.product.prodname_dotcom_the_website %} to download actions. You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} URLs listed below. - -{% note %} - -**Note:** Some of the domains listed below are configured using `CNAME` records. Some firewalls might require you to add rules recursively for all `CNAME` records. Note that the `CNAME` records might change in the future, and that only the domains listed below will remain constant. - -{% endnote %} +If you have enabled automatic access to {% data variables.product.prodname_dotcom_the_website %} actions, then the self-hosted runner will connect directly to {% data variables.product.prodname_dotcom_the_website %} to download actions. You must ensure that the machine has the appropriate network access to communicate with the {% data variables.product.prodname_dotcom %} URLs listed below. ``` github.com @@ -219,6 +231,13 @@ api.github.com codeload.github.com ``` +{% note %} + +**Note:** Some of the domains listed above are configured using `CNAME` records. Some firewalls might require you to add rules recursively for all `CNAME` records. Note that the `CNAME` records might change in the future, and that only the domains listed above will remain constant. + +{% endnote %} + + {% endif %} ## Self-hosted runner security diff --git a/translations/zh-CN/content/actions/learn-github-actions/contexts.md b/translations/zh-CN/content/actions/learn-github-actions/contexts.md index 4ce39401af..c92be0e9e6 100644 --- a/translations/zh-CN/content/actions/learn-github-actions/contexts.md +++ b/translations/zh-CN/content/actions/learn-github-actions/contexts.md @@ -73,7 +73,7 @@ miniTocMaxHeadingLevel: 3 | concurrency | github, inputs | | | env | github, secrets, inputs | | | jobs.<job_id>.concurrency | github, needs, strategy, matrix, inputs | | -| jobs.<job_id>.container | github, needs, strategy, matrix, secrets, inputs | | +| jobs.<job_id>.container | github, needs, strategy, matrix, env, secrets, inputs | | | jobs.<job_id>.container.credentials | github, needs, strategy, matrix, env, secrets, inputs | | | jobs.<job_id>.container.env.<env_id> | github, needs, strategy, matrix, job, runner, env, secrets, inputs | | | jobs.<job_id>.continue-on-error | github, needs, strategy, matrix, inputs | | diff --git a/translations/zh-CN/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md b/translations/zh-CN/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md index e25008945e..15900b51e5 100644 --- a/translations/zh-CN/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md +++ b/translations/zh-CN/content/actions/managing-workflow-runs/re-running-workflows-and-jobs.md @@ -1,6 +1,6 @@ --- title: Re-running workflows and jobs -intro: You can re-run a workflow run up to 30 days after its initial run. +intro: You can re-run a workflow run{% if re-run-jobs %}, all failed jobs in a workflow run, or specific jobs in a workflow run{% endif %} up to 30 days after its initial run. permissions: People with write permissions to a repository can re-run workflows in the repository. miniTocMaxHeadingLevel: 3 redirect_from: @@ -15,9 +15,11 @@ versions: {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -## Re-running all the jobs in a workflow +## About re-running workflows and jobs -重新运行工作流程使用触发工作流程运行的原始事件的 `GITHUB_SHA`(提交 SHA)和 `GITHUB_REF` (Git ref)。 You can re-run a workflow for up to 30 days after the initial run. +Re-running a workflow{% if re-run-jobs %} or jobs in a workflow{% endif %} uses the same `GITHUB_SHA` (commit SHA) and `GITHUB_REF` (Git ref) of the original event that triggered the workflow run. You can re-run a workflow{% if re-run-jobs %} or jobs in a workflow{% endif %} for up to 30 days after the initial run. + +## Re-running all the jobs in a workflow {% webui %} @@ -26,10 +28,14 @@ versions: {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} {% ifversion fpt or ghes > 3.2 or ghae-issue-4721 or ghec %} -1. In the upper-right corner of the workflow, use the **Re-run jobs** drop-down menu, and select **Re-run all jobs** ![Rerun checks drop-down menu](/assets/images/help/repository/rerun-checks-drop-down.png) +1. In the upper-right corner of the workflow, use the **Re-run jobs** drop-down menu, and select **Re-run all jobs**. + + If no jobs failed, you will not see the **Re-run jobs** drop-down menu. Instead, click **Re-run all jobs**. + ![Rerun checks drop-down menu](/assets/images/help/repository/rerun-checks-drop-down.png) {% endif %} {% ifversion ghes < 3.3 or ghae %} -1. 在工作流程的右上角,使用 **Re-run jobs(重新运行作业)**下拉菜单,并选择 **Re-run all jobs(重新运行所有作业)**。 ![重新运行检查下拉菜单](/assets/images/help/repository/rerun-checks-drop-down-updated.png) +1. In the upper-right corner of the workflow, use the **Re-run jobs** drop-down menu, and select **Re-run all jobs**. + ![Re-run checks drop-down menu](/assets/images/help/repository/rerun-checks-drop-down-updated.png) {% endif %} {% endwebui %} @@ -38,13 +44,13 @@ versions: {% data reusables.cli.cli-learn-more %} -要重新运行失败的工作流程运行,请使用 `run rerun` 子命令。 将 `run-id` 替换为您想要重新运行的已失败运行的 ID。 如果您没有指定 `run-id`,{% data variables.product.prodname_cli %} 将返回一个交互式菜单,供您选择最近失败的运行。 +To re-run a failed workflow run, use the `run rerun` subcommand. Replace `run-id` with the ID of the failed run that you want to re-run. If you don't specify a `run-id`, {% data variables.product.prodname_cli %} returns an interactive menu for you to choose a recent failed run. ```shell gh run rerun run-id ``` -要查看工作流程运行的进度,请使用 `run watch` 子命令,并从交互式列表中选择运行。 +To view the progress of the workflow run, use the `run watch` subcommand and select the run from the interactive list. ```shell gh run watch @@ -52,8 +58,64 @@ gh run watch {% endcli %} +{% if re-run-jobs %} +## Re-running failed jobs in a workflow + +If any jobs in a workflow run failed, you can re-run just the jobs that failed. When you re-run failed jobs in a workflow, a new workflow run will start for all failed jobs and their dependents. Any outputs for any successful jobs in the previous workflow run will be used for the re-run. Any artifacts that were created in the initial run will be available in the re-run. Any environment protection rules that passed in the previous run will automatically pass in the re-run. + +{% webui %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.actions-tab %} +{% data reusables.repositories.navigate-to-workflow %} +{% data reusables.repositories.view-run %} +1. In the upper-right corner of the workflow, use the **Re-run jobs** drop-down menu, and select **Re-run failed jobs**. + ![Re-run failed jobs drop-down menu](/assets/images/help/repository/rerun-failed-jobs-drop-down.png) + +{% endwebui %} + +{% cli %} + +To re-run failed jobs in a workflow run, use the `run rerun` subcommand with the `--failed` flag. Replace `run-id` with the ID of the run for which you want to re-run failed jobs. If you don't specify a `run-id`, {% data variables.product.prodname_cli %} returns an interactive menu for you to choose a recent failed run. + +```shell +gh run rerun run-id --failed +``` + +{% endcli %} + +## Re-running a specific job in a workflow + +When you re-run a specific job in a workflow, a new workflow run will start for the job and any dependents. Any outputs for any other jobs in the previous workflow run will be used for the re-run. Any artifacts that were created in the initial run will be available in the re-run. Any environment protection rules that passed in the previous run will automatically pass in the re-run. + +{% webui %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.actions-tab %} +{% data reusables.repositories.navigate-to-workflow %} +{% data reusables.repositories.view-run %} +1. Next to the job that you want to re-run, click {% octicon "sync" aria-label="The re-run icon" %}. + ![Re-run selected job](/assets/images/help/repository/re-run-selected-job.png) + + Alternatively, click on a job to view the log. In the log, click {% octicon "sync" aria-label="The re-run icon" %}. + ![Re-run selected job](/assets/images/help/repository/re-run-single-job-from-log.png) + +{% endwebui %} + +{% cli %} + +To re-run a specific job in a workflow run, use the `run rerun` subcommand with the `--job` flag. Replace `job-id` with the ID of the job that you want to re-run. + +```shell +gh run rerun --job job-id +``` + +{% endcli %} + +{% endif %} + {% ifversion fpt or ghes > 3.2 or ghae-issue-4721 or ghec %} -### Reviewing previous workflow runs +## Reviewing previous workflow runs You can view the results from your previous attempts at running a workflow. You can also view previous workflow runs using the API. For more information, see ["Get a workflow run"](/rest/reference/actions#get-a-workflow-run). @@ -61,7 +123,13 @@ You can view the results from your previous attempts at running a workflow. You {% data reusables.repositories.actions-tab %} {% data reusables.repositories.navigate-to-workflow %} {% data reusables.repositories.view-run %} -1. Any previous run attempts are shown in the left pane. ![Rerun workflow](/assets/images/help/settings/actions-review-workflow-rerun.png) +{%- if re-run-jobs %} +1. Any previous run attempts are shown in the **Latest** drop-down menu. + ![Previous run attempts](/assets/images/help/repository/previous-run-attempts.png) +{%- else %} +1. Any previous run attempts are shown in the left pane. + ![Rerun workflow](/assets/images/help/settings/actions-review-workflow-rerun.png) +{%- endif %} 1. Click an entry to view its results. {% endif %} diff --git a/translations/zh-CN/content/actions/managing-workflow-runs/skipping-workflow-runs.md b/translations/zh-CN/content/actions/managing-workflow-runs/skipping-workflow-runs.md index e4e976d508..8604d3137a 100644 --- a/translations/zh-CN/content/actions/managing-workflow-runs/skipping-workflow-runs.md +++ b/translations/zh-CN/content/actions/managing-workflow-runs/skipping-workflow-runs.md @@ -1,18 +1,18 @@ --- title: 跳过工作流程运行 -intro: You can skip workflow runs triggered by the `push` and `pull_request` events by including a command in your commit message. +intro: 您可以通过在提交消息中包含命令来跳过由 `push` 和 `pull_request` 事件触发的工作流程运行。 versions: fpt: '*' ghes: '*' ghae: '*' ghec: '*' -shortTitle: Skip workflow runs +shortTitle: 跳过工作流程运行 --- {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %} -Workflows that would otherwise be triggered using `on: push` or `on: pull_request` won't be triggered if you add any of the following strings to the commit message in a push, or the HEAD commit of a pull request: +本来会触发使用 `on: push` 或 `on: pull_request` 的工作流程,如果您将以下任何字符串添加到推送中的提交消息或者拉取请求的 HEAD 提交,则不会触发: * `[skip ci]` * `[ci skip]` @@ -30,4 +30,4 @@ Workflows that would otherwise be triggered using `on: push` or `on: pull_reques {% endnote %} -Skip instructions only apply to the workflow run(s) that would be triggered by the commit that contains the skip instructions. You can also disable a workflow from running. 更多信息请参阅“[禁用和启用工作流程](/actions/managing-workflow-runs/disabling-and-enabling-a-workflow)。 +跳过指令仅适用于由包含跳过指令的提交触发的工作流程运行。 您还可以禁用工作流程的运行。 更多信息请参阅“[禁用和启用工作流程](/actions/managing-workflow-runs/disabling-and-enabling-a-workflow)。 diff --git a/translations/zh-CN/content/actions/monitoring-and-troubleshooting-workflows/notifications-for-workflow-runs.md b/translations/zh-CN/content/actions/monitoring-and-troubleshooting-workflows/notifications-for-workflow-runs.md index 05361c720a..2b22918e2f 100644 --- a/translations/zh-CN/content/actions/monitoring-and-troubleshooting-workflows/notifications-for-workflow-runs.md +++ b/translations/zh-CN/content/actions/monitoring-and-troubleshooting-workflows/notifications-for-workflow-runs.md @@ -1,6 +1,6 @@ --- title: 工作流程运行通知 -intro: You can subscribe to notifications about workflow runs that you trigger. +intro: 您可以订阅有关触发的工作流程运行的通知。 versions: fpt: '*' ghes: '*' diff --git a/translations/zh-CN/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md b/translations/zh-CN/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md index 2d06157f67..c67479fc8a 100644 --- a/translations/zh-CN/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md +++ b/translations/zh-CN/content/actions/monitoring-and-troubleshooting-workflows/using-workflow-run-logs.md @@ -62,6 +62,16 @@ versions: ![下载日志下拉菜单](/assets/images/help/repository/download-logs-drop-down-updated-2.png) + {% if re-run-jobs %} + + {% note %} + + **注意**:下载部分重新运行的工作流程的日志存档时,存档仅包括已重新运行的作业。 若要获取从工作流程运行的作业的完整日志集,必须下载运行其他作业的上一次运行尝试的日志存档。 + + {% endnote %} + + {% endif %} + ## 删除日志 您可以从工作流程运行中删除日志文件。 {% data reusables.repositories.permissions-statement-write %} diff --git a/translations/zh-CN/content/actions/publishing-packages/publishing-docker-images.md b/translations/zh-CN/content/actions/publishing-packages/publishing-docker-images.md index 1ce9ba14e6..d30749709d 100644 --- a/translations/zh-CN/content/actions/publishing-packages/publishing-docker-images.md +++ b/translations/zh-CN/content/actions/publishing-packages/publishing-docker-images.md @@ -131,7 +131,7 @@ jobs: {% ifversion fpt or ghec %} {% data reusables.package_registry.publish-docker-image %} -上述工作流程如被推送到“发行版”分支触发, 它会检出 GitHub 仓库,并使用 `login-action` 登录到 {% data variables.product.prodname_container_registry %}。 然后,它将提取 Docker 映像的标签和标记。 最后,它使用 `build-push-action` 操作来构建映像并在 {% data variables.product.prodname_container_registry %} 上发布。 +上述工作流程通过推送到“发行版”分支触发。 它会检出 GitHub 仓库,并使用 `login-action` 登录到 {% data variables.product.prodname_container_registry %}。 然后,它将提取 Docker 映像的标签和标记。 最后,它使用 `build-push-action` 操作来构建映像并在 {% data variables.product.prodname_container_registry %} 上发布。 {% else %} ```yaml{:copy} diff --git a/translations/zh-CN/content/actions/publishing-packages/publishing-java-packages-with-gradle.md b/translations/zh-CN/content/actions/publishing-packages/publishing-java-packages-with-gradle.md index 683f357d39..372b14fc29 100644 --- a/translations/zh-CN/content/actions/publishing-packages/publishing-java-packages-with-gradle.md +++ b/translations/zh-CN/content/actions/publishing-packages/publishing-java-packages-with-gradle.md @@ -175,7 +175,7 @@ jobs: ``` {% data reusables.actions.gradle-workflow-steps %} -1. Runs the [`gradle/gradle-build-action`](https://github.com/gradle/gradle-build-action) action with the `publish` argument to publish to {% data variables.product.prodname_registry %}. `GITHUB_TOKEN` 环境变量将使用 `GITHUB_TOKEN` 密码的内容设置。 {% ifversion fpt or ghes > 3.1 or ghae or ghec %}The `permissions` key specifies the access that the `GITHUB_TOKEN` secret will allow.{% endif %} +1. 运行具有 `publish` 参数的 [`gradle/gradle-build-action`](https://github.com/gradle/gradle-build-action) 操作,以发布到 {% data variables.product.prodname_registry %}。 `GITHUB_TOKEN` 环境变量将使用 `GITHUB_TOKEN` 密码的内容设置。 {% ifversion fpt or ghes > 3.1 or ghae or ghec %} `permissions` 键指定 `GITHUB_TOKEN` 密钥允许的访问权限。{% endif %} 有关在工作流程中使用密码的更多信息,请参阅“[创建和使用加密密码](/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)”。 @@ -256,6 +256,6 @@ jobs: ``` {% data reusables.actions.gradle-workflow-steps %} -1. Runs the [`gradle/gradle-build-action`](https://github.com/gradle/gradle-build-action) action with the `publish` argument to publish to the `OSSRH` Maven repository and {% data variables.product.prodname_registry %}. `MAVEN_USERNAME` 环境变量将使用 `OSSRH_USERNAME` 密码的内容设置,而 `MAVEN_PASSWORD` 环境变量将使用 `OSSRH_TOKEN` 密码的内容设置。 `GITHUB_TOKEN` 环境变量将使用 `GITHUB_TOKEN` 密码的内容设置。 {% ifversion fpt or ghes > 3.1 or ghae or ghec %}The `permissions` key specifies the access that the `GITHUB_TOKEN` secret will allow.{% endif %} +1. 运行具有 `publish` 参数的 [`gradle/gradle-build-action`](https://github.com/gradle/gradle-build-action) 操作,以发布到 `OSSRH` Maven 存储库和 {% data variables.product.prodname_registry %}。 `MAVEN_USERNAME` 环境变量将使用 `OSSRH_USERNAME` 密码的内容设置,而 `MAVEN_PASSWORD` 环境变量将使用 `OSSRH_TOKEN` 密码的内容设置。 `GITHUB_TOKEN` 环境变量将使用 `GITHUB_TOKEN` 密码的内容设置。 {% ifversion fpt or ghes > 3.1 or ghae or ghec %} `permissions` 键指定 `GITHUB_TOKEN` 密钥允许的访问权限。{% endif %} 有关在工作流程中使用密码的更多信息,请参阅“[创建和使用加密密码](/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)”。 diff --git a/translations/zh-CN/content/actions/security-guides/automatic-token-authentication.md b/translations/zh-CN/content/actions/security-guides/automatic-token-authentication.md index 811a4c830b..303550d4a5 100644 --- a/translations/zh-CN/content/actions/security-guides/automatic-token-authentication.md +++ b/translations/zh-CN/content/actions/security-guides/automatic-token-authentication.md @@ -23,7 +23,7 @@ shortTitle: 自动令牌身份验证 当您启用 {% data variables.product.prodname_actions %} 时,{% data variables.product.prodname_dotcom %} 在您的仓库中安装 {% data variables.product.prodname_github_app %}。 `GITHUB_TOKEN` 密码是一种 {% data variables.product.prodname_github_app %} 安装访问令牌。 您可以使用安装访问令牌代表仓库中安装的 {% data variables.product.prodname_github_app %} 进行身份验证。 令牌的权限仅限于包含您的工作流程的仓库。 更多信息请参阅“[`GITHUB_TOKEN`](#permissions-for-the-github_token) 的权限”。 -在每个作业开始之前, {% data variables.product.prodname_dotcom %} 将为作业提取安装访问令牌。 令牌在作业完成后过期。 +在每个作业开始之前, {% data variables.product.prodname_dotcom %} 将为作业提取安装访问令牌。 {% data reusables.actions.github-token-expiration %} 令牌在 `github.token` 上下文中也可用。 更多信息请参阅“[上下文](/actions/learn-github-actions/contexts#github-context)”。 diff --git a/translations/zh-CN/content/actions/security-guides/encrypted-secrets.md b/translations/zh-CN/content/actions/security-guides/encrypted-secrets.md index 0af52dae70..230b6290e4 100644 --- a/translations/zh-CN/content/actions/security-guides/encrypted-secrets.md +++ b/translations/zh-CN/content/actions/security-guides/encrypted-secrets.md @@ -226,6 +226,10 @@ steps: ``` {% endraw %} +Secrets cannot be directly referenced in `if:` conditionals. Instead, consider setting secrets as job-level environment variables, then referencing the environment variables to conditionally run steps in the job. 更多信息请参阅“[上下文可用性](/actions/learn-github-actions/contexts#context-availability)”和 [`jobs..steps[*].if`](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsif)。 + +If a secret has not been set, the return value of an expression referencing the secret (such as {% raw %}`${{ secrets.SuperSecret }}`{% endraw %} in the example) will be an empty string. + 尽可能避免使用命令行在进程之间传递密码。 命令行进程可能对其他用户可见(使用 `ps` 命令)或通过[安全审计事件](https://docs.microsoft.com/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing)获取。 为帮助保护密码,请考虑使用环境变量 `STDIN` 或目标进程支持的其他机制。 如果必须在命令行中传递密码,则将它们包含在适当的引用规则中。 密码通常包含可能意外影响 shell 的特殊字符。 要转义这些特殊字符,请引用环境变量。 例如: diff --git a/translations/zh-CN/content/actions/using-jobs/using-concurrency.md b/translations/zh-CN/content/actions/using-jobs/using-concurrency.md index 9fcc88997f..a9e3f10284 100644 --- a/translations/zh-CN/content/actions/using-jobs/using-concurrency.md +++ b/translations/zh-CN/content/actions/using-jobs/using-concurrency.md @@ -1,6 +1,6 @@ --- -title: Using concurrency -shortTitle: Using concurrency +title: 使用并发 +shortTitle: 使用并发 intro: Run a single job at a time. versions: fpt: '*' diff --git a/translations/zh-CN/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md b/translations/zh-CN/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md index 91a3c010e7..8c194b372b 100644 --- a/translations/zh-CN/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md +++ b/translations/zh-CN/content/actions/using-workflows/caching-dependencies-to-speed-up-workflows.md @@ -234,3 +234,11 @@ restore-keys: | ## 使用限制和收回政策 {% data variables.product.prodname_dotcom %} 将删除 7 天内未被访问的任何缓存条目。 There is no limit on the number of caches you can store, but the total size of all caches in a repository is limited to 10 GB. If you exceed this limit, {% data variables.product.prodname_dotcom %} will save your cache but will begin evicting caches until the total size is less than 10 GB. + +{% if actions-cache-management %} + +## Managing caches + +You can use the {% data variables.product.product_name %} REST API to manage your caches. At present, you can use the API to see your cache usage, with more functionality expected in future updates. For more information, see the "[Actions](/rest/reference/actions#cache)" REST API documentation. + +{% endif %} diff --git a/translations/zh-CN/content/actions/using-workflows/workflow-commands-for-github-actions.md b/translations/zh-CN/content/actions/using-workflows/workflow-commands-for-github-actions.md index 573e25e030..f0e38daacf 100644 --- a/translations/zh-CN/content/actions/using-workflows/workflow-commands-for-github-actions.md +++ b/translations/zh-CN/content/actions/using-workflows/workflow-commands-for-github-actions.md @@ -2,6 +2,7 @@ title: GitHub Actions 的工作流程命令 shortTitle: 工作流程命令 intro: 您可以在工作流程或操作代码中运行 shell 命令时使用工作流程命令。 +defaultTool: bash redirect_from: - /articles/development-tools-for-github-actions - /github/automating-your-workflow-with-github-actions/development-tools-for-github-actions @@ -26,10 +27,24 @@ versions: 大多数工作流程命令使用特定格式的 `echo` 命令,而其他工作流程则通过写入文件被调用。 更多信息请参阅“[环境文件](#environment-files)”。 -``` bash +### 示例 + +{% bash %} + +```bash{:copy} echo "::workflow-command parameter1={data},parameter2={data}::{command value}" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::workflow-command parameter1={data},parameter2={data}::{command value}" +``` + +{% endpowershell %} + {% note %} **注意:**工作流程命令和参数名称不区分大小写。 @@ -46,14 +61,18 @@ echo "::workflow-command parameter1={data},parameter2={data}::{command value}" [actions/toolkit](https://github.com/actions/toolkit) 包括一些可以作为工作流程命令执行的功能。 使用 `::` 语法来运行您的 YAML 文件中的工作流程命令;然后,通过 `stdout` 将这些命令发送给运行器。 例如,不使用代码来设置环境变量,如下所示: -```javascript +```javascript{:copy} core.setOutput('SELECTED_COLOR', 'green'); ``` +### Example: Setting a value + 您可以在工作流程中使用 `set-output` 命令来设置相同的值: +{% bash %} + {% raw %} -``` yaml +```yaml{:copy} - name: Set selected color run: echo '::set-output name=SELECTED_COLOR::green' id: random-color-generator @@ -62,6 +81,22 @@ core.setOutput('SELECTED_COLOR', 'green'); ``` {% endraw %} +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} + - name: Set selected color + run: Write-Output "::set-output name=SELECTED_COLOR::green" + id: random-color-generator + - name: Get color + run: Write-Output "The selected color is ${{ steps.random-color-generator.outputs.SELECTED_COLOR }}" +``` +{% endraw %} + +{% endpowershell %} + 下表显示了在工作流程中可用的工具包功能: | 工具包函数 | 等效工作流程命令 | @@ -86,186 +121,336 @@ core.setOutput('SELECTED_COLOR', 'green'); ## 设置输出参数 -``` +设置操作的输出参数。 + +```{:copy} ::set-output name={name}::{value} ``` -设置操作的输出参数。 - (可选)您也可以在操作的元数据文件中声明输出参数。 更多信息请参阅“[{% data variables.product.prodname_actions %} 的元数据语法](/articles/metadata-syntax-for-github-actions#outputs-for-docker-container-and-javascript-actions)”。 -### 示例 +### Example: Setting an output parameter -``` bash +{% bash %} + +```bash{:copy} echo "::set-output name=action_fruit::strawberry" ``` -## 设置调试消息 +{% endbash %} +{% powershell %} + +```pwsh{:copy} +Write-Output "::set-output name=action_fruit::strawberry" ``` -::debug::{message} -``` + +{% endpowershell %} + +## 设置调试消息 将调试消息打印到日志。 您可以创建名为 `ACTIONS_STEP_DEBUG`、值为 `true` 的密码,才能在日志中查看通过此命令设置的调试消息。 更多信息请参阅“[启用调试日志记录](/actions/managing-workflow-runs/enabling-debug-logging)”。 -### 示例 +```{:copy} +::debug::{message} +``` -``` bash +### Example: Setting a debug message + +{% bash %} + +```bash{:copy} echo "::debug::Set the Octocat variable" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::debug::Set the Octocat variable" +``` + +{% endpowershell %} + {% ifversion fpt or ghes > 3.2 or ghae-issue-4929 or ghec %} ## 设置通知消息 -``` +创建通知消息并将该消息打印到日志。 {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::notice file={name},line={line},endLine={endLine},title={title}::{message} ``` -创建通知消息并将该消息打印到日志。 {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### 示例 +### Example: Setting a notice message -``` bash +{% bash %} + +```bash{:copy} echo "::notice file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::notice file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} {% endif %} ## 设置警告消息 -``` +创建警告消息并将该消息打印到日志。 {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::warning file={name},line={line},endLine={endLine},title={title}::{message} ``` -创建警告消息并将该消息打印到日志。 {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### 示例 +### Example: Setting a warning message -``` bash +{% bash %} + +```bash{:copy} echo "::warning file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::warning file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} ## 设置错误消息 -``` +创建错误消息并将该消息打印到日志。 {% data reusables.actions.message-annotation-explanation %} + +```{:copy} ::error file={name},line={line},endLine={endLine},title={title}::{message} ``` -创建错误消息并将该消息打印到日志。 {% data reusables.actions.message-annotation-explanation %} - {% data reusables.actions.message-parameters %} -### 示例 +### Example: Setting an error message -``` bash +{% bash %} + +```bash{:copy} echo "::error file=app.js,line=1,col=5,endColumn=7::Missing semicolon" ``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::error file=app.js,line=1,col=5,endColumn=7::Missing semicolon" +``` + +{% endpowershell %} ## 对日志行分组 -``` +在日志中创建一个可扩展的组。 要创建组,请使用 `group` 命令并指定 `title`。 打印到 `group` 与 `endgroup` 命令之间日志的任何内容都会嵌套在日志中可扩展的条目内。 + +```{:copy} ::group::{title} ::endgroup:: ``` -在日志中创建一个可扩展的组。 要创建组,请使用 `group` 命令并指定 `title`。 打印到 `group` 与 `endgroup` 命令之间日志的任何内容都会嵌套在日志中可扩展的条目内。 +### Example: Grouping log lines -### 示例 +{% bash %} -```bash -echo "::group::My title" -echo "Inside group" -echo "::endgroup::" +```yaml{:copy} +jobs: + bash-example: + runs-on: ubuntu-latest + steps: + - name: Group of log lines + run: | + echo "::group::My title" + echo "Inside group" + echo "::endgroup::" ``` +{% endbash %} + +{% powershell %} + +```yaml{:copy} +jobs: + powershell-example: + runs-on: windows-latest + steps: + - name: Group of log lines + run: | + Write-Output "::group::My title" + Write-Output "Inside group" + Write-Output "::endgroup::" +``` + +{% endpowershell %} + ![工作流运行日志中的可折叠组](/assets/images/actions-log-group.png) ## 在日志中屏蔽值 -``` +```{:copy} ::add-mask::{value} ``` 屏蔽值可阻止在日志中打印字符串或变量。 用空格分隔的每个屏蔽的词均替换为 `*` 字符。 您可以使用环境变量或字符串作为屏蔽的 `value`。 -### 屏蔽字符串的示例 +### Example: Masking a string 当您在日志中打印 `"Mona The Octocat"` 时,您将看到 `"***"`。 -```bash +{% bash %} + +```bash{:copy} echo "::add-mask::Mona The Octocat" ``` -### 屏蔽环境变量的示例 +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +Write-Output "::add-mask::Mona The Octocat" +``` + +{% endpowershell %} + +### Example: Masking an environment variable 当您在日志中打印变量 `MY_NAME` 或值 `"Mona The Octocat"` 时,您将看到 `"***"` 而不是 `"Mona The Octocat"`。 -```bash -MY_NAME="Mona The Octocat" -echo "::add-mask::$MY_NAME" +{% bash %} + +```yaml{:copy} +jobs: + bash-example: + runs-on: ubuntu-latest + env: + MY_NAME: "Mona The Octocat" + steps: + - name: bash-version + run: echo "::add-mask::$MY_NAME" ``` +{% endbash %} + +{% powershell %} + +```yaml{:copy} +jobs: + powershell-example: + runs-on: windows-latest + env: + MY_NAME: "Mona The Octocat" + steps: + - name: powershell-version + run: Write-Output "::add-mask::$env:MY_NAME" +``` + +{% endpowershell %} + ## 停止和启动工作流程命令 -`::stop-commands::{endtoken}` - 停止处理任何工作流程命令。 此特殊命令可让您记录任何内容而不会意外运行工作流程命令。 例如,您可以停止记录以输出带有注释的整个脚本。 +```{:copy} +::stop-commands::{endtoken} +``` + 要停止处理工作流程命令,请将唯一的令牌传递给 `stop-commands`。 要继续处理工作流程命令,请传递用于停止工作流程命令的同一令牌。 {% warning %} -**警告:** 请确保您使用的令牌是随机生成的,且对每次运行唯一。 如下面的示例所示,您可以为每次运行生成 `github.token` 的唯一哈希值。 +**警告:** 请确保您使用的令牌是随机生成的,且对每次运行唯一。 {% endwarning %} -``` +```{:copy} ::{endtoken}:: ``` -### 停止和启动工作流程命令的示例 +### Example: Stopping and starting workflow commands + +{% bash %} {% raw %} -```yaml +```yaml{:copy} jobs: workflow-command-job: runs-on: ubuntu-latest steps: - - name: disable workflow commands + - name: Disable workflow commands run: | - echo '::warning:: this is a warning' - echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" - echo '::warning:: this will NOT be a warning' - echo "::`echo -n ${{ github.token }} | sha256sum | head -c 64`::" - echo '::warning:: this is a warning again' + echo '::warning:: This is a warning message, to demonstrate that commands are being processed.' + stopMarker=$(uuidgen) + echo "::stop-commands::$stopMarker" + echo '::warning:: This will NOT be rendered as a warning, because stop-commands has been invoked.' + echo "::$stopMarker::" + echo '::warning:: This is a warning again, because stop-commands has been turned off.' +``` +{% endraw %} + +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} +jobs: + workflow-command-job: + runs-on: windows-latest + steps: + - name: Disable workflow commands + run: | + Write-Output '::warning:: This is a warning message, to demonstrate that commands are being processed.' + $stopMarker = New-Guid + Write-Output "::stop-commands::$stopMarker" + Write-Output '::warning:: This will NOT be rendered as a warning, because stop-commands has been invoked.' + Write-Output "::$stopMarker::" + Write-Output '::warning:: This is a warning again, because stop-commands has been turned off.' ``` {% endraw %} +{% endpowershell %} + ## Echoing command outputs -``` +Enables or disables echoing of workflow commands. For example, if you use the `set-output` command in a workflow, it sets an output parameter but the workflow run's log does not show the command itself. If you enable command echoing, then the log shows the command, such as `::set-output name={name}::{value}`. + +```{:copy} ::echo::on ::echo::off ``` -Enables or disables echoing of workflow commands. For example, if you use the `set-output` command in a workflow, it sets an output parameter but the workflow run's log does not show the command itself. If you enable command echoing, then the log shows the command, such as `::set-output name={name}::{value}`. - Command echoing is disabled by default. However, a workflow command is echoed if there are any errors processing the command. The `add-mask`, `debug`, `warning`, and `error` commands do not support echoing because their outputs are already echoed to the log. You can also enable command echoing globally by turning on step debug logging using the `ACTIONS_STEP_DEBUG` secret. For more information, see "[Enabling debug logging](/actions/managing-workflow-runs/enabling-debug-logging)". In contrast, the `echo` workflow command lets you enable command echoing at a more granular level, rather than enabling it for every workflow in a repository. -### Example toggling command echoing +### Example: Toggling command echoing -```yaml +{% bash %} + +```yaml{:copy} jobs: workflow-command-job: runs-on: ubuntu-latest @@ -279,9 +464,29 @@ jobs: echo '::set-output name=action_echo::disabled' ``` -The step above prints the following lines to the log: +{% endbash %} +{% powershell %} + +```yaml{:copy} +jobs: + workflow-command-job: + runs-on: windows-latest + steps: + - name: toggle workflow command echoing + run: | + write-output "::set-output name=action_echo::disabled" + write-output "::echo::on" + write-output "::set-output name=action_echo::enabled" + write-output "::echo::off" + write-output "::set-output name=action_echo::disabled" ``` + +{% endpowershell %} + +The example above prints the following lines to the log: + +```{:copy} ::set-output name=action_echo::enabled ::echo::off ``` @@ -298,13 +503,13 @@ Only the second `set-output` and `echo` workflow commands are included in the lo 此示例使用 JavaScript 运行 `save-state` 命令。 由此生成的环境变量被命名为 `STATE_processID`,带 `12345` 的值: -``` javascript +```javascript{:copy} console.log('::save-state name=processID::12345') ``` 然后,`STATE_processID` 变量将仅可被用于 `main` 操作下运行的清理脚本。 此示例在 `main` 中运行,并使用 JavaScript 显示分配给 `STATE_processID` 环境变量的值: -``` javascript +```javascript{:copy} console.log("The running PID from the main action is: " + process.env.STATE_processID); ``` @@ -312,37 +517,70 @@ console.log("The running PID from the main action is: " + process.env.STATE_pro 在工作流程执行期间,运行器生成可用于执行某些操作的临时文件。 这些文件的路径通过环境变量显示。 写入这些文件时,您需要使用 UTF-8 编码,以确保正确处理命令。 多个命令可以写入同一个文件,用换行符分隔。 -{% warning %} +{% powershell %} -**Warning:** On Windows, legacy PowerShell (`shell: powershell`) does not use UTF-8 by default. +{% note %} -When using `shell: powershell`, you must specify UTF-8 encoding. 例如: +**Note:** PowerShell versions 5.1 and below (`shell: powershell`) do not use UTF-8 by default, so you must specify the UTF-8 encoding. 例如: -```yaml +```yaml{:copy} jobs: legacy-powershell-example: - uses: windows-2019 + runs-on: windows-latest steps: - shell: powershell - run: echo "mypath" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append + run: | + "mypath" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append ``` -Alternatively, you can use PowerShell Core (`shell: pwsh`), which defaults to UTF-8. +PowerShell Core versions 6 and higher (`shell: pwsh`) use UTF-8 by default. 例如: -{% endwarning %} +```yaml{:copy} +jobs: + powershell-core-example: + runs-on: windows-latest + steps: + - shell: pwsh + run: | + "mypath" >> $env:GITHUB_PATH +``` + +{% endnote %} + +{% endpowershell %} ## 设置环境变量 -``` bash +{% bash %} + +```bash{:copy} echo "{environment_variable_name}={value}" >> $GITHUB_ENV ``` +{% endbash %} + +{% powershell %} + +- Using PowerShell version 6 and higher: +```pwsh{:copy} +"{environment_variable_name}={value}" >> $env:GITHUB_ENV +``` + +- Using PowerShell version 5.1 and below: +```powershell{:copy} +"{environment_variable_name}={value}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append +``` + +{% endpowershell %} + You can make an environment variable available to any subsequent steps in a workflow job by defining or updating the environment variable and writing this to the `GITHUB_ENV` environment file. 创建或更新环境变量的步骤无法访问新值,但在作业中的所有后续步骤均可访问。 The names of environment variables are case-sensitive, and you can include punctuation. 更多信息请参阅“[环境变量](/actions/learn-github-actions/environment-variables)”。 ### 示例 +{% bash %} + {% raw %} -``` +```yaml{:copy} steps: - name: Set the value id: step_one @@ -355,11 +593,31 @@ steps: ``` {% endraw %} +{% endbash %} + +{% powershell %} + +{% raw %} +```yaml{:copy} +steps: + - name: Set the value + id: step_one + run: | + "action_state=yellow" >> $env:GITHUB_ENV + - name: Use the value + id: step_two + run: | + Write-Output "${{ env.action_state }}" # This will output 'yellow' +``` +{% endraw %} + +{% endpowershell %} + ### 多行字符串 对于多行字符串,您可以使用具有以下语法的分隔符。 -``` +```{:copy} {name}<<{delimiter} {value} {delimiter} @@ -367,29 +625,75 @@ steps: #### 示例 -在此示例中, 我们使用 `EOF` 作为分隔符,并将 `JSON_RESPONSE` 环境变量设置为 cURL 响应的值。 -```yaml +This example uses `EOF` as a delimiter, and sets the `JSON_RESPONSE` environment variable to the value of the `curl` response. + +{% bash %} + +```yaml{:copy} steps: - - name: Set the value + - name: Set the value in bash id: step_one run: | echo 'JSON_RESPONSE<> $GITHUB_ENV - curl https://httpbin.org/json >> $GITHUB_ENV + curl https://example.lab >> $GITHUB_ENV echo 'EOF' >> $GITHUB_ENV ``` -## 添加系统路径 +{% endbash %} -``` bash -echo "{path}" >> $GITHUB_PATH +{% powershell %} + +```yaml{:copy} +steps: + - name: Set the value in pwsh + id: step_one + run: | + "JSON_RESPONSE<> $env:GITHUB_ENV + (Invoke-WebRequest -Uri "https://example.lab").Content >> $env:GITHUB_ENV + "EOF" >> $env:GITHUB_ENV + shell: pwsh ``` +{% endpowershell %} + +## 添加系统路径 + Prepends a directory to the system `PATH` variable and automatically makes it available to all subsequent actions in the current job; the currently running action cannot access the updated path variable. 要查看作业的当前定义路径,您可以在步骤或操作中使用 `echo "$PATH"`。 +{% bash %} + +```bash{:copy} +echo "{path}" >> $GITHUB_PATH +``` +{% endbash %} + +{% powershell %} + +```pwsh{:copy} +"{path}" >> $env:GITHUB_PATH +``` + +{% endpowershell %} + ### 示例 此示例演示如何将用户 `$HOME/.local/bin` 目录添加到 `PATH`: -``` bash +{% bash %} + +```bash{:copy} echo "$HOME/.local/bin" >> $GITHUB_PATH ``` + +{% endbash %} + + +This example demonstrates how to add the user `$env:HOMEPATH/.local/bin` directory to `PATH`: + +{% powershell %} + +```pwsh{:copy} +"$env:HOMEPATH/.local/bin" >> $env:GITHUB_PATH +``` + +{% endpowershell %} diff --git a/translations/zh-CN/content/actions/using-workflows/workflow-syntax-for-github-actions.md b/translations/zh-CN/content/actions/using-workflows/workflow-syntax-for-github-actions.md index 8991b6be65..95e8f4ccc6 100644 --- a/translations/zh-CN/content/actions/using-workflows/workflow-syntax-for-github-actions.md +++ b/translations/zh-CN/content/actions/using-workflows/workflow-syntax-for-github-actions.md @@ -64,7 +64,7 @@ Use `on.workflow_call` to define the inputs and outputs for a reusable workflow. When using the `workflow_call` keyword, you can optionally specify inputs that are passed to the called workflow from the caller workflow. For more information about the `workflow_call` keyword, see "[Events that trigger workflows](/actions/learn-github-actions/events-that-trigger-workflows#workflow-reuse-events)." -In addition to the standard input parameters that are available, `on.workflow_call.inputs` requires a `type` parameter. For more information, see [`on.workflow_call.inputs..type`](#onworkflow_callinputsinput_idtype). +In addition to the standard input parameters that are available, `on.workflow_call.inputs` requires a `type` parameter. 更多信息请参阅 [`on.workflow_call.inputs..type`](#onworkflow_callinputsinput_idtype)。 If a `default` parameter is not set, the default value of the input is `false` for a boolean, `0` for a number, and `""` for a string. @@ -342,6 +342,31 @@ steps: uses: actions/heroku@1.0.0 ``` +#### Example: Using secrets + +Secrets cannot be directly referenced in `if:` conditionals. Instead, consider setting secrets as job-level environment variables, then referencing the environment variables to conditionally run steps in the job. + +If a secret has not been set, the return value of an expression referencing the secret (such as {% raw %}`${{ secrets.SuperSecret }}`{% endraw %} in the example) will be an empty string. + +{% raw %} +```yaml +name: Run a step if a secret has been set +on: push +jobs: + my-jobname: + runs-on: ubuntu-latest + env: + super_secret: ${{ secrets.SuperSecret }} + steps: + - if: ${{ env.super_secret != '' }} + run: echo 'This step will only run if the secret has a value set.' + - if: ${{ env.super_secret == '' }} + run: echo 'This step will only run if the secret does not have a value set.' +``` +{% endraw %} + +For more information, see "[Context availability](/actions/learn-github-actions/contexts#context-availability)" and "[Encrypted secrets](/actions/security-guides/encrypted-secrets)." + ### `jobs..steps[*].name` 步骤显示在 {% data variables.product.prodname_dotcom %} 上的名称。 @@ -714,6 +739,12 @@ steps: 如果超时超过运行器的作业执行时限,作业将在达到执行时限时取消。 For more information about job execution time limits, see {% ifversion fpt or ghec or ghes %}"[Usage limits and billing](/actions/reference/usage-limits-billing-and-administration#usage-limits)" for {% data variables.product.prodname_dotcom %}-hosted runners and {% endif %}"[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners/#usage-limits){% ifversion fpt or ghec or ghes %}" for self-hosted runner usage limits.{% elsif ghae %}."{% endif %} +{% note %} + +**Note:** {% data reusables.actions.github-token-expiration %} For self-hosted runners, the token may be the limiting factor if the job timeout is greater than 24 hours. For more information on the `GITHUB_TOKEN`, see "[About the `GITHUB_TOKEN` secret](/actions/security-guides/automatic-token-authentication#about-the-github_token-secret)." + +{% endnote %} + ## `jobs..strategy` {% data reusables.actions.jobs.section-using-a-build-matrix-for-your-jobs-strategy %} diff --git a/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md b/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md index 107b9086cf..8443e15311 100644 --- a/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md +++ b/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md @@ -271,7 +271,7 @@ GitHub helps you avoid using third-party software that contains known vulnerabil | Dependency Management Tool | 描述 | | ---------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Dependabot Alerts | You can track your repository's dependencies and receive Dependabot alerts when your enterprise detects vulnerable dependencies. 更多信息请参阅“[关于易受攻击的依赖项的警报](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)”。 | +| Dependabot Alerts | You can track your repository's dependencies and receive Dependabot alerts when your enterprise detects vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)." | | Dependency Graph | 依赖项图是存储在仓库中的清单和锁定文件的摘要。 它显示您的代码库所依赖的生态系统和软件包(其依赖项)以及依赖于您的项目的仓库和包(其从属项)。 更多信息请参阅“[关于依赖关系图](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)”。 |{% ifversion ghes > 3.1 or ghec %} | Dependency Review | 如果拉取请求包含对依赖项的更改,您可以查看已更改内容摘要以及任何依赖项中是否存在已知漏洞。 For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)" or "[Reviewing Dependency Changes in a Pull Request](/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)." |{% endif %} {% ifversion ghec or ghes > 3.2 %} | Dependabot Security Updates | Dependabot can fix vulnerable dependencies for you by raising pull requests with security updates. For more information, see "[About Dependabot security updates](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." | diff --git a/translations/zh-CN/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md b/translations/zh-CN/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md index 763a67eb20..d52c8ea9b5 100644 --- a/translations/zh-CN/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md +++ b/translations/zh-CN/content/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise.md @@ -49,7 +49,7 @@ After you enable {% data variables.product.prodname_dependabot_alerts %} for you When {% data variables.product.product_location %} receives information about a vulnerability, it identifies repositories in {% data variables.product.product_location %} that use the affected version of the dependency and generates {% data variables.product.prodname_dependabot_alerts %}. You can choose whether or not to notify users automatically about new {% data variables.product.prodname_dependabot_alerts %}. -For repositories with {% data variables.product.prodname_dependabot_alerts %} enabled, scanning is triggered on any push to the default branch that contains a manifest file or lock file. Additionally, when a new vulnerability record is added to {% data variables.product.product_location %}, {% data variables.product.product_name %} scans all existing repositories on {% data variables.product.product_location %} and generates alerts for any repository that is vulnerable. 更多信息请参阅“[关于易受攻击的依赖项的警报](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 +For repositories with {% data variables.product.prodname_dependabot_alerts %} enabled, scanning is triggered on any push to the default branch that contains a manifest file or lock file. Additionally, when a new vulnerability record is added to {% data variables.product.product_location %}, {% data variables.product.product_name %} scans all existing repositories on {% data variables.product.product_location %} and generates alerts for any repository that is vulnerable. 更多信息请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 {% ifversion ghes > 3.2 %} ### 关于 {% data variables.product.prodname_dependabot_updates %} @@ -67,7 +67,7 @@ After you enable {% data variables.product.prodname_dependabot_alerts %}, you ca With {% data variables.product.prodname_dependabot_updates %}, {% data variables.product.company_short %} automatically creates pull requests to update dependencies in two ways. - **{% data variables.product.prodname_dependabot_version_updates %}**: Users add a {% data variables.product.prodname_dependabot %} configuration file to the repository to enable {% data variables.product.prodname_dependabot %} to create pull requests when a new version of a tracked dependency is released. 更多信息请参阅“[关于 {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates)“。 -- **{% data variables.product.prodname_dependabot_security_updates %}**: Users toggle a repository setting to enable {% data variables.product.prodname_dependabot %} to create pull requests when {% data variables.product.prodname_dotcom %} detects a vulnerability in one of the dependencies of the dependency graph for the repository. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." +- **{% data variables.product.prodname_dependabot_security_updates %}**: Users toggle a repository setting to enable {% data variables.product.prodname_dependabot %} to create pull requests when {% data variables.product.prodname_dotcom %} detects a vulnerability in one of the dependencies of the dependency graph for the repository. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." {% endif %} ## 启用 {% data variables.product.prodname_dependabot_alerts %} @@ -100,7 +100,7 @@ After you enable {% data variables.product.prodname_dependabot_alerts %} for you {% ifversion ghes %} Before you enable {% data variables.product.prodname_dependabot_updates %}, you must configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %} with self-hosted runners. 更多信息请参阅“[开始使用 GitHub Enterprise Server 的 {% data variables.product.prodname_actions %}](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)”。 -{% data variables.product.prodname_dependabot_updates %} are not supported on {% data variables.product.product_name %} if your enterprise uses clustering or a high-availability configuration. +{% data variables.product.prodname_dependabot_updates %} are not supported on {% data variables.product.product_name %} if your enterprise uses clustering. {% endif %} {% data reusables.enterprise_site_admin_settings.sign-in %} diff --git a/translations/zh-CN/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md b/translations/zh-CN/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md index b656a9eda2..a20bc90c54 100644 --- a/translations/zh-CN/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md +++ b/translations/zh-CN/content/admin/configuration/configuring-network-settings/configuring-a-hostname.md @@ -17,7 +17,11 @@ topics: 如果配置的是主机名,而不是硬编码 IP 地址,您将能够更改运行 {% data variables.product.product_location %} 的物理硬件,而不会影响用户或客户端软件。 -{% data variables.enterprise.management_console %} 中的主机名设置应设置为合适的完全限定域名 (FQDN),此域名可在互联网上或您的内部网络内解析。 例如,您的主机名设置可以是 `github.companyname.com`。我们还建议为选定的主机名启用子域隔离,以缓解多种跨站点脚本样式漏洞。 更多关于主机名设置的信息,请参阅 [HTTP RFC 的第 2.1 节](https://tools.ietf.org/html/rfc1123#section-2)。 +{% data variables.enterprise.management_console %} 中的主机名设置应设置为合适的完全限定域名 (FQDN),此域名可在互联网上或您的内部网络内解析。 For example, your hostname setting could be `github.companyname.com.` Web and API requests will automatically redirect to the hostname configured in the {% data variables.enterprise.management_console %}. + +After you configure a hostname, you can enable subdomain isolation to further increase the security of {% data variables.product.product_location %}. 更多信息请参阅“[启用子域隔离](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)”。 + +For more information on the supported hostname types, see [Section 2.1 of the HTTP RFC](https://tools.ietf.org/html/rfc1123#section-2). {% data reusables.enterprise_installation.changing-hostname-not-supported %} @@ -29,4 +33,4 @@ topics: {% data reusables.enterprise_management_console.test-domain-settings-failure %} {% data reusables.enterprise_management_console.save-settings %} -配置完主机名后,建议为 {% data variables.product.product_location %} 启用子域隔离。 更多信息请参阅“[启用子域隔离](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)”。 +To help mitigate various cross-site scripting vulnerabilities, we recommend that you enable subdomain isolation for {% data variables.product.product_location %} after you configure a hostname. 更多信息请参阅“[启用子域隔离](/enterprise/{{ currentVersion }}/admin/guides/installation/enabling-subdomain-isolation/)”。 diff --git a/translations/zh-CN/content/admin/configuration/configuring-network-settings/network-ports.md b/translations/zh-CN/content/admin/configuration/configuring-network-settings/network-ports.md index bad6b8e5a9..ec8cf46782 100644 --- a/translations/zh-CN/content/admin/configuration/configuring-network-settings/network-ports.md +++ b/translations/zh-CN/content/admin/configuration/configuring-network-settings/network-ports.md @@ -1,5 +1,5 @@ --- -title: 网络端口 +title: Network ports redirect_from: - /enterprise/admin/articles/configuring-firewalls - /enterprise/admin/articles/firewall @@ -8,7 +8,7 @@ redirect_from: - /enterprise/admin/installation/network-ports - /enterprise/admin/configuration/network-ports - /admin/configuration/network-ports -intro: 根据您需要为管理员、最终用户和电子邮件支持显示的网络服务有选择地打开网络端口。 +intro: 'Open network ports selectively based on the network services you need to expose for administrators, end users, and email support.' versions: ghes: '*' type: reference @@ -18,37 +18,51 @@ topics: - Networking - Security --- +## Administrative ports -## 管理端口 +Some administrative ports are required to configure {% data variables.product.product_location %} and run certain features. Administrative ports are not required for basic application use by end users. -需要使用一些管理端口来配置 {% data variables.product.product_location %} 和运行某些功能。 最终用户在使用基本应用程序时不需要管理端口。 +| Port | Service | Description | +|---|---|---| +| 8443 | HTTPS | Secure web-based {% data variables.enterprise.management_console %}. Required for basic installation and configuration. | +| 8080 | HTTP | Plain-text web-based {% data variables.enterprise.management_console %}. Not required unless TLS is disabled manually. | +| 122 | SSH | Shell access for {% data variables.product.product_location %}. Required to be open to incoming connections between all nodes in a high availability configuration. The default SSH port (22) is dedicated to Git and SSH application network traffic. | +| 1194/UDP | VPN | Secure replication network tunnel in high availability configuration. Required to be open for communication between all nodes in the configuration.| +| 123/UDP| NTP | Required for time protocol operation. | +| 161/UDP | SNMP | Required for network monitoring protocol operation. | -| 端口 | 服务 | 描述 | -| -------- | ----- | ---------------------------------------------------------------------------------------------------------------------------- | -| 8443 | HTTPS | 基于安全 Web 的 {% data variables.enterprise.management_console %}。 进行基本安装和配置时需要。 | -| 8080 | HTTP | 基于纯文本 Web 的 {% data variables.enterprise.management_console %}。 除非手动禁用 SSL,否则不需要。 | -| 122 | SSH | 对 {% data variables.product.product_location %} 进行 Shell 访问。 需要对高可用性配置中所有节点之间的传入连接开放。 默认 SSH 端口 (22) 专用于 Git 和 SSH 应用程序网络流量。 | -| 1194/UDP | VPN | 采用高可用性配置的安全复制网络隧道。 需要对配置中所有节点之间的通信开放。 | -| 123/UDP | NTP | 为时间协议操作所需。 | -| 161/UDP | SNMP | 为网络监视协议操作所需。 | +## Application ports for end users -## 最终用户的应用程序端口 +Application ports provide web application and Git access for end users. -应用程序端口为最终用户提供 Web 应用程序和 Git 访问。 - -| 端口 | 服务 | 描述 | -| ---- | ----- | --------------------------------------------------------------------------------------------------- | -| 443 | HTTPS | 通过 HTTPS 访问 Web 应用程序和 Git。 | -| 80 | HTTP | 访问 Web 应用程序。 当 SSL 启用时,所有请求都会重定向到 HTTPS 端口。 | -| 22 | SSH | 通过 SSH 访问 Git。 支持对公共和私有仓库执行克隆、提取和推送操作。 | -| 9418 | Git | Git 协议端口支持通过未加密网络通信对公共仓库执行克隆和提取操作。 {% data reusables.enterprise_installation.when-9418-necessary %} +| Port | Service | Description | +|---|---|---| +| 443 | HTTPS | Access to the web application and Git over HTTPS. | +| 80 | HTTP | Access to the web application. All requests are redirected to the HTTPS port if TLS is configured. | +| 22 | SSH | Access to Git over SSH. Supports clone, fetch, and push operations to public and private repositories. | +| 9418 | Git | Git protocol port supports clone and fetch operations to public repositories with unencrypted network communication. {% data reusables.enterprise_installation.when-9418-necessary %} | {% data reusables.enterprise_installation.terminating-tls %} -## 电子邮件端口 +## Email ports -电子邮件端口必须可直接访问或通过中继访问,以便为最终用户提供入站电子邮件支持。 +Email ports must be accessible directly or via relay for inbound email support for end users. -| 端口 | 服务 | 描述 | -| -- | ---- | ------------------------ | -| 25 | SMTP | 支持采用加密的 SMTP (STARTTLS)。 | +| Port | Service | Description | +|---|---|---| +| 25 | SMTP | Support for SMTP with encryption (STARTTLS). | + +## {% data variables.product.prodname_actions %} ports + +{% data variables.product.prodname_actions %} ports must be accessible for self-hosted runners to connect to {% data variables.product.product_location %}. For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners#communication-between-self-hosted-runners-and-github-enterprise-server)." + +| Port | Service | Description | +|---|---|---| +| 443 | HTTPS | Self-hosted runners connect to {% data variables.product.product_location %} to receive job assignments and to download new versions of the runner application. Required if TLS is configured. +| 80 | HTTP | Self-hosted runners connect to {% data variables.product.product_location %} to receive job assignments and to download new versions of the runner application. Required if TLS is not configured. + +If you enable automatic access to {% data variables.product.prodname_dotcom_the_website %} actions, {% data variables.product.prodname_actions %} will always search for an action on {% data variables.product.product_location %} first, via these ports, before checking {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[Enabling automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect#about-resolution-for-actions-using-github-connect)." + +## Further reading + +- "[Configuring TLS](/admin/configuration/configuring-network-settings/configuring-tls)" diff --git a/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md b/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md index 9117950854..e3ea523c2a 100644 --- a/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md +++ b/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/about-enterprise-configuration.md @@ -23,6 +23,8 @@ shortTitle: 关于配置 {% endif %} {% ifversion ghae %} +要开始使用 {% data variables.product.product_name %},需要先部署 {% data variables.product.product_name %}。 更多信息请参阅“[部署 {% data variables.product.product_name %}](/admin/configuration/configuring-your-enterprise/deploying-github-ae)”。 + 第一次访问您的企业时,您将完成初始配置,以便 {% data variables.product.product_name %} 可供使用。 初始配置包括连接您的企业与身份提供程序 (IdP) 连接、通过 SAML SSO 进行身份验证、配置企业中仓库和组织的策略,以及为出站电子邮件配置 SMTP。 更多信息请参阅“[初始化 {% data variables.product.prodname_ghe_managed %}](/admin/configuration/initializing-github-ae)。” 稍后,您可以使用站点管理员仪表板和企业设置进一步配置企业、管理用户、组织和仓库,并设置可降低风险和提高质量的策略。 diff --git a/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md b/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md new file mode 100644 index 0000000000..130448be8e --- /dev/null +++ b/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/deploying-github-ae.md @@ -0,0 +1,66 @@ +--- +title: Deploying GitHub AE +intro: 'You can deploy {% data variables.product.product_name %} to an available Azure region.' +versions: + ghae: '*' +topics: + - Accounts + - Enterprise +type: how_to +shortTitle: Deploy GitHub AE +redirect_from: + - /get-started/signing-up-for-github/setting-up-a-trial-of-github-ae +--- + +## About deployment of {% data variables.product.product_name %} + +{% data reusables.github-ae.github-ae-enables-you %} 更多信息请参阅“[关于 {% data variables.product.prodname_ghe_managed %}](/admin/overview/about-github-ae)”。 + +After you purchase or start a trial of {% data variables.product.product_name %}, you can deploy {% data variables.product.product_name %} to an available Azure region. This guide refers to the Azure resource that contains the deployment of {% data variables.product.product_name %} as the {% data variables.product.product_name %} account. You'll use the Azure portal at [https://portal.azure.com](https://portal.azure.com) to deploy the {% data variables.product.product_name %} account. + +## 基本要求 + +- Before you can deploy {% data variables.product.product_name %}, you must request access from your {% data variables.product.company_short %} account team. {% data variables.product.company_short %} will enable deployment of {% data variables.product.product_name %} for your Azure subscription. If you haven't already purchased {% data variables.product.product_name %}, you can contact {% data variables.contact.contact_enterprise_sales %} to check your eligibility for a trial. + +- You must have permission to perform the `/register/action` operation for the resource provider in Azure. The permission is included in the `Contributor` and `Owner` roles. For more information, see [Azure resource providers and types](https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/resource-providers-and-types#register-resource-provider) in the Microsoft documentation. + +## Deploying {% data variables.product.product_name %} with the {% data variables.actions.azure_portal %} + +The {% data variables.actions.azure_portal %} allows you to deploy the {% data variables.product.product_name %} account in your Azure resource group. + +1. Click one of the following two links to begin deployment of {% data variables.product.product_name %}. The link you should click depends on the Azure cloud where you plan to deploy {% data variables.product.product_name %}. For more information about Azure Government, see [What is Azure Government?](https://docs.microsoft.com/en-us/azure/azure-government/documentation-government-welcome) in the Microsoft documentation. + + - [Deploy {% data variables.product.product_name %} to Azure Commercial](https://aka.ms/create-github-ae-instance) + - [Deploy {% data variables.product.product_name %} to Azure Government](https://aka.ms/create-github-ae-instance-gov) +1. To begin the process of adding a new {% data variables.product.product_name %} account, click **Create GitHub AE account**. +1. Complete the "Project details" and "Instance details" fields. ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-form.png) + - **Account name:** The hostname for your enterprise + - **Administrator username:** A username for the initial enterprise owner that will be created in {% data variables.product.product_name %} + - **Administrator email:** The email address that will receive the login information +1. To review a summary of the proposed changes, click **Review + create**. +1. After the validation process has completed, click **Create**. + +The email address you entered above will receive instructions on how to access your enterprise. After you have access, you can get started by following the initial setup steps. 更多信息请参阅“[初始化 {% data variables.product.product_name %}](/admin/configuration/initializing-github-ae)。” + +{% note %} + +**Note:** Software updates for your {% data variables.product.product_name %} deployment are performed by {% data variables.product.prodname_dotcom %}. For more information, see "[About upgrades to new releases](/admin/overview/about-upgrades-to-new-releases)." + +{% endnote %} + +## Navigating to your enterprise + +You can use the {% data variables.actions.azure_portal %} to navigate to your {% data variables.product.product_name %} deployment. The resulting list includes all the {% data variables.product.product_name %} deployments in your Azure region. + +1. On the {% data variables.actions.azure_portal %}, in the left panel, click **All resources**. +1. From the available filters, click **All types**, then deselect **Select all** and select **GitHub AE**: ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-type-filter.png) + +## 后续步骤 + +- Once your deployment has been provisioned, the next step is to initialize {% data variables.product.product_name %}. 更多信息请参阅“[初始化 {% data variables.product.product_name %}](/github-ae@latest/admin/configuration/configuring-your-enterprise/initializing-github-ae)。” +- If you're trying {% data variables.product.product_name %}, you can upgrade to a full license at any time during the trial period by contacting contact {% data variables.contact.contact_enterprise_sales %}. If you haven't upgraded by the last day of your trial, then the deployment is automatically deleted. 如果需要更多时间来评估 {% data variables.product.product_name %},请联系 {% data variables.contact.contact_enterprise_sales %} 申请延期。 + +## 延伸阅读 + +- "[Enabling {% data variables.product.prodname_advanced_security %} features on {% data variables.product.product_name %}](/github/getting-started-with-github/about-github-advanced-security#enabling-advanced-security-features-on-github-ae)" +- "[{% data variables.product.product_name %} release notes](/github-ae@latest/admin/overview/github-ae-release-notes)" diff --git a/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/index.md b/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/index.md index 0b5d698556..7fbc5351ec 100644 --- a/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/index.md +++ b/translations/zh-CN/content/admin/configuration/configuring-your-enterprise/index.md @@ -16,6 +16,7 @@ topics: - Enterprise children: - /about-enterprise-configuration + - /deploying-github-ae - /initializing-github-ae - /accessing-the-management-console - /accessing-the-administrative-shell-ssh diff --git a/translations/zh-CN/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md b/translations/zh-CN/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md index 43a90b0edc..22657f5de3 100644 --- a/translations/zh-CN/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md +++ b/translations/zh-CN/content/admin/enterprise-management/configuring-high-availability/initiating-a-failover-to-your-replica-appliance.md @@ -19,25 +19,32 @@ shortTitle: 启动故障转移到设备 {% data reusables.enterprise_installation.promoting-a-replica %} -1. 要允许复制在切换设备之前完成,请将主设备置于维护模式: - - 要使用 Management Console,请参阅“[启用和排定维护模式](/enterprise/admin/guides/installation/enabling-and-scheduling-maintenance-mode/)”。 - - 您也可以使用 `ghe-maintenance -s` 命令。 +1. If the primary appliance is available, to allow replication to finish before you switch appliances, on the primary appliance, put the primary appliance into maintenance mode. + + - Put the appliance into maintenance mode. + + - 要使用 Management Console,请参阅“[启用和排定维护模式](/enterprise/admin/guides/installation/enabling-and-scheduling-maintenance-mode/)”。 + + - 您也可以使用 `ghe-maintenance -s` 命令。 + ```shell + $ ghe-maintenance -s + ``` + + - 当活动 Git 操作、MySQL 查询和 Resque 作业数量达到零时,等待 30 秒。 + + {% note %} + + **注意:** Nomad 将始终有作业在运行,即使是在维护模式下,因此您可以安全地忽略这些作业。 + + {% endnote %} + + - 要验证所有复制通道均报告 `OK`,请使用 `ghe-repl-status -vv` 命令。 + ```shell - $ ghe-maintenance -s + $ ghe-repl-status -vv ``` -2. 当活动 Git 操作、MySQL 查询和 Resque 作业数量达到零时,等待 30 秒。 - {% note %} - - **注意:** Nomad 将始终有作业在运行,即使是在维护模式下,因此您可以安全地忽略这些作业。 - - {% endnote %} - -3. 要验证所有复制通道均报告 `OK`,请使用 `ghe-repl-status -vv` 命令。 - ```shell - $ ghe-repl-status -vv - ``` -4. 要停止复制并将副本设备升级为主设备,请使用 `ghe-repl-promote` 命令。 此操作还会自动将主节点(若可到达)置于维护模式。 +4. On the replica appliance, to stop replication and promote the replica appliance to primary status, use the `ghe-repl-promote` command. 此操作还会自动将主节点(若可到达)置于维护模式。 ```shell $ ghe-repl-promote ``` diff --git a/translations/zh-CN/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md b/translations/zh-CN/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md index b07878188c..b0313604d2 100644 --- a/translations/zh-CN/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md +++ b/translations/zh-CN/content/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/about-github-actions-for-enterprises.md @@ -33,7 +33,7 @@ topics: {% data variables.product.prodname_actions %} helps your team work faster at scale. When large repositories start using {% data variables.product.prodname_actions %}, teams merge significantly more pull requests per day, and the pull requests are merged significantly faster. For more information, see "[Writing and shipping code faster](https://octoverse.github.com/writing-code-faster/#scale-through-automation)" in the State of the Octoverse. -You can create your own unique automations, or you can use and adapt workflows from our ecosystem of over 10,000 actions built by industry leaders and the open source community. For more information, see "[Finding and customizing actions](/actions/learn-github-actions/finding-and-customizing-actions)." +You can create your own unique automations, or you can use and adapt workflows from our ecosystem of over 10,000 actions built by industry leaders and the open source community. {% ifversion ghec %}For more information, see "[Finding and customizing actions](/actions/learn-github-actions/finding-and-customizing-actions)."{% else %}You can restrict your developers to using actions that exist on {% data variables.product.product_location %}, or you can allow your developers to access actions on {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[About using actions in your enterprise](/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise)."{% endif %} {% data variables.product.prodname_actions %} is developer friendly, because it's integrated directly into the familiar {% data variables.product.product_name %} experience. diff --git a/translations/zh-CN/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md b/translations/zh-CN/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md index 0574bc0877..b507720da4 100644 --- a/translations/zh-CN/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md +++ b/translations/zh-CN/content/admin/github-actions/managing-access-to-actions-from-githubcom/about-using-actions-in-your-enterprise.md @@ -13,7 +13,7 @@ type: overview topics: - Actions - Enterprise -shortTitle: Add actions in your enterprise +shortTitle: About actions in your enterprise --- {% data reusables.actions.enterprise-beta %} @@ -23,13 +23,24 @@ shortTitle: Add actions in your enterprise {% data variables.product.prodname_actions %} workflows can use _actions_, which are individual tasks that you can combine to create jobs and customize your workflow. You can create your own actions, or use and customize actions shared by the {% data variables.product.prodname_dotcom %} community. -{% data reusables.actions.enterprise-no-internet-actions %} +{% data reusables.actions.enterprise-no-internet-actions %} You can restrict your developers to using actions that are stored on {% data variables.product.product_location %}, which includes most official {% data variables.product.company_short %}-authored actions, as well as any actions your developers create. Alternatively, to allow your developers to benefit from the full ecosystem of actions built by industry leaders and the open source community, you can configure access to other actions from {% data variables.product.prodname_dotcom_the_website %}. + +We recommend allowing automatic access to all actions from {% data variables.product.prodname_dotcom_the_website %}. {% ifversion ghes %}However, this does require {% data variables.product.product_name %} to make outbound connections to {% data variables.product.prodname_dotcom_the_website %}. If you don't want to allow these connections, or{% else %}If{% endif %} you want to have greater control over which actions are used on your enterprise, you can manually sync specific actions from {% data variables.product.prodname_dotcom_the_website %}. ## Official actions bundled with your enterprise instance {% data reusables.actions.actions-bundled-with-ghes %} -The bundled official actions include `actions/checkout`, `actions/upload-artifact`, `actions/download-artifact`, `actions/labeler`, and various `actions/setup-` actions, among others. To see all the official actions included on your enterprise instance, browse to the `actions` organization on your instance: https://HOSTNAME/actions. +The bundled official actions include the following, among others. +- `actions/checkout` +- `actions/upload-artifact` +- `actions/download-artifact` +- `actions/labeler` +- Various `actions/setup-` actions + +To see all the official actions included on your enterprise instance, browse to the `actions` organization on your instance: https://HOSTNAME/actions. + +There is no connection required between {% data variables.product.product_location %} and {% data variables.product.prodname_dotcom_the_website %} to use these actions. Each action is a repository in the `actions` organization, and each action repository includes the necessary tags, branches, and commit SHAs that your workflows can use to reference the action. For information on how to update the bundled official actions, see "[Using the latest version of the official bundled actions](/admin/github-actions/using-the-latest-version-of-the-official-bundled-actions)." @@ -43,14 +54,21 @@ Each action is a repository in the `actions` organization, and each action repos ## Configuring access to actions on {% data variables.product.prodname_dotcom_the_website %} -{% ifversion ghes %} -Before you can configure access to actions on {% data variables.product.prodname_dotcom_the_website %}, you must configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." -{% endif %} - {% data reusables.actions.access-actions-on-dotcom %} The recommended approach is to enable automatic access to all actions from {% data variables.product.prodname_dotcom_the_website %}. You can do this by using {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. For more information, see "[Enabling automatic access to {% data variables.product.prodname_dotcom_the_website %} actions using {% data variables.product.prodname_github_connect %}](/enterprise/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect)". +{% ifversion ghes %} +{% note %} + +**Note:** Before you can configure access to actions on {% data variables.product.prodname_dotcom_the_website %}, you must configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." + + +{% endnote %} +{% endif %} + +{% data reusables.actions.self-hosted-runner-networking-to-dotcom %} + {% data reusables.actions.enterprise-limit-actions-use %} -Alternatively, if you want stricter control over which actions are allowed in your enterprise, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. For more information, see "[Manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)." +Alternatively, if you want stricter control over which actions are allowed in your enterprise, or you do not want to allow outbound connections to {% data variables.product.prodname_dotcom_the_website %}, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. For more information, see "[Manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)." diff --git a/translations/zh-CN/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md b/translations/zh-CN/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md index 3dc27dc3ff..f539aeca8d 100644 --- a/translations/zh-CN/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md +++ b/translations/zh-CN/content/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect.md @@ -21,11 +21,18 @@ shortTitle: Use GitHub Connect for actions ## About automatic access to {% data variables.product.prodname_dotcom_the_website %} actions -By default, {% data variables.product.prodname_actions %} workflows on {% data variables.product.product_name %} cannot use actions directly from {% data variables.product.prodname_dotcom_the_website %} or [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions). +By default, {% data variables.product.prodname_actions %} workflows on {% data variables.product.product_name %} cannot use actions directly from {% data variables.product.prodname_dotcom_the_website %} or [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions). To make all actions from {% data variables.product.prodname_dotcom_the_website %} available on your enterprise instance, you can use {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. -To make all actions from {% data variables.product.prodname_dotcom_the_website %} available on your enterprise instance, you can use {% data variables.product.prodname_github_connect %} to integrate {% data variables.product.product_name %} with {% data variables.product.prodname_ghe_cloud %}. For other ways of accessing actions from {% data variables.product.prodname_dotcom_the_website %}, see "[About using actions in your enterprise](/admin/github-actions/about-using-actions-in-your-enterprise)." +{% data reusables.actions.self-hosted-runner-networking-to-dotcom %} -To use actions from {% data variables.product.prodname_dotcom_the_website %}, your self-hosted runners must be able to download public actions from `api.github.com`. +Alternatively, if you want stricter control over which actions are allowed in your enterprise, you can manually download and sync actions onto your enterprise instance using the `actions-sync` tool. For more information, see "[Manually syncing actions from {% data variables.product.prodname_dotcom_the_website %}](/enterprise/admin/github-actions/manually-syncing-actions-from-githubcom)." + +## About resolution for actions using {% data variables.product.prodname_github_connect %} + +{% data reusables.actions.github-connect-resolution %} + +If a user has already created an organization and repository in your enterprise that matches an organization and repository name on {% data variables.product.prodname_dotcom_the_website %}, the repository on your enterprise will be used instead of the {% data variables.product.prodname_dotcom_the_website %} repository. {% ifversion ghes < 3.3 or ghae %}A malicious user could take advantage of this behavior to run code as part of a workflow{% else %}For more information, see "[Automatic retirement of namespaces for actions accessed on {% data variables.product.prodname_dotcom_the_website%}](#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom)." +{% endif %} ## Enabling automatic access to all {% data variables.product.prodname_dotcom_the_website %} actions @@ -33,8 +40,6 @@ Before enabling access to all actions from {% data variables.product.prodname_do - Configure {% data variables.product.product_location %} to use {% data variables.product.prodname_actions %}. For more information, see "[Getting started with {% data variables.product.prodname_actions %} for GitHub Enterprise Server](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/getting-started-with-github-actions-for-github-enterprise-server)." - Enable{% else %} enable{% endif %} {% data variables.product.prodname_github_connect %}. For more information, see "[Managing {% data variables.product.prodname_github_connect %}](/admin/configuration/configuring-github-connect/managing-github-connect)." -{% data reusables.actions.enterprise-github-connect-warning %} - {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.github-connect-tab %} 1. Under "Users can utilize actions from GitHub.com in workflow runs", use the drop-down menu and select **Enabled**. diff --git a/translations/zh-CN/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md b/translations/zh-CN/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md index 06da89bfff..e3add02864 100644 --- a/translations/zh-CN/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md +++ b/translations/zh-CN/content/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml.md @@ -54,7 +54,7 @@ If your IdP supports encrypted assertions, you can configure encrypted assertion {% note %} -**注**:如果在 IdP 上更改某用户的 `NameID`,该用户在尝试登录到您的 {% data variables.product.prodname_ghe_server %} 实例时会看到错误消息。 {% ifversion ghes %}To restore the user's access, you'll need to update the user account's `NameID` mapping. 更多信息请参阅“[更新用户的 SAML `NameID`](#updating-a-users-saml-nameid)”。{% else %} 更多信息请参阅“[错误:另一个用户已拥有该帐户](#error-another-user-already-owns-the-account)”。{% endif %} +**Note**: If the `NameID` for a user does change on the IdP, the user will see an error message when they try to sign into {% data variables.product.product_location %}. To restore the user's access, you'll need to update the user account's `NameID` mapping. For more information, see "[Updating a user's SAML `NameID`](#updating-a-users-saml-nameid)." {% endnote %} @@ -96,6 +96,14 @@ To specify more than one value for an attribute, use multiple ` 3.3 %} +1. Optionally, to allow {% data variables.product.product_location %} to receive encrypted assertions from your SAML IdP, select **Require encrypted assertions**. You must ensure that your IdP supports encrypted assertions and that the encryption and key transport methods in the management console match the values configured on your IdP. You must also provide {% data variables.product.product_location %}'s public certificate to your IdP. For more information, see "[Enabling encrypted assertions](#enabling-encrypted-assertions)." ![Screenshot of "Enable encrypted assertions" checkbox within management console's "Authentication" section](/assets/images/help/saml/management-console-enable-encrypted-assertions.png) - - {% warning %} - - **Warning**: Incorrectly configuring encrypted assertions can cause all authentication to {% data variables.product.product_location %} to fail. - - - You must ensure that your IdP supports encrypted assertions and that the encryption and key transport methods in the management console match the values configured on your IdP. You must also provide {% data variables.product.product_location %}'s public certificate to your IdP. For more information, see "[Enabling encrypted assertions](#enabling-encrypted-assertions)." - - - Before enabling encrypted assertions, {% data variables.product.company_short %} recommends testing encrypted assertions in a staging environment, and confirming that SAML authentication functions as you expect. 更多信息请参阅“[设置暂存实例](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)”。 - - {% endwarning %} +{%- endif %} 1. In the **Single sign-on URL** field, type the HTTP or HTTPS endpoint on your IdP for single sign-on requests. 此值由您的 IdP 配置提供。 If the host is only available from your internal network, you may need to [configure {% data variables.product.product_location %} to use internal nameservers](/enterprise/{{ currentVersion }}/admin/guides/installation/configuring-dns-nameservers/). ![Screenshot of text field for single sign-on URL](/assets/images/enterprise/management-console/saml-single-sign-url.png) @@ -153,37 +153,38 @@ To specify more than one value for an attribute, use multiple ` 另一个用户已经拥有该帐户。 请让您的管理员检查身份验证日志。 -该消息通常表示此人的用户名或电子邮件地址已在 IdP 上更改。 {% ifversion ghes %}Ensure that the `NameID` mapping for the user account on {% data variables.product.prodname_ghe_server %} matches the user's `NameID` on your IdP. 更多信息请参阅“[更新用户的 SAML `NameID`](#updating-a-users-saml-nameid)”。{% else %}如需更新 `NameID` 映射的帮助,请联系 {% data variables.contact.contact_ent_support %}。{% endif %} +该消息通常表示此人的用户名或电子邮件地址已在 IdP 上更改。 Ensure that the `NameID` mapping for the user account on {% data variables.product.prodname_ghe_server %} matches the user's `NameID` on your IdP. For more information, see "[Updating a user's SAML `NameID`](#updating-a-users-saml-nameid)." ### Error: Recipient in SAML response was blank or not valid(错误:SAML 响应中的收件人为空或无效) -如果 `Recipient` 与 {% data variables.product.prodname_ghe_server %} 实例的 ACS URL 不匹配,则当用户尝试验证时,身份验证日志中将显示以下两条错误消息之一: +If the `Recipient` does not match the ACS URL for {% data variables.product.product_location %}, one of the following two error messages will appear in the authentication log when a user attempts to authenticate. ``` Recipient in the SAML response must not be blank. @@ -254,7 +255,7 @@ Recipient in the SAML response must not be blank. Recipient in the SAML response was not valid. ``` -Ensure that you set the value for `Recipient` on your IdP to the full ACS URL for your {% data variables.product.prodname_ghe_server %} instance. 例如,`https://ghe.corp.example.com/saml/consume`。 +Ensure that you set the value for `Recipient` on your IdP to the full ACS URL for {% data variables.product.product_location %}. 例如,`https://ghe.corp.example.com/saml/consume`。 ### Error: "SAML Response is not signed or has been modified"(错误:“SAML 响应未签名或已修改”) @@ -274,4 +275,40 @@ SAML Response is not signed or has been modified. Audience is invalid. Audience is invalid. Audience attribute does not match your_instance_url ``` -确保对您的 {% data variables.product.prodname_ghe_server %} 实例将 IdP 上的 `Audience` 值设为 `EntityId`,这是 {% data variables.product.prodname_ghe_server %} 实例的完整 URL。 For example, `https://ghe.corp.example.com`. +Ensure that you set the value for `Audience` on your IdP to the `EntityId` for {% data variables.product.product_location %}, which is the full URL to {% data variables.product.product_location %}. For example, `https://ghe.corp.example.com`. + +### Configuring SAML debugging + +You can configure {% data variables.product.product_name %} to write verbose debug logs to _/var/log/github/auth.log_ for every SAML authentication attempt. You may be able to troubleshoot failed authentication attempts with this extra output. + +{% warning %} + +**警告**: + +- Only enable SAML debugging temporarily, and disable debugging immediately after you finish troubleshooting. If you leave debugging enabled, the size of your log may increase much faster than usual, which can negatively impact the performance of {% data variables.product.product_name %}. +- Test new authentication settings for {% data variables.product.product_location %} in a staging environment before you apply the settings in your production environment. 更多信息请参阅“[设置暂存实例](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)”。 + +{% endwarning %} + +{% data reusables.enterprise-accounts.access-enterprise %} +{% data reusables.enterprise-accounts.policies-tab %} +{% data reusables.enterprise-accounts.options-tab %} +1. Under "SAML debugging", select the drop-down and click **Enabled**. + + ![Screenshot of drop-down to enable SAML debugging](/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-enabled.png) + +1. Attempt to sign into {% data variables.product.product_location %} through your SAML IdP. + +1. Review the debug output in _/var/log/github/auth.log_ on {% data variables.product.product_location %}. + +1. When you're done troubleshooting, select the drop-down and click **Disabled**. + + ![Screenshot of drop-down to disable SAML debugging](/assets/images/enterprise/site-admin-settings/site-admin-saml-debugging-disabled.png) + +### Decoding responses in _auth.log_ + +Some output in _auth.log_ may be Base64-encoded. You can access the administrative shell and use the `base64` utility on {% data variables.product.product_location %} to decode these responses. For more information, see "[Accessing the administrative shell (SSH)](/admin/configuration/configuring-your-enterprise/accessing-the-administrative-shell-ssh)." + +```shell +$ base64 --decode ENCODED OUTPUT +``` diff --git a/translations/zh-CN/content/admin/index.md b/translations/zh-CN/content/admin/index.md index d45da0275e..0779c3cbb1 100644 --- a/translations/zh-CN/content/admin/index.md +++ b/translations/zh-CN/content/admin/index.md @@ -96,7 +96,7 @@ featuredLinks: - '{% ifversion ghae %}/admin/identity-and-access-management/configuring-authentication-and-provisioning-for-your-enterprise-using-azure-ad{% endif %}' - '{% ifversion ghae %}/billing/managing-billing-for-your-github-account/about-billing-for-your-enterprise{% endif %}' - '{% ifversion ghae %}/admin/overview/about-upgrades-to-new-releases{% endif %}' - - '{% ifversion ghae %}/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae{% endif %}' + - '{% ifversion ghae %}/admin/configuration/configuring-your-enterprise/deploying-github-ae{% endif %}' - '{% ifversion ghes %}/billing/managing-your-license-for-github-enterprise{% endif %}' - '{% ifversion ghes %}/admin/configuration/command-line-utilities{% endif %}' - '{% ifversion ghec %}/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise{% endif %}' diff --git a/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-dependency-insights-in-your-enterprise.md b/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-dependency-insights-in-your-enterprise.md index db4f720205..20cbdc75a4 100644 --- a/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-dependency-insights-in-your-enterprise.md +++ b/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-dependency-insights-in-your-enterprise.md @@ -1,6 +1,6 @@ --- -title: Enforcing policies for dependency insights in your enterprise -intro: 'You can enforce policies for dependency insights within your enterprise''s organizations, or allow policies to be set in each organization.' +title: 在企业中实施依赖性见解的策略 +intro: 您可以在企业组织内执行依赖性见解策略,或允许在每个组织中设置策略。 permissions: Enterprise owners can enforce policies for dependency insights in an enterprise. redirect_from: - /articles/enforcing-a-policy-on-dependency-insights @@ -16,19 +16,19 @@ topics: - Enterprise - Organizations - Policies -shortTitle: Policies for dependency insights +shortTitle: 依赖性见解策略 --- -## About policies for dependency insights in your enterprise +## 关于企业中的依赖性见解策略 -Dependency insights show all packages that repositories within your enterprise's organizations depend on. Dependency insights include aggregated information about security advisories and licenses. 更多信息请参阅“[查看用于组织的洞见](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)”。 +依赖性见解显示企业组织内的存储库所依赖的所有包。 依赖性见解包括有关安全公告和许可的汇总信息。 更多信息请参阅“[查看用于组织的洞见](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)”。 -## Enforcing a policy for visibility of dependency insights +## 实施依赖性见解的可见性策略 -Across all organizations owned by your enterprise, you can control whether organization members can view dependency insights. You can also allow owners to administer the setting on the organization level. 更多信息请参阅“[更改组织依赖项洞察的可见性](/organizations/managing-organization-settings/changing-the-visibility-of-your-organizations-dependency-insights)”。 +在企业拥有的所有组织中,您可以控制组织成员是否可以查看依赖性见解。 您还可以允许所有者在组织级别管理设置。 更多信息请参阅“[更改组织依赖项洞察的可见性](/organizations/managing-organization-settings/changing-the-visibility-of-your-organizations-dependency-insights)”。 {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} -3. In the left sidebar, click **Organizations**. ![Organizations tab in the enterprise sidebar](/assets/images/help/business-accounts/settings-policies-org-tab.png) +3. 在左侧栏中,单击,单击 **Organizations(组织)**。 ![企业边栏中的 Organizations(组织)选项卡](/assets/images/help/business-accounts/settings-policies-org-tab.png) 4. 在“Organization policies”(组织政策)下。审查有关更改设置的信息。 {% data reusables.enterprise-accounts.view-current-policy-config-orgs %} 5. 在“Organization projects”(组织项目)下,使用下拉菜单并选择策略。 ![带有组织策略选项的下拉菜单](/assets/images/help/business-accounts/organization-policy-drop-down.png) diff --git a/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md b/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md index fd0858fdae..04bac88a29 100644 --- a/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md +++ b/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise.md @@ -27,21 +27,21 @@ shortTitle: GitHub Actions policies {% data reusables.actions.enterprise-beta %} -## 关于企业中 {% data variables.product.prodname_actions %} 的策略 +## About policies for {% data variables.product.prodname_actions %} in your enterprise {% data variables.product.prodname_actions %} helps members of your enterprise automate software development workflows on {% data variables.product.product_name %}. For more information, see "[Understanding {% data variables.product.prodname_actions %}](/actions/learn-github-actions/understanding-github-actions)." -{% ifversion ghes %}If you enable {% data variables.product.prodname_actions %}, any{% else %}Any{% endif %} organization on {% data variables.product.product_location %} can use {% data variables.product.prodname_actions %}. 您可以执行策略来控制 {% data variables.product.product_name %} 上的企业成员如何使用 {% data variables.product.prodname_actions %}。 By default, organization owners can manage how members use {% data variables.product.prodname_actions %}. For more information, see "[Disabling or limiting {% data variables.product.prodname_actions %} for your organization](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization)." +{% ifversion ghes %}If you enable {% data variables.product.prodname_actions %}, any{% else %}Any{% endif %} organization on {% data variables.product.product_location %} can use {% data variables.product.prodname_actions %}. You can enforce policies to control how members of your enterprise on {% data variables.product.product_name %} use {% data variables.product.prodname_actions %}. By default, organization owners can manage how members use {% data variables.product.prodname_actions %}. For more information, see "[Disabling or limiting {% data variables.product.prodname_actions %} for your organization](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization)." ## Enforcing a policy to restrict the use of actions in your enterprise -您可以选择对企业中的所有组织禁用 {% data variables.product.prodname_actions %},或只允许特定的组织。 您还可以限制公共操作的使用,以使人们只能使用您的企业中存在的本地操作。 +You can choose to disable {% data variables.product.prodname_actions %} for all organizations in your enterprise, or only allow specific organizations. You can also limit the use of public actions, so that people can only use local actions that exist in your enterprise. {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} {% data reusables.enterprise-accounts.actions-tab %} {% data reusables.actions.enterprise-actions-permissions %} -1. 单击 **Save(保存)**。 +1. Click **Save**. {% ifversion ghec or ghes or ghae %} @@ -52,11 +52,11 @@ shortTitle: GitHub Actions policies {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} {% data reusables.enterprise-accounts.actions-tab %} -1. 在 **Policies(策略)**下,选择 **Allow select actions(允许选择操作)**并将所需操作添加到列表中。 +1. Under **Policies**, select **Allow select actions** and add your required actions to the list. {%- ifversion ghes or ghae-issue-5094 %} - ![添加操作到允许列表](/assets/images/help/organizations/enterprise-actions-policy-allow-list.png) + ![Add actions to allow list](/assets/images/help/organizations/enterprise-actions-policy-allow-list.png) {%- elsif ghae %} - ![添加操作到允许列表](/assets/images/enterprise/github-ae/enterprise-actions-policy-allow-list.png) + ![Add actions to allow list](/assets/images/enterprise/github-ae/enterprise-actions-policy-allow-list.png) {%- endif %} {% endif %} @@ -117,14 +117,15 @@ If a policy is enabled for an enterprise, the policy can be selectively disabled {% data reusables.actions.workflow-permissions-intro %} -您可以在企业、组织或仓库的设置中为 `GITHUB_TOKEN` 设置默认权限。 如果您在企业设置中选择受限制的选项为默认值,这将防止在组织或仓库设置中选择更多的允许设置。 +You can set the default permissions for the `GITHUB_TOKEN` in the settings for your enterprise, organizations, or repositories. If you choose the restricted option as the default in your enterprise settings, this prevents the more permissive setting being chosen in the organization or repository settings. {% data reusables.actions.workflow-permissions-modifying %} {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} {% data reusables.enterprise-accounts.actions-tab %} -1. 在 **Workflow permissions(工作流程权限)**下,选择您是否想要 `GITHUB_TOKENN` 读写所有范围限, 或者只读`内容`范围。 ![为此企业设置 GITHUB_TOKENN 权限](/assets/images/help/settings/actions-workflow-permissions-enterprise.png) -1. 单击 **Save(保存)**以应用设置。 +1. Under **Workflow permissions**, choose whether you want the `GITHUB_TOKEN` to have read and write access for all scopes, or just read access for the `contents` scope. + ![Set GITHUB_TOKEN permissions for this enterprise](/assets/images/help/settings/actions-workflow-permissions-enterprise.png) +1. Click **Save** to apply the settings. {% endif %} diff --git a/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md b/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md index 0156457a6d..1fcd044343 100644 --- a/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md +++ b/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md @@ -1,6 +1,6 @@ --- -title: Enforcing policies for security settings in your enterprise -intro: 'You can enforce policies to manage security settings in your enterprise''s organizations, or allow policies to be set in each organization.' +title: 为企业中的安全设置实施策略 +intro: 您可以实施策略来管理企业组织中的安全设置,或允许在每个组织中设置策略。 permissions: Enterprise owners can enforce policies for security settings in an enterprise. miniTocMaxHeadingLevel: 3 redirect_from: @@ -20,28 +20,28 @@ topics: - Enterprise - Policies - Security -shortTitle: Policies for security settings +shortTitle: 安全设置策略 --- -## About policies for security settings in your enterprise +## 关于企业中安全设置的策略 -You can enforce policies to control the security settings for organizations owned by your enterprise on {% data variables.product.product_name %}. By default, organization owners can manage security settings. For more information, see "[Keeping your organization secure](/organizations/keeping-your-organization-secure)." +您可以在 {% data variables.product.product_name %} 上实施策略以控制企业拥有的组织的安全设置。 默认情况下,组织所有者可以管理安全设置。 更多信息请参阅“[保护组织安全](/organizations/keeping-your-organization-secure)”。 {% ifversion ghec or ghes %} -## Requiring two-factor authentication for organizations in your enterprise +## 要求企业中的组织进行双重身份验证 -Enterprise owners can require that organization members, billing managers, and outside collaborators in all organizations owned by an enterprise use two-factor authentication to secure their personal accounts. +企业所有者可以要求企业拥有的所有组织中的组织成员、帐单管理员和外部协作者使用双重身份验证来保护其个人帐户。 -Before you can require 2FA for all organizations owned by your enterprise, you must enable two-factor authentication for your own account. 更多信息请参阅“[使用双重身份验证 (2FA) 保护您的帐户](/articles/securing-your-account-with-two-factor-authentication-2fa/)”。 +您必须为自己的帐户启用双重身份验证,然后才能对企业拥有的所有组织都要求 2FA。 更多信息请参阅“[使用双重身份验证 (2FA) 保护您的帐户](/articles/securing-your-account-with-two-factor-authentication-2fa/)”。 {% warning %} **警告:** -- When you require two-factor authentication for your enterprise, members, outside collaborators, and billing managers (including bot accounts) in all organizations owned by your enterprise who do not use 2FA will be removed from the organization and lose access to its repositories. 他们还会失去对组织私有仓库的复刻的访问权限。 如果他们在从您的组织中删除后的三个月内为其个人帐户启用双重身份验证,您可以恢复其访问权限和设置。 更多信息请参阅“[恢复组织的前成员](/articles/reinstating-a-former-member-of-your-organization)”。 -- Any organization owner, member, billing manager, or outside collaborator in any of the organizations owned by your enterprise who disables 2FA for their personal account after you've enabled required two-factor authentication will automatically be removed from the organization. -- If you're the sole owner of a enterprise that requires two-factor authentication, you won't be able to disable 2FA for your personal account without disabling required two-factor authentication for the enterprise. +- 当您需要为企业进行双重身份验证时,不使用 2FA 的企业拥有的所有组织中的成员、外部协作者和帐单管理员(包括自动程序帐户)将从组织中删除,并失去对其仓库的访问权限。 他们还会失去对组织私有仓库的复刻的访问权限。 如果他们在从您的组织中删除后的三个月内为其个人帐户启用双重身份验证,您可以恢复其访问权限和设置。 更多信息请参阅“[恢复组织的前成员](/articles/reinstating-a-former-member-of-your-organization)”。 +- 为其个人帐户禁用 2FA 的企业拥有的任何组织中的任何组织所有者、成员、帐单管理员或外部协作者在您启用所需的双重身份验证后将自动从组织中删除。 +- 如果您是某个要求双重身份验证的企业的唯一所有者,则在不为企业禁用双重身份验证要求的情况下,您将无法为个人帐户禁用 2FA。 {% endwarning %} @@ -52,22 +52,22 @@ Before you can require 2FA for all organizations owned by your enterprise, you m {% data reusables.enterprise-accounts.security-tab %} 4. 在“Two-factor authentication(双重身份验证)”下,审查有关更改设置的信息。 {% data reusables.enterprise-accounts.view-current-policy-config-orgs %} 5. 在“Two-factor authentication(双重身份验证)”下,选择 **Require two-factor authentication for all organizations in your business(对您企业中的所有组织要求双重身份验证)**,然后单击 **Save(保存)**。 ![要求双重身份验证的复选框](/assets/images/help/business-accounts/require-2fa-checkbox.png) -6. If prompted, read the information about members and outside collaborators who will be removed from the organizations owned by your enterprise. To confirm the change, type your enterprise's name, then click **Remove members & require two-factor authentication**. ![确认双重实施框](/assets/images/help/business-accounts/confirm-require-2fa.png) -7. Optionally, if any members or outside collaborators are removed from the organizations owned by your enterprise, we recommend sending them an invitation to reinstate their former privileges and access to your organization. 每个人都必须启用双重身份验证,然后才能接受您的邀请。 +6. 如果出现提示,请阅读有关将从企业所拥有的组织中删除的成员和外部协作者的信息。 要确认更改,请输入企业的名称,然后单击 **Remove members & require two-factor authentication(删除成员并要求双重身份验证)**。 ![确认双重实施框](/assets/images/help/business-accounts/confirm-require-2fa.png) +7. (可选)如果从您的企业拥有的组织中删除了任何成员或外部协作者,我们建议向他们发送邀请,以恢复其以前对组织的权限和访问权限。 每个人都必须启用双重身份验证,然后才能接受您的邀请。 {% endif %} {% ifversion ghec or ghae %} -## Managing allowed IP addresses for organizations in your enterprise +## 管理企业中组织允许的 IP 地址 {% ifversion ghae %} -You can restrict network traffic to your enterprise on {% data variables.product.product_name %}. 更多信息请参阅“[限制到企业的网络流量](/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise)”。 +您可以在 {% data variables.product.product_name %}上限制到企业的网络流量。 更多信息请参阅“[限制到企业的网络流量](/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise)”。 {% elsif ghec %} -Enterprise owners can restrict access to private assets owned by organizations in an enterprise by configuring an allow list for specific IP addresses. {% data reusables.identity-and-permissions.ip-allow-lists-example-and-restrictions %} +企业所有者可以通过为特定 IP 地址配置允许列表,来限制对企业中组织拥有的私有资产的访问。 {% data reusables.identity-and-permissions.ip-allow-lists-example-and-restrictions %} {% data reusables.identity-and-permissions.ip-allow-lists-cidr-notation %} @@ -122,15 +122,15 @@ Enterprise owners can restrict access to private assets owned by organizations i {% endif %} -## Managing SSH certificate authorities for your enterprise +## 管理企业的 SSH 认证机构 -You can use a SSH certificate authorities (CA) to allow members of any organization owned by your enterprise to access that organization's repositories using SSH certificates you provide. {% data reusables.organizations.can-require-ssh-cert %} 更多信息请参阅“[关于 SSH 认证中心](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities)”。 +您可以使用 SSH 认证机构 (CA) 来允许企业拥有的任何组织的成员使用您提供的 SSH 证书访问该组织的存储库。 {% data reusables.organizations.can-require-ssh-cert %} 更多信息请参阅“[关于 SSH 认证中心](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities)”。 {% data reusables.organizations.add-extension-to-cert %} ### 添加 SSH 认证中心 -If you require SSH certificates for your enterprise, enterprise members should use a special URL for Git operations over SSH. 更多信息请参阅“[关于 SSH 认证中心](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#about-ssh-urls-with-ssh-certificates)”。 +如果您的企业需要 SSH 证书,企业成员应使用特殊的 URL 通过 SSH 进行 Git 操作。 更多信息请参阅“[关于 SSH 认证中心](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#about-ssh-urls-with-ssh-certificates)”。 {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} @@ -150,6 +150,6 @@ If you require SSH certificates for your enterprise, enterprise members should u {% ifversion ghec or ghae %} ## 延伸阅读 -- "[About identity and access management for your enterprise](/admin/authentication/managing-identity-and-access-for-your-enterprise/about-identity-and-access-management-for-your-enterprise)"{% ifversion ghec %} -- "[Accessing compliance reports for your enterprise](/admin/overview/accessing-compliance-reports-for-your-enterprise)"{% endif %} +- "[关于企业的身份和访问权限管理](/admin/authentication/managing-identity-and-access-for-your-enterprise/about-identity-and-access-management-for-your-enterprise)"{% ifversion ghec %} +- "[访问企业的合规性报告](/admin/overview/accessing-compliance-reports-for-your-enterprise)"{% endif %} {% endif %} diff --git a/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-project-board-policies-in-your-enterprise.md b/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-project-board-policies-in-your-enterprise.md index 37f0d4dffd..5aa1fd7436 100644 --- a/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-project-board-policies-in-your-enterprise.md +++ b/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-project-board-policies-in-your-enterprise.md @@ -1,6 +1,6 @@ --- -title: Enforcing project board policies in your enterprise -intro: 'You can enforce policies for projects within your enterprise''s organizations, or allow policies to be set in each organization.' +title: 在企业中实施项目板策略 +intro: 您可以在企业组织内执行项目策略,或允许在每个组织中设置策略。 permissions: Enterprise owners can enforce policies for project boards in an enterprise. redirect_from: - /articles/enforcing-project-board-settings-for-organizations-in-your-business-account @@ -18,16 +18,16 @@ topics: - Enterprise - Policies - Projects -shortTitle: Project board policies +shortTitle: 项目板策略 --- -## About policies for project boards in your enterprise +## 关于企业中项目板的策略 -You can enforce policies to control how members of your enterprise on {% data variables.product.product_name %} manage project boards. You can also allow organization owners to manage policies for project boards. 更多信息请参阅“[关于项目板](/issues/organizing-your-work-with-project-boards/managing-project-boards/about-project-boards)”。 +您可以执行策略来控制企业在 {% data variables.product.product_name %} 上的企业成员如何管理项目板。 您也可以允许组织所有者管理项目板策略。 更多信息请参阅“[关于项目板](/issues/organizing-your-work-with-project-boards/managing-project-boards/about-project-boards)”。 ## 实施组织范围项目板的策略 -Across all organizations owned by your enterprise, you can enable or disable organization-wide project boards, or allow owners to administer the setting on the organization level. +在企业拥有的所有组织中,可以启用或禁用组织范围的项目板,或允许所有者在组织级别管理设置。 {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} @@ -37,7 +37,7 @@ Across all organizations owned by your enterprise, you can enable or disable org ## 实施仓库项目板的策略 -Across all organizations owned by your enterprise, you can enable or disable repository-level project boards, or allow owners to administer the setting on the organization level. +在企业拥有的所有组织中,可以启用或禁用仓库级项目板,或允许所有者在组织级别管理设置。 {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} diff --git a/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-team-policies-in-your-enterprise.md b/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-team-policies-in-your-enterprise.md index 02a4cf4700..03a1dea3dd 100644 --- a/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-team-policies-in-your-enterprise.md +++ b/translations/zh-CN/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-team-policies-in-your-enterprise.md @@ -1,6 +1,6 @@ --- -title: Enforcing team policies in your enterprise -intro: 'You can enforce policies for teams in your enterprise''s organizations, or allow policies to be set in each organization.' +title: 在企业中实施团队策略 +intro: 您可以在企业组织中实施团队策略,或者允许在每个组织中设置策略。 permissions: Enterprise owners can enforce policies for teams in an enterprise. redirect_from: - /articles/enforcing-team-settings-for-organizations-in-your-business-account @@ -18,19 +18,19 @@ topics: - Enterprise - Policies - Teams -shortTitle: Team policies +shortTitle: 团队策略 --- -## About policies for teams in your enterprise +## 关于企业中团队的策略 -You can enforce policies to control how members of your enterprise on {% data variables.product.product_name %} manage teams. You can also allow organization owners to manage policies for teams. 更多信息请参阅“[关于团队](/organizations/organizing-members-into-teams/about-teams)”。 +您可以执行策略来控制企业在 {% data variables.product.product_name %} 上的企业成员如何管理团队。 您也可以允许组织所有者管理团队策略。 更多信息请参阅“[关于团队](/organizations/organizing-members-into-teams/about-teams)”。 ## 执行团队讨论策略 -Across all organizations owned by your enterprise, you can enable or disable team discussions, or allow owners to administer the setting on the organization level. 更多信息请参阅“[关于团队讨论](/organizations/collaborating-with-your-team/about-team-discussions/)”。 +在企业拥有的所有组织中,可以启用或禁用团队讨论,或允许所有者在组织级别管理设置。 更多信息请参阅“[关于团队讨论](/organizations/collaborating-with-your-team/about-team-discussions/)”。 {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.policies-tab %} -3. 在左侧边栏中,单击 **Teams(团队)**。 ![Teams tab in the enterprise sidebar](/assets/images/help/business-accounts/settings-teams-tab.png) +3. 在左侧边栏中,单击 **Teams(团队)**。 ![企业边栏中的 Teams(团队)选项卡](/assets/images/help/business-accounts/settings-teams-tab.png) 4. 在“Team discussions”(团队讨论)下,审查有关更改设置的信息。 {% data reusables.enterprise-accounts.view-current-policy-config-orgs %} 5. 在“Team discussions”(团队讨论)下,使用下拉菜单并选择策略。 ![带有团队讨论策略按钮的下拉菜单](/assets/images/help/business-accounts/team-discussion-policy-drop-down.png) diff --git a/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise.md b/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise.md index 071b17f14b..4f58cf00cc 100644 --- a/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise.md +++ b/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise.md @@ -1,6 +1,6 @@ --- -title: Adding organizations to your enterprise -intro: You can create new organizations or invite existing organizations to manage within your enterprise. +title: 将组织添加到企业 +intro: 您可以创建新的组织或邀请现有组织来管理您的企业。 redirect_from: - /github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/adding-organizations-to-your-enterprise-account - /articles/adding-organizations-to-your-enterprise-account @@ -18,17 +18,17 @@ shortTitle: 添加组织 ## 关于组织 -Your enterprise account can own organizations. Members of your enterprise can collaborate across related projects within an organization. 更多信息请参阅“[关于组织](/organizations/collaborating-with-groups-in-organizations/about-organizations)”。 +您的企业帐户可以拥有组织。 企业成员可以跨组织内的相关项目进行协作。 更多信息请参阅“[关于组织](/organizations/collaborating-with-groups-in-organizations/about-organizations)”。 -Enterprise owners can create new organizations within an enterprise account's settings or invite existing organizations to join an enterprise. To add an organization to your enterprise, you must create the organization from within the enterprise account settings. +企业所有者可以在企业帐户设置内创建新组织,或邀请现有组织加入企业。 要将组织添加到企业,必须在企业帐户设置中创建组织。 -You can only add organizations this way to an existing enterprise account. {% data reusables.enterprise.create-an-enterprise-account %} For more information, see "[Creating an enterprise account](/admin/overview/creating-an-enterprise-account)." +您只能以这种方式将组织添加到现有企业帐户。 {% data reusables.enterprise.create-an-enterprise-account %} 更多信息请参阅“[创建企业帐户](/admin/overview/creating-an-enterprise-account)”。 ## 在企业帐户中创建组织 在企业帐户设置中创建的新组织包含在企业帐户的 {% data variables.product.prodname_ghe_cloud %} 订阅中。 -创建企业帐户所拥有的组织的企业所有者自动成为组织所有者。 For more information about organization owners, see "[Roles in an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)." +创建企业帐户所拥有的组织的企业所有者自动成为组织所有者。 有关组织所有者的更多信息,请参阅“[组织中的角色](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)”。 {% data reusables.enterprise-accounts.access-enterprise %} 2. 在 **Organizations(组织)**选项卡中的组织列表上方,单击 **New organization(新组织)**。 ![新组织按钮](/assets/images/help/business-accounts/enterprise-account-add-org.png) @@ -39,12 +39,12 @@ You can only add organizations this way to an existing enterprise account. {% da ## 邀请组织加入您的企业帐户 -企业所有者可以邀请现有组织加入其企业帐户。 如果您要邀请的组织已经归其他企业所有,则在上一个企业放弃对组织的所有权之前,您将无法发出邀请。 For more information, see "[Removing an organization from your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/removing-organizations-from-your-enterprise)." +企业所有者可以邀请现有组织加入其企业帐户。 如果您要邀请的组织已经归其他企业所有,则在上一个企业放弃对组织的所有权之前,您将无法发出邀请。 更多信息请参阅“[从企业中删除组织](/admin/user-management/managing-organizations-in-your-enterprise/removing-organizations-from-your-enterprise)”。 {% data reusables.enterprise-accounts.access-enterprise %} 2. 在 **Organizations(组织)**选项卡中的组织列表上方,单击 **Invite organization(邀请组织)**。 ![邀请组织](/assets/images/help/business-accounts/enterprise-account-invite-organization.png) 3. 在“Organization name(组织名称)”下,开始键入要邀请的组织名称,并在它出现在下拉列表中时选择它。 ![搜索组织](/assets/images/help/business-accounts/enterprise-account-search-for-organization.png) 4. 单击 **Invite organization(邀请组织)**。 -5. The organization owners will receive an email inviting them to join the enterprise. 至少有一个所有者接受邀请才能继续该过程。 您可以在所有者批准邀请之前随时取消或重新发送邀请。 ![取消或重新发送](/assets/images/help/business-accounts/enterprise-account-invitation-sent.png) +5. 组织所有者将收到一封邀请他们加入企业的电子邮件。 至少有一个所有者接受邀请才能继续该过程。 您可以在所有者批准邀请之前随时取消或重新发送邀请。 ![取消或重新发送](/assets/images/help/business-accounts/enterprise-account-invitation-sent.png) 6. 一旦组织所有者批准了邀请,您可以在待定邀请列表中查看其状态。 ![待定邀请](/assets/images/help/business-accounts/enterprise-account-pending.png) 7. 点击 **Approve(批准)**完成传输,或点击 **Cancel(取消)**予以取消。 ![批准邀请](/assets/images/help/business-accounts/enterprise-account-transfer-approve.png) diff --git a/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/managing-unowned-organizations-in-your-enterprise.md b/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/managing-unowned-organizations-in-your-enterprise.md index 19ba0be246..3a9df9c243 100644 --- a/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/managing-unowned-organizations-in-your-enterprise.md +++ b/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/managing-unowned-organizations-in-your-enterprise.md @@ -1,5 +1,5 @@ --- -title: Managing unowned organizations in your enterprise +title: 管理企业中没有所有者的组织 intro: 您可以成为企业帐户中目前没有所有者的组织的所有者。 permissions: Enterprise owners can manage unowned organizations in an enterprise account. redirect_from: diff --git a/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/streaming-the-audit-logs-for-organizations-in-your-enterprise-account.md b/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/streaming-the-audit-logs-for-organizations-in-your-enterprise-account.md index 11eb9d5d71..ea9a747065 100644 --- a/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/streaming-the-audit-logs-for-organizations-in-your-enterprise-account.md +++ b/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/streaming-the-audit-logs-for-organizations-in-your-enterprise-account.md @@ -1,6 +1,6 @@ --- -title: Streaming the audit logs for organizations in your enterprise account -intro: 'You can stream audit and Git events data from {% data variables.product.prodname_dotcom %} to an external data management system.' +title: 流式传输企业帐户中组织的审核日志 +intro: '您可以将审核和 Git 事件数据从 {% data variables.product.prodname_dotcom %} 流式传输到外部数据管理系统。' miniTocMaxHeadingLevel: 3 versions: ghec: '*' @@ -10,43 +10,43 @@ topics: - Enterprise - Logging - Organizations -shortTitle: Stream organization audit logs +shortTitle: 流式传输组织审核日志 redirect_from: - /github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/streaming-the-audit-logs-for-organizations-in-your-enterprise-account permissions: Enterprise owners can configure audit log streaming. --- -## About exporting audit data +## 关于导出审核数据 -You can extract audit log and Git events data from {% data variables.product.prodname_dotcom %} in multiple ways: +您可以通过多种方式从 {% data variables.product.prodname_dotcom %} 中提取审核日志和 Git 事件数据: -* Go to the Audit log page in {% data variables.product.prodname_dotcom %} and click **Export**. For more information, see "[Viewing the audit logs for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/viewing-the-audit-logs-for-organizations-in-your-enterprise-account)" and "[Exporting the audit log](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log)." -* Use the API to poll for new audit log events. For more information, see "[Using the audit log API](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api)." -* Set up {% data variables.product.product_name %} to stream audit data as events are logged. +* 转到 {% data variables.product.prodname_dotcom %} 中的审核日志页,然后单击 **Export(导出)**。 更多信息请参阅“[查看企业帐户中组织的审核日志](/github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/viewing-the-audit-logs-for-organizations-in-your-enterprise-account)”和“[导出审核日志](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log)”。 +* 使用 API 轮询新的审核日志事件。 更多信息请参阅“[使用审核日志 API](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api)”。 +* 设置 {% data variables.product.product_name %} 以在记录事件时流式传输审核数据。 -Currently, audit log streaming is supported for multiple storage providers. +目前,多个存储提供商支持审核日志流式处理。 - Amazon S3 - Azure Blob Storage - Azure Event Hubs - Google Cloud Storage - Splunk -## About audit log streaming +## 关于审核日志流 -To help protect your intellectual property and maintain compliance for your organization, you can use streaming to keep copies of your audit log data and monitor: +为了帮助保护您的知识产权并保持组织的合规性,您可以使用流式处理来保留审核日志数据的副本并监控: {% data reusables.audit_log.audited-data-list %} -The benefits of streaming audit data include: +流式传输审计数据的好处包括: -* **Data exploration**. You can examine streamed events using your preferred tool for querying large quantities of data. The stream contains both audit events and Git events across the entire enterprise account. -* **Data continuity**. You can pause the stream for up to seven days without losing any audit data. -* **Data retention**. You can keep your exported audit logs and Git data as long as you need to. +* **数据探索**。 您可以使用首选工具检查流事件,以查询大量数据。 流包含整个企业帐户中的审核事件和 Git 事件。 +* **数据连续性**。 您可以暂停流长达七天,而不会丢失任何审核数据。 +* **数据保留**。 您可以根据需要保留导出的审核日志和 Git 数据。 -Enterprise owners can set up, pause, or delete a stream at any time. The stream exports the audit data for all of the organizations in your enterprise. +企业所有者可以随时设置、暂停或删除流。 流导出企业中所有组织的审核数据。 -## Setting up audit log streaming +## 设置审核日志流 -You set up the audit log stream on {% data variables.product.product_name %} by following the instructions for your provider. +您可以按照提供程序的说明在 {% data variables.product.product_name %} 上设置审核日志流。 - [Amazon S3](#setting-up-streaming-to-amazon-s3) - [Azure Blob Storage](#setting-up-streaming-to-azure-blob-storage) @@ -54,192 +54,192 @@ You set up the audit log stream on {% data variables.product.product_name %} by - [Google Cloud Storage](#setting-up-streaming-to-google-cloud-storage) - [Splunk](#setting-up-streaming-to-splunk) -### Setting up streaming to Amazon S3 +### 设置流式传输到 Amazon S3 -To stream audit logs to Amazon's S3 endpoint, you must have a bucket and access keys. For more information, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the the AWS documentation. Make sure to block public access to the bucket to protect your audit log information. +要将审核日志流式传输到 Amazon 的 S3 终端节点,您必须拥有存储桶和访问密钥。 更多信息请参阅 AWS 文档中的[创建、配置和使用 Amazon S3 存储桶](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html)。 请务必阻止对存储桶的公共访问,以保护您的审核日志信息。 -To set up audit log streaming from {% data variables.product.prodname_dotcom %} you will need: -* The name of your Amazon S3 bucket -* Your AWS access key ID -* Your AWS secret key +要设置来自 {% data variables.product.prodname_dotcom %} 审核日志流式处理,您需要: +* Amazon S3 存储桶的名称 +* AWS 访问密钥 ID +* AWS 密钥 -For information on creating or accessing your access key ID and secret key, see [Understanding and getting your AWS credentials](https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html) in the AWS documentation. +有关创建或访问访问密钥 ID 和密钥的信息,请参阅 AWS 文档中的[了解和获取您的 AWS 凭据](https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html)。 {% data reusables.enterprise.navigate-to-log-streaming-tab %} -1. Click **Configure stream** and select **Amazon S3**. +1. 单击 **Configure stream(配置流)**,然后选择 **Amazon S3**。 - ![Choose Amazon S3 from the drop-down menu](/assets/images/help/enterprises/audit-stream-choice-s3.png) + ![从下拉菜单中选择 Amazon S3](/assets/images/help/enterprises/audit-stream-choice-s3.png) -1. On the configuration page, enter: - * The name of the bucket you want to stream to. For example, `auditlog-streaming-test`. - * Your access key ID. For example, `ABCAIOSFODNN7EXAMPLE1`. - * Your secret key. For example, `aBcJalrXUtnWXYZ/A1MDENG/zPxRfiCYEXAMPLEKEY`. +1. 在配置页面上,输入: + * 要流式传输到的存储桶的名称。 例如,`auditlog-streaming-test`。 + * 您的访问密钥 ID。 例如,`ABCAIOSFODNN7EXAMPLE1`。 + * 您的密钥。 例如,`aBcJalrXUtnWXYZ/A1MDENG/zPxRfiCYEXAMPLEKEY`。 - ![Enter the stream settings](/assets/images/help/enterprises/audit-stream-add-s3.png) + ![输入流设置](/assets/images/help/enterprises/audit-stream-add-s3.png) -1. Click **Check endpoint** to verify that {% data variables.product.prodname_dotcom %} can connect and write to the Amazon S3 endpoint. +1. 单击 **Check endpoint(检查端点)**以验证 {% data variables.product.prodname_dotcom %} 是否可以连接并写入 Amazon S3 端点。 - ![Check the endpoint](/assets/images/help/enterprises/audit-stream-check.png) + ![检查端点](/assets/images/help/enterprises/audit-stream-check.png) {% data reusables.enterprise.verify-audit-log-streaming-endpoint %} -### Setting up streaming to Azure Blob Storage +### 设置流式传输到 Azure Blob Storage -Before setting up a stream in {% data variables.product.prodname_dotcom %}, you must first have created a storage account and a container in Microsoft Azure. For details, see the Microsoft documentation, "[Introduction to Azure Blob Storage](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blobs-introduction)." +在 {% data variables.product.prodname_dotcom %} 中设置流之前,必须先在 Microsoft Azure 中创建存储帐户和容器。 有关详细信息,请参阅 Microsoft 文档中的“[Azure Blob Storage 简介](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blobs-introduction)”。 -To configure the stream in {% data variables.product.prodname_dotcom %} you need the URL of a SAS token. +要在 {% data variables.product.prodname_dotcom %} 配置流,需要 SAS 令牌的 URL。 -**On Microsoft Azure portal**: -1. On the Home page, click **Storage Accounts**. -2. Click the name of the storage account you want to use, then click **Containers**. +**在 Microsoft Azure 门户中**: +1. 在主页上,单击 **Storage Accounts(存储帐户)**。 +2. 单击要使用的存储帐户的名称,然后单击 **Containers(容器)**。 - ![The Containers link in Azure](/assets/images/azure/azure-storage-containers.png) + ![Azure 中的容器链接](/assets/images/azure/azure-storage-containers.png) -1. Click the name of the container you want to use. -1. Click **Shared access tokens**. +1. 单击要使用的容器的名称。 +1. 单击 **Shared access tokens(共享访问令牌)**。 - ![The shared access token link in Azure](/assets/images/azure/azure-storage-shared-access-tokens.png) + ![Azure 中的共享访问令牌链接](/assets/images/azure/azure-storage-shared-access-tokens.png) -1. In the **Permissions** drop-down menu, change the permissions to only allow `Create` and `Write`. +1. 在 **Permissions(权限)**下拉菜单中,将权限更改为仅允许`创建`和`写入`。 - ![The permissions drop-down menu](/assets/images/azure/azure-storage-permissions.png) + ![权限下拉菜单](/assets/images/azure/azure-storage-permissions.png) -1. Set an expiry date that complies with your secret rotation policy. -1. Click **Generate SAS token and URL**. -1. Copy the value of the **Blob SAS URL** field that's displayed. You will use this URL in {% data variables.product.prodname_dotcom %}. +1. 设置符合机密轮换策略的到期日期。 +1. 单击 **Generate SAS token and URL(生成 SAS 令牌和 URL)**。 +1. 复制显示的 **Blob SAS URL** 字段的值。 您将在 {% data variables.product.prodname_dotcom %} 中使用此 URL。 -**On {% data variables.product.prodname_dotcom %}**: +**在 {% data variables.product.prodname_dotcom %} 上**: {% data reusables.enterprise.navigate-to-log-streaming-tab %} -1. Click **Configure stream** and select **Azure Blob Storage**. +1. 单击 **Configure stream(配置流)**,然后选择 **Azure Blob Storage**。 - ![Choose Azure Blob Storage from the drop-down menu](/assets/images/help/enterprises/audit-stream-choice-azureblob.png) + ![从下拉菜单中选择 Azure Blob Storage](/assets/images/help/enterprises/audit-stream-choice-azureblob.png) -1. On the configuration page, enter the blob SAS URL that you copied in Azure. The **Container** field is auto-filled based on the URL. +1. 在配置页上,输入在 Azure 中复制的 blob SAS URL。 **Container(容器)**字段将根据 URL 自动填充。 - ![Enter the stream settings](/assets/images/help/enterprises/audit-stream-add-azureblob.png) + ![输入流设置](/assets/images/help/enterprises/audit-stream-add-azureblob.png) -1. Click **Check endpoint** to verify that {% data variables.product.prodname_dotcom %} can connect and write to the Azure Blob Storage endpoint. +1. 单击 **Check endpoint(检查端点)**以验证 {% data variables.product.prodname_dotcom %} 是否可以连接并写入 Azure Blob Storage 端点。 - ![Check the endpoint](/assets/images/help/enterprises/audit-stream-check.png) + ![检查端点](/assets/images/help/enterprises/audit-stream-check.png) {% data reusables.enterprise.verify-audit-log-streaming-endpoint %} -### Setting up streaming to Azure Event Hubs +### 设置流式传输到 Azure Event Hub -Before setting up a stream in {% data variables.product.prodname_dotcom %}, you must first have an event hub namespace in Microsoft Azure. Next, you must create an event hub instance within the namespace. You'll need the details of this event hub instance when you set up the stream. For details, see the Microsoft documentation, "[Quickstart: Create an event hub using Azure portal](https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-create)." +在 {% data variables.product.prodname_dotcom %} 中设置流之前,必须先在 Microsoft Azure 中具有事件中心命名空间。 接下来,必须在命名空间中创建事件中心实例。 设置流时,需要此事件中心实例的详细信息。 有关详细信息,请参阅 Microsoft 文档“[快速入门:使用 Azure 门户创建事件中心](https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-create)”。 -You need two pieces of information about your event hub: its instance name and the connection string. +需要有关事件中心的两条信息:其实例名称和连接字符串。 -**On Microsoft Azure portal**: -1. Search for "Event Hubs". +**在 Microsoft Azure 门户中**: +1. 搜索“事件中心”。 - ![The Azure portal search box](/assets/images/azure/azure-resources-search.png) + ![Azure 门户搜索框](/assets/images/azure/azure-resources-search.png) -1. Select **Event Hubs**. The names of your event hubs are listed. +1. 选择 **Event Hubs(事件中心)**。 将列出事件中心的名称。 - ![A list of event hubs](/assets/images/help/enterprises/azure-event-hubs-list.png) + ![事件中心列表](/assets/images/help/enterprises/azure-event-hubs-list.png) -1. Make a note of the name of the event hub you want to stream to. -1. Click the required event hub. Then, in the left menu, select **Shared Access Policies**. -1. Select a shared access policy in the list of policies, or create a new policy. +1. 记下要流式传输到的事件中心的名称。 +1. 单击所需的事件中心。 然后,在左侧菜单中,选择 **Shared Access Policies(共享访问策略)**。 +1. 在策略列表中选择共享访问策略,或创建新策略。 - ![A list of shared access policies](/assets/images/help/enterprises/azure-shared-access-policies.png) + ![共享访问策略列表](/assets/images/help/enterprises/azure-shared-access-policies.png) -1. Click the button to the right of the **Connection string-primary key** field to copy the connection string. +1. 单击 **Connection string-primary key(连接字符串 - 主键)**字段右侧的按钮以复制连接字符串。 - ![The event hub connection string](/assets/images/help/enterprises/azure-connection-string.png) + ![事件中心连接字符串](/assets/images/help/enterprises/azure-connection-string.png) -**On {% data variables.product.prodname_dotcom %}**: +**在 {% data variables.product.prodname_dotcom %} 上**: {% data reusables.enterprise.navigate-to-log-streaming-tab %} -1. Click **Configure stream** and select **Azure Event Hubs**. +1. 单击 **Configure stream(配置流)**,然后选择 **Azure Event Hubs**。 - ![Choose Azure Events Hub from the drop-down menu](/assets/images/help/enterprises/audit-stream-choice-azure.png) + ![从下拉菜单中选择 Azure Events Hub](/assets/images/help/enterprises/audit-stream-choice-azure.png) -1. On the configuration page, enter: - * The name of the Azure Event Hubs instance. - * The connection string. +1. 在配置页面上,输入: + * Azure Event Hubs 实例的名称。 + * 连接字符串。 - ![Enter the stream settings](/assets/images/help/enterprises/audit-stream-add-azure.png) + ![输入流设置](/assets/images/help/enterprises/audit-stream-add-azure.png) -1. Click **Check endpoint** to verify that {% data variables.product.prodname_dotcom %} can connect and write to the Azure Events Hub endpoint. +1. 单击 **Check endpoint(检查端点)**以验证 {% data variables.product.prodname_dotcom %} 是否可以连接并写入 Azure Event Hubs 端点。 - ![Check the endpoint](/assets/images/help/enterprises/audit-stream-check.png) + ![检查端点](/assets/images/help/enterprises/audit-stream-check.png) {% data reusables.enterprise.verify-audit-log-streaming-endpoint %} -### Setting up streaming to Google Cloud Storage +### 设置流式传输到 Google Cloud Storage -To set up streaming to Google Cloud Storage, you must create a service account in Google Cloud with the appropriate credentials and permissions, then configure audit log streaming in {% data variables.product.product_name %} using the service account's credentials for authentication. +要设置流式传输到 Google Cloud Storage,您必须在 Google Cloud 中使用适当的凭据和权限创建一个服务帐户,然后使用服务帐户的凭据在 {% data variables.product.product_name %} 中配置审核日志流以进行身份验证。 -1. Create a service account for Google Cloud. You do not need to set access controls or IAM roles for the service account. For more information, see [Creating and managing service accounts](https://cloud.google.com/iam/docs/creating-managing-service-accounts#creating) in the Google Cloud documentation. -1. Create a JSON key for the service account, and store the key securely. For more information, see [Creating and managing service account keys](https://cloud.google.com/iam/docs/creating-managing-service-account-keys#creating) in the Google Cloud documentation. -1. If you haven't created a bucket yet, create the bucket. For more information, see [Creating storage buckets](https://cloud.google.com/storage/docs/creating-buckets) in the Google Cloud documentation. -1. Give the service account the Storage Object Creator role for the bucket. For more information, see [Using Cloud IAM permissions](https://cloud.google.com/storage/docs/access-control/using-iam-permissions#bucket-add) in the Google Cloud documentation. +1. 为 Google Cloud 创建一个服务帐户。 您无需为服务帐户设置访问控制或 IAM 角色。 更多信息请参阅 Google Cloud 文档中的[创建和管理服务帐户](https://cloud.google.com/iam/docs/creating-managing-service-accounts#creating)。 +1. 创建服务帐户的 JSON 密钥,并安全地存储该密钥。 更多信息请参阅 Google Cloud 文档中的[创建和管理服务帐户密钥](https://cloud.google.com/iam/docs/creating-managing-service-account-keys#creating)。 +1. 如果您尚未创建存储桶,请创建存储桶。 更多信息请参阅 Google Cloud 文档中的[创建存储桶](https://cloud.google.com/storage/docs/creating-buckets)。 +1. 为服务帐户分配存储桶的存储对象创建者角色。 更多信息请参阅 Google Cloud 文档中和[使用 Cloud IAM 权限](https://cloud.google.com/storage/docs/access-control/using-iam-permissions#bucket-add)。 {% data reusables.enterprise.navigate-to-log-streaming-tab %} -1. Select the Configure stream drop-down menu and click **Google Cloud Storage**. +1. 选择配置流下拉菜单,然后单击 **Google Cloud Storage**。 - ![Screenshot of the "Configure stream" drop-down menu](/assets/images/help/enterprises/audit-stream-choice-google-cloud-storage.png) + !["配置流"下拉菜单的屏幕截图](/assets/images/help/enterprises/audit-stream-choice-google-cloud-storage.png) -1. Under "Bucket", type the name of your Google Cloud Storage bucket. +1. 在“Bucket(存储桶)”下,键入 Google Cloud Storage 存储桶的名称。 - ![Screenshot of the "Bucket" text field](/assets/images/help/enterprises/audit-stream-bucket-google-cloud-storage.png) + !["存储桶"文本字段的屏幕截图](/assets/images/help/enterprises/audit-stream-bucket-google-cloud-storage.png) -1. Under "JSON Credentials", paste the entire contents of the file for your service account's JSON key. +1. 在“JSON Credentials(JSON 凭据)”下,粘贴服务帐户的 JSON 密钥文件的全部内容。 - ![Screenshot of the "JSON Credentials" text field](/assets/images/help/enterprises/audit-stream-json-credentials-google-cloud-storage.png) + !["JSON 凭据"文本字段的屏幕截图](/assets/images/help/enterprises/audit-stream-json-credentials-google-cloud-storage.png) -1. To verify that {% data variables.product.prodname_dotcom %} can connect and write to the Google Cloud Storage bucket, click **Check endpoint**. +1. 要验证 {% data variables.product.prodname_dotcom %} 是否可以连接并写入 Google Cloud Storage 存储桶,请单击 **Check endpoint(检查端点)**。 - ![Screenshot of the "Check endpoint" button](/assets/images/help/enterprises/audit-stream-check-endpoint-google-cloud-storage.png) + !["检查端点"按钮的屏幕截图](/assets/images/help/enterprises/audit-stream-check-endpoint-google-cloud-storage.png) {% data reusables.enterprise.verify-audit-log-streaming-endpoint %} -### Setting up streaming to Splunk +### 设置流式传输到 Splunk -To stream audit logs to Splunk's HTTP Event Collector (HEC) endpoint you must make sure that the endpoint is configured to accept HTTPS connections. For more information, see [Set up and use HTTP Event Collector in Splunk Web](https://docs.splunk.com/Documentation/Splunk/latest/Data/UsetheHTTPEventCollector) in the Splunk documentation. +要将审核日志流式传输到 Splunk 的 HTTP 事件收集器 (HEC) 端点,必须确保将终端节点配置为接受 HTTPS 连接。 更多信息请参阅 Splunk 文档中的[在 Splunk Web 中设置和使用 HTTP 事件收集器](https://docs.splunk.com/Documentation/Splunk/latest/Data/UsetheHTTPEventCollector)。 {% data reusables.enterprise.navigate-to-log-streaming-tab %} -1. Click **Configure stream** and select **Splunk**. +1. 单击 **Configure stream(配置流)**,然后选择 **Splunk**。 - ![Choose Splunk from the drop-down menu](/assets/images/help/enterprises/audit-stream-choice-splunk.png) + ![从下拉菜单中选择 Splunk](/assets/images/help/enterprises/audit-stream-choice-splunk.png) -1. On the configuration page, enter: - * The domain on which the application you want to stream to is hosted. +1. 在配置页面上,输入: + * 要流式传输到的应用程序所在的域。 - If you are using Splunk Cloud, `Domain` should be `http-inputs-`, where `host` is the domain you use in Splunk Cloud. 例如:`http-inputs-mycompany.splunkcloud.com`。 + 如果您使用的是 Splunk Cloud,`Domain` 应为 `http-inputs-`,其中 `host` 是您在 Splunk Cloud 中使用的域。 例如:`http-inputs-mycompany.splunkcloud.com`。 - * The port on which the application accepts data.
+ * 应用程序接受数据的端口。
- If you are using Splunk Cloud, `Port` should be `443` if you haven't changed the port configuration. If you are using the free trial version of Splunk Cloud, `Port` should be `8088`. + 如果您使用的是 Splunk Cloud,`Port` 应为 `443`(如果您尚未更改端口配置)。 如果您使用的是 Splunk Cloud 的免费试用版,`Port` 应为 `8088`。 - * A token that {% data variables.product.prodname_dotcom %} can use to authenticate to the third-party application. + * {% data variables.product.prodname_dotcom %} 可用来验证第三方应用程序的令牌。 - ![Enter the stream settings](/assets/images/help/enterprises/audit-stream-add-splunk.png) + ![输入流设置](/assets/images/help/enterprises/audit-stream-add-splunk.png) -1. Leave the **Enable SSL verification** check box selected. +1. 选中 **Enable SSL verification(启用 SSL 验证)**复选框。 - Audit logs are always streamed as encrypted data, however, with this option selected, {% data variables.product.prodname_dotcom %} verifies the SSL certificate of your Splunk instance when delivering events. SSL verification helps ensure that events are delivered to your URL endpoint securely. You can clear the selection of this option, but we recommend you leave SSL verification enabled. -1. Click **Check endpoint** to verify that {% data variables.product.prodname_dotcom %} can connect and write to the Splunk endpoint. ![Check the endpoint](/assets/images/help/enterprises/audit-stream-check-splunk.png) + 审核日志始终作为加密数据进行流式传输,但是,如果选择此选项, {% data variables.product.prodname_dotcom %} 在传递事件时会验证 Splunk 实例的 SSL 证书。 SSL 验证有助于确保将事件安全地传递到 URL 端点。 您可以清除此选项的选择,但我们建议您将 SSL 验证保留为启用状态。 +1. 单击 **Check endpoint(检查端点)**以验证 {% data variables.product.prodname_dotcom %} 是否可以连接并写入 Splunk 端点。 ![检查端点](/assets/images/help/enterprises/audit-stream-check-splunk.png) {% data reusables.enterprise.verify-audit-log-streaming-endpoint %} -## Pausing audit log streaming +## 暂停审核日志流 -Pausing the stream allows you to perform maintenance on the receiving application without losing audit data. Audit logs are stored for up to seven days on {% data variables.product.product_location %} and are then exported when you unpause the stream. +暂停流允许您对接收应用程序执行维护,而不会丢失审核数据。 审核日志在 {% data variables.product.product_location %} 上最多存储七天,然后在取消暂停流时导出。 {% data reusables.enterprise.navigate-to-log-streaming-tab %} -1. Click **Pause stream**. +1. 单击 **Pause stream(暂停流)**。 - ![Pause the stream](/assets/images/help/enterprises/audit-stream-pause.png) + ![暂停流](/assets/images/help/enterprises/audit-stream-pause.png) -1. A confirmation message is displayed. Click **Pause stream** to confirm. +1. 将显示一条确认消息。 单击 **Pause stream(暂停流)**以确认。 -When the application is ready to receive audit logs again, click **Resume stream** to restart streaming audit logs. +当应用程序准备好再次接收审核日志时,单击 **Resume stream(恢复流)**以重新启动流式处理审核日志。 -## Deleting the audit log stream +## 删除审核日志流 {% data reusables.enterprise.navigate-to-log-streaming-tab %} -1. Click **Delete stream**. +1. 单击 **Delete stream(删除流)**。 - ![Delete the stream](/assets/images/help/enterprises/audit-stream-delete.png) + ![删除流](/assets/images/help/enterprises/audit-stream-delete.png) -1. A confirmation message is displayed. Click **Delete stream** to confirm. +1. 将显示一条确认消息。 单击 **Delete stream(删除流)**以确认。 diff --git a/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise.md b/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise.md index f6496d5cd5..21b8cf9e6b 100644 --- a/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise.md +++ b/translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/viewing-the-audit-logs-for-organizations-in-your-enterprise.md @@ -1,5 +1,5 @@ --- -title: Viewing the audit logs for organizations in your enterprise +title: 查看企业中组织的审核日志 intro: 企业所有者可以在其审核日志中查看企业帐户拥有的所有组织的汇总操作。 redirect_from: - /github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/viewing-the-audit-logs-for-organizations-in-your-enterprise-account @@ -29,7 +29,7 @@ shortTitle: 查看组织审核日志 您可以在审核日志中搜索特定事件并导出审核日志数据。 有关搜索审核日志和特定组织事件的更多信息,请参阅“[审查组织的审核日志](/organizations/keeping-your-organization-secure/reviewing-the-audit-log-for-your-organization)”。 -You can also stream audit and Git events data from {% data variables.product.prodname_dotcom %} to an external data management system. For more information, see "[Streaming the audit logs for organizations in your enterprise account](/admin/user-management/managing-organizations-in-your-enterprise/streaming-the-audit-logs-for-organizations-in-your-enterprise-account)." +您还可以将审核和 Git 事件数据从 {% data variables.product.prodname_dotcom %} 流式传输到外部数据管理系统。 更多信息请参阅“[流式传输企业帐户中组织的审核日志](/admin/user-management/managing-organizations-in-your-enterprise/streaming-the-audit-logs-for-organizations-in-your-enterprise-account)”。 {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} diff --git a/translations/zh-CN/content/admin/user-management/managing-repositories-in-your-enterprise/restoring-a-deleted-repository.md b/translations/zh-CN/content/admin/user-management/managing-repositories-in-your-enterprise/restoring-a-deleted-repository.md index 8e0e3bddfe..4000353c26 100644 --- a/translations/zh-CN/content/admin/user-management/managing-repositories-in-your-enterprise/restoring-a-deleted-repository.md +++ b/translations/zh-CN/content/admin/user-management/managing-repositories-in-your-enterprise/restoring-a-deleted-repository.md @@ -1,6 +1,6 @@ --- title: 恢复已删除的仓库 -intro: Site administrators can restore deleted repositories to recover their contents. +intro: 站点管理员可以恢复已删除的仓库来恢复其内容。 versions: ghes: '*' ghae: '*' @@ -8,14 +8,14 @@ topics: - Enterprise - Privacy - Repositories -shortTitle: Restore a deleted repository +shortTitle: 恢复已删除的仓库 --- -通常情况下,如果有人删除仓库,它将在磁盘上保留 90 天并且可以通过站点管理员仪表板进行恢复。 Unless a legal hold is in effect on a user or organization, after 90 days the repository is purged and deleted forever. +通常情况下,如果有人删除仓库,它将在磁盘上保留 90 天并且可以通过站点管理员仪表板进行恢复。 除非法定保留对用户或组织有效,否则 90 天后,存储库将被清除并永久删除。 ## 关于仓库恢复 -If a repository was part of a fork network when it was deleted, the restored repository will be detached from the original fork network. +如果存储库在被删除时是复刻网络的一部分,则还原的存储库将与原始复刻网络分离。 仓库被删除后,可能需要一个小时才能恢复。 @@ -26,10 +26,10 @@ If a repository was part of a fork network when it was deleted, the restored rep {% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.search-user-or-org %} {% data reusables.enterprise_site_admin_settings.click-user-or-org %} -1. In the {% octicon "repo" aria-label="The repo icon" %} **Repositories** section, click the {% octicon "trash" aria-label="The trash icon" %} **Deleted repositories** link. -1. Find the repository you want to restore in the deleted repositories list, then to the right of the repository name click **Restore**. -1. To confirm you would like to restore the named repository, click **Restore**. +1. 在 {% octicon "repo" aria-label="The repo icon" %} **存储库**部分,单击 {% octicon "trash" aria-label="The trash icon" %} **已删除的存储库**链接。 +1. 在已删除的存储库列表中找到要还原的存储库,然后在存储库名称右侧单击 **Restore(还原)**。 +1. 要确认是否要还原指定的存储库,请单击 **Restore(还原)**。 ## 延伸阅读 -- "[Placing a legal hold on a user or organization](/admin/user-management/managing-users-in-your-enterprise/placing-a-legal-hold-on-a-user-or-organization)" +- "[对用户或组织合法保留](/admin/user-management/managing-users-in-your-enterprise/placing-a-legal-hold-on-a-user-or-organization)" diff --git a/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise.md b/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise.md index 118c7c798a..d4ce4c91cd 100644 --- a/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise.md +++ b/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise.md @@ -43,7 +43,7 @@ shortTitle: 邀请人员进行管理 ## {% ifversion ghec %}邀请{% elsif ghes %}添加{% endif %} 企业管理员到您的企业帐户 -{% ifversion ghec %}在邀请别人加入企业帐户后,他们必须接受电子邮件邀请,然后才可访问企业帐户。 Pending invitations will expire after 7 days.{% endif %} +{% ifversion ghec %}在邀请别人加入企业帐户后,他们必须接受电子邮件邀请,然后才可访问企业帐户。 待处理的邀请将在 7 天后过期。{% endif %} {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.people-tab %} @@ -66,10 +66,10 @@ shortTitle: 邀请人员进行管理 {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.people-tab %} {% data reusables.enterprise-accounts.administrators-tab %} -1. Next to the username of the person you'd like to remove, click {% octicon "gear" aria-label="The Settings gear" %}, then click {% ifversion ghes %}**Remove owner**{% elsif ghec %}**Convert to member**{% endif %}. +1. 在您要删除的人员用户名旁边,单击 {% octicon "gear" aria-label="The Settings gear" %},然后单击 {% ifversion ghes %}**Remove owner(删除所有者)**{% elsif ghec %}**Convert to member(转换为成员)**{% endif %}。 {% ifversion ghec %} ![包含删除企业管理员的菜单选项的设置齿轮](/assets/images/help/business-accounts/remove-admin.png) {% elsif ghes %} ![包含删除企业管理员的菜单选项的设置齿轮](/assets/images/help/business-accounts/ghes-remove-owner.png) {% endif %} -1. Read the confirmation, then click {% ifversion ghes %}**Remove owner**{% elsif ghec %}**Yes, convert USERNAME to member**{% endif %}. +1. 阅读确认信息,然后单击 {% ifversion ghes %}**Remove owner(删除所有者)**{% elsif ghec %}**Yes, convert USERNAME to member(是,将 [用户名] 转换为成员)**{% endif %}。 diff --git a/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md b/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md index 18acc84060..de082a51d7 100644 --- a/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md +++ b/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/managing-support-entitlements-for-your-enterprise.md @@ -15,7 +15,7 @@ shortTitle: 管理支持权利 拥有企业帐户支持权限的人员可以使用支持门户打开、查看和评论与企业帐户相关的支持事件单。 -企业所有人和帐单管理员自动拥有支持权利。 Enterprise owners can add support entitlements to up to 20 additional members of organizations owned by their enterprise account. +企业所有人和帐单管理员自动拥有支持权利。 企业所有者可以向企业帐户拥有的最多 20 个额外组织成员添加支持权利。 ## 向企业成员添加支持权利 @@ -28,8 +28,8 @@ shortTitle: 管理支持权利 {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} 3. 在“Settings(设置)”下,单击 **Support(支持)**。 ![支持菜单项](/assets/images/help/enterprises/settings-support.png) -4. 在“Add support member(添加支持成员)”下,开始键入要提供支持权利的人员的名称或用户名。 在匹配列表中单击其名称。 ![Add support entitlement search](/assets/images/help/enterprises/settings-support-entitlement-search.png) -5. 单击 **Add support entitlement(添加支持权利)**。 ![Add support entitlement button](/assets/images/help/enterprises/settings-support-add-entitlement.png) +4. 在“Add support member(添加支持成员)”下,开始键入要提供支持权利的人员的名称或用户名。 在匹配列表中单击其名称。 ![添加支持权利搜索](/assets/images/help/enterprises/settings-support-entitlement-search.png) +5. 单击 **Add support entitlement(添加支持权利)**。 ![添加支持权利按钮](/assets/images/help/enterprises/settings-support-add-entitlement.png) ## 从企业成员删除支持权利 diff --git a/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise.md b/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise.md index 4c7c1d6872..37a94184be 100644 --- a/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise.md +++ b/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise.md @@ -1,6 +1,6 @@ --- -title: 企业中的角色 -intro: 企业中的每个人都是企业的成员。 要控制对企业的设置和数据的访问权限,您可以为企业成员分配不同的角色。 +title: Roles in an enterprise +intro: 'Everyone in an enterprise is a member of the enterprise. To control access to your enterprise''s settings and data, you can assign different roles to members of your enterprise.' redirect_from: - /github/setting-up-and-managing-your-enterprise/managing-users-in-your-enterprise/roles-in-an-enterprise - /github/setting-up-and-managing-your-enterprise-account/roles-for-an-enterprise-account @@ -15,68 +15,68 @@ topics: - Enterprise --- -## 关于企业中的角色 +## About roles in an enterprise -企业中的每个人都是企业的成员。 您还可以为企业成员分配管理角色。 每个管理员角色都映射到业务职能,并提供在企业中执行特定任务的权限。 +Everyone in an enterprise is a member of the enterprise. You can also assign administrative roles to members of your enterprise. Each administrator role maps to business functions and provides permissions to do specific tasks within the enterprise. {% data reusables.enterprise-accounts.enterprise-administrators %} {% ifversion ghec %} -如果您的企业没有使用 {% data variables.product.prodname_emus %},您可以邀请他人使用他们控制的 {% data variables.product.product_name %} 用户帐户来管理角色。 For more information, see "[Inviting people to manage your enterprise](/github/setting-up-and-managing-your-enterprise/inviting-people-to-manage-your-enterprise)." +If your enterprise does not use {% data variables.product.prodname_emus %}, you can invite someone to an administrative role using a user account on {% data variables.product.product_name %} that they control. For more information, see "[Inviting people to manage your enterprise](/github/setting-up-and-managing-your-enterprise/inviting-people-to-manage-your-enterprise)." -在使用 {% data variables.product.prodname_emus %} 的企业中,必须通过身份提供商预配新所有者和成员。 企业所有者和组织所有者不能使用 {% data variables.product.prodname_dotcom %} 向企业添加新成员或所有者。 您可以使用 IdP 选择成员的企业角色,它不能在 {% data variables.product.prodname_dotcom %} 上更改。 您可以在 {% data variables.product.prodname_dotcom %} 上选择成员在组织中的角色。 更多信息请参阅“[关于 {% data variables.product.prodname_emus %}](/enterprise-cloud@latest/admin/authentication/managing-your-enterprise-users-with-your-identity-provider/about-enterprise-managed-users)”。 +In an enterprise using {% data variables.product.prodname_emus %}, new owners and members must be provisioned through your identity provider. Enterprise owners and organization owners cannot add new members or owners to the enterprise using {% data variables.product.prodname_dotcom %}. You can select a member's enterprise role using your IdP and it cannot be changed on {% data variables.product.prodname_dotcom %}. You can select a member's role in an organization on {% data variables.product.prodname_dotcom %}. For more information, see "[About {% data variables.product.prodname_emus %}](/enterprise-cloud@latest/admin/authentication/managing-your-enterprise-users-with-your-identity-provider/about-enterprise-managed-users)." {% else %} -有关向企业添加人员的更多信息,请参阅“[身份验证](/admin/authentication)”。 +For more information about adding people to your enterprise, see "[Authentication](/admin/authentication)". {% endif %} ## Enterprise owners -企业所有者可以完全控制企业,并可以采取所有操作,包括: -- 管理管理员 +Enterprise owners have complete control over the enterprise and can take every action, including: +- Managing administrators - {% ifversion ghec %}Adding and removing {% elsif ghae or ghes %}Managing{% endif %} organizations {% ifversion ghec %}to and from {% elsif ghae or ghes %} in{% endif %} the enterprise{% if remove-enterprise-members %} - Removing enterprise members from all organizations owned by the enterprise{% endif %} -- 管理企业设置 -- 在组织范围内强制实施政策 -{% ifversion ghec %}- 管理帐单设置{% endif %} +- Managing enterprise settings +- Enforcing policy across organizations +{% ifversion ghec %}- Managing billing settings{% endif %} {% if enterprise-owner-join-org %} Enterprise owners do not have access to organization settings or content by default. To gain access, enterprise owners can join any organization owned by their enterprise. For more information, see "[Managing your role in an organization owned by your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise)." Owners of organizations in your enterprise do not have access to the enterprise itself unless you make them enterprise owners. {% else %} -企业所有者无法访问组织设置或内容,除非将其设为组织所有者或授予直接访问组织所拥有仓库的权限。 同样,除非您将其设为企业所有者,否则企业中的组织所有者无权访问企业。 +Enterprise owners cannot access organization settings or content unless they are made an organization owner or given direct access to an organization-owned repository. Similarly, owners of organizations in your enterprise do not have access to the enterprise itself unless you make them enterprise owners. {% endif %} -企业所有者仅在他们是企业中至少一个组织的所有者或成员时才可使用许可证。 Even if an enterprise owner has a role in multiple organizations, they will consume a single license. {% ifversion ghec %}企业所有者必须在 {% data variables.product.prodname_dotcom %} 上拥有个人帐户。{% endif %} 作为最佳实践,我们建议只将少数人设为公司的企业所有者,以降低业务风险。 +An enterprise owner will only consume a license if they are an owner or member of at least one organization within the enterprise. Even if an enterprise owner has a role in multiple organizations, they will consume a single license. {% ifversion ghec %}Enterprise owners must have a personal account on {% data variables.product.prodname_dotcom %}.{% endif %} As a best practice, we recommend making only a few people in your company enterprise owners, to reduce the risk to your business. -## 企业成员 +## Enterprise members -您的企业所拥有组织的成员也会自动成为企业的成员。 成员可以在组织中进行协作,也可以是组织所有者,但成员无法访问或配置企业设置{% ifversion ghec %},包括计费设置{% endif %}。 +Members of organizations owned by your enterprise are also automatically members of the enterprise. Members can collaborate in organizations and may be organization owners, but members cannot access or configure enterprise settings{% ifversion ghec %}, including billing settings{% endif %}. -企业中的人员可能对您的企业拥有的各种组织以及这些组织中的仓库具有不同级别的访问权限。 您可以查看每个人具有访问权限的资源。 更多信息请参阅“[查看企业中的人员](/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise)”。 +People in your enterprise may have different levels of access to the various organizations owned by your enterprise and to repositories within those organizations. You can view the resources that each person has access to. For more information, see "[Viewing people in your enterprise](/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise)." For more information about organization-level permissions, see "[Roles in an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)." -对组织所拥有仓库具有外部协作者访问权限的人员也会在企业的 People(人员)选项卡中列出,但他们不是企业成员,也没有对企业的任何访问权限。 For more information about outside collaborators, see "[Roles in an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#outside-collaborators)." +People with outside collaborator access to repositories owned by your organization are also listed in your enterprise's People tab, but are not enterprise members and do not have any access to the enterprise. For more information about outside collaborators, see "[Roles in an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#outside-collaborators)." {% ifversion ghec %} -## 帐单管理员 +## Billing managers -帐单管理员只能访问企业的帐单设置。 企业的帐单管理员可以: -- 查看和管理用户许可证、{% data variables.large_files.product_name_short %} 包以及其他计费设置 -- 查看帐单管理员列表 -- 添加或删除其他帐单管理员 +Billing managers only have access to your enterprise's billing settings. Billing managers for your enterprise can: +- View and manage user licenses, {% data variables.large_files.product_name_short %} packs and other billing settings +- View a list of billing managers +- Add or remove other billing managers -帐单管理员仅在他们是企业中至少一个组织的所有者或成员时才可使用许可证。 帐单管理员无权访问企业中的组织或仓库,也无法添加或删除企业所有者。 帐单管理员必须在 {% data variables.product.prodname_dotcom %} 上拥有个人帐户。 +Billing managers will only consume a license if they are an owner or member of at least one organization within the enterprise. Billing managers do not have access to organizations or repositories in your enterprise, and cannot add or remove enterprise owners. Billing managers must have a personal account on {% data variables.product.prodname_dotcom %}. -## 关于支持权利 +## About support entitlements {% data reusables.enterprise-accounts.support-entitlements %} -## 延伸阅读 +## Further reading -- “[关于企业帐户](/admin/overview/about-enterprise-accounts)” +- "[About enterprise accounts](/admin/overview/about-enterprise-accounts)" {% endif %} diff --git a/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise.md b/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise.md index cca3c9668b..a2e7b4f999 100644 --- a/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise.md +++ b/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise.md @@ -16,7 +16,7 @@ shortTitle: 查看和管理 SAML 访问 ## 关于对企业帐户的 SAML 访问 -When you enable SAML single sign-on for your enterprise account, each enterprise member can link their external identity on your identity provider (IdP) to their existing account on {% data variables.product.product_location %}. {% data reusables.saml.about-saml-access-enterprise-account %} +当您为企业帐户启用 SAML 单点登录时,每个企业成员都可以将其身份提供商 (IdP) 上的外部身份链接到 {% data variables.product.product_location %} 上的现有帐户。 {% data reusables.saml.about-saml-access-enterprise-account %} 如果您的企业使用 {% data variables.product.prodname_emus %},成员将使用通过您的 IdP 预配的帐户。 {% data variables.product.prodname_managed_users_caps %} 将不会在 {% data variables.product.product_name %} 上使用他们现有的用户帐户。 更多信息请参阅“[关于 {% data variables.product.prodname_emus %}](/enterprise-cloud@latest/admin/authentication/managing-your-enterprise-users-with-your-identity-provider/about-enterprise-managed-users)”。 diff --git a/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md b/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md index 98bc1850e6..b8de2a9bd1 100644 --- a/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md +++ b/translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md @@ -39,19 +39,19 @@ shortTitle: 查看企业中的人员 {% ifversion ghec %} -## Viewing suspended members in an {% data variables.product.prodname_emu_enterprise %} +## 在 {% data variables.product.prodname_emu_enterprise %} 中查看暂停的成员 -If your enterprise uses {% data variables.product.prodname_emus %}, you can also view suspended users. Suspended users are members who have been deprovisioned after being unassigned from the {% data variables.product.prodname_emu_idp_application %} application or deleted from the identity provider. 更多信息请参阅“[关于企业管理用户](/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/about-enterprise-managed-users)”。 +如果您的企业使用 {% data variables.product.prodname_emus %},您还可以查看已暂停的用户。 暂停的用户是在从 {% data variables.product.prodname_emu_idp_application %} 应用程序取消分配或从身份提供商中删除后已取消预配的成员。 更多信息请参阅“[关于企业管理用户](/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/about-enterprise-managed-users)”。 {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.people-tab %} -1. To view a list of suspended members, above the list of active members, click **Suspended**. ![Screenshot showing "Suspended" option](/assets/images/help/enterprises/view-suspended-members.png) +1. 要查看已暂停成员的列表,请在活动成员列表上方单击 **Suspended(已暂停)**。 ![显示"已暂停"选项的屏幕截图](/assets/images/help/enterprises/view-suspended-members.png) {% endif %} ## 查看休眠用户 -You can view a list of all dormant users {% ifversion ghes or ghae %} who have not been suspended and {% endif %}who are not site administrators. {% data reusables.enterprise-accounts.dormant-user-activity-threshold %} 更多信息请参阅“[管理休眠用户](/admin/user-management/managing-users-in-your-enterprise/managing-dormant-users)”。 +您可以查看{% ifversion ghes or ghae %}尚未暂停以及{% endif %}不是站点管理员的所有休眠用户列表。 {% data reusables.enterprise-accounts.dormant-user-activity-threshold %} 更多信息请参阅“[管理休眠用户](/admin/user-management/managing-users-in-your-enterprise/managing-dormant-users)”。 ## 延伸阅读 diff --git a/translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md b/translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md index b04d237d3a..b65b8cf7d9 100644 --- a/translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md +++ b/translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your-enterprise/about-migrations.md @@ -25,7 +25,7 @@ topics: 在迁移中,一切都围绕仓库进行。 与仓库关联的大多数数据都可以迁移。 例如,组织内的仓库将迁移仓库*和*组织,以及与该仓库关联的任何用户、团队、问题和拉取请求。 -下表中的项可随仓库一起迁移。 迁移的数据列表中未显示的任何项都无法迁移。 +下表中的项可随仓库一起迁移。 Any items not shown in the list of migrated data can not be migrated, including {% data variables.large_files.product_name_short %} assets. {% data reusables.enterprise_migrations.fork-persistence %} diff --git a/translations/zh-CN/content/admin/user-management/monitoring-activity-in-your-enterprise/managing-global-webhooks.md b/translations/zh-CN/content/admin/user-management/monitoring-activity-in-your-enterprise/managing-global-webhooks.md index 5b1ac3ed64..831cc5fd54 100644 --- a/translations/zh-CN/content/admin/user-management/monitoring-activity-in-your-enterprise/managing-global-webhooks.md +++ b/translations/zh-CN/content/admin/user-management/monitoring-activity-in-your-enterprise/managing-global-webhooks.md @@ -1,7 +1,7 @@ --- title: 管理全局 web 挂钩 -shortTitle: Manage global webhooks -intro: You can configure global webhooks to notify external web servers when events occur within your enterprise. +shortTitle: 管理全局 web 挂钩 +intro: 您可以配置全局 web 挂钩,以便在企业内部发生事件时通知外部 Web 服务器。 permissions: Enterprise owners can manage global webhooks for an enterprise account. redirect_from: - /enterprise/admin/user-management/about-global-webhooks @@ -25,9 +25,9 @@ topics: ## 关于全局 web 挂钩 -You can use global webhooks to notify an external web server when events occur within your enterprise. You can configure the server to receive the webhook's payload, then run an application or code that monitors, responds to, or enforces rules for user and organization management for your enterprise. 更多信息请参阅“[web 挂钩](/developers/webhooks-and-events/webhooks)”。 +当企业内部发生事件时,您可以使用全局 web 挂钩通知外部 Web 服务器。 您可以将服务器配置为接收 web 挂钩的有效负载,然后运行监控、响应或实施企业用户和组织管理规则的应用程序或代码。 更多信息请参阅“[web 挂钩](/developers/webhooks-and-events/webhooks)”。 -For example, you can configure {% data variables.product.product_location %} to send a webhook when someone creates, deletes, or modifies a repository or organization within your enterprise. You can configure the server to automatically perform a task after receiving the webhook. +例如,您可以将 {% data variables.product.product_location %} 配置为在有人创建、删除或修改企业内的存储库或组织时发送 web 挂钩。 您可以将服务器配置为在收到 web 挂钩后自动执行任务。 ![全局 web 挂钩列表](/assets/images/enterprise/site-admin-settings/list-of-global-webhooks.png) @@ -42,23 +42,23 @@ For example, you can configure {% data variables.product.product_location %} to 6. 输入您想要接收有效负载的 URL。![用于输入有效负载 URL 的字段](/assets/images/enterprise/site-admin-settings/add-global-webhook-payload-url.png) 7. 或者,使用 **Content type** 下拉菜单,并单击有效负载格式。 ![列出内容类型选项的下拉菜单](/assets/images/enterprise/site-admin-settings/add-global-webhook-content-type-dropdown.png) 8. 或者,在 **Secret** 字段中,输入用作 `secret` 密钥的字符串。 ![用于输入用作密钥的字符串的字段](/assets/images/enterprise/site-admin-settings/add-global-webhook-secret.png) -9. Optionally, if your payload URL is HTTPS and you would not like {% data variables.product.prodname_ghe_server %} to verify SSL certificates when delivering payloads, select **Disable SSL verification**. 阅读 SSL 验证的信息,然后单击 **I understand my webhooks may not be secure**。 ![Checkbox for disabling SSL verification](/assets/images/enterprise/site-admin-settings/add-global-webhook-disable-ssl-button.png) +9. (可选)如果有效负载 URL 为 HTTPS,并且您不希望 {% data variables.product.prodname_ghe_server %} 在交付有效负载时验证 SSL 证书,请选择 **Disable SSL verification(禁用 SSL 验证)**。 阅读 SSL 验证的信息,然后单击 **I understand my webhooks may not be secure**。 ![用于禁用 SSL 验证的复选框](/assets/images/enterprise/site-admin-settings/add-global-webhook-disable-ssl-button.png) {% warning %} **警告**:SSL 验证有助于确保安全投递挂钩有效负载。 我们不建议禁用 SSL 验证。 {% endwarning %} -10. Decide if you'd like this webhook to trigger for every event or for selected events. ![包含用于为每个事件或选定事件接收有效负载的选项的单选按钮](/assets/images/enterprise/site-admin-settings/add-global-webhook-select-events.png) +10. 确定您希望此 web 挂钩对每个事件还是选定事件触发。 ![包含用于为每个事件或选定事件接收有效负载的选项的单选按钮](/assets/images/enterprise/site-admin-settings/add-global-webhook-select-events.png) - 对于每个事件,请选择 **Send me everything**。 - 要选择特定事件,请选择 **Let me select individual events**。 -11. If you chose to select individual events, select the events that will trigger the webhook. +11. 如果选择单个事件,请选择将触发 web 挂钩的事件。 {% ifversion ghec %} - ![Checkboxes for individual global webhook events](/assets/images/enterprise/site-admin-settings/add-global-webhook-select-individual-events.png) + ![单个全局 web 挂钩事件的复选框](/assets/images/enterprise/site-admin-settings/add-global-webhook-select-individual-events.png) {% elsif ghes or ghae %} - ![Checkboxes for individual global webhook events](/assets/images/enterprise/site-admin-settings/add-global-webhook-select-individual-events-ghes-and-ae.png) + ![单个全局 web 挂钩事件的复选框](/assets/images/enterprise/site-admin-settings/add-global-webhook-select-individual-events-ghes-and-ae.png) {% endif %} -12. Confirm that the **Active** checkbox is selected. ![已选择 Active 复选框](/assets/images/help/business-accounts/webhook-active.png) +12. 确认选中了 **Active(活动)**复选框。 ![已选择 Active 复选框](/assets/images/help/business-accounts/webhook-active.png) 13. 单击 **Add webhook(添加 web 挂钩)**。 ## 编辑全局 web 挂钩 diff --git a/translations/zh-CN/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md b/translations/zh-CN/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md index 291407dc29..edd4ada50f 100644 --- a/translations/zh-CN/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md +++ b/translations/zh-CN/content/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys.md @@ -25,7 +25,7 @@ shortTitle: Check for existing SSH key # Lists the files in your .ssh directory, if they exist ``` -3. Check the directory listing to see if you already have a public SSH key. By default, the {% ifversion ghae %}filename of a supported public key for {% data variables.product.product_name %} is *id_rsa.pub*.{% elsif fpt or ghes %}filenames of supported public keys for {% data variables.product.product_name %} are one of the following. +3. Check the directory listing to see if you already have a public SSH key. By default, the {% ifversion ghae %}filename of a supported public key for {% data variables.product.product_name %} is *id_rsa.pub*.{% else %}filenames of supported public keys for {% data variables.product.product_name %} are one of the following. - *id_rsa.pub* - *id_ecdsa.pub* - *id_ed25519.pub*{% endif %} diff --git a/translations/zh-CN/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md b/translations/zh-CN/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md index 5e1e94b815..cd6d5c3614 100644 --- a/translations/zh-CN/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md +++ b/translations/zh-CN/content/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection.md @@ -37,7 +37,7 @@ shortTitle: 测试 SSH 连接 > Are you sure you want to continue connecting (yes/no)? ``` -3. 验证所看到消息中的指纹是否匹配 {% ifversion fpt or ghec %}[{% data variables.product.prodname_dotcom %} 的 RSA 公钥指纹](/github/authenticating-to-github/githubs-ssh-key-fingerprints){% else %}您企业的公钥指纹{% endif %}。 如果是,则输入 `yes`: +3. 验证所看到消息中的指纹是否匹配 {% ifversion fpt or ghec %}[{% data variables.product.prodname_dotcom %} 的公钥指纹](/github/authenticating-to-github/githubs-ssh-key-fingerprints){% else %}您企业的公钥指纹{% endif %}。 如果是,则输入 `yes`: ```shell > Hi username! You've successfully authenticated, but GitHub does not > provide shell access. diff --git a/translations/zh-CN/content/authentication/managing-commit-signature-verification/signing-tags.md b/translations/zh-CN/content/authentication/managing-commit-signature-verification/signing-tags.md index c386b1ace6..4c94be611d 100644 --- a/translations/zh-CN/content/authentication/managing-commit-signature-verification/signing-tags.md +++ b/translations/zh-CN/content/authentication/managing-commit-signature-verification/signing-tags.md @@ -23,7 +23,7 @@ topics: $ git tag -s mytag # Creates a signed tag ``` -2. Verify your signed tag by running `git tag -v [tag-name]`. +2. 通过运行 `git tag -v [tag-name]` 验证您签名的标记。 ```shell $ git tag -v mytag # Verifies the signed tag diff --git a/translations/zh-CN/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md b/translations/zh-CN/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md index 3b0faba806..7ffedc539e 100644 --- a/translations/zh-CN/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md +++ b/translations/zh-CN/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md @@ -33,7 +33,7 @@ $ ssh -T -p 443 git@ssh.github.com 如果您能在端口 443 上通过 SSH 连接到 `git@ssh.{% data variables.command_line.backticks %}`,则可以覆盖您的 SSH 设置以强制与 {% data variables.product.product_location %} 的任何连接均通过该服务器和端口运行。 -要在 SSH 配置文件中设置此设置,请在 `~/.ssh/config` 编辑该文件,并添加以下部分: +To set this in your SSH configuration file, edit the file at `~/.ssh/config`, and add this section: ``` Host {% data variables.command_line.codeblock %} diff --git a/translations/zh-CN/content/billing/managing-billing-for-your-github-account/connecting-an-azure-subscription-to-your-enterprise.md b/translations/zh-CN/content/billing/managing-billing-for-your-github-account/connecting-an-azure-subscription-to-your-enterprise.md index 169f69d6a4..c4d8ce299e 100644 --- a/translations/zh-CN/content/billing/managing-billing-for-your-github-account/connecting-an-azure-subscription-to-your-enterprise.md +++ b/translations/zh-CN/content/billing/managing-billing-for-your-github-account/connecting-an-azure-subscription-to-your-enterprise.md @@ -31,7 +31,7 @@ shortTitle: 连接 Azure 订阅 {% note %} - **Note:** {% data variables.product.company_short %}'s Subscription Permission Validation requests read-only access to display the list of available subscriptions. To select an Azure subscription, you must have owner permissions to the subscription. If the default tenant does not have the right permissions, you may need to specify a different tenant ID. For more information, see [Microsoft identity platform and OAuth 2.0 authorization code flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#request-an-authorization-code) in Microsoft Docs. + **注意:**{% data variables.product.company_short %}的订阅权限验证请求只读访问权限以显示可用订阅的列表。 要选择 Azure 订阅,必须对订阅拥有所有者权限。 如果默认租户没有正确的权限,则可能需要指定其他租户 ID。 更多信息请参阅 Microsoft 文档中的 [Microsoft 身份平台和 OAuth 2.0 授权代码流](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#request-an-authorization-code)。 {% endnote %} 1. 单击 **Connect(连接)**。 diff --git a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md index 9d6c9f02dc..a493254a83 100644 --- a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md +++ b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md @@ -27,7 +27,15 @@ topics: 每个警报都会高亮显示代码的问题以及识别该问题的工具名称。 You can see the line of code that triggered the alert, as well as properties of the alert, such as the alert severity{% ifversion fpt or ghes > 3.1 or ghae or ghec %}, security severity,{% endif %} and the nature of the problem. 警报还会告知该问题第一次被引入的时间。 对于由 {% data variables.product.prodname_codeql %} 分析确定的警报,您还会看到如何解决问题的信息。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.alert-default-branch %} +{% endif %} + +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![来自 {% data variables.product.prodname_code_scanning %} 的警报示例](/assets/images/help/repository/code-scanning-alert.png) +{% else %} +![来自 {% data variables.product.prodname_code_scanning %} 的警报示例](/assets/images/enterprise/3.4/repository/code-scanning-alert.png) +{% endif %} If you set up {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %}, you can also find data-flow problems in your code. 数据流分析将查找代码中的潜在安全问题,例如:不安全地使用数据、将危险参数传递给函数以及泄漏敏感信息。 diff --git a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md index d6ae1c8097..c8f214deae 100644 --- a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md +++ b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md @@ -46,9 +46,16 @@ By default, the code scanning alerts page is filtered to show alerts for the def {% else %} ![List of alerts from {% data variables.product.prodname_code_scanning %}](/assets/images/enterprise/3.1/help/repository/code-scanning-click-alert.png) {% endif %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} + {% data reusables.code-scanning.alert-default-branch %} + ![The "Affected branches" section in an alert](/assets/images/help/repository/code-scanning-affected-branches.png){% endif %} 1. Optionally, if the alert highlights a problem with data flow, click **Show paths** to display the path from the data source to the sink where it's used. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![The "Show paths" link on an alert](/assets/images/help/repository/code-scanning-show-paths.png) -1. Alerts from {% data variables.product.prodname_codeql %} analysis include a description of the problem. Click **Show more** for guidance on how to fix your code. + {% else %} + ![The "Show paths" link on an alert](/assets/images/enterprise/3.4/repository/code-scanning-show-paths.png) + {% endif %} +2. Alerts from {% data variables.product.prodname_codeql %} analysis include a description of the problem. Click **Show more** for guidance on how to fix your code. ![Details for an alert](/assets/images/help/repository/code-scanning-alert-details.png) For more information, see "[About {% data variables.product.prodname_code_scanning %} alerts](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts)." @@ -80,6 +87,10 @@ The benefit of using keyword filters is that only values with results are shown If you enter multiple filters, the view will show alerts matching _all_ these filters. For example, `is:closed severity:high branch:main` will only display closed high-severity alerts that are present on the `main` branch. The exception is filters relating to refs (`ref`, `branch` and `pr`): `is:open branch:main branch:next` will show you open alerts from both the `main` branch and the `next` branch. +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.filter-non-default-branches %} +{% endif %} + {% ifversion fpt or ghes > 3.3 or ghec %} You can prefix the `tag` filter with `-` to exclude results with that tag. For example, `-tag:style` only shows alerts that do not have the `style` tag{% if codeql-ml-queries %} and `-tag:experimental` will omit all experimental alerts. For more information, see "[About {% data variables.product.prodname_code_scanning %} alerts](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts#about-experimental-alerts)."{% else %}.{% endif %} @@ -96,10 +107,12 @@ You can use the "Only alerts in application code" filter or `autofilter:true` ke You can search the list of alerts. This is useful if there is a large number of alerts in your repository, or if you don't know the exact name for an alert for example. {% data variables.product.product_name %} performs the free text search across: - The name of the alert -- The alert description - The alert details (this also includes the information hidden from view by default in the **Show more** collapsible section) - + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![The alert information used in searches](/assets/images/help/repository/code-scanning-free-text-search-areas.png) + {% else %} + ![The alert information used in searches](/assets/images/enterprise/3.4/repository/code-scanning-free-text-search-areas.png) + {% endif %} | Supported search | Syntax example | Results | | ---- | ---- | ---- | @@ -113,7 +126,7 @@ You can search the list of alerts. This is useful if there is a large number of **Tips:** - The multiple word search is equivalent to an OR search. -- The AND search will return results where the search terms are found _anywhere_, in any order in the alert name, description, or details. +- The AND search will return results where the search terms are found _anywhere_, in any order in the alert name or details. {% endtip %} @@ -143,7 +156,7 @@ If you have write permission for a repository, you can view fixed alerts by view You can use{% ifversion fpt or ghes > 3.1 or ghae or ghec %} the free text search or{% endif %} the filters to display a subset of alerts and then in turn mark all matching alerts as closed. -Alerts may be fixed in one branch but not in another. You can use the "Branch" drop-down menu, on the summary of alerts, to check whether an alert is fixed in a particular branch. +Alerts may be fixed in one branch but not in another. You can use the "Branch" filter, on the summary of alerts, to check whether an alert is fixed in a particular branch. {% ifversion fpt or ghes > 3.1 or ghae or ghec %} ![Filtering alerts by branch](/assets/images/help/repository/code-scanning-branch-filter.png) @@ -151,6 +164,9 @@ Alerts may be fixed in one branch but not in another. You can use the "Branch" d ![Filtering alerts by branch](/assets/images/enterprise/3.1/help/repository/code-scanning-branch-filter.png) {% endif %} +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.filter-non-default-branches %} +{% endif %} ## Dismissing or deleting alerts There are two ways of closing an alert. You can fix the problem in the code, or you can dismiss the alert. Alternatively, if you have admin permissions for the repository, you can delete alerts. Deleting alerts is useful in situations where you have set up a {% data variables.product.prodname_code_scanning %} tool and then decided to remove it, or where you have configured {% data variables.product.prodname_codeql %} analysis with a larger set of queries than you want to continue using, and you've then removed some queries from the tool. In both cases, deleting alerts allows you to clean up your {% data variables.product.prodname_code_scanning %} results. You can delete alerts from the summary list within the **Security** tab. diff --git a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md index 5923e8163b..14334f73bd 100644 --- a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md +++ b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md @@ -39,7 +39,11 @@ You can use more than one issue to track the same {% data variables.product.prod - A "tracked in" section will also show in the corresponding alert page. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![Tracked in section on code scanning alert page](/assets/images/help/repository/code-scanning-alert-tracked-in-pill.png) + {% else %} + ![Tracked in section on code scanning alert page](/assets/images/enterprise/3.4/repository/code-scanning-alert-tracked-in-pill.png) + {% endif %} - On the tracking issue, {% data variables.product.prodname_dotcom %} displays a security badge icon in the task list and on the hovercard. @@ -64,7 +68,12 @@ The status of the tracked alert won't change if you change the checkbox state of {% data reusables.code-scanning.explore-alert %} 1. Optionally, to find the alert to track, you can use the free-text search or the drop-down menus to filter and locate the alert. 更多信息请参阅“[管理仓库的代码扫描警报](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#filtering-code-scanning-alerts)”。 {% endif %} -1. Towards the top of the page, on the right side, click **Create issue**. ![Create a tracking issue for the code scanning alert](/assets/images/help/repository/code-scanning-create-issue-for-alert.png) +1. Towards the top of the page, on the right side, click **Create issue**. + {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} + ![Create a tracking issue for the code scanning alert](/assets/images/help/repository/code-scanning-create-issue-for-alert.png) + {% else %} + ![Create a tracking issue for the code scanning alert](/assets/images/enterprise/3.4/repository/code-scanning-create-issue-for-alert.png) + {% endif %} {% data variables.product.prodname_dotcom %} automatically creates an issue to track the alert and adds the alert as a task list item. {% data variables.product.prodname_dotcom %} prepopulates the issue: - The title contains the name of the {% data variables.product.prodname_code_scanning %} alert. diff --git a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md index 4ad7244942..1177c8d437 100644 --- a/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md +++ b/translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests.md @@ -74,10 +74,17 @@ topics: 要查看有关警报的更多信息,拥有写入权限的用户可单击注释中所示的 **Show more details(显示更多详情)**链接。 这允许您在警报视图中查看工具提供的所有上下文和元数据。 在下例中,您可以查看显示问题的严重性、类型和相关通用缺陷枚举 (CWE) 的标记。 该视图还显示哪个提交引入了问题。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} +{% data reusables.code-scanning.alert-default-branch %} +{% endif %} + 在警报的详细视图中,有些 {% data variables.product.prodname_code_scanning %} 工具,例如 {% data variables.product.prodname_codeql %} 分析,还包括问题描述和 **Show more(显示更多)**链接以指导您如何修复代码。 +{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-6249 %} ![显示更多信息的警报说明和链接](/assets/images/help/repository/code-scanning-pr-alert.png) - +{% else %} +![显示更多信息的警报说明和链接](/assets/images/enterprise/3.4/repository/code-scanning-pr-alert.png) +{% endif %} ## 修复拉取请求上的警报 任何对拉取请求具有推送权限的人都可以修复在该拉取请求上已识别的 {% data variables.product.prodname_code_scanning %} 警报。 如果将更改提交到拉取请求,这将触发拉取请求检查的新运行。 如果您的更改修复了问题,则警报将被关闭,注释将被删除。 diff --git a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md similarity index 94% rename from translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md rename to translations/zh-CN/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md index 52b0aa9c64..da996b60cc 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/about-dependabot-alerts.md @@ -1,11 +1,12 @@ --- -title: About alerts for vulnerable dependencies +title: About Dependabot alerts intro: '{% data variables.product.product_name %} sends {% data variables.product.prodname_dependabot_alerts %} when we detect vulnerabilities affecting your repository.' redirect_from: - /articles/about-security-alerts-for-vulnerable-dependencies - /github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies - /github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies - /code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies versions: fpt: '*' ghes: '*' @@ -81,7 +82,7 @@ For repositories where {% data variables.product.prodname_dependabot_security_up ## Access to {% data variables.product.prodname_dependabot_alerts %} -You can see all of the alerts that affect a particular project{% ifversion fpt or ghec %} on the repository's Security tab or{% endif %} in the repository's dependency graph. For more information, see "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." +You can see all of the alerts that affect a particular project{% ifversion fpt or ghec %} on the repository's Security tab or{% endif %} in the repository's dependency graph. For more information, see "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." By default, we notify people with admin permissions in the affected repositories about new {% data variables.product.prodname_dependabot_alerts %}. {% ifversion fpt or ghec %}{% data variables.product.product_name %} never publicly discloses identified vulnerabilities for any repository. You can also make {% data variables.product.prodname_dependabot_alerts %} visible to additional people or teams working repositories that you own or have admin permissions for. For more information, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)." {% endif %} @@ -95,5 +96,5 @@ You can also see all the {% data variables.product.prodname_dependabot_alerts %} ## Further reading - "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" -- "[Viewing and updating vulnerable dependencies in your repository](/articles/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% endif %} +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/articles/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% endif %} {% ifversion fpt or ghec %}- "[Privacy on {% data variables.product.prodname_dotcom %}](/get-started/privacy-on-github)"{% endif %} diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md similarity index 95% rename from content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md rename to translations/zh-CN/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md index 635a4f5cce..98741cedb4 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database.md @@ -6,6 +6,7 @@ miniTocMaxHeadingLevel: 3 redirect_from: - /github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database - /code-security/supply-chain-security/browsing-security-vulnerabilities-in-the-github-advisory-database + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database versions: fpt: '*' ghec: '*' @@ -35,7 +36,7 @@ The {% data variables.product.prodname_advisory_database %} contains a list of k We carefully review each advisory for validity. Each {% data variables.product.company_short %}-reviewed advisory has a full description, and contains both ecosystem and package information. -If you enable {% data variables.product.prodname_dependabot_alerts %} for your repositories, you are automatically notified when a new {% data variables.product.company_short %}-reviewed advisory affects packages you depend on. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." +If you enable {% data variables.product.prodname_dependabot_alerts %} for your repositories, you are automatically notified when a new {% data variables.product.company_short %}-reviewed advisory affects packages you depend on. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." ### About unreviewed advisories @@ -107,7 +108,7 @@ You can search the database, and use qualifiers to narrow your search. For examp ## Viewing your vulnerable repositories -For any {% data variables.product.company_short %}-reviewed advisory in the {% data variables.product.prodname_advisory_database %}, you can see which of your repositories are affected by that security vulnerability. To see a vulnerable repository, you must have access to {% data variables.product.prodname_dependabot_alerts %} for that repository. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)." +For any {% data variables.product.company_short %}-reviewed advisory in the {% data variables.product.prodname_advisory_database %}, you can see which of your repositories are affected by that security vulnerability. To see a vulnerable repository, you must have access to {% data variables.product.prodname_dependabot_alerts %} for that repository. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)." 1. Navigate to https://github.com/advisories. 2. Click an advisory. diff --git a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md similarity index 90% rename from translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md rename to translations/zh-CN/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md index 3fe7596f1a..a270357bdd 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts.md @@ -1,10 +1,11 @@ --- -title: 配置有漏洞依赖项的通知 -shortTitle: 配置通知 +title: Configuring notifications for Dependabot alerts +shortTitle: Configure notifications intro: '优化接收 {% data variables.product.prodname_dependabot_alerts %} 相关通知的方式。' redirect_from: - /github/managing-security-vulnerabilities/configuring-notifications-for-vulnerable-dependencies - /code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies versions: fpt: '*' ghes: '*' @@ -59,7 +60,7 @@ topics: ## 如何减少有漏洞依赖项通知的干扰 -如果您想要收到太多 {% data variables.product.prodname_dependabot_alerts %} 的通知,我们建议您选择加入每周的电子邮件摘要,或者在保持 {% data variables.product.prodname_dependabot_alerts %} 启用时关闭通知。 您仍可导航到仓库的 Security(安全性)选项卡查看 {% data variables.product.prodname_dependabot_alerts %}。 更多信息请参阅“[查看和更新仓库中的漏洞依赖项](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)”。 +如果您想要收到太多 {% data variables.product.prodname_dependabot_alerts %} 的通知,我们建议您选择加入每周的电子邮件摘要,或者在保持 {% data variables.product.prodname_dependabot_alerts %} 启用时关闭通知。 您仍可导航到仓库的 Security(安全性)选项卡查看 {% data variables.product.prodname_dependabot_alerts %}。 For more information, see "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." ## 延伸阅读 diff --git a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md similarity index 94% rename from translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md rename to translations/zh-CN/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md index 09844722d3..4de0302510 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md @@ -3,6 +3,7 @@ title: Editing security advisories in the GitHub Advisory Database intro: 'You can submit improvements to any advisory published in the {% data variables.product.prodname_advisory_database %}.' redirect_from: - /code-security/security-advisories/editing-security-advisories-in-the-github-advisory-database + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database versions: fpt: '*' ghec: '*' diff --git a/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/index.md b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/index.md new file mode 100644 index 0000000000..e35a7af049 --- /dev/null +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/index.md @@ -0,0 +1,24 @@ +--- +title: Identifying vulnerabilities in your project's dependencies with Dependabot alerts +shortTitle: Dependabot 警报 +intro: '{% data variables.product.prodname_dependabot %} generates {% data variables.product.prodname_dependabot_alerts %} when known vulnerabilites are detected in dependencies that your project uses.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +topics: + - Dependabot + - Alerts + - Vulnerabilities + - Repositories + - Dependencies +children: + - /browsing-security-vulnerabilities-in-the-github-advisory-database + - /editing-security-advisories-in-the-github-advisory-database + - /about-dependabot-alerts + - /viewing-and-updating-dependabot-alerts + - /configuring-notifications-for-dependabot-alerts +--- + diff --git a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md similarity index 94% rename from translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md rename to translations/zh-CN/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md index ee55d28884..e185a70656 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md @@ -1,12 +1,13 @@ --- -title: 查看和更新仓库中有漏洞的依赖项 +title: Viewing and updating Dependabot alerts intro: '如果 {% data variables.product.product_name %} 发现项目中存在有漏洞的依赖项,您可以在仓库的 Dependabot 警报选项卡中查看它们。 然后,您可以更新项目以解决或忽略漏洞。' redirect_from: - /articles/viewing-and-updating-vulnerable-dependencies-in-your-repository - /github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository - /code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository permissions: Repository administrators and organization owners can view and update dependencies. -shortTitle: 查看有漏洞的依赖项 +shortTitle: View Dependabot alerts versions: fpt: '*' ghes: '*' @@ -25,7 +26,7 @@ topics: {% data reusables.dependabot.beta-security-and-version-updates %} {% data reusables.dependabot.enterprise-enable-dependabot %} -仓库的 {% data variables.product.prodname_dependabot_alerts %} 选项卡列出所有打开和关闭的 {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt or ghec or ghes > 3.2 %} 以及对应的 {% data variables.product.prodname_dependabot_security_updates %}{% endif %}。 可以{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} 按程序包、生态系统或清单筛选警报。 您还可以{% endif %} 对警报列表进行排序,单击特定警报以获取更多详细信息。 更多信息请参阅“[关于易受攻击的依赖项的警报](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)”。 +仓库的 {% data variables.product.prodname_dependabot_alerts %} 选项卡列出所有打开和关闭的 {% data variables.product.prodname_dependabot_alerts %}{% ifversion fpt or ghec or ghes > 3.2 %} 以及对应的 {% data variables.product.prodname_dependabot_security_updates %}{% endif %}。 可以{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %} 按程序包、生态系统或清单筛选警报。 您还可以{% endif %} 对警报列表进行排序,单击特定警报以获取更多详细信息。 更多信息请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %} 警报](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)”。 {% ifversion fpt or ghec or ghes > 3.2 %} 您可以为使用 {% data variables.product.prodname_dependabot_alerts %} 和依赖关系图的任何仓库启用自动安全更新。 更多信息请参阅“[关于 {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)“。 @@ -98,7 +99,7 @@ topics: ## 延伸阅读 -- "[关于有漏洞依赖项的警报](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" {% ifversion fpt or ghec or ghes > 3.2 %} +- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} - "[配置 {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)"{% endif %} - "[管理仓库的安全和分析设置](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" - "[漏洞依赖项检测疑难解答](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} diff --git a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md b/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md similarity index 92% rename from translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md rename to translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md index b283a4b5e0..278efb2684 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md @@ -6,6 +6,7 @@ redirect_from: - /github/managing-security-vulnerabilities/about-github-dependabot-security-updates - /github/managing-security-vulnerabilities/about-dependabot-security-updates - /code-security/supply-chain-security/about-dependabot-security-updates + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates versions: fpt: '*' ghec: '*' @@ -27,7 +28,7 @@ topics: ## About {% data variables.product.prodname_dependabot_security_updates %} -{% data variables.product.prodname_dependabot_security_updates %} make it easier for you to fix vulnerable dependencies in your repository. If you enable this feature, when a {% data variables.product.prodname_dependabot %} alert is raised for a vulnerable dependency in the dependency graph of your repository, {% data variables.product.prodname_dependabot %} automatically tries to fix it. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" and "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." +{% data variables.product.prodname_dependabot_security_updates %} make it easier for you to fix vulnerable dependencies in your repository. If you enable this feature, when a {% data variables.product.prodname_dependabot %} alert is raised for a vulnerable dependency in the dependency graph of your repository, {% data variables.product.prodname_dependabot %} automatically tries to fix it. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" and "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." {% data variables.product.prodname_dotcom %} may send {% data variables.product.prodname_dependabot_alerts %} to repositories affected by a vulnerability disclosed by a recently published {% data variables.product.prodname_dotcom %} security advisory. {% data reusables.security-advisory.link-browsing-advisory-db %} diff --git a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md b/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md similarity index 91% rename from translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md rename to translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md index 40c479eb51..6cc5ca642c 100644 --- a/translations/es-ES/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates.md @@ -9,6 +9,7 @@ redirect_from: - /github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates - /github/managing-security-vulnerabilities/configuring-dependabot-security-updates - /code-security/supply-chain-security/configuring-dependabot-security-updates + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates versions: fpt: '*' ghec: '*' @@ -37,7 +38,7 @@ You can disable {% data variables.product.prodname_dependabot_security_updates % ## Supported repositories -{% data variables.product.prodname_dotcom %} automatically enables {% data variables.product.prodname_dependabot_security_updates %} for every repository that meets these prerequisites. +{% data variables.product.prodname_dotcom %} automatically enables {% data variables.product.prodname_dependabot_security_updates %} for every repository that meets these prerequisites. {% note %} @@ -59,7 +60,7 @@ If security updates are not enabled for your repository and you don't know why, You can enable or disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository (see below). -You can also enable or disable {% data variables.product.prodname_dependabot_security_updates %} for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." +You can also enable or disable {% data variables.product.prodname_dependabot_security_updates %} for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." {% data variables.product.prodname_dependabot_security_updates %} require specific repository settings. For more information, see "[Supported repositories](#supported-repositories)." @@ -68,12 +69,12 @@ You can also enable or disable {% data variables.product.prodname_dependabot_sec {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-security-and-analysis %} -1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot %} security updates", click **Enable** or **Disable**. +1. Under "Code security and analysis", to the right of "{% data variables.product.prodname_dependabot %} security updates", click **Enable** to enable the feature or **Disable** to disable it. {% ifversion fpt or ghec %}For public repositories, the button is disabled if the feature is always enabled.{% endif %} {% ifversion fpt or ghec %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/help/repository/enable-dependabot-security-updates-button.png){% else %}!["Code security and analysis" section with button to enable {% data variables.product.prodname_dependabot_security_updates %}](/assets/images/enterprise/3.3/repository/security-and-analysis-disable-or-enable-ghes.png){% endif %} ## Further reading -- "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec %} +- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec %} - "[Managing data use settings for your private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)"{% endif %} - "[Supported package ecosystems](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)" diff --git a/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/index.md b/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/index.md new file mode 100644 index 0000000000..13456e36d9 --- /dev/null +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-security-updates/index.md @@ -0,0 +1,20 @@ +--- +title: Automatically updating dependencies with known vulnerabilities with Dependabot security updates +intro: '{% data variables.product.prodname_dependabot %} can help you fix vulnerable dependencies by automatically raising pull requests to update dependencies to secure versions.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Security updates + - Dependencies + - Pull requests +shortTitle: Dependabot 安全更新 +children: + - /about-dependabot-security-updates + - /configuring-dependabot-security-updates +--- + diff --git a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md similarity index 87% rename from translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md rename to translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md index 91c9ecf6da..195a53404f 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md @@ -8,6 +8,7 @@ redirect_from: - /github/administering-a-repository/about-dependabot-version-updates - /code-security/supply-chain-security/about-dependabot-version-updates - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/upgrading-from-dependabotcom-to-github-native-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates versions: fpt: '*' ghec: '*' @@ -31,7 +32,7 @@ shortTitle: Dependabot 版本更新 通过将配置文件检入仓库,可启用 {% data variables.product.prodname_dependabot_version_updates %}。 配置文件指定存储在仓库中的清单或其他包定义文件的位置。 {% data variables.product.prodname_dependabot %} 使用此信息来检查过时的软件包和应用程序。 {% data variables.product.prodname_dependabot %} 确定依赖项是否有新版本,它通过查看依赖的语义版本 ([semver](https://semver.org/)) 来决定是否应更新该版本。 对于某些软件包管理器,{% data variables.product.prodname_dependabot_version_updates %} 也支持供应。 供应(或缓存)的依赖项是检入仓库中特定目录的依赖项,而不是在清单中引用的依赖项。 即使包服务器不可用,供应的依赖项在生成时也可用。 {% data variables.product.prodname_dependabot_version_updates %} 可以配置为检查为新版本供应的依赖项,并在必要时更新它们。 -当 {% data variables.product.prodname_dependabot %} 发现过时的依赖项时,它会发起拉取请求以将清单更新到依赖项的最新版本。 对于供应和依赖项,{% data variables.product.prodname_dependabot %} 提出拉取请求以直接将过时的依赖项替换为新版本。 检查测试是否通过,查看拉取请求摘要中包含的更改日志和发行说明,然后合并它。 更多信息请参阅“[启用和禁用 {% data variables.product.prodname_dependabot %} 版本更新](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)”。 +当 {% data variables.product.prodname_dependabot %} 发现过时的依赖项时,它会发起拉取请求以将清单更新到依赖项的最新版本。 对于供应和依赖项,{% data variables.product.prodname_dependabot %} 提出拉取请求以直接将过时的依赖项替换为新版本。 检查测试是否通过,查看拉取请求摘要中包含的更改日志和发行说明,然后合并它。 更多信息请参阅“[配置 {% data variables.product.prodname_dependabot %} 版本更新](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)”。 如果启用_安全更新_,{% data variables.product.prodname_dependabot %} 还会发起拉取请求以更新易受攻击依赖项。 更多信息请参阅“[关于 {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)”。 @@ -50,7 +51,7 @@ shortTitle: Dependabot 版本更新 ## 支持的仓库和生态系统 -您可以为包含其中一个受支持包管理器的依赖项清单或锁定文件的仓库配置版本更新。 对于某些软件包管理器,您也可以配置依赖项的供应。 更多信息请参阅“[依赖项更新的配置选项](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#vendor)。” +您可以为包含其中一个受支持包管理器的依赖项清单或锁定文件的仓库配置版本更新。 对于某些软件包管理器,您也可以配置依赖项的供应。 For more information, see "[Configuration options for the dependabot.yml file](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#vendor)." {% note %} {% data reusables.dependabot.private-dependencies-note %} diff --git a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md similarity index 96% rename from translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md rename to translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md index 3d87ddd386..3d8268b8f5 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md @@ -1,10 +1,12 @@ --- -title: 依赖项更新的配置选项 +title: Configuration options for the dependabot.yml file intro: '可用于自定义 {% data variables.product.prodname_dependabot %} 如何维护仓库的所有选项的详细信息。' permissions: 'People with write permissions to a repository can configure {% data variables.product.prodname_dependabot %} for the repository.' +allowTitleToDifferFromFilename: true redirect_from: - /github/administering-a-repository/configuration-options-for-dependency-updates - /code-security/supply-chain-security/configuration-options-for-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates miniTocMaxHeadingLevel: 3 versions: fpt: '*' @@ -17,7 +19,7 @@ topics: - Repositories - Dependencies - Pull requests -shortTitle: 配置选项 +shortTitle: Configure dependabot.yml --- {% data reusables.dependabot.beta-security-and-version-updates %} @@ -27,7 +29,7 @@ shortTitle: 配置选项 {% data variables.product.prodname_dependabot %} 配置文件 *dependabot.yml* 使用 YAML 语法。 如果您是 YAML 的新用户并想要了解更多信息,请参阅“[五分钟了解 YAML](https://www.codeproject.com/Articles/1214409/Learn-YAML-in-five-minutes)”。 -必须将此文件存储在仓库的 `.github` 目录中。 添加或更新 *dependabot.yml* 文件时,这将触发对版本更新的立即检查。 有关详细信息和示例,请参阅“[启用和禁用 {% data variables.product.prodname_dependabot %} 版本更新](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-dependabot-version-updates)”。 +必须将此文件存储在仓库的 `.github` 目录中。 添加或更新 *dependabot.yml* 文件时,这将触发对版本更新的立即检查。 For more information and an example, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-dependabot-version-updates)." 下次安全警报触发安全更新的拉取请求时将使用所有同时影响安全更新的选项。 更多信息请参阅“[配置 {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)。” @@ -170,7 +172,7 @@ updates: {% note %} -**注意**:`时间表` 定义 {% data variables.product.prodname_dependabot %} 尝试更新的时间。 但是,这不是您可收到拉取请求的唯一时间。 更新可基于 `dependabot.yml` 文件的更改、更新失败后清单文件的更改或 {% data variables.product.prodname_dependabot_security_updates %} 触发。 更多信息请参阅“[{% data variables.product.prodname_dependabot %} 拉取请求的频率](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates#frequency-of-dependabot-pull-requests)”和“[关于 {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)”。 +**注意**:`时间表` 定义 {% data variables.product.prodname_dependabot %} 尝试更新的时间。 但是,这不是您可收到拉取请求的唯一时间。 更新可基于 `dependabot.yml` 文件的更改、更新失败后清单文件的更改或 {% data variables.product.prodname_dependabot_security_updates %} 触发。 For more information, see "[Frequency of {% data variables.product.prodname_dependabot %} pull requests](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates#frequency-of-dependabot-pull-requests)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." {% endnote %} @@ -307,7 +309,7 @@ updates: 您可以搜索仓库中是否有 `"@dependabot ignore" in:comments`,以检查仓库是否存储了 `ignore` 首选项。 如果您希望取消忽略以这种方式忽略的依赖项,请重新打开拉取请求。 -有关 `@dependabot ignore` 命令的更多信息,请参阅“[管理依赖关系更新的拉取请求](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)”。 +For more information about the `@dependabot ignore` commands, see "[Managing pull requests for dependency updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)." #### 指定要忽略的依赖项和版本 diff --git a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md similarity index 91% rename from translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md rename to translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md index 0377f112cf..6ab566601b 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates.md @@ -1,11 +1,12 @@ --- -title: Enabling and disabling Dependabot version updates +title: Configuring Dependabot version updates intro: '您可以配置仓库,以便 {% data variables.product.prodname_dependabot %} 自动更新您使用的包。' permissions: 'People with write permissions to a repository can enable or disable {% data variables.product.prodname_dependabot_version_updates %} for the repository.' redirect_from: - /github/administering-a-repository/enabling-and-disabling-version-updates - /code-security/supply-chain-security/enabling-and-disabling-version-updates - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-version-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates versions: fpt: '*' ghec: '*' @@ -17,7 +18,7 @@ topics: - Repositories - Dependencies - Pull requests -shortTitle: 启用和禁用更新 +shortTitle: Configure version updates --- @@ -34,7 +35,7 @@ shortTitle: 启用和禁用更新 ## 启用 {% data variables.product.prodname_dependabot_version_updates %} -{% data reusables.dependabot.create-dependabot-yml %}有关信息,请参阅“[依赖项更新的配置选项](/github/administering-a-repository/configuration-options-for-dependency-updates)”。 +{% data reusables.dependabot.create-dependabot-yml %} For information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates)." 1. 添加 `version`。 1. (可选)如果您在私人注册表中包含依赖项,请添加包含身份验证详细信息的 `registries` 部分。 1. 添加 `updates` 部分,并输入您希望 {% data variables.product.prodname_dependabot %} 监控的每个包管理器的条目。 @@ -138,4 +139,4 @@ updates: update-types: ["version-update:semver-patch"] ``` -有关检查现有忽略首选项的更多信息,请参阅“[依赖项更新的配置选项](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)。” +For more information about checking for existing ignore preferences, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)." diff --git a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md similarity index 91% rename from translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md rename to translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md index 2fc3408d85..6bff12e745 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates.md @@ -5,6 +5,7 @@ permissions: 'People with write permissions to a repository can configure {% dat redirect_from: - /github/administering-a-repository/customizing-dependency-updates - /code-security/supply-chain-security/customizing-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates versions: fpt: '*' ghec: '*' @@ -34,7 +35,7 @@ shortTitle: 自定义更新 - 更改为版本更新打开的拉取请求默认最大数 5:`open-pull-requests-limit` - 打开版本更新的拉取请求以定位特定分支,而不是默认分支:`target-branch` -有关配置选项的详细信息,请参阅“[依赖项更新的配置选项](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)”。 +For more information about the configuration options, see "[Configuration options for the dependabot.yml file](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)." 更新仓库中的 *dependabot.yml* 文件时,{% data variables.product.prodname_dependabot %} 使用新配置即刻进行检查。 几分钟内,您将在 **{% data variables.product.prodname_dependabot %}** 选项卡上看到更新的依赖项列表,如果仓库有很多依赖项,可能需要更长时间。 您可能还会看到针对版本更新的新拉取请求。 更多信息请参阅“[列出为版本更新配置的依赖项](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates)”。 @@ -140,4 +141,4 @@ updates: ## 更多示例 -更多示例请参阅“[依赖项更新的配置选项](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)。” +For more examples, see "[Configuration options for the dependabot.yml file](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates)." diff --git a/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/index.md b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/index.md new file mode 100644 index 0000000000..84e6ced50b --- /dev/null +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/index.md @@ -0,0 +1,26 @@ +--- +title: Keeping your dependencies updated automatically with Dependabot version updates +intro: 'You can use {% data variables.product.prodname_dependabot %} to automatically keep the dependencies and packages used in your repository updated to the latest version, even when they don’t have any known vulnerabilities.' +allowTitleToDifferFromFilename: true +redirect_from: + - /github/administering-a-repository/keeping-your-dependencies-updated-automatically + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Version updates + - Dependencies + - Pull requests +children: + - /about-dependabot-version-updates + - /configuring-dependabot-version-updates + - /listing-dependencies-configured-for-version-updates + - /customizing-dependency-updates + - /configuration-options-for-the-dependabot.yml-file +shortTitle: Dependabot 版本更新 +--- + diff --git a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md similarity index 83% rename from translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md rename to translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md index 566aaa88d8..4f734ca024 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates.md @@ -4,6 +4,7 @@ intro: '您可以查看由 {% data variables.product.prodname_dependabot %} 监 redirect_from: - /github/administering-a-repository/listing-dependencies-configured-for-version-updates - /code-security/supply-chain-security/listing-dependencies-configured-for-version-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates versions: fpt: '*' ghec: '*' @@ -22,7 +23,7 @@ shortTitle: 列出已配置的依赖项 ## 查看由 {% data variables.product.prodname_dependabot %} 监视的依赖项 -启用版本更新后,可以使用仓库依赖关系图中的 **{% data variables.product.prodname_dependabot %}** 选项卡确认配置是否正确。 更多信息请参阅“[启用和禁用 {% data variables.product.prodname_dependabot %} 版本更新](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)”。 +启用版本更新后,可以使用仓库依赖关系图中的 **{% data variables.product.prodname_dependabot %}** 选项卡确认配置是否正确。 更多信息请参阅“[配置 {% data variables.product.prodname_dependabot %} 版本更新](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)”。 {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.accessing-repository-graphs %} diff --git a/translations/zh-CN/content/code-security/dependabot/index.md b/translations/zh-CN/content/code-security/dependabot/index.md new file mode 100644 index 0000000000..cb1f4984f9 --- /dev/null +++ b/translations/zh-CN/content/code-security/dependabot/index.md @@ -0,0 +1,23 @@ +--- +title: Keeping your supply chain secure with Dependabot +shortTitle: Dependabot +intro: 'Monitor vulnerabilities in dependencies used in your project{% ifversion fpt or ghec or ghes > 3.2 %} and keep your dependencies up-to-date{% endif %} with {% data variables.product.prodname_dependabot %}.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +topics: + - Dependabot + - Alerts + - Vulnerabilities + - Repositories + - Dependencies +children: + - /dependabot-alerts + - /dependabot-security-updates + - /dependabot-version-updates + - /working-with-dependabot +--- + diff --git a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md similarity index 99% rename from content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md rename to translations/zh-CN/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md index 9b97e577a9..d819a42fad 100644 --- a/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md +++ b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions.md @@ -17,6 +17,8 @@ topics: - Dependencies - Pull requests shortTitle: Use Dependabot with Actions +redirect_from: + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions --- {% data reusables.dependabot.beta-security-and-version-updates %} diff --git a/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/index.md b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/index.md new file mode 100644 index 0000000000..2ff0dbc0da --- /dev/null +++ b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/index.md @@ -0,0 +1,24 @@ +--- +title: Working with Dependabot +shortTitle: Work with Dependabot +intro: 'Guidance and recommendations for working with {% data variables.product.prodname_dependabot %}, such as managing pull requests raised by {% data variables.product.prodname_dependabot %}, using {% data variables.product.prodname_actions %} with {% data variables.product.prodname_dependabot %}, and troubleshooting {% data variables.product.prodname_dependabot %} errors.' +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +topics: + - Repositories + - Dependabot + - Version updates + - Security updates + - Dependencies + - Pull requests +children: + - /managing-pull-requests-for-dependency-updates + - /automating-dependabot-with-github-actions + - /keeping-your-actions-up-to-date-with-dependabot + - /managing-encrypted-secrets-for-dependabot + - /troubleshooting-the-detection-of-vulnerable-dependencies + - /troubleshooting-dependabot-errors +--- + diff --git a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md similarity index 88% rename from translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md rename to translations/zh-CN/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md index 7261cc6b3b..e373bef51a 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md +++ b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md @@ -5,6 +5,7 @@ redirect_from: - /github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot - /github/administering-a-repository/keeping-your-actions-up-to-date-with-dependabot - /code-security/supply-chain-security/keeping-your-actions-up-to-date-with-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot versions: fpt: '*' ghec: '*' @@ -36,7 +37,7 @@ Actions are often updated with bug fixes and new features to make automated proc 1. Set a `schedule.interval` to specify how often to check for new versions. {% data reusables.dependabot.check-in-dependabot-yml %} If you have edited an existing file, save your changes. -You can also enable {% data variables.product.prodname_dependabot_version_updates %} on forks. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-version-updates-on-forks)." +You can also enable {% data variables.product.prodname_dependabot_version_updates %} on forks. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates#enabling-version-updates-on-forks)." ### Example *dependabot.yml* file for {% data variables.product.prodname_actions %} @@ -57,7 +58,7 @@ updates: ## Configuring {% data variables.product.prodname_dependabot_version_updates %} for actions -When enabling {% data variables.product.prodname_dependabot_version_updates %} for actions, you must specify values for `package-ecosystem`, `directory`, and `schedule.interval`. There are many more optional properties that you can set to further customize your version updates. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates)." +When enabling {% data variables.product.prodname_dependabot_version_updates %} for actions, you must specify values for `package-ecosystem`, `directory`, and `schedule.interval`. There are many more optional properties that you can set to further customize your version updates. For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates)." ## Further reading diff --git a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md similarity index 93% rename from translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md rename to translations/zh-CN/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md index 93db3c20f5..f55ca00d33 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot.md +++ b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot.md @@ -4,6 +4,7 @@ intro: '您可以将敏感信息(如密码和访问令牌)存储为加密密 redirect_from: - /github/administering-a-repository/managing-encrypted-secrets-for-dependabot - /code-security/supply-chain-security/managing-encrypted-secrets-for-dependabot + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot versions: fpt: '*' ghec: '*' @@ -33,7 +34,7 @@ password: ${{secrets.MY_ARTIFACTORY_PASSWORD}} ``` {% endraw %} -更多信息请参阅“[依赖项更新的配置选项](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)。” +For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." ### 命名您的密码 diff --git a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md similarity index 91% rename from translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md rename to translations/zh-CN/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md index 6c94f6c371..87103c4b1f 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates.md +++ b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md @@ -4,6 +4,7 @@ intro: '您可以按和其他拉取请求大致相同的方式管理 {% data var redirect_from: - /github/administering-a-repository/managing-pull-requests-for-dependency-updates - /code-security/supply-chain-security/managing-pull-requests-for-dependency-updates + - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates versions: fpt: '*' ghec: '*' @@ -41,7 +42,7 @@ shortTitle: 管理 Dependabot PR ## 更改 {% data variables.product.prodname_dependabot %} 拉取请求的变基策略 -默认情况下,{% data variables.product.prodname_dependabot %} 会自动为拉取请求变基,以解决各种冲突。 如果您喜欢手动处理合并冲突,可以使用 `rebase-strategy` 选项禁用此功能。 详情请参阅“[依赖项更新的配置选项](/github/administering-a-repository/configuration-options-for-dependency-updates#rebase-strategy)。” +默认情况下,{% data variables.product.prodname_dependabot %} 会自动为拉取请求变基,以解决各种冲突。 如果您喜欢手动处理合并冲突,可以使用 `rebase-strategy` 选项禁用此功能。 For details, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#rebase-strategy)." ## 管理带注释命令的 {% data variables.product.prodname_dependabot %} 拉取请求 @@ -62,4 +63,4 @@ shortTitle: 管理 Dependabot PR {% data variables.product.prodname_dependabot %} 将用“竖起大拇指”表情符号来确认命令,并可能对拉取请求发表评论。 {% data variables.product.prodname_dependabot %} 通常快速响应,但如果 {% data variables.product.prodname_dependabot %} 正在忙于处理其他更新或命令,一些命令可能需要几分钟才能完成。 -如果您通过运行任何命令来忽略依赖项或版本,{% data variables.product.prodname_dependabot %} 将集中存储仓库的首选项。 虽然这是一种快速解决方案,但对于拥有多个参与者的仓库而言,最好是显式定义要在配置文件中忽略的依赖项和版本。 这样可以让所有参与者都能轻松了解某个特定依赖项为什么无法自动更新。 更多信息请参阅“[依赖项更新的配置选项](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)。” +如果您通过运行任何命令来忽略依赖项或版本,{% data variables.product.prodname_dependabot %} 将集中存储仓库的首选项。 虽然这是一种快速解决方案,但对于拥有多个参与者的仓库而言,最好是显式定义要在配置文件中忽略的依赖项和版本。 这样可以让所有参与者都能轻松了解某个特定依赖项为什么无法自动更新。 For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#ignore)." diff --git a/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md new file mode 100644 index 0000000000..bfadb577b7 --- /dev/null +++ b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors.md @@ -0,0 +1,129 @@ +--- +title: 排查 Dependabot 错误 +intro: '有时,{% data variables.product.prodname_dependabot %} 无法提出拉取请求以更新依赖项。 您可以查看错误并取消阻止 {% data variables.product.prodname_dependabot %}。' +shortTitle: 排查错误 +redirect_from: + - /github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors + - /github/managing-security-vulnerabilities/troubleshooting-dependabot-errors + - /code-security/supply-chain-security/troubleshooting-dependabot-errors + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors +versions: + fpt: '*' + ghec: '*' + ghes: '>3.2' +type: how_to +topics: + - Dependabot + - Security updates + - Version updates + - Repositories + - Pull requests + - Troubleshooting + - Errors + - Dependencies +--- + +{% data reusables.dependabot.beta-security-and-version-updates %} + +{% data reusables.dependabot.enterprise-enable-dependabot %} + +## 关于 {% data variables.product.prodname_dependabot %} 错误 + +{% data reusables.dependabot.pull-request-introduction %} + +如果有任何因素阻止 {% data variables.product.prodname_dependabot %} 提出拉取请求,则报告为错误。 + +## 使用 {% data variables.product.prodname_dependabot_security_updates %} 调查错误 + +当 {% data variables.product.prodname_dependabot %} 被阻止创建拉取请求以修复 {% data variables.product.prodname_dependabot %} 警报时,它会在警报上发布错误消息。 {% data variables.product.prodname_dependabot_alerts %} 视图显示尚未解决的所有警报列表。 要访问警报视图,请单击仓库 **Security(安全)**选项卡上的 **{% data variables.product.prodname_dependabot_alerts %}**。 如果旨在修复有漏洞依赖项的拉取请求已生成,则警报将包括指向该拉取请求的链接。 + +![{% data variables.product.prodname_dependabot_alerts %} 视图显示拉取请求链接](/assets/images/help/dependabot/dependabot-alert-pr-link.png) + +有三个原因可能导致警报中没有拉取请求链接: + +1. {% data variables.product.prodname_dependabot_security_updates %} 未对仓库启用。 +1. 警报针对未在锁文件中显式定义的间接或过渡依赖项。 +1. 某个错误阻止了 {% data variables.product.prodname_dependabot %} 创建拉取请求。 + +如果某个错误阻止了 {% data variables.product.prodname_dependabot %} 创建拉取请求,您可以通过单击警报来显示错误详情。 + +## 使用 {% data variables.product.prodname_dependabot_version_updates %} 调查错误 + +当 {% data variables.product.prodname_dependabot %} 被阻止创建拉取请求以更新生态系统中的依赖项时,它将在清单文件中发布错误图标。 由 {% data variables.product.prodname_dependabot %} 管理的清单文件列于 {% data variables.product.prodname_dependabot %} 选项卡上。 要访问此选项卡,请在仓库的 **Insights(洞察)**选项卡上单击 **Dependency graph(依赖项图)**,然后单击 **{% data variables.product.prodname_dependabot %}** 选项卡。 + +![{% data variables.product.prodname_dependabot %} 视图显示错误](/assets/images/help/dependabot/dependabot-tab-view-error.png) + +{% ifversion fpt or ghec %} + +要查看任何清单文件的日志文件,请单击 **Last checked TIME ago(上次检查时间以前)**链接。 当您显示一个带有错误符号的清单(例如上面截图中的 Maven)的日志文件时,也会显示任何错误。 + +![{% data variables.product.prodname_dependabot %} 版本更新错误和日志 ](/assets/images/help/dependabot/dependabot-version-update-error.png) + +{% else %} + +若要查看任何清单文件的日志,请单击**上次检查时间前**链接,然后单击 **View logs(查看日志)**。 + +![{% data variables.product.prodname_dependabot %} 版本更新错误和日志 ](/assets/images/enterprise/3.3/dependabot/dependabot-version-update-error.png) + +{% endif %} + +## 了解 {% data variables.product.prodname_dependabot %} 错误 + +安全更新拉取请求用于将有漏洞依赖项升级到包含漏洞修复的最低版本。 而版本更新拉取请求用于将依赖项升级到包清单文件和 {% data variables.product.prodname_dependabot %} 配置文件允许的最新版本。 因此,某些错误特定于一种类型的更新。 + +### {% data variables.product.prodname_dependabot %} 无法将依赖项更新到无漏洞版本 + +**仅限安全更新。** {% data variables.product.prodname_dependabot %} 无法创建拉取请求以将有漏洞依赖项更新到安全版本,而又不破坏此仓库依赖项图中的其他依赖项。 + +每个具有依赖项的应用程序都有一个依赖关系图,即应用程序直接或间接依赖的每个包版本的定向非循环图。 每次更新依赖项时,必须解决此图,否则将无法构建应用程序。 当生态系统具有深刻而复杂的依赖关系图(例如 npm 和 RubyGems)时,如果不升级整个生态系统,往往难以升级单个依赖项。 + +避免这个问题的最佳办法是跟上最新发布的版本,例如启用版本更新。 这增加了通过不破坏依赖关系图的简单升级解决一个依赖项中的漏洞的可能性。 更多信息请参阅“[配置 {% data variables.product.prodname_dependabot %} 版本更新](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)”。 + +### {% data variables.product.prodname_dependabot %} 无法更新到所需的版本,因为已经为最新版本打开了拉取请求 + +**仅限安全更新。** {% data variables.product.prodname_dependabot %} 不会创建拉取请求以将有漏洞依赖项更新到安全版本,因为已存在更新此依赖项的打开拉取请求。 如果在一个依赖项中检测到漏洞,但已经存在将该依赖项更新到最新版本的打开拉取请求时,您将会看到此错误。 + +有两个选项:您可以查看打开的拉取请求,确认更改安全后合并它,或者关闭该拉取请求并触发新的安全更新拉取请求。 更多信息请参阅“[手动触发 {% data variables.product.prodname_dependabot %} 拉取请求](#triggering-a-dependabot-pull-request-manually)”。 + +### {% data variables.product.prodname_dependabot %} 在更新过程中超时 + +{% data variables.product.prodname_dependabot %} 评估所需更新和准备拉取请求所用的时间超过了允许的最大时间。 此错误一般只出现在具有许多清单文件的大型仓库,例如具有数百个 *package.json* 文件的 npm 或 yarn 单仓库项目。 对 Composer 生态系统的更新也需要较长的时间来评估,可能会超时。 + +此错误难以解决。 如果版本更新超时,您可以使用 `allow` 参数来指定更新最重要的依赖项,或者使用 `ignore` 参数从更新中排除某些依赖项。 更新配置可能使 {% data variables.product.prodname_dependabot %} 能够在规定时间内检查版本更新并生成请求。 + +如果安全更新超时,您可以通过保持依赖项更新(例如,启用版本更新)来减少更新需要。 更多信息请参阅“[配置 {% data variables.product.prodname_dependabot %} 版本更新](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)”。 + +### {% data variables.product.prodname_dependabot %} 无法再打开拉取请求 + +{% data variables.product.prodname_dependabot %} 生成的打开拉取请求数量存在限制。 如果达到此限制,将无法打开新的拉取请求,并报告此错误。 解决此错误的最佳方法是审查并合并一些打开的拉取请求。 + +安全性和版本更新拉取请求有各自的限制,因此打开版本更新拉取请求不会阻止安全更新拉取请求的创建。 安全更新拉取请求的限制是 10。 默认情况下,版本更新的限制是 5,但您可以使用配置文件中的 `open-pull-requests-limit` 参数来更改它。 For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit)." + +解决此错误的最佳方法是合并或关闭一些现有拉取请求,然后手动触发新的拉取请求。 更多信息请参阅“[手动触发 {% data variables.product.prodname_dependabot %} 拉取请求](#triggering-a-dependabot-pull-request-manually)”。 + +### {% data variables.product.prodname_dependabot %} 无法解析或访问您的依赖项 + +如果 {% data variables.product.prodname_dependabot %} 尝试检查是否需要更新仓库中的依赖项引用,但无法访问一个或多个依赖项文件,则操作将失败,并返回错误消息“{% data variables.product.prodname_dependabot %} can't resolve your LANGUAGE dependency files(无法解析语言依赖项文件)”。 API 错误类型为 `git_dependencies_not_reachable`。 + +同样,如果 {% data variables.product.prodname_dependabot %} 不能访问依赖项所在的私有包注册表,则会产生以下错误之一: + +* "Dependabot can't reach a dependency in a private package registry"
(Dependabot 无法连接私有包注册表中的依赖项) (API 错误类型:`private_source_not_reachable`) +* "Dependabot can't authenticate to a private package registry"
(Dependabot 无法向私有包注册表验证) (API 错误类型:`private_source_authentication_failure`) +* "Dependabot timed out while waiting for a private package registry"
(Dependabot 在等待私有包注册表时超时) (API 错误类型:`private_source_timed_out`) +* "Dependabot couldn't validate the certificate for a private package registry"
(Dependabot 无法验证私有包注册表的证书) (API 错误类型:`private_source_certificate_failure`) + +要让 {% data variables.product.prodname_dependabot %} 成功更新依赖项引用,请确保所有引用依赖项都托管在可访问的位置。 + +**仅限版本更新。**{% data reusables.dependabot.private-dependencies-note %} 此外,{% data variables.product.prodname_dependabot %} 不支持所有包管理器的 {% data variables.product.prodname_dotcom %} 私有依赖项。 更多信息请参阅“[关于 Dependabot 版本更新](/github/administering-a-repository/about-dependabot-version-updates#supported-repositories-and-ecosystems)”。 + +## 手动触发 {% data variables.product.prodname_dependabot %} 拉取请求 + +如果取消阻止了 {% data variables.product.prodname_dependabot %},您可以手动触发新的尝试来创建拉取请求。 + +- **Security updates**—display the {% data variables.product.prodname_dependabot %} alert that shows the error you have fixed and click **Create {% data variables.product.prodname_dependabot %} security update**. +- **版本更新**—在仓库的 **Insights(洞察)**选项卡上单击 **Dependency graph(依赖项图)**,然后单击 **Dependabot** 选项卡。 单击 **Last checked *TIME* ago**(上次检查时间以前),查看 {% data variables.product.prodname_dependabot %} 在上次检查版本更新时生成的日志文件。 单击 **Check for Updates(检查更新)**。 + +## 延伸阅读 + +- "[Troubleshooting the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)" +- "[漏洞依赖项检测疑难解答](/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies)" diff --git a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md similarity index 70% rename from translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md rename to translations/zh-CN/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md index 4a967cf2fb..722d2e48bd 100644 --- a/translations/ja-JP/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md +++ b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies.md @@ -1,10 +1,11 @@ --- title: Troubleshooting the detection of vulnerable dependencies intro: 'If the dependency information reported by {% data variables.product.product_name %} is not what you expected, there are a number of points to consider, and various things you can check.' -shortTitle: Troubleshoot detection +shortTitle: Troubleshoot vulnerability detection redirect_from: - /github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies - /code-security/supply-chain-security/troubleshooting-the-detection-of-vulnerable-dependencies + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies versions: fpt: '*' ghes: '*' @@ -19,26 +20,31 @@ topics: - Security updates - Dependencies - Vulnerabilities - - Dependency graph - - Alerts - CVEs - Repositories --- {% data reusables.dependabot.beta-security-and-version-updates %} - -The results of dependency detection reported by {% data variables.product.product_name %} may be different from the results returned by other tools. There are good reasons for this and it's helpful to understand how {% data variables.product.prodname_dotcom %} determines dependencies for your project. +{% data reusables.dependabot.result-discrepancy %} ## Why do some dependencies seem to be missing? {% data variables.product.prodname_dotcom %} generates and displays dependency data differently than other tools. Consequently, if you've been using another tool to identify dependencies you will almost certainly see different results. Consider the following: * {% data variables.product.prodname_advisory_database %} is one of the data sources that {% data variables.product.prodname_dotcom %} uses to identify vulnerable dependencies. It's a free, curated database of vulnerability information for common package ecosystems on {% data variables.product.prodname_dotcom %}. It includes both data reported directly to {% data variables.product.prodname_dotcom %} from {% data variables.product.prodname_security_advisories %}, as well as official feeds and community sources. This data is reviewed and curated by {% data variables.product.prodname_dotcom %} to ensure that false or unactionable information is not shared with the development community. {% data reusables.security-advisory.link-browsing-advisory-db %} -* The dependency graph parses all known package manifest files in a user’s repository. For example, for npm it will parse the _package-lock.json_ file. It constructs a graph of all of the repository’s dependencies and public dependents. This happens when you enable the dependency graph and when anyone pushes to the default branch, and it includes commits that makes changes to a supported manifest format. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)." -* {% data variables.product.prodname_dependabot %} scans any push, to the default branch, that contains a manifest file. When a new vulnerability record is added, it scans all existing repositories and generates an alert for each vulnerable repository. {% data variables.product.prodname_dependabot_alerts %} are aggregated at the repository level, rather than creating one alert per vulnerability. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." +* The dependency graph parses all known package manifest files in a user’s repository. For example, for npm it will parse the _package-lock.json_ file. It constructs a graph of all of the repository’s dependencies and public dependents. This happens when you enable the dependency graph and when anyone pushes to the default branch, and it includes commits that makes changes to a supported manifest format. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)" and "[Troubleshooting the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)." +* {% data variables.product.prodname_dependabot %} scans any push, to the default branch, that contains a manifest file. When a new vulnerability record is added, it scans all existing repositories and generates an alert for each vulnerable repository. {% data variables.product.prodname_dependabot_alerts %} are aggregated at the repository level, rather than creating one alert per vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." * {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} are triggered when you receive an alert about a vulnerable dependency in your repository. Where possible, {% data variables.product.prodname_dependabot %} creates a pull request in your repository to upgrade the vulnerable dependency to the minimum possible secure version needed to avoid the vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" and "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)." - {% endif %}{% data variables.product.prodname_dependabot %} doesn't scan repositories for vulnerable dependencies on a schedule, but rather when something changes. For example, a scan is triggered when a new dependency is added ({% data variables.product.prodname_dotcom %} checks for this on every push), or when a new vulnerability is added to the advisory database{% ifversion ghes or ghae-issue-4864 %} and synchronized to {% data variables.product.product_location %}{% endif %}. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)." + {% endif %}{% data variables.product.prodname_dependabot %} doesn't scan repositories for vulnerable dependencies on a schedule, but rather when something changes. For example, a scan is triggered when a new dependency is added ({% data variables.product.prodname_dotcom %} checks for this on every push), or when a new vulnerability is added to the advisory database{% ifversion ghes or ghae-issue-4864 %} and synchronized to {% data variables.product.product_location %}{% endif %}. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)." + +## Do {% data variables.product.prodname_dependabot_alerts %} only relate to vulnerable dependencies in manifests and lockfiles? + +{% data variables.product.prodname_dependabot_alerts %} advise you about dependencies you should update, including transitive dependencies, where the version can be determined from a manifest or a lockfile. {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} only suggest a change where {% data variables.product.prodname_dependabot %} can directly "fix" the dependency, that is, when these are: +* Direct dependencies explicitly declared in a manifest or lockfile +* Transitive dependencies declared in a lockfile{% endif %} + +**Check**: Is the uncaught vulnerability for a component that's not specified in the repository's manifest or lockfile? ## Why don't I get vulnerability alerts for some ecosystems? @@ -48,44 +54,6 @@ It's worth noting that {% data variables.product.prodname_dotcom %} Security Adv **Check**: Does the uncaught vulnerability apply to an unsupported ecosystem? -## Does the dependency graph only find dependencies in manifests and lockfiles? - -The dependency graph includes information on dependencies that are explicitly declared in your environment. That is, dependencies that are specified in a manifest or a lockfile. The dependency graph generally also includes transitive dependencies, even when they aren't specified in a lockfile, by looking at the dependencies of the dependencies in a manifest file. - -{% data variables.product.prodname_dependabot_alerts %} advise you about dependencies you should update, including transitive dependencies, where the version can be determined from a manifest or a lockfile. {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} only suggest a change where {% data variables.product.prodname_dependabot %} can directly "fix" the dependency, that is, when these are: -* Direct dependencies explicitly declared in a manifest or lockfile -* Transitive dependencies declared in a lockfile{% endif %} - -The dependency graph doesn't include "loose" dependencies. "Loose" dependencies are individual files that are copied from another source and checked into the repository directly or within an archive (such as a ZIP or JAR file), rather than being referenced by in a package manager’s manifest or lockfile. - -**Check**: Is the uncaught vulnerability for a component that's not specified in the repository's manifest or lockfile? - -## Does the dependency graph detect dependencies specified using variables? - -The dependency graph analyzes manifests as they’re pushed to {% data variables.product.prodname_dotcom %}. The dependency graph doesn't, therefore, have access to the build environment of the project, so it can't resolve variables used within manifests. If you use variables within a manifest to specify the name, or more commonly the version of a dependency, then that dependency will not be included in the dependency graph. - -**Check**: Is the missing dependency declared in the manifest by using a variable for its name or version? - -## Are there limits which affect the dependency graph data? - -Yes, the dependency graph has two categories of limits: - -1. **Processing limits** - - These affect the dependency graph displayed within {% data variables.product.prodname_dotcom %} and also prevent {% data variables.product.prodname_dependabot_alerts %} being created. - - Manifests over 0.5 MB in size are only processed for enterprise accounts. For other accounts, manifests over 0.5 MB are ignored and will not create {% data variables.product.prodname_dependabot_alerts %}. - - By default, {% data variables.product.prodname_dotcom %} will not process more than 20 manifests per repository. {% data variables.product.prodname_dependabot_alerts %} are not created for manifests beyond this limit. If you need to increase the limit, contact {% data variables.contact.contact_support %}. - -2. **Visualization limits** - - These affect what's displayed in the dependency graph within {% data variables.product.prodname_dotcom %}. However, they don't affect the {% data variables.product.prodname_dependabot_alerts %} that are created. - - The Dependencies view of the dependency graph for a repository only displays 100 manifests. Typically this is adequate as it is significantly higher than the processing limit described above. In situations where the processing limit is over 100, {% data variables.product.prodname_dependabot_alerts %} are still created for any manifests that are not shown within {% data variables.product.prodname_dotcom %}. - -**Check**: Is the missing dependency in a manifest file that's over 0.5 MB, or in a repository with a large number of manifests? - ## Does {% data variables.product.prodname_dependabot %} generate alerts for vulnerabilities that have been known for many years? The {% data variables.product.prodname_advisory_database %} was launched in November 2019, and initially back-filled to include vulnerability information for the supported ecosystems, starting from 2017. When adding CVEs to the database, we prioritize curating newer CVEs, and CVEs affecting newer versions of software. @@ -118,7 +86,8 @@ The {% data variables.product.prodname_dependabot_alerts %} count in {% data var ## Further reading -- "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" -- "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" -- "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" +- "[Troubleshooting the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph)"{% ifversion fpt or ghec or ghes > 3.2 %} - "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"{% endif %} diff --git a/translations/zh-CN/content/code-security/getting-started/github-security-features.md b/translations/zh-CN/content/code-security/getting-started/github-security-features.md index 19655b0a18..21c6e0e3f7 100644 --- a/translations/zh-CN/content/code-security/getting-started/github-security-features.md +++ b/translations/zh-CN/content/code-security/getting-started/github-security-features.md @@ -37,7 +37,7 @@ Privately discuss and fix security vulnerabilities in your repository's code. Yo ### {% data variables.product.prodname_dependabot_alerts %} and security updates -View alerts about dependencies that are known to contain security vulnerabilities, and choose whether to have pull requests generated automatically to update these dependencies. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" +View alerts about dependencies that are known to contain security vulnerabilities, and choose whether to have pull requests generated automatically to update these dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." {% endif %} @@ -46,7 +46,7 @@ and "[About {% data variables.product.prodname_dependabot_security_updates %}](/ {% data reusables.dependabot.dependabot-alerts-beta %} -View alerts about dependencies that are known to contain security vulnerabilities, and manage these alerts. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." +View alerts about dependencies that are known to contain security vulnerabilities, and manage these alerts. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)." {% endif %} {% ifversion fpt or ghec or ghes > 3.2 %} diff --git a/translations/zh-CN/content/code-security/getting-started/securing-your-organization.md b/translations/zh-CN/content/code-security/getting-started/securing-your-organization.md index bd40761fce..667abbef44 100644 --- a/translations/zh-CN/content/code-security/getting-started/securing-your-organization.md +++ b/translations/zh-CN/content/code-security/getting-started/securing-your-organization.md @@ -48,7 +48,7 @@ You can create a default security policy that will display in any of your organi {% data reusables.dependabot.dependabot-alerts-beta %} {% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} -For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)," "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)," and "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." +For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)," "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)," and "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." {% endif %} {% ifversion fpt or ghes > 3.1 or ghae-issue-4864 or ghec %} @@ -79,7 +79,7 @@ For more information, see "[About {% data variables.product.prodname_dependabot_ You can enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/about-dependabot-version-updates)." -To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." {% endif %} @@ -135,7 +135,7 @@ For more information, see "[Managing security and analysis settings for your org ## Next steps {% ifversion fpt or ghes > 3.1 or ghec %}You can view, filter, and sort security alerts for repositories owned by your organization in the security overview. For more information, see "[About the security overview](/code-security/security-overview/about-the-security-overview)."{% endif %} -You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing and updating vulnerable dependencies in your repository](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." +You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." {% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)." {% endif %} diff --git a/translations/zh-CN/content/code-security/getting-started/securing-your-repository.md b/translations/zh-CN/content/code-security/getting-started/securing-your-repository.md index 293eb3185b..1073b342f8 100644 --- a/translations/zh-CN/content/code-security/getting-started/securing-your-repository.md +++ b/translations/zh-CN/content/code-security/getting-started/securing-your-repository.md @@ -75,7 +75,7 @@ For more information, see "[Exploring the dependencies of a repository](/code-se {% data reusables.dependabot.dependabot-alerts-beta %} {% data reusables.dependabot.dependabot-alerts-dependency-graph-enterprise %} -For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt or ghec %}" and "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account){% endif %}." +For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies){% ifversion fpt or ghec %}" and "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account){% endif %}." {% endif %} @@ -111,7 +111,7 @@ For more information, see "[About {% data variables.product.prodname_dependabot_ You can enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests to keep your dependencies up-to-date. For more information, see "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/about-dependabot-version-updates)." -To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." +To enable {% data variables.product.prodname_dependabot_version_updates %}, you must create a *dependabot.yml* configuration file. For more information, see "[Configuring {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." {% endif %} @@ -132,7 +132,7 @@ You can set up {% data variables.product.prodname_code_scanning %} to automatica {% endif %} ## Next steps -You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing and updating vulnerable dependencies in your repository](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." +You can view and manage alerts from security features to address dependencies and vulnerabilities in your code. For more information, see {% ifversion fpt or ghes or ghec %} "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/code-security/supply-chain-security/viewing-and-updating-vulnerable-dependencies-in-your-repository),"{% endif %} {% ifversion fpt or ghec or ghes > 3.2 %}"[Managing pull requests for dependency updates](/code-security/supply-chain-security/managing-pull-requests-for-dependency-updates)," {% endif %}"[Managing {% data variables.product.prodname_code_scanning %} for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository)," and "[Managing alerts from {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/managing-alerts-from-secret-scanning)." {% ifversion fpt or ghec %}If you have a security vulnerability, you can create a security advisory to privately discuss and fix the vulnerability. For more information, see "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)" and "[Creating a security advisory](/code-security/security-advisories/creating-a-security-advisory)." {% endif %} diff --git a/translations/zh-CN/content/code-security/guides.md b/translations/zh-CN/content/code-security/guides.md index c82c4b7f45..de54cf01eb 100644 --- a/translations/zh-CN/content/code-security/guides.md +++ b/translations/zh-CN/content/code-security/guides.md @@ -18,6 +18,7 @@ learningTracks: - code_security_actions - code_security_ci - code_security_integration + - end_to_end_supply_chain includeGuides: - /code-security/getting-started/adding-a-security-policy-to-your-repository - /code-security/getting-started/github-security-features @@ -74,7 +75,6 @@ includeGuides: - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates diff --git a/translations/zh-CN/content/code-security/index.md b/translations/zh-CN/content/code-security/index.md index 624ad70c99..06f49ecadb 100644 --- a/translations/zh-CN/content/code-security/index.md +++ b/translations/zh-CN/content/code-security/index.md @@ -19,6 +19,7 @@ featuredLinks: - '{% ifversion ghes < 3.3 or ghae %}/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories{% endif %}' - '{% ifversion ghae %}/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github{% endif %}' - '{% ifversion ghae %}/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system{% endif %}' + - /code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview popular: - '{% ifversion ghes %}/admin/release-notes{% endif %}' - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies @@ -53,6 +54,7 @@ children: - /code-scanning - /repository-security-advisories - /supply-chain-security + - /dependabot - /security-overview - /guides --- diff --git a/translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md b/translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md index 884e8b3e26..9549eaaae2 100644 --- a/translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md +++ b/translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md @@ -31,9 +31,9 @@ If your project communicates with an external service, you might use a token or {% ifversion fpt or ghec %} {% data variables.product.prodname_secret_scanning_caps %} is available on {% data variables.product.prodname_dotcom_the_website %} in two forms: -1. **{% data variables.product.prodname_secret_scanning_partner_caps %}.** Runs automatically on all public repositories. Any strings that match patterns that were provided by secret scanning partners are reported directly to the relvant partner. +1. **{% data variables.product.prodname_secret_scanning_partner_caps %}.** Runs automatically on all public repositories. Any strings that match patterns that were provided by secret scanning partners are reported directly to the relevant partner. -2. **{% data variables.product.prodname_secret_scanning_GHAS_caps %}.** You can enable and configure additional scanning for repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. Any strings that match patterns provided by secret scannng partners, by other service providers, or defined by your organization are reported as alerts in the "Security" tab of repositories. If a string in a public repository matches a partner pattern, it is also reported to the partner. +2. **{% data variables.product.prodname_secret_scanning_GHAS_caps %}.** You can enable and configure additional scanning for repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. Any strings that match patterns provided by secret scanning partners, by other service providers, or defined by your organization, are reported as alerts in the "Security" tab of repositories. If a string in a public repository matches a partner pattern, it is also reported to the partner. {% endif %} Service providers can partner with {% data variables.product.company_short %} to provide their secret formats for scanning. {% data reusables.secret-scanning.partner-program-link %} @@ -48,11 +48,12 @@ You cannot change the configuration of {% data variables.product.prodname_secret {% ifversion fpt %} {% note %} -**Note:** Organizations using {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_GH_advanced_security %} can also enable {% data variables.product.prodname_secret_scanning_GHAS %} on any repository they own, including private repositories. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/secret-security/about-secret-scanning#about-secret-scanning-for-advanced-security). +{% data reusables.secret-scanning.fpt-GHAS-scans %} {% endnote %} {% endif %} + {% endif %} {% ifversion not fpt %} diff --git a/translations/zh-CN/content/code-security/security-overview/about-the-security-overview.md b/translations/zh-CN/content/code-security/security-overview/about-the-security-overview.md index 2fbe1a5db3..474b6ea1a3 100644 --- a/translations/zh-CN/content/code-security/security-overview/about-the-security-overview.md +++ b/translations/zh-CN/content/code-security/security-overview/about-the-security-overview.md @@ -28,7 +28,7 @@ shortTitle: 关于安全概述 您可以使用安全概述来简要了解组织的安全状态,或识别需要干预的问题仓库。 您可以在安全概述中查看综合或存储库特定的安全信息。 您还可以使用安全概述来查看为存储库启用了哪些安全功能,并配置当前未使用的任何可用安全功能。 -安全概述指示是否为组织拥有的存储库启用了 {% ifversion fpt or ghes > 3.1 or ghec %}安全{% endif %}{% ifversion ghae %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} 功能,并合并每个功能的警报。{% ifversion fpt or ghes > 3.1 or ghec %} 安全功能包括 {% data variables.product.prodname_GH_advanced_security %} 功能,例如 {% data variables.product.prodname_code_scanning %} 和 {% data variables.product.prodname_secret_scanning %}以及 {% data variables.product.prodname_dependabot_alerts %}。{% endif %} 有关 {% data variables.product.prodname_GH_advanced_security %} 功能的详细信息,请参阅“[关于 {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)”。{% ifversion fpt or ghes > 3.1 or ghec %} 有关 {% data variables.product.prodname_dependabot_alerts %} 的详细信息,请参阅“[关于易受攻击的依赖项的警报](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)”。{% endif %} +安全概述指示是否为组织拥有的存储库启用了 {% ifversion fpt or ghes > 3.1 or ghec %}安全{% endif %}{% ifversion ghae %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} 功能,并合并每个功能的警报。{% ifversion fpt or ghes > 3.1 or ghec %} 安全功能包括 {% data variables.product.prodname_GH_advanced_security %} 功能,例如 {% data variables.product.prodname_code_scanning %} 和 {% data variables.product.prodname_secret_scanning %}以及 {% data variables.product.prodname_dependabot_alerts %}。{% endif %} 有关 {% data variables.product.prodname_GH_advanced_security %} 功能的详细信息,请参阅“[关于 {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)”。{% ifversion fpt or ghes > 3.1 or ghec %} 有关 {% data variables.product.prodname_dependabot_alerts %} 的详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)”。{% endif %} 有关在存储库和组织级别保护代码的详细信息,请参阅“[保护存储库](/code-security/getting-started/securing-your-repository)”和“[保护组织](/code-security/getting-started/securing-your-organization)”。 @@ -50,13 +50,13 @@ shortTitle: 关于安全概述 ![安全概述中的图标](/assets/images/help/organizations/security-overview-icons.png) -| 图标 | 含义 | -| ------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| {% octicon "code-square" aria-label="Code scanning alerts" %} | {% data variables.product.prodname_code_scanning_capc %} 警报. 更多信息请参阅“[关于 {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/about-code-scanning)”。 | -| {% octicon "key" aria-label="Secret scanning alerts" %} | {% data variables.product.prodname_secret_scanning_caps %} 警报. 更多信息请参阅“[关于 {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/about-secret-scanning)”。 | -| {% octicon "hubot" aria-label="Dependabot alerts" %} | {% data variables.product.prodname_dependabot_alerts %} 的通知。 更多信息请参阅“[关于易受攻击的依赖项的警报](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)”。 | -| {% octicon "check" aria-label="Check" %} | 安全功能已启用,但不会在此存储库中引发警报。 | -| {% octicon "x" aria-label="x" %} | 此存储库不支持该安全功能。 | +| 图标 | 含义 | +| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| {% octicon "code-square" aria-label="Code scanning alerts" %} | {% data variables.product.prodname_code_scanning_capc %} 警报. 更多信息请参阅“[关于 {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/about-code-scanning)”。 | +| {% octicon "key" aria-label="Secret scanning alerts" %} | {% data variables.product.prodname_secret_scanning_caps %} 警报. 更多信息请参阅“[关于 {% data variables.product.prodname_secret_scanning %}](/code-security/secret-security/about-secret-scanning)”。 | +| {% octicon "hubot" aria-label="Dependabot alerts" %} | {% data variables.product.prodname_dependabot_alerts %} 的通知。 更多信息请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %} 警报](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)”。 | +| {% octicon "check" aria-label="Check" %} | 安全功能已启用,但不会在此存储库中引发警报。 | +| {% octicon "x" aria-label="x" %} | 此存储库不支持该安全功能。 | 安全概述显示由安全功能引发的活动警报。 如果仓库的安全概述中没有警报,则可能仍然存在未检测到的安全漏洞或代码错误。 diff --git a/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md b/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md new file mode 100644 index 0000000000..f820d0efb5 --- /dev/null +++ b/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md @@ -0,0 +1,38 @@ +--- +title: Securing your end-to-end supply chain +shortTitle: 概览 +allowTitleToDifferFromFilename: true +intro: 'Introducing best practice guides on complete end-to-end supply chain security including personal accounts, code, and build processes.' +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Organizations + - Teams + - Dependencies + - Advanced Security +--- + +## What is the end-to-end supply chain? + +At its core, end-to-end software supply chain security is about making sure the code you distribute hasn't been tampered with. Previously, attackers focused on targeting dependencies you use, for example libraries and frameworks. Attackers have now expanded their focus to include targeting user accounts and build processes, and so those systems must be defended as well. + +## About these guides + +This series of guides explains how to think about securing your end-to-end supply chain: personal account, code, and build processes. Each guide explains the risk to that area, and introduces the {% data variables.product.product_name %} features that can help you address that risk. + +Everyone's needs are different, so each guide starts with the highest impact change, and continues from there with additional improvements you should consider. You should feel free to skip around and focus on improvements you think will have the biggest benefit. The goal isn't to do everything at once but to continuously improve security in your systems over time. + +- "[Best practices for securing accounts](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)" + +- "[Best practices for securing code in your supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)" + +- "[Best practices for securing your build system](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)" + +## 延伸阅读 + +- [Safeguarding artifact integrity across any software supply chain](https://slsa.dev/) +- [Microsoft Supply Chain Integrity Model](https://github.com/microsoft/scim) +- [Software Supply Chain Security Paper - CNCF Security Technical Advisory Group](https://github.com/cncf/tag-security/blob/main/supply-chain-security/supply-chain-security-paper/CNCF_SSCP_v1.pdf) diff --git a/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md b/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md new file mode 100644 index 0000000000..0cf0b8d7ad --- /dev/null +++ b/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/index.md @@ -0,0 +1,20 @@ +--- +title: End-to-end supply chain +intro: 'How to think about securing your user accounts, your code, and your build process' +versions: + fpt: '*' + ghec: '*' + ghes: '*' +topics: + - Security overview + - Organizations + - Teams + - Dependencies + - Advanced Security +children: + - /end-to-end-supply-chain-overview + - /securing-accounts + - /securing-code + - /securing-builds +--- + diff --git a/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md b/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md new file mode 100644 index 0000000000..ce7f6d5cee --- /dev/null +++ b/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts.md @@ -0,0 +1,137 @@ +--- +title: Best practices for securing accounts +shortTitle: Securing accounts +allowTitleToDifferFromFilename: true +intro: Guidance on how to protect accounts with access to your software supply chain. +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Organizations + - Teams + - SSH + - Security + - Accounts +--- + +## About this guide + +This guide describes the highest impact changes you can make to increase account security. Each section outlines a change you can make to your processes to improve the security. The highest impact changes are listed first. + +## What's the risk? + +Account security is fundamental to the security of your supply chain. If an attacker can take over your account on {% data variables.product.product_name %}, they can then make malicious changes to your code or build process. So your first goal should be to make it difficult for someone to take over your account and the accounts of other {% ifversion ghes %}users{% else %}members{% endif %} of {% ifversion fpt %}your organization{% elsif ghec or ghae %}your organization or enterprise{% elsif ghes %}{% data variables.product.product_location %}{% endif %}. + +{% ifversion ghec or ghes %} +## Centralize authentication +{% endif %} + +{% ifversion ghec %} +If you're an enterprise or organization owner, you can configure centralized authentication with SAML. While you can add or remove members manually, it's simpler and more secure to set up single sign-on (SSO) and SCIM between {% data variables.product.product_name %} and your SAML identity provider (IdP). This also simplifies the authentication process for all members of your enterprise. + +You can configure SAML authentication for an enterprise or organization account. With SAML, you can grant access to the personal accounts of members of your enterprise or organization on {% data variables.product.product_location %} through your IdP, or you can create and control the accounts that belong to your enterprise by using {% data variables.product.prodname_emus %}. For more information, see "[About identity and access management with SAML single sign-on](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)". + +After you configure SAML authentication, when members request access to your resources, they'll be directed to your SSO flow to ensure they are still recognized by your IdP. If they are unrecognized, their request is declined. + +Some IdPs support a protocol called SCIM, which can automatically provision or deprovision access on {% data variables.product.product_name %} when you make changes on your IdP. With SCIM, you can simplify administration as your team grows, and you can quickly revoke access to accounts. SCIM is available for individual organizations on {% data variables.product.product_name %}, or for enterprises that use {% data variables.product.prodname_emus %}. 更多信息请参阅“[关于 SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)”。 +{% endif %} + +{% ifversion ghes %} +If you're the site administrator for {% data variables.product.product_location %}, you can simplify the login experience for users by choosing an authentication method that connects with your existing identity provider (IdP), like CAS, SAML, or LDAP. This means that they no longer need to remember an extra password for {% data variables.product.prodname_dotcom %}. + +Some authentication methods also support communicating additional information to {% data variables.product.product_name %}, for example, what groups the user is a member of, or synchronizing cryptographic keys for the user. This is a great way to simplify your administration as your organization grows. + +For more information on these authentication methods, see "[Using CAS](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-cas)," "[Using SAML](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml)," and "[Using LDAP](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-ldap)." +{% endif %} + +## Configure two-factor authentication + +The best way to improve the security of {% ifversion fpt %}your personal account{% elsif ghes %}your personal account or {% data variables.product.product_location %}{% elsif ghec %}your accounts{% elsif ghae %}your enterprise on {% data variables.product.product_name %}{% endif %} is to configure two-factor authentication (2FA){% ifversion ghae %} on your SAML identity provider (IdP){% endif %}. Passwords by themselves can be compromised by being guessable, by being reused on another site that's been compromised, or by social engineering, like phishing. 2FA makes it much more difficult for your accounts to be compromised, even if an attacker has your password. + +{% ifversion not ghae %} + +{% ifversion ghec %} +If you're an enterprise owner, you may be able to configure a policy to require 2FA for all organizations owned by your enterprise. +{% endif %} + +{% ifversion ghes %} +If you're the site administrator for {% data variables.product.product_location %}, you may be able to configure 2FA for all users of your instance. The availability of 2FA on {% data variables.product.product_name %} depends on the authentication method that you use. For more information, see "[Centralize user authentication](#centralize-user-authentication)." +{% endif %} + +If you're an organization owner, then you {% ifversion fpt %}can{% else %}may be able to{% endif %} require that all members of the organization enable 2FA. + +{% ifversion ghec or ghes %} + +### Configure your enterprise account + +Enterprise owners may be able to require 2FA for all {% ifversion ghes %}users on{% elsif ghec %}members of{% endif %} the {% ifversion ghes %}instance{% elsif ghec %}enterprise{% endif %}. The availability of 2FA policies on {% data variables.product.product_name %} depends on how {% ifversion ghes %}users{% else %}members{% endif %} authenticate to access your {% ifversion ghes %}instance{% elsif ghec %}enterprise's resources{% endif %}. + +{% ifversion ghes %} +- If you sign into {% data variables.product.product_location %} through an external IdP using CAS or SAML SSO, you +{% elsif ghec %} +If your enterprise uses {% data variables.product.prodname_emus %} or SAML authentication is enforced for your enterprise, you +{%- endif %} cannot configure 2FA on {% data variables.product.product_name %}. Someone with administrative access to your IdP must configure 2FA for the IdP. + +{% ifversion ghes %} + +- If you sign into {% data variables.product.product_location %} through an external LDAP directory, you can require 2FA for your enterprise on {% data variables.product.product_name %}. If you allow built-in authentication for users outside of your directory, individual users can enable 2FA, but you cannot require 2FA for your enterprise. + +{% endif %} + +For more information, see {% ifversion ghec %}"[About identity and access management for your enterprise](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-identity-and-access-management-for-your-enterprise)" and {% endif %}"[Enforcing policies for security settings in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#requiring-two-factor-authentication-for-organizations-in-your-enterprise)." + +{% endif %} + +### Configure your personal account + +{% ifversion ghec or ghes %} +{% note %} + +**Note**: Depending on the authentication method that {% ifversion ghec %}an enterprise owner{% elsif ghes %}a site administrator{% endif %} has configured for {% ifversion ghec %}your enterprise on {% endif %}{% data variables.product.product_location %}, you may not be able to enable 2FA for your personal account. + +{% endnote %} +{% endif %} + +{% data variables.product.product_name %} supports several options for 2FA, and while any of them is better than nothing, the most secure option is WebAuthn. WebAuthn requires either a hardware security key or a device that supports it through things like Windows Hello or Mac TouchID. It's possible, although difficult, to phish other forms of 2FA (for example, someone asking you to read them your 6 digit one-time password). However WebAuthn isn't phishable, because domain scoping is built into the protocol, which prevents credentials from a website impersonating a login page from being used on {% data variables.product.product_name %}. + +When you set up 2FA, you should always download the recovery codes and set up more than one factor. This ensures that access to your account doesn't depend on a single device. For more information, see "[Configuring two-factor authentication](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication)," "[Configuring two-factor authentication recovery methods](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication-recovery-methods)," and [GitHub Branded hardware security keys](https://thegithubshop.com/products/github-branded-yubikey) in the GitHub shop. + +### Configure your organization account + +{% ifversion ghec or ghes %} +{% note %} + +**Note**: Depending on the authentication method that {% ifversion ghec %}an enterprise owner{% elsif ghes %}a site administrator{% endif %} has configured for {% ifversion ghec %}your enterprise on {% endif %}{% data variables.product.product_location %}, you may not be able to require 2FA for your organization. + +{% endnote %} +{% endif %} + +If you're an organization owner, you can see which users don't have 2FA enabled, help them get set up, and then require 2FA for your organization. To guide you through that process, see: + +1. "[Viewing whether users in your organization have 2FA enabled](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/viewing-whether-users-in-your-organization-have-2fa-enabled)" +2. "[Preparing to require two-factor authentication in your organization](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/preparing-to-require-two-factor-authentication-in-your-organization)" +3. "[Requiring two-factor authentication in your organization](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization)" + +{% endif %} + +## Connect to {% data variables.product.product_name %} using SSH keys + +There are other ways to interact with {% data variables.product.product_name %} beyond signing into the website. Many people authorize the code they push to {% data variables.product.prodname_dotcom %} with an SSH private key. For more information, see "[About SSH](/authentication/connecting-to-github-with-ssh/about-ssh)." + +Just like your account password, if an attacker were able to get your SSH private key, they could impersonate you and push malicious code to any repository you have write access for. If you store your SSH private key on a disk drive, it's a good idea to protect it with a passphrase. For more information, see "[Working with SSH key passphrases](/authentication/connecting-to-github-with-ssh/working-with-ssh-key-passphrases)." + +Another option is to generate SSH keys on a hardware security key. You could use the same key you're using for 2FA. Hardware security keys are very difficult to compromise remotely, because the private SSH key remains on the hardware, and is not directly accessible from software. For more information, see "[Generating a new SSH key for a hardware security key](/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent#generating-a-new-ssh-key-for-a-hardware-security-key)." + +{% ifversion ghec or ghes or ghae %} +Hardware-backed SSH keys are quite secure, but the hardware requirement might not work for some organizations. An alternative approach is to use SSH keys that are only valid for a short period of time, so even if the private key is compromised it can't be exploited for very long. This is the concept behind running your own SSH certificate authority. While this approach gives you a lot of control over how users authenticate, it also comes with the responsibility of maintaining an SSH certificate authority yourself. For more information, see "[About SSH certificate authorities](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities)." +{% endif %} + +## 后续步骤 + +- "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)" + +- "[Best practices for securing code in your supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)" + +- "[Best practices for securing your build system](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)" diff --git a/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md b/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md new file mode 100644 index 0000000000..21461fe8ea --- /dev/null +++ b/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds.md @@ -0,0 +1,62 @@ +--- +title: Best practices for securing your build system +shortTitle: Securing builds +allowTitleToDifferFromFilename: true +intro: Guidance on how to protect the end of your supply chain—the systems you use to build and distribute artifacts. +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Fundamentals + - Security + - CI + - CD +--- + +## About this guide + +This guide describes the highest impact changes you can make to improve the security of your build systems. Each section outlines a change you can make to your processes to improve security. The highest impact changes are listed first. + +## What's the risk? + +Some attacks on software supply chains target the build system directly. If an attacker can modify the build process, they can exploit your system without the effort of compromising personal accounts or code. It's important to make sure that you don't forget to protect the build system as well as personal accounts and code. + +## Secure your build system + +There are several security capabilities a build system should have: + +1. The build steps should be clear and repeatable. + +2. You should know exactly what was running during the build process. + +3. Each build should start in a fresh environment, so a compromised build doesn't persist to affect future builds. + +{% data variables.product.prodname_actions %} can help you meet these capabilities. Build instructions are stored in your repository, alongside your code. You choose what environment your build runs on, including Windows, Mac, Linux, or runners you host yourself. Each build starts with a fresh virtual environment, making it difficult for an attack to persist in your build environment. + +In addition to the security benefits, {% data variables.product.prodname_actions %} lets you trigger builds manually, periodically, or on git events in your repository for frequent and fast builds. + +{% data variables.product.prodname_actions %} is a big topic, but a good place to get started is "[Understanding GitHub Actions](/actions/learn-github-actions/understanding-github-actions)," as well as "[Choosing GitHub-hosted runners](/actions/using-workflows/workflow-syntax-for-github-actions#choosing-github-hosted-runners)," and "[Triggering a workflow](/actions/using-workflows/triggering-a-workflow)." + +## Sign your builds + +After your build process is secure, you want to prevent someone from tampering with the end result of your build process. A great way to do this is to sign your builds. When distributing software publicly, this is often done with a public/private cryptographic key pair. You use the private key to sign the build, and you publish your public key so users of your software can verify the signature on the build before they use it. If the bytes of the build are modified, the signature will not verify. + +How exactly you sign your build will depend on what sort of code you're writing, and who your users are. Often it's difficult to know how to securely store the private key. One basic option here is to use {% data variables.product.prodname_actions %} encrypted secrets, although you'll need to be careful to limit who has access to those {% data variables.product.prodname_actions %} workflows. {% ifversion fpt or ghec %}If your private key is stored in another system accessible over the public internet (like Microsoft Azure, or HashiCorp Vault), a more advanced option is to authenticate with OpenID Connect, so you don't have to share secrets across systems.{% endif %} If your private key is only accessible from a private network, another option is to use self-hosted runners for {% data variables.product.prodname_actions %}. + +For more information, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)"{% ifversion fpt or ghec %}, "[About security hardening with OpenID Connect](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)",{% endif %} and "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners)." + +## Harden security for {% data variables.product.prodname_actions %} + +There are many further steps you can take to additionally secure {% data variables.product.prodname_actions %}. In particular, be careful when evaluating third-party workflows, and consider using `CODEOWNERS` to limit who can make changes to your workflows. + +For more information, see "[Security hardening for GitHub Actions](/actions/security-guides/security-hardening-for-github-actions);" particularly "[Using third-party actions](/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions)" and "[Using `CODEOWNERS` to monitor changes](/actions/security-guides/security-hardening-for-github-actions#using-codeowners-to-monitor-changes)." + +## 后续步骤 + +- "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)" + +- "[Best practices for securing accounts](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)" + +- "[Best practices for securing code in your supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/securing-code)" diff --git a/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md b/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md new file mode 100644 index 0000000000..f78ce517b6 --- /dev/null +++ b/translations/zh-CN/content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md @@ -0,0 +1,119 @@ +--- +title: Best practices for securing code in your supply chain +shortTitle: Securing code +allowTitleToDifferFromFilename: true +intro: Guidance on how to protect the center of your supply chain—the code you write and the code you depend on. +versions: + fpt: '*' + ghec: '*' + ghes: '*' +type: overview +topics: + - Dependabot + - Security updates + - Vulnerabilities + - Advanced Security + - Secret scanning +--- + +## About this guide + +This guide describes the highest impact changes you can make to improve the security of your code. Each section outlines a change you can make to your processes to improve security. The highest impact changes are listed first. + +## What's the risk? + +Key risks in the development process include: + +- Using dependencies with security vulnerabilities that an attacker could exploit. +- Leaking authentication credentials or a token that an attacker could use to access your resources. +- Introducing a vulnerability to your own code that an attacker could exploit. + +These risks open your resources and projects to attack and those risks are passed directly on to anyone who uses a package that you create. The following sections explain how you can protect yourself and your users from these risks. + +## Create a vulnerability management program for dependencies + +You can secure the code you depend on by creating a vulnerability management program for dependencies. At a high level this should include processes to ensure that you: + +1. Create an inventory of your dependencies. + +2. Know when there is a security vulnerability in a dependency. + +3. Assess the impact of that vulnerability on your code and decide what action to take. + +### Automatic inventory generation + +As a first step, you want to make a complete inventory of your dependencies. The dependency graph for a repository shows you dependencies for supported ecosystems. If you check in your dependencies, or use other ecosystems, you will need to supplement this with data from 3rd party tools or by listing dependencies manually. 更多信息请参阅“[关于依赖关系图](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)”。 + +### Automatic detection of vulnerabilities in dependencies + +{% data variables.product.prodname_dependabot %} can help you by monitoring your dependencies and notifying you when they contain a known vulnerability. {% ifversion fpt or ghec or ghes > 3.2 %}You can even enable {% data variables.product.prodname_dependabot %} to automatically raise pull requests that update the dependency to a secure version.{% endif %} For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} and "[About Dependabot security updates](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)"{% endif %}. + +### Assessment of exposure to risk from a vulnerable dependency + +When you discover you are using a vulnerable dependency, for example, a library or a framework, you must assess your project's level of exposure and determine what action to take. Vulnerabilities are usually reported with a severity score to show how severe their impact could be. The severity score is a useful guide but cannot tell you the full impact of the vulnerability on your code. + +To assess the impact of a vulnerability on your code, you also need to consider how you use the library and determine how much risk that actually poses to your system. Maybe the vulnerability is part of a feature that you don't use, and you can update the affected library and continue with your normal release cycle. Or maybe your code is badly exposed to risk, and you need to update the affected library and ship an updated build right away. This decision depends on how you're using the library in your system, and is a decision that only you have the knowledge to make. + +## Secure your communication tokens + +Code often needs to communicate with other systems over a network, and requires secrets (like a password, or an API key) to authenticate. Your system needs access to those secrets to run, but it's best practice to not include them in your source code. This is especially important for public repositories, but also for private repositories to which many people might have access. + +### Automatic detection of secrets committed to a repository + +{% note %} + +**Note:** {% data reusables.gated-features.secret-scanning-partner %} + +{% endnote %} + +{% data reusables.secret-scanning.enterprise-enable-secret-scanning %} + +{% ifversion fpt or ghec %} +{% data variables.product.prodname_dotcom %} partners with many providers to automatically detect when secrets are committed to or stored in your public repositories, and will notify the provider so they can take appropriate actions to ensure your account remains secure. For more information, see "[About {% data variables.product.prodname_secret_scanning %} for partner patterns](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-partner-patterns)." +{% endif %} + +{% ifversion fpt %} +{% data reusables.secret-scanning.fpt-GHAS-scans %} +{% elsif ghec %} +If your organization uses {% data variables.product.prodname_GH_advanced_security %}, you can enable {% data variables.product.prodname_secret_scanning_GHAS %} on any repository owned by the organization. You can also define custom patterns to detect additional secrets at the repository, organization, or enterprise level. For more information, see "[About {% data variables.product.prodname_secret_scanning_GHAS %}](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-advacned-security)." +{% else %} +You can configure {% data variables.product.prodname_secret_scanning %} to check for secrets issued by many service providers and to notify you when any are detected. You can also define custom patterns to detect additional secrets at the repository, organization, or enterprise level. For more information, see "[About secret scanning](/code-security/secret-scanning/about-secret-scanning)" and "[Secret scanning patterns](/code-security/secret-scanning/secret-scanning-patterns)." +{% endif %} + +{% ifversion fpt or ghec or ghes > 3.2 %} +### Secure storage of secrets you use in {% data variables.product.product_name %} +{% endif %} + +{% ifversion fpt or ghec %} +Besides your code, you probably need to use secrets in other places. For example, to allow {% data variables.product.prodname_actions %} workflows, {% data variables.product.prodname_dependabot %}, or your {% data variables.product.prodname_codespaces %} development environment to communicate with other systems. For more information on how to securely store and use secrets, see "[Encrypted secrets in Actions](/actions/security-guides/encrypted-secrets)," "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)," and "[Managing encrypted secrets for your codespaces](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)." +{% endif %} + +{% ifversion ghes > 3.2 %} +Besides your code, you probably need to use secrets in other places. For example, to allow {% data variables.product.prodname_actions %} workflows or {% data variables.product.prodname_dependabot %} to communicate with other systems. For more information on how to securely store and use secrets, see "[Encrypted secrets in Actions](/actions/security-guides/encrypted-secrets)", and "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)." +{% endif %} + +## Keep vulnerable coding patterns out of your repository + +{% note %} + +**Note:** {% data reusables.gated-features.code-scanning %} + +{% endnote %} + +{% data reusables.code-scanning.enterprise-enable-code-scanning %} + +### Create a pull request review process + +You can improve the quality and security of your code by ensuring that all pull requests are reviewed and tested before they are merged. {% data variables.product.prodname_dotcom %} has many features you can use to control the review and merge process. To get started, see "[About protected branches](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches)." + +### Scan your code for vulnerable patterns + +Insecure code patterns are often difficult for reviewers to spot unaided. In addition to scanning your code for secrets, you can check it for patterns that are associated with security vulnerabilities. For example, a function that isn't memory-safe, or failing to escaping user input that could lead to an injection vulnerability. {% data variables.product.prodname_dotcom %} offers several different ways to approach both how and when you scan your code. To get started, see "[About code scanning](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning)." + +## 后续步骤 + +- "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)" + +- "[Best practices for securing accounts](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)" + +- "[Best practices for securing your build system](/code-security/supply-chain-security/end-to-end-supply-chain/securing-builds)" diff --git a/translations/zh-CN/content/code-security/supply-chain-security/index.md b/translations/zh-CN/content/code-security/supply-chain-security/index.md index 18d4e63a1e..eaeba9aeb4 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/index.md +++ b/translations/zh-CN/content/code-security/supply-chain-security/index.md @@ -16,7 +16,6 @@ topics: - Repositories children: - /understanding-your-software-supply-chain - - /keeping-your-dependencies-updated-automatically - - /managing-vulnerabilities-in-your-projects-dependencies + - /end-to-end-supply-chain --- diff --git a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md b/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md deleted file mode 100644 index 9b97e577a9..0000000000 --- a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions.md +++ /dev/null @@ -1,555 +0,0 @@ ---- -title: Automating Dependabot with GitHub Actions -intro: 'Examples of how you can use {% data variables.product.prodname_actions %} to automate common {% data variables.product.prodname_dependabot %} related tasks.' -permissions: 'People with write permissions to a repository can configure {% data variables.product.prodname_actions %} to respond to {% data variables.product.prodname_dependabot %}-created pull requests.' -miniTocMaxHeadingLevel: 3 -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -type: how_to -topics: - - Actions - - Dependabot - - Version updates - - Security updates - - Repositories - - Dependencies - - Pull requests -shortTitle: Use Dependabot with Actions ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} -{% data reusables.dependabot.enterprise-enable-dependabot %} - -## About {% data variables.product.prodname_dependabot %} and {% data variables.product.prodname_actions %} - -{% data variables.product.prodname_dependabot %} creates pull requests to keep your dependencies up to date, and you can use {% data variables.product.prodname_actions %} to perform automated tasks when these pull requests are created. For example, fetch additional artifacts, add labels, run tests, or otherwise modifying the pull request. - -## Responding to events - -{% data variables.product.prodname_dependabot %} is able to trigger {% data variables.product.prodname_actions %} workflows on its pull requests and comments; however, certain events are treated differently. - -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5792 %} -For workflows initiated by {% data variables.product.prodname_dependabot %} (`github.actor == "dependabot[bot]"`) using the `pull_request`, `pull_request_review`, `pull_request_review_comment`, `push`, `create`, `deployment`, and `deployment_status` events, the following restrictions apply: -{% endif %} - -- {% ifversion ghes = 3.3 %}`GITHUB_TOKEN` has read-only permissions, unless your administrator has removed restrictions.{% else %}`GITHUB_TOKEN` has read-only permissions by default.{% endif %} -- {% ifversion ghes = 3.3 %}Secrets are inaccessible, unless your administrator has removed restrictions.{% else %}Secrets are populated from {% data variables.product.prodname_dependabot %} secrets. {% data variables.product.prodname_actions %} secrets are not available.{% endif %} - -{% ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5792 %} -For workflows initiated by {% data variables.product.prodname_dependabot %} (`github.actor == "dependabot[bot]"`) using the `pull_request_target` event, if the base ref of the pull request was created by {% data variables.product.prodname_dependabot %} (`github.actor == "dependabot[bot]"`), the `GITHUB_TOKEN` will be read-only and secrets are not available. -{% endif %} - -For more information, see ["Keeping your GitHub Actions and workflows secure: Preventing pwn requests"](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/). - -{% ifversion fpt or ghec or ghes > 3.3 %} - -### Changing `GITHUB_TOKEN` permissions - -By default, {% data variables.product.prodname_actions %} workflows triggered by {% data variables.product.prodname_dependabot %} get a `GITHUB_TOKEN` with read-only permissions. You can use the `permissions` key in your workflow to increase the access for the token: - -{% raw %} - -```yaml -name: CI -on: pull_request - -# Set the access for individual scopes, or use permissions: write-all -permissions: - pull-requests: write - issues: write - repository-projects: write - ... - -jobs: - ... -``` - -{% endraw %} - -For more information, see "[Modifying the permissions for the GITHUB_TOKEN](/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token)." - -### Accessing secrets - -When a {% data variables.product.prodname_dependabot %} event triggers a workflow, the only secrets available to the workflow are {% data variables.product.prodname_dependabot %} secrets. {% data variables.product.prodname_actions %} secrets are not available. Consequently, you must store any secrets that are used by a workflow triggered by {% data variables.product.prodname_dependabot %} events as {% data variables.product.prodname_dependabot %} secrets. For more information, see "[Managing encrypted secrets for Dependabot](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot)". - -{% data variables.product.prodname_dependabot %} secrets are added to the `secrets` context and referenced using exactly the same syntax as secrets for {% data variables.product.prodname_actions %}. For more information, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets#using-encrypted-secrets-in-a-workflow)." - -If you have a workflow that will be triggered by {% data variables.product.prodname_dependabot %} and also by other actors, the simplest solution is to store the token with the permissions required in an action and in a {% data variables.product.prodname_dependabot %} secret with identical names. Then the workflow can include a single call to these secrets. If the secret for {% data variables.product.prodname_dependabot %} has a different name, use conditions to specify the correct secrets for different actors to use. For examples that use conditions, see "[Common automations](#common-dependabot-automations)" below. - -To access a private container registry on AWS with a user name and password, a workflow must include a secret for `username` and `password`. In the example below, when {% data variables.product.prodname_dependabot %} triggers the workflow, the {% data variables.product.prodname_dependabot %} secrets with the names `READONLY_AWS_ACCESS_KEY_ID` and `READONLY_AWS_ACCESS_KEY` are used. If another actor triggers the workflow, the actions secrets with those names are used. - -{% raw %} - -```yaml -name: CI -on: - pull_request: - branches: [ main ] - -jobs: - build: - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v2 - - - name: Login to private container registry for dependencies - uses: docker/login-action@v1 - with: - registry: https://1234567890.dkr.ecr.us-east-1.amazonaws.com - username: ${{ secrets.READONLY_AWS_ACCESS_KEY_ID }} - password: ${{ secrets.READONLY_AWS_ACCESS_KEY }} - - - name: Build the Docker image - run: docker build . --file Dockerfile --tag my-image-name:$(date +%s) -``` - -{% endraw %} - -{% endif %} - -{% ifversion ghes = 3.3 %} - -{% note %} - -**Note:** Your site administrator can override these restrictions for {% data variables.product.product_location %}. For more information, see "[Troubleshooting {% data variables.product.prodname_actions %} for your enterprise](/admin/github-actions/advanced-configuration-and-troubleshooting/troubleshooting-github-actions-for-your-enterprise#troubleshooting-failures-when-dependabot-triggers-existing-workflows)." - -If the restrictions are removed, when a workflow is triggered by {% data variables.product.prodname_dependabot %} it will have access to {% data variables.product.prodname_actions %} secrets and can use the `permissions` term to increase the default scope of the `GITHUB_TOKEN` from read-only access. You can ignore the specific steps in the "Handling `pull_request` events" and "Handling `push` events" sections, as it no longer applies. - -{% endnote %} - -### Handling `pull_request` events - -If your workflow needs access to secrets or a `GITHUB_TOKEN` with write permissions, you have two options: using `pull_request_target`, or using two separate workflows. We will detail using `pull_request_target` in this section, and using two workflows below in "[Handling `push` events](#handling-push-events)." - -Below is a simple example of a `pull_request` workflow that might now be failing: - -{% raw %} - -```yaml -### This workflow now has no secrets and a read-only token -name: Dependabot Workflow -on: - pull_request - -jobs: - dependabot: - runs-on: ubuntu-latest - # Always check the actor is Dependabot to prevent your workflow from failing on non-Dependabot PRs - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - uses: actions/checkout@v2 -``` - -{% endraw %} - -You can replace `pull_request` with `pull_request_target`, which is used for pull requests from forks, and explicitly check out the pull request `HEAD`. - -{% warning %} - -**Warning:** Using `pull_request_target` as a substitute for `pull_request` exposes you to insecure behavior. We recommend you use the two workflow method, as described below in "[Handling `push` events](#handling-push-events)." - -{% endwarning %} - -{% raw %} - -```yaml -### This workflow has access to secrets and a read-write token -name: Dependabot Workflow -on: - pull_request_target - -permissions: - # Downscope as necessary, since you now have a read-write token - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - uses: actions/checkout@v2 - with: - # Check out the pull request HEAD - ref: ${{ github.event.pull_request.head.sha }} - github-token: ${{ secrets.GITHUB_TOKEN }} -``` - -{% endraw %} - -It is also strongly recommended that you downscope the permissions granted to the `GITHUB_TOKEN` in order to avoid leaking a token with more privilege than necessary. For more information, see "[Permissions for the `GITHUB_TOKEN`](/actions/reference/authentication-in-a-workflow#permissions-for-the-github_token)." - -### Handling `push` events - -As there is no `pull_request_target` equivalent for `push` events, you will have to use two workflows: one untrusted workflow that ends by uploading artifacts, which triggers a second trusted workflow that downloads artifacts and continues processing. - -The first workflow performs any untrusted work: - -{% raw %} - -```yaml -### This workflow doesn't have access to secrets and has a read-only token -name: Dependabot Untrusted Workflow -on: - push - -jobs: - check-dependabot: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - uses: ... -``` - -{% endraw %} - -The second workflow performs trusted work after the first workflow completes successfully: - -{% raw %} - -```yaml -### This workflow has access to secrets and a read-write token -name: Dependabot Trusted Workflow -on: - workflow_run: - workflows: ["Dependabot Untrusted Workflow"] - types: - - completed - -permissions: - # Downscope as necessary, since you now have a read-write token - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.event.workflow_run.conclusion == 'success' }} - steps: - - uses: ... -``` - -{% endraw %} - -{% endif %} - -### Manually re-running a workflow - -You can also manually re-run a failed Dependabot workflow, and it will run with a read-write token and access to secrets. Before manually re-running a failed workflow, you should always check the dependency being updated to ensure that the change doesn't introduce any malicious or unintended behavior. - -## Common Dependabot automations - -Here are several common scenarios that can be automated using {% data variables.product.prodname_actions %}. - -{% ifversion ghes = 3.3 %} - -{% note %} - -**Note:** If your site administrator has overridden restrictions for {% data variables.product.prodname_dependabot %} on {% data variables.product.product_location %}, you can use `pull_request` instead of `pull_request_target` in the following workflows. - -{% endnote %} - -{% endif %} - -### Fetch metadata about a pull request - -A large amount of automation requires knowing information about the contents of the pull request: what the dependency name was, if it's a production dependency, and if it's a major, minor, or patch update. - -The `dependabot/fetch-metadata` action provides all that information for you: - -{% ifversion ghes = 3.3 %} - -{% raw %} - -```yaml -name: Dependabot fetch metadata -on: pull_request_target - -permissions: - pull-requests: write - issues: write - repository-projects: write - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - name: Dependabot metadata - id: dependabot-metadata - uses: dependabot/fetch-metadata@v1.1.1 - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - # The following properties are now available: - # - steps.dependabot-metadata.outputs.dependency-names - # - steps.dependabot-metadata.outputs.dependency-type - # - steps.dependabot-metadata.outputs.update-type -``` - -{% endraw %} - -{% else %} - -{% raw %} - -```yaml -name: Dependabot fetch metadata -on: pull_request - -permissions: - pull-requests: write - issues: write - repository-projects: write - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - name: Dependabot metadata - id: metadata - uses: dependabot/fetch-metadata@v1.1.1 - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - # The following properties are now available: - # - steps.metadata.outputs.dependency-names - # - steps.metadata.outputs.dependency-type - # - steps.metadata.outputs.update-type -``` - -{% endraw %} - -{% endif %} - -For more information, see the [`dependabot/fetch-metadata`](https://github.com/dependabot/fetch-metadata) repository. - -### Label a pull request - -If you have other automation or triage workflows based on {% data variables.product.prodname_dotcom %} labels, you can configure an action to assign labels based on the metadata provided. - -For example, if you want to flag all production dependency updates with a label: - -{% ifversion ghes = 3.3 %} - -{% raw %} - -```yaml -name: Dependabot auto-label -on: pull_request_target - -permissions: - pull-requests: write - issues: write - repository-projects: write - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - name: Dependabot metadata - id: dependabot-metadata - uses: dependabot/fetch-metadata@v1.1.1 - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: Add a label for all production dependencies - if: ${{ steps.dependabot-metadata.outputs.dependency-type == 'direct:production' }} - run: gh pr edit "$PR_URL" --add-label "production" - env: - PR_URL: ${{github.event.pull_request.html_url}} -``` - -{% endraw %} - -{% else %} - -{% raw %} - -```yaml -name: Dependabot auto-label -on: pull_request - -permissions: - pull-requests: write - issues: write - repository-projects: write - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - name: Dependabot metadata - id: metadata - uses: dependabot/fetch-metadata@v1.1.1 - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: Add a label for all production dependencies - if: ${{ steps.metadata.outputs.dependency-type == 'direct:production' }} - run: gh pr edit "$PR_URL" --add-label "production" - env: - PR_URL: ${{github.event.pull_request.html_url}} -``` - -{% endraw %} - -{% endif %} - -### Approve a pull request - -If you want to automatically approve Dependabot pull requests, you can use the {% data variables.product.prodname_cli %} in a workflow: - -{% ifversion ghes = 3.3 %} - -{% raw %} - -```yaml -name: Dependabot auto-approve -on: pull_request_target - -permissions: - pull-requests: write - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - name: Dependabot metadata - id: dependabot-metadata - uses: dependabot/fetch-metadata@v1.1.1 - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: Approve a PR - run: gh pr review --approve "$PR_URL" - env: - PR_URL: ${{github.event.pull_request.html_url}} - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} -``` - -{% endraw %} - -{% else %} - -{% raw %} - -```yaml -name: Dependabot auto-approve -on: pull_request - -permissions: - pull-requests: write - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - name: Dependabot metadata - id: metadata - uses: dependabot/fetch-metadata@v1.1.1 - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: Approve a PR - run: gh pr review --approve "$PR_URL" - env: - PR_URL: ${{github.event.pull_request.html_url}} - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} -``` - -{% endraw %} - -{% endif %} - -### Enable auto-merge on a pull request - -If you want to auto-merge your pull requests, you can use {% data variables.product.prodname_dotcom %}'s auto-merge functionality. This enables the pull request to be merged when all required tests and approvals are successfully met. For more information on auto-merge, see "[Automatically merging a pull request"](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)." - -Here is an example of enabling auto-merge for all patch updates to `my-dependency`: - -{% ifversion ghes = 3.3 %} - -{% raw %} - -```yaml -name: Dependabot auto-merge -on: pull_request_target - -permissions: - pull-requests: write - contents: write - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - name: Dependabot metadata - id: dependabot-metadata - uses: dependabot/fetch-metadata@v1.1.1 - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: Enable auto-merge for Dependabot PRs - if: ${{contains(steps.dependabot-metadata.outputs.dependency-names, 'my-dependency') && steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch'}} - run: gh pr merge --auto --merge "$PR_URL" - env: - PR_URL: ${{github.event.pull_request.html_url}} - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} -``` - -{% endraw %} - -{% else %} - -{% raw %} - -```yaml -name: Dependabot auto-merge -on: pull_request - -permissions: - pull-requests: write - contents: write - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - name: Dependabot metadata - id: metadata - uses: dependabot/fetch-metadata@v1.1.1 - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: Enable auto-merge for Dependabot PRs - if: ${{contains(steps.metadata.outputs.dependency-names, 'my-dependency') && steps.metadata.outputs.update-type == 'version-update:semver-patch'}} - run: gh pr merge --auto --merge "$PR_URL" - env: - PR_URL: ${{github.event.pull_request.html_url}} - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} -``` - -{% endraw %} - -{% endif %} - -## Troubleshooting failed workflow runs - -If your workflow run fails, check the following: - -{% ifversion ghes = 3.3 %} - -- You are running the workflow only when the correct actor triggers it. -- You are checking out the correct `ref` for your `pull_request`. -- You aren't trying to access secrets from within a Dependabot-triggered `pull_request`, `pull_request_review`, `pull_request_review_comment`, or `push` event. -- You aren't trying to perform any `write` actions from within a Dependabot-triggered `pull_request`, `pull_request_review`, `pull_request_review_comment`, or `push` event. - -{% else %} - -- You are running the workflow only when the correct actor triggers it. -- You are checking out the correct `ref` for your `pull_request`. -- Your secrets are available in {% data variables.product.prodname_dependabot %} secrets rather than as {% data variables.product.prodname_actions %} secrets. -- You have a `GITHUB_TOKEN` with the correct permissions. - -{% endif %} - -For information on writing and debugging {% data variables.product.prodname_actions %}, see "[Learning GitHub Actions](/actions/learn-github-actions)." diff --git a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md b/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md deleted file mode 100644 index 78b4febd91..0000000000 --- a/translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/index.md +++ /dev/null @@ -1,29 +0,0 @@ ---- -title: 自动更新依赖项 -intro: '{% data variables.product.prodname_dependabot %} 可以自动维护您的仓库的依赖项。' -redirect_from: - - /github/administering-a-repository/keeping-your-dependencies-updated-automatically -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -topics: - - Repositories - - Dependabot - - Version updates - - Dependencies - - Pull requests -children: - - /about-dependabot-version-updates - - /enabling-and-disabling-dependabot-version-updates - - /listing-dependencies-configured-for-version-updates - - /managing-pull-requests-for-dependency-updates - - /automating-dependabot-with-github-actions - - /managing-encrypted-secrets-for-dependabot - - /customizing-dependency-updates - - /configuration-options-for-dependency-updates - - /keeping-your-actions-up-to-date-with-dependabot -shortTitle: 自动更新依赖项 ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} diff --git a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md b/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md deleted file mode 100644 index 52b0aa9c64..0000000000 --- a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md +++ /dev/null @@ -1,99 +0,0 @@ ---- -title: About alerts for vulnerable dependencies -intro: '{% data variables.product.product_name %} sends {% data variables.product.prodname_dependabot_alerts %} when we detect vulnerabilities affecting your repository.' -redirect_from: - - /articles/about-security-alerts-for-vulnerable-dependencies - - /github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies - - /github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies - - /code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies -versions: - fpt: '*' - ghes: '*' - ghae: issue-4864 - ghec: '*' -type: overview -topics: - - Dependabot - - Alerts - - Vulnerabilities - - Repositories - - Dependencies -shortTitle: Dependabot alerts ---- - - -## About vulnerable dependencies - -{% data reusables.repositories.a-vulnerability-is %} - -When your code depends on a package that has a security vulnerability, this vulnerable dependency can cause a range of problems for your project or the people who use it. - -## Detection of vulnerable dependencies - -{% data reusables.dependabot.dependabot-alerts-beta %} - -{% data variables.product.prodname_dependabot %} performs a scan to detect vulnerable dependencies and sends {% data variables.product.prodname_dependabot_alerts %} when: - -{% ifversion fpt or ghec %} -- A new vulnerability is added to the {% data variables.product.prodname_advisory_database %}. For more information, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database)" and "[About {% data variables.product.prodname_security_advisories %}](/code-security/security-advisories/about-github-security-advisories)."{% else %} -- New advisory data is synchronized to {% data variables.product.product_location %} each hour from {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.security-advisory.link-browsing-advisory-db %}{% endif %} - {% note %} - - **Note:** Only advisories that have been reviewed by {% data variables.product.company_short %} will trigger {% data variables.product.prodname_dependabot_alerts %}. - - {% endnote %} -- The dependency graph for a repository changes. For example, when a contributor pushes a commit to change the packages or versions it depends on{% ifversion fpt or ghec %}, or when the code of one of the dependencies changes{% endif %}. For more information, see "[About the dependency graph](/code-security/supply-chain-security/about-the-dependency-graph)." - -{% data reusables.repositories.dependency-review %} - -For a list of the ecosystems that {% data variables.product.product_name %} can detect vulnerabilities and dependencies for, see "[Supported package ecosystems](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)." - -{% note %} - -**Note:** It is important to keep your manifest and lock files up to date. If the dependency graph doesn't accurately reflect your current dependencies and versions, then you could miss alerts for vulnerable dependencies that you use. You may also get alerts for dependencies that you no longer use. - -{% endnote %} - -## {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies - -{% data reusables.repositories.enable-security-alerts %} - -{% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom %} detects vulnerable dependencies in _public_ repositories and displays the dependency graph, but does not generate {% data variables.product.prodname_dependabot_alerts %} by default. Repository owners or people with admin access can enable {% data variables.product.prodname_dependabot_alerts %} for public repositories. Owners of private repositories, or people with admin access, can enable {% data variables.product.prodname_dependabot_alerts %} by enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for their repositories. - -You can also enable or disable {% data variables.product.prodname_dependabot_alerts %} for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/github/setting-up-and-managing-your-github-user-account/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." - -For information about access requirements for actions related to {% data variables.product.prodname_dependabot_alerts %}, see "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization#access-requirements-for-security-features)." - -{% data variables.product.product_name %} starts generating the dependency graph immediately and generates alerts for any vulnerable dependencies as soon as they are identified. The graph is usually populated within minutes but this may take longer for repositories with many dependencies. For more information, see "[Managing data use settings for your private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)." -{% endif %} - -When {% data variables.product.product_name %} identifies a vulnerable dependency, we generate a {% data variables.product.prodname_dependabot %} alert and display it {% ifversion fpt or ghec or ghes %} on the Security tab for the repository and{% endif %} in the repository's dependency graph. The alert includes {% ifversion fpt or ghec or ghes %}a link to the affected file in the project, and {% endif %}information about a fixed version. {% data variables.product.product_name %} may also notify the maintainers of affected repositories about the new alert according to their notification preferences. For more information, see "[Configuring notifications for vulnerable dependencies](/code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies)." - -{% ifversion fpt or ghec or ghes > 3.2 %} -For repositories where {% data variables.product.prodname_dependabot_security_updates %} are enabled, the alert may also contain a link to a pull request to update the manifest or lock file to the minimum version that resolves the vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." -{% endif %} - -{% warning %} - -**Note**: {% data variables.product.product_name %}'s security features do not claim to catch all vulnerabilities. Though we are always trying to update our vulnerability database and generate alerts with our most up-to-date information, we will not be able to catch everything or tell you about known vulnerabilities within a guaranteed time frame. These features are not substitutes for human review of each dependency for potential vulnerabilities or any other issues, and we recommend consulting with a security service or conducting a thorough vulnerability review when necessary. - -{% endwarning %} - -## Access to {% data variables.product.prodname_dependabot_alerts %} - -You can see all of the alerts that affect a particular project{% ifversion fpt or ghec %} on the repository's Security tab or{% endif %} in the repository's dependency graph. For more information, see "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)." - -By default, we notify people with admin permissions in the affected repositories about new {% data variables.product.prodname_dependabot_alerts %}. {% ifversion fpt or ghec %}{% data variables.product.product_name %} never publicly discloses identified vulnerabilities for any repository. You can also make {% data variables.product.prodname_dependabot_alerts %} visible to additional people or teams working repositories that you own or have admin permissions for. For more information, see "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)." -{% endif %} - -{% data reusables.notifications.vulnerable-dependency-notification-enable %} -{% data reusables.notifications.vulnerable-dependency-notification-delivery-method-customization2 %} For more information, see "[Configuring notifications for vulnerable dependencies](/code-security/supply-chain-security/configuring-notifications-for-vulnerable-dependencies)." - -You can also see all the {% data variables.product.prodname_dependabot_alerts %} that correspond to a particular vulnerability in the {% data variables.product.prodname_advisory_database %}. {% data reusables.security-advisory.link-browsing-advisory-db %} - -{% ifversion fpt or ghec or ghes > 3.2 %} -## Further reading - -- "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" -- "[Viewing and updating vulnerable dependencies in your repository](/articles/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% endif %} -{% ifversion fpt or ghec %}- "[Privacy on {% data variables.product.prodname_dotcom %}](/get-started/privacy-on-github)"{% endif %} diff --git a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md b/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md deleted file mode 100644 index b7f30cc7b5..0000000000 --- a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies.md +++ /dev/null @@ -1,46 +0,0 @@ ---- -title: 关于管理有漏洞依赖项 -intro: '{% data variables.product.product_name %} 有助于避免使用包含已知漏洞的第三方软件。' -redirect_from: - - /github/managing-security-vulnerabilities/about-managing-vulnerable-dependencies - - /code-security/supply-chain-security/about-managing-vulnerable-dependencies -versions: - fpt: '*' - ghes: '>=3.2' - ghae: issue-4864 - ghec: '*' -type: overview -topics: - - Dependabot - - Dependency graph - - Dependency review - - Vulnerabilities - - Repositories - - Dependencies - - Pull requests -shortTitle: 有漏洞的依赖项 ---- - - - -{% data variables.product.product_name %} 提供以下工具来删除和避免有漏洞依赖项。 - -## 依赖关系图 -依赖项图是存储在仓库中的清单和锁定文件的摘要。 它显示您的代码库所依赖的生态系统和软件包(其依赖项)以及依赖于您的项目的仓库和包(其从属项)。 依赖关系图中的信息用于依赖项审查和 {% data variables.product.prodname_dependabot %}。 更多信息请参阅“[关于依赖关系图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)”。 - -## 依赖项审查 - -{% data reusables.dependency-review.beta %} - -通过检查拉取请求的依赖项审查,可以避免将依赖项的漏洞引入到代码库中。 如果拉取请求添加了有漏洞依赖项,或者将依赖项更改为有漏洞的版本,这将在依赖项审查中高亮显示。 您可以在合并拉取请求之前将依赖项更改为修补版本。 更多信息请参阅“[关于依赖项审查](/code-security/supply-chain-security/about-dependency-review)”。 - -## {% data variables.product.prodname_dependabot_alerts %} -检测到仓库中存在有漏洞依赖项时,{% data variables.product.product_name %} 可创建 {% data variables.product.prodname_dependabot_alerts %}。 警报显示在仓库的 Security(安全)选项卡上。 该警报包括指向项目中受影响的文件的链接,以及有关修复的版本的信息。 {% data variables.product.product_name %} 还根据仓库维护员的通知首选项通知他们。 更多信息请参阅“[关于易受攻击的依赖项的警报](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)”。 - -{% ifversion fpt or ghec or ghes > 3.2 %} -## {% data variables.product.prodname_dependabot_security_updates %} -当 {% data variables.product.product_name %} 针对仓库中的有漏洞依赖项生成 {% data variables.product.prodname_dependabot %} 警报时,{% data variables.product.prodname_dependabot %} 可以自动尝试为您修复它。 {% data variables.product.prodname_dependabot_security_updates %} 是自动生成的拉取请求,用于将有漏洞依赖项更新到修复版本。 更多信息请参阅“[关于 {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)”。 - -## {% data variables.product.prodname_dependabot_version_updates %} -启用 {% data variables.product.prodname_dependabot_version_updates %} 帮助您维护依赖项。 有了 {% data variables.product.prodname_dependabot_version_updates %},每当 {% data variables.product.prodname_dotcom %} 发现过时的依赖项,它就会提出拉取请求,以将清单更新到依赖项的最新版本。 而 {% data variables.product.prodname_dependabot_security_updates %} 只是提出拉取请求以修复有漏洞依赖项。 更多信息请参阅“[关于 Dependabot 版本更新](/github/administering-a-repository/about-dependabot-version-updates)”。 -{% endif %} diff --git a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md b/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md deleted file mode 100644 index a86e842f2d..0000000000 --- a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/index.md +++ /dev/null @@ -1,36 +0,0 @@ ---- -title: Managing vulnerabilities in your project's dependencies -intro: 'You can track your repository''s dependencies and receive {% data variables.product.prodname_dependabot_alerts %} when {% data variables.product.product_name %} detects vulnerable dependencies.' -redirect_from: - - /articles/updating-your-project-s-dependencies - - /articles/updating-your-projects-dependencies - - /articles/managing-security-vulnerabilities-in-your-projects-dependencies - - /articles/managing-vulnerabilities-in-your-projects-dependencies - - /github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies -versions: - fpt: '*' - ghes: '*' - ghae: issue-4864 - ghec: '*' -topics: - - Repositories - - Dependabot - - Version updates - - Dependencies - - Pull requests - - Vulnerabilities - - Alerts -children: - - /about-managing-vulnerable-dependencies - - /browsing-security-vulnerabilities-in-the-github-advisory-database - - /editing-security-advisories-in-the-github-advisory-database - - /about-alerts-for-vulnerable-dependencies - - /configuring-notifications-for-vulnerable-dependencies - - /about-dependabot-security-updates - - /configuring-dependabot-security-updates - - /viewing-and-updating-vulnerable-dependencies-in-your-repository - - /troubleshooting-the-detection-of-vulnerable-dependencies - - /troubleshooting-dependabot-errors -shortTitle: Fix vulnerable dependencies ---- - diff --git a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md b/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md deleted file mode 100644 index f0e5dc57aa..0000000000 --- a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors.md +++ /dev/null @@ -1,127 +0,0 @@ ---- -title: Troubleshooting Dependabot errors -intro: 'Sometimes {% data variables.product.prodname_dependabot %} is unable to raise a pull request to update your dependencies. You can review the error and unblock {% data variables.product.prodname_dependabot %}.' -shortTitle: Troubleshoot errors -redirect_from: - - /github/managing-security-vulnerabilities/troubleshooting-github-dependabot-errors - - /github/managing-security-vulnerabilities/troubleshooting-dependabot-errors - - /code-security/supply-chain-security/troubleshooting-dependabot-errors -versions: - fpt: '*' - ghec: '*' - ghes: '>3.2' -type: how_to -topics: - - Dependabot - - Security updates - - Version updates - - Repositories - - Pull requests - - Troubleshooting - - Errors - - Dependencies ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} - -{% data reusables.dependabot.enterprise-enable-dependabot %} - -## About {% data variables.product.prodname_dependabot %} errors - -{% data reusables.dependabot.pull-request-introduction %} - -If anything prevents {% data variables.product.prodname_dependabot %} from raising a pull request, this is reported as an error. - -## Investigating errors with {% data variables.product.prodname_dependabot_security_updates %} - -When {% data variables.product.prodname_dependabot %} is blocked from creating a pull request to fix a {% data variables.product.prodname_dependabot %} alert, it posts the error message on the alert. The {% data variables.product.prodname_dependabot_alerts %} view shows a list of any alerts that have not been resolved yet. To access the alerts view, click **{% data variables.product.prodname_dependabot_alerts %}** on the **Security** tab for the repository. Where a pull request that will fix the vulnerable dependency has been generated, the alert includes a link to that pull request. - -![{% data variables.product.prodname_dependabot_alerts %} view showing a pull request link](/assets/images/help/dependabot/dependabot-alert-pr-link.png) - -There are three reasons why an alert may have no pull request link: - -1. {% data variables.product.prodname_dependabot_security_updates %} are not enabled for the repository. -1. The alert is for an indirect or transitive dependency that is not explicitly defined in a lock file. -1. An error blocked {% data variables.product.prodname_dependabot %} from creating a pull request. - -If an error blocked {% data variables.product.prodname_dependabot %} from creating a pull request, you can display details of the error by clicking the alert. - -## Investigating errors with {% data variables.product.prodname_dependabot_version_updates %} - -When {% data variables.product.prodname_dependabot %} is blocked from creating a pull request to update a dependency in an ecosystem, it posts the error icon on the manifest file. The manifest files that are managed by {% data variables.product.prodname_dependabot %} are listed on the {% data variables.product.prodname_dependabot %} tab. To access this tab, on the **Insights** tab for the repository click **Dependency graph**, and then click the **{% data variables.product.prodname_dependabot %}** tab. - -![{% data variables.product.prodname_dependabot %} view showing an error](/assets/images/help/dependabot/dependabot-tab-view-error.png) - -{% ifversion fpt or ghec %} - -To see the log file for any manifest file, click the **Last checked TIME ago** link. When you display the log file for a manifest that's shown with an error symbol (for example, Maven in the screenshot above), any errors are also displayed. - -![{% data variables.product.prodname_dependabot %} version update error and log ](/assets/images/help/dependabot/dependabot-version-update-error.png) - -{% else %} - -To see the logs for any manifest file, click the **Last checked TIME ago** link, and then click **View logs**. - -![{% data variables.product.prodname_dependabot %} version update error and log ](/assets/images/enterprise/3.3/dependabot/dependabot-version-update-error.png) - -{% endif %} - -## Understanding {% data variables.product.prodname_dependabot %} errors - -Pull requests for security updates act to upgrade a vulnerable dependency to the minimum version that includes a fix for the vulnerability. In contrast, pull requests for version updates act to upgrade a dependency to the latest version allowed by the package manifest and {% data variables.product.prodname_dependabot %} configuration files. Consequently, some errors are specific to one type of update. - -### {% data variables.product.prodname_dependabot %} cannot update DEPENDENCY to a non-vulnerable version - -**Security updates only.** {% data variables.product.prodname_dependabot %} cannot create a pull request to update the vulnerable dependency to a secure version without breaking other dependencies in the dependency graph for this repository. - -Every application that has dependencies has a dependency graph, that is, a directed acyclic graph of every package version that the application directly or indirectly depends on. Every time a dependency is updated, this graph must resolve otherwise the application won't build. When an ecosystem has a deep and complex dependency graph, for example, npm and RubyGems, it is often impossible to upgrade a single dependency without upgrading the whole ecosystem. - -The best way to avoid this problem is to stay up to date with the most recently released versions, for example, by enabling version updates. This increases the likelihood that a vulnerability in one dependency can be resolved by a simple upgrade that doesn't break the dependency graph. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." - -### {% data variables.product.prodname_dependabot %} cannot update to the required version as there is already an open pull request for the latest version - -**Security updates only.** {% data variables.product.prodname_dependabot %} will not create a pull request to update the vulnerable dependency to a secure version because there is already an open pull request to update this dependency. You will see this error when a vulnerability is detected in a single dependency and there's already an open pull request to update the dependency to the latest version. - -There are two options: you can review the open pull request and merge it as soon as you are confident that the change is safe, or close that pull request and trigger a new security update pull request. For more information, see "[Triggering a {% data variables.product.prodname_dependabot %} pull request manually](#triggering-a-dependabot-pull-request-manually)." - -### {% data variables.product.prodname_dependabot %} timed out during its update - -{% data variables.product.prodname_dependabot %} took longer than the maximum time allowed to assess the update required and prepare a pull request. This error is usually seen only for large repositories with many manifest files, for example, npm or yarn monorepo projects with hundreds of *package.json* files. Updates to the Composer ecosystem also take longer to assess and may time out. - -This error is difficult to address. If a version update times out, you could specify the most important dependencies to update using the `allow` parameter or, alternatively, use the `ignore` parameter to exclude some dependencies from updates. Updating your configuration might allow {% data variables.product.prodname_dependabot %} to review the version update and generate the pull request in the time available. - -If a security update times out, you can reduce the chances of this happening by keeping the dependencies updated, for example, by enabling version updates. For more information, see "[Enabling and disabling {% data variables.product.prodname_dependabot %} version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates)." - -### {% data variables.product.prodname_dependabot %} cannot open any more pull requests - -There's a limit on the number of open pull requests {% data variables.product.prodname_dependabot %} will generate. When this limit is reached, no new pull requests are opened and this error is reported. The best way to resolve this error is to review and merge some of the open pull requests. - -There are separate limits for security and version update pull requests, so that open version update pull requests cannot block the creation of a security update pull request. The limit for security update pull requests is 10. By default, the limit for version updates is 5 but you can change this using the `open-pull-requests-limit` parameter in the configuration file. For more information, see "[Configuration options for dependency updates](/github/administering-a-repository/configuration-options-for-dependency-updates#open-pull-requests-limit)." - -The best way to resolve this error is to merge or close some of the existing pull requests and trigger a new pull request manually. For more information, see "[Triggering a {% data variables.product.prodname_dependabot %} pull request manually](#triggering-a-dependabot-pull-request-manually)." - -### {% data variables.product.prodname_dependabot %} can't resolve or access your dependencies - -If {% data variables.product.prodname_dependabot %} attempts to check whether dependency references need to be updated in a repository, but can't access one or more of the referenced files, the operation will fail with the error message "{% data variables.product.prodname_dependabot %} can't resolve your LANGUAGE dependency files." The API error type is `git_dependencies_not_reachable`. - -Similarly, if {% data variables.product.prodname_dependabot %} can't access a private package registry in which a dependency is located, one of the following errors is generated: - -* "Dependabot can't reach a dependency in a private package registry"
- (API error type: `private_source_not_reachable`) -* "Dependabot can't authenticate to a private package registry"
- (API error type:`private_source_authentication_failure`) -* "Dependabot timed out while waiting for a private package registry"
- (API error type:`private_source_timed_out`) -* "Dependabot couldn't validate the certificate for a private package registry"
- (API error type:`private_source_certificate_failure`) - -To allow {% data variables.product.prodname_dependabot %} to update the dependency references successfully, make sure that all of the referenced dependencies are hosted at accessible locations. - -**Version updates only.** {% data reusables.dependabot.private-dependencies-note %} Additionally, {% data variables.product.prodname_dependabot %} doesn't support private {% data variables.product.prodname_dotcom %} dependencies for all package managers. For more information, see "[About Dependabot version updates](/github/administering-a-repository/about-dependabot-version-updates#supported-repositories-and-ecosystems)." - -## Triggering a {% data variables.product.prodname_dependabot %} pull request manually - -If you unblock {% data variables.product.prodname_dependabot %}, you can manually trigger a fresh attempt to create a pull request. - -- **Security updates**—display the {% data variables.product.prodname_dependabot %} alert that shows the error you have fixed and click **Create {% data variables.product.prodname_dependabot %} security update**. -- **Version updates**—on the **Insights** tab for the repository click **Dependency graph**, and then click the **Dependabot** tab. Click **Last checked *TIME* ago** to see the log file that {% data variables.product.prodname_dependabot %} generated during the last check for version updates. Click **Check for updates**. diff --git a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md b/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md deleted file mode 100644 index 4a967cf2fb..0000000000 --- a/translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies.md +++ /dev/null @@ -1,124 +0,0 @@ ---- -title: Troubleshooting the detection of vulnerable dependencies -intro: 'If the dependency information reported by {% data variables.product.product_name %} is not what you expected, there are a number of points to consider, and various things you can check.' -shortTitle: Troubleshoot detection -redirect_from: - - /github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies - - /code-security/supply-chain-security/troubleshooting-the-detection-of-vulnerable-dependencies -versions: - fpt: '*' - ghes: '*' - ghae: issue-4864 - ghec: '*' -type: how_to -topics: - - Dependabot - - Alerts - - Troubleshooting - - Errors - - Security updates - - Dependencies - - Vulnerabilities - - Dependency graph - - Alerts - - CVEs - - Repositories ---- - -{% data reusables.dependabot.beta-security-and-version-updates %} - -The results of dependency detection reported by {% data variables.product.product_name %} may be different from the results returned by other tools. There are good reasons for this and it's helpful to understand how {% data variables.product.prodname_dotcom %} determines dependencies for your project. - -## Why do some dependencies seem to be missing? - -{% data variables.product.prodname_dotcom %} generates and displays dependency data differently than other tools. Consequently, if you've been using another tool to identify dependencies you will almost certainly see different results. Consider the following: - -* {% data variables.product.prodname_advisory_database %} is one of the data sources that {% data variables.product.prodname_dotcom %} uses to identify vulnerable dependencies. It's a free, curated database of vulnerability information for common package ecosystems on {% data variables.product.prodname_dotcom %}. It includes both data reported directly to {% data variables.product.prodname_dotcom %} from {% data variables.product.prodname_security_advisories %}, as well as official feeds and community sources. This data is reviewed and curated by {% data variables.product.prodname_dotcom %} to ensure that false or unactionable information is not shared with the development community. {% data reusables.security-advisory.link-browsing-advisory-db %} -* The dependency graph parses all known package manifest files in a user’s repository. For example, for npm it will parse the _package-lock.json_ file. It constructs a graph of all of the repository’s dependencies and public dependents. This happens when you enable the dependency graph and when anyone pushes to the default branch, and it includes commits that makes changes to a supported manifest format. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)." -* {% data variables.product.prodname_dependabot %} scans any push, to the default branch, that contains a manifest file. When a new vulnerability record is added, it scans all existing repositories and generates an alert for each vulnerable repository. {% data variables.product.prodname_dependabot_alerts %} are aggregated at the repository level, rather than creating one alert per vulnerability. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)." -* {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} are triggered when you receive an alert about a vulnerable dependency in your repository. Where possible, {% data variables.product.prodname_dependabot %} creates a pull request in your repository to upgrade the vulnerable dependency to the minimum possible secure version needed to avoid the vulnerability. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)" and "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)." - - {% endif %}{% data variables.product.prodname_dependabot %} doesn't scan repositories for vulnerable dependencies on a schedule, but rather when something changes. For example, a scan is triggered when a new dependency is added ({% data variables.product.prodname_dotcom %} checks for this on every push), or when a new vulnerability is added to the advisory database{% ifversion ghes or ghae-issue-4864 %} and synchronized to {% data variables.product.product_location %}{% endif %}. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#detection-of-vulnerable-dependencies)." - -## Why don't I get vulnerability alerts for some ecosystems? - -{% data variables.product.prodname_dotcom %} limits its support for vulnerability alerts to a set of ecosystems where we can provide high-quality, actionable data. Curated vulnerabilities in the {% data variables.product.prodname_advisory_database %}, the dependency graph, {% ifversion fpt or ghec %}{% data variables.product.prodname_dependabot %} security updates, {% endif %}and {% data variables.product.prodname_dependabot_alerts %} are provided for several ecosystems, including Java’s Maven, JavaScript’s npm and Yarn, .NET’s NuGet, Python’s pip, Ruby's RubyGems, and PHP’s Composer. We'll continue to add support for more ecosystems over time. For an overview of the package ecosystems that we support, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)." - -It's worth noting that {% data variables.product.prodname_dotcom %} Security Advisories may exist for other ecosystems. The information in a security advisory is provided by the maintainers of a particular repository. This data is not curated in the same way as information for the supported ecosystems. {% ifversion fpt or ghec %}For more information, see "[About {% data variables.product.prodname_dotcom %} Security Advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)."{% endif %} - -**Check**: Does the uncaught vulnerability apply to an unsupported ecosystem? - -## Does the dependency graph only find dependencies in manifests and lockfiles? - -The dependency graph includes information on dependencies that are explicitly declared in your environment. That is, dependencies that are specified in a manifest or a lockfile. The dependency graph generally also includes transitive dependencies, even when they aren't specified in a lockfile, by looking at the dependencies of the dependencies in a manifest file. - -{% data variables.product.prodname_dependabot_alerts %} advise you about dependencies you should update, including transitive dependencies, where the version can be determined from a manifest or a lockfile. {% ifversion fpt or ghec or ghes > 3.2 %}{% data variables.product.prodname_dependabot_security_updates %} only suggest a change where {% data variables.product.prodname_dependabot %} can directly "fix" the dependency, that is, when these are: -* Direct dependencies explicitly declared in a manifest or lockfile -* Transitive dependencies declared in a lockfile{% endif %} - -The dependency graph doesn't include "loose" dependencies. "Loose" dependencies are individual files that are copied from another source and checked into the repository directly or within an archive (such as a ZIP or JAR file), rather than being referenced by in a package manager’s manifest or lockfile. - -**Check**: Is the uncaught vulnerability for a component that's not specified in the repository's manifest or lockfile? - -## Does the dependency graph detect dependencies specified using variables? - -The dependency graph analyzes manifests as they’re pushed to {% data variables.product.prodname_dotcom %}. The dependency graph doesn't, therefore, have access to the build environment of the project, so it can't resolve variables used within manifests. If you use variables within a manifest to specify the name, or more commonly the version of a dependency, then that dependency will not be included in the dependency graph. - -**Check**: Is the missing dependency declared in the manifest by using a variable for its name or version? - -## Are there limits which affect the dependency graph data? - -Yes, the dependency graph has two categories of limits: - -1. **Processing limits** - - These affect the dependency graph displayed within {% data variables.product.prodname_dotcom %} and also prevent {% data variables.product.prodname_dependabot_alerts %} being created. - - Manifests over 0.5 MB in size are only processed for enterprise accounts. For other accounts, manifests over 0.5 MB are ignored and will not create {% data variables.product.prodname_dependabot_alerts %}. - - By default, {% data variables.product.prodname_dotcom %} will not process more than 20 manifests per repository. {% data variables.product.prodname_dependabot_alerts %} are not created for manifests beyond this limit. If you need to increase the limit, contact {% data variables.contact.contact_support %}. - -2. **Visualization limits** - - These affect what's displayed in the dependency graph within {% data variables.product.prodname_dotcom %}. However, they don't affect the {% data variables.product.prodname_dependabot_alerts %} that are created. - - The Dependencies view of the dependency graph for a repository only displays 100 manifests. Typically this is adequate as it is significantly higher than the processing limit described above. In situations where the processing limit is over 100, {% data variables.product.prodname_dependabot_alerts %} are still created for any manifests that are not shown within {% data variables.product.prodname_dotcom %}. - -**Check**: Is the missing dependency in a manifest file that's over 0.5 MB, or in a repository with a large number of manifests? - -## Does {% data variables.product.prodname_dependabot %} generate alerts for vulnerabilities that have been known for many years? - -The {% data variables.product.prodname_advisory_database %} was launched in November 2019, and initially back-filled to include vulnerability information for the supported ecosystems, starting from 2017. When adding CVEs to the database, we prioritize curating newer CVEs, and CVEs affecting newer versions of software. - -Some information on older vulnerabilities is available, especially where these CVEs are particularly widespread, however some old vulnerabilities are not included in the {% data variables.product.prodname_advisory_database %}. If there's a specific old vulnerability that you need to be included in the database, contact {% data variables.contact.contact_support %}. - -**Check**: Does the uncaught vulnerability have a publish date earlier than 2017 in the National Vulnerability Database? - -## Why does {% data variables.product.prodname_advisory_database %} use a subset of published vulnerability data? - -Some third-party tools use uncurated CVE data that isn't checked or filtered by a human. This means that CVEs with tagging or severity errors, or other quality issues, will cause more frequent, more noisy, and less useful alerts. - -Since {% data variables.product.prodname_dependabot %} uses curated data in the {% data variables.product.prodname_advisory_database %}, the volume of alerts may be lower, but the alerts you do receive will be accurate and relevant. - -{% ifversion fpt or ghec %} -## Does each dependency vulnerability generate a separate alert? - -When a dependency has multiple vulnerabilities, an alert is generated for each vulnerability at the level of advisory plus manifest. - -![Screenshot of the {% data variables.product.prodname_dependabot_alerts %} tab showing two alerts from the same package with different manifests.](/assets/images/help/repository/dependabot-alerts-view.png) - -Legacy {% data variables.product.prodname_dependabot_alerts %} were grouped into a single aggregated alert with all the vulnerabilities for the same dependency. If you navigate to a link to a legacy {% data variables.product.prodname_dependabot %} alert, you will be redirected to the {% data variables.product.prodname_dependabot_alerts %} tab filtered to display vulnerabilities for that dependent package and manifest. - -![Screenshot of the {% data variables.product.prodname_dependabot_alerts %} tab showing the filtered alerts from navigating to a legacy {% data variables.product.prodname_dependabot %} alert.](/assets/images/help/repository/legacy-dependabot-alerts-view.png) - -The {% data variables.product.prodname_dependabot_alerts %} count in {% data variables.product.prodname_dotcom %} shows a total for the number of alerts, which is the number of vulnerabilities, not the number of dependencies. - -**Check**: If there is a discrepancy in the totals you are seeing, check that you are not comparing alert numbers with dependency numbers. Also check that you are viewing all alerts and not a subset of filtered alerts. -{% endif %} - -## Further reading - -- "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)" -- "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" -- "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)"{% ifversion fpt or ghec or ghes > 3.2 %} -- "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"{% endif %} diff --git a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md index 85377a49ac..5c49728aa8 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md +++ b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md @@ -41,7 +41,7 @@ redirect_from: 通过检查拉取请求中的依赖项审查并更改被标记为有漏洞的任何依赖项,可以避免将漏洞添加到项目中。 有关依赖项审查工作的更多信息,请参阅“[审查拉取请求中的依赖项更改](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)”。 -{% data variables.product.prodname_dependabot_alerts %} 将会查找依赖项中存在的漏洞,但避免引入潜在问题比在以后修复它们要好得多。 有关 {% data variables.product.prodname_dependabot_alerts %} 的更多信息,请参阅“[关于有漏洞依赖项的警报](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)”。 +{% data variables.product.prodname_dependabot_alerts %} 将会查找依赖项中存在的漏洞,但避免引入潜在问题比在以后修复它们要好得多。 有关 {% data variables.product.prodname_dependabot_alerts %} 的更多信息,请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)”。 依赖项审查支持与依赖关系图相同的语言和包管理生态系统。 更多信息请参阅“[关于依赖关系图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)”。 diff --git a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md new file mode 100644 index 0000000000..6ff3e6e9ed --- /dev/null +++ b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md @@ -0,0 +1,156 @@ +--- +title: About supply chain security +intro: '{% data variables.product.product_name %} helps you secure your supply chain, from understanding the dependencies in your environment, to knowing about vulnerabilities in those dependencies{% ifversion fpt or ghec or ghes > 3.2 %}, and patching them{% endif %}.' +miniTocMaxHeadingLevel: 3 +shortTitle: Supply chain security +redirect_from: + - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +type: overview +topics: + - Advanced Security + - Dependency review + - Dependency graph + - Vulnerabilities + - Dependencies + - Pull requests + - Repositories +--- + +## About supply chain security at GitHub + +With the accelerated use of open source, most projects depend on hundreds of open-source dependencies. This poses a security problem: what if the dependencies you're using are vulnerable? You could be putting your users at risk of a supply chain attack. One of the most important things you can do to protect your supply chain is to patch your vulnerabilities. + +You add dependencies directly to your supply chain when you specify them in a manifest file or a lockfile. Dependencies can also be included transitively, that is, even if you don’t specify a particular dependency, but a dependency of yours uses it, then you’re also dependent on that dependency. + +{% data variables.product.product_name %} offers a range of features to help you understand the dependencies in your environment{% ifversion ghes < 3.3 or ghae %} and know about vulnerabilities in those dependencies{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %}, know about vulnerabilities in those dependencies, and patch them{% endif %}. + +The supply chain features on {% data variables.product.product_name %} are: +- **Dependency graph** +{% ifversion fpt or ghec or ghes > 3.1 or ghae %}- **Dependency review**{% endif %} +- **{% data variables.product.prodname_dependabot_alerts %} ** +{% ifversion fpt or ghec or ghes > 3.2 %}- **{% data variables.product.prodname_dependabot_updates %}** + - **{% data variables.product.prodname_dependabot_security_updates %}** + - **{% data variables.product.prodname_dependabot_version_updates %}**{% endif %} + +The dependency graph is central to supply chain security. The dependency graph identifies all upstream dependencies and public downstream dependents of a repository or package. You can see your repository’s dependencies and some of their properties, like vulnerability information, on the dependency graph for the repository. + +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +Other supply chain features on {% data variables.product.prodname_dotcom %} rely on the information provided by the dependency graph. + +- Dependency review uses the dependency graph to identify dependency changes and help you understand the security impact of these changes when you review pull requests. +- {% data variables.product.prodname_dependabot %} cross-references dependency data provided by the dependency graph with the list of known vulnerabilities published in the {% data variables.product.prodname_advisory_database %}, scans your dependecies and generates {% data variables.product.prodname_dependabot_alerts %} when a potential vulnerability is detected. +{% ifversion fpt or ghec or ghes > 3.2 %}- {% data variables.product.prodname_dependabot_security_updates %} use the dependency graph and {% data variables.product.prodname_dependabot_alerts %} to help you update dependencies with known vulnerabilities in your repository. + +{% data variables.product.prodname_dependabot_version_updates %} don't use the dependency graph and rely on the semantic versioning of dependencies instead. {% data variables.product.prodname_dependabot_version_updates %} help you keep your dependencies updated, even when they don’t have any vulnerabilities. +{% endif %} +{% endif %} + +{% ifversion ghes < 3.2 %} +{% data variables.product.prodname_dependabot %} cross-references dependency data provided by the dependency graph with the list of known vulnerabilities published in the {% data variables.product.prodname_advisory_database %}, scans your dependencies and generates {% data variables.product.prodname_dependabot_alerts %} when a potential vulnerability is detected. + {% endif %} + +## Feature overview + +### What is the dependency graph + +To generate the dependency graph, {% data variables.product.company_short %} looks at a repository’s explicit dependencies declared in the manifest and lockfiles. When enabled, the dependency graph automatically parses all known package manifest files in the repository, and uses this to construct a graph with known dependency names and versions. + +- The dependency graph includes information on your _direct_ dependencies and _transitive_ dependencies. +- The dependency graph is automatically updated when you push a commit to {% data variables.product.company_short %} that changes or adds a supported manifest or lock file to the default branch, and when anyone pushes a change to the repository of one of your dependencies. +- You can see the dependency graph by opening the repository's main page on {% data variables.product.product_name %}, and navigating to the **Insights** tab. + +For more information about the dependency graph, see "[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)." + +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +### What is dependency review + +Dependency review helps reviewers and contributors understand dependency changes and their security impact in every pull request. + +- Dependency review tells you which dependencies were added, removed, or updated, in a pull request. You can use the release dates, popularity of dependencies, and vulnerability information to help you decide whether to accept the change. +- You can see the dependency review for a pull request by showing the rich diff on the **Files Changed** tab. + +For more information about dependency review, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)." + +{% endif %} + +### What is Dependabot + +{% data variables.product.prodname_dependabot %} keeps your dependencies up to date by informing you of any security vulnerabilities in your dependencies{% ifversion fpt or ghec or ghes > 3.2 or ghae %}, and automatically opens pull requests to upgrade your dependencies to the next available secure version when a {% data variables.product.prodname_dependabot %} alert is triggered, or to the latest version when a release is published{% else %} so that you can update that dependency{% endif %}. + +{% ifversion fpt or ghec or ghes > 3.2 %} +The term "{% data variables.product.prodname_dependabot %}" encompasses the following features: +- {% data variables.product.prodname_dependabot_alerts %}—Displayed notification on the **Security** tab for the repository, and in the repository's dependency graph. The alert includes a link to the affected file in the project, and information about a fixed version. +- {% data variables.product.prodname_dependabot_updates %}: + - {% data variables.product.prodname_dependabot_security_updates %}—Triggered updates to upgrade your dependencies to a secure version when an alert is triggered. + - {% data variables.product.prodname_dependabot_version_updates %}—Scheduled updates to keep your dependencies up to date with the latest version. +{% endif %} + +#### What are Dependabot alerts + +{% data variables.product.prodname_dependabot_alerts %} highlight repositories affected by a newly discovered vulnerability based on the dependency graph and the {% data variables.product.prodname_advisory_database %}, which contains the versions on known vulnerability lists. + +- {% data variables.product.prodname_dependabot %} performs a scan to detect vulnerable dependencies and sends {% data variables.product.prodname_dependabot_alerts %} when: +{% ifversion fpt or ghec %} + - A new vulnerability is added to the {% data variables.product.prodname_advisory_database %}.{% else %} + - New advisory data is synchronized to {% data variables.product.product_location %} each hour from {% data variables.product.prodname_dotcom_the_website %}. {% data reusables.security-advisory.link-browsing-advisory-db %}{% endif %} + - The dependency graph for the repository changes. +- {% data variables.product.prodname_dependabot_alerts %} are displayed {% ifversion fpt or ghec or ghes > 3.0 %} on the **Security** tab for the repository and{% endif %} in the repository's dependency graph. The alert includes {% ifversion fpt or ghec or ghes > 3.0 %}a link to the affected file in the project, and {% endif %}information about a fixed version. + +For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)." + +{% ifversion fpt or ghec or ghes > 3.2 %} +#### What are Dependabot updates + +There are two types of {% data variables.product.prodname_dependabot_updates %}: {% data variables.product.prodname_dependabot %} _security_ updates and _version_ updates. {% data variables.product.prodname_dependabot %} generates automatic pull requests to update your dependencies in both cases, but there are several differences. + +{% data variables.product.prodname_dependabot_security_updates %}: + - Triggered by a {% data variables.product.prodname_dependabot %} alert + - Update dependencies to the minimum version that resolves a known vulnerability + - Supported for ecosystems the dependency graph supports + +{% data variables.product.prodname_dependabot_version_updates %}: + - Run on a schedule you configure + - Update dependencies to the latest version that matches the configuration + - Supported for a different group of ecosystems + +For more information about {% data variables.product.prodname_dependabot_updates %}, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)" and "[About {% data variables.product.prodname_dependabot_version_updates %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates)." +{% endif %} + +## Feature availability + +{% ifversion fpt or ghec %} + +Public repositories: +- **Dependency graph**—enabled by default and cannot be disabled. +- **Dependency review**—enabled by default and cannot be disabled. +- **{% data variables.product.prodname_dependabot_alerts %}**—not enabled by default. {% data variables.product.prodname_dotcom %} detects vulnerable dependencies and displays information in the dependency graph, but does not generate {% data variables.product.prodname_dependabot_alerts %} by default. Repository owners or people with admin access can enable {% data variables.product.prodname_dependabot_alerts %}. + You can also enable or disable Dependabot alerts for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)." + +Private repositories: +- **Dependency graph**—not enabled by default. The feature can be enabled by repository administrators. For more information, see "[Exploring the dependencies of a repository](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." +{% ifversion fpt %} +- **Dependency review**—available in private repositories owned by organizations that use {% data variables.product.prodname_ghe_cloud %} and have a license for {% data variables.product.prodname_GH_advanced_security %}. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review). +{% elsif ghec %} +- **Dependency review**—available in private repositories owned by organizations provided you have a license for {% data variables.product.prodname_GH_advanced_security %} and the dependency graph enabled. For more information, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)" and "[Exploring the dependencies of a repository](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)." +{% endif %} +- **{% data variables.product.prodname_dependabot_alerts %}**—not enabled by default. Owners of private repositories, or people with admin access, can enable {% data variables.product.prodname_dependabot_alerts %} by enabling the dependency graph and {% data variables.product.prodname_dependabot_alerts %} for their repositories. + You can also enable or disable Dependabot alerts for all repositories owned by your user account or organization. For more information, see "[Managing security and analysis settings for your user account](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/managing-security-and-analysis-settings-for-your-user-account)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)." + +Any repository type: +- **{% data variables.product.prodname_dependabot_security_updates %}**—not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." +- **{% data variables.product.prodname_dependabot_version_updates %}**—not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling security updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." +{% endif %} + +{% ifversion ghes or ghae %} +- **Dependency graph** and **{% data variables.product.prodname_dependabot_alerts %}**—not enabled by default. Both features are configured at an enterprise level by the enterprise owner. For more information, see {% ifversion ghes %}"[Enabling the dependency graph for your enterprise](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)" and {% endif %}"[Enabling {% data variables.product.prodname_dependabot %} for your enterprise](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)." +- **Dependency review**—available when dependency graph is enabled for {% data variables.product.product_location %} and {% data variables.product.prodname_advanced_security %} is enabled for the organization or repository. For more information, see "[About {% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security)." +{% endif %} +{% ifversion ghes > 3.2 %} +- **{% data variables.product.prodname_dependabot_security_updates %}**—not enabled by default. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)." +- **{% data variables.product.prodname_dependabot_version_updates %}**—not enabled by default. People with write permissions to a repository can enable {% data variables.product.prodname_dependabot_version_updates %}. For information about enabling security updates, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)." +{% endif %} diff --git a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md index de81712e37..91b871b9ef 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md +++ b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md @@ -55,7 +55,7 @@ You can use the dependency graph to: - Explore the repositories your code depends on{% ifversion fpt or ghec %}, and those that depend on it{% endif %}. For more information, see "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)." {% ifversion fpt or ghec %} - View a summary of the dependencies used in your organization's repositories in a single dashboard. For more information, see "[Viewing insights for your organization](/articles/viewing-insights-for-your-organization#viewing-organization-dependency-insights)."{% endif %} -- View and update vulnerable dependencies for your repository. For more information, see "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."{% ifversion fpt or ghes > 3.1 or ghec %} +- View and update vulnerable dependencies for your repository. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."{% ifversion fpt or ghes > 3.1 or ghec %} - See information about vulnerable dependencies in pull requests. For more information, see "[Reviewing dependency changes in a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)."{% endif %} ## Enabling the dependency graph @@ -84,7 +84,7 @@ The recommended formats explicitly define which versions are used for all direct {%- endif %} | Maven | Java, Scala | `pom.xml` | `pom.xml` | | npm | JavaScript | `package-lock.json` | `package-lock.json`, `package.json`| -| Python PIP | Python | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`{% if github-actions-in-dependency-graph %}[2]{% else %}[1]{% endif %} | +| pip | Python | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`{% if github-actions-in-dependency-graph %}[2]{% else %}[1]{% endif %} | {%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-4752 %} | Python Poetry | Python | `poetry.lock` | `poetry.lock`, `pyproject.toml` |{% endif %} | RubyGems | Ruby | `Gemfile.lock` | `Gemfile.lock`, `Gemfile`, `*.gemspec` | @@ -111,5 +111,5 @@ The recommended formats explicitly define which versions are used for all direct - "[Dependency graph](https://en.wikipedia.org/wiki/Dependency_graph)" on Wikipedia - "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository)"{% ifversion fpt or ghec %} - "[Viewing insights for your organization](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)"{% endif %} -- "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" - "[Troubleshooting the detection of vulnerable dependencies](/github/managing-security-vulnerabilities/troubleshooting-the-detection-of-vulnerable-dependencies)" diff --git a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md index a6a42f48d0..ccc0f56758 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md +++ b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository.md @@ -40,7 +40,7 @@ shortTitle: 探索依赖项 ### 依赖项视图 {% ifversion fpt or ghec %} -依赖项按生态系统分组。 您可以展开依赖项以查看其依赖项。 对于托管在 {% data variables.product.product_name %} 上公共仓库中的依赖项,您也可以单击依赖项来查看仓库。 私有仓库、私有包或无法识别文件上的依赖项以纯文本显示。 +依赖项按生态系统分组。 您可以展开依赖项以查看其依赖项。 私有仓库、私有包或无法识别文件上的依赖项以纯文本显示。 如果依赖项的包管理器位于公共存储库中,{% data variables.product.product_name %} 将显示指向该存储库的链接。 如果在仓库中检测到漏洞,这些漏洞将显示在视图顶部,供有权访问 {% data variables.product.prodname_dependabot_alerts %} 的用户查看。 @@ -83,7 +83,10 @@ shortTitle: 探索依赖项 ## 更改“Used by(使用者)”包 -如果启用了依赖项图,并且您的仓库包含已发布在受支持包生态系统上的包,则 {% data variables.product.prodname_dotcom %} 将在仓库的 **Code(代码)**选项卡的边栏中显示“Used by(使用者)”部分。 有关受支持包生态系统的更多信息,请参阅“[关于依赖项图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)”。 +您可能会注意到,某些存储库在 **Code(代码)**选项卡的边栏中有一个“Used by(使用者)”部分。 在以下情况下,您的存储库将具有“Used by(使用者)”部分: + * 为存储库启用了依赖关系图(有关更多详细信息,请参阅上一节)。 + * 您的存储库包含一个包,该包发布在[受支持的包生态系统](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)上。 + * 在生态系统中,您的包具有指向存储源代码的_公共_存储库的链接。 “Used by(使用者)”部分显示已发现对包的公开引用数量,并显示某些依赖项所有者的头像。 @@ -112,7 +115,7 @@ shortTitle: 探索依赖项 ## 延伸阅读 - “[关于依赖关系图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)” -- "[查看和更新仓库中的漏洞依赖项](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% ifversion fpt or ghec %} +- "[查看漏洞依赖项的 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)"{% ifversion fpt or ghec %} - "[查看用于组织的洞见](/organizations/collaborating-with-groups-in-organizations/viewing-insights-for-your-organization)" - "[了解 {% data variables.product.prodname_dotcom %} 如何使用和保护数据](/get-started/privacy-on-github)" {% endif %} diff --git a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md index 43c07b3bf4..abffbfffa4 100644 --- a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md +++ b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md @@ -9,10 +9,12 @@ topics: - Dependency graph - Dependencies - Repositories -children: - - /about-the-dependency-graph - - /exploring-the-dependencies-of-a-repository - - /about-dependency-review shortTitle: 了解供应链 +children: + - /about-supply-chain-security + - /about-the-dependency-graph + - /about-dependency-review + - /exploring-the-dependencies-of-a-repository + - /troubleshooting-the-dependency-graph --- diff --git a/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md new file mode 100644 index 0000000000..6de1b7a25d --- /dev/null +++ b/translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md @@ -0,0 +1,62 @@ +--- +title: Troubleshooting the dependency graph +intro: 'If the dependency information reported by the dependency graph is not what you expected, there are a number of points to consider, and various things you can check.' +shortTitle: Troubleshoot dependency graph +versions: + fpt: '*' + ghes: '*' + ghae: issue-4864 + ghec: '*' +type: how_to +topics: + - Troubleshooting + - Errors + - Dependencies + - Vulnerabilities + - Dependency graph + - CVEs + - Repositories +--- + +{% data reusables.dependabot.result-discrepancy %} + +## Does the dependency graph only find dependencies in manifests and lockfiles? + +The dependency graph includes information on dependencies that are explicitly declared in your environment. That is, dependencies that are specified in a manifest or a lockfile. The dependency graph generally also includes transitive dependencies, even when they aren't specified in a lockfile, by looking at the dependencies of the dependencies in a manifest file. + +The dependency graph doesn't include "loose" dependencies. "Loose" dependencies are individual files that are copied from another source and checked into the repository directly or within an archive (such as a ZIP or JAR file), rather than being referenced by in a package manager’s manifest or lockfile. + +**Check**: Is the missing dependency for a component that's not specified in the repository's manifest or lockfile? + +## Does the dependency graph detect dependencies specified using variables? + +The dependency graph analyzes manifests as they’re pushed to {% data variables.product.prodname_dotcom %}. The dependency graph doesn't, therefore, have access to the build environment of the project, so it can't resolve variables used within manifests. If you use variables within a manifest to specify the name, or more commonly the version of a dependency, then that dependency will not be included in the dependency graph. + +**Check**: Is the missing dependency declared in the manifest by using a variable for its name or version? + +## Are there limits which affect the dependency graph data? + +Yes, the dependency graph has two categories of limits: + +1. **Processing limits** + + These affect the dependency graph displayed within {% data variables.product.prodname_dotcom %} and also prevent {% data variables.product.prodname_dependabot_alerts %} being created. + + Manifests over 0.5 MB in size are only processed for enterprise accounts. For other accounts, manifests over 0.5 MB are ignored and will not create {% data variables.product.prodname_dependabot_alerts %}. + + By default, {% data variables.product.prodname_dotcom %} will not process more than 20 manifests per repository. {% data variables.product.prodname_dependabot_alerts %} are not created for manifests beyond this limit. If you need to increase the limit, contact {% data variables.contact.contact_support %}. + +2. **Visualization limits** + + These affect what's displayed in the dependency graph within {% data variables.product.prodname_dotcom %}. However, they don't affect the {% data variables.product.prodname_dependabot_alerts %} that are created. + + The Dependencies view of the dependency graph for a repository only displays 100 manifests. Typically this is adequate as it is significantly higher than the processing limit described above. In situations where the processing limit is over 100, {% data variables.product.prodname_dependabot_alerts %} are still created for any manifests that are not shown within {% data variables.product.prodname_dotcom %}. + +**Check**: Is the missing dependency in a manifest file that's over 0.5 MB, or in a repository with a large number of manifests? + +## Further reading + +- "[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)" +- "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" +- "[Troubleshooting the detection of vulnerable dependencies](/code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} +- "[Troubleshooting {% data variables.product.prodname_dependabot %} errors](/github/managing-security-vulnerabilities/troubleshooting-dependabot-errors)"{% endif %} \ No newline at end of file diff --git a/translations/zh-CN/content/codespaces/codespaces-reference/using-the-vs-code-command-palette-in-codespaces.md b/translations/zh-CN/content/codespaces/codespaces-reference/using-the-vs-code-command-palette-in-codespaces.md index becd84f143..00c48172fc 100644 --- a/translations/zh-CN/content/codespaces/codespaces-reference/using-the-vs-code-command-palette-in-codespaces.md +++ b/translations/zh-CN/content/codespaces/codespaces-reference/using-the-vs-code-command-palette-in-codespaces.md @@ -1,5 +1,5 @@ --- -title: Using the Visual Studio Code Command Palette in Codespaces +title: 在 Codespaces 中使用 Visual Studio 代码命令面板 intro: '您可以使用 {% data variables.product.prodname_vscode %} 的命令调色板功能访问代码空间中的许多命令。' versions: fpt: '*' @@ -9,21 +9,21 @@ topics: - Codespaces - Visual Studio Code product: '{% data reusables.gated-features.codespaces %}' -shortTitle: VS Code Command Palette +shortTitle: VS 代码命令面板 allowTitleToDifferFromFilename: true redirect_from: - /codespaces/codespaces-reference/using-the-command-palette-in-codespaces --- -## About the {% data variables.product.prodname_vscode %} Command Palette +## 关于 {% data variables.product.prodname_vscode %} 命令面板 -命令调色板是 {% data variables.product.prodname_vscode %} 的重点功能之一,可用于代码空间。 The {% data variables.product.prodname_vscode_command_palette %} allows you to access many commands for {% data variables.product.prodname_codespaces %} and {% data variables.product.prodname_vscode %}. For more information on using the {% data variables.product.prodname_vscode_command_palette %}, see "[User Interface](https://code.visualstudio.com/docs/getstarted/userinterface#_command-palette)" in the Visual Studio Code documentation. +命令调色板是 {% data variables.product.prodname_vscode %} 的重点功能之一,可用于代码空间。 {% data variables.product.prodname_vscode_command_palette %} 允许您访问 {% data variables.product.prodname_codespaces %} 和 {% data variables.product.prodname_vscode %} 的许多命令。 有关使用 {% data variables.product.prodname_vscode_command_palette %} 的更多信息,请参阅 visual Studio Code 文档中的 “[用户界面](https://code.visualstudio.com/docs/getstarted/userinterface#_command-palette)”。 -## Accessing the {% data variables.product.prodname_vscode_command_palette %} +## 访问 {% data variables.product.prodname_vscode_command_palette %} -You can access the {% data variables.product.prodname_vscode_command_palette %} in a number of ways. +您可以通过多种方式访问 {% data variables.product.prodname_vscode_command_palette %}。 -- Shift+Command+P (Mac) / Ctrl+Shift+P (Windows/Linux). +- Shift+Command+P (Mac) / Ctrl+Shift+P (Windows/Linux)。 请注意,此命令是 Firefox 中保留的键盘快捷键。 - F1 @@ -33,21 +33,21 @@ You can access the {% data variables.product.prodname_vscode_command_palette %} ## {% data variables.product.prodname_github_codespaces %} 命令 -To see all commands related to {% data variables.product.prodname_github_codespaces %}, [access the {% data variables.product.prodname_vscode_command_palette %}](#accessing-the-command-palette), then start typing "Codespaces". +要查看与 {% data variables.product.prodname_github_codespaces %} 相关的所有命令, [访问 {% data variables.product.prodname_vscode_command_palette %}](#accessing-the-command-palette),然后开始键入 "Codespaces"。 ![与代码空间相关的所有命令列表](/assets/images/help/codespaces/codespaces-command-palette.png) ### 挂起或停止代码空间 -If you add a new secret or change the machine type, you'll have to stop and restart the codespace for it to apply your changes. +如果添加新密钥或更换机器类型,则必须停止并重新启动代码空间才能应用更改。 -To suspend or stop your codespace's container, [access the {% data variables.product.prodname_vscode_command_palette %}](#accessing-the-command-palette), then start typing "stop". 选择 **Codespaces: Stop Current Codespace(Codespace:停止当前 Codespace)**。 +要暂停或停止代码空间的容器,[访问 {% data variables.product.prodname_vscode_command_palette %}](#accessing-the-command-palette),然后开始键入"stop"。 选择 **Codespaces: Stop Current Codespace(Codespace:停止当前 Codespace)**。 ![停止代码空间的命令](/assets/images/help/codespaces/codespaces-stop.png) ### 从模板添加开发容器 -To add a dev container from a template, [access the {% data variables.product.prodname_vscode_command_palette %}](#accessing-the-command-palette), then start typing "dev container". 选择 **Codespaces: Add Development Container Configuration Files...(Codespaces:添加开发容器配置文件...)** +要从模板添加开发容器,[访问 {% data variables.product.prodname_vscode_command_palette %}](#accessing-the-command-palette),然后开始键入 "dev container"。 选择 **Codespaces: Add Development Container Configuration Files...(Codespaces:添加开发容器配置文件...)** ![添加开发容器的命令](/assets/images/help/codespaces/add-prebuilt-container-command.png) @@ -55,14 +55,14 @@ To add a dev container from a template, [access the {% data variables.product.pr 如果您添加 dev 容器或编辑任何配置文件(`devcontainer.json` 和 `Dockerfile`),则需要重建代码空间才可应用更改。 -To rebuild your container, [access the {% data variables.product.prodname_vscode_command_palette %}](#accessing-the-command-palette), then start typing "rebuild". 选择 **Codespaces: Rebuild Container(代码空间:重建容器)**。 +要重建容器,[访问 {% data variables.product.prodname_vscode_command_palette %}](#accessing-the-command-palette),然后开始键入 "rebuild"。 选择 **Codespaces: Rebuild Container(代码空间:重建容器)**。 ![重建代码空间的命令](/assets/images/help/codespaces/codespaces-rebuild.png) ### Codespaces 日志 -You can use the {% data variables.product.prodname_vscode_command_palette %} to access the codespace creation logs, or you can use it export all logs. +可以使用 {% data variables.product.prodname_vscode_command_palette %} 访问代码空间创建日志,也可以使用它导出所有日志。 -To retrieve the logs for Codespaces, [access the {% data variables.product.prodname_vscode_command_palette %}](#accessing-the-command-palette), then start typing "log". 选择 **Codespaces: Export Logs(Codespaces:导出日志)**以导出所有与 Codespaces 相关的日志,或选择 **Codespaces: View Creation Logs(Codespaces:查看创建日志)**以查看与设置相关的日志。 +要检索 Codespaces 的日志,[访问 {% data variables.product.prodname_vscode_command_palette %}](#accessing-the-command-palette),然后开始键入 "log"。 选择 **Codespaces: Export Logs(Codespaces:导出日志)**以导出所有与 Codespaces 相关的日志,或选择 **Codespaces: View Creation Logs(Codespaces:查看创建日志)**以查看与设置相关的日志。 ![访问日志的命令](/assets/images/help/codespaces/codespaces-logs.png) diff --git a/translations/zh-CN/content/codespaces/developing-in-codespaces/creating-a-codespace.md b/translations/zh-CN/content/codespaces/developing-in-codespaces/creating-a-codespace.md index 9ee02aab12..f13d002eb3 100644 --- a/translations/zh-CN/content/codespaces/developing-in-codespaces/creating-a-codespace.md +++ b/translations/zh-CN/content/codespaces/developing-in-codespaces/creating-a-codespace.md @@ -14,7 +14,7 @@ topics: - Codespaces - Fundamentals - Developer -shortTitle: Create a codespace +shortTitle: 创建代码空间 --- ## 关于代码空间的创建 diff --git a/translations/zh-CN/content/codespaces/developing-in-codespaces/deleting-a-codespace.md b/translations/zh-CN/content/codespaces/developing-in-codespaces/deleting-a-codespace.md index 3199aa5282..2e7a09d0b7 100644 --- a/translations/zh-CN/content/codespaces/developing-in-codespaces/deleting-a-codespace.md +++ b/translations/zh-CN/content/codespaces/developing-in-codespaces/deleting-a-codespace.md @@ -13,7 +13,7 @@ topics: - Codespaces - Fundamentals - Developer -shortTitle: Delete a codespace +shortTitle: 删除代码空间 --- diff --git a/translations/zh-CN/content/codespaces/developing-in-codespaces/using-codespaces-with-github-cli.md b/translations/zh-CN/content/codespaces/developing-in-codespaces/using-codespaces-with-github-cli.md index 4476c38f0b..089a99a913 100644 --- a/translations/zh-CN/content/codespaces/developing-in-codespaces/using-codespaces-with-github-cli.md +++ b/translations/zh-CN/content/codespaces/developing-in-codespaces/using-codespaces-with-github-cli.md @@ -13,7 +13,7 @@ topics: - Developer --- -## 关于 {% data variables.product.prodname_cli %} +## About {% data variables.product.prodname_cli %} {% data reusables.cli.about-cli %} For more information, see "[About {% data variables.product.prodname_cli %}](/github-cli/github-cli/about-github-cli)." @@ -28,22 +28,26 @@ You can work with {% data variables.product.prodname_codespaces %} in the {% da - [Modify ports in a codespace](#modify-ports-in-a-codespace) - [Access codespace logs](#access-codespace-logs) -## 安装 {% data variables.product.prodname_cli %} +## Installing {% data variables.product.prodname_cli %} {% data reusables.cli.cli-installation %} + +## Using {% data variables.product.prodname_cli %} -## 使用 {% data variables.product.prodname_cli %} - -If you have not already done so, run `gh auth login` to authenticate with your {% data variables.product.prodname_dotcom %} account. +If you have not already done so, run `gh auth login` to authenticate with your {% data variables.product.prodname_dotcom %} account. To use `gh` to work with {% data variables.product.prodname_codespaces %}, type `gh codespace ` or its alias `gh cs `. -As an example of a series of commands you might use to work with {% data variables.product.prodname_github_codespaces %}, you could: +As an example of a series of commands you might use to work with {% data variables.product.prodname_github_codespaces %}, you could: -* List your current codespaces, to check whether you have a codespace for a particular repository:
`gh codespace list` -* Create a new codespace for the required repository branch:
`gh codespace create -r github/docs -b main` -* SSH into the new codespace:
`gh codespace ssh -c mona-github-docs-v4qxrv7rfwv9w` -* Forward a port to your local machine:
`gh codespace ports forward 8000:8000 -c mona-github-docs-v4qxrv7rfwv9w` +* List your current codespaces, to check whether you have a codespace for a particular repository:
+ `gh codespace list` +* Create a new codespace for the required repository branch:
+ `gh codespace create -r github/docs -b main` +* SSH into the new codespace:
+ `gh codespace ssh -c mona-github-docs-v4qxrv7rfwv9w` +* Forward a port to your local machine:
+ `gh codespace ports forward 8000:8000 -c mona-github-docs-v4qxrv7rfwv9w` ## `gh` commands for {% data variables.product.prodname_github_codespaces %} @@ -71,7 +75,7 @@ The list includes the unique name of each codespace, which you can use in other gh codespace create -r owner/repository [-b branch] ``` -更多信息请参阅“[创建代码空间](/codespaces/developing-in-codespaces/creating-a-codespace)”。 +For more information, see "[Creating a codespace](/codespaces/developing-in-codespaces/creating-a-codespace)." ### Stop a codespace @@ -119,7 +123,7 @@ Use the prefix `remote:` on a file or directory name to indicate that it's on th The location of files and directories on the codespace is relative to the home directory of the remote user. -#### 示例 +#### Examples * Copy a file from the local machine to the `$HOME` directory of a codespace: @@ -167,13 +171,13 @@ You can set the visibility of a forwarded port. {% data reusables.codespaces.por gh codespace ports visibility codespace-port:private|org|public -c codespace-name ``` -You can set the visibility for multiple ports with one command. 例如: +You can set the visibility for multiple ports with one command. For example: ```shell gh codespace ports visibility 80:private 3000:public 3306:org -c codespace-name ``` -更多信息请参阅“[在代码空间中转发端口](/codespaces/developing-in-codespaces/forwarding-ports-in-your-codespace)”。 +For more information, see "[Forwarding ports in your codespace](/codespaces/developing-in-codespaces/forwarding-ports-in-your-codespace)." ### Access codespace logs diff --git a/translations/zh-CN/content/codespaces/the-githubdev-web-based-editor.md b/translations/zh-CN/content/codespaces/the-githubdev-web-based-editor.md index b120d57c0d..087e959b0e 100644 --- a/translations/zh-CN/content/codespaces/the-githubdev-web-based-editor.md +++ b/translations/zh-CN/content/codespaces/the-githubdev-web-based-editor.md @@ -21,7 +21,7 @@ redirect_from: {% endnote %} -## 关于 {% data variables.product.prodname_serverless %} +## About the {% data variables.product.prodname_serverless %} The {% data variables.product.prodname_serverless %} introduces a lightweight editing experience that runs entirely in your browser. With the {% data variables.product.prodname_serverless %}, you can navigate files and source code repositories from {% data variables.product.prodname_dotcom %}, and make and commit code changes. You can open any repository, fork, or pull request in the editor. @@ -37,19 +37,19 @@ You can open any {% data variables.product.prodname_dotcom %} repository in the - Press `.` while browsing any repository or pull request on {% data variables.product.prodname_dotcom %}. - Change the URL from "github.com" to "github.dev". - + ## {% data variables.product.prodname_codespaces %} and the {% data variables.product.prodname_serverless %} Both the {% data variables.product.prodname_serverless %} and {% data variables.product.prodname_codespaces %} allow you to edit your code straight from your repository. However, both have slightly different benefits, depending on your use case. -| | {% data variables.product.prodname_serverless %} | {% data variables.product.prodname_codespaces %} -| ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| **费用** | 免费. | Costs for compute and storage. For information on pricing, see "[Codespaces pricing](/en/billing/managing-billing-for-github-codespaces/about-billing-for-codespaces#codespaces-pricing)." | -| **可用性** | Available to everyone on GitHub.com. | Available for organizations using GitHub Team or GitHub Enterprise Cloud. | -| **Start up** | The {% data variables.product.prodname_serverless %} opens instantly with a key-press and you can start using it right away, without having to wait for additional configuration or installation. | When you create or resume a codespace, the codespace is assigned a VM and the container is configured based on the contents of a `devcontainer.json` file. This set up may take a few minutes to create the environment. For more information, see "[Creating a Codespace](/codespaces/developing-in-codespaces/creating-a-codespace)." | -| **Compute** | There is no associated compute, so you won’t be able to build and run your code or use the integrated terminal. | With {% data variables.product.prodname_codespaces %}, you get the power of dedicated VM on which you can run and debug your application. | -| **Terminal access** | 无. | {% data variables.product.prodname_codespaces %} provides a common set of tools by default, meaning that you can use the Terminal exactly as you would in your local environment. | -| **Extensions** | Only a subset of extensions that can run in the web will appear in the Extensions View and can be installed. For more information, see "[Using extensions](#using-extensions)." | With Codespaces, you can use most extensions from the Visual Studio Code Marketplace. | +|| {% data variables.product.prodname_serverless %} | {% data variables.product.prodname_codespaces %}| +|-|----------------|---------| +| **Cost** | Free. | Costs for compute and storage. For information on pricing, see "[Codespaces pricing](/en/billing/managing-billing-for-github-codespaces/about-billing-for-codespaces#codespaces-pricing)."| +| **Availability** | Available to everyone on GitHub.com. | Available for organizations using GitHub Team or GitHub Enterprise Cloud. | +| **Start up** | The {% data variables.product.prodname_serverless %} opens instantly with a key-press and you can start using it right away, without having to wait for additional configuration or installation. | When you create or resume a codespace, the codespace is assigned a VM and the container is configured based on the contents of a `devcontainer.json` file. This set up may take a few minutes to create the environment. For more information, see "[Creating a Codespace](/codespaces/developing-in-codespaces/creating-a-codespace)." | +| **Compute** | There is no associated compute, so you won’t be able to build and run your code or use the integrated terminal. | With {% data variables.product.prodname_codespaces %}, you get the power of dedicated VM on which you can run and debug your application.| +| **Terminal access** | None. | {% data variables.product.prodname_codespaces %} provides a common set of tools by default, meaning that you can use the Terminal exactly as you would in your local environment.| +| **Extensions** | Only a subset of extensions that can run in the web will appear in the Extensions View and can be installed. For more information, see "[Using extensions](#using-extensions)."| With Codespaces, you can use most extensions from the Visual Studio Code Marketplace.| ### Continue working on {% data variables.product.prodname_codespaces %} @@ -65,16 +65,16 @@ When you use the {% data variables.product.prodname_serverless %}, all actions a Because the web-based editor uses the GitHub Repositories extension to power its functionality, you can switch branches without needing to stash changes. For more information, see "[GitHub Repositories](https://code.visualstudio.com/docs/editor/github#_github-repositories-extension)" in the {% data variables.product.prodname_vscode %} documentation. -### 创建新分支 +### Create a new branch {% data reusables.codespaces.create-or-switch-branch %} Any uncommitted changes you have made in your old branch will be available on your new branch. ### Commit your changes -{% data reusables.codespaces.source-control-commit-changes %} +{% data reusables.codespaces.source-control-commit-changes %} 5. Once you have committed your changes, they will automatically be pushed to your branch on {% data variables.product.prodname_dotcom %}. -### 创建拉取请求 +### Create a pull request {% data reusables.codespaces.source-control-pull-request %} @@ -86,14 +86,14 @@ You can use the {% data variables.product.prodname_serverless %} to work with an 2. Press `.` to open the pull request in the {% data variables.product.prodname_serverless %}. 3. Once you have made any changes, commit them using the steps in [Commit your changes](#commit-your-changes). Your changes will be committed directly to the branch, it's not necessary to push the changes. -## 使用扩展 +## Using extensions The {% data variables.product.prodname_serverless %} supports {% data variables.product.prodname_vscode %} extensions that have been specifically created or updated to run in the web. These extensions are known as "web extensions". To learn how you can create a web extension or update your existing extension to work for the web, see "[Web extensions](https://code.visualstudio.com/api/extension-guides/web-extensions)" in the {% data variables.product.prodname_vscode %} documentation. Extensions that can run in the {% data variables.product.prodname_serverless %} will appear in the Extensions View and can be installed. If you use Settings Sync, any compatible extensions are also installed automatically. For information, see "[Settings Sync](https://code.visualstudio.com/docs/editor/settings-sync)" in the {% data variables.product.prodname_vscode %} documentation. -## 疑难解答 +## Troubleshooting If you have issues opening the {% data variables.product.prodname_serverless %}, try the following: diff --git a/translations/zh-CN/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md b/translations/zh-CN/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md index 9ac7dd220f..4872dac8ec 100644 --- a/translations/zh-CN/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md +++ b/translations/zh-CN/content/developers/apps/building-github-apps/creating-a-github-app-using-url-parameters.md @@ -59,39 +59,39 @@ shortTitle: 应用程序创建查询参数 您可以在查询字符串中选择权限:使用下表中的权限名称作为查询参数名称,使用权限类型作为查询值。 例如,要在用户界面中为 `contents` 选择 `Read & write` 权限,您的查询字符串将包括 `&contents=write`。 要在用户界面中为 `blocking` 选择 `Read-only` 权限,您的查询字符串将包括 `&blocking=read`。 要在用户界面中为 `checks` 选择 `no-access` ,您的查询字符串将包括 `checks` 权限。 -| 权限 | 描述 | -| -------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| 权限 | 描述 | +| -------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [`管理`](/rest/reference/permissions-required-for-github-apps/#permission-on-administration) | 对用于组织和仓库管理的各种端点授予访问权限。 可以是以下项之一:`none`、`read` 或 `write`。{% ifversion fpt or ghec %} | [`blocking`](/rest/reference/permissions-required-for-github-apps/#permission-on-blocking) | 授予对[阻止用户 API](/rest/reference/users#blocking) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。{% endif %} | [`检查`](/rest/reference/permissions-required-for-github-apps/#permission-on-checks) | 授予对[检查 API](/rest/reference/checks) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。{% ifversion ghes < 3.4 %} | `content_references` | 授予对“[创建内容附件](/rest/reference/apps#create-a-content-attachment)”端点的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。{% endif %} -| [`内容`](/rest/reference/permissions-required-for-github-apps/#permission-on-contents) | 对用于修改仓库内容的各种端点授予访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | +| [`内容`](/rest/reference/permissions-required-for-github-apps/#permission-on-contents) | 对用于修改仓库内容的各种端点授予访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | | [`部署`](/rest/reference/permissions-required-for-github-apps/#permission-on-deployments) | 授予对[部署 API](/rest/reference/repos#deployments) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。{% ifversion fpt or ghes or ghec %} | [`emails`](/rest/reference/permissions-required-for-github-apps/#permission-on-emails) | 授予对[电子邮件 API](/rest/reference/users#emails) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。{% endif %} -| [`关注者`](/rest/reference/permissions-required-for-github-apps/#permission-on-followers) | 授予对[关注者 API](/rest/reference/users#followers) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | -| [`gpg_keys`](/rest/reference/permissions-required-for-github-apps/#permission-on-gpg-keys) | 授予对[GPG 密钥 API](/rest/reference/users#gpg-keys) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | -| [`议题`](/rest/reference/permissions-required-for-github-apps/#permission-on-issues) | 授予对[议题 API](/rest/reference/issues) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | -| [`键`](/rest/reference/permissions-required-for-github-apps/#permission-on-keys) | 授予对[公钥 API](/rest/reference/users#keys) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | +| [`关注者`](/rest/reference/permissions-required-for-github-apps/#permission-on-followers) | 授予对[关注者 API](/rest/reference/users#followers) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | +| [`gpg_keys`](/rest/reference/permissions-required-for-github-apps/#permission-on-gpg-keys) | 授予对[GPG 密钥 API](/rest/reference/users#gpg-keys) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | +| [`议题`](/rest/reference/permissions-required-for-github-apps/#permission-on-issues) | 授予对[议题 API](/rest/reference/issues) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | +| [`键`](/rest/reference/permissions-required-for-github-apps/#permission-on-keys) | 授予对[公钥 API](/rest/reference/users#keys) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | | [`members`](/rest/reference/permissions-required-for-github-apps/#permission-on-members) | 授予管理组织成员的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。{% ifversion fpt or ghec %} -| [`元数据`](/rest/reference/permissions-required-for-github-apps/#metadata-permissions) | 授予对不泄漏敏感数据的只读端点的访问权限。 可以是 `read` 或 `none`。 设置任何权限时,默认值为 `read`;没有为 {% data variables.product.prodname_github_app %} 指定任何权限时,默认值为 `none`。 | +| [`元数据`](/rest/reference/permissions-required-for-github-apps/#metadata-permissions) | 授予对不泄漏敏感数据的只读端点的访问权限。 可以是 `read` 或 `none`。 设置任何权限时,默认值为 `read`;没有为 {% data variables.product.prodname_github_app %} 指定任何权限时,默认值为 `none`。 | | [`organization_administration`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-administration) | 授予对“[更新组织](/rest/reference/orgs#update-an-organization)”端点和[组织交互限制 API](/rest/reference/interactions#set-interaction-restrictions-for-an-organization) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。{% endif %} -| [`organization_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-hooks) | 授予对[组织 web 挂钩 API](/rest/reference/orgs#webhooks/) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | -| `organization_plan` | 授予使用“[获取组织](/rest/reference/orgs#get-an-organization)”端点获取有关组织计划的信息的权限。 可以是以下项之一:`none` 或 `read`。 | +| [`organization_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-hooks) | 授予对[组织 web 挂钩 API](/rest/reference/orgs#webhooks/) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | +| `organization_plan` | 授予使用“[获取组织](/rest/reference/orgs#get-an-organization)”端点获取有关组织计划的信息的权限。 可以是以下项之一:`none` 或 `read`。 | | [`organization_projects`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-projects) | 授予对[项目 API](/rest/reference/projects) 的访问权限。 可以是以下项之一:`none`、`read`、`write` 或 `admin`。{% ifversion fpt or ghec %} | [`organization_user_blocking`](/rest/reference/permissions-required-for-github-apps/#permission-on-organization-projects) | 授予对[阻止组织用户 API](/rest/reference/orgs#blocking) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。{% endif %} -| [`页面`](/rest/reference/permissions-required-for-github-apps/#permission-on-pages) | 授予对[页面 API](/rest/reference/repos#pages) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | -| `plan` | 授予使用“[获取用户](/rest/reference/users#get-a-user)”端点获取有关用户 GitHub 计划的信息的权限。 可以是以下项之一:`none` 或 `read`。 | -| [`pull_requests`](/rest/reference/permissions-required-for-github-apps/#permission-on-pull-requests) | 授予对各种拉取请求端点的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | -| [`repository_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-hooks) | 授予对[仓库 web 挂钩 API](/rest/reference/repos#hooks) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | +| [`页面`](/rest/reference/permissions-required-for-github-apps/#permission-on-pages) | 授予对[页面 API](/rest/reference/repos#pages) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | +| `plan` | 授予使用“[获取用户](/rest/reference/users#get-a-user)”端点获取有关用户 GitHub 计划的信息的权限。 可以是以下项之一:`none` 或 `read`。 | +| [`pull_requests`](/rest/reference/permissions-required-for-github-apps/#permission-on-pull-requests) | 授予对各种拉取请求端点的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | +| [`repository_hooks`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-hooks) | 授予对[仓库 web 挂钩 API](/rest/reference/repos#hooks) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | | [`repository_projects`](/rest/reference/permissions-required-for-github-apps/#permission-on-repository-projects) | 授予对[项目 API](/rest/reference/projects) 的访问权限。 可以是以下项之一:`none`、`read`、`write` 或 `admin`。{% ifversion fpt or ghes or ghec %} | [`secret_scanning_alerts`](/rest/reference/permissions-required-for-github-apps/#permission-on-secret-scanning-alerts) | 授予对[密钥扫描 API](/rest/reference/secret-scanning) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。{% endif %}{% ifversion fpt or ghes or ghec %} | [`security_events`](/rest/reference/permissions-required-for-github-apps/#permission-on-security-events) | 授予对[代码扫描 API](/rest/reference/code-scanning/) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。{% endif %} -| [`single_file`](/rest/reference/permissions-required-for-github-apps/#permission-on-single-file) | 授予对[内容 API](/rest/reference/repos#contents) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | -| [`标星`](/rest/reference/permissions-required-for-github-apps/#permission-on-starring) | 授予对[标星 API](/rest/reference/activity#starring) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | -| [`状态`](/rest/reference/permissions-required-for-github-apps/#permission-on-statuses) | 授予对[状态 API](/rest/reference/commits#commit-statuses) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | +| [`single_file`](/rest/reference/permissions-required-for-github-apps/#permission-on-single-file) | 授予对[内容 API](/rest/reference/repos#contents) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | +| [`标星`](/rest/reference/permissions-required-for-github-apps/#permission-on-starring) | 授予对[标星 API](/rest/reference/activity#starring) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | +| [`状态`](/rest/reference/permissions-required-for-github-apps/#permission-on-statuses) | 授予对[状态 API](/rest/reference/commits#commit-statuses) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。 | | [`team_discussions`](/rest/reference/permissions-required-for-github-apps/#permission-on-team-discussions) | 授予对[团队讨论 API](/rest/reference/teams#discussions) 和[团队讨论注释 API](/rest/reference/teams#discussion-comments) 的访问权限。 可以是以下项之一:`none`、`read` 或 `write`。{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} -| `vulnerability_alerts` | 授予接收仓库漏洞依赖项安全警报的权限。 更多信息请参阅“[关于漏洞依赖项的警报](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)”。 可以是以下项之一:`none` 或 `read`。{% endif %} -| `关注` | 授予列出和更改用户订阅的仓库的权限。 可以是以下项之一:`none`、`read` 或 `write`。 | +| `vulnerability_alerts` | 授予接收存储库中易受攻击的依赖项 {% data variables.product.prodname_dependabot_alerts %}。 请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)”以了解更多信息。 可以是以下项之一:`none` 或 `read`。{% endif %} +| `关注` | 授予列出和更改用户订阅的仓库的权限。 可以是以下项之一:`none`、`read` 或 `write`。 | ## {% data variables.product.prodname_github_app %} web 挂钩事件 diff --git a/translations/zh-CN/content/developers/apps/building-github-apps/creating-a-github-app.md b/translations/zh-CN/content/developers/apps/building-github-apps/creating-a-github-app.md index 8639909d3a..5756f60dba 100644 --- a/translations/zh-CN/content/developers/apps/building-github-apps/creating-a-github-app.md +++ b/translations/zh-CN/content/developers/apps/building-github-apps/creating-a-github-app.md @@ -46,7 +46,8 @@ topics: {% endif %} 1. 默认情况下,为了提高应用程序的安全性,应用程序将使用过期用户授权令牌。 要选择不使用过期用户令牌,您必须取消选中“Expire user authorization tokens(过期用户授权令牌)”。 要了解有关设置刷新令牌流程和过期用户令牌的好处,请参阅“[刷新用户到服务器的访问令牌](/apps/building-github-apps/refreshing-user-to-server-access-tokens/)”。 ![在 GitHub 应用程序设置过程中选择加入过期用户令牌的选项](/assets/images/github-apps/expire-user-tokens-selection.png) -1. 如果应用程序授权用户使用 OAuth 流程,您可以选择**在安装过程中请求用户授权 (OAuth)**,以允许用户在安装应用程序时授权它,从而省去一个步骤。 如果您选择此选项,则“设置 URL”将不可用,用户在安装应用程序后将被重定向到您的“用户授权回调 URL”。 更多信息请参阅“[在安装过程中授权用户](/apps/installing-github-apps/#authorizing-users-during-installation)”。 ![安装过程中请求用户授权](/assets/images/github-apps/github_apps_request_auth_upon_install.png) +1. 如果应用程序授权用户使用 OAuth 流程,您可以选择**在安装过程中请求用户授权 (OAuth)**,以允许用户在安装应用程序时授权它,从而省去一个步骤。 如果您选择此选项,则“设置 URL”将不可用,用户在安装应用程序后将被重定向到您的“用户授权回调 URL”。 更多信息请参阅“[在安装过程中授权用户](/apps/installing-github-apps/#authorizing-users-during-installation)”。 ![Request user authorization during installation](/assets/images/github-apps/github_apps_request_auth_upon_install.png){% if device-flow-is-opt-in %} +1. 如果您的 GitHub 应用程序将使用设备流来识别和授权用户,请单击 **Enable Device Flow(启用设备流)**。 有关设备流的更多信息,请参阅“[授权 OAuth 应用程序](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)”。 ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} 1. 如果安装后需要附加设置,请添加一个“设置 URL”以便在用户安装应用程序后重定向他们。 ![GitHub 应用程序的设置 URL 字段 ](/assets/images/github-apps/github_apps_setup_url.png) {% note %} diff --git a/translations/zh-CN/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md b/translations/zh-CN/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md index 50e8b2b9c8..0d38a29370 100644 --- a/translations/zh-CN/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md +++ b/translations/zh-CN/content/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps.md @@ -127,7 +127,7 @@ curl -H "Authorization: token OAUTH-TOKEN" {% data variables.product.api_url_pre 设备流程允许您授权用户使用无头应用程序,例如 CLI 工具或 Git 凭据管理器。 -有关使用设备流程授权用户的更多信息,请参阅“[授权 OAuth 应用程序](/developers/apps/authorizing-oauth-apps#device-flow)”。 +{% if device-flow-is-opt-in %}在使用设备流识别和授权用户之前,必须先在应用的设置中启用它。 有关启用设备流的详细信息,请参阅“[修改 GitHub 应用程序](/developers/apps/managing-github-apps/modifying-a-github-app)”。 {% endif %}有关使用设备流程授权用户的更多信息,请参阅“[授权 OAuth 应用程序](/developers/apps/authorizing-oauth-apps#device-flow)”。 ## 检查用户可以访问哪些安装资源 diff --git a/translations/zh-CN/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md b/translations/zh-CN/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md index 877609a529..e81f5f7f50 100644 --- a/translations/zh-CN/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md +++ b/translations/zh-CN/content/developers/apps/building-oauth-apps/authorizing-oauth-apps.md @@ -126,6 +126,12 @@ curl -H "Authorization: token OAUTH-TOKEN" {% data variables.product.api_url_pre 设备流程允许您授权用户使用无头应用程序,例如 CLI 工具或 Git 凭据管理器。 +{% if device-flow-is-opt-in %} + +在使用设备流识别和授权用户之前,必须先在应用的设置中启用它。 有关在应用中启用设备流的详细信息,请参阅“[修改 OAuth 应用程序](/developers/apps/managing-oauth-apps/modifying-an-oauth-app)”(对于 OAuth 应用程序)和“[修改 GitHub 应用程序](/developers/apps/managing-github-apps/modifying-a-github-app)”(对于 GitHub 应用程序)。 + +{% endif %} + ### 设备流程概述 1. 您的应用程序会请求设备和用户验证码,并获取用户将在其中输入用户验证码的授权 URL。 @@ -255,10 +261,12 @@ Accept: application/xml | `unsupported_grant_type` | 授予类型必须为 `urn:ietf:params:oauth:grant-type:device_code`,并在您轮询 OAuth 令牌请求 `POST {% data variables.product.oauth_host_code %}/login/oauth/access_token` 时作为输入参数包括在内。 | | `incorrect_client_credentials` | 对于设备流程,您必须传递应用程序的客户端 ID,您可以在应用程序设置页面上找到该 ID。 设备流程不需要 `client_secret`。 | | `incorrect_device_code` | 提供的 device_code 无效。 | -| `access_denied` | 当用户在授权过程中单击取消时,您将收到 `access_denied` 错误,用户将无法再次使用验证码。 | +| `access_denied` | 当用户在授权过程中单击取消时,您将收到 `access_denied` 错误,用户将无法再次使用验证码。{% if device-flow-is-opt-in %} +| `device_flow_disabled` | 尚未在应用的设置中启用设备流。 更多信息请参阅“[设备流](#device-flow)”。{% endif %} 更多信息请参阅“[OAuth 2.0 设备授权授予](https://tools.ietf.org/html/rfc8628#section-3.5)”。 + ## 非 Web 应用程序流程 非 web 身份验证适用于测试等有限的情况。 如果您需要,可以使用[基本验证](/rest/overview/other-authentication-methods#basic-authentication),通过[个人访问令牌设置页面](/articles/creating-an-access-token-for-command-line-use)创建个人访问令牌。 此方法支持用户随时撤销访问权限。 diff --git a/translations/zh-CN/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md b/translations/zh-CN/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md index 7690a9b48a..3bb9c8fba6 100644 --- a/translations/zh-CN/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md +++ b/translations/zh-CN/content/developers/apps/building-oauth-apps/creating-an-oauth-app.md @@ -49,5 +49,6 @@ topics: **注:**与 {% data variables.product.prodname_github_apps %} 不同,OAuth 应用程序不能有多个回调 URL。 {% endnote %} -{% endif %} -10. 单击 **Register application(注册应用程序)**。 ![注册应用程序的按钮](/assets/images/oauth-apps/oauth_apps_register_application.png) +{% endif %}{% if device-flow-is-opt-in %} +1. 如果您的 OAuth 应用将使用设备流来识别和授权用户,请单击 **Enable Device Flow(启用设备流)**。 有关设备流的更多信息,请参阅“[授权 OAuth 应用程序](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)”。 ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} +2. 单击 **Register application(注册应用程序)**。 ![注册应用程序的按钮](/assets/images/oauth-apps/oauth_apps_register_application.png) diff --git a/translations/zh-CN/content/developers/apps/managing-github-apps/modifying-a-github-app.md b/translations/zh-CN/content/developers/apps/managing-github-apps/modifying-a-github-app.md index 8fcae91eb1..7ea7f27171 100644 --- a/translations/zh-CN/content/developers/apps/managing-github-apps/modifying-a-github-app.md +++ b/translations/zh-CN/content/developers/apps/managing-github-apps/modifying-a-github-app.md @@ -18,5 +18,6 @@ topics: {% data reusables.user-settings.developer_settings %} {% data reusables.user-settings.github_apps %} {% data reusables.user-settings.modify_github_app %} -5. 在“Basic information(基本信息)”中,修改您要更改的 GitHub 应用程序信息。 ![GitHub 应用程序的基本信息部分](/assets/images/github-apps/github_apps_basic_information.png) +5. 在“Basic information(基本信息)”中,修改您要更改的 GitHub 应用程序信息。 ![Basic information section for your GitHub App](/assets/images/github-apps/github_apps_basic_information.png){% if device-flow-is-opt-in %} +1. 如果您的 GitHub 应用程序将使用设备流来识别和授权用户,请单击 **Enable device flow(启用设备流)**。 有关设备流的更多信息,请参阅“[授权 OAuth 应用程序](/developers/apps/building-oauth-apps/authorizing-oauth-apps#device-flow)”。 ![Screenshot showing field for enabling device flow](/assets/images/oauth-apps/enable-device-flow.png){% endif %} 6. 单击 **Save changes(保存更改)**。 ![保存 GitHub 应用程序更改的按钮](/assets/images/github-apps/github_apps_save_changes.png) diff --git a/translations/zh-CN/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md b/translations/zh-CN/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md index 7370b55b41..7bc2f20cd5 100644 --- a/translations/zh-CN/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md +++ b/translations/zh-CN/content/developers/github-marketplace/github-marketplace-overview/about-github-marketplace.md @@ -49,7 +49,7 @@ When you have finished creating your app, you can share it with other users by p 1. Add a pricing plan. For more information, see "[Setting pricing plans for your listing](/developers/github-marketplace/setting-pricing-plans-for-your-listing)." -1. Read and accept the terms of the "[{% data variables.product.prodname_marketplace %} Developer Agreement](/free-pro-team@latest/github/site-policy/github-marketplace-developer-agreement." +1. Read and accept the terms of the "[{% data variables.product.prodname_marketplace %} Developer Agreement](/free-pro-team@latest/github/site-policy/github-marketplace-developer-agreement)." 1. Submit your listing for publication in {% data variables.product.prodname_marketplace %}. For more information, see "[Submitting your listing for publication](/developers/github-marketplace/submitting-your-listing-for-publication)." diff --git a/translations/zh-CN/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md b/translations/zh-CN/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md index 74f8884633..80af36c2eb 100644 --- a/translations/zh-CN/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md +++ b/translations/zh-CN/content/developers/github-marketplace/using-the-github-marketplace-api-in-your-app/webhook-events-for-the-github-marketplace-api.md @@ -46,17 +46,17 @@ Web 挂钩 `POST` 请求具有特殊标头。 有关详细信息,请参阅“[ `plan` 对象含有以下键: -| 键 | 类型 | 描述 | -| ------------------------ | ------- | -------------------------------------------------- | -| `id` | `整数` | 此计划的唯一标识符。 | -| `name` | `字符串` | 计划的名称。 | -| `说明` | `字符串` | 此计划的说明。 | -| `monthly_price_in_cents` | `整数` | 此计划的每月价格(以美分为单位)。 例如,每月费用 10 美元的商品将显示价格 1000 美分。 | -| `yearly_price_in_cents` | `整数` | 此计划的每年价格(以美分为单位)。 例如,每月费用 100 美元的商品将显示价格 10000 美分。 | -| `price_model` | `字符串` | 此商品的定价模型。 可以是 `flat-rate`、`per-unit` 或 `free` 之一。 | -| `has_free_trial` | `布尔值` | 当此商品提供免费试用时,该值为 `true`。 | -| `unit_name` | `字符串` | 单位的名称。 如果定价模型不是 `per-unit`,则该值为 `nil`。 | -| `bullet` | `字符串数组` | 定价计划中设置的项目符号的名称。 | +| 键 | 类型 | 描述 | +| ------------------------ | ------- | --------------------------------------------------- | +| `id` | `整数` | 此计划的唯一标识符。 | +| `name` | `字符串` | 计划的名称。 | +| `说明` | `字符串` | 此计划的说明。 | +| `monthly_price_in_cents` | `整数` | 此计划的每月价格(以美分为单位)。 例如,每月费用 10 美元的商品将显示价格 1000 美分。 | +| `yearly_price_in_cents` | `整数` | 此计划的每年价格(以美分为单位)。 例如,每月费用 100 美元的商品将显示价格 120000 美分。 | +| `price_model` | `字符串` | 此商品的定价模型。 可以是 `flat-rate`、`per-unit` 或 `free` 之一。 | +| `has_free_trial` | `布尔值` | 当此商品提供免费试用时,该值为 `true`。 | +| `unit_name` | `字符串` | 单位的名称。 如果定价模型不是 `per-unit`,则该值为 `nil`。 | +| `bullet` | `字符串数组` | 定价计划中设置的项目符号的名称。 |
diff --git a/translations/zh-CN/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md b/translations/zh-CN/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md index 068987fef5..f8a41f590f 100644 --- a/translations/zh-CN/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md +++ b/translations/zh-CN/content/developers/webhooks-and-events/webhooks/webhook-events-and-payloads.md @@ -1246,7 +1246,7 @@ Web 挂钩事件是基于您注册的域的特异性而触发的。 例如,如 与已由 {% data variables.product.company_short %} 审查的安全通告相关的活动。 经过 {% data variables.product.company_short %} 审查的安全通告提供了有关 {% data variables.product.prodname_dotcom %}上软件中安全相关漏洞的信息。 -安全通告数据集还为 GitHub {% data variables.product.prodname_dependabot_alerts %} 提供支持。 更多信息请参阅“[关于易受攻击的依赖项的警报](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)”。 +安全通告数据集还为 GitHub {% data variables.product.prodname_dependabot_alerts %} 提供支持。 更多信息请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)”。 ### 可用性 diff --git a/translations/zh-CN/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md b/translations/zh-CN/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md index e2b73c6a07..a5681e753d 100644 --- a/translations/zh-CN/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md +++ b/translations/zh-CN/content/get-started/privacy-on-github/about-githubs-use-of-your-data.md @@ -20,7 +20,7 @@ shortTitle: GitHub 对您的数据的使用 {% data reusables.repositories.about-github-archive-program %} 更多信息请参阅“[关于在 {% data variables.product.prodname_dotcom %} 上存档内容](/github/creating-cloning-and-archiving-repositories/about-archiving-content-and-data-on-github#about-the-github-archive-program)”。 -{% data reusables.user-settings.export-data %} For more information, see "[Requesting an archive of your personal account's data](/articles/requesting-an-archive-of-your-personal-account-s-data)." +{% data reusables.user-settings.export-data %} 更多信息请参阅“[请求个人帐户数据的存档](/articles/requesting-an-archive-of-your-personal-account-s-data)”。 如果您选择使用私人仓库的数据,我们将继续按照[服务条款](/free-pro-team@latest/github/site-policy/github-terms-of-service),将您的私人数据、源代码或商业秘密视为机密和私密。 我们了解的信息只来自汇总的数据。 更多信息请参阅“[管理私有仓库的数据使用设置](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)”。 @@ -28,7 +28,7 @@ shortTitle: GitHub 对您的数据的使用 ## 数据如何改进安全建议 -例如,在使用您的数据时,我们可能会检测您的公共仓库依赖项中的安全漏洞并提醒您。 更多信息请参阅“[关于易受攻击的依赖项的警报](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 +例如,在使用您的数据时,我们可能会检测您的公共仓库依赖项中的安全漏洞并提醒您。 更多信息请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 为检测潜在安全漏洞,{% data variables.product.product_name %} 会扫描依赖项清单文件的内容,以列出项目的依赖项。 diff --git a/translations/zh-CN/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md b/translations/zh-CN/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md index 8229beefb9..d7b42f45ee 100644 --- a/translations/zh-CN/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md +++ b/translations/zh-CN/content/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository.md @@ -16,7 +16,7 @@ shortTitle: Manage data use for private repo ## About data use for your private repository -When you enable data use for your private repository, you'll be able to access the dependency graph, where you can track your repository's dependencies and receive {% data variables.product.prodname_dependabot_alerts %} when {% data variables.product.product_name %} detects vulnerable dependencies. For more information, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)." +When you enable data use for your private repository, you'll be able to access the dependency graph, where you can track your repository's dependencies and receive {% data variables.product.prodname_dependabot_alerts %} when {% data variables.product.product_name %} detects vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)." ## Enabling or disabling data use features @@ -32,5 +32,5 @@ When you enable data use for your private repository, you'll be able to access t ## Further reading - "[About {% data variables.product.prodname_dotcom %}'s use of your data](/articles/about-github-s-use-of-your-data)" -- "[Viewing and updating vulnerable dependencies in your repository](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" +- "[Viewing {% data variables.product.prodname_dependabot_alerts %} for vulnerable dependencies](/github/managing-security-vulnerabilities/viewing-and-updating-vulnerable-dependencies-in-your-repository)" - "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" diff --git a/translations/zh-CN/content/get-started/quickstart/contributing-to-projects.md b/translations/zh-CN/content/get-started/quickstart/contributing-to-projects.md index 467afad64f..8f3eeaf8ae 100644 --- a/translations/zh-CN/content/get-started/quickstart/contributing-to-projects.md +++ b/translations/zh-CN/content/get-started/quickstart/contributing-to-projects.md @@ -1,6 +1,6 @@ --- title: 参与项目 -intro: Learn how to contribute to a project through forking. +intro: 了解如何通过复刻参与项目。 permissions: '{% data reusables.enterprise-accounts.emu-permission-fork %}' versions: fpt: '*' @@ -14,25 +14,25 @@ topics: - Open Source --- -## About forking +## 关于复刻 -After using GitHub by yourself for a while, you may find yourself wanting to contribute to someone else’s project. Or maybe you’d like to use someone’s project as the starting point for your own. This process is known as forking. +在自己使用 GitHub 一段时间后,您可能会发现自己也想参与别人的项目。 或者,也许您想使用某人的项目作为自己项目的起点。 此过程称为复刻。 -Creating a "fork" is producing a personal copy of someone else's project. Forks act as a sort of bridge between the original repository and your personal copy. You can submit pull requests to help make other people's projects better by offering your changes up to the original project. Forking is at the core of social coding at GitHub. 更多信息请参阅“[复刻仓库](/get-started/quickstart/fork-a-repo)”。 +创建“复刻”就是生成他人项目的个人副本。 复刻可作为原始存储库和个人副本之间的桥梁。 您可以提交拉取请求,通过提供对原始项目的更改来帮助改善其他人的项目。 复刻是 GitHub 社交编码的核心。 更多信息请参阅“[复刻仓库](/get-started/quickstart/fork-a-repo)”。 ## 复刻仓库 -This tutorial uses [the Spoon-Knife project](https://github.com/octocat/Spoon-Knife), a test repository that's hosted on {% data variables.product.prodname_dotcom_the_website %} that lets you test the fork and pull request workflow. +本教程使用 [Spoon-Knife 项目](https://github.com/octocat/Spoon-Knife),这是一个托管在 {% data variables.product.prodname_dotcom_the_website %} 上的测试存储库,可让您测试复刻和拉取请求工作流程。 -1. Navigate to the `Spoon-Knife` project at https://github.com/octocat/Spoon-Knife. -2. Click **Fork**. ![复刻按钮](/assets/images/help/repository/fork_button.jpg) -1. {% data variables.product.product_name %} will take you to your copy (your fork) of the Spoon-Knife repository. +1. 导航到 `Spoon-Knife` project at https://github.com/octocat/Spoon-Knife。 +2. 单击 **Fork(复刻)**。 ![复刻按钮](/assets/images/help/repository/fork_button.jpg) +1. {% data variables.product.product_name %} 将带您进入 Spoon-Knife 存储库的副本(您的复刻)。 -## Cloning a fork +## 克隆复刻 -You've successfully forked the Spoon-Knife repository, but so far, it only exists on {% data variables.product.product_name %}. To be able to work on the project, you will need to clone it to your computer. +您已经成功复刻了 Spoon-Knife 存储库,但到目前为止,它仅存在于 {% data variables.product.product_name %} 上。 为了能够处理该项目,您需要将其克隆到您的计算机。 -You can clone your fork with the command line, {% data variables.product.prodname_cli %}, or {% data variables.product.prodname_desktop %}. +您可以使用命令行、{% data variables.product.prodname_cli %} 或 {% data variables.product.prodname_desktop %} 克隆复刻。 {% webui %} @@ -79,11 +79,11 @@ gh repo fork repository --clone=true {% enddesktop %} -## Making and pushing changes +## 创建和推送更改 -Go ahead and make a few changes to the project using your favorite text editor, like [Atom](https://atom.io). You could, for example, change the text in `index.html` to add your GitHub username. +继续使用您喜欢的文本编辑器对项目进行一些更改,例如 [Atom](https://atom.io)。 例如,您可以更改 `index.html` 中的文本以添加您的 GitHub 用户名。 -When you're ready to submit your changes, stage and commit your changes. `git add .` tells Git that you want to include all of your changes in the next commit. `git commit` takes a snapshot of those changes. +当您准备好提交更改时,请暂存并提交更改。 `git add .` 告诉 Git 您希望在下一次提交中包含所有更改。 `git commit` 会拍摄这些更改的快照。 {% webui %} @@ -105,13 +105,13 @@ git commit -m "a short description of the change" {% desktop %} -For more information about how to stage and commit changes in {% data variables.product.prodname_desktop %}, see "[Committing and reviewing changes to your project](/desktop/contributing-and-collaborating-using-github-desktop/making-changes-in-a-branch/committing-and-reviewing-changes-to-your-project#selecting-changes-to-include-in-a-commit)." +有关如何在 {% data variables.product.prodname_desktop %} 中暂存和提交更改的详细信息,请参阅“[提交和审阅对项目的更改](/desktop/contributing-and-collaborating-using-github-desktop/making-changes-in-a-branch/committing-and-reviewing-changes-to-your-project#selecting-changes-to-include-in-a-commit)”。 {% enddesktop %} -When you stage and commit files, you essentially tell Git, "Okay, take a snapshot of my changes!" You can continue to make more changes, and take more commit snapshots. +暂存和提交文件时,您主要是告诉 Git:“好吧,拍摄我的更改快照!” 您可以继续进行更多更改,并拍摄更多提交快照。 -Right now, your changes only exist locally. When you're ready to push your changes up to {% data variables.product.product_name %}, push your changes to the remote. +目前,您的更改仅存在于本地。 当您准备好将更改推送到 {% data variables.product.product_name %} 时,请将更改推送到远程。 {% webui %} @@ -131,24 +131,24 @@ git push {% desktop %} -For more information about how to push changes in {% data variables.product.prodname_desktop %}, see "[Pushing changes to GitHub](/desktop/contributing-and-collaborating-using-github-desktop/making-changes-in-a-branch/pushing-changes-to-github)." +有关如何在 {% data variables.product.prodname_desktop %} 中推送更改的详细信息,请参阅“[将更改推送到 GitHub](/desktop/contributing-and-collaborating-using-github-desktop/making-changes-in-a-branch/pushing-changes-to-github)”。 {% enddesktop %} -## Making a pull request +## 创建拉取请求 -At last, you're ready to propose changes into the main project! This is the final step in producing a fork of someone else's project, and arguably the most important. If you've made a change that you feel would benefit the community as a whole, you should definitely consider contributing back. +最后,您可以对主项目提出更改建议了! 这是产生他人项目复刻的最后一步,可以说是最重要的一步。 如果您做了您认为有益于整个社区的改变,绝对应该考虑回馈社区。 -To do so, head on over to the repository on {% data variables.product.product_name %} where your project lives. For this example, it would be at `https://www.github.com//Spoon-Knife`. You'll see a banner indicating that your branch is one commit ahead of `octocat:main`. Click **Contribute** and then **Open a pull request**. +为此,请转到项目所在的 {% data variables.product.product_name %} 存储库。 对于此示例,它将位于 `https://www.github.com//Spoon-Knife`。 您将看到一个横幅,指示您的分支是 `octocat:main` 之前的一个提交。 单击 **Contribute(贡献)**,然后单击 **Open a pull request(打开拉取请求)**。 -{% data variables.product.product_name %} will bring you to a page that shows the differences between your fork and the `octocat/Spoon-Knife` repository. 单击 **Create pull request(创建拉取请求)**。 +{% data variables.product.product_name %} 将带您进入一个页面,其中显示了您的复刻与 `octocat/Spoon-Knife` 存储库之间的差异。 单击 **Create pull request(创建拉取请求)**。 -{% data variables.product.product_name %} will bring you to a page where you can enter a title and a description of your changes. It's important to provide as much useful information and a rationale for why you're making this pull request in the first place. The project owner needs to be able to determine whether your change is as useful to everyone as you think it is. Finally, click **Create pull request**. +{% data variables.product.product_name %} 将带您进入一个页面,您可以在其中输入更改的标题和说明。 重要的是要提供尽可能多的有用信息,在首要位置说明您提出此拉取请求的理由。 项目所有者需要能够确定您的更改是否像您认为的那样对每个人都有用。 最后,单击 **Create pull request(创建拉取请求)**。 -## Managing feedback +## 管理反馈 -Pull Requests are an area for discussion. In this case, the Octocat is very busy, and probably won't merge your changes. For other projects, don't be offended if the project owner rejects your pull request, or asks for more information on why it's been made. It may even be that the project owner chooses not to merge your pull request, and that's totally okay. Your copy will exist in infamy on the Internet. And who knows--maybe someone you've never met will find your changes much more valuable than the original project. +拉取请求是一个讨论区域。 在这种情况下,Octocat 非常繁忙,可能不会合并您的更改。 对于其他项目,如果项目所有者拒绝您的拉取请求,或者要求提供有关请求原因的更多信息,请不要生气。 甚至可能是项目所有者选择不合并您的拉取请求,这完全没问题。 您的副本将存在于互联网上。 谁知道呢 - 也许您从未见过的人会发现您的更改比原始项目更有价值。 -## Finding projects +## 查找项目 -You've successfully forked and contributed back to a repository. Go forth, and contribute some more!{% ifversion fpt %} For more information, see "[Finding ways to contribute to open source on GitHub](/get-started/exploring-projects-on-github/finding-ways-to-contribute-to-open-source-on-github)."{% endif %} +您已成功复刻并回馈存储库。 去吧, 再贡献一些!{% ifversion fpt %} 更多信息请参阅“[在 GitHub上查找为开源做出贡献的方法](/get-started/exploring-projects-on-github/finding-ways-to-contribute-to-open-source-on-github)”。{% endif %} diff --git a/translations/zh-CN/content/get-started/quickstart/fork-a-repo.md b/translations/zh-CN/content/get-started/quickstart/fork-a-repo.md index 6ef8d49d2a..d572564bde 100644 --- a/translations/zh-CN/content/get-started/quickstart/fork-a-repo.md +++ b/translations/zh-CN/content/get-started/quickstart/fork-a-repo.md @@ -22,7 +22,7 @@ topics: ## 关于复刻 -复刻最常见的用法是对其他人的项目提出更改或将其他人的项目用作自己创意的起点。 您可以复刻仓库以创建仓库的副本,并在不影响上游仓库的情况下进行更改。 更多信息请参阅“[使用复刻](/github/collaborating-with-issues-and-pull-requests/working-with-forks)”。 +Most commonly, forks are used to either propose changes to someone else's project to which you don't have write access, or to use someone else's project as a starting point for your own idea. 您可以复刻仓库以创建仓库的副本,并在不影响上游仓库的情况下进行更改。 更多信息请参阅“[使用复刻](/github/collaborating-with-issues-and-pull-requests/working-with-forks)”。 ### 对其他人的项目提出更改 diff --git a/translations/zh-CN/content/get-started/quickstart/hello-world.md b/translations/zh-CN/content/get-started/quickstart/hello-world.md index a00bf2dc99..cfd87b1125 100644 --- a/translations/zh-CN/content/get-started/quickstart/hello-world.md +++ b/translations/zh-CN/content/get-started/quickstart/hello-world.md @@ -1,6 +1,6 @@ --- title: Hello World -intro: 'Follow this Hello World exercise to get started with {% data variables.product.product_name %}.' +intro: '按照此 Hello World 练习开始使用 {% data variables.product.product_name %}。' versions: fpt: '*' ghes: '*' @@ -15,136 +15,136 @@ miniTocMaxHeadingLevel: 3 ## 简介 -{% data variables.product.product_name %} is a code hosting platform for version control and collaboration. It lets you and others work together on projects from anywhere. +{% data variables.product.product_name %} 是一个用于版本控制和协作的代码托管平台。 它允许您和其他人随时随地协同处理项目。 -This tutorial teaches you {% data variables.product.product_name %} essentials like repositories, branches, commits, and pull requests. You'll create your own Hello World repository and learn {% data variables.product.product_name %}'s pull request workflow, a popular way to create and review code. +本教程培训 {% data variables.product.product_name %} 的基本知识,如存储库、分支、提交和拉取请求等。 您将创建自己的 Hello World 存储库,并了解 {% data variables.product.product_name %} 的拉取请求工作流,这是创建和查看代码的常用方法。 -In this quickstart guide, you will: +在本快速入门指南中,您将: -* Create and use a repository -* Start and manage a new branch -* Make changes to a file and push them to {% data variables.product.product_name %} as commits -* Open and merge a pull request +* 创建和使用存储库 +* 启动和管理新分支 +* 对文件进行更改并将其作为提交推送到 {% data variables.product.product_name %} +* 打开与合并拉取请求 -To complete this tutorial, you need a [{% data variables.product.product_name %} account](http://github.com) and Internet access. You don't need to know how to code, use the command line, or install Git (the version control software that {% data variables.product.product_name %} is built on). If you have a question about any of the expressions used in this guide, head on over to the [glossary](/get-started/quickstart/github-glossary) to find out more about our terminology. +要完成本教程,您需要 [{% data variables.product.product_name %} 帐户](http://github.com)和连接互联网。 您不需要知道如何编码、使用命令行或安装 Git(构建 {% data variables.product.product_name %} 的版本控制软件)。 如果您对本指南中使用的任何表达方式有疑问,请转到[词汇表](/get-started/quickstart/github-glossary)了解术语的更多信息。 ## 创建仓库 -A repository is usually used to organize a single project. Repositories can contain folders and files, images, videos, spreadsheets, and data sets -- anything your project needs. Often, repositories include a _README_ file, a file with information about your project. _README_ files are written in the plain text Markdown language. You can use this [cheat sheet](https://www.markdownguide.org/cheat-sheet/) to get started with Markdown syntax. {% data variables.product.product_name %} lets you add a _README_ file at the same time you create your new repository. {% data variables.product.product_name %} also offers other common options such as a license file, but you do not have to select any of them now. +存储库通常用于组织单个项目。 存储库可以包含文件夹和文件、图像、视频、电子表格和数据集 - 项目所需的任何内容。 通常,存储库包括一个 _README_ 文件,其中含项目的相关信息。 _README_ 文件以纯文本 Markdown 语言编写。 您可以使用此[备忘单](https://www.markdownguide.org/cheat-sheet/)开始使用 Markdown 语法。 {% data variables.product.product_name %} 允许您在创建新存储库的同时添加 _README_ 文件。 {% data variables.product.product_name %} 还提供了其他常用选项,例如许可证文件,但您现在不必选择其中任何一个。 -Your `hello-world` repository can be a place where you store ideas, resources, or even share and discuss things with others. +您的 `hello-world` 存储库可以是您存储想法、资源甚至与他人共享和讨论的地方。 {% data reusables.repositories.create_new %} -1. In the **Repository name** box, enter `hello-world`. -2. In the **Description** box, write a short description. -3. Select **Add a README file**. -4. Select whether your repository will be **Public** or **Private**. +1. 在 **Repository name(存储库名称)**框中,输入 `hello-world`。 +2. 在 **Description(说明)**框中,编写简短说明。 +3. 选择 **Add a README file(添加 README 文件)**。 +4. 选择您的存储库是**公有**还是**私有**。 5. 单击 **Create repository(创建仓库)**。 - ![Create a hello world repository](/assets/images/help/repository/hello-world-repo.png) + ![创建 hello world 存储库](/assets/images/help/repository/hello-world-repo.png) ## 创建分支 -Branching lets you have different versions of a repository at one time. +通过分支,您可以同时拥有不同版本的存储库。 -By default, your repository has one branch named `main` that is considered to be the definitive branch. You can create additional branches off of `main` in your repository. You can use branches to have different versions of a project at one time. This is helpful when you want to add new features to a project without changing the main source of code. The work done on different branches will not show up on the main branch until you merge it, which we will cover later in this guide. You can use branches to experiment and make edits before committing them to `main`. +默认情况下,存储库有一个名为 `main` 的分支,被视为最终分支。 您可以在存储库中创建 `main` 以外的其他分支。 您可以使用分支一次拥有项目的不同版本。 当您想要在不更改主要代码源的情况下向项目添加新功能时,这非常有用。 在合并主分支之前,在不同分支上完成的工作不会显示在主分支上,我们将在本指南的后面部分介绍。 您可以使用分支进行试验和编辑,然后再将其提交到 `main`。 -When you create a branch off the `main` branch, you're making a copy, or snapshot, of `main` as it was at that point in time. If someone else made changes to the `main` branch while you were working on your branch, you could pull in those updates. +当您创建 `main` 分支以外的分支时,创建的是 `main` 在当时的副本或快照。 如果其他人在您处理分支时对 `main` 分支进行了更改,您可以拉入这些更新。 -This diagram shows: +此图显示: -* The `main` branch -* A new branch called `feature` -* The journey that `feature` takes before it's merged into `main` +* `main` 分支 +* 一个名为 `feature` 的新分支 +* `feature` 在合并到 `main` 之前的历程 -![branching diagram](/assets/images/help/repository/branching.png) +![分支图](/assets/images/help/repository/branching.png) -Have you ever saved different versions of a file? Something like: +您是否曾经保存过文件的不同版本? 像这样: * `story.txt` * `story-edit.txt` * `story-edit-reviewed.txt` -Branches accomplish similar goals in {% data variables.product.product_name %} repositories. +分支在 {% data variables.product.product_name %} 存储库中实现了类似的目标。 -Here at {% data variables.product.product_name %}, our developers, writers, and designers use branches for keeping bug fixes and feature work separate from our `main` (production) branch. When a change is ready, they merge their branch into `main`. +在 {% data variables.product.product_name %},我们的开发人员、编写者和设计师使用分支将错误修复和功能工作与我们的 `main`(生产)分支分开。 当更改准备就绪时,他们会将其分支合并到 `main`。 ### 创建分支 -1. Click the **Code** tab of your `hello-world` repository. -2. Click the drop down at the top of the file list that says **main**. ![Branch menu](/assets/images/help/branch/branch-selection-dropdown.png) -4. Type a branch name, `readme-edits`, into the text box. -5. Click **Create branch: readme-edits from main**. +1. 单击 `hello-world` 存储库的 **Code(代码)**选项卡。 +2. 单击其中显示 **main** 的文件列表顶部的下拉列表。 ![分支菜单](/assets/images/help/branch/branch-selection-dropdown.png) +4. 在文本框中键入分支名称 `readme-edits`。 +5. 单击 **Create branch: readme-edits from main(创建分支:从 main 创建 readme-edits)**。 -![Branch menu](/assets/images/help/repository/new-branch.png) +![分支菜单](/assets/images/help/repository/new-branch.png) -Now you have two branches, `main` and `readme-edits`. Right now, they look exactly the same. Next you'll add changes to the new branch. +此时您有两个分支:`main` 和 `readme-edits`。 现在,它们看起来完全相同。 接下来,您将向新分支添加更改。 -## Making and committing changes +## 创建和提交更改 -When you created a new branch in the previous step, {% data variables.product.product_name %} brought you to the code page for your new `readme-edits` branch, which is a copy of `main`. +在上一步中创建新分支时, {% data variables.product.product_name %} 会将您带到作为 `main` 副本的新 `readme-edits` 分支的代码页。 -You can make and save changes to the files in your repository. On {% data variables.product.product_name %}, saved changes are called commits. Each commit has an associated commit message, which is a description explaining why a particular change was made. Commit messages capture the history of your changes so that other contributors can understand what you’ve done and why. +您可以对存储库中的文件进行更改并保存更改。 在 {% data variables.product.product_name %} 上,保存的更改称为提交。 每个提交都有一个关联的提交消息,该消息是解释为什么进行特定更改的说明。 提交消息会捕获您更改的历史记录,以便其他参与者可以了解您执行了哪些操作及其原因。 -1. Under the `readme-edits` branch you created, click the _README.md_ file. -2. Click {% octicon "pencil" aria-label="The edit icon" %} to edit the file. -3. In the editor, write a bit about yourself. Try using different Markdown elements. -4. In the **Commit changes** box, write a commit message that describes your changes. +1. 在您创建的 `readme-edits` 分支下,单击 _README.md_ 文件。 +2. 单击 {% octicon "pencil" aria-label="The edit icon" %} 编辑文件。 +3. 在编辑器中,编写一些关于您自己的内容。 尝试使用不同的 Markdown 元素。 +4. 在 **Commit changes(提交更改)** 框中,编写描述更改的提交消息。 5. 单击 **Commit changes(提交更改)**。 - ![Commit example](/assets/images/help/repository/first-commit.png) + ![提交示例](/assets/images/help/repository/first-commit.png) -These changes will be made only to the README file on your `readme-edits` branch, so now this branch contains content that's different from `main`. +这些更改将仅适用于 `readme-edits` 分支上的 README 文件,所以这个分支现在包含不同于 `main` 的内容。 ## 打开拉取请求 -Now that you have changes in a branch off of `main`, you can open a pull request. +现在,您在 `main` 以外的分支中进行了更改,可以打开拉取请求。 -Pull requests are the heart of collaboration on {% data variables.product.product_name %}. When you open a pull request, you're proposing your changes and requesting that someone review and pull in your contribution and merge them into their branch. Pull requests show diffs, or differences, of the content from both branches. The changes, additions, and subtractions are shown in different colors. +拉取请求是 {% data variables.product.product_name %} 上协作的核心。 打开拉取请求后,可以提出更改,要求某人审查和提取您的贡献并将其合并到其分支中。 拉取请求显示两个分支中内容的差异。 变化、增减以不同的颜色显示。 -As soon as you make a commit, you can open a pull request and start a discussion, even before the code is finished. +只要进行提交,便可打开拉取请求并开始讨论,即使在代码完成之前亦可。 -By using {% data variables.product.product_name %}'s `@mention` feature in your pull request message, you can ask for feedback from specific people or teams, whether they're down the hall or 10 time zones away. +通过在拉取请求消息中使用 {% data variables.product.product_name %} 的 `@提及`功能,您可以向特定人员或团队请求反馈,无论他们近在大厅还是远在 10 个时区之外。 -You can even open pull requests in your own repository and merge them yourself. It's a great way to learn the {% data variables.product.product_name %} flow before working on larger projects. +您甚至可以在自己的存储库中打开拉取请求并自行合并。 这是在处理大型项目之前了解 {% data variables.product.product_name %} 流程的好方法。 -1. Click the **Pull requests** tab of your `hello-world` repository. -2. Click **New pull request** -3. In the **Example Comparisons** box, select the branch you made, `readme-edits`, to compare with `main` (the original). -4. Look over your changes in the diffs on the Compare page, make sure they're what you want to submit. +1. 单击 `hello-world` 存储库的 **Pull requests(拉取请求)**选项卡。 +2. 单击 **New pull request(新拉取请求)**。 +3. 在 **Example Comparisons(示例比较)**框中,选择您创建的分支 `readme-edits` 以与 `main`(原始分支)进行比较。 +4. 在 Compare(比较)页面上的差异中查看您的更改,确保它们是您要提交的内容。 - ![diff example](/assets/images/help/repository/diffs.png) + ![差异示例](/assets/images/help/repository/diffs.png) 5. 单击 **Create pull request(创建拉取请求)**。 -6. Give your pull request a title and write a brief description of your changes. You can include emojis and drag and drop images and gifs. -7. Optionally, to the right of your title and description, click the {% octicon "gear" aria-label="The Gear icon" %} next to **Reviewers**. **Assignees**, **Labels**, **Projects**, or **Milestone** to add any of these options to your pull request. You do not need to add any yet, but these options offer different ways to collaborate using pull requests. 更多信息请参阅“[关于拉取请求](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests)”。 +6. 为拉取请求指定一个标题,并写下更改的简要说明。 您可以包含表情符号以及拖放图像和 gif。 +7. (可选)在标题和说明右侧,单击 **Reviewers(审查者)**旁边的 {% octicon "gear" aria-label="The Gear icon" %}。 单击 **Assignees(受理人)**、**Labels(标签)**、**Projects(项目)**或 **Milestone(里程碑)**以将这些选项添加到您的拉取请求。 您不需要添加任何内容,但这些选项提供了使用拉取请求进行协作的不同方式。 更多信息请参阅“[关于拉取请求](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests)”。 7. 单击 **Create pull request(创建拉取请求)**。 -Your collaborators can now review your edits and make suggestions. +您的协作者现在可以查看您的编辑内容并提出建议。 -## Merging your pull request +## 合并拉取请求 -In this final step, you will merge your `readme-edits` branch into the `main` branch. After you merge your pull request, the changes on your `readme-edits` branch will be incorporated into `main`. +在最后一步中,您将 `readme-edits` 分支合并到 `main` 分支中。 合并拉取请求后,`readme-edits` 分支上的更改将合并到 `main`。 -Sometimes, a pull request may introduce changes to code that conflict with the existing code on `main`. If there are any conflicts, {% data variables.product.product_name %} will alert you about the conflicting code and prevent merging until the conflicts are resolved. You can make a commit that resolves the conflicts or use comments in the pull request to discuss the conflicts with your team members. +有时,拉取请求可能会引入与 `main` 上现有代码冲突的代码更改。 如果存在任何冲突, {% data variables.product.product_name %} 将提醒您有关冲突代码的信息,并防止合并,直到冲突解决为止。 您可以进行解决冲突的提交,也可以使用拉取请求中的注释与团队成员讨论冲突。 -In this walk-through, you should not have any conflicts, so you are ready to merge your branch into the main branch. +在本演练中,应该没有任何冲突,因此您已准备好将分支合并到主分支中。 -1. Click **Merge pull request** to merge the changes into `main`. ![Screen shot of merge button.](/assets/images/help/pull_requests/pullrequest-mergebutton.png) -2. 单击 **Confirm merge(确认合并)**。 You will receive a message that the request was successfully merged and the request was closed. -3. Click **Delete branch**. Now that your pull request is merged and your changes are on `main`, you can safely delete the `readme-edits` branch. If you want to make more changes to your project, you can always create a new branch and repeat this process. +1. 单击 **Merge pull request(合并拉取请求)**,将更改合并到 `main`。 ![合并按钮的屏幕截图。](/assets/images/help/pull_requests/pullrequest-mergebutton.png) +2. 单击 **Confirm merge(确认合并)**。 您将收到一条消息,指出请求已成功合并且请求已关闭。 +3. 单击 **Delete branch(删除分支)**。 现在,您的拉取请求已合并,并且您的更改位于 `main` 上,您可以安全地删除 `readme-edits` 分支。 如果要对项目进行更多更改,可以随时创建新分支并重复此过程。 ## 后续步骤 -By completing this tutorial, you've learned to create a project and make a pull request on {% data variables.product.product_name %}. +通过完成本教程,您已经学会了创建项目和在 {% data variables.product.product_name %} 上发出拉取请求。 -Here's what you accomplished in this tutorial: +以下是您在本教程中完成的工作: -* Created an open source repository -* Started and managed a new branch -* Changed a file and committed those changes to {% data variables.product.product_name %} -* Opened and merged a pull request +* 创建了一个开源仓库 +* 启动并管理了新的分支 +* 更改了文件并将这些更改提交到 {% data variables.product.product_name %} +* 打开并合并了拉取请求 -Take a look at your {% data variables.product.product_name %} profile and you'll see your work reflected on your contribution graph. +查看您的 {% data variables.product.product_name %} 个人资料,将会看到您的工作反映在您的贡献图表上。 -For more information about the power of branches and pull requests, see "[GitHub flow](/get-started/quickstart/github-flow)." For more information about getting started with {% data variables.product.product_name %}, see the other guides in the [getting started quickstart](/get-started/quickstart). +有关分支和拉取请求的强大功能的更多信息,请参阅“[GitHub 流程](/get-started/quickstart/github-flow)”。 有关开始使用 {% data variables.product.product_name %} 的详细信息,请参阅[快速入门](/get-started/quickstart)中的其他指南。 diff --git a/translations/zh-CN/content/get-started/signing-up-for-github/index.md b/translations/zh-CN/content/get-started/signing-up-for-github/index.md index 244c3ccd49..2a418d9e71 100644 --- a/translations/zh-CN/content/get-started/signing-up-for-github/index.md +++ b/translations/zh-CN/content/get-started/signing-up-for-github/index.md @@ -16,6 +16,5 @@ children: - /verifying-your-email-address - /setting-up-a-trial-of-github-enterprise-cloud - /setting-up-a-trial-of-github-enterprise-server - - /setting-up-a-trial-of-github-ae --- diff --git a/translations/zh-CN/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae.md b/translations/zh-CN/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae.md deleted file mode 100644 index 716f08bbeb..0000000000 --- a/translations/zh-CN/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-ae.md +++ /dev/null @@ -1,66 +0,0 @@ ---- -title: Setting up a trial of GitHub AE -intro: '您可以免费试用 {% data variables.product.prodname_ghe_managed %}。' -versions: - ghae: '*' -topics: - - Accounts -shortTitle: GitHub AE trial ---- - -## About the {% data variables.product.prodname_ghe_managed %} trial - -You can set up a 90-day trial to evaluate {% data variables.product.prodname_ghe_managed %}. This process allows you to deploy a {% data variables.product.prodname_ghe_managed %} account in your existing Azure region. - -- **{% data variables.product.prodname_ghe_managed %} account**: The Azure resource that contains the deployment of {% data variables.product.prodname_ghe_managed %}. -- **{% data variables.product.prodname_ghe_managed %} portal**: The Azure management tool at [https://portal.azure.com](https://portal.azure.com). This is used to deploy the {% data variables.product.prodname_ghe_managed %} account. - -## 设置 {% data variables.product.prodname_ghe_managed %} 的试用版 - - -Before you can start your trial of {% data variables.product.prodname_ghe_managed %}, you must request access by contacting your {% data variables.product.prodname_dotcom %} account team. {% data variables.product.prodname_dotcom %} will enable the {% data variables.product.prodname_ghe_managed %} trial for your Azure subscription. - -Contact {% data variables.contact.contact_enterprise_sales %} to check your eligibility for a {% data variables.product.prodname_ghe_managed %} trial. - -## Deploying {% data variables.product.prodname_ghe_managed %} with the {% data variables.actions.azure_portal %} - -The {% data variables.actions.azure_portal %} allows you to deploy the {% data variables.product.prodname_ghe_managed %} account in your Azure resource group. - -1. On the {% data variables.actions.azure_portal %}, type `GitHub AE` in the search field. Then, under _Services_, click {% data variables.product.prodname_ghe_managed %}. ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-search.png) -1. To begin the process of adding a new {% data variables.product.prodname_ghe_managed %} account, click **Create GitHub AE account**. -1. Complete the "Project details" and "Instance details" fields. ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-form.png) - - **Account name:** The hostname for your enterprise - - **Administrator username:** A username for the initial enterprise owner that will be created in {% data variables.product.prodname_ghe_managed %} - - **Administrator email:** The email address that will receive the login information -1. To review a summary of the proposed changes, click **Review + create**. -1. After the validation process has completed, click **Create**. - -The email address you entered above will receive instructions on how to access your enterprise. After you have access, you can get started by following the initial setup steps. 更多信息请参阅“[初始化 {% data variables.product.prodname_ghe_managed %}](/admin/configuration/initializing-github-ae)。” - -{% note %} - -**Note:** Software updates for your {% data variables.product.prodname_ghe_managed %} deployment are performed by {% data variables.product.prodname_dotcom %}. For more information, see "[About upgrades to new releases](/admin/overview/about-upgrades-to-new-releases)." - -{% endnote %} - -## Navigating to your enterprise - -You can use the {% data variables.actions.azure_portal %} to navigate to your {% data variables.product.prodname_ghe_managed %} deployment. The resulting list includes all the {% data variables.product.prodname_ghe_managed %} deployments in your Azure region. - -1. On the {% data variables.actions.azure_portal %}, in the left panel, click **All resources**. -1. From the available filters, click **All types**, then deselect **Select all** and select **GitHub AE**: ![{% data variables.actions.azure_portal %} search result](/assets/images/azure/github-ae-azure-portal-type-filter.png) - -## 后续步骤 - -Once your deployment has been provisioned, the next step is to initialize {% data variables.product.prodname_ghe_managed %}. 更多信息请参阅“[初始化 {% data variables.product.prodname_ghe_managed %}](/github-ae@latest/admin/configuration/configuring-your-enterprise/initializing-github-ae)。” - -## 结束试用 - -You can upgrade to a full license at any time during the trial period by contacting contact {% data variables.contact.contact_enterprise_sales %}. If you haven't upgraded by the last day of your trial, then the deployment is automatically deleted. - -如果需要更多时间来评估 {% data variables.product.prodname_ghe_managed %},请联系 {% data variables.contact.contact_enterprise_sales %} 申请延期。 - -## 延伸阅读 - -- "[Enabling {% data variables.product.prodname_advanced_security %} features on {% data variables.product.prodname_ghe_managed %}](/github/getting-started-with-github/about-github-advanced-security#enabling-advanced-security-features-on-github-ae)" -- "[{% data variables.product.prodname_ghe_managed %} release notes](/github-ae@latest/admin/overview/github-ae-release-notes)" diff --git a/translations/zh-CN/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md b/translations/zh-CN/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md index 1f9ff8ce78..a909e38334 100644 --- a/translations/zh-CN/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md +++ b/translations/zh-CN/content/get-started/signing-up-for-github/setting-up-a-trial-of-github-enterprise-server.md @@ -19,7 +19,7 @@ shortTitle: Enterprise Server 试用版 您可以申请 45 天试用版来试用 {% data variables.product.prodname_ghe_server %}。 您的试用版将作为虚拟设备安装,带有内部或云部署选项。 有关支持的可视化平台列表,请参阅“[设置 GitHub Enterprise Server 实例](/enterprise-server@latest/admin/installation/setting-up-a-github-enterprise-server-instance)”。 -{% ifversion ghes %}{% data variables.product.prodname_dependabot %}{% else %}安全{% endif %}警报和 {% data variables.product.prodname_github_connect %} 目前在 {% data variables.product.prodname_ghe_server %} 试用版中不可用。 要获取这些功能的演示,请联系 {% data variables.contact.contact_enterprise_sales %}。 有关这些功能的详细信息,请参阅“[关于有漏洞的依赖项警报](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”和“[将企业帐户连接到 {% data variables.product.prodname_ghe_cloud %}](/enterprise-server@latest/admin/configuration/managing-connections-between-your-enterprise-accounts/connecting-your-enterprise-account-to-github-enterprise-cloud)”。 +{% ifversion ghes %}{% data variables.product.prodname_dependabot %}{% else %}安全{% endif %}警报和 {% data variables.product.prodname_github_connect %} 目前在 {% data variables.product.prodname_ghe_server %} 试用版中不可用。 要获取这些功能的演示,请联系 {% data variables.contact.contact_enterprise_sales %}。 有关这些功能的详细信息,请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”和“[将企业帐户连接到 {% data variables.product.prodname_ghe_cloud %}](/enterprise-server@latest/admin/configuration/managing-connections-between-your-enterprise-accounts/connecting-your-enterprise-account-to-github-enterprise-cloud)”。 试用版也可用于 {% data variables.product.prodname_ghe_cloud %}。 更多信息请参阅“[设置 {% data variables.product.prodname_ghe_cloud %} 的试用](/articles/setting-up-a-trial-of-github-enterprise-cloud)”。 diff --git a/translations/zh-CN/content/get-started/using-git/about-git.md b/translations/zh-CN/content/get-started/using-git/about-git.md index 8c86c9caac..c4509ea586 100644 --- a/translations/zh-CN/content/get-started/using-git/about-git.md +++ b/translations/zh-CN/content/get-started/using-git/about-git.md @@ -1,6 +1,6 @@ --- -title: About Git -intro: 'Learn about the version control system, Git, and how it works with {% data variables.product.product_name %}.' +title: 关于 Git +intro: '了解版本控制系统 Git 以及它如何与 {% data variables.product.product_name %} 配合使用。' versions: fpt: '*' ghes: '*' @@ -13,66 +13,66 @@ topics: miniTocMaxHeadingLevel: 3 --- -## About version control and Git +## 关于版本控制和 Git -A version control system, or VCS, tracks the history of changes as people and teams collaborate on projects together. As developers make changes to the project, any earlier version of the project can be recovered at any time. +版本控制系统(VCS)跟踪人员和团队在项目上进行协作时的更改历史记录。 当开发人员对项目进行更改时,可以随时恢复项目的任何早期版本。 -Developers can review project history to find out: +开发人员可以查看项目历史记录以找出: -- Which changes were made? -- Who made the changes? -- When were the changes made? -- Why were changes needed? +- 进行了哪些更改? +- 谁进行了更改? +- 何时进行了更改? +- 为什么需要更改? -VCSs give each contributor a unified and consistent view of a project, surfacing work that's already in progress. Seeing a transparent history of changes, who made them, and how they contribute to the development of a project helps team members stay aligned while working independently. +VCS 为每个贡献者提供统一且一致的项目视图,显示已经在进行中的工作。 查看透明的更改历史记录、谁进行了更改,以及它们如何为项目开发做出贡献,可帮助团队成员在独立工作时保持一致。 -In a distributed version control system, every developer has a full copy of the project and project history. Unlike once popular centralized version control systems, DVCSs don't need a constant connection to a central repository. Git is the most popular distributed version control system. Git is commonly used for both open source and commercial software development, with significant benefits for individuals, teams and businesses. +在分布式版本控制系统中,每个开发人员都有项目和项目历史记录的完整副本。 与曾经流行的集中式版本控制系统不同,DVCS 不需要与中央存储库的持续连接。 Git 是最流行的分布式版本控制系统。 Git 通常用于开源和商业软件开发,对个人、团队和企业都有明显的好处。 -- Git lets developers see the entire timeline of their changes, decisions, and progression of any project in one place. From the moment they access the history of a project, the developer has all the context they need to understand it and start contributing. +- Git 允许开发人员在一个地方查看任何项目的更改、决策和进度的整个时间线。 从他们访问项目历史记录的那一刻起,开发人员就拥有了理解它并开始参与所需的所有上下文。 -- Developers work in every time zone. With a DVCS like Git, collaboration can happen any time while maintaining source code integrity. Using branches, developers can safely propose changes to production code. +- 开发人员在每个时区工作。 使用像 Git 这样的 DVCS,协作可以随时随地进行,同时保持源代码的完整性。 使用分支,开发人员可以安全地提出对生产代码的更改建议。 -- Businesses using Git can break down communication barriers between teams and keep them focused on doing their best work. Plus, Git makes it possible to align experts across a business to collaborate on major projects. +- 使用 Git 的企业可以打破团队之间的沟通障碍,让他们专注于做好最好的工作。 此外,Git 还可以让整个企业的专家协调一致,在重大项目上进行协作。 ## 关于仓库 -A repository, or Git project, encompasses the entire collection of files and folders associated with a project, along with each file's revision history. The file history appears as snapshots in time called commits. The commits can be organized into multiple lines of development called branches. Because Git is a DVCS, repositories are self-contained units and anyone who has a copy of the repository can access the entire codebase and its history. Using the command line or other ease-of-use interfaces, a Git repository also allows for: interaction with the history, cloning the repository, creating branches, committing, merging, comparing changes across versions of code, and more. +存储库或 Git 项目包含与项目关联的文件和文件夹的整个集合,以及每个文件的修订历史记录。 文件历史记录在时间上显示为快照,称为提交。 提交可以组织成多个开发行,称为分支。 由于 Git 是 DVCS,因此存储库是独立的单元,任何拥有存储库副本的人都可以访问整个代码库及其历史记录。 使用命令行或其他易用性接口,Git 存储库还允许:与历史记录交互、克隆存储库、创建分支、提交、合并、比较不同版本的代码更改等。 -Through platforms like {% data variables.product.product_name %}, Git also provides more opportunities for project transparency and collaboration. Public repositories help teams work together to build the best possible final product. +通过像 {% data variables.product.product_name %} 这样的平台,Git 也为项目的透明度和协作提供了更多的机会。 公共存储库可帮助团队协同工作,以构建最佳的最终产品。 -## How {% data variables.product.product_name %} works +## {% data variables.product.product_name %} 的工作原理 -{% data variables.product.product_name %} hosts Git repositories and provides developers with tools to ship better code through command line features, issues (threaded discussions), pull requests, code review, or the use of a collection of free and for-purchase apps in the {% data variables.product.prodname_marketplace %}. With collaboration layers like the {% data variables.product.product_name %} flow, a community of 15 million developers, and an ecosystem with hundreds of integrations, {% data variables.product.product_name %} changes the way software is built. +{% data variables.product.product_name %} 托管 Git 存储库,并为开发人员提供工具,通过命令行功能、议题(线程讨论)、拉取请求、代码审查或使用 {% data variables.product.prodname_marketplace %} 中的一组免费和可购应用程序来交付更好的代码。 通过 {% data variables.product.product_name %} 流程等协作层、拥有 1500 万开发人员的社区以及具有数百个集成的生态系统,{% data variables.product.product_name %} 改变了软件的构建方式。 -{% data variables.product.product_name %} builds collaboration directly into the development process. Work is organized into repositories where developers can outline requirements or direction and set expectations for team members. Then, using the {% data variables.product.product_name %} flow, developers simply create a branch to work on updates, commit changes to save them, open a pull request to propose and discuss changes, and merge pull requests once everyone is on the same page. For more information, see "[GitHub flow](/get-started/quickstart/github-flow)." +{% data variables.product.product_name %} 将协作直接构建到开发过程中。 工作组织到存储库中,开发人员可以在其中概述要求或方向,并为团队成员设定期望。 然后,使用 {% data variables.product.product_name %} 流程,开发人员只需创建一个分支来处理更新,提交更改以保存它们,打开拉取请求以建议和讨论更改,并在每个人都在同一页面上时合并拉取请求。 更多信息请参阅“[GitHub 流](/get-started/quickstart/github-flow)”。 -## {% data variables.product.product_name %} and the command line +## {% data variables.product.product_name %} 和命令行 -### Basic Git commands +### 基本 Git 命令 -To use Git, developers use specific commands to copy, create, change, and combine code. These commands can be executed directly from the command line or by using an application like {% data variables.product.prodname_desktop %}. Here are some common commands for using Git: +为使用 Git,开发人员使用特定命令来复制、创建、更改和合并代码。 这些命令可以直接从命令行执行,也可以使用 {% data variables.product.prodname_desktop %}等应用程序执行。 以下是使用 Git 的一些常用命令: -- `git init` initializes a brand new Git repository and begins tracking an existing directory. It adds a hidden subfolder within the existing directory that houses the internal data structure required for version control. +- `git init` 初始化一个全新的 Git 存储库并开始跟踪现有目录。 它在现有目录中添加一个隐藏的子文件夹,该子文件夹包含版本控制所需的内部数据结构。 -- `git clone` creates a local copy of a project that already exists remotely. The clone includes all the project's files, history, and branches. +- `git clone` 创建远程已存在的项目的本地副本。 克隆包括项目的所有文件、历史记录和分支。 -- `git add` stages a change. Git tracks changes to a developer's codebase, but it's necessary to stage and take a snapshot of the changes to include them in the project's history. This command performs staging, the first part of that two-step process. Any changes that are staged will become a part of the next snapshot and a part of the project's history. Staging and committing separately gives developers complete control over the history of their project without changing how they code and work. +- `git add` 暂存更改。 Git 跟踪对开发人员代码库的更改,但有必要暂存更改并拍摄更改的快照,以将其包含在项目的历史记录中。 此命令执行暂存,即该两步过程的第一部分。 暂存的任何更改都将成为下一个快照的一部分,并成为项目历史记录的一部分。 通过单独暂存和提交,开发人员可以完全控制其项目的历史记录,而无需更改其编码和工作方式。 -- `git commit` saves the snapshot to the project history and completes the change-tracking process. In short, a commit functions like taking a photo. Anything that's been staged with `git add` will become a part of the snapshot with `git commit`. +- `git commit` 将快照保存到项目历史记录中并完成更改跟踪过程。 简言之,提交就像拍照一样。 任何使用 `git add` 暂存的内容都将成为使用 `git commit` 的快照的一部分。 -- `git status` shows the status of changes as untracked, modified, or staged. +- `git status` 将更改的状态显示为未跟踪、已修改或已暂存。 -- `git branch` shows the branches being worked on locally. +- `git branch` 显示正在本地处理的分支。 -- `git merge` merges lines of development together. This command is typically used to combine changes made on two distinct branches. For example, a developer would merge when they want to combine changes from a feature branch into the main branch for deployment. +- `git merge` 将开发线合并在一起。 此命令通常用于合并在两个不同分支上所做的更改。 例如,当开发人员想要将功能分支中的更改合并到主分支以进行部署时,他们会合并。 -- `git pull` updates the local line of development with updates from its remote counterpart. Developers use this command if a teammate has made commits to a branch on a remote, and they would like to reflect those changes in their local environment. +- `git pull` 使用远程对应项的更新来更新本地开发线。 如果队友已向远程上的分支进行了提交,并且他们希望将这些更改反映到其本地环境中,则开发人员将使用此命令。 -- `git push` updates the remote repository with any commits made locally to a branch. +- `git push` 使用本地对分支所做的任何提交来更新远程存储库。 -For more information, see the [full reference guide to Git commands](https://git-scm.com/docs). +更多信息请参阅 [Git 命令的完整参考指南](https://git-scm.com/docs)。 -### Example: Contribute to an existing repository +### 示例:参与现有存储库 ```bash # download a repository on {% data variables.product.product_name %} to our machine @@ -100,9 +100,9 @@ git commit -m "my snapshot" git push --set-upstream origin my-branch ``` -### Example: Start a new repository and publish it to {% data variables.product.product_name %} +### 示例:启动新存储库并将其发布到 {% data variables.product.product_name %} -First, you will need to create a new repository on {% data variables.product.product_name %}. For more information, see "[Hello World](/get-started/quickstart/hello-world)." **Do not** initialize the repository with a README, .gitignore or License file. This empty repository will await your code. +首先,您需要在 {% data variables.product.product_name %} 上创建一个新存储库。 更多信息请参阅“[Hello World](/get-started/quickstart/hello-world)”。 **不要**使用 README、.gitignore 或许可文件初始化存储库。 这个空存储库将等待您的代码。 ```bash # create a new directory, and initialize it with git-specific functions @@ -127,9 +127,9 @@ git remote add origin https://github.com/YOUR-USERNAME/YOUR-REPOSITORY-NAME.git git push --set-upstream origin main ``` -### Example: contribute to an existing branch on {% data variables.product.product_name %} +### 示例:为 {% data variables.product.product_name %} 的现有分支做出贡献 -This example assumes that you already have a project called `repo` on the machine and that a new branch has been pushed to {% data variables.product.product_name %} since the last time changes were made locally. +此示例假定您的计算机上已有一个名为 `repo` 的项目,并且自上次在本地进行更改以来,已将新分支推送到 {% data variables.product.product_name %}。 ```bash # change into the `repo` directory @@ -153,27 +153,27 @@ git commit -m "edit file1" git push ``` -## Models for collaborative development +## 协作开发模型 -There are two primary ways people collaborate on {% data variables.product.product_name %}: +人们在 {% data variables.product.product_name %} 上有两种主要协作方式: -1. Shared repository -2. Fork and pull +1. 共享存储库 +2. 复刻和拉取 -With a shared repository, individuals and teams are explicitly designated as contributors with read, write, or administrator access. This simple permission structure, combined with features like protected branches, helps teams progress quickly when they adopt {% data variables.product.product_name %}. +使用共享存储库,个人和团队被显式指定为具有读取、写入或管理员访问权限的参与者。 这种简单的权限结构与受保护的分支等功能相结合,可帮助团队在采用 {% data variables.product.product_name %} 时快速取得进展。 -For an open source project, or for projects to which anyone can contribute, managing individual permissions can be challenging, but a fork and pull model allows anyone who can view the project to contribute. A fork is a copy of a project under a developer's personal account. Every developer has full control of their fork and is free to implement a fix or a new feature. Work completed in forks is either kept separate, or is surfaced back to the original project via a pull request. There, maintainers can review the suggested changes before they're merged. For more information, see "[Contributing to projects](/get-started/quickstart/contributing-to-projects)." +对于开源项目,或者对于任何人都可以参与的项目,管理个人权限可能具有挑战性,但复刻和拉取模型允许任何可以查看项目的人做出贡献。 复刻是开发人员个人帐户下项目的副本。 每个开发人员都可以完全控制他们的分支,并可以自由地实现修复或新功能。 在复刻中完成的工作要么保持独立,要么通过拉取请求返回到原始项目。 在那里,维护者可以在合并之前查看建议的更改。 更多信息请参阅“[参与项目](/get-started/quickstart/contributing-to-projects)”。 ## 延伸阅读 -The {% data variables.product.product_name %} team has created a library of educational videos and guides to help users continue to develop their skills and build better software. +{% data variables.product.product_name %} 团队创建了一个教育视频和指南库,以帮助用户继续发展他们的技能并构建更好的软件。 -- [Beginner projects to explore](https://github.com/showcases/great-for-new-contributors) -- [{% data variables.product.product_name %} video guides](https://youtube.com/githubguides) +- [要探索的初学者项目](https://github.com/showcases/great-for-new-contributors) +- [{% data variables.product.product_name %} 视频指南](https://youtube.com/githubguides) -For a detailed look at Git practices, the videos below show how to get the most out of some Git commands. +有关 Git 实践的详细介绍,下面的视频展示了如何充分利用某些 Git 命令。 -- [Working locally](https://www.youtube.com/watch?v=rBbbOouhI-s&index=2&list=PLg7s6cbtAD17Gw5u8644bgKhgRLiJXdX4) +- [本地工作](https://www.youtube.com/watch?v=rBbbOouhI-s&index=2&list=PLg7s6cbtAD17Gw5u8644bgKhgRLiJXdX4) - [`git status`](https://www.youtube.com/watch?v=SxmveNrZb5k&list=PLg7s6cbtAD17Gw5u8644bgKhgRLiJXdX4&index=3) -- [Two-step commits](https://www.youtube.com/watch?v=Vb0Ghkkc2hk&index=4&list=PLg7s6cbtAD17Gw5u8644bgKhgRLiJXdX4) -- [`git pull` and `git push`](https://www.youtube.com/watch?v=-uQHV9GOA0w&index=5&list=PLg7s6cbtAD17Gw5u8644bgKhgRLiJXdX4) +- [两步提交](https://www.youtube.com/watch?v=Vb0Ghkkc2hk&index=4&list=PLg7s6cbtAD17Gw5u8644bgKhgRLiJXdX4) +- [`git pull` 和 `git push`](https://www.youtube.com/watch?v=-uQHV9GOA0w&index=5&list=PLg7s6cbtAD17Gw5u8644bgKhgRLiJXdX4) diff --git a/translations/zh-CN/content/get-started/using-git/dealing-with-special-characters-in-branch-and-tag-names.md b/translations/zh-CN/content/get-started/using-git/dealing-with-special-characters-in-branch-and-tag-names.md index 44430df440..71bc00a4a5 100644 --- a/translations/zh-CN/content/get-started/using-git/dealing-with-special-characters-in-branch-and-tag-names.md +++ b/translations/zh-CN/content/get-started/using-git/dealing-with-special-characters-in-branch-and-tag-names.md @@ -1,49 +1,49 @@ --- -title: Dealing with special characters in branch and tag names -intro: 'Git is very permissive about what characters are allowed in branch and tag names. When using Git from a command-line shell, you may need to escape or quote special characters.' +title: 处理分支和标记名称中的特殊字符 +intro: 对于在分支和标签名称中允许的字符,Git 的支持非常宽泛。 从命令行 shell 使用 Git 时,可能需要对特殊字符进行转义或引用。 versions: fpt: '*' ghes: '*' ghae: '*' ghec: '*' -shortTitle: Special characters in names +shortTitle: 名称中的特殊字符 --- -## About branch and tag names +## 关于分支和标记名称 -Most repositories use simple branch names, such as `main` or `update-icons`. Tag names also usually follow a basic format, such as a version number like `v1.2.3`. Both branch names and tag names may also use the path separator (`/`) for structure, for example `area/item` or `level-1/level-2/level-3`. Other than some exceptions — such as not starting or ending a name with a slash, or having consecutive slashes in the name — Git has very few restrictions on what characters may be used in branch and tag names. For more information, see "[git-check-ref-format](https://git-scm.com/docs/git-check-ref-format)" in the Git documentation. +大多数存储库使用简单的分支名称,例如 `main` 或 `update-icons`。 标记名称通常也遵循基本格式,例如版本号,如 `v1.2.3`。 分支名称和标记名称也可以使用路径分隔符 (`/`) 来构造,例如 `area/item` 或 `level-1/level-2/level-3`。 除了一些例外,例如名称不以斜杠开头或结尾,或者在名称中有连续斜杠,Git 对分支和标记名称中可以使用的字符几乎没有限制。 更多信息请参阅 Git 文档中的“[git-check-ref-format](https://git-scm.com/docs/git-check-ref-format)”。 -## Why you need to escape special characters +## 为什么需要对特殊字符进行转义 -When using a CLI, you might have situations where a branch or tag name contains special characters that have a special meaning for your shell environment. To use these characters safely in a Git command, they must be quoted or escaped, otherwise the command may have unintended effects. +使用 CLI 时,您可能会遇到分支或标记名称包含对 shell 环境具有特殊含义的特殊字符的情况。 要在 Git 命令中安全地使用这些字符,必须用引号或转义它们,否则该命令可能会产生意外效果。 -For example, the `$` character is used by many shells to refer to a variable. Most shells would interpret a valid branch name like `hello-$USER` as equivalent to the word "hello", followed by a hyphen, followed by the current value of the `USER` variable, rather than the literal string `hello-$USER`. If a branch name includes the `$` character, then the shell must be stopped from expanding it as a variable reference. Similarly, if a branch name contains a semi-colon (`;`), most shells interpret it as a command separator, so it needs to be quoted or escaped. +例如, `$` 字符被许多 shell 用来引用变量。 大多数 shell 会将有效的分支名称(如 `hello-$USER` )解释为等效于单词“hello”,后跟连字符,后跟 `USER` 变量的当前值,而不是 `hello-$USER` 的文字字符串。 如果分支名称包含 `$` 字符,则必须阻止 shell 将其扩展为变量引用。 类似地,如果分支名称包含分号 (`;`),大多数 shell 将其解释为命令分隔符,因此需要用引号或转义。 -## How to escape special characters in branch and tag names +## 如何对分支和标记名称中的特殊字符进行转义 -Most branch and tag names with special characters can be handled by including the name in single quotes, for example `'hello-$USER'`. +大多数带有特殊字符的分支和标记名称都可以通过在单引号中包含名称来处理,例如 `"hello-$USER"`。 -* In the [Bash](https://www.gnu.org/software/bash/) shell, enclosing a string of characters in single quotes preserves the literal value of the characters within the single quotes. -* [Zsh](https://www.zsh.org/) behaves similar to Bash, however this behavior is configurable using the `RC_QUOTES` option. -* [PowerShell](https://microsoft.com/powershell) also treats characters literally when inside single quotes. +* 在 [Bash](https://www.gnu.org/software/bash/) shell 中,将字符串括在单引号中将保留单引号内字符的文字值。 +* [Zsh](https://www.zsh.org/) 的行为与 Bash 类似,但可以使用 `RC_QUOTES` 选项配置此行为。 +* [PowerShell](https://microsoft.com/powershell) 在单引号内时也会按字面意思处理字符。 -For these shells, the main exception is when the branch or tag name itself contains a single quote. In this case, you should consult the official documentation for your shell: +对于这些 shell,主要的例外是分支或标记名称本身包含单个引号。 在这种情况下,您应该查阅 shell 的官方文档: -* [Bash documentation](https://www.gnu.org/software/bash/manual/) -* [Zsh documentation](https://zsh.sourceforge.io/Doc/) -* [Fish documentation](https://fishshell.com/docs/current/) -* [PowerShell documentation](https://docs.microsoft.com/en-gb/powershell/) +* [Bash 文档](https://www.gnu.org/software/bash/manual/) +* [Zsh 文档](https://zsh.sourceforge.io/Doc/) +* [Fish 文档](https://fishshell.com/docs/current/) +* [PowerShell 文档](https://docs.microsoft.com/en-gb/powershell/) -## Naming branches and tags +## 命名分支和标记 -If possible, create branch and tag names that don't contain special characters, as these would need to be escaped. A safe default set of characters to use for branch names and tag names is: +如果可能,请创建不包含特殊字符的分支和标记名称,因为这些字符需要转义。 用于分支名称和标记名称的安全默认字符集为: -* The English alphabet (`a` to `z` and `A` to `Z`) -* Numbers (`0` to `9`) -* A limited set of punctuation characters: - * period (`.`) - * hyphen (`-`) - * underscore (`_`) - * forward slash (`/`) +* 英文字母(`a` 到 `z` 和 `A` 到 `Z`) +* 数字(`0` 到 `9`) +* 有限的标点字符集: + * 句点 (`.`) + * 连字符 (`-`) + * 下划线 (`_`) + * 正斜杠 (`/`) -To avoid confusion, you should start branch names with a letter. +为避免混淆,分支名称应以字母开头。 diff --git a/translations/zh-CN/content/get-started/using-github/keyboard-shortcuts.md b/translations/zh-CN/content/get-started/using-github/keyboard-shortcuts.md index 992497db5c..fd482911ce 100644 --- a/translations/zh-CN/content/get-started/using-github/keyboard-shortcuts.md +++ b/translations/zh-CN/content/get-started/using-github/keyboard-shortcuts.md @@ -24,7 +24,7 @@ versions: 下面是一些可用键盘快捷键的列表。 {% if command-palette %} -{% data variables.product.prodname_command_palette %} 还可让您快速访问各种操作,而无需记住键盘快捷键。 For more information, see "[{% data variables.product.prodname_command_palette %}](/get-started/using-github/github-command-palette)."{% endif %} +{% data variables.product.prodname_command_palette %} 还可让您快速访问各种操作,而无需记住键盘快捷键。 更多信息请参阅“[{% data variables.product.prodname_command_palette %}](/get-started/using-github/github-command-palette)”。{% endif %} ## 站点快捷键 @@ -36,7 +36,7 @@ versions: {% if command-palette %} -Command+K (Mac) 或
Ctrl+K (Windows/Linux) | 打开 {% data variables.product.prodname_command_palette %}。 如果要编辑 Markdown 文本,请使用 Command+Option+KCtrl+Alt+K打开命令面板。 For more information, see "[{% data variables.product.prodname_command_palette %}](/get-started/using-github/github-command-palette)."{% endif %} +Command+K (Mac) 或
Ctrl+K (Windows/Linux) | 打开 {% data variables.product.prodname_command_palette %}。 如果要编辑 Markdown 文本,请使用 Command+Option+KCtrl+Alt+K打开命令面板。 更多信息请参阅“[{% data variables.product.prodname_command_palette %}](/get-started/using-github/github-command-palette)”。{% endif %} ## 仓库 diff --git a/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md b/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md index 4d2eceea1e..e5eb337af9 100644 --- a/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md +++ b/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks.md @@ -70,10 +70,9 @@ Look! You can see my backticks. {% if mermaid %} ## Creating diagrams -You can use Mermaid syntax to add diagrams. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams)." +You can also use code blocks to create diagrams in Markdown. GitHub supports Mermaid, geoJSON, topoJSON, and ASCII STL syntax. For more information, see "[Creating diagrams](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams)." {% endif %} - ## 延伸阅读 - [{% data variables.product.prodname_dotcom %} Flavored Markdown 规格](https://github.github.com/gfm/) diff --git a/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md b/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md index 4f4f1a2e26..eaa9268f21 100644 --- a/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md +++ b/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams.md @@ -6,7 +6,13 @@ versions: shortTitle: Create diagrams --- -You can use Mermaid syntax to create diagrams. Mermaid is a Markdown-inspired tool that renders text into diagrams. For example, Mermaid can render flow charts, sequence diagrams, pie charts and more. For more information, see the [Mermaid documentation](https://mermaid-js.github.io/mermaid/#/). +## About creating diagrams + +You can create diagrams in Markdown using three different syntaxes: mermaid, geoJSON and topoJSON, and ASCII STL. + +## Creating Mermaid diagrams + +Mermaid is a Markdown-inspired tool that renders text into diagrams. For example, Mermaid can render flow charts, sequence diagrams, pie charts and more. For more information, see the [Mermaid documentation](https://mermaid-js.github.io/mermaid/#/). To create a Mermaid diagram, add Mermaid syntax inside a fenced code block with the `mermaid` language identifier. For more information about creating code blocks, see "[Creating and highlighting code blocks](/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks)." @@ -31,3 +37,122 @@ graph TD; **Note:** You may observe errors if you run a third-party Mermaid plugin when using Mermaid syntax on {% data variables.product.company_short %}. {% endnote %} + +## Creating geoJSON and topoJSON maps + +You can use geo/topoJSON syntax to create interactive maps. To create a map, add geoJSON or topoJSON inside a fenced code block with the `geojson` or `topojson` syntax identifier. 更多信息请参阅“[创建和突出显示代码块](/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks)”。 + +### Using geoJSON + +For example, you can create a simple map: + +
+```geojson
+{
+  "type": "Polygon",
+  "coordinates": [
+      [
+          [-90,30],
+          [-90,35],
+          [-90,35],
+          [-85,35],
+          [-85,30]
+      ]
+  ]
+}
+```
+
+ +![Rendered map](/assets/images/help/writing/fenced-geojson-rendered-map.png) + +### Using topoJSON + +For example, you can create a simple topoJSON map: + +
+```topojson
+{
+  "type": "Topology",
+  "transform": {
+    "scale": [0.0005000500050005, 0.00010001000100010001],
+    "translate": [100, 0]
+  },
+  "objects": {
+    "example": {
+      "type": "GeometryCollection",
+      "geometries": [
+        {
+          "type": "Point",
+          "properties": {"prop0": "value0"},
+          "coordinates": [4000, 5000]
+        },
+        {
+          "type": "LineString",
+          "properties": {"prop0": "value0", "prop1": 0},
+          "arcs": [0]
+        },
+        {
+          "type": "Polygon",
+          "properties": {"prop0": "value0",
+            "prop1": {"this": "that"}
+          },
+          "arcs": [[1]]
+        }
+      ]
+    }
+  },
+  "arcs": [[[4000, 0], [1999, 9999], [2000, -9999], [2000, 9999]],[[0, 0], [0, 9999], [2000, 0], [0, -9999], [-2000, 0]]]
+}
+```
+
+ +![Rendered topojson map](/assets/images/help/writing/fenced-topojson-rendered-map.png) + +For more information on working with `.geojson` and `.topojson` files, see "[Working with non-code files](/repositories/working-with-files/using-files/working-with-non-code-files#mapping-geojson-files-on-github)." + + +## Creating STL 3D models + +You can use ASCII STL syntax directly in markdown to create interactive 3D models. To display a model, add ASCII STL syntax inside a fenced code block with the `stl` syntax identifier. 更多信息请参阅“[创建和突出显示代码块](/get-started/writing-on-github/working-with-advanced-formatting/creating-and-highlighting-code-blocks)”。 + +For example, you can create a simple 3D model: + +
+```stl
+solid cube_corner
+  facet normal 0.0 -1.0 0.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 1.0 0.0 0.0
+      vertex 0.0 0.0 1.0
+    endloop
+  endfacet
+  facet normal 0.0 0.0 -1.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 0.0 1.0 0.0
+      vertex 1.0 0.0 0.0
+    endloop
+  endfacet
+  facet normal -1.0 0.0 0.0
+    outer loop
+      vertex 0.0 0.0 0.0
+      vertex 0.0 0.0 1.0
+      vertex 0.0 1.0 0.0
+    endloop
+  endfacet
+  facet normal 0.577 0.577 0.577
+    outer loop
+      vertex 1.0 0.0 0.0
+      vertex 0.0 1.0 0.0
+      vertex 0.0 0.0 1.0
+    endloop
+  endfacet
+endsolid
+```
+
+ +![Rendered 3D model](/assets/images/help/writing/fenced-stl-rendered-object.png) + +For more information on working with `.stl` files, see "[Working with non-code files](/repositories/working-with-files/using-files/working-with-non-code-files#3d-file-viewer)." + diff --git a/translations/zh-CN/content/github/copilot/github-copilot-telemetry-terms.md b/translations/zh-CN/content/github/copilot/github-copilot-telemetry-terms.md index 098540d11c..aebb22478d 100644 --- a/translations/zh-CN/content/github/copilot/github-copilot-telemetry-terms.md +++ b/translations/zh-CN/content/github/copilot/github-copilot-telemetry-terms.md @@ -1,6 +1,6 @@ --- -title: GitHub Copilot Telemetry Terms -intro: 'Acceptance of the additional telemetry described below is a condition to joining the wait list for the technical preview of {% data variables.product.prodname_copilot %} and using {% data variables.product.prodname_copilot %} during the technical preview.' +title: GitHub Copilot 遥测条款 +intro: '接受下述附加遥测是加入 {% data variables.product.prodname_copilot %} 预览的等待列表并在技术预览期间使用 {% data variables.product.prodname_copilot %} 的条件。' redirect_from: - /early-access/github/copilot/telemetry-terms - /github/copilot/telemetry-terms @@ -11,7 +11,7 @@ effectiveDate: '2021-10-04' ## 附加遥测 -If you use {% data variables.product.prodname_copilot %}, the {% data variables.product.prodname_copilot %} extension/plugin will collect usage information about events generated by interacting with the integrated development environment (IDE). These events include {% data variables.product.prodname_copilot %} performance, features used, and suggestions accepted, modified and accepted, or dismissed. This information may include personal data, including your User Personal Information, as defined in the [GitHub Privacy Statement](/github/site-policy/github-privacy-statement). +如果使用 {% data variables.product.prodname_copilot %},{% data variables.product.prodname_copilot %} 扩展/插件将收集有关通过与集成开发环境 (IDE) 交互生成的事件的使用信息。 这些事件包括 {% data variables.product.prodname_copilot %} 性能、使用的功能以及接受、修改和接受或忽略的建议。 此信息可能包括您的用户个人信息等个人数据,如 [GitHub 隐私声明](/github/site-policy/github-privacy-statement)中定义。 -This usage information is used by {% data variables.product.company_short %}, and shared with Microsoft and OpenAI, to develop and improve the extension/plugin and related products. OpenAI also uses this usage information to perform other services related to {% data variables.product.prodname_copilot %}. For example, when you edit files with the {% data variables.product.prodname_copilot %} extension/plugin enabled, file content snippets, suggestions, and any modifications to suggestions will be shared with {% data variables.product.company_short %}, Microsoft, and OpenAI, and used for diagnostic purposes to improve suggestions and related products. {% data variables.product.prodname_copilot %} relies on file content for context, both in the file you are editing and potentially other files open in the same IDE instance. When you are using {% data variables.product.prodname_copilot %}, it may also collect the URLs of repositories or file paths for relevant files. {% data variables.product.prodname_copilot %} does not use these URLs, file paths, or snippets collected in your telemetry as suggestions for other users of {% data variables.product.prodname_copilot %}. This information is treated as confidential information and accessed on a need-to-know basis. You are prohibited from collecting telemetry data about other users of {% data variables.product.prodname_copilot %} from the {% data variables.product.prodname_copilot %} extension/plugin. For more details about {% data variables.product.prodname_copilot %} telemetry, please see "[About {% data variables.product.prodname_copilot %} telemetry](/github/copilot/about-github-copilot-telemetry)." You may revoke your consent to the telemetry and personal data processing operations described in this paragraph by contacting GitHub and requesting removal from the technical preview. +此使用信息供 {% data variables.product.company_short %} 使用,并与 Microsoft 及 OpenAI 共享,用于开发和改进扩展/插件及相关产品。 OpenAI 还使用此使用信息来执行与 {% data variables.product.prodname_copilot %} 相关的其他服务。 例如,当您在启用了 {% data variables.product.prodname_copilot %} 扩展/插件的情况下编辑文件时,文件内容片段、建议和对建议的任何修改将与 {% data variables.product.company_short %}、Microsoft 及 OpenAI 共享,并用于诊断目的以改进建议和相关产品。 {% data variables.product.prodname_copilot %} 依赖于文件内容的上下文,包括正在编辑的文件以及可能在同一 IDE 实例中打开的其他文件。 当您使用 {% data variables.product.prodname_copilot %} 时,它还可能收集存储库的 URL 或相关文件的文件路径。 {% data variables.product.prodname_copilot %} 不会将这些在遥测中收集的 URL、文件路径或代码段用作对 {% data variables.product.prodname_copilot %} 其他用户的建议。 此信息被视为机密信息,并在需要知道的基础上进行访问。 禁止从 {% data variables.product.prodname_copilot %} 扩展/插件收集有关 {% data variables.product.prodname_copilot %} 的其他用户的遥测数据。 有关 {% data variables.product.prodname_copilot %} 遥测的更多详细信息,请参阅“[关于 {% data variables.product.prodname_copilot %} 遥测](/github/copilot/about-github-copilot-telemetry)”。 您可以通过联系 GitHub 并请求从技术预览版中删除来撤销对本段所述遥测和个人数据处理操作的同意。 diff --git a/translations/zh-CN/content/github/index.md b/translations/zh-CN/content/github/index.md index c6652f4958..2716303226 100644 --- a/translations/zh-CN/content/github/index.md +++ b/translations/zh-CN/content/github/index.md @@ -12,7 +12,6 @@ versions: ghae: '*' children: - /copilot - - /site-policy - /site-policy-deprecated --- diff --git a/translations/zh-CN/content/github/site-policy/github-acceptable-use-policies.md b/translations/zh-CN/content/github/site-policy/github-acceptable-use-policies.md deleted file mode 100644 index 8476f099ce..0000000000 --- a/translations/zh-CN/content/github/site-policy/github-acceptable-use-policies.md +++ /dev/null @@ -1,103 +0,0 @@ ---- -title: GitHub 可接受的使用政策 -redirect_from: - - /articles/github-acceptable-use-policies -versions: - fpt: '*' -topics: - - Policy - - Legal ---- - -**短版本:** _我们托管全球各地大量的协作项目,仅当用户能够善意一起工作时,该协作才能正常进行。 在使用服务时,必须遵守我们的可接受使用政策,包括对您可以发布的内容、对服务的操作的一些限制,以及其他限制规定。 简言之,要互惠互利。_ - -有使用但在可接受使用政策中未定义的重要术语,其含义请参阅我们的[服务条款](/articles/github-terms-of-service)、[公司服务条款](/articles/github-corporate-terms-of-service)和[隐私声明](/articles/github-privacy-statement)。 对于受[公司服务条款](/articles/github-corporate-terms-of-service)约束的客户,“您”和“你的”是指“客户”或“用户”。 “我们”和“我们的”是指 "GitHub"。 - -## 1. 符合法律法规 -您负责遵照所有相关的法律、法规以及我们所有的可接受使用政策来使用服务。 这些政策可能不时更新,请参阅下面的内容以及我们的[服务条款](/articles/github-terms-of-service)和[公司服务条款](/articles/github-corporate-terms-of-service)。 - -## 2. 内容限制 -在任何情况下用户都不能上传、发布、托管、执行或传输以下任何内容: - -- 非法或宣传非法活动; - -- 是或包含[性淫秽内容](/github/site-policy/github-community-guidelines#sexually-obscene-content); - -- 诽谤、中伤或欺诈性内容; - -- 对任何个人或群体有[歧视性或辱骂性](/github/site-policy/github-community-guidelines#hate-speech-and-discrimination); - -- [无端描述或美化暴力](/github/site-policy/github-community-guidelines#gratuitously-violent-content),包括暴力图像; - -- 属于或包含可能对公共利益(包括健康、安全、选举廉正和公民参与)产生不利影响的 [虚假、不准确或有意欺骗性信息](/github/site-policy/github-community-guidelines#misinformation-and-disinformation); - -- 直接支持[非法的主动攻击或恶意软件活动](/github/site-policy/github-community-guidelines#active-malware-or-exploits) ,这些活动正在造成技术伤害 - 例如使用我们的平台来提供恶意执行或作为攻击基础架构。 例如,通过组织拒绝服务攻击或管理命令和控制服务器 - 在发生滥用行为之前没有隐含或明确的双重用途目的;或 - -- 共享未经授权的产品许可密钥、用于生成未经授权的产品许可密钥的软件,或用于绕过产品许可密钥检查的软件,包括将免费许可证延长至试用期之后;或 - -- 侵犯任何方的任何专有权利,包括专利、商标、商业秘密、版权、肖像权或其他权利。 - -更多详细信息请参阅我们的[社区指导方针](/github/site-policy/github-community-guidelines#what-is-not-allowed) 。 - -## 3. 行为限制 -在使用服务时,任何情况下都不能: - -- 对任何个人或团队[骚扰、虐待](/github/site-policy/github-community-guidelines#bullying-and-harassment)、[威胁或煽动暴力](/github/site-policy/github-community-guidelines#threats-of-violence),包括我们的员工、官员、代理人或其他用户; - -- 发布主题外内容或与平台功能交互,严重或反复[扰乱其他用户的体验](/github/site-policy/github-community-guidelines#disrupting-the-experience-of-other-users); - -- 将我们的服务器用于任何形式的[过度自动化批量活动](/github/site-policy/github-acceptable-use-policies#4-spam-and-inauthentic-activity-on-github)(如发送垃圾邮件或加密货币挖矿),通过自动化方式对我们的服务器施加不当的负担,或者通过我们的服务器转发任何其他形式的主动广告或招揽,如快速致富方案; - -- 使用我们的服务器破坏或试图破坏、非授权访问或试图非授权访问任何服务、设备、数据、帐户或网络([GitHub 漏洞赏金计划](https://bounty.github.com)授权的活动除外); - -- [冒充任何个人或实体](/github/site-policy/github-community-guidelines#impersonation),包括我们的任何员工或代表,无论是通过虚构与 GitHub 的关系,还是欺诈性误传您的身份或网站目的;或者 - -- [侵犯任何第三方](/github/site-policy/github-community-guidelines#doxxing-and-invasion-of-privacy)的隐私,例如未经同意发布他人的个人信息。 - -更多详细信息请参阅我们的[社区指导方针](/github/site-policy/github-community-guidelines#what-is-not-allowed) 。 - -## 4. GitHub 上的垃圾信息和假活动 -GitHub 禁止自动化大量群发的活动和协调假活动,如垃圾邮件。 禁止的活动包括: -* GitHub 条款和政策禁止的促销和广告大量群分 -* 假的互动,例如假帐号和自动化的假活动 -* 排名滥用,例如自动标星或关注 -* 为传播假活动而创建或参与二级市场 -* 将 GitHub 用作在其他平台上传播滥用的平台 -* 钓鱼或试图钓鱼 - -## 5. 服务使用限制 -未获明确的书面同意,不得重制、重复、复制、销售、转售或利用服务的任何部分、使用服务或访问服务。 - -## 6. 信息使用限制 -您可以出于以下原因使用我们服务中的信息,无论是爬取、通过我们的 API 收集还是以其他方式获取信息: - -- 研究人员可以出于研究目的而从服务中爬取公开的非个人信息,但仅当来自该研究的出版物[开放访问时](https://en.wikipedia.org/wiki/Open_access)才可爬取。 -- 存档人员可以将本服务中的公开信息用于存档目的。 - -爬取是指通过自动化过程(如自动程序或网络爬虫 )从我们的服务中提取数据。 爬取不是指通过我们的 API 收集信息。 有关我们的 API 条款,请参阅我们[服务条款](/articles/github-terms-of-service#h-api-terms)的 H 部分。 - -不得将服务中的信息(无论是爬取、通过我们的 API 收集的还是以其他方式获取的信息)用于垃圾邮件目的,包括向用户发送未经请求的电子邮件或出售用户个人信息(定义见 [GitHub 隐私声明](/github/site-policy/github-privacy-statement)),例如向招聘人员、猎头或职介所出售此类信息。 - -对服务信息的使用必须遵守 [GitHub 隐私声明](/github/site-policy/github-privacy-statement)。 - -## 7. 隐私 -禁止滥用用户个人信息。 - -任何个人、实体或服务从服务收集数据都必须遵守 [GitHub 隐私声明](/articles/github-privacy-statement),特别是收集用户个人信息时。 如果从服务收集任何用户个人信息,则您同意只将该用户个人信息用于该用户授权的用途。 您同意,您将合理保护从服务收集的任何用户个人信息,并且及时响应投诉、删除要求,并且“不联系”我们或其他用户的要求。 - -## 8. 过度带宽使用 -服务的带宽限制因您使用的功能而异。 如果我们确定您的带宽使用相对于其他功能类似的用户明显过多,我们有权利暂停您的帐户、限制您的文件托管或限制您的活动,直到您可以减少带宽的使用。 我们还保留在提前通知后删除我们认为对我们基础架构造成不当压力的仓库的权利。 有关在仓库中可接受的对象存储使用的指导,请参阅“[我的磁盘配额是多少?](/github/managing-large-files/what-is-my-disk-quota)”。 有关特定功能带宽限制的更多详细信息,请参阅 [GitHub 附加产品条款](/github/site-policy/github-additional-product-terms)。 - -## 9. GitHub 上的广告 -**短版本:** *我们一般不禁止使用 GitHub 发布广告。 但我们期望用户遵守某些限制,以免 GitHub 成为垃圾邮件避风港。 没人希望这样。* - -我们理解,您可能想通过在帐户中发布支持者的姓名或徽标来推广您的内容,但在帐户中或通过帐户发布到服务的内容不应侧重于广告或促销。 这包括在页面、包、仓库和服务所有其他部分或者通过它们发布的内容。 您可在与您的帐户关联的自述文件中或项目说明部分包含静态图像、链接和宣传文本,但它们必须与您在 GitHub 上托管的项目相关。 您不能在其他用户的帐户中发布广告,例如在议题中发布货币化或过多的批量内容。 - -不得推广或分发非法或我们的[服务条款](/github/site-policy/github-terms-of-service/)、[社区准则](/github/site-policy/github-community-guidelines/)或[可接受的使用政策](/github/site-policy/github-acceptable-use-policies/)禁止的内容或活动,包括过多的自动化批量活动(例如群发垃圾邮件、暴富方案以及与您的促销相关的虚假描述或欺骗。 - -如果您决定在帐户中发布任何宣传材料,您将自行负责遵守所有适用的法律和法规,包括但不限于美国联邦贸易委员会的背书和推荐准则。 联邦贸易委员会的背书和推荐准则。 我们保留删除我们单方面认为违反了任何 GitHub 条款或政策的任何宣传材料或广告的权利。 - -GitHub 保留删除任何违反此政策的任何内容的权利。 - -## 10. 用户保护 -不得从事明显损害其他用户的活动。 我们将从保护全体用户利益的角度解决争端。 diff --git a/translations/zh-CN/content/github/site-policy/github-community-guidelines.md b/translations/zh-CN/content/github/site-policy/github-community-guidelines.md deleted file mode 100644 index b1b65d8d8d..0000000000 --- a/translations/zh-CN/content/github/site-policy/github-community-guidelines.md +++ /dev/null @@ -1,108 +0,0 @@ ---- -title: GitHub 社区指导方针 -redirect_from: - - /community-guidelines - - /articles/github-community-guidelines -versions: - fpt: '*' -topics: - - Policy - - Legal ---- - -数百万开发者在 GitHub 上托管了数百万个项目,包括开源和闭源项目,我们很荣幸能够为促进社区的日常协作发挥作用。 走在一起,我们都有机会和责任让这个社区成为我们值得骄傲的地方。 - -GitHub 的用户来自世界各地,有上周才创建其第一个 "Hello World" 项目的新人,也有享誉全球的软件开发高手,他们带来了各种不同的观点、想法和经验。 我们致力于让 GitHub 成为一个海纳百川的环境,接纳各种不同的声音和观点,打造一个所有人都能畅所欲言的空间。 - -我们依靠社区成员传达期望、[仲裁](#what-if-something-or-someone-offends-you)他们的项目以及{% data variables.contact.report_abuse %}或{% data variables.contact.report_content %}。 通过概述我们期望社区内出现的情况,我们希望帮助您理解如何在 GitHub 上进行最佳的协作,以及哪种操作或内容可能违反我们的[服务条款](#legal-notices),包括我们的[可接受使用政策](/github/site-policy/github-acceptable-use-policies)。 我们将调查任何滥用举报,并且可能在我们的网站上仲裁我们确定违反了 GitHub 服务条款的公共内容。 - -## 建立强大的社区 - -GitHub 社区的主要目的是协作处理软件项目。 我们希望人们能够更好地协作。 虽然我们维护网站,但这实际上是我们一起构建的*社区*,我们需要大家共同将其打造成最好的工具。 - -* **包容开放** - 其他协作的经验水平或背景可能与您不同,但这并不意味着他们不能贡献好的想法。 鼓励大家欢迎新的协作者和刚入门的新手。 - -* **互相尊重** - 粗鲁是正常对话的天敌。 保持礼貌和专业,不要发表被理性的人视为冒犯、侮辱或仇恨的言论。 不要骚扰或打击任何人。 在所有互动中应互相尊重和体谅。 - - 您可能要发表反对的意见。 没问题。 但请记住,您的批评要对事不对人。 不要说脏话、人身攻击、纠结于帖子的语气而罔顾其实际内容或制造下意识的矛盾。 而应该提供合理的反驳论据,保持友善的对话。 - -* **共情沟通** - 意见相左或分歧是生活中的常态。 作为社区的一部分,意味着您要与各种背景和观点的人互动,其中许多人的观点可能与您不同。 如果您不同意某人的观点,请先试图理解他们并体会他们的情感,然后再发表意见。 这将有助于营造尊重和友好的氛围,让人舒适自在地提出问题、参与讨论和做出贡献。 - -* **清楚明确,紧扣主题** - 人们使用 GitHub 的目的是完成工作和提高效率。 脱离主题的评论对于完成工作和取得成效是一种干扰(有时可能受欢迎,但这种情况很少)。 紧扣主题有助于产生积极和富有成效的讨论。 - - 此外,在互联网上与陌生人交流可能并不容易。 很难传达或读懂语气,容易被误解为嘲讽。 尽可能清晰表达,并考虑其他人如何理解您的表达。 - -## 如果某事或某人冒犯您会怎么样? - -我们通过社区来了解何时需要解决问题。 我们不主动监控网站上的冒犯性内容。 如果您发现网站上有您反感的某事或某人,GitHub 提供了以下工具帮助您立即采取行动: - -* **传达期望** - 如果您参与一个没有设置其社区特定指南的社区,请提交拉取请求来建议他们在 README 或 [CONTRIBUTING 文件](/articles/setting-guidelines-for-repository-contributors/)中说明, 或者在[专用行为守则](/articles/adding-a-code-of-conduct-to-your-project/)中规定。 - -* **仲裁评论** - 如果您对仓库拥有 [写入权限](/articles/repository-permission-levels-for-an-organization/),则可以编辑、删除或隐藏任何人对提交、拉取请求和议题的评论。 对仓库具有读取权限的任何人都可查看评论的编辑历史记录。 评论作者和具有仓库写入权限的人员可以删除评论编辑历史记录中的敏感信息。 更多信息请参阅“[追踪评论中的变化](/articles/tracking-changes-in-a-comment)”和“[管理破坏性评论](/articles/managing-disruptive-comments)”。 - -* **锁定对话**- 如果某个议题或拉取请求中的讨论失控,您可以[锁定对话](/articles/locking-conversations/)。 - -* **阻止用户** - 如果您遇到一个连续表现出不良行为的用户,可以[阻止该用户访问您的个人帐户](/articles/blocking-a-user-from-your-personal-account/)或[阻止该用户访问您的组织](/articles/blocking-a-user-from-your-organization/)。 - -当然,如果您需要更多关于处理某种情况的帮助,可随时联系我们以{% data variables.contact.report_abuse %}。 - -## 不允许什么? - -我们致力于维持一个用户能够自由表达意见并对彼此想法(包括技术和其他方面)提出挑战的社区。 但当思想被压制时,这种讨论不可能促进富有成果的对话,因为因为社区成员被禁声或害怕说出来。 因此,您应该始终尊重他人,言行文明,不要对他人有任何人身攻击以谁为由攻击他人。 我们不容忍以下越界行为: - -- #### 暴力威胁 不得暴力威胁他人,也不得利用网站组织、宣传或煽动现实世界中的暴力或恐怖主义行为。 仔细考虑您使用的文字、发布的图像、编写的软件以及其他人会如何解读它们。 即使您只是开个玩笑,但别人不见得这样理解。 如果您认为别人*可能*会将您发布的内容解读为威胁或者煽动暴力或恐怖主义, 不要在 GitHub 上发布。 在非常情况下, 如果我们认为可能存在真正的人身伤害风险或公共安全威胁,我们可能会向执法机构报告暴力威胁。 - -- ####仇恨言论和歧视 虽然不禁止谈论年龄、身材、能力、种族、性别认同和表达、经验水平、国籍、外貌、民族、宗教或性认同和性取向等话题,但我们不允许基于身份特征攻击任何个人或群体。 只要认识到以一种侵略性或侮辱性的方式处理这些(及其他)敏感的专题,就可能使其他人感到不受欢迎甚至不安全。 虽然总是存在误解的可能性,但我们期望社区成员在讨论敏感问题时保持尊重和平静。 - -- #### 欺凌和骚扰 我们不容忍欺凌或骚扰。 这意味着我们不允许针对任何特定个人或群体的典型骚扰或恐吓行为。 一般来说,如果您屡次三番采取多余的行动,就很可能走进了欺凌或骚扰的歧途。 - -- ### 破坏其他用户的体验 成为社区的一部分包括认识到您的行为如何影响他人,并与他人及其依赖的平台进行有意义和富有成效的互动。 不允许重复发布与主题无关的评论、开启空洞或无意义的议题或拉取请求,或者以不断破坏其他用户体验的方式使用任何其他平台功能等行为。 虽然我们鼓励维护人员根据个别情况调整自己的项目,但 GitHub 员工可能会对从事此类行为的帐户采取进一步的限制措施。 - -- #### 冒充 不得冒充他人,包括复制他人的头像、使用他人的电子邮件地址发布内容、使用相似用户名或其他冒充方式。 冒充是骚扰的一种形式。 - -- #### 人肉和侵犯隐私 不得发布他人的个人信息,例如个人、私人电子邮件地址、电话号码、实际地址、信用卡号码、社会保障/国民身份号码或密码。 根据具体情况,例如在恐吓或骚扰的情况下,我们可能会认为发布他人信息(例如未经当事人同意而拍摄或散发的照片或视频)是侵犯隐私的行为,特别是当此类材料会给当事人带来安全风险时。 - -- #### 性淫秽内容 不得发布色情内容。 但这并不意味着禁止一切裸体或与性有关的所有代码和内容。 我们认识到,性行为是生活的一部分,非色情的性内容可能是您项目的一部分,或者出于教育或艺术目的而呈现。 我们不允许淫秽性内容或可能涉及利用或性化未成年人的内容。 - -- #### 过激的暴力内容 不得在没有合理的上下文或警告的情况下发布暴力图像、文本或其他内容。 在视频游戏、新闻报道以及对历史事件的描述中通常可以包含暴力内容,但我们不允许不加选择地发布暴力内容,或者以其他用户很难避开的方式发布(例如头像或议题评论)。 在其他情况下发布明确警告或免责声明有助于用户就他们是否想要参与这类内容作出明智的决定。 - -- #### 错误信息和虚假信息 不得发布歪曲现实的内容,包括不准确或虚假的信息(错误信息),或者故意欺骗的信息(假信息),因为这种内容可能伤害公众,或者干扰所有人公平和平等参与公共生活的机会。 例如,我们不允许可能危及群体福祉或限制他们参与自由和开放社会的内容。 鼓励积极参与表达想法、观点和经验,不得质疑个人帐户或言论。 我们通常允许模仿和讽刺,但要符合我们的“可接受使用政策”,而且我们认为上下文对于如何接收和理解信息很重要;因此,通过免责声明或其他方式澄清您的意图以及您的信息的来源,可能是适当的做法。 - -- #### Active malware or exploits Being part of a community includes not taking advantage of other members of the community. 我们不允许任何人利用我们的平台直接支持造成技术损害的非法攻击, 例如利用 GitHub 作为提供恶意可执行文件的方式或作为攻击基础架构, 例如,组织拒绝服务攻击或管理命令和控制服务器。 技术损害是指资源过度消耗、物理损坏、停机、拒绝服务或数据丢失,在滥用之前没有隐含或明确的双重用途。 - - 请注意,GitHub 允许双重用途内容,并支持发布用于研究漏洞、恶意软件或漏洞的内容,因为此类内容的发布和分发具有教育价值,并为安全社区提供净收益。 我们具有积极的意图,并利用这些项目来促进和推动整个生态系统的改善。 - - 在极少数非常普遍地滥用两用内容的情况下,我们可能会限制访问该特定内容实例,以破坏利用 GitHub 平台作为漏洞或恶意软件 CDN 的持续非法攻击或恶意软件活动。 在大多数情况下,限制采取将内容置于身份验证背后的形式,但作为最后手段,可能涉及禁用访问或在不可能的情况下完全删除(例如,当作为 Gist 发布时)。 我们还将尽可能联系项目所有者了解实施的限制。 - - 在可行的情况下,限制是暂时的,无助于永久清除或限制该平台上的任何特定两用内容或该内容的副本。 尽管我们的目标是使这些罕见的限制情况成为与项目所有者的合作过程,但如果您认为您的内容受到了不适当的限制,我们也有[申诉流程](#appeal-and-reinstatement)。 - - 为了便于项目维护者自己找到解决滥用问题的途径,在上报给 GitHub 滥用报告之前,我们建议但不要求仓库所有者在张贴可能有害的安全研究内容时采取下列步骤: - - * 在项目的 README.md 文件或源代码评论中,清楚地识别和描述任何可能有害的内容。 - * 通过仓库中的 SECURITY.md 文件为任何第三方滥用查询提供首选的联系方式(例如,“请在此仓库上为任何问题或疑虑创建议题”)。 这种联系方式允许第三方直接与项目维护者联系,并有可能解决问题,而无需提交滥用报告。 - - *GitHub 认为 npm 注册表是一个主要用于安装和代码运行时使用的平台,而不是用于研究的平台。* - - -## 如果有人违反规则会怎么样? - -当用户举报不当行为或内容时,我们可能会采取各种措施。 它通常取决于特定案例的确切情况。 我们知道,有时人们可能会出于各种原因而去说或去做一些不适当的事情。 也许他们并未意识到自己的言论会被如何解读。 或者他们只是想让自己的情绪得到宣泄。 当然,有时候,有些人只是想散发垃圾信息或存心捣乱。 - -每种情况都需要采用不同的方法,我们会努力调整对策,以满足报告的具体情况的需要。 我们将逐案审查每一份滥用报告。 在每个案例中,我们都会安排一个多元化的团队,调查内容及相关事实,并以本行为准则为决策指导,采取适当的措施。 - -为响应滥用举报,我们可能采取的措施包括但不限于: - -* 删除内容 -* 屏蔽内容 -* 帐户暂停 -* 帐户终止 - -## 申诉和恢复 - -在某些情况下,例如根据用户提供的补充资料,可能有理由推翻某项行动,或在用户已解决违规行为并同意遵守我们的可接受使用政策。 如果您想对强制执行行动提出申诉,请联系[支持](https://support.github.com/contact?tags=docs-policy)。 - -## 法律声明 - -我们将这些社区指导方针专用于公共领域,让所有人根据 [CC0-1.0](https://creativecommons.org/publicdomain/zero/1.0/) 的条款使用、重新使用、调整或适应。 - -这些只是指导方针;不影响我们的[服务条款](/articles/github-terms-of-service/),也不打算作为完整的清单。 GitHub 保留根据[服务条款](/articles/github-terms-of-service/#c-acceptable-use)完全酌处的权利,可以删除任何内容或终止其活动违反我们可接受使用条款的任何帐户。 这些指导方针说明了我们何时将行使这一酌处权。 diff --git a/translations/zh-CN/content/github/site-policy/index.md b/translations/zh-CN/content/github/site-policy/index.md deleted file mode 100644 index 526d13a1a1..0000000000 --- a/translations/zh-CN/content/github/site-policy/index.md +++ /dev/null @@ -1,52 +0,0 @@ ---- -title: 站点策略 -redirect_from: - - /categories/61/articles - - /categories/site-policy -versions: - fpt: '*' -topics: - - Policy - - Legal -children: - - /github-terms-of-service - - /github-corporate-terms-of-service - - /github-privacy-statement - - /github-data-protection-agreement - - /global-privacy-practices - - /github-sponsors-additional-terms - - /github-codespaces-privacy-statement - - /github-terms-for-additional-products-and-features - - /github-logo-policy - - /github-username-policy - - /submitting-content-removal-requests - - /dmca-takedown-policy - - /guide-to-submitting-a-dmca-takedown-notice - - /guide-to-submitting-a-dmca-counter-notice - - /github-trademark-policy - - /github-private-information-removal-policy - - /github-subprocessors-and-cookies - - /github-bug-bounty-program-legal-safe-harbor - - /coordinated-disclosure-of-security-vulnerabilities - - /guidelines-for-legal-requests-of-user-data - - /github-government-takedown-policy - - /github-acceptable-use-policies - - /githubs-notice-about-the-california-consumer-privacy-act - - /github-community-guidelines - - /github-community-forum-code-of-conduct - - /github-registered-developer-agreement - - /github-marketplace-terms-of-service - - /github-marketplace-developer-agreement - - /github-research-program-terms - - /github-open-source-applications-terms-and-conditions - - /github-and-trade-controls - - /github-deceased-user-policy - - /github-statement-against-modern-slavery-and-child-labor - - /github-anti-bribery-statement - - /github-candidate-privacy-policy - - /github-gifts-and-entertainment-policy - - /github-event-terms - - /github-event-code-of-conduct - - /github-gpl-cooperation-commitment ---- - diff --git a/translations/zh-CN/content/index.md b/translations/zh-CN/content/index.md index 0ed4ae2fb8..639ea26868 100644 --- a/translations/zh-CN/content/index.md +++ b/translations/zh-CN/content/index.md @@ -21,6 +21,7 @@ children: - github - admin - billing + - site-policy - organizations - code-security - pull-requests @@ -49,6 +50,7 @@ childGroups: - account-and-profile - authentication - billing + - site-policy - name: Collaborative coding octicon: CommentDiscussionIcon children: diff --git a/translations/zh-CN/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md b/translations/zh-CN/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md index a2594090cd..113f7e274f 100644 --- a/translations/zh-CN/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md +++ b/translations/zh-CN/content/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository.md @@ -18,7 +18,11 @@ shortTitle: 转移议题 要将打开的议题转让给另一个仓库,必须对议题所在的仓库以及议题要转让到的仓库都有写入权限。 更多信息请参阅“[组织的仓库角色](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)”。 -您只能在同一用户或组织帐户拥有的仓库之间转让议题。 {% ifversion fpt or ghes or ghec %}你不能将议题从私有仓库转移到公共仓库。{% endif %} +{% note %} + +**注意**:您只能在同一用户或组织帐户拥有的仓库之间转移议题。 {% ifversion fpt or ghes or ghec %}私有存储库问题无法转移到公共存储库。{% endif %} + +{% endnote %} 转让议题时,评论、标签和受理人将保留。 不会保留议题的里程碑。 此议题将留在任何用户拥有或组织范围的项目板上,并从任何仓库项目板中删除。 更多信息请参阅“[关于项目板](/articles/about-project-boards)”。 diff --git a/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/managing-access-to-projects.md b/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/managing-access-to-projects.md index ea1937b0dc..02af612463 100644 --- a/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/managing-access-to-projects.md +++ b/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/managing-access-to-projects.md @@ -66,7 +66,7 @@ You can only invite an individual user to collaborate on your organization-level {% note %} -This only affects collaborators for your project, not for repositories in your project. To view an item on the project, someone must have the required permissions for the repository that the item belongs to. If your project includes items from a private repository, people who are not collaborators in the repository will not be able to view items from that repository. For more information, see "[Setting repository visibility](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility)" and "[Managing teams and people with access to your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository)." +This only affects collaborators for your project, not for repositories in your project. To view an item on the project, someone must have the required permissions for the repository that the item belongs to. 如果项目包含私有存储库中的项目,则不是存储库协作者的用户将无法查看该存储库中的项。 For more information, see "[Setting repository visibility](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility)" and "[Managing teams and people with access to your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository)." {% endnote %} diff --git a/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/managing-the-visibility-of-your-projects.md b/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/managing-the-visibility-of-your-projects.md index 147f39eb56..89185c749e 100644 --- a/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/managing-the-visibility-of-your-projects.md +++ b/translations/zh-CN/content/issues/trying-out-the-new-projects-experience/managing-the-visibility-of-your-projects.md @@ -1,6 +1,6 @@ --- -title: Managing the visibility of your projects (beta) -intro: You can control who can view your projects. +title: 管理项目的可见性(测试版) +intro: 您可以控制谁可以查看您的项目。 allowTitleToDifferFromFilename: true miniTocMaxHeadingLevel: 3 versions: @@ -13,21 +13,21 @@ topics: {% data reusables.projects.projects-beta %} -## About project visibility +## 关于项目可见性 -Projects (beta) can be public or private. For public projects, everyone on the internet can view the project. For private projects, only users granted at least read access can see the project. +项目(测试版)可以是公共的,也可以是私有的。 对于公共项目,互联网上的每个人都可以查看。 对于私有项目,只有被授予至少读取访问权限的用户才能查看。 -Only the project visibility is affected; to view an item on the project, someone must have the required permissions for the repository that the item belongs to. If your project includes items from a private repository, people who are not collaborators in the repository will not be able to view items from that repository. +只有项目可见性会受影响;要查看项目上的项,必须有人具有该项所属存储库所需的权限。 如果项目包含私有存储库中的项目,则不是存储库协作者的用户将无法查看该存储库中的项。 -![Project with hidden item](/assets/images/help/projects/hidden-items.png) +![包含隐藏项的项目](/assets/images/help/projects/hidden-items.png) -Only project admins can control project visibility. +只有项目管理员才能控制项目可见性。 -In private, organization-owned projects, the avatars of users who are current making updates to the project are displayed in the project UI. +在组织拥有的私有项目中,当前对项目进行更新的用户的头像将显示在项目 UI 中。 -Project admins can also manage write and admin access to their project and control read access for individual users. For more information, see "[Managing access to projects](/issues/trying-out-the-new-projects-experience/managing-access-to-projects)." +项目管理员还可以管理对其项目的写入和管理员访问权限,并控制单个用户的读取访问权限。 更多信息请参阅“[管理对项目的访问](/issues/trying-out-the-new-projects-experience/managing-access-to-projects)”。 -## Changing project visibility +## 更改项目可见性 {% data reusables.projects.project-settings %} -1. Under **Visibility**, select **Private** or **Public**. +1. 在 **Visibility(可见性)**下,选择 **Private(私有)**或 **Public(公共)**。 diff --git a/translations/zh-CN/content/organizations/collaborating-with-groups-in-organizations/about-organizations.md b/translations/zh-CN/content/organizations/collaborating-with-groups-in-organizations/about-organizations.md index 2b6bee14ee..b4a7974963 100644 --- a/translations/zh-CN/content/organizations/collaborating-with-groups-in-organizations/about-organizations.md +++ b/translations/zh-CN/content/organizations/collaborating-with-groups-in-organizations/about-organizations.md @@ -28,7 +28,7 @@ topics: {% ifversion ghec %}对于属于企业帐户的组织,计费在企业帐户级别进行管理,而计费设置在组织级别不可用。{% endif %} 企业所有者可以为企业帐户中的所有组织设置策略,或允许组织所有者在组织级别设置策略。 组织所有者无法更改在企业帐户级对组织执行的设置。 如果对组织的策略或设置有疑问,请联系企业帐户的所有者。 {% ifversion ghec %} -{% data reusables.enterprise.create-an-enterprise-account %} For more information, see "[Creating an enterprise account](/admin/overview/creating-an-enterprise-account)." +{% data reusables.enterprise.create-an-enterprise-account %} 更多信息请参阅“[创建企业帐户](/admin/overview/creating-an-enterprise-account)”。 {% data reusables.enterprise-accounts.invite-organization %} {% endif %} diff --git a/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md b/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md index d59c1e32ec..ceaa325d9a 100644 --- a/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md +++ b/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md @@ -122,7 +122,7 @@ shortTitle: 管理安全和分析 默认情况下,{% data variables.product.prodname_dependabot %} 无法更新位于私有仓库或私有仓库注册表中的依赖项。 但是,如果依赖项位于与使用该依赖项之项目相同的组织内的私有 {% data variables.product.prodname_dotcom %} 仓库中,则可以通过授予对主机仓库的访问权限来允许 {% data variables.product.prodname_dependabot %} 成功更新版本。 -如果您的代码依赖于私有注册表中的软件包,您可以在仓库级别进行配置,允许 {% data variables.product.prodname_dependabot %} 更新这些依赖项的版本。 可通过将身份验证详细信息添加到仓库的 _dependabot.yml_ 文件来做到这一点。 更多信息请参阅“[依赖项更新的配置选项](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)。” +如果您的代码依赖于私有注册表中的软件包,您可以在仓库级别进行配置,允许 {% data variables.product.prodname_dependabot %} 更新这些依赖项的版本。 可通过将身份验证详细信息添加到仓库的 _dependabot.yml_ 文件来做到这一点。 For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." 要允许 {% data variables.product.prodname_dependabot %} 访问私有 {% data variables.product.prodname_dotcom %} 仓库: @@ -157,6 +157,5 @@ shortTitle: 管理安全和分析 - "[保护您的仓库](/code-security/getting-started/securing-your-repository)"{% ifversion not fpt %} - "[About secret scanning](/github/administering-a-repository/about-secret-scanning)"{% endif %}{% ifversion not ghae %} -- “[关于依赖关系图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)” -- "[Managing vulnerabilities in your project's dependencies](/github/managing-security-vulnerabilities/managing-vulnerabilities-in-your-projects-dependencies)"{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %} -- "[自动更新依赖项](/github/administering-a-repository/keeping-your-dependencies-updated-automatically)"{% endif %} +- "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)"{% endif %}{% ifversion fpt or ghec or ghes or ghae-issue-4864 %} +- "[About supply chain security](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)"{% endif %} diff --git a/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md b/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md index 842b65165c..73c354afe7 100644 --- a/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md +++ b/translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md @@ -35,52 +35,52 @@ The audit log lists events triggered by activities that affect your organization 要搜索特定事件,请在查询中使用 `action` 限定符。 审核日志中列出的操作分为以下类别: -| 类别名称 | 描述 | -| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |{% ifversion fpt or ghec %} -| [`帐户`](#account-category-actions) | 包含与组织帐户相关的所有活动。 | -| [`advisory_credit`](#advisory_credit-category-actions) | 包含与 {% data variables.product.prodname_advisory_database %} 中安全通告的贡献者积分相关的所有活动。 更多信息请参阅“[关于 {% data variables.product.prodname_dotcom %} 安全通告](/github/managing-security-vulnerabilities/about-github-security-advisories)”。 | -| [`计费,帐单`](#billing-category-actions) | 包含与组织帐单相关的所有活动。 | -| [`business`](#business-category-actions) | 包含与企业业务设置相关的活动。 | +| 类别名称 | 描述 | +| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |{% ifversion fpt or ghec %} +| [`帐户`](#account-category-actions) | 包含与组织帐户相关的所有活动。 | +| [`advisory_credit`](#advisory_credit-category-actions) | 包含与 {% data variables.product.prodname_advisory_database %} 中安全通告的贡献者积分相关的所有活动。 更多信息请参阅“[关于 {% data variables.product.prodname_dotcom %} 安全通告](/github/managing-security-vulnerabilities/about-github-security-advisories)”。 | +| [`计费,帐单`](#billing-category-actions) | 包含与组织帐单相关的所有活动。 | +| [`business`](#business-category-actions) | 包含与企业业务设置相关的活动。 | | [`codespaces`](#codespaces-category-actions) | Contains all activities related to your organization's codespaces. |{% endif %}{% ifversion fpt or ghec or ghes > 3.2 %} -| [`dependabot_alerts`](#dependabot_alerts-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in existing repositories. 更多信息请参阅“[关于易受攻击的依赖项的警报](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 | -| [`dependabot_alerts_new_repos`](#dependabot_alerts_new_repos-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in new repositories created in the organization. | -| [`dependabot_security_updates`](#dependabot_security_updates-category-actions) | 包含现有仓库中 {% data variables.product.prodname_dependabot_security_updates %} 的组织级配置活动。 更多信息请参阅“[配置 {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)。” | +| [`dependabot_alerts`](#dependabot_alerts-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in existing repositories. 更多信息请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 | +| [`dependabot_alerts_new_repos`](#dependabot_alerts_new_repos-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in new repositories created in the organization. | +| [`dependabot_security_updates`](#dependabot_security_updates-category-actions) | 包含现有仓库中 {% data variables.product.prodname_dependabot_security_updates %} 的组织级配置活动。 更多信息请参阅“[配置 {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/configuring-dependabot-security-updates)。” | | [`dependabot_security_updates_new_repos`](#dependabot_security_updates_new_repos-category-actions) | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_security_updates %} for new repositories created in the organization.{% endif %}{% ifversion fpt or ghec %} -| [`dependency_graph`](#dependency_graph-category-actions) | 包含仓库依赖项图的组织级配置活动。 更多信息请参阅“[关于依赖关系图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)”。 | +| [`dependency_graph`](#dependency_graph-category-actions) | 包含仓库依赖项图的组织级配置活动。 更多信息请参阅“[关于依赖关系图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)”。 | | [`dependency_graph_new_repos`](#dependency_graph_new_repos-category-actions) | 包含组织新建仓库的组织级配置活动。{% endif %} -| [`discussion_post`](#discussion_post-category-actions) | 包含与发布到团队页面的讨论相关的所有活动。 | +| [`discussion_post`](#discussion_post-category-actions) | 包含与发布到团队页面的讨论相关的所有活动。 | | [`discussion_post_reply`](#discussion_post_reply-category-actions) | 包含与发布到团队页面的讨论回复相关的所有活动。{% ifversion fpt or ghes or ghec %} -| [`企业`](#enterprise-category-actions) | 包含与企业设置相关的活动。 |{% endif %} -| [`挂钩`](#hook-category-actions) | 包含与 web 挂钩相关的所有活动。 | +| [`企业`](#enterprise-category-actions) | 包含与企业设置相关的活动。 |{% endif %} +| [`挂钩`](#hook-category-actions) | 包含与 web 挂钩相关的所有活动。 | | [`integration_installation_request`](#integration_installation_request-category-actions) | 包含与组织成员请求所有者批准用于组织的集成相关的所有活动。 |{% ifversion ghec or ghae %} -| [`ip_allow_list`](#ip_allow_list-category-actions) | Contains activities related to enabling or disabling the IP allow list for an organization. | +| [`ip_allow_list`](#ip_allow_list-category-actions) | Contains activities related to enabling or disabling the IP allow list for an organization. | | [`ip_allow_list_entry`](#ip_allow_list_entry-category-actions) | Contains activities related to the creation, deletion, and editing of an IP allow list entry for an organization.{% endif %} -| [`议题`](#issue-category-actions) | 包含与删除议题相关的活动。 |{% ifversion fpt or ghec %} -| [`marketplace_agreement_signature`](#marketplace_agreement_signature-category-actions) | 包含与签署 {% data variables.product.prodname_marketplace %} 开发者协议相关的所有活动。 | +| [`议题`](#issue-category-actions) | 包含与删除议题相关的活动。 |{% ifversion fpt or ghec %} +| [`marketplace_agreement_signature`](#marketplace_agreement_signature-category-actions) | 包含与签署 {% data variables.product.prodname_marketplace %} 开发者协议相关的所有活动。 | | [`marketplace_listing`](#marketplace_listing-category-actions) | 包含与在 {% data variables.product.prodname_marketplace %} 中上架应用程序相关的所有活动。{% endif %}{% ifversion fpt or ghes or ghec %} -| [`members_can_create_pages`](#members_can_create_pages-category-actions) | 包含与管理组织仓库的 {% data variables.product.prodname_pages %} 站点发布相关的所有活动。 更多信息请参阅“[管理组织的 {% data variables.product.prodname_pages %} 站点发布](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)”。 |{% endif %} +| [`members_can_create_pages`](#members_can_create_pages-category-actions) | 包含与管理组织仓库的 {% data variables.product.prodname_pages %} 站点发布相关的所有活动。 更多信息请参阅“[管理组织的 {% data variables.product.prodname_pages %} 站点发布](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)”。 |{% endif %} | [`org`](#org-category-actions) | 包含与组织成员身份相关的活动。{% ifversion ghec %} | [`org_credential_authorization`](#org_credential_authorization-category-actions) | 包含与授权凭据以用于 SAML 单点登录相关的所有活动。{% endif %}{% ifversion fpt or ghes or ghae or ghec %} | [`organization_label`](#organization_label-category-actions) | 包含与组织中仓库的默认标签相关的所有活动。{% endif %} | [`oauth_application`](#oauth_application-category-actions) | 包含与 OAuth 应用程序相关的所有活动。{% ifversion fpt or ghes or ghec %} | [`包`](#packages-category-actions) | 包含与 {% data variables.product.prodname_registry %} 相关的所有活动。{% endif %}{% ifversion fpt or ghec %} | [`payment_method`](#payment_method-category-actions) | 包含与组织如何支付 GitHub 相关的所有活动。{% endif %} -| [`profile_picture`](#profile_picture-category-actions) | 包含与组织的头像相关的所有活动。 | -| [`project`](#project-category-actions) | 包含与项目板相关的所有活动。 | -| [`protected_branch`](#protected_branch-category-actions) | 包含与受保护分支相关的所有活动。 | +| [`profile_picture`](#profile_picture-category-actions) | 包含与组织的头像相关的所有活动。 | +| [`project`](#project-category-actions) | 包含与项目板相关的所有活动。 | +| [`protected_branch`](#protected_branch-category-actions) | 包含与受保护分支相关的所有活动。 | | [`repo`](#repo-category-actions) | 包含与组织拥有的仓库相关的所有活动。{% ifversion fpt or ghec %} -| [`repository_advisory`](#repository_advisory-category-actions) | 包含与 {% data variables.product.prodname_advisory_database %} 中的安全通告相关的仓库级活动。 更多信息请参阅“[关于 {% data variables.product.prodname_dotcom %} 安全通告](/github/managing-security-vulnerabilities/about-github-security-advisories)”。 | +| [`repository_advisory`](#repository_advisory-category-actions) | 包含与 {% data variables.product.prodname_advisory_database %} 中的安全通告相关的仓库级活动。 更多信息请参阅“[关于 {% data variables.product.prodname_dotcom %} 安全通告](/github/managing-security-vulnerabilities/about-github-security-advisories)”。 | | [`repository_content_analysis`](#repository_content_analysis-category-actions) | 包含与[启用或禁用私有仓库的数据使用](/articles/about-github-s-use-of-your-data)相关的所有活动。{% endif %}{% ifversion fpt or ghec %} -| [`repository_dependency_graph`](#repository_dependency_graph-category-actions) | 包含与启用或禁用依赖项图相关的仓库级活动 | -| {% ifversion fpt or ghec %}私有{% endif %}仓库。 更多信息请参阅“[关于依赖项图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)”。{% endif %}{% ifversion ghes or ghae or ghec %} | | -| [`repository_secret_scanning`](#repository_secret_scanning-category-actions) | 包含与密码扫描相关的仓库级活动。 更多信息请参阅“[关于密钥扫描](/github/administering-a-repository/about-secret-scanning)”。 |{% endif %}{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} +| [`repository_dependency_graph`](#repository_dependency_graph-category-actions) | 包含与启用或禁用依赖项图相关的仓库级活动 | +| {% ifversion fpt or ghec %}私有{% endif %}仓库。 更多信息请参阅“[关于依赖项图](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph)”。{% endif %}{% ifversion ghes or ghae or ghec %} | | +| [`repository_secret_scanning`](#repository_secret_scanning-category-actions) | 包含与密码扫描相关的仓库级活动。 更多信息请参阅“[关于密钥扫描](/github/administering-a-repository/about-secret-scanning)”。 |{% endif %}{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} | [`repository_vulnerability_alert`](#repository_vulnerability_alert-category-actions) | 包含与[有漏洞依赖项的 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)相关的所有活动。{% endif %}{% ifversion fpt or ghec %} | [`repository_vulnerability_alerts`](#repository_vulnerability_alerts-category-actions) | Contains repository-level configuration activities for {% data variables.product.prodname_dependabot_alerts %}.{% endif %}{% ifversion ghec %} | [`角色`](#role-category-actions) | Contains all activities related to [custom repository roles](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization).{% endif %}{% ifversion ghes or ghae or ghec %} -| [`secret_scanning`](#secret_scanning-category-actions) | 包含现有仓库中密码扫描的组织级配置活动。 更多信息请参阅“[关于密钥扫描](/github/administering-a-repository/about-secret-scanning)”。 | -| [`secret_scanning_new_repos`](#secret_scanning_new_repos-category-actions) | 包含组织新建仓库中密码扫描的组织级配置活动。 |{% endif %}{% ifversion fpt or ghec %} +| [`secret_scanning`](#secret_scanning-category-actions) | 包含现有仓库中密码扫描的组织级配置活动。 更多信息请参阅“[关于密钥扫描](/github/administering-a-repository/about-secret-scanning)”。 | +| [`secret_scanning_new_repos`](#secret_scanning_new_repos-category-actions) | 包含组织新建仓库中密码扫描的组织级配置活动。 |{% endif %}{% ifversion fpt or ghec %} | [`sponsors`](#sponsors-category-actions) | 包含与与赞助者按钮相关的所有事件(请参阅“[在仓库中显示赞助者按钮](/articles/displaying-a-sponsor-button-in-your-repository)”){% endif %} -| [`团队`](#team-category-actions) | 包含与您的组织中的团队相关的所有活动。 | +| [`团队`](#team-category-actions) | 包含与您的组织中的团队相关的所有活动。 | | [`team_discussions`](#team_discussions-category-actions) | Contains activities related to managing team discussions for an organization.{% ifversion fpt or ghec or ghes > 3.1 or ghae %} | [`工作流程`](#workflows-category-actions) | Contains activities related to {% data variables.product.prodname_actions %} workflows.{% endif %} @@ -507,13 +507,13 @@ By default, only events from the past three months are returned. To include olde {% ifversion fpt or ghes or ghec %} ### `packages` 类操作 -| 操作 | 描述 | -| --------------------------- | ------------------------------------------------------------------------------------------------------ | -| `package_version_published` | 当软件包版本发布时触发。 | -| `package_version_deleted` | 当特定软件包版本被删除时触发。 更多信息请参阅“[删除和恢复软件包](/packages/learn-github-packages/deleting-and-restoring-a-package)”。 | -| `package_deleted` | 在整个软件包被删除时触发。 更多信息请参阅“[删除和恢复软件包](/packages/learn-github-packages/deleting-and-restoring-a-package)”。 | -| `package_version_restored` | 当特定软件包版本被删除时触发。 更多信息请参阅“[删除和恢复软件包](/packages/learn-github-packages/deleting-and-restoring-a-package)”。 | -| `package_restored` | 在整个软件包恢复时触发。 更多信息请参阅“[删除和恢复软件包](/packages/learn-github-packages/deleting-and-restoring-a-package)”。 | +| 操作 | 描述 | +| --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `package_version_published` | 当软件包版本发布时触发。 | +| `package_version_deleted` | Triggered when a specific package version is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_deleted` | Triggered when an entire package is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_version_restored` | Triggered when a specific package version is deleted.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} +| `package_restored` | Triggered when an entire package is restored.{% ifversion fpt or ghec or ghes > 3.1 %} For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} {% endif %} @@ -680,11 +680,11 @@ By default, only events from the past three months are returned. To include olde {% endif %}{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} ### `repository_vulnerability_alert` 类操作 -| 操作 | 描述 | -| -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `create` | Triggered when {% data variables.product.product_name %} creates a {% data variables.product.prodname_dependabot %} alert for a repository that uses a vulnerable dependency. 更多信息请参阅“[关于易受攻击的依赖项的警报](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 | -| `忽略` | Triggered when an organization owner or person with admin access to the repository dismisses a {% data variables.product.prodname_dependabot %} alert about a vulnerable dependency. | -| `解决` | 当对仓库具有写入权限的人推送更改以更新和解决项目依赖项中的漏洞时触发。 | +| 操作 | 描述 | +| -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `create` | Triggered when {% data variables.product.product_name %} creates a {% data variables.product.prodname_dependabot %} alert for a repository that uses a vulnerable dependency. 更多信息请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 | +| `忽略` | Triggered when an organization owner or person with admin access to the repository dismisses a {% data variables.product.prodname_dependabot %} alert about a vulnerable dependency. | +| `解决` | 当对仓库具有写入权限的人推送更改以更新和解决项目依赖项中的漏洞时触发。 | {% endif %}{% ifversion fpt or ghec %} ### `repository_vulnerability_alerts` 类操作 @@ -746,18 +746,18 @@ By default, only events from the past three months are returned. To include olde ### `team` 类操作 -| 操作 | 描述 | -| ------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `add_member` | 当组织成员被[添加到团队](/articles/adding-organization-members-to-a-team)时触发。 | -| `add_repository` | 当团队被授予控制仓库的权限时触发。 | -| `change_parent_team` | 在创建子团队或[更改子团队的父级](/articles/moving-a-team-in-your-organization-s-hierarchy)时触发。 | -| `change_privacy` | 当团队的隐私级别发生更改时触发。 | -| `create` | 在创建新团队时触发。 | -| `demote_maintainer` | Triggered when a user was demoted from a team maintainer to a team member. For more information, see "[Assigning the team maintainer role to a team member](/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member)." | -| `destroy` | 从组织中删除团队时触发。 | -| `team.promote_maintainer` | Triggered when a user was promoted from a team member to a team maintainer. For more information, see "[Assigning the team maintainer role to a team member](/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member)." | -| `remove_member` | [从团队中删除组织成员](/articles/removing-organization-members-from-a-team)时触发。 | -| `remove_repository` | 当仓库不再受团队控制时触发。 | +| 操作 | 描述 | +| ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `add_member` | 当组织成员被[添加到团队](/articles/adding-organization-members-to-a-team)时触发。 | +| `add_repository` | 当团队被授予控制仓库的权限时触发。 | +| `change_parent_team` | 在创建子团队或[更改子团队的父级](/articles/moving-a-team-in-your-organization-s-hierarchy)时触发。 | +| `change_privacy` | 当团队的隐私级别发生更改时触发。 | +| `create` | 在创建新团队时触发。 | +| `demote_maintainer` | Triggered when a user was demoted from a team maintainer to a team member. 更多信息请参阅“[将团队维护者角色分配给团队成员](/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member)”。 | +| `destroy` | 从组织中删除团队时触发。 | +| `team.promote_maintainer` | Triggered when a user was promoted from a team member to a team maintainer. 更多信息请参阅“[将团队维护者角色分配给团队成员](/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member)”。 | +| `remove_member` | [从团队中删除组织成员](/articles/removing-organization-members-from-a-team)时触发。 | +| `remove_repository` | 当仓库不再受团队控制时触发。 | ### `team_discussions` 类操作 diff --git a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization.md b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization.md index bf281764ec..00da4e4122 100644 --- a/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization.md +++ b/translations/zh-CN/content/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization.md @@ -1,6 +1,6 @@ --- -title: Repository roles for an organization -intro: 'You can customize access to each repository in your organization by assigning granular roles, giving people access to the features and tasks they need.' +title: 组织的存储库角色 +intro: 您可以通过细化角色自定义组织中每个仓库的权限,从而为每个用户提供所需的功能和任务权限。 miniTocMaxHeadingLevel: 3 redirect_from: - /articles/repository-permission-levels-for-an-organization-early-access-program @@ -15,14 +15,14 @@ versions: topics: - Organizations - Teams -shortTitle: Repository roles +shortTitle: 存储库角色 --- -## Repository roles for organizations +## 组织的存储库角色 -You can give organization members, outside collaborators, and teams of people different levels of access to repositories owned by an organization by assigning them to roles. Choose the role that best fits each person or team's function in your project without giving people more access to the project than they need. +您可以通过分配角色,为组织成员、外部协作者和人员团队提供对组织仓库不同级别的权限。 选择最适合每个人或团队在项目中的职能的角色,而不是提供超过其需求的项目权限。 -From least access to most access, the roles for an organization repository are: +组织存储库的角色从低到高的权限级别分别为: - **读取**:建议授予要查看或讨论项目的非代码参与者 - **分类**:建议授予需要主动管理议题和拉取请求的参与者,无写入权限 - **写入**:建议授予积极向项目推送的参与者 @@ -30,16 +30,16 @@ From least access to most access, the roles for an organization repository are: - **管理员**:建议授予需要完全项目权限的人员,包括执行敏感和破坏性操作,例如管理安全性或删除仓库 {% ifversion fpt %} -If your organization uses {% data variables.product.prodname_ghe_cloud %}, you can create custom repository roles. For more information, see "[Managing custom repository roles for an organization](/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)" in the {% data variables.product.prodname_ghe_cloud %} documentation. +如果您的组织使用 {% data variables.product.prodname_ghe_cloud %},则可以创建自定义存储库角色。 更多信息请参阅 {% data variables.product.prodname_ghe_cloud %} 文档中的“[管理组织的自定义仓库角色](/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)”。 {% elsif ghec %} -You can create custom repository roles. 更多信息请参阅“[管理组织的自定义仓库角色](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)”。 +您可以创建自定义存储库角色。 更多信息请参阅“[管理组织的自定义仓库角色](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)”。 {% endif %} 组织所有者可以在访问组织的任何仓库时设置适用于组织所有成员的基本权限。 更多信息请参阅“[设置组织的基本权限](/organizations/managing-access-to-your-organizations-repositories/setting-base-permissions-for-an-organization#setting-base-permissions)”。 组织所有者还可以选择进一步限制对整个组织中某些设置和操作的权限。 有关特定设置选项的更多信息,请参阅“[管理组织设置](/articles/managing-organization-settings)”。 -In addition to managing organization-level settings, organization owners have admin access to every repository owned by the organization. 更多信息请参阅“[组织中的角色](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)”。 +除了管理组织级设置之外,组织所有者对组织拥有的每个存储库都具有管理员权限。 更多信息请参阅“[组织中的角色](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)”。 {% warning %} @@ -47,7 +47,7 @@ In addition to managing organization-level settings, organization owners have ad {% endwarning %} -## Permissions for each role +## 每个角色的权限 {% ifversion fpt %} 下面列出的一些功能仅限于使用 {% data variables.product.prodname_ghe_cloud %} 的组织。 {% data reusables.enterprise.link-to-ghec-trial %} @@ -56,107 +56,107 @@ In addition to managing organization-level settings, organization owners have ad {% ifversion fpt or ghes or ghec %} {% note %} -**Note:** The roles required to use security features are listed in "[Access requirements for security features](#access-requirements-for-security-features)" below. +**注意:** 用安全功能所需的角色在下面的“[安全功能的访问要求](#access-requirements-for-security-features)”中列出。 {% endnote %} {% endif %} -| 仓库操作 | 读取 | 分类 | 写入 | 维护 | 管理员 | -|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |:-----:|:-----:|:-----:|:-----:|:-------------------------------------------------------------------:| -| Manage [individual](/organizations/managing-access-to-your-organizations-repositories/managing-an-individuals-access-to-an-organization-repository), [team](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository), and [outside collaborator](/organizations/managing-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization) access to the repository | | | | | **X** | -| 从人员或团队的已分配仓库拉取 | **X** | **X** | **X** | **X** | **X** | -| 复刻人员或团队的已分配仓库 | **X** | **X** | **X** | **X** | **X** | -| 编辑和删除自己的评论 | **X** | **X** | **X** | **X** | **X** | -| 打开议题 | **X** | **X** | **X** | **X** | **X** | -| 关闭自己打开的议题 | **X** | **X** | **X** | **X** | **X** | -| 重新打开自己关闭的议题 | **X** | **X** | **X** | **X** | **X** | -| 受理议题 | **X** | **X** | **X** | **X** | **X** | -| 从团队已分配仓库的复刻发送拉取请求 | **X** | **X** | **X** | **X** | **X** | -| 提交拉取请求审查 | **X** | **X** | **X** | **X** | **X** | -| 查看已发布的版本 | **X** | **X** | **X** | **X** | **X** |{% ifversion fpt or ghec %} -| 查看 [GitHub Actions 工作流程运行](/actions/automating-your-workflow-with-github-actions/managing-a-workflow-run) | **X** | **X** | **X** | **X** | **X** +| 仓库操作 | 读取 | 分类 | 写入 | 维护 | 管理员 | +|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |:-----:|:-----:|:-----:|:-----:|:-------------------------------------------------------------------:| +| 管理[个人](/organizations/managing-access-to-your-organizations-repositories/managing-an-individuals-access-to-an-organization-repository)、[团队](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)和[外部协作者](/organizations/managing-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization)的存储库访问权限 | | | | | **X** | +| 从人员或团队的已分配仓库拉取 | **X** | **X** | **X** | **X** | **X** | +| 复刻人员或团队的已分配仓库 | **X** | **X** | **X** | **X** | **X** | +| 编辑和删除自己的评论 | **X** | **X** | **X** | **X** | **X** | +| 打开议题 | **X** | **X** | **X** | **X** | **X** | +| 关闭自己打开的议题 | **X** | **X** | **X** | **X** | **X** | +| 重新打开自己关闭的议题 | **X** | **X** | **X** | **X** | **X** | +| 受理议题 | **X** | **X** | **X** | **X** | **X** | +| 从团队已分配仓库的复刻发送拉取请求 | **X** | **X** | **X** | **X** | **X** | +| 提交拉取请求审查 | **X** | **X** | **X** | **X** | **X** | +| 查看已发布的版本 | **X** | **X** | **X** | **X** | **X** |{% ifversion fpt or ghec %} +| 查看 [GitHub Actions 工作流程运行](/actions/automating-your-workflow-with-github-actions/managing-a-workflow-run) | **X** | **X** | **X** | **X** | **X** {% endif %} -| 编辑公共仓库中的 Wiki | **X** | **X** | **X** | **X** | **X** | -| 编辑私有仓库中的 Wiki | | | **X** | **X** | **X** |{% ifversion fpt or ghec %} -| [举报滥用或垃圾内容](/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam) | **X** | **X** | **X** | **X** | **X** +| 编辑公共仓库中的 Wiki | **X** | **X** | **X** | **X** | **X** | +| 编辑私有仓库中的 Wiki | | | **X** | **X** | **X** |{% ifversion fpt or ghec %} +| [举报滥用或垃圾内容](/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam) | **X** | **X** | **X** | **X** | **X** {% endif %} -| 应用/忽略标签 | | **X** | **X** | **X** | **X** | -| 创建、编辑、删除标签 | | | **X** | **X** | **X** | -| 关闭、重新打开和分配所有议题与拉取请求 | | **X** | **X** | **X** | **X** | -| [在拉取请求上启用和禁用自动合并](/github/administering-a-repository/managing-auto-merge-for-pull-requests-in-your-repository) | | | **X** | **X** | **X** | -| 应用里程碑 | | **X** | **X** | **X** | **X** | -| 标记[重复的议题和拉取请求](/articles/about-duplicate-issues-and-pull-requests) | | **X** | **X** | **X** | **X** | -| 申请[拉取请求审查](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review) | | **X** | **X** | **X** | **X** | -| 合并[拉取请求](/github/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges) | | | **X** | **X** | **X** | -| 推送到(写入)人员或团队的已分配仓库 | | | **X** | **X** | **X** | -| 编辑和删除任何人对提交、拉取请求和议题的评论 | | | **X** | **X** | **X** | -| [隐藏任何人的评论](/communities/moderating-comments-and-conversations/managing-disruptive-comments) | | | **X** | **X** | **X** | -| [锁定对话](/communities/moderating-comments-and-conversations/locking-conversations) | | | **X** | **X** | **X** | -| 转让议题(更多信息请参阅“[将议题转让给其他仓库](/articles/transferring-an-issue-to-another-repository)”) | | | **X** | **X** | **X** | -| [作为仓库的指定代码所有者](/articles/about-code-owners) | | | **X** | **X** | **X** | -| [将拉取请求草稿标记为可供审查](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request) | | | **X** | **X** | **X** | -| [将拉取请求转换为草稿](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request) | | | **X** | **X** | **X** | -| 提交影响拉取请求可合并性的审查 | | | **X** | **X** | **X** | -| 对拉取请求[应用建议的更改](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/incorporating-feedback-in-your-pull-request) | | | **X** | **X** | **X** | -| 创建[状态检查](/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/about-status-checks) | | | **X** | **X** | **X** |{% ifversion fpt or ghec %} -| 创建、编辑、运行、重新运行和取消 [GitHub Actions 工作流程](/actions/automating-your-workflow-with-github-actions/) | | | **X** | **X** | **X** +| 应用/忽略标签 | | **X** | **X** | **X** | **X** | +| 创建、编辑、删除标签 | | | **X** | **X** | **X** | +| 关闭、重新打开和分配所有议题与拉取请求 | | **X** | **X** | **X** | **X** | +| [在拉取请求上启用和禁用自动合并](/github/administering-a-repository/managing-auto-merge-for-pull-requests-in-your-repository) | | | **X** | **X** | **X** | +| 应用里程碑 | | **X** | **X** | **X** | **X** | +| 标记[重复的议题和拉取请求](/articles/about-duplicate-issues-and-pull-requests) | | **X** | **X** | **X** | **X** | +| 申请[拉取请求审查](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review) | | **X** | **X** | **X** | **X** | +| 合并[拉取请求](/github/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges) | | | **X** | **X** | **X** | +| 推送到(写入)人员或团队的已分配仓库 | | | **X** | **X** | **X** | +| 编辑和删除任何人对提交、拉取请求和议题的评论 | | | **X** | **X** | **X** | +| [隐藏任何人的评论](/communities/moderating-comments-and-conversations/managing-disruptive-comments) | | | **X** | **X** | **X** | +| [锁定对话](/communities/moderating-comments-and-conversations/locking-conversations) | | | **X** | **X** | **X** | +| 转让议题(更多信息请参阅“[将议题转让给其他仓库](/articles/transferring-an-issue-to-another-repository)”) | | | **X** | **X** | **X** | +| [作为仓库的指定代码所有者](/articles/about-code-owners) | | | **X** | **X** | **X** | +| [将拉取请求草稿标记为可供审查](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request) | | | **X** | **X** | **X** | +| [将拉取请求转换为草稿](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request) | | | **X** | **X** | **X** | +| 提交影响拉取请求可合并性的审查 | | | **X** | **X** | **X** | +| 对拉取请求[应用建议的更改](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/incorporating-feedback-in-your-pull-request) | | | **X** | **X** | **X** | +| 创建[状态检查](/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/about-status-checks) | | | **X** | **X** | **X** |{% ifversion fpt or ghec %} +| 创建、编辑、运行、重新运行和取消 [GitHub Actions 工作流程](/actions/automating-your-workflow-with-github-actions/) | | | **X** | **X** | **X** {% endif %} -| 创建和编辑发行版 | | | **X** | **X** | **X** | -| 查看发行版草稿 | | | **X** | **X** | **X** | -| 编辑仓库的说明 | | | | **X** | **X** |{% ifversion fpt or ghae or ghec %} -| [查看和安装包](/packages/publishing-and-managing-packages) | **X** | **X** | **X** | **X** | **X** | -| [发布包](/packages/publishing-and-managing-packages/publishing-a-package) | | | **X** | **X** | **X** | -| [删除和恢复包](/packages/learn-github-packages/deleting-and-restoring-a-package) | | | | | **X** |{% endif %} -| 管理[主题](/articles/classifying-your-repository-with-topics) | | | | **X** | **X** | -| 启用 wiki 和限制 wiki 编辑器 | | | | **X** | **X** | -| 启用项目板 | | | | **X** | **X** | -| 配置[拉取请求合并](/articles/configuring-pull-request-merges) | | | | **X** | **X** | -| 配置[ {% data variables.product.prodname_pages %} 的发布源](/articles/configuring-a-publishing-source-for-github-pages) | | | | **X** | **X** | -| [Manage branch protection rules](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule) | | | | | **X** | -| [推送到受保护分支](/articles/about-protected-branches) | | | | **X** | **X** | -| 合并受保护分支上的拉取请求(即使没有批准审查) | | | | | **X** |{% ifversion fpt or ghes > 3.4 or ghae-issue-6337 or ghec %} -| Create tags that match a [tag protection rule](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules) | | | | **X** | **X** | -| Delete tags that match a [tag protection rule](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules) | | | | | **X** +| 创建和编辑发行版 | | | **X** | **X** | **X** | +| 查看发行版草稿 | | | **X** | **X** | **X** | +| 编辑仓库的说明 | | | | **X** | **X** |{% ifversion fpt or ghae or ghec %} +| [查看和安装包](/packages/publishing-and-managing-packages) | **X** | **X** | **X** | **X** | **X** | +| [发布包](/packages/publishing-and-managing-packages/publishing-a-package) | | | **X** | **X** | **X** | +| [删除和恢复包](/packages/learn-github-packages/deleting-and-restoring-a-package) | | | | | **X** |{% endif %} +| 管理[主题](/articles/classifying-your-repository-with-topics) | | | | **X** | **X** | +| 启用 wiki 和限制 wiki 编辑器 | | | | **X** | **X** | +| 启用项目板 | | | | **X** | **X** | +| 配置[拉取请求合并](/articles/configuring-pull-request-merges) | | | | **X** | **X** | +| 配置[ {% data variables.product.prodname_pages %} 的发布源](/articles/configuring-a-publishing-source-for-github-pages) | | | | **X** | **X** | +| [管理分支保护规则](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule) | | | | | **X** | +| [推送到受保护分支](/articles/about-protected-branches) | | | | **X** | **X** | +| 合并受保护分支上的拉取请求(即使没有批准审查) | | | | | **X** |{% ifversion fpt or ghes > 3.4 or ghae-issue-6337 or ghec %} +| 创建与[标记保护规则](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules)匹配的标记 | | | | **X** | **X** | +| 删除与[标记保护规则](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules)匹配的标记 | | | | | **X** {% endif %} -| [创建和编辑仓库社交卡](/articles/customizing-your-repositorys-social-media-preview) | | | | **X** | **X** |{% ifversion fpt or ghec %} -| 限制[仓库中的交互](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository) | | | | **X** | **X** +| [创建和编辑仓库社交卡](/articles/customizing-your-repositorys-social-media-preview) | | | | **X** | **X** |{% ifversion fpt or ghec %} +| 限制[仓库中的交互](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository) | | | | **X** | **X** {% endif %} -| 删除议题(请参阅“[删除议题](/articles/deleting-an-issue)”) | | | | | **X** | -| [定义仓库的代码所有者](/articles/about-code-owners) | | | | | **X** | -| 将仓库添加到团队(详细信息请参阅“[管理团队对组织仓库的访问](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository#giving-a-team-access-to-a-repository)”) | | | | | **X** | -| [管理外部协作者对仓库的权限](/articles/adding-outside-collaborators-to-repositories-in-your-organization) | | | | | **X** | -| [更改仓库的可见性](/articles/restricting-repository-visibility-changes-in-your-organization) | | | | | **X** | -| 将仓库设为模板(请参阅“[创建模板仓库](/articles/creating-a-template-repository)”) | | | | | **X** | -| 更改仓库设置 | | | | | **X** | -| 管理团队和协作者对仓库的权限 | | | | | **X** | -| 编辑仓库的默认分支 | | | | | **X** | -| 重命名仓库的默认分支(请参阅“[重命名分支](/github/administering-a-repository/renaming-a-branch)”) | | | | | **X** | -| 重命名仓库默认分支以外的分支(请参阅“[重命名分支](/github/administering-a-repository/renaming-a-branch)”) | | | **X** | **X** | **X** | -| 管理 web 挂钩和部署密钥 | | | | | **X** |{% ifversion fpt or ghec %} -| [管理私有仓库的数据使用设置](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository) | | | | | **X** +| 删除议题(请参阅“[删除议题](/articles/deleting-an-issue)”) | | | | | **X** | +| [定义仓库的代码所有者](/articles/about-code-owners) | | | | | **X** | +| 将仓库添加到团队(详细信息请参阅“[管理团队对组织仓库的访问](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository#giving-a-team-access-to-a-repository)”) | | | | | **X** | +| [管理外部协作者对仓库的权限](/articles/adding-outside-collaborators-to-repositories-in-your-organization) | | | | | **X** | +| [更改仓库的可见性](/articles/restricting-repository-visibility-changes-in-your-organization) | | | | | **X** | +| 将仓库设为模板(请参阅“[创建模板仓库](/articles/creating-a-template-repository)”) | | | | | **X** | +| 更改仓库设置 | | | | | **X** | +| 管理团队和协作者对仓库的权限 | | | | | **X** | +| 编辑仓库的默认分支 | | | | | **X** | +| 重命名仓库的默认分支(请参阅“[重命名分支](/github/administering-a-repository/renaming-a-branch)”) | | | | | **X** | +| 重命名仓库默认分支以外的分支(请参阅“[重命名分支](/github/administering-a-repository/renaming-a-branch)”) | | | **X** | **X** | **X** | +| 管理 web 挂钩和部署密钥 | | | | | **X** |{% ifversion fpt or ghec %} +| [管理私有仓库的数据使用设置](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository) | | | | | **X** {% endif %} -| [管理仓库的复刻策略](/github/administering-a-repository/managing-the-forking-policy-for-your-repository) | | | | | **X** | -| [将仓库转让给组织](/articles/restricting-repository-creation-in-your-organization) | | | | | **X** | -| [删除仓库或将仓库转让到组织外部](/articles/setting-permissions-for-deleting-or-transferring-repositories) | | | | | **X** | -| [存档仓库](/articles/about-archiving-repositories) | | | | | **X** |{% ifversion fpt or ghec %} -| 显示赞助按钮(请参阅“[在仓库中显示赞助按钮](/articles/displaying-a-sponsor-button-in-your-repository)”)。 | | | | | **X** +| [管理仓库的复刻策略](/github/administering-a-repository/managing-the-forking-policy-for-your-repository) | | | | | **X** | +| [将仓库转让给组织](/articles/restricting-repository-creation-in-your-organization) | | | | | **X** | +| [删除仓库或将仓库转让到组织外部](/articles/setting-permissions-for-deleting-or-transferring-repositories) | | | | | **X** | +| [存档仓库](/articles/about-archiving-repositories) | | | | | **X** |{% ifversion fpt or ghec %} +| 显示赞助按钮(请参阅“[在仓库中显示赞助按钮](/articles/displaying-a-sponsor-button-in-your-repository)”)。 | | | | | **X** {% endif %} -| Create autolink references to external resources, like Jira or Zendesk (see "[Configuring autolinks to reference external resources](/articles/configuring-autolinks-to-reference-external-resources)") | | | | | **X** |{% ifversion fpt or ghec %} -| 在仓库中[启用 {% data variables.product.prodname_discussions %}](/github/administering-a-repository/enabling-or-disabling-github-discussions-for-a-repository) | | | | **X** | **X** | -| 为 {% data variables.product.prodname_discussions %} [创建和编辑类别](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository) | | | | **X** | **X** | -| [将讨论移动到其他类别](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository) | | | **X** | **X** | **X** | -| [将讨论转移到](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository)新仓库 | | | **X** | **X** | **X** | -| [管理置顶的讨论](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository) | | | **X** | **X** | **X** | -| [批量将议题转换为讨论](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository) | | | **X** | **X** | **X** | -| [锁定和解锁讨论](/discussions/managing-discussions-for-your-community/moderating-discussions) | | **X** | **X** | **X** | **X** | -| [单独将议题转换为讨论](/discussions/managing-discussions-for-your-community/moderating-discussions) | | **X** | **X** | **X** | **X** | -| [创建新的讨论并对现有讨论发表评论](/discussions/collaborating-with-your-community-using-discussions/participating-in-a-discussion) | **X** | **X** | **X** | **X** | **X** | -| [删除讨论](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository#deleting-a-discussion) | | **X** | | **X** | **X** |{% endif %}{% ifversion fpt or ghec %} -| 创建 [codespaces](/codespaces/about-codespaces) | | | **X** | **X** | **X** +| 创建到外部资源的自动链接引用,如 Jira 或 Zendesk(请参阅“[配置自动链接以引用外部资源](/articles/configuring-autolinks-to-reference-external-resources)”) | | | | | **X** |{% ifversion fpt or ghec %} +| 在仓库中[启用 {% data variables.product.prodname_discussions %}](/github/administering-a-repository/enabling-or-disabling-github-discussions-for-a-repository) | | | | **X** | **X** | +| 为 {% data variables.product.prodname_discussions %} [创建和编辑类别](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository) | | | | **X** | **X** | +| [将讨论移动到其他类别](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository) | | | **X** | **X** | **X** | +| [将讨论转移到](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository)新仓库 | | | **X** | **X** | **X** | +| [管理置顶的讨论](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository) | | | **X** | **X** | **X** | +| [批量将议题转换为讨论](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository) | | | **X** | **X** | **X** | +| [锁定和解锁讨论](/discussions/managing-discussions-for-your-community/moderating-discussions) | | **X** | **X** | **X** | **X** | +| [单独将议题转换为讨论](/discussions/managing-discussions-for-your-community/moderating-discussions) | | **X** | **X** | **X** | **X** | +| [创建新的讨论并对现有讨论发表评论](/discussions/collaborating-with-your-community-using-discussions/participating-in-a-discussion) | **X** | **X** | **X** | **X** | **X** | +| [删除讨论](/discussions/managing-discussions-for-your-community/managing-discussions-in-your-repository#deleting-a-discussion) | | **X** | | **X** | **X** |{% endif %}{% ifversion fpt or ghec %} +| 创建 [codespaces](/codespaces/about-codespaces) | | | **X** | **X** | **X** {% endif %} -### Access requirements for security features +### 安全功能的访问要求 -In this section, you can find the access required for security features, such as {% data variables.product.prodname_advanced_security %} features. +在本节中,您可以找到一些安全功能所需的访问权限,例如 {% data variables.product.prodname_advanced_security %} 功能。 | 仓库操作 | 读取 | 分类 | 写入 | 维护 | 管理员 | |:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |:-----:|:-----:|:------------------------------------------------------:|:------------------------------------------------------:|:-------------------------------------------------------------------------------------------------------:|{% ifversion fpt or ghes or ghae-issue-4864 or ghec %} diff --git a/translations/zh-CN/content/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities.md b/translations/zh-CN/content/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities.md index be5cc19955..4d8bdf9131 100644 --- a/translations/zh-CN/content/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities.md +++ b/translations/zh-CN/content/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities.md @@ -24,7 +24,7 @@ shortTitle: 管理 SSH 机构 ## 添加 SSH 认证中心 -If you require SSH certificates for your enterprise, enterprise members should use a special URL for Git operations over SSH. 更多信息请参阅“[关于 SSH 认证中心](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#about-ssh-urls-with-ssh-certificates)”。 +如果您的企业需要 SSH 证书,企业成员应使用特殊的 URL 通过 SSH 进行 Git 操作。 更多信息请参阅“[关于 SSH 认证中心](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#about-ssh-urls-with-ssh-certificates)”。 {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} diff --git a/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization.md b/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization.md index d876e0aa15..af681f668e 100644 --- a/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization.md +++ b/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization.md @@ -32,7 +32,7 @@ shortTitle: 保持所有权连续性 {% endnote %} {% if enterprise-owner-join-org %} -如果您的组织由企业帐户拥有,则任何企业所有者都可以将自己设为组织的所有者。 For more information, see "[Managing your role in an organization owned by your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise)." +如果您的组织由企业帐户拥有,则任何企业所有者都可以将自己设为组织的所有者。 更多信息请参阅“[在企业拥有的组织中管理您的角色](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise)”。 {% endif %} ## 任命组织所有者 diff --git a/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization.md b/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization.md index f58eecfe2f..85c4c5901c 100644 --- a/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization.md +++ b/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization.md @@ -1,147 +1,147 @@ --- -title: Managing custom repository roles for an organization -intro: You can more granularly control access to your organization's repositories by creating custom repository roles. +title: 管理组织的自定义存储库角色 +intro: 通过创建自定义存储库角色,可以更精细地控制对组织存储库的访问。 permissions: Organization owners can manage custom repository roles. versions: ghec: '*' topics: - Organizations - Teams -shortTitle: Custom repository roles +shortTitle: 自定义存储库角色 redirect_from: - /early-access/github/articles/managing-custom-repository-roles-for-an-organization --- {% data reusables.pre-release-program.custom-roles-public-beta %} -## About custom repository roles +## 关于自定义存储库角色 -To perform any actions on {% data variables.product.product_name %}, such as creating a pull request in a repository or changing an organization's billing settings, a person must have sufficient access to the relevant account or resource. This access is controlled by permissions. A permission is the ability to perform a specific action. For example, the ability to delete an issue is a permission. A role is a set of permissions you can assign to individuals or teams. +要对 {% data variables.product.product_name %} 执行任何操作,例如在存储库中创建拉取请求或更改组织的计费设置,人员必须具有对相关帐户或资源的足够访问权限。 This access is controlled by permissions. A permission is the ability to perform a specific action. For example, the ability to delete an issue is a permission. A role is a set of permissions you can assign to individuals or teams. -Within an organization, you can assign roles at the organization, team, and repository level. For more information about the different levels of roles, see "[Roles in an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)." +在组织内,您可以在组织、团队和存储库级别分配角色。 有关不同级别角色的更多信息,请参阅“[组织中的角色](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)”。 -If your organization uses {% data variables.product.prodname_ghe_cloud %}, you can have more granular control over the permissions you grant at the repository level by creating up to three custom repository roles. A custom repository role is a configurable set of permissions with a custom name you choose. After you create a custom role, anyone with admin access to a repository can assign the role to an individual or team. For more information, see "[Managing an individual's access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-an-individuals-access-to-an-organization-repository)" and "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)" +如果您的组织使用 {% data variables.product.prodname_ghe_cloud %},则通过创建最多三个自定义存储库角色,可以更精细地控制在存储库级别授予的权限。 自定义存储库角色是一组可配置的权限,具有您选择的自定义名称。 创建自定义角色后,对存储库具有管理员访问权限的任何人都可以将该角色分配给个人或团队。 更多信息请参阅“[管理个人对组织存储库的访问](/organizations/managing-access-to-your-organizations-repositories/managing-an-individuals-access-to-an-organization-repository)”和“[管理团队对组织存储库的访问](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)” {% data reusables.enterprise.link-to-ghec-trial %} -## About the inherited role +## 关于继承的角色 -When you create a custom repository role, you start by choosing an inherited role from a set of pre-defined options. The inherited role determines the initial set of permissions included in the custom role. Then, you can further customize the role by choosing additional permissions to give the role. For the full list of available permissions, see "[Additional permissions for custom roles](#additional-permissions-for-custom-roles)." +创建自定义存储库角色时,首先从一组预定义选项中选择继承的角色。 继承的角色确定自定义角色中包含的初始权限集。 然后,您可以通过选择其他权限来授予角色,从而进一步自定义角色。 有关可用权限的完整列表,请参阅“[自定义角色的其他权限](#additional-permissions-for-custom-roles)”。 -Your options for the inherited role are standardized for different types of contributors in your repository. +继承角色的选项已针对存储库中不同类型的参与者进行了标准化。 -| Inherited role | Designed for | -| -------------- | ------------------------------------------------------------------------------------------------------ | -| **读取** | Non-code contributors who want to view or discuss your project. | -| **分类** | Contributors who need to proactively manage issues and pull requests without write access. | -| **写入** | Organization members and collaborators who actively push to your project. | -| **维护** | Project managers who need to manage the repository without access to sensitive or destructive actions. | +| 继承的角色 | 适用于 | +| ------ | ------------------------------- | +| **读取** | 想要查看或讨论项目的非代码参与者。 | +| **分类** | 需要主动管理问题和在没有写入访问权限的情况下拉取请求的参与者。 | +| **写入** | 积极推动项目的组织成员和协作者。 | +| **维护** | 需要管理存储库而无法访问敏感或破坏性操作的项目经理。 | -## Custom role examples +## 自定义角色示例 -Here are some examples of custom repository roles you can configure. +以下是您可以配置的自定义存储库角色的一些示例。 -| Custom repository role | 摘要 | Inherited role | Additional permissions | -| ---------------------- | ----------------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Security engineer | Able to contribute code and maintain the security pipeline | **维护** | Delete code scanning results | -| Contractor | Able to develop webhooks integrations | **写入** | Manage webhooks | -| Community manager | Able to handle all the community interactions without being able to contribute code | **读取** | - Mark an issue as duplicate
- Manage GitHub Page settings
- Manage wiki settings
- Set the social preview
- Edit repository metadata
- Triage discussions | +| 自定义存储库角色 | 摘要 | 继承的角色 | 其他权限 | +| -------- | ------------------ | ------ | ------------------------------------------------------------------------------------------------------------------------------ | +| 安全工程师 | 能够贡献代码并维护安全管道 | **维护** | 删除代码扫描结果 | +| 承包商 | 能够开发 web 挂钩集成 | **写入** | 管理 web 挂钩 | +| 社区经理 | 能够处理所有社区互动,而无需贡献代码 | **读取** | - 将问题标记为重复
- 管理 GitHub Pages 设置 -
管理 wiki 设置
- 设置社交预览
- 编辑存储库元数据
- 对讨论分类 | -## Additional permissions for custom roles +## 自定义角色的其他权限 -After choosing an inherited role, you can select additional permissions for your custom role. +选择继承角色后,您可以为自定义角色选择其他权限。 -You can only choose an additional permission if it's not already included in the inherited role. For example, if the inherited role offers **Write** access to a repository, then the "Close a pull request" permission will already be included in the inherited role. +仅当继承的角色中尚未包含其他权限时,才能选择该权限。 例如,如果继承的角色提供对存储库**写入**访问权限,则“关闭拉取请求”权限将已包含在继承的角色中。 -### Issue and Pull Requests +### 议题和拉取请求 -- **Assign or remove a user**: Assign a user to an issue or pull request, or remove a user from an issue or pull request. -- **Add or remove a label**: Add a label to an issue or a pull request, or remove a label from an issue or pull request. +- **分配或删除用户**:将用户分配给问题或拉取请求,或从问题或拉取请求中删除用户。 +- **添加或删除标签**:向议题或拉取请求添加标签,或者从议题或拉取请求中删除标签。 ### 议题 -- **Close an issue** -- **Reopen a closed issue** -- **Delete an issue** -- **Mark an issue as a duplicate** +- **关闭议题** +- **重新打开已关闭的议题** +- **删除议题** +- **将议题标记为重复** ### 拉取请求 -- **Close a pull request** -- **Reopen a closed pull request** -- **Request a pull request review**: Request a review from a user or team. +- **关闭拉取请求** +- **重新打开已关闭的拉取请求** +- **请求拉取请求审核**:请求用户或团队审核。 ### 仓库 -- **Set milestones**: Add milestones to an issue or pull request. -- **Manage wiki settings**: Turn on wikis for a repository. -- **Manage project settings**: Turning on projects for a repository. -- **Manage pull request merging settings**: Choose the type of merge commits that are allowed in your repository, such as merge, squash, or rebase. -- **Manage {% data variables.product.prodname_pages %} settings**: Enable {% data variables.product.prodname_pages %} for the repository, and select the branch you want to publish. 更多信息请参阅“[配置 {% data variables.product.prodname_pages %} 站点的发布来源](/pages/getting-started-with-github-pages/configuring-a-publishing-source-for-your-github-pages-site)”。 -- **Manage webhooks**: Add webhooks to the repository. -- **Manage deploy keys**: Add deploy keys to the repository. -- **Edit repository metadata**: Update the repository description as well as the repository topics. -- **Set interaction limits**: Temporarily restrict certain users from commenting, opening issues, or creating pull requests in your public repository to enforce a period of limited activity. For more information, see "[Limiting interactions in your repository](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)." -- **Set the social preview**: Add an identifying image to your repository that appears on social media platforms when your repository is linked. 更多信息请参阅“[自定义仓库的社交媒体审查](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/customizing-your-repositorys-social-media-preview)”。 -- **Push commits to protected branches**: Push to a branch that is marked as a protected branch. -- **Create protected tags**: Create tags that match a tag protection rule. For more information, see "[Configuring tag protection rules](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules)." -- **Delete protected tags**: Delete tags that match a tag protection rule. For more information, see "[Configuring tag protection rules](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules)." +- **设置里程碑**:将里程碑添加到议题或拉取请求。 +- **管理 wiki 设置**:打开存储库的 wiki。 +- **管理项目设置**:打开存储库的项目。 +- **管理拉取请求合并设置**:选择存储库中允许的合并提交类型,例如合并、压缩或变基。 +- **管理 {% data variables.product.prodname_pages %} 设置**:为存储库启用 {% data variables.product.prodname_pages %} ,然后选择要发布的分支。 更多信息请参阅“[配置 {% data variables.product.prodname_pages %} 站点的发布来源](/pages/getting-started-with-github-pages/configuring-a-publishing-source-for-your-github-pages-site)”。 +- **管理 web 挂钩**:将 web 挂钩添加到存储库。 +- **管理部署密钥**:将部署密钥添加到存储库。 +- **编辑存储库元数据**:更新存储库描述以及存储库主题。 +- **设置交互限制**:暂时限制某些用户在公共存储库中发表评论、打开议题或创建拉取请求,以强制执行一段有限的活动。 更多信息请参阅“[限制存储库中的交互](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)”。 +- **设置社交预览**:将识别图像添加到存储库,该图像在链接存储库时显示在社交媒体平台上。 更多信息请参阅“[自定义仓库的社交媒体审查](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/customizing-your-repositorys-social-media-preview)”。 +- **推送提交到受保护分支**:推送到标记为受保护分支的分支。 +- **创建受保护的标记**:创建与标记保护规则匹配的标记。 更多信息请参阅“[配置标记保护规则](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules)”。 +- **删除受保护的标记**:删除与标记保护规则匹配的标记。 更多信息请参阅“[配置标记保护规则](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules)”。 ### 安全 -- **View {% data variables.product.prodname_code_scanning %} results**: Ability to view {% data variables.product.prodname_code_scanning %} alerts. -- **Dismiss or reopen {% data variables.product.prodname_code_scanning %} results**: Ability to dismiss or reopen {% data variables.product.prodname_code_scanning %} alerts. -- **Delete {% data variables.product.prodname_code_scanning %} results**: Ability to delete {% data variables.product.prodname_code_scanning %} alerts. -- **View {% data variables.product.prodname_dependabot_alerts %}**: Ability to view {% data variables.product.prodname_dependabot_alerts %}. -- **Dismiss or reopen {% data variables.product.prodname_dependabot_alerts %}**: Ability to dismiss or reopen {% data variables.product.prodname_dependabot_alerts %}. -- **View {% data variables.product.prodname_secret_scanning %} results**: Ability to view {% data variables.product.prodname_secret_scanning %} alerts. -- **Dismiss or reopen {% data variables.product.prodname_secret_scanning %} results**: Ability to dismiss or reopen {% data variables.product.prodname_secret_scanning %} alerts. +- **查看 {% data variables.product.prodname_code_scanning %} 结果**:能够查看 {% data variables.product.prodname_code_scanning %} 警报。 +- **忽略或重新打开 {% data variables.product.prodname_code_scanning %} 结果**:能够忽略或重新打开 {% data variables.product.prodname_code_scanning %} 警报。 +- **删除 {% data variables.product.prodname_code_scanning %} 结果**:能够删除 {% data variables.product.prodname_code_scanning %} 警报。 +- **查看 {% data variables.product.prodname_dependabot_alerts %}**:能够查看 {% data variables.product.prodname_dependabot_alerts %}。 +- **忽略或重新打开 {% data variables.product.prodname_dependabot_alerts %}**:能够忽略或重新打开 {% data variables.product.prodname_dependabot_alerts %}。 +- **查看 {% data variables.product.prodname_secret_scanning %} 结果**:能够查看 {% data variables.product.prodname_secret_scanning %} 警报。 +- **忽略或重新打开 {% data variables.product.prodname_secret_scanning %} 结果**:能够忽略或重新打开 {% data variables.product.prodname_secret_scanning %} 警报。 -## Precedence for different levels of access +## 不同级别访问的优先级 -If a person is given different levels of access through different avenues, such as team membership and the base permissions for an organization, the highest access overrides the others. For example, if an organization owner gives an organization member a custom role that uses the "Read" inherited role, and then an organization owner sets the organization's base permission to "Write", then this custom role will have write access, along with any additional permissions included in the custom role. +如果通过不同的途径(如团队成员身份和组织的基本权限)为某人授予不同级别的访问权限,则最高访问权限将覆盖其他访问权限。 例如,如果组织所有者向组织成员提供使用“读取”继承角色的自定义角色,然后组织所有者将组织的基本权限设置为“写入”,则此自定义角色将具有写入权限以及自定义角色中包含的任何其他权限。 {% data reusables.organizations.mixed-roles-warning %} -To resolve conflicting access, you can adjust your organization's base permissions or the team's access, or edit the custom role. 更多信息请参阅: +要解决冲突的访问权限,您可以调整组织的基本权限或团队的访问权限,或编辑自定义角色。 更多信息请参阅: - “[设置组织的基本权限](/github/setting-up-and-managing-organizations-and-teams/setting-base-permissions-for-an-organization)” - "[管理团队对组织仓库的访问](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository)" - - "[Editing a repository role](#editing-a-repository-role)" + - "[编辑存储库角色](#editing-a-repository-role)" -## Creating a repository role +## 创建存储库角色 -To create a new repository role, you add permissions to an inherited role and give the custom role a name. +要创建新的存储库角色,请向继承的角色添加权限并为自定义角色命名。 {% data reusables.profile.access_profile %} {% data reusables.profile.access_org %} {% data reusables.organizations.org_settings %} {% data reusables.organizations.org-list %} {% data reusables.organizations.org-settings-repository-roles %} -5. Click **Create a Role**. ![Screenshot of "Create a Role" button](/assets/images/help/organizations/repository-role-create-role.png) -4. Under "Name", type the name of your repository role. ![Field to type a name for the repository role](/assets/images/help/organizations/repository-role-name.png) -5. Under "Description", type a description of your repository role. ![Field to type a description for the repository role](/assets/images/help/organizations/repository-role-description.png) -6. Under "Choose a role to inherit", select the role you want to inherit. ![Selecting repository role base role option](/assets/images/help/organizations/repository-role-base-role-option.png) -7. Under "Add Permissions", use the drop-down menu to select the permissions you want your custom role to include. ![Selecting permission levels from repository role drop-down](/assets/images/help/organizations/repository-role-drop-down.png) -7. Click **Create role**. ![Confirm creating a repository role](/assets/images/help/organizations/repository-role-creation-confirm.png) +5. 单击 **Create a Role(创建角色)**。 ![" "创建角色" "按钮的屏幕截图](/assets/images/help/organizations/repository-role-create-role.png) +4. 在“Name(名称)”下,键入存储库角色的名称。 ![用于键入存储库角色名称的字段](/assets/images/help/organizations/repository-role-name.png) +5. 在“Description(描述)”下,键入存储库角色的描述。 ![用于键入存储库角色描述的字段](/assets/images/help/organizations/repository-role-description.png) +6. 在“Choose a role to inherit(选择要继承的角色)”下,选择要继承的角色。 ![选择存储库角色基本角色选项](/assets/images/help/organizations/repository-role-base-role-option.png) +7. 在“Add Permissions(添加权限)”下,使用下拉菜单选择您希望自定义角色包含的权限。 ![从存储库角色下拉列表中选择权限级别](/assets/images/help/organizations/repository-role-drop-down.png) +7. 单击 **Create a role(创建角色)**。 ![确认创建存储库角色](/assets/images/help/organizations/repository-role-creation-confirm.png) -## Editing a repository role +## 编辑存储库角色 {% data reusables.profile.access_profile %} {% data reusables.profile.access_org %} {% data reusables.organizations.org_settings %} {% data reusables.organizations.org-list %} {% data reusables.organizations.org-settings-repository-roles %} -3. To the right of the role you want to edit, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %}, then click **Edit**. ![Edit option in drop-down menu for repository roles](/assets/images/help/organizations/repository-role-edit-setting.png) -4. Edit, then click **Update role**. ![Edit fields and update repository roles](/assets/images/help/organizations/repository-role-update.png) +3. 在要删除的角色的右侧,单击 {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %},然后单击 **Edit(编辑)**。 ![存储库角色下拉菜单中的编辑选项](/assets/images/help/organizations/repository-role-edit-setting.png) +4. 编辑,然后单击 **Update role(更新角色)**。 ![编辑字段和更新存储库角色](/assets/images/help/organizations/repository-role-update.png) -## Deleting a repository role +## 删除存储库角色 -If you delete an existing repository role, all pending invitations, teams, and users with the custom role will be reassigned to the organization's base permissions. +如果您删除现有存储库角色,则所有具有自定义角色的待处理邀请、团队和用户都将被重新分配给组织的基本权限。 {% data reusables.profile.access_profile %} {% data reusables.profile.access_org %} {% data reusables.organizations.org_settings %} {% data reusables.organizations.org-list %} {% data reusables.organizations.org-settings-repository-roles %} -3. To the right of the role you want to delete, click {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %}, then click **Delete**. ![Edit option in drop-down menu for repository roles](/assets/images/help/organizations/repository-role-delete-setting.png) -4. Review changes for the role you want to remove, then click **Delete role**. ![Confirm deleting a repository role](/assets/images/help/organizations/repository-role-delete-confirm.png) +3. 在要删除的角色的右侧,单击 {% octicon "kebab-horizontal" aria-label="The horizontal kebab icon" %},然后单击 **Delete(删除)**。 ![存储库角色下拉菜单中的编辑选项](/assets/images/help/organizations/repository-role-delete-setting.png) +4. 查看要删除的角色的更改,然后单击 **Delete role(删除角色)**。 ![确认删除存储库角色](/assets/images/help/organizations/repository-role-delete-confirm.png) diff --git a/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md b/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md index 13e5bbeab4..0929dece62 100644 --- a/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md +++ b/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md @@ -1,6 +1,6 @@ --- -title: Managing security managers in your organization -intro: You can give your security team the least access they need to your organization by assigning a team to the security manager role. +title: 管理组织中的安全管理员 +intro: 通过将团队分配给安全管理员角色,您可以为安全团队提供他们对组织所需的最少访问权限。 versions: fpt: '*' ghes: '>=3.3' @@ -8,7 +8,7 @@ versions: topics: - Organizations - Teams -shortTitle: Security manager role +shortTitle: 安全管理员角色 permissions: Organization owners can assign the security manager role. --- @@ -16,40 +16,40 @@ permissions: Organization owners can assign the security manager role. {% data reusables.organizations.about-security-managers %} -## Permissions for the security manager role +## 安全管理员角色的权限 -Members of a team with the security manager role have only the permissions required to effectively manage security for the organization. +具有安全管理员角色的团队成员仅具有有效管理组织安全性所需的权限。 -- Read access on all repositories in the organization, in addition to any existing repository access -- Write access on all security alerts in the organization {% ifversion not fpt %} -- Access to the organization's security overview {% endif %} -- The ability to configure security settings at the organization level{% ifversion not fpt %}, including the ability to enable or disable {% data variables.product.prodname_GH_advanced_security %}{% endif %} -- The ability to configure security settings at the repository level{% ifversion not fpt %}, including the ability to enable or disable {% data variables.product.prodname_GH_advanced_security %}{% endif %} +- 除了任何现有的存储库访问外,还可以读取组织中的所有存储库 +- 对组织中所有安全警报的写入访问权限 {% ifversion not fpt %} +- 访问组织的安全概述 {% endif %} +- 能够在组织级配置安全设置{% ifversion not fpt %},包括启用或禁用 {% data variables.product.prodname_GH_advanced_security %}{% endif %} +- 能够在存储库级配置安全设置{% ifversion not fpt %},包括启用或禁用 {% data variables.product.prodname_GH_advanced_security %}{% endif %} {% ifversion fpt %} -Additional functionality, including a security overview for the organization, is available in organizations that use {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_advanced_security %}. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization). +其他功能(包括组织的安全概述)在将 {% data variables.product.prodname_ghe_cloud %} 与 {% data variables.product.prodname_advanced_security %} 一起使用的组织中可用。 更多信息请参阅 [{% data variables.product.prodname_ghe_cloud %} 文档](/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)。 {% endif %} -If a team has the security manager role, people with admin access to the team and a specific repository can change the team's level of access to that repository but cannot remove the access. For more information, see "[Managing team access to an organization repository](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository){% ifversion ghes %}."{% else %} and "[Managing teams and people with access to your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository)."{% endif %} +如果团队具有安全管理员角色,则对团队和特定存储库具有管理员访问权限的人员可以更改团队对该存储库的访问级别,但不能删除访问权限。 更多信息请参阅“[管理团队对组织存储库的访问](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository){% ifversion ghes %}”。{% else %} 和“[管理可以访问存储库的团队和人员](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository)”。{% endif %} - ![Manage repository access UI with security managers](/assets/images/help/organizations/repo-access-security-managers.png) + ![使用安全管理器管理存储库访问 UI](/assets/images/help/organizations/repo-access-security-managers.png) -## Assigning the security manager role to a team in your organization -You can assign the security manager role to a maximum of 10 teams in your organization. +## 将安全管理员角色分配给组织中的团队 +您可以将安全管理员角色分配给组织中最多 10 个团队。 {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} {% data reusables.organizations.security-and-analysis %} -1. Under **Security managers**, search for and select the team to give the role. Each team you select will appear in a list below the search bar. ![Add security manager](/assets/images/help/organizations/add-security-managers.png) -## Removing the security manager role from a team in your organization +1. 在 **Security managers(安全管理员)**下,搜索并选择要授予角色的团队。 您选择的每个团队都将显示在搜索栏下方的列表中。 ![添加安全管理员](/assets/images/help/organizations/add-security-managers.png) +## 从组织中的团队中删除安全管理员角色 {% warning %} -**Warning:** Removing the security manager role from a team will remove the team's ability to manage security alerts and settings across the organization, but the team will retain read access to repositories that was granted when the role was assigned. You must remove any unwanted read access manually. 更多信息请参阅“[管理团队的组织仓库访问权限](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository#removing-a-teams-access-to-a-repository)”。 +**警告:**从团队中删除安全管理员角色将删除团队在整个组织中管理安全警报和设置的能力,但团队将保留对分配角色时授予的存储库读取访问权限。 您必须手动删除任何不需要的读取访问权限。 更多信息请参阅“[管理团队的组织仓库访问权限](/organizations/managing-access-to-your-organizations-repositories/managing-team-access-to-an-organization-repository#removing-a-teams-access-to-a-repository)”。 {% endwarning %} {% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} {% data reusables.organizations.security-and-analysis %} -1. Under **Security managers**, to the right of the team you want to remove as security managers, click {% octicon "x" aria-label="The X icon" %}. ![Remove security managers](/assets/images/help/organizations/remove-security-managers.png) +1. 在 **Security managers(安全管理员)**下,在要删除为安全管理员的团队右侧,单击" {% octicon "x" aria-label="The X icon" %}"。 ![删除安全管理员](/assets/images/help/organizations/remove-security-managers.png) diff --git a/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md b/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md index b3152f71bb..75674da5d9 100644 --- a/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md +++ b/translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization.md @@ -1,6 +1,6 @@ --- -title: Roles in an organization -intro: Organization owners can assign roles to individuals and teams giving them different sets of permissions in the organization. +title: 组织中的角色 +intro: 组织所有者可以将角色分配给个人和团队,从而在组织中为他们提供不同的权限集。 redirect_from: - /articles/permission-levels-for-an-organization-early-access-program - /articles/permission-levels-for-an-organization @@ -14,46 +14,46 @@ versions: topics: - Organizations - Teams -shortTitle: Roles in an organization +shortTitle: 组织中的角色 --- -## About roles +## 关于角色 {% data reusables.organizations.about-roles %} -Repository-level roles give organization members, outside collaborators and teams of people varying levels of access to repositories. 更多信息请参阅“[组织的仓库角色](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)”。 +存储库级别角色为组织成员、外部协作者和团队提供不同级别的存储库访问权限。 更多信息请参阅“[组织的仓库角色](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)”。 -Team-level roles are roles that give permissions to manage a team. You can give any individual member of a team the team maintainer role, which gives the member a number of administrative permissions over a team. For more information, see "[Assigning the team maintainer role to a team member](/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member)." +团队级别角色是授予管理团队的权限的角色。 您可以为团队的任何单个成员授予团队维护者角色,授予该成员对团队的诸多管理权限。 更多信息请参阅“[将团队维护者角色分配给团队成员](/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member)”。 -Organization-level roles are sets of permissions that can be assigned to individuals or teams to manage an organization and the organization's repositories, teams, and settings. For more information about all the roles available at the organization level, see "[About organization roles](#about-organization-roles)." +组织级角色是可分配给个人或团队以管理组织及组织的存储库、团队和设置的权限集。 有关组织级可用的所有角色的详细信息,请参阅“[关于组织角色](#about-organization-roles)”。 -## About organization roles +## 关于组织角色 -You can assign individuals or teams to a variety of organization-level roles to control your members' access to your organization and its resources. For more details about the individual permissions included in each role, see "[Permissions for organization roles](#permissions-for-organization-roles)." +您可以将个人或团队分配到各种组织级角色,以控制成员对组织及其资源的访问权限。 有关每个角色中包含的各个权限的更多详细信息,请参阅“[组织角色的权限](#permissions-for-organization-roles)”。 {% if enterprise-owner-join-org %} -If your organization is owned by an enterprise account, enterprise owners can choose to join your organization with any role. For more information, see "[Managing your role in an organization owned by your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise)." +如果您的组织由企业帐户拥有,则企业所有者可以选择以任何角色加入您的组织。 更多信息请参阅“[在企业拥有的组织中管理您的角色](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise)”。 {% endif %} -### Organization owners -Organization owners have complete administrative access to your organization. 此角色应限于组织中的少数几个人,但不少于两人。 更多信息请参阅“[管理组织的所有权连续性](/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization)”。 +### 组织所有者 +组织所有者对组织具有完全管理权限。 此角色应限于组织中的少数几个人,但不少于两人。 更多信息请参阅“[管理组织的所有权连续性](/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization)”。 ### 组织成员 -The default, non-administrative role for people in an organization is the organization member. By default, organization members have a number of permissions, including the ability to create repositories and project boards. +组织中人员的默认非管理角色是组织成员。 默认情况下,组织成员具有许多权限,包括能够创建存储库和项目板。 {% ifversion fpt or ghec %} ### 帐单管理员 -Billing managers are users who can manage the billing settings for your organization, such as payment information. This is a useful option if members of your organization don't usually have access to billing resources. For more information, see "[Adding a billing manager to your organization](/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization)." +帐单管理员是可以管理组织的帐单设置(如付款信息)的用户。 如果组织成员通常无权访问计费资源,则这是一个有用的选项。 更多信息请参阅“[为组织添加帐单管理员](/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization)”。 {% endif %} {% if security-managers %} -### Security managers +### 安全管理员 {% data reusables.organizations.security-manager-beta-note %} {% data reusables.organizations.about-security-managers %} -If your organization has a security team, you can use the security manager role to give members of the team the least access they need to the organization. For more information, see "[Managing security managers in your organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)." +如果您的组织具有安全团队,则可以使用安全管理员角色为团队成员提供他们对组织所需的最少访问权限。 更多信息请参阅“[管理组织中的安全管理员](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)”。 {% endif %} ### {% data variables.product.prodname_github_app %} 管理员 默认情况下,只有组织所有者才可管理组织拥有的 {% data variables.product.prodname_github_apps %} 的设置。 要允许其他用户管理组织拥有的 {% data variables.product.prodname_github_apps %},所有者可向他们授予 {% data variables.product.prodname_github_app %} 管理员权限。 @@ -66,7 +66,7 @@ If your organization has a security team, you can use the security manager role ### 外部协作者 在允许访问仓库时,为确保组织数据的安全,您可以添加*外部协作者*。 {% data reusables.organizations.outside_collaborators_description %} -## Permissions for organization roles +## 组织角色的权限 {% ifversion fpt %} 下面列出的一些功能仅限于使用 {% data variables.product.prodname_ghe_cloud %} 的组织。 {% data reusables.enterprise.link-to-ghec-trial %} @@ -75,7 +75,7 @@ If your organization has a security team, you can use the security manager role {% ifversion fpt or ghec %} -| Organization permission | 所有者 | 成员 | 帐单管理员 | Security managers | +| 组织权限 | 所有者 | 成员 | 帐单管理员 | 安全管理员 | |:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |:-----:|:-----:|:-----:|:-------------------------------------:| | 创建仓库(详细信息请参阅“[限制在组织中创建仓库](/articles/restricting-repository-creation-in-your-organization)”) | **X** | **X** | | **X** | | 查看和编辑帐单信息 | **X** | | **X** | | @@ -113,7 +113,7 @@ If your organization has a security team, you can use the security manager role | 将您的赞助归因于另一个组织(更多信息请参阅“[将赞助归因于组织](/sponsors/sponsoring-open-source-contributors/attributing-sponsorships-to-your-organization)”) | **X** | | | | | 管理从组织中的仓库发布 {% data variables.product.prodname_pages %} 站点(请参阅“[管理组织的 {% data variables.product.prodname_pages %} 站点发布](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)”了解详细信息) | **X** | | | | | 管理安全性和分析设置(详情请参阅“[管理组织的安全性和分析设置](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)”) | **X** | | | **X** | -| View the security overview for the organization (see "[About the security overview](/code-security/security-overview/about-the-security-overview)" for details) | **X** | | | **X** |{% ifversion ghec %} +| 查看组织的安全概述(有关详细信息,请参阅“[关于安全概述](/code-security/security-overview/about-the-security-overview)”) | **X** | | | **X** |{% ifversion ghec %} | 启用并实施 [SAML 单点登录](/articles/about-identity-and-access-management-with-saml-single-sign-on) | **X** | | | | | [管理用户对组织的 SAML 访问](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization) | **X** | | | | | 管理组织的 SSH 认证中心(详细信息请参阅“[管理组织的 SSH 认证中心](/articles/managing-your-organizations-ssh-certificate-authorities)”) | **X** | | | @@ -125,8 +125,8 @@ If your organization has a security team, you can use the security manager role | 管理 {% data variables.product.prodname_dependabot_security_updates %}(请参阅“[关于 {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)”) | **X** | | | **X** | | [管理复刻策略](/organizations/managing-organization-settings/managing-the-forking-policy-for-your-organization) | **X** | | | | | [限制组织中公共仓库的活动](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization) | **X** | | | | -| Pull (read) *all repositories* in the organization | **X** | | | **X** | -| Push (write) and clone (copy) *all repositories* in the organization | **X** | | | | +| 拉取(读取)组织中的*所有存储库* | **X** | | | **X** | +| 推送(写入)和克隆(复制)组织中的*所有存储库* | **X** | | | | | 将组织成员转换为[外部协作者](#outside-collaborators) | **X** | | | | | [查看对组织仓库具有访问权限的人员](/articles/viewing-people-with-access-to-your-repository) | **X** | | | |{% ifversion ghec or ghes or ghae %} | [导出具有组织仓库访问权限人员的列表](/articles/viewing-people-with-access-to-your-repository/#exporting-a-list-of-people-with-access-to-your-repository) | **X** | | | @@ -135,12 +135,12 @@ If your organization has a security team, you can use the security manager role | 管理默认标签(请参阅“[管理组织中仓库的默认标签](/articles/managing-default-labels-for-repositories-in-your-organization)”) | **X** | | | |{% ifversion ghec %} | 启用团队同步(详情请参阅“[管理组织的团队同步](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization)”) | **X** | | | {% endif %} -| Manage pull request reviews in the organization (see "[Managing pull request reviews in your organization](/organizations/managing-organization-settings/managing-pull-request-reviews-in-your-organization)") | **X** | | | | +| 管理组织中的拉取请求审核(请参阅“[管理组织中的拉取请求审核](/organizations/managing-organization-settings/managing-pull-request-reviews-in-your-organization)”) | **X** | | | | {% elsif ghes > 3.2 or ghae-issue-4999 %} -| 组织操作 | 所有者 | 成员 | Security managers | +| 组织操作 | 所有者 | 成员 | 安全管理员 | |:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |:-----:|:-----:|:--------------------------------------------:| | 邀请人员加入组织 | **X** | | | | 编辑和取消邀请加入组织 | **X** | | | @@ -163,7 +163,7 @@ If your organization has a security team, you can use the security manager role | 可成为*团队维护员* | **X** | **X** | **X** | | 转让仓库 | **X** | | | | 管理安全性和分析设置(详情请参阅“[管理组织的安全性和分析设置](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)”) | **X** | | **X** |{% ifversion ghes > 3.1 %} -| View the security overview for the organization (see "[About the security overview](/code-security/security-overview/about-the-security-overview)" for details) | **X** | | **X** |{% endif %}{% ifversion ghes > 3.2 %} +| 查看组织的安全概述(有关详细信息,请参阅“[关于安全概述](/code-security/security-overview/about-the-security-overview)”) | **X** | | **X** |{% endif %}{% ifversion ghes > 3.2 %} | 管理 {% data variables.product.prodname_dependabot_security_updates %}(请参阅“[关于 {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)”) | **X** | | **X** {% endif %} | 管理组织的 SSH 认证中心(详细信息请参阅“[管理组织的 SSH 认证中心](/articles/managing-your-organizations-ssh-certificate-authorities)”) | **X** | | | @@ -177,15 +177,15 @@ If your organization has a security team, you can use the security manager role | 管理从组织中的仓库发布 {% data variables.product.prodname_pages %} 站点(请参阅“[管理组织的 {% data variables.product.prodname_pages %} 站点发布](/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization)”了解详细信息) | **X** | | {% endif %} | [在组织的层次结构中移动团队](/articles/moving-a-team-in-your-organization-s-hierarchy) | **X** | | | -| Pull (read) *all repositories* in the organization | **X** | | **X** | -| Push (write) and clone (copy) *all repositories* in the organization | **X** | | | +| 拉取(读取)组织中的*所有存储库* | **X** | | **X** | +| 推送(写入)和克隆(复制)组织中的*所有存储库* | **X** | | | | 将组织成员转换为[外部协作者](#outside-collaborators) | **X** | | | | [查看对组织仓库具有访问权限的人员](/articles/viewing-people-with-access-to-your-repository) | **X** | | | | [导出具有组织仓库访问权限人员的列表](/articles/viewing-people-with-access-to-your-repository/#exporting-a-list-of-people-with-access-to-your-repository) | **X** | | | | 管理默认标签(请参阅“[管理组织中仓库的默认标签](/articles/managing-default-labels-for-repositories-in-your-organization)”) | **X** | | |{% if pull-request-approval-limit %} -| Manage pull request reviews in the organization (see "[Managing pull request reviews in your organization](/organizations/managing-organization-settings/managing-pull-request-reviews-in-your-organization)") | **X** | | | +| 管理组织中的拉取请求审核(请参阅“[管理组织中的拉取请求审核](/organizations/managing-organization-settings/managing-pull-request-reviews-in-your-organization)”) | **X** | | | {% endif %} -{% ifversion ghae %}| Manage IP allow lists (see "[Restricting network traffic to your enterprise](/admin/configuration/restricting-network-traffic-to-your-enterprise)") | **X** | | |{% endif %} +{% ifversion ghae %}| 管理 IP 允许列表(请参阅“[限制到企业的网络流量](/admin/configuration/restricting-network-traffic-to-your-enterprise)”)| **X** | | |{% endif %} {% else %} @@ -199,7 +199,7 @@ If your organization has a security team, you can use the security manager role | 恢复组织的前成员 | **X** | | | | 添加和删除**所有团队**的人员 | **X** | | | 将组织成员升级为*团队维护员* | **X** | | -| Configure code review assignments (see "[Managing code review settings for your team](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)")) | **X** | | +| 配置代码审查分配(请参阅“[管理团队的代码审查设置](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)”) | **X** | | | 添加协作者到**所有仓库** | **X** | | | 访问组织审核日志 | **X** | | | 编辑组织的资料页面(详细信息请参阅“[关于组织的资料](/github/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-organizations-profile)”) | **X** | | |{% ifversion ghes > 3.1 %} diff --git a/translations/zh-CN/content/packages/learn-github-packages/about-permissions-for-github-packages.md b/translations/zh-CN/content/packages/learn-github-packages/about-permissions-for-github-packages.md index f9d2fd8787..4f82a703e8 100644 --- a/translations/zh-CN/content/packages/learn-github-packages/about-permissions-for-github-packages.md +++ b/translations/zh-CN/content/packages/learn-github-packages/about-permissions-for-github-packages.md @@ -47,8 +47,7 @@ shortTitle: 关于权限 例如: - 要从仓库下载和安装包,您的令牌必须具有 `read:packages` 作用域,并且您的用户帐户必须具有读取权限。 -- {% ifversion fpt or ghes or ghec %}要在 {% data variables.product.product_name %}上删除软件包,您的令牌至少必须有 `delete:packages` 和 `read:packages` 作用域。 `repo` 作用域的软件包也需要存储库。{% elsif ghae %}若要删除 {% data variables.product.product_name %} 上包的指定版本,令牌必须具有 `delete:packages` 和 `repo` 作用域。{% endif %} 更多信息请参阅“[删除和恢复包](/packages/learn-github-packages/deleting-and-restoring-a-package)”。 - +- |{% ifversion fpt or ghes > 3.1 or ghec %}要删除 {% data variables.product.product_name %}上的包,你的令牌必须至少具有 `delete:packages` 和 `read:packages` 作用域。 存储库作用域的软件包也需要 `repo` 作用域。 更多信息请参阅“[删除和恢复软件包](/packages/learn-github-packages/deleting-and-restoring-a-package)”{% elsif ghae %}要删除 {% data variables.product.product_name %} 上软件包的指定版本,令牌必须具有 `delete:packages` 和 `repo` 作用域。 更多信息请参阅“[删除和恢复软件包](/packages/learn-github-packages/deleting-and-restoring-a-package)”。{% endif %} | 作用域 | 描述 | 所需权限 | | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------- | ------ | | `read:packages` | 从 {% data variables.product.prodname_registry %} 下载和安装包 | 读取 | diff --git a/translations/zh-CN/content/packages/learn-github-packages/deleting-and-restoring-a-package.md b/translations/zh-CN/content/packages/learn-github-packages/deleting-and-restoring-a-package.md index e19b536d2d..23785b3960 100644 --- a/translations/zh-CN/content/packages/learn-github-packages/deleting-and-restoring-a-package.md +++ b/translations/zh-CN/content/packages/learn-github-packages/deleting-and-restoring-a-package.md @@ -9,7 +9,7 @@ redirect_from: - /packages/guides/deleting-a-container-image versions: fpt: '*' - ghes: '*' + ghes: '>=3.2' ghec: '*' ghae: '*' shortTitle: 删除和恢复包 diff --git a/translations/zh-CN/content/packages/learn-github-packages/introduction-to-github-packages.md b/translations/zh-CN/content/packages/learn-github-packages/introduction-to-github-packages.md index 1292276a7b..2f92adc46d 100644 --- a/translations/zh-CN/content/packages/learn-github-packages/introduction-to-github-packages.md +++ b/translations/zh-CN/content/packages/learn-github-packages/introduction-to-github-packages.md @@ -108,7 +108,7 @@ You can delete a private or public package in the {% data variables.product.prod You can delete a version of a package in the {% data variables.product.product_name %} user interface or using the GraphQL API. {% endif %} -When you use the GraphQL API to query and delete private packages, you must use the same token you use to authenticate to {% data variables.product.prodname_registry %}. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" and "[Forming calls with GraphQL]({% ifversion ghec %}/free-pro-team@latest{% endif %}/graphql/guides/forming-calls-with-graphql)." +When you use the GraphQL API to query and delete private packages, you must use the same token you use to authenticate to {% data variables.product.prodname_registry %}. For more information, see {% ifversion fpt or ghec or ghes > 3.1 or ghae %}"[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" and {% endif %}"[Forming calls with GraphQL]({% ifversion ghec %}/free-pro-team@latest{% endif %}/graphql/guides/forming-calls-with-graphql)." You can configure webhooks to subscribe to package-related events, such as when a package is published or updated. For more information, see the "[`package` webhook event](/webhooks/event-payloads/#package)." diff --git a/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md b/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md index 724f57e18d..c18396b6fa 100644 --- a/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md +++ b/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry.md @@ -190,5 +190,5 @@ To install an Apache Maven package from {% data variables.product.prodname_regis ## Further reading -- "[Working with the Gradle registry](/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry)" -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +- "[Working with the Gradle registry](/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry)"{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)"{% endif %} diff --git a/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md b/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md index dc433c384c..f114ecd455 100644 --- a/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md +++ b/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-docker-registry.md @@ -261,8 +261,12 @@ $ docker pull HOSTNAME/OWNER/REPOSITORY/IMAGE_NAME:TAG_NAME {% endnote %} +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} + ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +{% endif %} + {% endif %} diff --git a/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md b/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md index 7ff16231a5..62c520c70b 100644 --- a/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md +++ b/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry.md @@ -215,5 +215,5 @@ To use a published package from {% data variables.product.prodname_registry %}, ## Further reading -- "[Working with the Apache Maven registry](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)" -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +- "[Working with the Apache Maven registry](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)"{% ifversion fpt or ghec or ghes > 3.1 or ghae %} +- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)"{% endif %} diff --git a/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md b/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md index b7d14dcd6a..f34f6977a1 100644 --- a/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md +++ b/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md @@ -27,7 +27,7 @@ If you publish over 1,000 npm package versions to {% data variables.product.prod In the future, to improve performance of the service, you won't be able to publish more than 1,000 versions of a package on {% data variables.product.prodname_dotcom %}. Any versions published before hitting this limit will still be readable. -If you reach this limit, consider deleting package versions or contact Support for help. When this limit is enforced, our documentation will be updated with a way to work around this limit. For more information, see "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" or "[Contacting Support](/packages/learn-github-packages/about-github-packages#contacting-support)." +If you reach this limit, consider deleting package versions or contact Support for help. When this limit is enforced, our documentation will be updated with a way to work around this limit. For more information, see {% ifversion fpt or ghec or ghes > 3.1 or ghae %}"[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" or {% endif %}"[Contacting Support](/packages/learn-github-packages/about-github-packages#contacting-support)." ## Authenticating to {% data variables.product.prodname_registry %} @@ -212,7 +212,3 @@ If your instance has subdomain isolation disabled: {% data variables.product.prodname_registry %} allows you to access the official NPM registry at `registry.npmjs.com`, if your {% data variables.product.prodname_ghe_server %} administrator has enabled this feature. For more information, see [Connecting to the official NPM registry](/admin/packages/configuring-packages-support-for-your-enterprise#connecting-to-the-official-npm-registry). {% endif %} - -## Further reading - -- "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" diff --git a/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md b/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md index 0fb8b99987..cd835bf35f 100644 --- a/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md +++ b/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry.md @@ -232,6 +232,8 @@ Your NuGet package may fail to push if the `RepositoryUrl` in *.csproj* is not s If you're using a nuspec file, ensure that it has a `repository` element with the required `type` and `url` attributes. +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" +{% endif %} diff --git a/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md b/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md index c17c6eaa13..01a56b4478 100644 --- a/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md +++ b/translations/zh-CN/content/packages/working-with-a-github-packages-registry/working-with-the-rubygems-registry.md @@ -136,7 +136,7 @@ You can use gems from {% data variables.product.prodname_registry %} much like y end ``` -3. For Bundler versions earlier than 1.7.0, you need to add a new global `source`. For more information on using Bundler, see the [bundler.io documentation](http://bundler.io/v1.5/gemfile.html). +3. For Bundler versions earlier than 1.7.0, you need to add a new global `source`. For more information on using Bundler, see the [bundler.io documentation](https://bundler.io/gemfile.html). ```ruby source "https://{% ifversion fpt or ghec %}rubygems.pkg.github.com{% else %}REGISTRY-URL{% endif %}/OWNER" @@ -151,6 +151,10 @@ You can use gems from {% data variables.product.prodname_registry %} much like y $ gem install octo-gem --version "0.1.1" ``` +{% ifversion fpt or ghec or ghes > 3.1 or ghae %} + ## Further reading - "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" + +{% endif %} diff --git a/translations/zh-CN/content/pages/quickstart.md b/translations/zh-CN/content/pages/quickstart.md index 12d738d1bb..33bd9f080a 100644 --- a/translations/zh-CN/content/pages/quickstart.md +++ b/translations/zh-CN/content/pages/quickstart.md @@ -1,6 +1,6 @@ --- -title: Quickstart for GitHub Pages -intro: 'You can use {% data variables.product.prodname_pages %} to showcase some open source projects, host a blog, or even share your résumé. This guide will help get you started on creating your next website.' +title: GitHub Pages 快速入门 +intro: '您可以使用 {% data variables.product.prodname_pages %} 来展示一些开源项目、主持博客甚或分享您的简历。 本指南将帮助您开始创建下一个网站。' allowTitleToDifferFromFilename: true versions: fpt: '*' @@ -16,30 +16,30 @@ product: '{% data reusables.gated-features.pages %}' ## 简介 -{% data variables.product.prodname_pages %} are public webpages hosted and published through {% data variables.product.product_name %}. The quickest way to get up and running is by using the Jekyll Theme Chooser to load a pre-made theme. You can then modify your {% data variables.product.prodname_pages %}' content and style. +{% data variables.product.prodname_pages %} 是通过 {% data variables.product.product_name %} 托管和发布的公共网页。 启动和运行的最快方法是使用 Jekyll 主题选择器加载预置主题。 然后,您可以修改 {% data variables.product.prodname_pages %} 的内容和样式。 -This guide will lead you through creating a user site at `username.github.io`. +本指南将引导您完成在 `username.github.io` 创建用户站点的过程。 -## Creating your website +## 创建网站 {% data reusables.repositories.create_new %} -1. Enter `username.github.io` as the repository name. Replace `username` with your {% data variables.product.prodname_dotcom %} username. For example, if your username is `octocat`, the repository name should be `octocat.github.io`. ![Repository name field](/assets/images/help/pages/create-repository-name-pages.png) +1. 输入 `username.github.io` 作为存储库名称。 将 `username` 替换为您的 {% data variables.product.prodname_dotcom %} 用户名。 例如,如果您的用户名是 `octocat`,则存储库名称应为 `octocat.github.io`。 ![存储库名称字段](/assets/images/help/pages/create-repository-name-pages.png) {% data reusables.repositories.sidebar-settings %} {% data reusables.pages.sidebar-pages %} -1. Click **Choose a theme**. ![选择主题按钮](/assets/images/help/pages/choose-theme.png) -2. The Theme Chooser will open. Browse the available themes, then click **Select theme** to select a theme. It's easy to change your theme later, so if you're not sure, just choose one for now. ![主题选项和选择主题按钮](/assets/images/help/pages/select-theme.png) -3. After you select a theme, your repository's `README.md` file will open in the file editor. The `README.md` file is where you will write the content for your site. You can edit the file or keep the default content for now. -4. When you are done editing the file, click **Commit changes**. -5. Visit `username.github.io` to view your new website. **注:**对站点的更改在推送到 {% data variables.product.product_name %} 后,最长可能需要 20 分钟才会发布。 +1. 单击 **Choose a theme(选择主题)**。 ![选择主题按钮](/assets/images/help/pages/choose-theme.png) +2. 主题选择器将打开。 浏览可用的主题,然后单击 **Select theme(选择主题)**以选择主题。 以后更改主题很容易,因此,如果您不确定,请暂时选择一个。 ![主题选项和选择主题按钮](/assets/images/help/pages/select-theme.png) +3. 选择主题后,存储库的 `README.md` 文件将在文件编辑器中打开。 `README.md` 文件是您将为网站编写内容的位置。 您可以编辑文件或暂时保留默认内容。 +4. 编辑完文件后,单击 **Commit changes(提交更改)**。 +5. 访问 `username.github.io` 以查看您的新网站。 **注:**对站点的更改在推送到 {% data variables.product.product_name %} 后,最长可能需要 20 分钟才会发布。 -## Changing the title and description +## 更改标题和说明 -By default, the title of your site is `username.github.io`. You can change the title by editing the `_config.yml` file in your repository. You can also add a description for your site. +默认情况下,网站的标题为 `username.github.io`。 您可以通过编辑存储库中的 `_config.yml` 文件来更改标题。 您还可以为您的网站添加说明。 -1. Click the **Code** tab of your repository. -1. In the file list, click `_config.yml` to open the file. -1. Click {% octicon "pencil" aria-label="The edit icon" %} to edit the file. -1. The `_config.yml` file already contains a line that specifies the theme for your site. Add a new line with `title:` followed by the title you want. Add a new line with `description:` followed by the description you want. 例如: +1. 单击存储库的 **Code(代码)**选项卡。 +1. 在文件列表中,单击 `_config.yml` 打开该文件。 +1. 单击 {% octicon "pencil" aria-label="The edit icon" %} 编辑文件。 +1. `_config.yml` 文件已包含指定网站主题的行。 添加一个新行,其中包含 `title:`,后跟所需的标题。 添加一个新行,其中包含 `description:`,后跟所需的说明。 例如: ```yaml theme: jekyll-theme-minimal @@ -47,10 +47,10 @@ By default, the title of your site is `username.github.io`. You can change the t description: Bookmark this to keep an eye on my project updates! ``` -1. When you are done editing the file, click **Commit changes**. +1. 编辑完文件后,单击 **Commit changes(提交更改)**。 ## 后续步骤 -For more information about how to add additional pages to your site, see "[Adding content to your GitHub Pages site using Jekyll](/pages/setting-up-a-github-pages-site-with-jekyll/adding-content-to-your-github-pages-site-using-jekyll#about-content-in-jekyll-sites)." +有关如何向站点添加其他页面的详细信息,请参阅“[使用 Jekyll 向 GitHub Pages 站点添加内容](/pages/setting-up-a-github-pages-site-with-jekyll/adding-content-to-your-github-pages-site-using-jekyll#about-content-in-jekyll-sites)”。 -For more information about setting up a {% data variables.product.prodname_pages %} site with Jekyll, see "[About GitHub Pages and Jekyll](/pages/setting-up-a-github-pages-site-with-jekyll/about-github-pages-and-jekyll)." +有关使用 Jekyll 设置 {% data variables.product.prodname_pages %} 站点的更多信息,请参阅“[关于 GitHub Pages 和 Jekyll](/pages/setting-up-a-github-pages-site-with-jekyll/about-github-pages-and-jekyll)”。 diff --git a/translations/zh-CN/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md b/translations/zh-CN/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md index 9b047c5a41..c3d52b0409 100644 --- a/translations/zh-CN/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md +++ b/translations/zh-CN/content/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll.md @@ -50,6 +50,12 @@ shortTitle: 使用 Jekyll 本地测试站点 ``` 3. 要预览站点,请在 web 浏览器中导航到 `http://localhost:4000`。 +{% note %} + +**注意:** 如果您使用的是 Ruby 3.0 和 Jekyll 4.2.x 或更早版本,则需要在运行 `bundle install` 之前,将 `webrick` gem 添加到项目的 Gemfile 中。 + +{% endnote %} + ## 更新 {% data variables.product.prodname_pages %} gem Jekyll 是一个活跃的开源项目,经常更新。 如果您计算机上的 `github-pages` gem 版本落后于 {% data variables.product.prodname_pages %} 服务器上的 `github-pages` gem 版本,则您的站点在本地构建时的外观与在 {% data variables.product.product_name %} 上发布时的外观可能不同。 为避免这种情况,请定期更新计算机上的 `github-pages` gem。 diff --git a/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md b/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md index 7afd4c566b..a8ef7ddf56 100644 --- a/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md +++ b/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review.md @@ -17,9 +17,11 @@ topics: shortTitle: 请求 PR 审查 --- -用户帐户拥有的仓库的所有者和协作者可以分配拉取请求审查。 拥有仓库查验漏洞权限的组织成员可以分配拉取请求审查。 +Repositories belong to a personal account (a single individual owner) or an organization account (a shared account with numerous collaborators or maintainers). 更多信息请参阅“[{% data variables.product.prodname_dotcom %} 帐户的类型](/get-started/learning-about-github/types-of-github-accounts)”。 Owners and collaborators on a repository owned by a personal account can assign pull request reviews. Organization members with triage permissions can also assign a reviewer for a pull request. -所有者或协作者可以将拉取请求审核分配给被明确授予用户拥有仓库[读取权限](/articles/access-permissions-on-github)的任何人。 组织成员也可将拉取请求审查分配给拥有仓库读取权限的任何个人或团队。 被请求的审查者或团队将收到您请求他们审查拉取请求的通知。 {% ifversion fpt or ghae or ghes or ghec %}如果您请求团队审查,并且启用了代码审查分配,则会向特定成员发出申请,并且取消团队作为审查者。 For more information, see "[Managing code review settings for your team](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)."{% endif %} +To assign a reviewer to a pull request, you will need write access to the repository. For more information about repository access, see "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)." If you have write access, you can assign anyone who has read access to the repository as a reviewer. + +Organization members with write access can also assign a pull request review to any person or team with read access to a repository. 被请求的审查者或团队将收到您请求他们审查拉取请求的通知。 {% ifversion fpt or ghae or ghes or ghec %}如果您请求团队审查,并且启用了代码审查分配,则会向特定成员发出申请,并且取消团队作为审查者。 For more information, see "[Managing code review settings for your team](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)."{% endif %} {% note %} diff --git a/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md b/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md index 38250866d5..7732e3c8ac 100644 --- a/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md +++ b/translations/zh-CN/content/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners.md @@ -38,7 +38,7 @@ topics: 为使代码所有者接收审查请求,CODEOWNERS 文件必须在拉取请求的基本分支上。 例如,如果您将 `@octocat` 分配为仓库 `gh-pages` 分支上 *.js* 文件的代码所有者,则在头部分支与 `gh-pages` 之间打开更改 *.js* 文件的拉取请求时,`@octocat` 将会收到审查请求。 -{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-9273 %} +{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4675 %} ## CODEOWNERS 文件大小 CODEOWNERS 文件大小必须低于 3MB。 将不会加载超过此限制的 CODEOWNERS 文件,这意味着不会显示代码所有者信息,并且不会要求相应的代码所有者查看拉取请求中的更改。 diff --git a/translations/zh-CN/content/repositories/releasing-projects-on-github/automatically-generated-release-notes.md b/translations/zh-CN/content/repositories/releasing-projects-on-github/automatically-generated-release-notes.md index 528fd14ffe..3e3079d0bf 100644 --- a/translations/zh-CN/content/repositories/releasing-projects-on-github/automatically-generated-release-notes.md +++ b/translations/zh-CN/content/repositories/releasing-projects-on-github/automatically-generated-release-notes.md @@ -1,6 +1,6 @@ --- -title: Automatically generated release notes -intro: You can automatically generate release notes for your GitHub releases +title: 自动生成的发行说明 +intro: 您可以为 GitHub 版本自动生成发行说明 permissions: Repository collaborators and people with write access to a repository can generate and customize automated release notes for a release. versions: fpt: '*' @@ -9,34 +9,34 @@ versions: ghae: issue-4974 topics: - Repositories -shortTitle: Automated release notes +shortTitle: 自动发行说明 communityRedirect: name: Provide GitHub Feedback href: 'https://github.com/github/feedback/discussions/categories/general-feedback' --- -## About automatically generated release notes +## 关于自动生成的发行说明 -Automatically generated release notes provide an automated alternative to manually writing release notes for your {% data variables.product.prodname_dotcom %} releases. With automatically generated release notes, you can quickly generate an overview of the contents of a release. You can also customize your automated release notes, using labels to create custom categories to organize pull requests you want to include, and exclude certain labels and users from appearing in the output. +自动生成的发行说明为 {% data variables.product.prodname_dotcom %} 发行版手动编写发行说明提供了一种自动替代方法。 使用自动生成的发行说明,您可以快速生成发行版内容的概览。 您还可以自定义自动发行说明,使用标签创建自定义类别来组织要包含的拉取请求,并排除某些标签和用户不出现在输出中。 -## Creating automatically generated release notes for a new release +## 为新版本创建自动生成的发行说明 {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.releases %} 3. 单击 **Draft a new release(草拟新发行版)**。 ![发行版草稿按钮](/assets/images/help/releases/draft_release_button.png) -4. {% ifversion fpt or ghec %}Click **Choose a tag** and type{% else %}Type{% endif %} a version number for your release. Alternatively, select an existing tag. +4. {% ifversion fpt or ghec %}单击 **Choose a tag(选择标记)**,然后键入{% else %}键入{% endif %}发行版的版本号。 或者,选择现有标记。 {% ifversion fpt or ghec %} - ![Enter a tag](/assets/images/help/releases/releases-tag-create.png) -5. If you are creating a new tag, click **Create new tag**. ![Confirm you want to create a new tag](/assets/images/help/releases/releases-tag-create-confirm.png) + ![输入标记](/assets/images/help/releases/releases-tag-create.png) +5. 如果要创建新标记,请单击 **Create new tag(创建新标记)**。 ![确认您要创建新标记](/assets/images/help/releases/releases-tag-create-confirm.png) {% else %} ![发行版标记版本](/assets/images/enterprise/releases/releases-tag-version.png) {% endif %} -6. If you have created a new tag, use the drop-down menu to select the branch that contains the project you want to release. +6. 如果已创建新标记,请使用下拉菜单选择包含要发布的项目的分支。 {% ifversion fpt or ghec %}![选择分支](/assets/images/help/releases/releases-choose-branch.png) {% else %}![发行版标记分支](/assets/images/enterprise/releases/releases-tag-branch.png) {% endif %} -7. To the top right of the description text box, click **Auto-generate release notes**. ![Auto-generate release notes](/assets/images/help/releases/auto-generate-release-notes.png) -8. Check the generated notes to ensure they include all (and only) the information you want to include. +7. 在说明文本框的右上角,单击 **Auto-generate release notes(自动生成发行说明)**。 ![自动生成发行说明](/assets/images/help/releases/auto-generate-release-notes.png) +8. 检查生成的注释,确保它们包含所有(且仅有)您要包含的信息。 9. (可选)要在发行版中包含二进制文件(例如已编译的程序),请在二进制文件框中拖放或手动选择文件。 ![通过发行版提供 DMG](/assets/images/help/releases/releases_adding_binary.gif) 10. 要通知用户发行版本尚不可用于生产,可能不稳定,请选择 **This is a pre-release(这是预发布)**。 ![将版本标记为预发行版的复选框](/assets/images/help/releases/prerelease_checkbox.png) {%- ifversion fpt %} @@ -45,23 +45,23 @@ Automatically generated release notes provide an automated alternative to manual 12. 如果您准备推广您的发行版,请单击 **Publish release(发布版本)**。 要在以后处理该发行版,请单击 **Save draft(保存草稿)**。 ![发布版本和草拟发行版按钮](/assets/images/help/releases/release_buttons.png) -## Configuring automatically generated release notes +## 配置自动生成的发行说明 {% data reusables.repositories.navigate-to-repo %} {% data reusables.files.add-file %} -3. In the file name field, type `.github/release.yml` to create the `release.yml` file in the `.github` directory. ![Create new file](/assets/images/help/releases/release-yml.png) -4. In the file, using the configuration options below, specify in YAML the pull request labels and authors you want to exclude from this release. You can also create new categories and list the pull request labels to be included in each of them. +3. 在文件名字段中,键入 `.github/release.yml` 以在 `.github` 目录中创建 `release.yml` 文件。 ![创建新文件](/assets/images/help/releases/release-yml.png) +4. 在文件中,使用下面的配置选项,在 YAML 中指定要从此版本中排除的拉取请求标签和作者。 您还可以创建新类别并列出要包含在每个类别中的拉取请求标签。 ### 配置选项 -| Parameter | 描述 | -|:----------------------------------------- |:-------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `changelog.exclude.labels` | A list of labels that exclude a pull request from appearing in release notes. | -| `changelog.exclude.authors` | A list of user or bot login handles whose pull requests are to be excluded from release notes. | -| `changelog.categories[*].title` | **Required.** The title of a category of changes in release notes. | -| `changelog.categories[*].labels` | **Required.** Labels that qualify a pull request for this category. Use `*` as a catch-all for pull requests that didn't match any of the previous categories. | -| `changelog.categories[*].exclude.labels` | A list of labels that exclude a pull request from appearing in this category. | -| `changelog.categories[*].exclude.authors` | A list of user or bot login handles whose pull requests are to be excluded from this category. | +| 参数 | 描述 | +|:----------------------------------------- |:----------------------------------------------------- | +| `changelog.exclude.labels` | 不在发行说明中显示拉取请求的标签列表。 | +| `changelog.exclude.authors` | 要从发行说明中排除其拉取请求的用户或自动程序登录句柄的列表。 | +| `changelog.categories[*].title` | **必需。**发行说明中更改类别的标题。 | +| `changelog.categories[*].labels` | **必需。**符合此类别的拉取请求条件的标签。 使用 `*` 作为与上述任何类别都不匹配的拉取请求的统称。 | +| `changelog.categories[*].exclude.labels` | 不在此类别中显示拉取请求的标签列表。 | +| `changelog.categories[*].exclude.authors` | 要从此类别中排除其拉取请求的用户或自动程序登录句柄的列表。 | ### 示例配置 @@ -92,4 +92,4 @@ changelog: ## 延伸阅读 -- "[Managing labels](/issues/using-labels-and-milestones-to-track-work/managing-labels)" +- "[管理标签](/issues/using-labels-and-milestones-to-track-work/managing-labels)" diff --git a/translations/zh-CN/content/repositories/releasing-projects-on-github/managing-releases-in-a-repository.md b/translations/zh-CN/content/repositories/releasing-projects-on-github/managing-releases-in-a-repository.md index 62e8730f11..8c670bd0ae 100644 --- a/translations/zh-CN/content/repositories/releasing-projects-on-github/managing-releases-in-a-repository.md +++ b/translations/zh-CN/content/repositories/releasing-projects-on-github/managing-releases-in-a-repository.md @@ -40,16 +40,16 @@ shortTitle: 管理版本 3. 单击 **Draft a new release(草拟新发行版)**。 {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-4974 %}![Releases draft button](/assets/images/help/releases/draft-release-button-with-search.png){% else %}![Releases draft button](/assets/images/help/releases/draft_release_button.png){% endif %} -4. {% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4865 %}单击 **Choose a tag(选择标记)**,键入{% else %}类型{% endif %} 版本号{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4865 %},然后按 **Enter**{% endif %}。 Alternatively, select an existing tag. +4. {% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4865 %}单击 **Choose a tag(选择标记)**,键入{% else %}类型{% endif %} 版本号{% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4865 %},然后按 **Enter**{% endif %}。 或者,选择现有标记。 - {% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4865 %}![Enter a tag](/assets/images/help/releases/releases-tag-create.png) -5. If you are creating a new tag, click **Create new tag**. + {% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4865 %}![输入标记](/assets/images/help/releases/releases-tag-create.png) +5. 如果要创建新标记,请单击 **Create new tag(创建新标记)**。 - ![Confirm you want to create a new tag](/assets/images/help/releases/releases-tag-create-confirm.png) + ![确认您要创建新标记](/assets/images/help/releases/releases-tag-create-confirm.png) {% else %} ![发行版标记版本](/assets/images/enterprise/releases/releases-tag-version.png) {% endif %} -5. If you have created a new tag, use the drop-down menu to select the branch that contains the project you want to release. +5. 如果已创建新标记,请使用下拉菜单选择包含要发布的项目的分支。 {% ifversion fpt or ghec or ghes > 3.2 or ghae-issue-4865 %}![选择分支](/assets/images/help/releases/releases-choose-branch.png) {% else %}![Releases tagged branch](/assets/images/enterprise/releases/releases-tag-branch.png){% endif %} diff --git a/translations/zh-CN/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md b/translations/zh-CN/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md index 00e10a4bc1..2fb1bc4bd3 100644 --- a/translations/zh-CN/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md +++ b/translations/zh-CN/content/repositories/releasing-projects-on-github/searching-a-repositorys-releases.md @@ -1,32 +1,32 @@ --- -title: Searching a repository's releases -intro: 'You can use keywords, tags, and other qualifiers to search for particular releases in a repository.' +title: 搜索存储库的版本 +intro: 您可以使用关键字、标记和其他限定符来搜索存储库中的特定版本。 permissions: Anyone with read access to a repository can search that repository's releases. -shortTitle: Searching releases +shortTitle: 搜索版本 versions: fpt: '*' ghec: '*' ghes: '>3.2' - ghae-issue-4974: '*' + ghae: issue-4974 topics: - Repositories --- -## Searching for releases in a repository +## 在存储库中搜索版本 {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.releases %} -1. To search the repository's releases, in the search field at the top of the Releases page, type your query and press **Enter**. ![Releases search field](/assets/images/help/releases/search-releases.png) +1. 要搜索存储库的版本,请在 Releases(发行版)页面顶部的搜索字段中,键入您的查询,然后按 **Enter**。 ![版本搜索字段](/assets/images/help/releases/search-releases.png) -## Search syntax for searching releases in a repository +## 用于在存储库中搜索版本的搜索语法 -You can provide text in your search query which will be matched against the title, body, and tag of the repository's releases. You can also combine the following qualifiers to target specific releases. +您可以在搜索查询中提供文本,这些文本将与存储库版本的标题、正文和标记进行匹配。 您还可以组合以下限定符以面向特定版本。 -| 限定符 | 示例 | -| ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `draft:true` | **draft:true** will only match draft releases. | -| `draft:false` | **draft:false** will only match published releases. | -| `prerelease:true` | **prerelease:true** will only match pre-releases. | -| `prerelease:false` | **prerelease:false** will only match releases that are not pre-releases. | -| tag:TAG | **tag:v1** matches a release with the v1 tag and any minor or patch versions within v1, such as v1.0, v1.2, and v1.2.5. | -| created:DATE | **created:2021** will match releases created during 2021. You can also provide date ranges. 更多信息请参阅“[了解搜索语法](/search-github/getting-started-with-searching-on-github/understanding-the-search-syntax#query-for-dates)”。 | +| 限定符 | 示例 | +| ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `draft:true` | **draft:true** 将仅匹配草稿版本。 | +| `draft:false` | **draft:false** 仅匹配已发布的版本。 | +| `prerelease:true` | **prerelease:true** 仅匹配预发行版本。 | +| `prerelease:false` | **prerelease:false** 仅匹配非预发行版的版本。 | +| tag:TAG | **tag:v1** 匹配具有 v1 标记的版本以及 v1 中的任何次要版本或修补程序版本,例如 v1.0、v1.2 和 v1.2.5。 | +| created:DATE | **created:2021** 将匹配 2021 年期间创建的版本。 您还可以提供日期范围。 更多信息请参阅“[了解搜索语法](/search-github/getting-started-with-searching-on-github/understanding-the-search-syntax#query-for-dates)”。 | diff --git a/translations/zh-CN/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md b/translations/zh-CN/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md index 1180043ae5..86db4cefb8 100644 --- a/translations/zh-CN/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md +++ b/translations/zh-CN/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md @@ -73,5 +73,5 @@ shortTitle: 存储库之间的连接 依赖关系图提供了可视化和探索仓库依赖关系的好方法。 更多信息请参阅“[关于依赖关系图](/code-security/supply-chain-security/about-the-dependency-graph)”和“[探索仓库的依赖关系](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository)”。 -您也可以设置仓库,以便在您的一个依赖项中发现安全漏洞时,{% data variables.product.company_short %} 会自动提醒您。 更多信息请参阅“[关于易受攻击的依赖项的警报](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 +您也可以设置仓库,以便在您的一个依赖项中发现安全漏洞时,{% data variables.product.company_short %} 会自动提醒您。 更多信息请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 {% endif %} diff --git a/translations/zh-CN/content/repositories/working-with-files/using-files/working-with-non-code-files.md b/translations/zh-CN/content/repositories/working-with-files/using-files/working-with-non-code-files.md index 6948d6df36..b98cc162b9 100644 --- a/translations/zh-CN/content/repositories/working-with-files/using-files/working-with-non-code-files.md +++ b/translations/zh-CN/content/repositories/working-with-files/using-files/working-with-non-code-files.md @@ -130,6 +130,12 @@ SVG 目前不支持内联脚本或动画。 {% endtip %} +{% if mermaid %} +### 在 Markdown 中渲染 + +您可以直接在 Markdown 中嵌入 ASCII STL 语法。 更多信息请参阅“[创建示意图](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-stl-3d-models)”。 +{% endif %} + ## 呈现 CSV 和 TSV 数据 GitHub 支持以 *.csv*(逗号分隔)和 .*tsv*(制表符分隔)文件的形式呈现表格数据。 @@ -274,6 +280,12 @@ GitHub 支持呈现 PDF 文档。 {% endtip %} +{% if mermaid %} +### 在 Markdown 嵌入地图 + +您可以直接在 Markdown 中嵌入 geoJSON 和 topoJSON。 更多信息请参阅“[创建示意图](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-geojson-and-topojson-maps)”。 +{% endif %} + ### 集群 如果地图包含大量标记(大约超过 750 个),GitHub 将自动以较高的缩放比例集群附近的标记。 只需单击群集或放大便可查看个别标记。 @@ -292,7 +304,7 @@ GitHub 支持呈现 PDF 文档。 如果将 `.geojson` 文件转换为 [TopoJSON](https://github.com/mbostock/topojson),可能还是能够渲染数据,TopoJSON 是一种压缩格式,有时能将文件减小 80%。 当然,您始终可以将文件分解为更小的数据块(例如按州或年分解),并将数据在仓库中存储为多个文件。 -### 其他资源 +### 延伸阅读 * [Leaflet.js geojson 文档](http://leafletjs.com/examples/geojson.html) * [MapBox marker-styling 文档](http://www.mapbox.com/developers/simplestyle/) @@ -320,3 +332,44 @@ $ jupyter nbconvert --to html NOTEBOOK-NAME.ipynb - [Jupyter Notebook 的 GitHub 仓库](https://github.com/jupyter/jupyter_notebook) - [Jupyter Notebook 的图片库](https://github.com/jupyter/jupyter/wiki/A-gallery-of-interesting-Jupyter-Notebooks) + +{% if mermaid %} +## 在 {% data variables.product.prodname_dotcom %} 上显示 Mermaid 文件 + +{% data variables.product.product_name %} 支持在存储库中呈现 Mermaid 文件。 像往常一样使用 `.mermaid` 或 `.mmd` 扩展名提交文件。 然后,导航到 {% data variables.product.prodname_dotcom %}上的 Mermaid 文件的路径。 + +例如,如果将包含以下内容的 `.mmd` 文件添加到存储库中: + +``` +graph TD + A[Friend's Birthday] -->|Get money| B(Go shopping) + B --> C{Let me think} + C -->|One| D["Cool
Laptop"] + C -->|Two| E[iPhone] + C -->|Three| F[fa:fa-car Car] +``` + +当您在存储库中查看文件时,它将呈现为流程图。 ![渲染的 mermaid 文件图](/assets/images/help/repository/mermaid-file-diagram.png) + +### 疑难解答 + +如果您的图表根本没有呈现,请使用 [Mermaid 实时编辑器](https://mermaid.live/edit)检查您的图表,以验证它是否包含有效的 Mermaid Markdown 语法。 + +如果图表显示,但未按预期显示,则可以创建新的[反馈讨论](https://github.com/github/feedback/discussions/categories/general-feedback),并添加 `mermaid` 标记。 + +#### 已知问题 + +* 序列图图表经常在图表下方使用额外的填充进行呈现,随着图表大小的增加,还会添加更多的填充。 这是 Mermaid 库的已知问题。 +* 具有弹出菜单的执行组件节点在序列图图表中无法按预期工作。 这是由于当 Mermaid 库的 API 用于呈现图表时,JavaScript 事件添加到图表的方式存在差异。 +* 并非所有图表都符合 a11y 标准。 这可能会影响依赖屏幕阅读器的用户。 + +### Mermaid in Markdown + +您可以直接在 Markdown 中嵌入 Mermaid 语法。 更多信息请参阅“[创建示意图](/get-started/writing-on-github/working-with-advanced-formatting/creating-diagrams#creating-mermaid-diagrams)”。 + +### 延伸阅读 + +* [Mermaid.js 文档](https://mermaid-js.github.io/mermaid/#/) +* [Mermaid.js 实时编辑器](https://mermaid.live/edit) +{% endif %} + diff --git a/translations/zh-CN/content/rest/overview/permissions-required-for-github-apps.md b/translations/zh-CN/content/rest/overview/permissions-required-for-github-apps.md index 41c6cd957a..baec6bcbfe 100644 --- a/translations/zh-CN/content/rest/overview/permissions-required-for-github-apps.md +++ b/translations/zh-CN/content/rest/overview/permissions-required-for-github-apps.md @@ -121,6 +121,9 @@ _搜索_ - [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#get-an-artifact) (:read) - [`DELETE /repos/:owner/:repo/actions/artifacts/:artifact_id`](/rest/reference/actions#delete-an-artifact) (:write) - [`GET /repos/:owner/:repo/actions/artifacts/:artifact_id/zip`](/rest/reference/actions#download-an-artifact) (:read) +{% if actions-cache-management -%} +- [`GET /repos/:owner/:repo/actions/cache/usage`](/rest/reference/actions#get-github-actions-cache-usage-for-a-repository) (:read) +{% endif -%} - [`GET /repos/:owner/:repo/actions/jobs/:job_id`](/rest/reference/actions#get-a-job-for-a-workflow-run) (:read) - [`GET /repos/:owner/:repo/actions/jobs/:job_id/logs`](/rest/reference/actions#download-job-logs-for-a-workflow-run) (:read) - [`GET /repos/:owner/:repo/actions/runs`](/rest/reference/actions#list-workflow-runs-for-a-repository) (:read) @@ -644,6 +647,10 @@ _团队_ ### 有关“组织管理”的权限 - [`PATCH /orgs/:org`](/rest/reference/orgs#update-an-organization) (:write) +{% if actions-cache-management -%} +- [`GET /orgs/:org/actions/cache/usage`](/rest/reference/actions#get-github-actions-cache-usage-for-an-organization) (:read) +- [`GET /orgs/:org/actions/cache/usage-by-repository`](/rest/reference/actions#list-repositories-with-github-actions-cache-usage-for-an-organization) (:read) +{% endif -%} {% ifversion fpt -%} - [`GET /orgs/:org/interaction-limits`](/rest/reference/interactions#get-interaction-restrictions-for-an-organization) (:read) {% endif -%} diff --git a/translations/zh-CN/content/rest/reference/codespaces.md b/translations/zh-CN/content/rest/reference/codespaces.md index 11f28ca643..3a07a37eb0 100644 --- a/translations/zh-CN/content/rest/reference/codespaces.md +++ b/translations/zh-CN/content/rest/reference/codespaces.md @@ -1,6 +1,6 @@ --- title: Codespaces -intro: 'The {% data variables.product.prodname_codespaces %} API enables you to manage your codespaces using the REST API.' +intro: '{% data variables.product.prodname_codespaces %} API 允许您使用 REST API 管理代码空间。' product: '{% data reusables.gated-features.codespaces %}' versions: fpt: '*' @@ -12,4 +12,4 @@ miniTocMaxHeadingLevel: 3 \ No newline at end of file +--> diff --git a/translations/zh-CN/content/rest/reference/deploy_keys.md b/translations/zh-CN/content/rest/reference/deploy_keys.md new file mode 100644 index 0000000000..2a49dbdf47 --- /dev/null +++ b/translations/zh-CN/content/rest/reference/deploy_keys.md @@ -0,0 +1,17 @@ +--- +title: Deploy Keys +intro: 'The Deploy Keys API allows to create an SSH key that is stored on your server and grants access to a GitHub repository.' +allowTitleToDifferFromFilename: true +versions: + fpt: '*' + ghes: '*' + ghae: '*' + ghec: '*' +topics: + - API +miniTocMaxHeadingLevel: 3 +--- + + \ No newline at end of file diff --git a/translations/zh-CN/content/rest/reference/deployments.md b/translations/zh-CN/content/rest/reference/deployments.md index 0b4daf9c5e..b9b2dfc6fe 100644 --- a/translations/zh-CN/content/rest/reference/deployments.md +++ b/translations/zh-CN/content/rest/reference/deployments.md @@ -1,6 +1,6 @@ --- title: 部署 -intro: 'The deployments API allows you to create and delete deploy keys, deployments, and deployment environments.' +intro: The deployments API allows you to create and delete deployments and deployment environments. allowTitleToDifferFromFilename: true versions: fpt: '*' diff --git a/translations/zh-CN/content/rest/reference/index.md b/translations/zh-CN/content/rest/reference/index.md index ffd7a7674d..d1620d78bb 100644 --- a/translations/zh-CN/content/rest/reference/index.md +++ b/translations/zh-CN/content/rest/reference/index.md @@ -22,6 +22,7 @@ children: - /collaborators - /commits - /dependabot + - /deploy_keys - /deployments - /emojis - /enterprise-admin diff --git a/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/enabling-githubcom-repository-search-from-your-private-enterprise-environment.md b/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/enabling-githubcom-repository-search-from-your-private-enterprise-environment.md index 4fdba26583..35de0bc389 100644 --- a/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/enabling-githubcom-repository-search-from-your-private-enterprise-environment.md +++ b/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/enabling-githubcom-repository-search-from-your-private-enterprise-environment.md @@ -22,10 +22,10 @@ topics: You can search for designated private repositories on {% data variables.product.prodname_ghe_cloud %} from {% ifversion fpt or ghec %}your private {% data variables.product.prodname_enterprise %} environment{% else %}{% data variables.product.product_location %}{% ifversion ghae %} on {% data variables.product.prodname_ghe_managed %}{% endif %}{% endif %}. {% ifversion fpt or ghec %}For example, if you use {% data variables.product.prodname_ghe_server %}, you can search for private repositories from your enterprise from {% data variables.product.prodname_ghe_cloud %} in the web interface for {% data variables.product.prodname_ghe_server %}.{% endif %} -## 基本要求 +## Prerequisites - An enterprise owner for {% ifversion fpt or ghec %}your private {% data variables.product.prodname_enterprise %} environment{% else %}{% data variables.product.product_name %}{% endif %} must enable {% data variables.product.prodname_github_connect %} and {% data variables.product.prodname_unified_search %} for private repositories. For more information, see the following.{% ifversion fpt or ghes or ghec %} - - "\[Enabling {% data variables.product.prodname_unified_search %} for your enterprise\](/{% ifversion not ghes %}enterprise-server@latest/{% endif %}admin/configuration/configuring-github-connect/enabling-unified-search-for-your-enterprise"{% ifversion fpt or ghec %} in the {% data variables.product.prodname_ghe_server %} documentation{% endif %}{% endif %}{% ifversion fpt or ghec or ghae %} + - "[Enabling {% data variables.product.prodname_unified_search %} for your enterprise](/{% ifversion not ghes %}enterprise-server@latest/{% endif %}admin/configuration/configuring-github-connect/enabling-unified-search-for-your-enterprise"{% ifversion fpt or ghec %} in the {% data variables.product.prodname_ghe_server %} documentation{% endif %}{% endif %}{% ifversion fpt or ghec or ghae %} - "[Enabling {% data variables.product.prodname_unified_search %} for your enterprise}](/github-ae@latest/admin/configuration/configuring-github-connect/enabling-unified-search-for-your-enterprise)"{% ifversion fpt or ghec %} in the {% data variables.product.prodname_ghe_managed %} documentation{% endif %} {% endif %} @@ -35,17 +35,18 @@ You can search for designated private repositories on {% data variables.product. {% ifversion fpt or ghec %} -更多信息请参阅以下文章。 +For more information, see the following. -| Your enterprise environment | 更多信息 | -|:--------------------------------------------------- |:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| {% data variables.product.prodname_ghe_server %} | "[Enabling {% data variables.product.prodname_dotcom_the_website %} repository search from your private enterprise environment](/enterprise-server@latest/search-github/getting-started-with-searching-on-github/enabling-githubcom-repository-search-from-your-private-enterprise-environment#enabling-githubcom-repository-search-from-github-enterprise-server)" | -| {% data variables.product.prodname_ghe_managed %} | "[Enabling {% data variables.product.prodname_dotcom_the_website %} repository search from your private enterprise environment](/github-ae@latest//search-github/getting-started-with-searching-on-github/enabling-githubcom-repository-search-from-your-private-enterprise-environment#enabling-githubcom-repository-search-from-github-ae)" | +| Your enterprise environment | More information | +| :- | :- | +| {% data variables.product.prodname_ghe_server %} | "[Enabling {% data variables.product.prodname_dotcom_the_website %} repository search from your private enterprise environment](/enterprise-server@latest/search-github/getting-started-with-searching-on-github/enabling-githubcom-repository-search-from-your-private-enterprise-environment#enabling-githubcom-repository-search-from-github-enterprise-server)" | +| {% data variables.product.prodname_ghe_managed %} | "[Enabling {% data variables.product.prodname_dotcom_the_website %} repository search from your private enterprise environment](/github-ae@latest//search-github/getting-started-with-searching-on-github/enabling-githubcom-repository-search-from-your-private-enterprise-environment#enabling-githubcom-repository-search-from-github-ae)" | {% elsif ghes or ghae %} 1. Sign into {% data variables.product.product_name %} and {% data variables.product.prodname_dotcom_the_website %}. -1. 在 {% data variables.product.product_name %} 上任何页面的右上角,单击您的个人资料照片,然后单击**设置**。 ![用户栏中的 Settings 图标](/assets/images/help/settings/userbar-account-settings.png) +1. On {% data variables.product.product_name %}, in the upper-right corner of any page, click your profile photo, then click **Settings**. +![Settings icon in the user bar](/assets/images/help/settings/userbar-account-settings.png) {% data reusables.github-connect.github-connect-tab-user-settings %} {% data reusables.github-connect.connect-dotcom-and-enterprise %} {% data reusables.github-connect.connect-dotcom-and-enterprise %} diff --git a/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/index.md b/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/index.md index 4453924be6..b9bbf2a3e8 100644 --- a/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/index.md +++ b/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/index.md @@ -1,6 +1,6 @@ --- title: 开始在 GitHub 上搜索 -intro: 'You can use a wide range of syntax to search {% data variables.product.product_name %}. You can adjust the scope of your search, build and troubleshoot queries, and sort search results with qualifiers.' +intro: '您可以使用多种语法来搜索 {% data variables.product.product_name %}。 您可以调整搜索范围,构建查询和排除查询故障,并使用限定符对搜索结果进行排序。' redirect_from: - /articles/getting-started-with-searching-on-github - /github/searching-for-information-on-github/getting-started-with-searching-on-github diff --git a/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/sorting-search-results.md b/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/sorting-search-results.md index 19cb5fd638..aebdacd20b 100644 --- a/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/sorting-search-results.md +++ b/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/sorting-search-results.md @@ -47,19 +47,19 @@ topics: `sort:author-date` 限定符按作者日期降序或升序排序。 -| 限定符 | 示例 | -| -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `sort:author-date` 或 `sort:author-date-desc` | [**feature org:github sort:author-date**](https://github.com/search?utf8=%E2%9C%93&q=feature+org%3Agithub+sort%3Aauthor-date&type=Commits) 匹配 {% data variables.product.product_name %} 所拥有仓库中含有 "feature" 字样的提交,按作者日期降序排序。 | -| `sort:author-date-asc` | [**`feature org:github sort:author-date-asc`**](https://github.com/search?utf8=%E2%9C%93&q=feature+org%3Agithub+sort%3Aauthor-date-asc&type=Commits) matches commits containing the word "feature" in repositories owned by {% data variables.product.product_name %}, sorted by ascending author date. | +| 限定符 | 示例 | +| -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `sort:author-date` 或 `sort:author-date-desc` | [**feature org:github sort:author-date**](https://github.com/search?utf8=%E2%9C%93&q=feature+org%3Agithub+sort%3Aauthor-date&type=Commits) 匹配 {% data variables.product.product_name %} 所拥有仓库中含有 "feature" 字样的提交,按作者日期降序排序。 | +| `sort:author-date-asc` | [**`feature org:github sort:author-date-asc`**](https://github.com/search?utf8=%E2%9C%93&q=feature+org%3Agithub+sort%3Aauthor-date-asc&type=Commits) 匹配 {% data variables.product.product_name %} 所拥有仓库中含有 "feature" 字样的提交,按作者日期升序排序。 | ## 按提交者日期排序 `sort:committer-date` 限定符按提交者日期降序或升序排序。 -| 限定符 | 示例 | -| -------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `sort:committer-date` 或 `sort:committer-date-desc` | [**feature org:github sort:committer-date**](https://github.com/search?utf8=%E2%9C%93&q=feature+org%3Agithub+sort%3Acommitter-date&type=Commits) 匹配 {% data variables.product.product_name %} 所拥有仓库中含有 "feature" 字样的提交,按提交者日期降序排序。 | -| `sort:committer-date-asc` | [**`feature org:github sort:committer-date-asc`**](https://github.com/search?utf8=%E2%9C%93&q=feature+org%3Agithub+sort%3Acommitter-date-asc&type=Commits) matches commits containing the word "feature" in repositories owned by {% data variables.product.product_name %}, sorted by ascending committer date. | +| 限定符 | 示例 | +| -------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `sort:committer-date` 或 `sort:committer-date-desc` | [**feature org:github sort:committer-date**](https://github.com/search?utf8=%E2%9C%93&q=feature+org%3Agithub+sort%3Acommitter-date&type=Commits) 匹配 {% data variables.product.product_name %} 所拥有仓库中含有 "feature" 字样的提交,按提交者日期降序排序。 | +| `sort:committer-date-asc` | [**`feature org:github sort:committer-date-asc`**](https://github.com/search?utf8=%E2%9C%93&q=feature+org%3Agithub+sort%3Acommitter-date-asc&type=Commits) 匹配 {% data variables.product.product_name %} 所拥有仓库中含有 "feature" 字样的提交,按提交者日期升序排序。 | ## 按更新日期排序 diff --git a/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/understanding-the-search-syntax.md b/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/understanding-the-search-syntax.md index 665f5a5c35..3a3cf532c9 100644 --- a/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/understanding-the-search-syntax.md +++ b/translations/zh-CN/content/search-github/getting-started-with-searching-on-github/understanding-the-search-syntax.md @@ -61,7 +61,7 @@ shortTitle: 了解搜索语法 | 查询 | 示例 | | -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | YYYY-MM-DDTHH:MM:SS+00:00 | **[cats created:2017-01-01T01:00:00+07:00..2017-03-01T15:30:15+07:00](https://github.com/search?utf8=%E2%9C%93&q=cats+created%3A2017-01-01T01%3A00%3A00%2B07%3A00..2017-03-01T15%3A30%3A15%2B07%3A00&type=Issues)** 匹配在 2017 年 1 月 1 日凌晨 1 点(UTC 偏移为 `07:00`)与 2017 年 3 月 1 日下午 3 点(UTC 偏移为 `07:00`)之间创建的议题。 UTC 偏移量 `07:00`,2017 年 3 月 1 日下午 3 点。 UTC 偏移量 `07:00`。 | -| YYYY-MM-DDTHH:MM:SSZ | **[cats created:2016-03-21T14:11:00Z..2016-04-07T20:45:00Z](https://github.com/search?utf8=%E2%9C%93&q=cats+created%3A2016-03-21T14%3A11%3A00Z..2016-04-07T20%3A45%3A00Z&type=Issues)** matches issues created between March 21, 2016 at 2:11pm and April 7, 2016 at 8:45pm. | +| YYYY-MM-DDTHH:MM:SSZ | **[cats created:2016-03-21T14:11:00Z..2016-04-07T20:45:00Z](https://github.com/search?utf8=%E2%9C%93&q=cats+created%3A2016-03-21T14%3A11%3A00Z..2016-04-07T20%3A45%3A00Z&type=Issues)** 匹配在 2016 年 3 月 21 日下午 2:11 与 2016 年 4 月 7 日晚上 8:45 之间创建的议题。 | ## 排除特定结果 @@ -73,10 +73,10 @@ shortTitle: 了解搜索语法 缩小搜索结果范围的另一种途径是排除特定的子集。 您可以为任何搜索限定符添加 `-` 前缀,以排除该限定符匹配的所有结果。 -| 查询 | 示例 | -| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| -QUALIFIER | **[`cats stars:>10 -language:javascript`](https://github.com/search?q=cats+stars%3A>10+-language%3Ajavascript&type=Repositories)** matches repositories with the word "cats" that have more than 10 stars but are not written in JavaScript. | -| | **[`mentions:defunkt -org:github`](https://github.com/search?utf8=%E2%9C%93&q=mentions%3Adefunkt+-org%3Agithub&type=Issues)** matches issues mentioning @defunkt that are not in repositories in the GitHub organization | +| 查询 | 示例 | +| -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| -QUALIFIER | **[`cats stars:>10 -language:javascript`](https://github.com/search?q=cats+stars%3A>10+-language%3Ajavascript&type=Repositories)** 匹配含有 "cats" 字样、有超过 10 个星号但并非以 JavaScript 编写的仓库。 | +| | **[`mentions:defunkt -org:github`](https://github.com/search?utf8=%E2%9C%93&q=mentions%3Adefunkt+-org%3Agithub&type=Issues)** 匹配提及 @defunkt 且不在 GitHub 组织仓库中的议题 | ## 对带有空格的查询使用引号 diff --git a/translations/zh-CN/content/search-github/index.md b/translations/zh-CN/content/search-github/index.md index 0e655dc0d4..b6a5bc6640 100644 --- a/translations/zh-CN/content/search-github/index.md +++ b/translations/zh-CN/content/search-github/index.md @@ -1,6 +1,6 @@ --- title: 在 GitHub 上搜索信息 -intro: 'Learn how to use the search functions available on GitHub to find different types of information, like projects, people, and code.' +intro: 了解如何使用 GitHub 上提供的搜索功能来查找不同类型的信息,如项目、人员和代码。 introLinks: overview: /search-github/getting-started-with-searching-on-github/about-searching-on-github featuredLinks: diff --git a/translations/zh-CN/content/search-github/searching-on-github/finding-files-on-github.md b/translations/zh-CN/content/search-github/searching-on-github/finding-files-on-github.md index e0230a4013..e8ae849c73 100644 --- a/translations/zh-CN/content/search-github/searching-on-github/finding-files-on-github.md +++ b/translations/zh-CN/content/search-github/searching-on-github/finding-files-on-github.md @@ -1,6 +1,6 @@ --- title: 在 GitHub 上查找文件 -intro: '您可以使用文件查找器在仓库中搜索文件。 To search for a file in multiple repositories on {% data variables.product.product_name %}, use the [`filename` code search qualifier](/search-github/searching-on-github/searching-code#search-by-filename).' +intro: '您可以使用文件查找器在仓库中搜索文件。 要在 {% data variables.product.product_name %} 上的多个仓库中搜索文件,请使用 [`filename` 代码搜索限定符](/search-github/searching-on-github/searching-code#search-by-filename)。' redirect_from: - /articles/finding-files-on-github - /github/searching-for-information-on-github/finding-files-on-github diff --git a/translations/zh-CN/content/search-github/searching-on-github/index.md b/translations/zh-CN/content/search-github/searching-on-github/index.md index 70ce211916..fc27a3f5ed 100644 --- a/translations/zh-CN/content/search-github/searching-on-github/index.md +++ b/translations/zh-CN/content/search-github/searching-on-github/index.md @@ -1,6 +1,6 @@ --- title: 在 GitHub 上搜索 -intro: You can use qualifiers to narrow your search and focus on specific categories of information. +intro: 您可以使用限定符来缩小搜索范围,并专注于特定类别的信息。 redirect_from: - /articles/searching-on-github - /github/searching-for-information-on-github/searching-on-github diff --git a/translations/zh-CN/content/search-github/searching-on-github/searching-code.md b/translations/zh-CN/content/search-github/searching-on-github/searching-code.md index 0c70513149..b92800fd45 100644 --- a/translations/zh-CN/content/search-github/searching-on-github/searching-code.md +++ b/translations/zh-CN/content/search-github/searching-on-github/searching-code.md @@ -62,11 +62,11 @@ topics: 您可使用 `path` 限定符搜索仓库中特定位置显示的源代码。 使用 `path:/` 可搜索位于仓库根目录级别的文件。 或者,指定目录名称或目录路径以搜索位于该命令或其任何子目录中的文件。 -| 限定符 | 示例 | -| -------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| path:/ | [**octocat filename:readme path:/**](https://github.com/search?utf8=%E2%9C%93&q=octocat+filename%3Areadme+path%3A%2F&type=Code) 匹配位于仓库根目录级别且含有 "octocat" 字样的 _readme_ 文件。 | -| path:DIRECTORY | [**form path:cgi-bin language:perl**](https://github.com/search?q=form+path%3Acgi-bin+language%3Aperl&type=Code) matches Perl files with the word "form" in the cgi-bin directory, or in any of its subdirectories. | -| path:PATH/TO/DIRECTORY | [**`console path:app/public language:javascript`**](https://github.com/search?q=console+path%3A%22app%2Fpublic%22+language%3Ajavascript&type=Code) matches JavaScript files with the word "console" in the app/public directory, or in any of its subdirectories (even if they reside in app/public/js/form-validators). | +| 限定符 | 示例 | +| -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| path:/ | [**octocat filename:readme path:/**](https://github.com/search?utf8=%E2%9C%93&q=octocat+filename%3Areadme+path%3A%2F&type=Code) 匹配位于仓库根目录级别且含有 "octocat" 字样的 _readme_ 文件。 | +| path:DIRECTORY | [**form path:cgi-bin language:perl**](https://github.com/search?q=form+path%3Acgi-bin+language%3Aperl&type=Code) 匹配 cgi-bin 目录或其任何子目录中有单词“form”的 Perl 文件。 | +| path:PATH/TO/DIRECTORY | [**`console path:app/public language:javascript`**](https://github.com/search?q=console+path%3A%22app%2Fpublic%22+language%3Ajavascript&type=Code) 匹配 app/public 目录或其任何子目录(即使其位于 app/public/js/form-validators 中)中且含有单词“console”的 JavaScript 文件。 | ## 按语言搜索 diff --git a/translations/zh-CN/content/search-github/searching-on-github/searching-commits.md b/translations/zh-CN/content/search-github/searching-on-github/searching-commits.md index b722ed55d4..7d131949a6 100644 --- a/translations/zh-CN/content/search-github/searching-on-github/searching-commits.md +++ b/translations/zh-CN/content/search-github/searching-on-github/searching-commits.md @@ -109,10 +109,10 @@ topics: | --- | -- | | | | {%- ifversion fpt or ghes or ghec %} -| `is:public` | [**is:public**](https://github.com/search?q=is%3Apublic&type=Commits) matches commits to public repositories. +| `is:public` | [**is:public**](https://github.com/search?q=is%3Apublic&type=Commits) 匹配提交到公共存储库。 {%- endif %} {%- ifversion ghes or ghec or ghae %} -| `is:internal` | [**is:internal**](https://github.com/search?q=is%3Ainternal&type=Commits) matches commits to internal repositories. +| `is:internal` | [**is:internal**](https://github.com/search?q=is%3Ainternal&type=Commits) 匹配提交到内部存储库。 {%- endif %} | `is:private` | [**is:private**](https://github.com/search?q=is%3Aprivate&type=Commits) 匹配对私有仓库的提交。 diff --git a/translations/zh-CN/content/search-github/searching-on-github/searching-discussions.md b/translations/zh-CN/content/search-github/searching-on-github/searching-discussions.md index a64e516719..5fec6fc15f 100644 --- a/translations/zh-CN/content/search-github/searching-on-github/searching-discussions.md +++ b/translations/zh-CN/content/search-github/searching-on-github/searching-discussions.md @@ -41,7 +41,7 @@ redirect_from: 您可以使用 `is` 限定符,按包含讨论的仓库的可见性进行过滤。 更多信息请参阅“[关于仓库](/repositories/creating-and-managing-repositories/about-repositories#about-repository-visibility)”。 -| Qualifier | Example | :- | :- |{% ifversion fpt or ghes or ghec %} | `is:public` | [**is:public**](https://github.com/search?q=is%3Apublic&type=Discussions) matches discussions in public repositories.{% endif %}{% ifversion ghec %} | `is:internal` | [**is:internal**](https://github.com/search?q=is%3Ainternal&type=Discussions) matches discussions in internal repositories.{% endif %} | `is:private` | [**is:private tiramisu**](https://github.com/search?q=is%3Aprivate+tiramisu&type=Discussions) matches discussions that contain the word "tiramisu" in private repositories you can access. +| 限定符 | 示例 | :- | :- |{% ifversion fpt or ghes or ghec %} | `is:public` | [**is:public**](https://github.com/search?q=is%3Apublic&type=Discussions) 匹配公共存储库中的讨论。{% endif %}{% ifversion ghec %} | `is:internal` | [**is:internal**](https://github.com/search?q=is%3Ainternal&type=Discussions) 匹配内部存储库中的讨论。{% endif %} | `is:private` | [**is:private tiramisu**](https://github.com/search?q=is%3Aprivate+tiramisu&type=Discussions) 匹配在您可以访问的的私有存储库中包含单词“tiramisu”的讨论。 ## 按作者搜索 diff --git a/translations/zh-CN/content/search-github/searching-on-github/searching-for-packages.md b/translations/zh-CN/content/search-github/searching-on-github/searching-for-packages.md index afd255ec34..18604f9b28 100644 --- a/translations/zh-CN/content/search-github/searching-on-github/searching-for-packages.md +++ b/translations/zh-CN/content/search-github/searching-on-github/searching-for-packages.md @@ -31,10 +31,10 @@ redirect_from: 要查找特定用户或组织拥有的包,请使用 `user` 或 `org` 限定符。 -| 限定符 | 示例 | -| ------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| user:USERNAME | [**`user:codertocat`**](https://github.com/search?q=user%3Acodertocat&type=RegistryPackages) matches packages owned by @codertocat | -| org:ORGNAME | [**`org:github`**](https://github.com/search?q=org%3Agithub&type=RegistryPackages) matches packages owned by the {% data variables.product.prodname_dotcom %} organization | +| 限定符 | 示例 | +| ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | +| user:USERNAME | [**`user:codertocat`**](https://github.com/search?q=user%3Acodertocat&type=RegistryPackages) 匹配 @codertocat 拥有的包 | +| org:ORGNAME | [**`org:github`**](https://github.com/search?q=org%3Agithub&type=RegistryPackages) 匹配 {% data variables.product.prodname_dotcom %} 组织拥有的包 | ## 按包可见性过滤 diff --git a/translations/zh-CN/content/search-github/searching-on-github/searching-for-repositories.md b/translations/zh-CN/content/search-github/searching-on-github/searching-for-repositories.md index 974fac0002..044da323c5 100644 --- a/translations/zh-CN/content/search-github/searching-on-github/searching-for-repositories.md +++ b/translations/zh-CN/content/search-github/searching-on-github/searching-for-repositories.md @@ -111,17 +111,17 @@ shortTitle: 搜索仓库 您可以根据仓库中代码的语言搜索仓库。 -| 限定符 | 示例 | -| ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| language:LANGUAGE | [**`rails language:javascript`**](https://github.com/search?q=rails+language%3Ajavascript&type=Repositories) matches repositories with the word "rails" that are written in JavaScript. | +| 限定符 | 示例 | +| ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | +| language:LANGUAGE | [**`rails language:javascript`**](https://github.com/search?q=rails+language%3Ajavascript&type=Repositories) 匹配用 JavaScript 编写、包含单词“rails”的存储库。 | ## 按主题搜索 您可以找到按特定主题分类的所有仓库。 更多信息请参阅“[使用主题对仓库分类](/github/administering-a-repository/classifying-your-repository-with-topics)”。 -| 限定符 | 示例 | -| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| topic:TOPIC | [**`topic:jekyll`**](https://github.com/search?utf8=%E2%9C%93&q=topic%3Ajekyll&type=Repositories&ref=searchresults) matches repositories that have been classified with the topic "Jekyll." | +| 限定符 | 示例 | +| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | +| topic:TOPIC | [**`topic:jekyll`**](https://github.com/search?utf8=%E2%9C%93&q=topic%3Ajekyll&type=Repositories&ref=searchresults) 匹配属于 "Jekyll" 主题类别的存储库。 | ## 按主题数量搜索 @@ -148,7 +148,7 @@ shortTitle: 搜索仓库 您可以根据仓库的可见性过滤搜索。 更多信息请参阅“[关于仓库](/repositories/creating-and-managing-repositories/about-repositories#about-repository-visibility)”。 -| Qualifier | Example | ------------- | ------------- |{% ifversion fpt or ghes or ghec %} | `is:public` | [**is:public org:github**](https://github.com/search?q=is%3Apublic+org%3Agithub&type=Repositories) matches public repositories owned by {% data variables.product.company_short %}.{% endif %}{% ifversion ghes or ghec or ghae %} | `is:internal` | [**is:internal test**](https://github.com/search?q=is%3Ainternal+test&type=Repositories) matches internal repositories that you can access and contain the word "test".{% endif %} | `is:private` | [**is:private pages**](https://github.com/search?q=is%3Aprivate+pages&type=Repositories) matches private repositories that you can access and contain the word "pages." +| 限定符 | 示例 | ------------- | ------------- |{% ifversion fpt or ghes or ghec %} | `is:public` | [**is:public org:github**](https://github.com/search?q=is%3Apublic+org%3Agithub&type=Repositories) 匹配 {% data variables.product.company_short %} 拥有的公共存储库。{% endif %}{% ifversion ghes or ghec or ghae %} | `is:internal` | [**is:internal test**](https://github.com/search?q=is%3Ainternal+test&type=Repositories) 匹配您可以访问并且包含单词“test”的存储库。{% endif %} | `is:private` | [**is:private pages**](https://github.com/search?q=is%3Aprivate+pages&type=Repositories) 匹配您可以访问并且包含单词“pages”的存储库。 {% ifversion fpt or ghec %} @@ -178,10 +178,10 @@ shortTitle: 搜索仓库 您可以使用限定符 `help-wanted-issues:>n` 和 `good-first-issues:>n` 搜索具有最少数量标签为 `help-wanted` 或 `good-first-issue` 议题的仓库。 更多信息请参阅“[通过标签鼓励对项目做出有益的贡献](/communities/setting-up-your-project-for-healthy-contributions/encouraging-helpful-contributions-to-your-project-with-labels)”。 -| 限定符 | 示例 | -| -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| `good-first-issues:>n` | [**`good-first-issues:>2 javascript`**](https://github.com/search?utf8=%E2%9C%93&q=javascript+good-first-issues%3A%3E2&type=) matches repositories with more than two issues labeled `good-first-issue` and that contain the word "javascript." | -| `help-wanted-issues:>n` | [**help-wanted-issues:>4 react**](https://github.com/search?utf8=%E2%9C%93&q=react+help-wanted-issues%3A%3E4&type=) 匹配具有超过四个标签为 `help-wanted` 的议题且包含 "React" 字样的仓库。 | +| 限定符 | 示例 | +| -------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `good-first-issues:>n` | [**`good-first-issues:>2 javascript`**](https://github.com/search?utf8=%E2%9C%93&q=javascript+good-first-issues%3A%3E2&type=) 匹配具有超过两个标签为 `good-first-issue` 的议题并且包含单词“javascript”的存储库。 | +| `help-wanted-issues:>n` | [**help-wanted-issues:>4 react**](https://github.com/search?utf8=%E2%9C%93&q=react+help-wanted-issues%3A%3E4&type=) 匹配具有超过四个标签为 `help-wanted` 的议题且包含 "React" 字样的仓库。 | ## 基于赞助能力的搜索 diff --git a/translations/zh-CN/content/search-github/searching-on-github/searching-in-forks.md b/translations/zh-CN/content/search-github/searching-on-github/searching-in-forks.md index 235f8e9e54..a2a03d1338 100644 --- a/translations/zh-CN/content/search-github/searching-on-github/searching-in-forks.md +++ b/translations/zh-CN/content/search-github/searching-on-github/searching-in-forks.md @@ -1,6 +1,6 @@ --- title: 在复刻中搜索 -intro: 'By default, [forks](/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks) are not shown in search results. 如果复刻满足特定条件,您可以选择在仓库搜索以及在代码搜索中包括它们。' +intro: '默认情况下,[forks](/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks) 不会显示在搜索结果中。 如果复刻满足特定条件,您可以选择在仓库搜索以及在代码搜索中包括它们。' redirect_from: - /articles/searching-in-forks - /github/searching-for-information-on-github/searching-in-forks diff --git a/translations/zh-CN/content/search-github/searching-on-github/searching-issues-and-pull-requests.md b/translations/zh-CN/content/search-github/searching-on-github/searching-issues-and-pull-requests.md index e0f96871ba..4814f98857 100644 --- a/translations/zh-CN/content/search-github/searching-on-github/searching-issues-and-pull-requests.md +++ b/translations/zh-CN/content/search-github/searching-on-github/searching-issues-and-pull-requests.md @@ -79,7 +79,7 @@ shortTitle: 搜索议题和 PR 您可以使用 `is` 限定符,按包含议题和拉取请求的仓库的可见性进行过滤。 更多信息请参阅“[关于仓库](/repositories/creating-and-managing-repositories/about-repositories#about-repository-visibility)”。 -| Qualifier | Example | ------------- | ------------- |{% ifversion fpt or ghes or ghec %} | `is:public` | [**is:public**](https://github.com/search?q=is%3Apublic&type=Issues) matches issues and pull requests in public repositories.{% endif %}{% ifversion ghes or ghec or ghae %} | `is:internal` | [**is:internal**](https://github.com/search?q=is%3Ainternal&type=Issues) matches issues and pull requests in internal repositories.{% endif %} | `is:private` | [**is:private cupcake**](https://github.com/search?q=is%3Aprivate+cupcake&type=Issues) matches issues and pull requests that contain the word "cupcake" in private repositories you can access. +| 限定符 | 示例 | ------------- | ------------- |{% ifversion fpt or ghes or ghec %} | `is:public` | [**is:public**](https://github.com/search?q=is%3Apublic&type=Issues) 匹配公共仓库中的议题和拉取请求。{% endif %}{% ifversion ghes or ghec or ghae %} | `is:internal` | [**is:internal**](https://github.com/search?q=is%3Ainternal&type=Issues) 匹配内部仓库中的议题和拉取请求。{% endif %} | `is:private` | [**is:private cupcake**](https://github.com/search?q=is%3Aprivate+cupcake&type=Issues) 匹配您可以访问的仓库中包含单词 "cupcake" 的议题和拉取请求。 ## 按作者搜索 @@ -103,18 +103,18 @@ shortTitle: 搜索议题和 PR `mentions` 限定符查找提及特定用户的议题。 更多信息请参阅“[提及人员和团队](/articles/basic-writing-and-formatting-syntax/#mentioning-people-and-teams)”。 -| 限定符 | 示例 | -| ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| mentions:USERNAME | [**`resque mentions:defunkt`**](https://github.com/search?q=resque+mentions%3Adefunkt&type=Issues) matches issues with the word "resque" that mention @defunkt. | +| 限定符 | 示例 | +| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | +| mentions:USERNAME | [**`resque mentions:defunkt`**](https://github.com/search?q=resque+mentions%3Adefunkt&type=Issues) 匹配含有 "resque" 字样、提及 @defunkt 的议题。 | ## 按团队提及搜索 对于您所属的组织和团队,您可以使用 `team` 限定符查找提及该组织内特定团队的议题或拉取请求。 将这些示例名称替换为您的组织和团队的名称以执行搜索。 -| 限定符 | 示例 | -| ------------------------- | ------------------------------------------------------------------------------------- | -| team:ORGNAME/TEAMNAME | **`team:jekyll/owners`** matches issues where the `@jekyll/owners` team is mentioned. | -| | **team:myorg/ops is:open is:pr** 匹配提及 `@myorg/ops` 团队的打开拉取请求。 | +| 限定符 | 示例 | +| ------------------------- | ------------------------------------------------------------- | +| team:ORGNAME/TEAMNAME | **`team:jekyll/owners`** 匹配提及 `@jekyll/owners` 团队的议题。 | +| | **team:myorg/ops is:open is:pr** 匹配提及 `@myorg/ops` 团队的打开拉取请求。 | ## 按评论者搜索 @@ -149,11 +149,11 @@ shortTitle: 搜索议题和 PR 您可以使用 `label` 限定符按标签缩小结果范围。 由于议题可有多个标签,因此您可为每个议题列出单独的限定符。 -| 限定符 | 示例 | -| -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| label:LABEL | [**label:"help wanted" language:ruby**](https://github.com/search?utf8=%E2%9C%93&q=label%3A%22help+wanted%22+language%3Aruby&type=Issues) 匹配标签为 "help wanted"、位于 Ruby 仓库中的议题。 | -| | [**broken in:body -label:bug label:priority**](https://github.com/search?q=broken+in%3Abody+-label%3Abug+label%3Apriority&type=Issues) 匹配正文中含有 "broken" 字样、没有 "bug" 标签但*有* "priority" 标签的议题。 | -| | [**label:bug label:resolved**](https://github.com/search?l=&q=label%3Abug+label%3Aresolved&type=Issues) matches issues with the labels "bug" and "resolved."{% ifversion fpt or ghes > 3.2 or ghae or ghec %} +| 限定符 | 示例 | +| -------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| label:LABEL | [**label:"help wanted" language:ruby**](https://github.com/search?utf8=%E2%9C%93&q=label%3A%22help+wanted%22+language%3Aruby&type=Issues) 匹配标签为 "help wanted"、位于 Ruby 仓库中的议题。 | +| | [**broken in:body -label:bug label:priority**](https://github.com/search?q=broken+in%3Abody+-label%3Abug+label%3Apriority&type=Issues) 匹配正文中含有 "broken" 字样、没有 "bug" 标签但*有* "priority" 标签的议题。 | +| | [**label:bug label:resolved**](https://github.com/search?l=&q=label%3Abug+label%3Aresolved&type=Issues) 匹配含有 "bug" 和 "resolved" 标签的议题。{% ifversion fpt or ghes > 3.2 or ghae or ghec %} | | [**label:bug label:resolved**](https://github.com/search?q=label%3Abug%2Cresolved&type=Issues) 匹配含有 "bug" 或 "resolved" 标签的议题。{% endif %} ## 按里程碑搜索 @@ -176,7 +176,7 @@ shortTitle: 搜索议题和 PR ## 按提交状态搜索 -您可以基于提交的状态过滤拉取请求。 This is especially useful if you are using [the Status API](/rest/reference/commits#commit-statuses) or a CI service. +您可以基于提交的状态过滤拉取请求。 这在使用 [Status API](/rest/reference/commits#commit-statuses) 或 CI 服务时特别有用。 | 限定符 | 示例 | | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | @@ -246,16 +246,16 @@ shortTitle: 搜索议题和 PR 您可以基于拉取请求的[审查状态](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews)(_无_、_必需_、_批准_或_请求更改_)、按审查者和请求的审查者过滤拉取请求。 -| 限定符 | 示例 | -| -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `review:none` | [**type:pr review:none**](https://github.com/search?utf8=%E2%9C%93&q=type%3Apr+review%3Anone&type=Issues) 匹配尚未审查的拉取请求。 | -| `review:required` | [**type:pr review:required**](https://github.com/search?utf8=%E2%9C%93&q=type%3Apr+review%3Arequired&type=Issues) 匹配需要审查然后才能合并的拉取请求。 | -| `review:approved` | [**type:pr review:approved**](https://github.com/search?utf8=%E2%9C%93&q=type%3Apr+review%3Aapproved&type=Issues) 匹配审查者已批准的拉取请求。 | -| `review:changes_requested` | [**type:pr review:changes_requested**](https://github.com/search?utf8=%E2%9C%93&q=type%3Apr+review%3Achanges_requested&type=Issues) 匹配审查者已请求更改的拉取请求。 | -| reviewed-by:USERNAME | [**type:pr reviewed-by:gjtorikian**](https://github.com/search?utf8=%E2%9C%93&q=type%3Apr+reviewed-by%3Agjtorikian&type=Issues) 匹配特定人员审查的拉取请求。 | -| review-requested:USERNAME | [**type:pr review-requested:benbalter**](https://github.com/search?utf8=%E2%9C%93&q=type%3Apr+review-requested%3Abenbalter&type=Issues) 匹配特定人员申请审查的拉取请求。 申请的审查者在其审查拉取请求后不再在搜索结果中列出。 If the requested person is on a team that is requested for review, then review requests for that team will also appear in the search results.{% ifversion fpt or ghae-issue-5181 or ghes > 3.2 or ghec %} -| user-review-requested:@me | [**type:pr user-review-requested:@me**](https://github.com/search?q=is%3Apr+user-review-requested%3A%40me+) matches pull requests that you have directly been asked to review.{% endif %} -| team-review-requested:TEAMNAME | [**type:pr team-review-requested:atom/design**](https://github.com/search?q=type%3Apr+team-review-requested%3Aatom%2Fdesign&type=Issues) 匹配已审查团队 `atom/design` 请求的拉取请求。 申请的审查者在其审查拉取请求后不再在搜索结果中列出。 | +| 限定符 | 示例 | +| -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `review:none` | [**type:pr review:none**](https://github.com/search?utf8=%E2%9C%93&q=type%3Apr+review%3Anone&type=Issues) 匹配尚未审查的拉取请求。 | +| `review:required` | [**type:pr review:required**](https://github.com/search?utf8=%E2%9C%93&q=type%3Apr+review%3Arequired&type=Issues) 匹配需要审查然后才能合并的拉取请求。 | +| `review:approved` | [**type:pr review:approved**](https://github.com/search?utf8=%E2%9C%93&q=type%3Apr+review%3Aapproved&type=Issues) 匹配审查者已批准的拉取请求。 | +| `review:changes_requested` | [**type:pr review:changes_requested**](https://github.com/search?utf8=%E2%9C%93&q=type%3Apr+review%3Achanges_requested&type=Issues) 匹配审查者已请求更改的拉取请求。 | +| reviewed-by:USERNAME | [**type:pr reviewed-by:gjtorikian**](https://github.com/search?utf8=%E2%9C%93&q=type%3Apr+reviewed-by%3Agjtorikian&type=Issues) 匹配特定人员审查的拉取请求。 | +| review-requested:USERNAME | [**type:pr review-requested:benbalter**](https://github.com/search?utf8=%E2%9C%93&q=type%3Apr+review-requested%3Abenbalter&type=Issues) 匹配特定人员申请审查的拉取请求。 申请的审查者在其审查拉取请求后不再在搜索结果中列出。 如果请求的人员属于请求审核的团队,则该团队的审核请求也会显示在搜索结果中。{% ifversion fpt or ghae-issue-5181 or ghes > 3.2 or ghec %} +| user-review-requested:@me | [**type:pr user-review-requested:@me**](https://github.com/search?q=is%3Apr+user-review-requested%3A%40me+) 匹配直接要求您审核的拉取请求。{% endif %} +| team-review-requested:TEAMNAME | [**type:pr team-review-requested:atom/design**](https://github.com/search?q=type%3Apr+team-review-requested%3Aatom%2Fdesign&type=Issues) 匹配已审查团队 `atom/design` 请求的拉取请求。 申请的审查者在其审查拉取请求后不再在搜索结果中列出。 | ## 按议题或拉取请求创建或上次更新的时间搜索 @@ -291,19 +291,19 @@ shortTitle: 搜索议题和 PR {% data reusables.search.date_gt_lt %} -| 限定符 | 示例 | -| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| merged:YYYY-MM-DD | [**`language:javascript merged:<2011-01-01`**](https://github.com/search?q=language%3Ajavascript+merged%3A%3C2011-01-01+&type=Issues) matches pull requests in JavaScript repositories that were merged before 2011. | -| | [**fast in:title language:ruby merged:>=2014-05-01**](https://github.com/search?q=fast+in%3Atitle+language%3Aruby+merged%3A%3E%3D2014-05-01+&type=Issues) 匹配 2014 年 5 月之后合并、标题中含有 "fast" 字样、以 Ruby 编写的拉取请求。 | +| 限定符 | 示例 | +| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| merged:YYYY-MM-DD | [**`language:javascript merged:<2011-01-01`**](https://github.com/search?q=language%3Ajavascript+merged%3A%3C2011-01-01+&type=Issues) 匹配 2011 年以前合并的 JavaScript 仓库中的拉取请求。 | +| | [**fast in:title language:ruby merged:>=2014-05-01**](https://github.com/search?q=fast+in%3Atitle+language%3Aruby+merged%3A%3E%3D2014-05-01+&type=Issues) 匹配 2014 年 5 月之后合并、标题中含有 "fast" 字样、以 Ruby 编写的拉取请求。 | ## 基于拉取请求是否已合并搜索 您可以使用 `is` 限定符基于拉取请求已合并还是未合并进行过滤。 -| 限定符 | 示例 | -| ------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `is:merged` | [**bug is:pr is:merged**](https://github.com/search?utf8=%E2%9C%93&q=bugfix+is%3Apr+is%3Amerged&type=) matches merged pull requests with the word "bug." | -| `is:unmerged` | [**error is:unmerged**](https://github.com/search?utf8=%E2%9C%93&q=error+is%3Aunmerged&type=) 匹配含有 "error" 字样的已关闭议题和拉取请求。 | +| 限定符 | 示例 | +| ------------- | ----------------------------------------------------------------------------------------------------------------------------- | +| `is:merged` | [**bug is:pr is:merged**](https://github.com/search?utf8=%E2%9C%93&q=bugfix+is%3Apr+is%3Amerged&type=) 匹配含有 "bug" 字样的已合并拉取请求。 | +| `is:unmerged` | [**error is:unmerged**](https://github.com/search?utf8=%E2%9C%93&q=error+is%3Aunmerged&type=) 匹配含有 "error" 字样的已关闭议题和拉取请求。 | ## 基于仓库是否已存档搜索 diff --git a/translations/zh-CN/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md new file mode 100644 index 0000000000..72c141ce1f --- /dev/null +++ b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md @@ -0,0 +1,112 @@ +--- +title: GitHub 可接受的使用政策 +redirect_from: + - /articles/github-acceptable-use-policies + - /github/site-policy/github-acceptable-use-policies +versions: + fpt: '*' +topics: + - Policy + - Legal +--- + +**短版本:** _我们托管全球各地大量的协作项目,仅当用户能够善意一起工作时,该协作才能正常进行。 While using the Service, you must comply with our Acceptable Use Policies, which include some restrictions on content and conduct on GitHub related to user safety, intellectual property, privacy, authenticity, and other limitations. 简言之,要互惠互利。_ + +有使用但在可接受使用政策中未定义的重要术语,其含义请参阅我们的[服务条款](/articles/github-terms-of-service)、[公司服务条款](/articles/github-corporate-terms-of-service)和[隐私声明](/articles/github-privacy-statement)。 对于受[公司服务条款](/articles/github-corporate-terms-of-service)约束的客户,“您”和“你的”是指“客户”或“用户”。 “我们”和“我们的”是指 "GitHub"。 + +## 1. 符合法律法规 +您负责遵照所有相关的法律、法规以及我们所有的可接受使用政策来使用服务。 这些政策可能不时更新,请参阅下面的内容以及我们的[服务条款](/articles/github-terms-of-service)和[公司服务条款](/articles/github-corporate-terms-of-service)。 + +## 2. User Safety +We do not allow content or activity on GitHub that: + +- 非法或宣传非法活动; + +- is [sexually obscene](/github/site-policy/github-sexually-obscene-content) or relates to sexual exploitation or abuse, including of minors; + +- 诽谤、中伤或欺诈性内容; + +- 对任何个人或群体有[歧视性或辱骂性](/github/site-policy/github-hate-speech-and-discrimination); + +- is [false, inaccurate, or intentionally deceptive information](/github/site-policy/github-misinformation-and-disinformation) and likely to adversely affect the public interest (including health, safety, election integrity, and civic participation); + +- [harasses or abuses](/github/site-policy/github-bullying-and-harassment) another individual or group, including our employees, officers, and agents, or other users; + +- [threatens or incites violence](/github/site-policy/github-threats-of-violence-and-gratuitously-violent-content) toward any individual or group, especially on the basis of who they are; + +- [gratuitously depicts or glorifies violence](/github/site-policy/github-threats-of-violence-and-gratuitously-violent-content), including violent images; or + +- is off-topic, or interacts with platform features in a way that significantly or repeatedly [disrupts the experience of other users](/github/site-policy/github-disrupting-the-experience-of-other-users). + + +## 3. Intellectual Property, Authenticity, and Private Information +We do not allow content or activity on GitHub that: + +- infringes any proprietary right of any party, including patent, trademark, trade secret, copyright, right of publicity, or other right; + +- unlawfully shares unauthorized product licensing keys, software for generating unauthorized product licensing keys, or software for bypassing checks for product licensing keys, including extension of a free license beyond its trial period; + +- [impersonates any person or entity](/github/site-policy/github-impersonation), including any of our employees or representatives, including through false association with GitHub, or by fraudulently misrepresenting your identity or site's purpose; or + +- [violates the privacy of any third party](/github/site-policy/github-doxxing-and-invasion-of-privacy), such as by posting another person's personal information without consent. + +## 4. GitHub 上的垃圾信息和假活动 +We do not allow content or activity on GitHub that is: +- automated excessive bulk activity and coordinated inauthentic activity, such as + * spamming + * cryptocurrency mining; +* GitHub 条款和政策禁止的促销和广告大量群分; +* inauthentic interactions, such as fake accounts and automated inauthentic activity; +* rank abuse, such as automated starring or following; +* creation of or participation in secondary markets for the purpose of the proliferation of inauthentic activity; +* 将 GitHub 用作在其他平台上传播滥用的平台; +* phishing or attempted phishing; or +* using our servers for any form of excessive automated bulk activity, to place undue burden on our servers through automated means, or to relay any form of unsolicited advertising or solicitation through our servers, such as get-rich-quick schemes. + +## 5. Site Access and Safety +We do not allow content or activity on GitHub that: + +- 直接支持[非法的主动攻击或恶意软件活动](/github/site-policy/github-active-malware-or-exploits) ,这些活动正在造成技术伤害 - 例如使用我们的平台来提供恶意执行或作为攻击基础架构。 例如,通过组织拒绝服务攻击或管理命令和控制服务器 - 在发生滥用行为之前没有隐含或明确的双重用途目的;或 +- uses our servers to disrupt or to attempt to disrupt, or to gain or to attempt to gain unauthorized access to, any service, device, data, account or network. Please note, activities permitted under bug bounty programs, such as the [GitHub Bug Bounty program](https://bounty.github.com), are not considered “unauthorized.” + + +## 6. 服务使用限制 +未获明确的书面同意,不得重制、重复、复制、销售、转售或利用服务的任何部分、使用服务或访问服务。 + +## 7. 信息使用限制 +您可以出于以下原因使用我们服务中的信息,无论是爬取、通过我们的 API 收集还是以其他方式获取信息: + +- 研究人员可以出于研究目的而从服务中爬取公开的非个人信息,但仅当来自该研究的出版物[开放访问时](https://en.wikipedia.org/wiki/Open_access)才可爬取。 +- 存档人员可以将本服务中的公开信息用于存档目的。 + +爬取是指通过自动化过程(如自动程序或网络爬虫 )从我们的服务中提取数据。 爬取不是指通过我们的 API 收集信息。 有关我们的 API 条款,请参阅我们[服务条款](/articles/github-terms-of-service#h-api-terms)的 H 部分。 + +不得将服务中的信息(无论是爬取、通过我们的 API 收集的还是以其他方式获取的信息)用于垃圾邮件目的,包括向用户发送未经请求的电子邮件或出售用户个人信息(定义见 [GitHub 隐私声明](/github/site-policy/github-privacy-statement)),例如向招聘人员、猎头或职介所出售此类信息。 + +对服务信息的使用必须遵守 [GitHub 隐私声明](/github/site-policy/github-privacy-statement)。 + +## 8. 隐私 +禁止滥用用户个人信息。 + +任何个人、实体或服务从服务收集数据都必须遵守 [GitHub 隐私声明](/articles/github-privacy-statement),特别是收集用户个人信息时。 如果从服务收集任何用户个人信息,则您同意只将该用户个人信息用于该用户授权的用途。 您同意,您将合理保护从服务收集的任何用户个人信息,并且及时响应投诉、删除要求,并且“不联系”我们或其他用户的要求。 + +## 9. 过度带宽使用 +服务的带宽限制因您使用的功能而异。 如果我们确定您的带宽使用相对于其他功能类似的用户明显过多,我们有权利暂停您的帐户、限制您的文件托管或限制您的活动,直到您可以减少带宽的使用。 我们还保留在提前通知后删除我们认为对我们基础架构造成不当压力的仓库的权利。 有关在仓库中可接受的对象存储使用的指导,请参阅“[我的磁盘配额是多少?](/github/managing-large-files/what-is-my-disk-quota)”。 有关特定功能带宽限制的更多详细信息,请参阅 [GitHub 附加产品条款](/github/site-policy/github-additional-product-terms)。 + +## 10. GitHub 上的广告 +**短版本:** *我们一般不禁止使用 GitHub 发布广告。 但我们期望用户遵守某些限制,以免 GitHub 成为垃圾邮件避风港。 没人希望这样。* + +我们理解,您可能想通过在帐户中发布支持者的姓名或徽标来推广您的内容,但在帐户中或通过帐户发布到服务的内容不应侧重于广告或促销。 这包括在页面、包、仓库和服务所有其他部分或者通过它们发布的内容。 您可在与您的帐户关联的自述文件中或项目说明部分包含静态图像、链接和宣传文本,但它们必须与您在 GitHub 上托管的项目相关。 您不能在其他用户的帐户中发布广告,例如在议题中发布货币化或过多的批量内容。 + +You may not promote or distribute content or activity that is illegal or otherwise prohibited by our [Terms of Service](/github/site-policy/github-terms-of-service/)or [Acceptable Use Policies](/github/site-policy/github-acceptable-use-policies/), including excessive automated bulk activity (for example, spamming), get-rich-quick schemes, and misrepresentation or deception related to your promotion. + +如果您决定在帐户中发布任何宣传材料,您将自行负责遵守所有适用的法律和法规,包括但不限于美国联邦贸易委员会的背书和推荐准则。 联邦贸易委员会的背书和推荐准则。 我们保留删除我们单方面认为违反了任何 GitHub 条款或政策的任何宣传材料或广告的权利。 + +## 11. 用户保护 +不得从事明显损害其他用户的活动。 + +We will interpret our policies and resolve disputes in favor of protecting users as a whole. + +--- + +GitHub retains full discretion to [take action](/github/site-policy/github-community-guidelines#what-happens-if-someone-violates-githubs-policies) in response to a violation of these policies, including account suspension, account [termination](/github/site-policy/github-terms-of-service#3-github-may-terminate), or [removal](/github/site-policy/github-terms-of-service#2-github-may-remove-content) of content. diff --git a/translations/zh-CN/content/site-policy/acceptable-use-policies/github-active-malware-or-exploits.md b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-active-malware-or-exploits.md new file mode 100644 index 0000000000..4f1774597a --- /dev/null +++ b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-active-malware-or-exploits.md @@ -0,0 +1,27 @@ +--- +title: GitHub Active Malware or Exploits +shortTitle: Active Malware or Exploits +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-active-malware-or-exploits + - /github/site-policy/github-community-guidelines#active-malware-or-exploits +--- + +Being part of a community includes not taking advantage of other members of the community. 我们不允许任何人利用我们的平台直接支持造成技术损害的非法攻击, 例如利用 GitHub 作为提供恶意可执行文件的方式或作为攻击基础架构, 例如,组织拒绝服务攻击或管理命令和控制服务器。 技术损害是指资源过度消耗、物理损坏、停机、拒绝服务或数据丢失,在滥用之前没有隐含或明确的双重用途。 + + 请注意,GitHub 允许双重用途内容,并支持发布用于研究漏洞、恶意软件或漏洞的内容,因为此类内容的发布和分发具有教育价值,并为安全社区提供净收益。 我们具有积极的意图,并利用这些项目来促进和推动整个生态系统的改善。 + + 在极少数非常普遍地滥用两用内容的情况下,我们可能会限制访问该特定内容实例,以破坏利用 GitHub 平台作为漏洞或恶意软件 CDN 的持续非法攻击或恶意软件活动。 在大多数情况下,限制采取将内容置于身份验证背后的形式,但作为最后手段,可能涉及禁用访问或在不可能的情况下完全删除(例如,当作为 Gist 发布时)。 我们还将尽可能联系项目所有者了解实施的限制。 + + 在可行的情况下,限制是暂时的,无助于永久清除或限制该平台上的任何特定两用内容或该内容的副本。 尽管我们的目标是使这些罕见的限制情况成为与项目所有者的合作过程,但如果您认为您的内容受到了不适当的限制,我们也有[申诉流程](/github/site-policy/github-community-guidelines#appeal-and-reinstatement)。 + + 为了便于项目维护者自己找到解决滥用问题的途径,在上报给 GitHub 滥用报告之前,我们建议但不要求仓库所有者在张贴可能有害的安全研究内容时采取下列步骤: + +* 在项目的 README.md 文件或源代码评论中,清楚地识别和描述任何可能有害的内容。 +* 通过仓库中的 SECURITY.md 文件为任何第三方滥用查询提供首选的联系方式(例如,“请在此仓库上为任何问题或疑虑创建议题”)。 这种联系方式允许第三方直接与项目维护者联系,并有可能解决问题,而无需提交滥用报告。 + + *GitHub 认为 npm 注册表是一个主要用于安装和代码运行时使用的平台,而不是用于研究的平台。* diff --git a/translations/zh-CN/content/site-policy/acceptable-use-policies/github-appeal-and-reinstatement.md b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-appeal-and-reinstatement.md new file mode 100644 index 0000000000..9895b647d8 --- /dev/null +++ b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-appeal-and-reinstatement.md @@ -0,0 +1,38 @@ +--- +title: GitHub Appeal and Reinstatement +versions: + fpt: '*' +topics: + - Policy + - Legal +--- + +## 申诉和恢复 + +While the majority of interactions between individuals in GitHub’s community fall within our Acceptable Use Policies and Community Guidelines, violations of those policies do occur at times. When they do, GitHub staff may need to take enforcement action to address the violations. However, in some cases there may be a basis to reverse a moderation action taken by GitHub Staff. + +## What are appeals and reinstatements? + +Both appeals and reinstatements arise in relation to disabling of content or restrictions to access an account. + +**Reinstatement**: The user wishes to regain access to their account or content and is willing to make any necessary changes to address the violation and must agree not to violate our terms going forward. + +**Appeal**: The user disputes that a violation occurred and can provide additional information to show that a different decision should have been reached. + +## How this works + +If you seek reinstatement or wish to appeal an enforcement action, please fill out our [Appeal and Reinstatement form](https://support.github.com/contact/reinstatement). + +GitHub staff will review the information provided in the form to determine whether there is sufficient information to warrant reinstatement or granting of an appeal. + +* **Reinstatement**: Where a user can agree to abide by our Acceptable Use Policies moving forward and has made the changes necessary to address the violation(s), we may choose to reinstate their account or content depending on the circumstances and severity of the initial violation. + +All legitimate reinstatement requests will be reviewed initially by GitHub staff and will be answered with a decision. + +* **Appeal**: Where a user seeks to dispute a decision, they can use the form to explain their basis for disputing the decision and to provide any additional information regarding the alleged violation that they believe should have led to a different decision. If the information provided demonstrates that a different conclusion should have been reached, we may be able to grant an appeal. + +If the GitHub staff reviewer is the same person who made the initial determination and that staff member believes their initial conclusion was correct (and thus would be inclined to deny the appeal), a different member of GitHub’s staff will independently review the appeal. All legitimate appeals will be answered with a final decision. + +## 透明 + +We track appeals and reinstatements in our [transparency reports](https://github.blog/2022-01-27-2021-transparency-report/#Appeals_and_other_reinstatements). diff --git a/translations/zh-CN/content/site-policy/acceptable-use-policies/github-bullying-and-harassment.md b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-bullying-and-harassment.md new file mode 100644 index 0000000000..46d9228512 --- /dev/null +++ b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-bullying-and-harassment.md @@ -0,0 +1,23 @@ +--- +title: GitHub Bullying and Harassment +shortTitle: Bullying and Harassment +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-bullying-and-harassment + - /github/site-policy/github-community-guidelines#bullying-and-harassment +--- + +We do not tolerate harassment, bullying, or abuse of any kind, whether directly or by encouraging others to take part in the prohibited conduct. 这包括: + +- Targeted personal attacks +- Piling on to or orchestrating [disruptive](/github/site-policy/github-disrupting-the-experience-of-other-users) activity in a way that amounts to abuse +- Following another user around the platform in a manner that causes intimidation +- Making sexual advances or comments directed at another individual +- Disingenuously participating in conversation in a way that instigates conflict or undermines sincere discussion +- Creating alternative accounts specifically to evade moderation action taken by GitHub staff or users + +Please note, not all unwelcome conduct is necessarily considered harassment. For example, disagreeing with another user or downvoting their comments may not rise to the level of harassment on our platform. In addition, sharing criticism of public figures or projects, or topics of public interest, does not necessarily fall under this policy. However, we encourage you to be mindful in how you engage with other users and the platform, as this activity may still violate our restriction on disrupting the experience of other users. diff --git a/translations/zh-CN/content/site-policy/acceptable-use-policies/github-disrupting-the-experience-of-other-users.md b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-disrupting-the-experience-of-other-users.md new file mode 100644 index 0000000000..7fbd5546b7 --- /dev/null +++ b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-disrupting-the-experience-of-other-users.md @@ -0,0 +1,27 @@ +--- +title: GitHub Disrupting the Experience of Other Users +shortTitle: Disrupting the Experience of Other Users +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-disrupting-the-experience-of-other-users + - /github/site-policy/github-community-guidelines#disrupting-the-experience-of-other-users +--- + +Being part of a community includes recognizing how your behavior affects others and engaging in meaningful and productive interactions with people and the platform they rely on. + +We do not allow behavior that significantly or continually disrupts the experience of other users. 这包括: + +- Posting off-topic comments +- Opening empty or meaningless issues or pull requests +- Starring and/or following accounts or repositories in large volume in a short period of time +- Creating nonsensical or irrelevant code reviews +- Engaging with platform features in a way that causes excessive notifications for other users +- Using any other platform feature in a way that creates disruption + +虽然我们鼓励维护人员根据个别情况调整自己的项目,但 GitHub 员工可能会对从事此类行为的帐户采取进一步的限制措施。 + +Please note that the above conduct may also violate other restrictions in our [Acceptable Use Policies](/github/site-policy/github-acceptable-use-policies). For example, depending on the nature and severity of the activity, it may rise to the level of [bullying and harassment](/github/site-policy/github-bullying-and-harassment). diff --git a/translations/zh-CN/content/site-policy/acceptable-use-policies/github-doxxing-and-invasion-of-privacy.md b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-doxxing-and-invasion-of-privacy.md new file mode 100644 index 0000000000..a63bc27021 --- /dev/null +++ b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-doxxing-and-invasion-of-privacy.md @@ -0,0 +1,30 @@ +--- +title: GitHub Doxxing and Invasion of Privacy +shortTitle: Doxxing and Invasion of Privacy +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-doxxing-and-invasion-of-privacy + - /github/site-policy/github-community-guidelines#doxxing-and-invasion-of-privacy +--- + +Don't post other people's personal information. 这包括: + +- Personal, private email addresses +- Phone numbers +- Physical addresses or other private location information +- Bank account information or credit card numbers +- Social Security/National Identity numbers +- 密码 +- Voter information +- Medical information and personal biometric data +- Other private information that may pose a safety or security risk + +We may consider other information, such as photos or videos that were taken or distributed without the subject's consent, to be an invasion of privacy, especially when such material presents a safety risk to the subject, such as in the case of intimidation or harassment. + +GitHub will take context into account as well as whether the reported content is publicly available elsewhere. Please note, however, that while sharing publicly available content may not be a violation of this policy, if the information is shared with the intent to harass or incite other abusive behavior, it may violate our prohibition against [bullying and harassment](/github/site-policy/github-bullying-and-harassment). + +For more information, or to learn how to report a violation, see our [Private Information Removal Policy](/github/site-policy/github-private-information-removal-policy) and our instructions for [Reporting Abuse](/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam). diff --git a/translations/zh-CN/content/site-policy/acceptable-use-policies/github-hate-speech-and-discrimination.md b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-hate-speech-and-discrimination.md new file mode 100644 index 0000000000..41f0476c70 --- /dev/null +++ b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-hate-speech-and-discrimination.md @@ -0,0 +1,24 @@ +--- +title: GitHub Hate Speech and Discrimination +shortTitle: Hate Speech and Discrimination +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-hate-speech-and-discrimination + - /github/site-policy/github-community-guidelines#hate-speech-and-discrimination +--- + +GitHub does not tolerate speech that attacks or promotes hate toward an individual or group of people on the basis of who they are, including age, body size, ability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, sexual identity, or sexual orientation. 这包括: + +- Mocking, attacking, or excluding a person or group based on their beliefs or the characteristics listed above +- Displaying clear affiliation or identification with known terrorist or violent extremist organizations +- Supporting or promoting hate groups or hate-based conspiracy theories +- Sharing symbols or images synonymous with hate +- Using harmful stereotypes, slurs, or dehumanizing speech +- Attacking an individual based on their perceived gender +- Dog whistling; or using coded or suggestive language and/or symbols to promote abuse or hate + +While GitHub takes all instances of abuse and harassment on the platform seriously, we are especially committed to fighting hate-based abuse where it disproportionately affects communities that have historically been targeted by such abuse. We aim to make GitHub a place where all individuals feel welcome and safe. diff --git a/translations/zh-CN/content/site-policy/acceptable-use-policies/github-impersonation.md b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-impersonation.md new file mode 100644 index 0000000000..32cf270aef --- /dev/null +++ b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-impersonation.md @@ -0,0 +1,23 @@ +--- +title: GitHub Impersonation +shortTitle: Impersonation +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-impersonation + - /github/site-policy/github-community-guidelines#impersonation +--- + +You may not misrepresent your identity or your association with another person or organization. This includes doing any of the following in a way that misleads or deceives others: + +- Copying another user's avatar or other personal profile information +- Posting content under another user's email address +- Using a deceptively similar username, organization name, or other namespace +- Otherwise posing as another individual or organization + +Impersonation is a form of harassment and violation of this policy may lead to loss of access to your account. + +Please note, having a username similar to another is not necessarily impersonation. GitHub will take context into account. For example, as in cases involving claims of [misinformation or disinformation](/github/site-policy/github-misinformation-and-disinformation), we generally allow parody and satire that is in line with our [Acceptable Use Polices](/github/site-policy/github-acceptable-use-policies). diff --git a/translations/zh-CN/content/site-policy/acceptable-use-policies/github-misinformation-and-disinformation.md b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-misinformation-and-disinformation.md new file mode 100644 index 0000000000..021f1269ab --- /dev/null +++ b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-misinformation-and-disinformation.md @@ -0,0 +1,21 @@ +--- +title: GitHub Misinformation and Disinformation +shortTitle: Misinformation and Disinformation +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-misinformation-and-disinformation + - /github/site-policy/github-community-guidelines#misinformation-and-disinformation +--- + +You may not post content that presents a distorted view of reality, whether it is inaccurate or false (misinformation) or is intentionally deceptive (disinformation), where such content is likely to result in harm to the public or to interfere with fair and equal opportunities for all to take part in a free and open society. 可能包括: +- Inaccurate or scientifically unsupported medical claims that endanger public health or safety +- Manipulated media, whether audio or visual, likely to mislead or deceive in a way that may harm the public interest +- False or misleading content likely to interfere with an individual's ability to participate in civic activities +- Unsubstantiated claims that could promote hate or targeted harassment of specific groups of people + +鼓励积极参与表达想法、观点和经验,不得质疑个人帐户或言论。 We generally allow parody and satire that is in line with our [Acceptable Use Polices](/github/site-policy/github-acceptable-use-policies), and we consider context to be important in how information is received and understood. When reviewing content under this policy, GitHub will consider the impact of various factors that may help to orient the viewer, such as whether the content has been provided with clear disclaimers, citations to credible sources, or includes other details that clarify the accuracy of the information being shared. + diff --git a/translations/zh-CN/content/site-policy/acceptable-use-policies/github-sexually-obscene-content.md b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-sexually-obscene-content.md new file mode 100644 index 0000000000..dd72b2b2b7 --- /dev/null +++ b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-sexually-obscene-content.md @@ -0,0 +1,20 @@ +--- +title: GitHub Sexually Obscene Content +shortTitle: Sexually Obscene Content +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-sexually-obscene-content + - /github/site-policy/github-community-guidelines#sexually-obscene-content +--- + +We do not tolerate content associated with sexual exploitation or abuse of another individual, including where minors are concerned. We do not allow sexually themed or suggestive content that serves little or no purpose other than to solicit an erotic or shocking response, particularly where that content is amplified by its placement in profiles or other social contexts. 这包括: + +- Pornographic content +- Non-consensual intimate imagery +- Graphic depictions of sexual acts including photographs, video, animation, drawings, computer-generated images, or text-based content + +We recognize that not all nudity or content related to sexuality is obscene. We may allow visual and/or textual depictions in artistic, educational, historical or journalistic contexts, or as it relates to victim advocacy. In some cases a disclaimer can help communicate the context of the project. However, please understand that we may choose to limit the content by giving users the option to opt in before viewing. diff --git a/translations/zh-CN/content/site-policy/acceptable-use-policies/github-threats-of-violence-and-gratuitously-violent-content.md b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-threats-of-violence-and-gratuitously-violent-content.md new file mode 100644 index 0000000000..1e8f414144 --- /dev/null +++ b/translations/zh-CN/content/site-policy/acceptable-use-policies/github-threats-of-violence-and-gratuitously-violent-content.md @@ -0,0 +1,22 @@ +--- +title: GitHub Threats of Violence and Gratuitously Violent Content +shortTitle: Threats of Violence and Gratuitously Violent Content +versions: + fpt: '*' +topics: + - Policy + - Legal +redirect_from: + - /github/site-policy/github-threats-of-violence-and-gratuitously-violent-content + - /github/site-policy/github-community-guidelines#threats-of-violence + - /github/site-policy/github-community-guidelines#gratuitously-violent-content +--- + + +You may not use GitHub to organize, promote, encourage, threaten, or incite acts of violence. You may not post content that depicts or glorifies violence or physical harm against human beings or animals. 这包括: + +- Threatening another individual or group with abuse, harm, sexual violence, or death +- Posting text, imagery, or audio content glorifying or containing a graphic depiction of violence toward oneself, another individual, group, or animal +- Encouraging another individual to engage in self harm + +We do not allow violent content to be posted indiscriminately or in a way that is difficult for other users to avoid, such as a profile avatar or an issue comment. However, we understand there may be legitimate reasons to post violent content, such as for educational or documentary purposes, creative works, or depictions of historical events. In those cases, a clear warning or disclaimer can help users make an educated decision as to whether or not they want to engage with such content. Still, GitHub may decide to limit the visibility of such content to those who choose to opt in. diff --git a/translations/zh-CN/content/site-policy/acceptable-use-policies/index.md b/translations/zh-CN/content/site-policy/acceptable-use-policies/index.md new file mode 100644 index 0000000000..494f502cdc --- /dev/null +++ b/translations/zh-CN/content/site-policy/acceptable-use-policies/index.md @@ -0,0 +1,21 @@ +--- +title: 可接受的使用政策 +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - github-sexually-obscene-content + - github-disrupting-the-experience-of-other-users + - github-doxxing-and-invasion-of-privacy + - github-hate-speech-and-discrimination + - github-acceptable-use-policies + - github-bullying-and-harassment + - github-active-malware-or-exploits + - github-threats-of-violence-and-gratuitously-violent-content + - github-impersonation + - github-misinformation-and-disinformation + - github-appeal-and-reinstatement +--- + diff --git a/translations/zh-CN/content/github/site-policy/dmca-takedown-policy.md b/translations/zh-CN/content/site-policy/content-removal-policies/dmca-takedown-policy.md similarity index 99% rename from translations/zh-CN/content/github/site-policy/dmca-takedown-policy.md rename to translations/zh-CN/content/site-policy/content-removal-policies/dmca-takedown-policy.md index 824ad28edd..17c8c92349 100644 --- a/translations/zh-CN/content/github/site-policy/dmca-takedown-policy.md +++ b/translations/zh-CN/content/site-policy/content-removal-policies/dmca-takedown-policy.md @@ -6,6 +6,7 @@ redirect_from: - /dmca-takedown-policy - /articles/dmca-takedown - /articles/dmca-takedown-policy + - /github/site-policy/dmca-takedown-policy versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-private-information-removal-policy.md b/translations/zh-CN/content/site-policy/content-removal-policies/github-private-information-removal-policy.md similarity index 99% rename from translations/zh-CN/content/github/site-policy/github-private-information-removal-policy.md rename to translations/zh-CN/content/site-policy/content-removal-policies/github-private-information-removal-policy.md index 712c8d566a..159e7febdc 100644 --- a/translations/zh-CN/content/github/site-policy/github-private-information-removal-policy.md +++ b/translations/zh-CN/content/site-policy/content-removal-policies/github-private-information-removal-policy.md @@ -3,6 +3,7 @@ title: GitHub 私人信息删除政策 redirect_from: - /articles/github-sensitive-data-removal-policy - /github/site-policy/github-sensitive-data-removal-policy + - /github/site-policy/github-private-information-removal-policy versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-trademark-policy.md b/translations/zh-CN/content/site-policy/content-removal-policies/github-trademark-policy.md similarity index 98% rename from translations/zh-CN/content/github/site-policy/github-trademark-policy.md rename to translations/zh-CN/content/site-policy/content-removal-policies/github-trademark-policy.md index afbd216c3d..872e68a021 100644 --- a/translations/zh-CN/content/github/site-policy/github-trademark-policy.md +++ b/translations/zh-CN/content/site-policy/content-removal-policies/github-trademark-policy.md @@ -2,6 +2,7 @@ title: GitHub 商标政策 redirect_from: - /articles/github-trademark-policy + - /github/site-policy/github-trademark-policy versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/guide-to-submitting-a-dmca-counter-notice.md b/translations/zh-CN/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-counter-notice.md similarity index 99% rename from translations/zh-CN/content/github/site-policy/guide-to-submitting-a-dmca-counter-notice.md rename to translations/zh-CN/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-counter-notice.md index 0e8780db79..431eeeb6b9 100644 --- a/translations/zh-CN/content/github/site-policy/guide-to-submitting-a-dmca-counter-notice.md +++ b/translations/zh-CN/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-counter-notice.md @@ -4,6 +4,7 @@ redirect_from: - /dmca-counter-notice-how-to - /articles/dmca-counter-notice-how-to - /articles/guide-to-submitting-a-dmca-counter-notice + - /github/site-policy/guide-to-submitting-a-dmca-counter-notice versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/guide-to-submitting-a-dmca-takedown-notice.md b/translations/zh-CN/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-takedown-notice.md similarity index 99% rename from translations/zh-CN/content/github/site-policy/guide-to-submitting-a-dmca-takedown-notice.md rename to translations/zh-CN/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-takedown-notice.md index b111112554..d17ad32ef7 100644 --- a/translations/zh-CN/content/github/site-policy/guide-to-submitting-a-dmca-takedown-notice.md +++ b/translations/zh-CN/content/site-policy/content-removal-policies/guide-to-submitting-a-dmca-takedown-notice.md @@ -4,6 +4,7 @@ redirect_from: - /dmca-notice-how-to - /articles/dmca-notice-how-to - /articles/guide-to-submitting-a-dmca-takedown-notice + - /github/site-policy/guide-to-submitting-a-dmca-takedown-notice versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/site-policy/content-removal-policies/index.md b/translations/zh-CN/content/site-policy/content-removal-policies/index.md new file mode 100644 index 0000000000..080fd68bed --- /dev/null +++ b/translations/zh-CN/content/site-policy/content-removal-policies/index.md @@ -0,0 +1,16 @@ +--- +title: Content Removal Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /submitting-content-removal-requests + - /github-private-information-removal-policy + - /github-trademark-policy + - /guide-to-submitting-a-dmca-counter-notice + - /guide-to-submitting-a-dmca-takedown-notice + - /dmca-takedown-policy +--- + diff --git a/translations/zh-CN/content/github/site-policy/submitting-content-removal-requests.md b/translations/zh-CN/content/site-policy/content-removal-policies/submitting-content-removal-requests.md similarity index 92% rename from translations/zh-CN/content/github/site-policy/submitting-content-removal-requests.md rename to translations/zh-CN/content/site-policy/content-removal-policies/submitting-content-removal-requests.md index 06b32c3112..d033a013f0 100644 --- a/translations/zh-CN/content/github/site-policy/submitting-content-removal-requests.md +++ b/translations/zh-CN/content/site-policy/content-removal-policies/submitting-content-removal-requests.md @@ -2,6 +2,8 @@ title: 提交内容删除请求 redirect_from: - /articles/submitting-content-removal-requests + - /github/site-policy/submitting-content-removal-requests + - /github/site-policy/github-terms-and-other-site-policies/submitting-content-removal-requests versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-anti-bribery-statement.md b/translations/zh-CN/content/site-policy/github-company-policies/github-anti-bribery-statement.md similarity index 98% rename from translations/zh-CN/content/github/site-policy/github-anti-bribery-statement.md rename to translations/zh-CN/content/site-policy/github-company-policies/github-anti-bribery-statement.md index fbb85a4091..4351c2cda1 100644 --- a/translations/zh-CN/content/github/site-policy/github-anti-bribery-statement.md +++ b/translations/zh-CN/content/site-policy/github-company-policies/github-anti-bribery-statement.md @@ -2,6 +2,7 @@ title: GitHub 反贿赂声明 redirect_from: - /articles/github-anti-bribery-statement + - /github/site-policy/github-anti-bribery-statement versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-gifts-and-entertainment-policy.md b/translations/zh-CN/content/site-policy/github-company-policies/github-gifts-and-entertainment-policy.md similarity index 94% rename from translations/zh-CN/content/github/site-policy/github-gifts-and-entertainment-policy.md rename to translations/zh-CN/content/site-policy/github-company-policies/github-gifts-and-entertainment-policy.md index 899ef72f20..09f4dbb8b5 100644 --- a/translations/zh-CN/content/github/site-policy/github-gifts-and-entertainment-policy.md +++ b/translations/zh-CN/content/site-policy/github-company-policies/github-gifts-and-entertainment-policy.md @@ -2,6 +2,7 @@ title: GitHub 礼品和招待政策 redirect_from: - /articles/github-gifts-and-entertainment-policy + - /github/site-policy/github-gifts-and-entertainment-policy versions: fpt: '*' topics: @@ -63,4 +64,4 @@ GitHub 的道德准则详细说明了某些情况,包括礼品、旅游和招 罚款和入狱。 遭受处罚的不一定只有 GitHub。 您自己可能会面临几年牢狱之灾,这无关乎该客户在日本之旅后是否向 GitHub 提交了订单或者该政府官员是否拿走了那箱现金。 基本上,与您是否实际_完成_行贿没关系。 不论结果,只要尝试就是违法。 ## 更多信息 -如需了解有关规则、执行和处罚的更多信息和相关背景,美国 如需了解有关规则、执行和处罚的更多信息和相关背景,美国司法部的[《美国反海外腐败法》资源指南](https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2015/01/16/guide.pdf)是一个很好的资源。 反海外腐败法是一种很好的资源。 +如需了解有关规则、执行和处罚的更多信息和相关背景,美国 Department of Justice’s [Resource Guide to the U.S. 反海外腐败法](https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2015/01/16/guide.pdf)是一种很好的资源。 diff --git a/translations/zh-CN/content/github/site-policy/github-gpl-cooperation-commitment.md b/translations/zh-CN/content/site-policy/github-company-policies/github-gpl-cooperation-commitment.md similarity index 97% rename from translations/zh-CN/content/github/site-policy/github-gpl-cooperation-commitment.md rename to translations/zh-CN/content/site-policy/github-company-policies/github-gpl-cooperation-commitment.md index df93ab4be6..78bcb5aab8 100644 --- a/translations/zh-CN/content/github/site-policy/github-gpl-cooperation-commitment.md +++ b/translations/zh-CN/content/site-policy/github-company-policies/github-gpl-cooperation-commitment.md @@ -2,6 +2,7 @@ title: GitHub GPL 合作承诺 redirect_from: - /articles/github-gpl-cooperation-commitment + - /github/site-policy/github-gpl-cooperation-commitment versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-statement-against-modern-slavery-and-child-labor.md b/translations/zh-CN/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md similarity index 96% rename from translations/zh-CN/content/github/site-policy/github-statement-against-modern-slavery-and-child-labor.md rename to translations/zh-CN/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md index aeb84238b4..3091150c47 100644 --- a/translations/zh-CN/content/github/site-policy/github-statement-against-modern-slavery-and-child-labor.md +++ b/translations/zh-CN/content/site-policy/github-company-policies/github-statement-against-modern-slavery-and-child-labor.md @@ -2,6 +2,7 @@ title: GitHub 反对现代奴隶制和雇佣童工的声明 redirect_from: - /articles/github-statement-against-modern-slavery-and-child-labor + - /github/site-policy/github-statement-against-modern-slavery-and-child-labor versions: fpt: '*' topics: @@ -45,7 +46,7 @@ GitHub 的供应链包括用于我们产品和运营的商品和服务,包括 **GitHub 的行为标准**禁止不安全和非法的行为,包括故意使用、参与、支持或容忍现代奴隶制(奴役、强迫或强制劳动、贩运、压榨以及监禁或以契约束缚劳动者)或童工。 -GitHub 遵守其运营所在辖区中禁止贩运劳工和使用童工的法律,包括[关于打击人口贩运的美国联邦采购法规 22.17](https://www.govinfo.gov/content/pkg/CFR-2009-title48-vol1/pdf/CFR-2009-title48-vol1-part22-subpart22-17.pdf)。 关于打击人口贩运的联邦采购法规 22.17。 +GitHub complies with laws prohibiting trafficking and child labor in the jurisdictions in which it operates, including [U.S. 关于打击人口贩运的联邦采购法规 22.17](https://www.govinfo.gov/content/pkg/CFR-2009-title48-vol1/pdf/CFR-2009-title48-vol1-part22-subpart22-17.pdf)。 此外,GitHub 与 FairHotel 计划建立了合作伙伴关系,这意味着 GitHub 鼓励其员工选择 FairHotel 认可的酒店,因为这种酒店的工人工资合理、福利充足且在工作中有发言权。 成为 FairHotel 合作伙伴,也意味着 GitHub 作为公平雇主为酒店提供业务。 diff --git a/translations/zh-CN/content/site-policy/github-company-policies/index.md b/translations/zh-CN/content/site-policy/github-company-policies/index.md new file mode 100644 index 0000000000..c1b0dd22ee --- /dev/null +++ b/translations/zh-CN/content/site-policy/github-company-policies/index.md @@ -0,0 +1,14 @@ +--- +title: GitHub Company Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-statement-against-modern-slavery-and-child-labor + - /github-anti-bribery-statement + - /github-gpl-cooperation-commitment + - /github-gifts-and-entertainment-policy +--- + diff --git a/translations/zh-CN/content/github/site-policy/github-community-forum-code-of-conduct.md b/translations/zh-CN/content/site-policy/github-terms/github-community-forum-code-of-conduct.md similarity index 83% rename from translations/zh-CN/content/github/site-policy/github-community-forum-code-of-conduct.md rename to translations/zh-CN/content/site-policy/github-terms/github-community-forum-code-of-conduct.md index d94c105ca0..f197c3e72b 100644 --- a/translations/zh-CN/content/github/site-policy/github-community-forum-code-of-conduct.md +++ b/translations/zh-CN/content/site-policy/github-terms/github-community-forum-code-of-conduct.md @@ -2,6 +2,8 @@ title: GitHub 社区论坛行为准则 redirect_from: - /articles/github-community-forum-code-of-conduct + - /github/site-policy/github-community-forum-code-of-conduct + - /github/site-policy/acceptable-use-policies/github-community-forum-code-of-conduct versions: fpt: '*' topics: @@ -11,13 +13,13 @@ topics: ## 概述和宗旨 -数百万开发者在 GitHub 上托管了数百万个项目,包括开源和闭源项目,我们很荣幸能够为促进开发者社区的日常协作发挥作用。 走在一起,我们都有机会和责任让这个社区成为我们值得骄傲的地方。 +Millions of developers across the world host millions of projects—both open and closed source—on GitHub. We're fortunate to be able to play a part in enabling collaboration across the developer community every day, which is a responsibility we don’t take lightly. Together, we all have the exciting opportunity to make this a community we can be proud of. GitHub 社区论坛旨在成为推动协作、支持和集思广益的地方。 这是一个文明荟萃之地,在这里,您可以与其他用户联系、学习新技能、分享反馈和想法、寻找您的 GitHub 项目所需的所有支持。 参与本社区,即表示您同意遵守适用于 GitHub.com 的<[服务条款](/github/site-policy/github-terms-of-service/)和 [GitHub 可接受使用政策](/github/site-policy/github-acceptable-use-policies)以及本社区特定的行为准则。 我们希望通过本行为准则,帮助您了解如何在 GitHub 社区论坛中完美协作、版主的职能以及哪些类型的行为或内容可能导致暂停或永久性终止社区参与。 我们将调查任何滥用举报,并且可能会删除社区内我们确定违反了 GitHub 服务条款或本行为准则的公共内容。 -GitHub 的用户来自世界各地,有上周才创建其第一个 "Hello World" 项目的新人,也有享誉全球的软件开发高手,他们带来了各种不同的观点、想法和经验。 我们致力于让 GitHub 和 GitHub 社区论坛成为一个海纳百川的环境,在支持个人自由表达的同时能够欢迎各种不同的声音和观点。 +Our diverse user base brings different perspectives, ideas, and experiences, and ranges from people who created their first "Hello World" project last week to the most well-known software developers in the world. We are committed to making GitHub an environment that welcomes all the different voices and perspectives our community has to offer, while maintaining a safe place for developers to do their best work. ## 承诺 @@ -29,23 +31,26 @@ GitHub 社区论坛提倡互相尊重。 论坛是一种共享资源 — 通过 以下规则并非硬性规定,仅用于帮助我们社区的人为判断。 我们使用这些准则为文明的公众讨论提供一个窗明几净的环境。 -### *建设强大社区的最佳实践* +### *Best Practices for Maintaining a Strong Community* -- 互相尊重和体谅。 - - **包容开放。**社区其他成员的经验水平或背景可能与您不同,但这并不意味着他们不能贡献好的想法。 我们鼓励大家欢迎新成员和刚入门的新手。 - - **互相尊重。**粗鲁是正常对话的天敌。 保持礼貌和专业,不要发表被理性的人视为冒犯、侮辱或仇恨的言论。 不要骚扰或打击任何人。 在所有互动中应互相尊重和体谅。 +GitHub 社区的主要目的是协作处理软件项目。 我们致力于维持一个用户能够自由表达意见并对彼此想法(包括技术和其他方面)提出挑战的社区。 At the same time, it's important that users remain respectful and allow space for others to contribute openly. In order to foster both a safe and productive environment, we encourage our community members to look to these guidelines to inform how they interact on our platform. Below, you’ll find some suggestions for how to have successful interactions as a valued member of the GitHub community. + +- Engage with consideration and respect. + + - **Be welcoming and open-minded** - New users join our community each day. Some are well-established developers, while others are just beginning. Be open to other ideas and experience levels. Make room for opinions other than your own and be welcoming to new collaborators and those just getting started. + + - **Be respectful** - Working in a collaborative environment means disagreements may happen. 但请记住,您的批评要对事不对人。 Share thoughtful, constructive criticism and be courteous to those you interact with. If you’re unable to engage respectfully, consider taking a step back or using some of our moderation tools to deescalate a tense situation. + + - **Be empathetic** - GitHub is a global community with people from a wide variety of backgrounds and perspectives, many of which may not be your own. Try to put yourself in others’ shoes and understand their feelings before you address them. Do your best to help make GitHub a community where others feel safe to make contributions, participate in discussions, and share different ideas. - 您可能要发表反对的意见。 没问题。 但请记住,您的批评要对事不对人。 不要说脏话、人身攻击、纠结于帖子的语气而罔顾其实际内容或制造下意识的矛盾。 而应该提供合理的反驳论据,保持友善的对话。 - - **共情沟通。**意见相左或分歧是生活中的常态。 作为社区的一部分,意味着您要与各种背景和观点的人互动,其中许多人的观点可能与您不同。 如果您不同意某人的观点,请先试图理解他们并体会他们的情感,然后再发表意见。 这将有助于营造尊重和友好的氛围,让人舒适自在地提出问题、参与讨论和做出贡献。 - 以积极和建设性的方式参与。 - **改善讨论。**请始终努力以某种方式改善讨论(哪怕是极小的改善),帮助我们将论坛营造成讨论的绝佳场所。 如果您不确定自己的帖子会给对话带来什么影响,请斟酌您要表达的内容,三思而后行。 论坛讨论的主题对我们非常重要,我们希望您也重视这些主题。 即使您不同意其中的某些内容,但请尊重主题和讨论主题的人。 - - **清晰表达、紧扣主题。**在互联网上与陌生人交流可能并不容易。 很难传达或读懂语气,容易被误解为嘲讽。 尽可能清晰表达,并考虑其他人如何理解您的表达。 + - **Be clear and stay on topic.** The GitHub Community Forum is for collaboration, sharing ideas, and helping each other get stuff done. 脱离主题的评论对于完成工作和取得成效是一种干扰(有时可能受欢迎,但这种情况很少)。 紧扣主题有助于产生积极和富有成效的讨论。 这也适用于分享链接。 在社区论坛中分享任何链接均应以提供相关和适当的信息为目的。 不能只是为某个站点吸引流量或关注而发布链接。 链接应始终附有对链接内容和目的的充分说明。 发布没有相关且有价值背景信息的链接,特别是未经请求提供这种链接,可能被当作发广告或带有更恶意的目的。 - 此外,GitHub 社区论坛是支持协作、交流想法和互相帮助完成工作的地方。 脱离主题的评论对于完成工作和取得成效是一种干扰(有时可能受欢迎,但这种情况很少)。 紧扣主题有助于产生积极和富有成效的讨论。 - **谨慎分享。**要求他人提供反馈或协作处理项目时,请只分享有价值的相关资源以提供背景信息。 不要发布对主题无价值的链接,不要在其他用户的帖子中主动发布指向您自己项目或站点的链接。 此外,请勿分享敏感信息。 这包括您自己的电子邮件地址。 我们不允许在本社区论坛中分享此类信息,因为它可能会给发帖者和其他用户带来安全和隐私风险。 如果要邀请论坛其他成员协作处理项目或与您合作,请分享指向您要处理的项目所在仓库的链接。 通过分享项目仓库的链接,并简要说明您的项目以及您要寻求什么类型的帮助或反馈,就可以邀请他人通过议题或拉取请求与您协作,而不必分享您的私人信息。 还可以将其他人添加为项目仓库的外部协作者,给他们特殊权限以便帮助您开发项目。 diff --git a/translations/zh-CN/content/site-policy/github-terms/github-community-guidelines.md b/translations/zh-CN/content/site-policy/github-terms/github-community-guidelines.md new file mode 100644 index 0000000000..6c6041de6e --- /dev/null +++ b/translations/zh-CN/content/site-policy/github-terms/github-community-guidelines.md @@ -0,0 +1,86 @@ +--- +title: GitHub 社区指导方针 +redirect_from: + - /community-guidelines + - /articles/github-community-guidelines + - /github/site-policy/github-community-guidelines + - /github/site-policy/acceptable-use-policies/github-community-guidelines +versions: + fpt: '*' +topics: + - Policy + - Legal +--- + +Millions of developers across the world host millions of projects—both open and closed source—on GitHub. We're fortunate to be able to play a part in enabling collaboration across the developer community every day, which is a responsibility we don’t take lightly. Together, we all have the exciting opportunity to make this a community we can be proud of. + +Our diverse user base brings different perspectives, ideas, and experiences, and ranges from people who created their first "Hello World" project last week to the most well-known software developers in the world. We are committed to making GitHub an environment that welcomes all the different voices and perspectives our community has to offer, while maintaining a safe place for developers to do their best work. + +By outlining what we think a [safe, welcoming, and productive community](https://opensource.guide/building-community/) looks like at GitHub, we hope to help you understand how best to interact and collaborate on our platform in line with our [Terms of Service](/github/site-policy/github-terms-of-service) and [Acceptable Use Policies](/github/site-policy/github-acceptable-use-policies). + +We encourage our community members to communicate expectations clearly, [moderate](#what-if-something-or-someone-offends-you) their projects where possible, and [report](https://github.com/contact/report-abuse) any content that may violate our [policies](/github/site-policy/github-terms-of-service). GitHub Staff will investigate any reports of abuse, and may moderate public content on our site that we determine to be in violation of our Terms of Service. + + +## Maintaining a strong community + +GitHub 社区的主要目的是协作处理软件项目。 我们致力于维持一个用户能够自由表达意见并对彼此想法(包括技术和其他方面)提出挑战的社区。 At the same time, it's important that users remain respectful and allow space for others to contribute openly. In order to foster both a safe and productive environment, we encourage our community members to look to these guidelines to inform how they interact on our platform. Below, you’ll find some suggestions for how to have successful interactions as a valued member of the GitHub community. + +* **Be welcoming and open-minded** - New users join our community each day. Some are well-established developers, while others are just beginning. Be open to other ideas and experience levels. Make room for opinions other than your own and be welcoming to new collaborators and those just getting started. + +* **Be respectful** - Working in a collaborative environment means disagreements may happen. 但请记住,您的批评要对事不对人。 Share thoughtful, constructive criticism and be courteous to those you interact with. If you’re unable to engage respectfully, consider taking a step back or using some of our moderation tools to deescalate a tense situation. + +* **Be empathetic** - GitHub is a global community with people from a wide variety of backgrounds and perspectives, many of which may not be your own. Try to put yourself in others’ shoes and understand their feelings before you address them. Do your best to help make GitHub a community where others feel safe to make contributions, participate in discussions, and share different ideas. + + +## 如果某事或某人冒犯您会怎么样? + +While some disagreements can be resolved with direct, respectful communication between community members, we understand that is not always the case. We encourage our community to [let us know](https://support.github.com/contact/report-abuse?category=report-abuse&report=other&report_type=unspecified) when they believe content or activity they’ve encountered violates our policies. However, if you run into something or someone on the site that you find objectionable, here are some ways GitHub enables you to take action: + +* **Communicate expectations** - Maintainers can set community-specific guidelines to help users understand how to interact with their projects, for example, in a repository’s README, [CONTRIBUTING file](/articles/setting-guidelines-for-repository-contributors/), or [dedicated code of conduct](/articles/adding-a-code-of-conduct-to-your-project/). You can find additional information on building communities [here](/communities). + + +* **Moderate Comments** - Users with [write-access privileges](/articles/repository-permission-levels-for-an-organization/) for a repository can [edit, delete, or hide anyone's comments](/communities/moderating-comments-and-conversations/managing-disruptive-comments) on commits, pull requests, and issues. 对仓库具有读取权限的任何人都可查看评论的编辑历史记录。 Comment authors and people with write access to a repository can also delete sensitive information from a [comment's edit history](/communities/moderating-comments-and-conversations/tracking-changes-in-a-comment). Moderating your projects can feel like a big task if there is a lot of activity, but you can [add collaborators](/account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/permission-levels-for-a-user-account-repository#collaborator-access-for-a-repository-owned-by-a-user-account) to assist you in managing your community. + +* **Lock Conversations**  - If a discussion in an issue, pull request, or commit gets out of hand, off topic, or violates your project’s code of conduct or GitHub’s policies, owners, collaborators, and anyone else with write access can put a temporary or permanent [lock](/articles/locking-conversations/) on the conversation. + +* **Block Users**  - If you encounter a specific user who you would rather not engage with, you can [block the user from your personal account](/articles/blocking-a-user-from-your-personal-account/) or [from your organization](/articles/blocking-a-user-from-your-organization/). + +* **Limit Interactions** - If your public project is getting unwanted attention, being trolled, spammed, or otherwise, you have the option of setting [temporary interaction limits](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository) to keep certain users from interacting with your repository. You can even set [code review limits](https://github.blog/2021-11-01-github-keeps-getting-better-for-open-source-maintainers/#preventing-drive-by-pull-request-approvals-and-requested-changes) to ensure quality contributions on your projects. + + +While we are passionate about empowering maintainers to moderate their own projects, please reach out to us to {% data variables.contact.report_abuse %} if you need additional support in dealing with a situation. + +## What happens if someone violates GitHub's policies? + +We rely on reports from the community, as well as proactive detection, to help ensure that GitHub is a safe, welcoming, and productive platform for software developers. There are a variety of factors we consider when we’re made aware of behavior or content not in line with GitHub’s policies. However, our policy enforcement and content moderation approach prioritizes our vision to be the home for all developers. This means: + +- We optimize for code collaboration. We recognize that code can have multiple uses and we distinguish between how the code is being used on the platform and other possible uses. We also think about how our enforcement actions can affect a potentially complicated web of interdependencies across the platform and aim to restrict as little legitimate content as possible. + +- We take a human-centered approach to content moderation and we tailor our responses to meet the needs of a specific situation. Our global team investigates the reports we receive on a case-by-case basis—considering context and the surrounding facts—before taking action. This could include taking into account potentially offensive content being posted in a way that lacks context or makes it easy for other users to unwittingly view or interact with while using GitHub. In those instances, we may favor moderation in order to safeguard our community. + +- Our decisions are rooted in our core belief that serving an interconnected community and empowering human progress through developer collaboration requires a commitment to diversity, inclusion, and belonging. + +Where we have decided that moderation action is warranted, these are some of the ways we may respond: + +* Removing the offending content +* Blocking or disabling the offending content +* Downgrading the visibility of the offending content +* Hiding a user account or organization from public view +* Suspending a user account or organization + + +## 申诉和恢复 + +In some cases there may be a basis to reverse a moderation action taken by GitHub Staff. + +* **Reinstatement**: Where a user wishes to address the violation and is willing to agree to abide by our Acceptable Use Policies moving forward, we may choose to reinstate their account or content depending on the severity of the initial violation. + +* **Appeal**: If a user wishes to dispute the basis of an enforcement action and can provide additional information regarding the alleged violation, we will review that information and may grant the appeal where we determined that a violation did not occur. + +If you seek reinstatement or wish to appeal an enforcement action, please contact [support](https://support.github.com/contact?tags=docs-policy). + +## 法律声明 + +我们将这些社区指导方针专用于公共领域,让所有人根据 [CC0-1.0](https://creativecommons.org/publicdomain/zero/1.0/) 的条款使用、重新使用、调整或适应。 + +这些只是指导方针;不影响我们的[服务条款](/articles/github-terms-of-service/),也不打算作为完整的清单。 Under those terms, GitHub retains full discretion to remove any content or terminate any accounts for activity that violates our [Acceptable Use Policies](/articles/github-acceptable-use-policies). 这些指导方针说明了我们何时将行使这一酌处权。 diff --git a/translations/zh-CN/content/github/site-policy/github-corporate-terms-of-service.md b/translations/zh-CN/content/site-policy/github-terms/github-corporate-terms-of-service.md similarity index 93% rename from translations/zh-CN/content/github/site-policy/github-corporate-terms-of-service.md rename to translations/zh-CN/content/site-policy/github-terms/github-corporate-terms-of-service.md index 1815ac8c48..b20e908fca 100644 --- a/translations/zh-CN/content/github/site-policy/github-corporate-terms-of-service.md +++ b/translations/zh-CN/content/site-policy/github-terms/github-corporate-terms-of-service.md @@ -2,6 +2,7 @@ title: GitHub 公司服务条款 redirect_from: - /articles/github-corporate-terms-of-service + - /github/site-policy/github-corporate-terms-of-service versions: fpt: '*' topics: @@ -38,45 +39,45 @@ _这些条款适用于 1) 已接受《公司服务条款》的 GitHub.com(非 **“内容”**包括但不限于通过服务刊登、显示或提供的任何代码、文本、数据、文章、软件包、照片、图片、软件、应用程序、设计、功能及其他材料。 -**“公司帐户”**是指用户代表实体创建的帐户。 +**"Corporate Account"** means an account created by a User on behalf of an entity. **“客户”**是指通过单击“我同意”或类似按钮,或者通过访问产品,与 GitHub 签订本协议的公司或组织。 -**“客户内容”**是指客户创建、拥有或持有权利的内容。 +**"Customer Content"** means Content that Customer creates, owns, or to which Customer holds the rights. **“文档”**是指与 GitHub 提供给客户的产品相关的任何手册、文档及其他支持材料。 **“生效日期”**是以下日期中的较早日期 (i) 单击“我同意”以接受本协议的条款和条件,或 (ii) 第一次下单购买产品。 -**“外部用户”**是指访问或使用服务的个人,不包括客户的用户。 +**"External User"** means an individual, not including Customer’s Users, who visit or use the Service. -**“反馈”“**是指关于 GitHub 产品或服务的任何想法、知识、算法、代码贡献、建议、增强请求、建议或任何其他反馈。 +**"Feedback"** means any ideas, know-how, algorithms, code contributions, suggestions, enhancement requests, recommendations or any other feedback on GitHub products or services. **“费用”**是指客户因以下原因而必须向 GitHub 支付的费用:(i) 在适用的订阅期内使用产品,或 (ii) 获得专业服务,此类费用反映在订单或 SOW 中。 -**“复刻”**是指将一个仓库的内容复制到另一个仓库。 +**“Fork”** means to copy the Content of one repository into another repository. **“GitHub”**是指 GitHub, Inc.、其附属公司和代表。 -**“GitHub 内容”**是指 GitHub 创建、拥有或持有权利的内容。 +**"GitHub Content"** means Content that GitHub creates, owns, or to which it holds the rights. -**“机器帐户”**是指代表机器帐户接受适用服务条款、提供有效的电子邮件地址并负责其操作的个人注册的帐户。 机器帐户专用于执行自动化任务。 多个用户可指示机器帐户的操作,但帐户所有者对机器的操作最终负责。 +**“Machine Account”** means an account registered by an individual human who accepts the applicable terms of service on behalf of the Machine Account, provides a valid email address, and is responsible for its actions. 机器帐户专用于执行自动化任务。 多个用户可指示机器帐户的操作,但帐户所有者对机器的操作最终负责。 **“订单”**是指双方用来订购产品的书面或电子文档(包括报价)。 -**“组织”**是指与一个实体或者一个或多个用户相关的共享工作空间,其中多个用户可以一次协作处理多个项目。 用户可以是多个组织的成员。 +**“Organization”** means a shared workspace that may be associated with a single entity or with one or more Users where multiple Users can collaborate across many projects at once. 用户可以是多个组织的成员。 -**“私有仓库”**是指允许用户控制内容访问权限的仓库。 +**“Private Repository”** means a repository which allows a User to control access to Content. “**专业服务**”是指 GitHub 根据共同执行的 SOW 向客户提供的培训、咨询或实现服务。 专业服务不包括支持。 -**“专业服务积分”**是指购买专业服务时的预付方式(专用于旅行和住宿费用),客户可在十二 (12) 个月内(除非订单另有规定)用来购买专业服务。 在购买日期起十二 (12) 个月(或订单规定的时间)结束时未使用的任何专业服务积分将自动取消,且不能退款。 +**"Professional Services Credits"** means the upfront payment method for purchasing Professional Services (exclusive of travel and lodging expenses) that Customer may use over a period of twelve (12) months (unless otherwise stated in an Order Form) for Professional Services. 在购买日期起十二 (12) 个月(或订单规定的时间)结束时未使用的任何专业服务积分将自动取消,且不能退款。 -**“公共仓库”**是指其内容对所有用户可见的仓库。 +**“Public Repository”** means a repository whose Content is visible to All Users. **“代表”**是指一方的员工、高管、代理、独立承包商、顾问以及法律和财务顾问。 -**“擦除”**擦除是指通过自动化过程(如自动程序或网络爬虫 )从服务中提取数据,不包括通过 GitHub 的 API 收集信息。 +**“Scraping”** means extracting data from the Service via an automated process, such as a bot or webcrawler, and does not include the collection of information through GitHub's API. **“服务”**是指 GitHub 的托管服务和任何适用的文档。 @@ -88,12 +89,12 @@ _这些条款适用于 1) 已接受《公司服务条款》的 GitHub.com(非 **"用户"** 是指以下个人或机器帐户 (a) 访问或使用服务,(b) 访问或使用客户帐户任何部分,或 (c) 在每种情况下代表客户指示使用客户帐户履行职能。 用户数不应超过客户购买的订阅许可数。 -**“用户生成的内容”**是指第三方或外部用户创建或拥有的内容。 +**“User-Generated Content”** means Content created or owned by a third party or External User. ## B. 帐户条款 ### 1. 帐户控制。 - * _用户。_客户承认,用户对其个人帐户及其中的内容保留最终的管理控制权。 [GitHub 的标准服务条款](/articles/github-terms-of-service)管辖用户对服务的使用,但本 B 部分下所述的用户活动除外。 + * _用户。_客户承认,用户对其个人帐户及其中的内容保留最终的管理控制权。 [GitHub's Standard Terms of Service](/articles/github-terms-of-service) govern Users' use of the Service, except with respect to Users' activities under this Section B. * _组织。_根据本 B 部分,客户对代表客户创建的任何组织以及发布到其组织内仓库的用户生成内容具有最终管理控制权。本 B 部分管制客户组织的使用。 @@ -104,7 +105,7 @@ _这些条款适用于 1) 已接受《公司服务条款》的 GitHub.com(非 * 用户登录名不能多人共享。 -- 客户在以下情况下不得使用产品 (a) 违反美国或任何其他司法管辖区的出口管制或制裁法律;(b) 如果位于或普通居住于遭受美国 “外国资产管制办公室”(OFAC) 全面制裁的国家或地区;或 (c) 如果客户是[特别指定的国民 (SDN)](https://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx) 或代表其工作,或者是遭受类似封锁或被拒绝方禁令的个人。 更多信息请参阅我们的[出口管制政策](/articles/github-and-export-controls)。 +- 客户在以下情况下不得使用产品 (a) 违反美国或任何其他司法管辖区的出口管制或制裁法律;(b) 如果位于或普通居住于遭受美国 “外国资产管制办公室”(OFAC) 全面制裁的国家或地区;或 (c) 如果客户是[特别指定的国民 (SDN)](https://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx) 或代表其工作,或者是遭受类似封锁或被拒绝方禁令的个人。 For more information, please see our [Export Controls policy](/articles/github-and-export-controls). ### 3. 帐户安全 客户负责:(i) 在其公司帐户下发布的所有内容和发生的活动;(ii) 保持其帐户登录凭据的安全;以及 (iii) 在获悉通过其帐户对服务的任何未授权使用或访问时[及时通知 GitHub](https://github.com/contact)。 GitHub 对客户不遵守本 B 部分所造成的任何损失或损害概不负责。 @@ -123,7 +124,7 @@ GitHub 在[企业服务等级协议](/github/site-policy/github-enterprise-servi ### 1. 符合法律法规 客户对产品的使用不得违反任何相关法律,包括版权法或商标法、出口管制法律或其司法管辖区的法规。 -### 2. 可接受的使用 +### 2. 可接受使用 客户对服务的使用必须遵守 [GitHub 可接受的使用政策](/articles/github-acceptable-use-policies)和 [GitHub 社区指导方针](/articles/github-community-guidelines)。 客户不得在任何司法管辖区将服务用于非法、淫秽、冒犯性或欺诈性内容或活动,例如鼓吹或造成伤害;干扰或违反网络或系统的完整性或安全性;避开过滤器;发送主动、辱骂或欺诈性消息、病毒或有害代码;或者违反第三方权利。 ### 3. 隐私 @@ -249,7 +250,7 @@ _专业服务保证。_除非 SOW 中另有规定,GitHub 向客户保证,本 _服务免责声明。_GitHub **“按原样”**和**“视情况”**提供服务,不含任何形式的保证。 不限于此,关于服务,GitHub 明确否认所有保证,无论是明示、暗示还是法定保证,包括但不限于任何适销性、特定目的适用性、权利、安全性、准确性和非侵权。 GitHub 不保证服务将满足客户的要求;服务不中断、及时、安全或无错;通过服务提供的信息准确、可靠或正确;任何缺陷或错误将得到更正;服务在任何特定时间或地点可用;服务没有病毒或其他有害成分。 对于因客户下载和/或使用从服务获取的文件、信息、内容或其他材料而造成的任何损失风险,GitHub 概不负责。 -_测试版预览。_客户可自行决定选择使用测试版预览。 测试版预览不受支持,可能随时更改而不另行通知。 测试版预览的可靠性及可用性可能不如服务。 测试版预览不像服务一样采取同样的安全措施和审核。 GitHub 不承担测试版预览引起或与之相关的责任。 **客户使用测试版预览自担风险。** +_测试版预览。_客户可自行决定选择使用测试版预览。 测试版预览不受支持,可能随时更改而不另行通知。 测试版预览的可靠性及可用性可能不如服务。 测试版预览不像服务一样采取同样的安全措施和审核。 GitHub 不承担测试版预览引起或与之相关的责任。 **Customer uses Beta Previews at its own risk.** ## N. 责任限制 **_间接损害。_在适用法律允许的最大范围内,对于本协议造成或与之相关的任何间接、特殊、偶发性、惩罚性或后果性损害(包括利润收入或数据损失),或者获取替代产品的费用,任一方对另一方概不负责,无论损害是何原因造成,也不管该等责任是否源自基于合同、保证、民事侵权(包括疏忽)、严格责任或其他的任何索赔,以及一方是否被告知存在此类损害的可能。** diff --git a/translations/zh-CN/content/github/site-policy/github-event-code-of-conduct.md b/translations/zh-CN/content/site-policy/github-terms/github-event-code-of-conduct.md similarity index 98% rename from translations/zh-CN/content/github/site-policy/github-event-code-of-conduct.md rename to translations/zh-CN/content/site-policy/github-terms/github-event-code-of-conduct.md index 14f704e541..cb7c9c6d56 100644 --- a/translations/zh-CN/content/github/site-policy/github-event-code-of-conduct.md +++ b/translations/zh-CN/content/site-policy/github-terms/github-event-code-of-conduct.md @@ -2,6 +2,7 @@ title: GitHub 活动行为准则 redirect_from: - /articles/github-event-code-of-conduct + - /github/site-policy/github-event-code-of-conduct versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-event-terms.md b/translations/zh-CN/content/site-policy/github-terms/github-event-terms.md similarity index 99% rename from translations/zh-CN/content/github/site-policy/github-event-terms.md rename to translations/zh-CN/content/site-policy/github-terms/github-event-terms.md index aea8923d49..f0e911daca 100644 --- a/translations/zh-CN/content/github/site-policy/github-event-terms.md +++ b/translations/zh-CN/content/site-policy/github-terms/github-event-terms.md @@ -2,6 +2,7 @@ title: GitHub 活动条款 redirect_from: - /articles/github-event-terms + - /github/site-policy/github-event-terms versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-marketplace-developer-agreement.md b/translations/zh-CN/content/site-policy/github-terms/github-marketplace-developer-agreement.md similarity index 97% rename from translations/zh-CN/content/github/site-policy/github-marketplace-developer-agreement.md rename to translations/zh-CN/content/site-policy/github-terms/github-marketplace-developer-agreement.md index 34ba25e194..e5f131af56 100644 --- a/translations/zh-CN/content/github/site-policy/github-marketplace-developer-agreement.md +++ b/translations/zh-CN/content/site-policy/github-terms/github-marketplace-developer-agreement.md @@ -2,6 +2,7 @@ title: GitHub Marketplace 开发者协议 redirect_from: - /articles/github-marketplace-developer-agreement + - /github/site-policy/github-marketplace-developer-agreement versions: fpt: '*' topics: @@ -70,7 +71,7 @@ topics: - 7\. 允许未经授权下载流内容或媒体; - 8\. 显示或链接到非法内容; - 9\. 骚扰、辱骂、威胁或煽动暴力对待任何个人或团体,包括 GitHub 员工、高管和代理或任何最终用户; -- 10\. 属于或包含淫秽内容; +- 10\. Is or contains sexually obscene content; - 11\. 歧视或辱骂任何个人或团体; - 12\. 将最终用户转到模仿 Marketplace 或冒充 Marketplace 的任何其他网站,或者提供跳转到该等网站的链接。 @@ -88,13 +89,13 @@ topics: **3.7** 如果 GitHub 确定开发者违反了本节(第 3 节)中的任何要求或义务,则 GitHub 有权立即终止本协议。 -**3.8** 本协议的任何规定均不得阻止任何一方开发和/或发布与另一方的应用程序相似或竞争的应用程序。 +**3.8** Nothing in this Agreement shall prevent either party from developing and/or publishing applications that are similar or otherwise compete with the other party's applications. ## 4. 下架 **4.1** 您自行下架。 在下一个日历月第一日之前三十 (30) 天向 GitHub 发出书面通知后,您可以从 Marketplace 未来分发中删除您的产品推介,但必须遵守本协议关于 Marketplace 已分发产品的规定,包括但不限于退款要求。 从 Marketplace 未来分发中删除产品推介,不会:(a) 影响先前已购买或安装该产品的最终用户的许可权;或 (b) 改变您对于用户先前已购买或安装的产品提供交付或支持服务的义务。 -尽管有上述规定,但在任何情况下,GitHub 都不会在 Marketplace 的任何部分保留由于以下原因(通过书面通知获悉)从 Marketplace 中删除的任何产品推介:: +Notwithstanding the foregoing, in no event will GitHub maintain on any portion of Marketplace any Listing that you have removed from Marketplace and provided written notice to GitHub that such removal was due to: - (i) 被指控侵犯或确实侵犯任何人的任何版权、商标、商业秘密、商业外观、专利或其他知识产权; - (ii) 被指控诽谤或确实诽谤; @@ -146,7 +147,7 @@ GitHub 可能:阻止该产品推介在 Marketplace 上展示;从 Marketplace **6.1** GitHub 是最终用户通过 Marketplace 购买开发者产品的记录商。 -**6.2** 开发者应用程序在 Marketplace 清单上的价格应设置为美元 (USD)。 开发者对于每个上架产品的定价设置有完全控制权,但一旦设定,就无法更改。 您可以撤销现有上架产品的定价计划,然后为其添加新的定价计划,前提是新的定价计划对现有最终客户没有不利影响。 您为开发者产品设置的价格将决定您将收到的付款金额。 GitHub 将以美元汇出 95% 的销售价格,不扣除税款,但适用法律要求的任何预扣税款除外。 其余 5% 的销售价格将分配给 GitHub 并由 GitHub 保留。 每个月底,在达到最低值 500 美元后,GitHub 将汇出您的应得款项。 +**6.2** 开发者应用程序在 Marketplace 清单上的价格应设置为美元 (USD)。 开发者对于每个上架产品的定价设置有完全控制权,但一旦设定,就无法更改。 您可以撤销现有上架产品的定价计划,然后为其添加新的定价计划,前提是新的定价计划对现有最终客户没有不利影响。 您为开发者产品设置的价格将决定您将收到的付款金额。 GitHub will remit 95% of the sale price in USD without reduction for Taxes except for any withholding taxes that are required under applicable law. The remaining 5% of the sales price will be allotted to and retained by GitHub. 每个月底,在达到最低值 500 美元后,GitHub 将汇出您的应得款项。 **6.3** 退款要求。 您将负责制定关于向最终客户退款的条款和条件。 在任何情况下,GitHub 都不负责为退款提供任何支持,GitHub 也没有义务支付任何退款。 diff --git a/translations/zh-CN/content/github/site-policy/github-marketplace-terms-of-service.md b/translations/zh-CN/content/site-policy/github-terms/github-marketplace-terms-of-service.md similarity index 88% rename from translations/zh-CN/content/github/site-policy/github-marketplace-terms-of-service.md rename to translations/zh-CN/content/site-policy/github-terms/github-marketplace-terms-of-service.md index a9ebd1519e..4f681d8fe3 100644 --- a/translations/zh-CN/content/github/site-policy/github-marketplace-terms-of-service.md +++ b/translations/zh-CN/content/site-policy/github-terms/github-marketplace-terms-of-service.md @@ -2,6 +2,7 @@ title: GitHub 市场服务条款 redirect_from: - /articles/github-marketplace-terms-of-service + - /github/site-policy/github-marketplace-terms-of-service versions: fpt: '*' topics: @@ -17,30 +18,22 @@ topics: ## A. GitHub.com 的服务条款 -Marketplace 由 GitHub 提供,受 - -服务条款或[公司服务条款](/articles/github-corporate-terms-of-service/)(“GitHub 条款”,具体取决于您使用的帐户类型)以及这些 Marketplace 条款的约束。 如果您将开发者产品配置为用于 GitHub.com 网站上的一个或多个帐户,则您对开发者产品的使用也将受适用 GitHub 条款的约束。 本文档中未定义的任何大写术语将在您适用的 GitHub 条款中定义。

+Marketplace is provided by GitHub, and is governed by either the [Terms of Service](/articles/github-terms-of-service/) or the [Corporate Terms of Service](/articles/github-corporate-terms-of-service/) ("GitHub Terms"), depending on the type of account you're on, as well as these Marketplace Terms. 如果您将开发者产品配置为用于 GitHub.com 网站上的一个或多个帐户,则您对开发者产品的使用也将受适用 GitHub 条款的约束。 本文档中未定义的任何大写术语将在您适用的 GitHub 条款中定义。 使用开发者产品时不得违反适用的 GitHub 条款。 许多此类开发者产品专门用于执行自动化任务。 此外,多个用户可以指示开发者产品的操作。 但是,如果您用自己的帐户购买和/或设置开发者产品,或者您是具有集成开发者产品的帐户之所有者,则您应对在您的帐户上或通过您的帐户执行的开发者产品操作负责。 - - ## B. 使用要求 要使用 Marketplace,您必须年满 13 岁(如果您居住在美国;如果您居住在其他国家/地区,则必须遵守所在国家/地区的最低年龄法律要求),拥有有效的 GitHub 帐户,并同意遵守适用的 GitHub 条款和这些 Marketplace 条款。 如果您代表公司、组织或其他法律实体同意这些 Marketplace 条款,则表示您拥有让该实体、其附属公司以及代表其访问 Marketplace 的所有用户受这些 Marketplace 条款约束的权限。 如果您没有这种权限,则不得接受这些 Marketplace 条款,也不得使用 Marketplace 服务。 - - ## C. 开发者产品和产品提供者 如果要安装和/或购买开发者产品,则需要从 GitHub 购买并直接向 GitHub 支付相关款项。 但是,您将从产品提供者获取开发者产品的访问和使用权限,而不是从 GitHub 获取(除非它是 GitHub 拥有的开发者产品)。 产品提供者将自行负责其提供的开发者产品和产品中的内容,以及您或任何其他方对于开发者产品或产品使用可能提出的任何索赔。 我们不是您与产品提供者之间关于开发者产品之协议的缔约方。 对于开发者产品和产品中的内容,以及您或任何其他方对于开发者产品或产品使用可能提出的任何索赔,我们概不负责。 但我们是您与产品提供者之间关于每个开发者产品之协议的的第三方受益人,我们将有权(并被视为已接受该权利)作为第三方受益人对您执行该协议 。 - - ## D. 付款、计费计划和取消 开发者产品的所有付款将通过 GitHub 进行。 付款和费用条款受[第 K 部分“付款”](/articles/github-terms-of-service/#k-payment)或适用 GitHub 条款中类似部分的管辖。 使用 Marketplace,即表示您同意向 GitHub 支付与购买开发者产品有关的任何费用。 每次购买都构成您与 GitHub 之间以及您与产品提供者之间的电子合同。 您负责向我们提供用于购买开发者产品的有效付款方式。 如果您只购买免费的开发者产品,则无需提供付款信息。 @@ -49,36 +42,26 @@ Marketplace 由 GitHub 提供,受 如果您对帐单有任何疑问、疑虑或异议,请联系 [GitHub 支持](https://support.github.com/contact?tags=docs-policy)。 - - ## E. 您的数据和 GitHub 隐私政策 -**隐私。**当您选择或使用开发者产品时,GitHub 必须与产品提供者分享某些个人信息(定义见 GitHub 隐私声明)(如果收到您的任何此类个人信息),以便为您提供开发者产品,无论您的隐私设置如何。 GitHub 分享信息的多少取决于您所选开发者产品的要求,最少会分享您的用户帐户名称、ID 和主电子邮件地址,最多会分享您仓库内容的访问权限,包括阅读和修改您私有数据的权限。 通过 OAuth 授予权限时,您可以查看开发者产品要求的权限范围,然后选择接受或拒绝。

+**Privacy.** When you select or use a Developer Product, GitHub may share certain Personal Information (as defined in the [GitHub Privacy Statement](/articles/github-privacy-statement/)) with the Product Provider (if any such Personal Information is received from you) in order to provide you with the Developer Product, regardless of your privacy settings. GitHub 分享信息的多少取决于您所选开发者产品的要求,最少会分享您的用户帐户名称、ID 和主电子邮件地址,最多会分享您仓库内容的访问权限,包括阅读和修改您私有数据的权限。 通过 OAuth 授予权限时,您可以查看开发者产品要求的权限范围,然后选择接受或拒绝。 如果您停止使用开发者产品并通过帐户设置撤消访问权限,则产品提供者将无法再访问您的帐户。 产品提供者负责在其规定的时间内从其系统中删除您的个人信息。 请联系产品提供者以确保您的帐户以被正确终止。 **数据安全和隐私免责声明。** 当您选择或使用开发者产品时, 开发者产品的安全性及其对您数据(包括您的个人信息,如果有)的保管是产品提供者的责任。 您有责任出于自己的安全性 、隐私风险和合规性考虑,了解选择或使用开发者产品的相关安全和隐私因素。 - - ## F. 开发者产品的权利 授予您使用任何开发者产品的权限是赋予您个人的权限, 您不得将其转让给任何第三方,例如您的最终用户。 向第三方提供或转售开发者产品的任何权限,必须由产品提供者直接授予。 - - ## G. 开发者产品的更新 GitHub.com 会不时检查远程服务器(由 GitHub 或第三方托管)上对开发者产品的可用更新,包括但不限于漏洞修复或增强功能。 您同意将自动请求、下载和安装此类更新,而无需另行通知。 - - ## H. 阻止开发者产品 出于法律或政策原因,GitHub 可能会在我们服务器上阻止开发者产品或禁用其功能。 如果必须阻止或禁用开发者产品,我们将与产品提供者合作通知受影响的用户。 - - ## I. 免责声明;责任限制;免赔与保障赔偿 **免责声明。** 您使用 Marketplace 和通过 Marketplace 获取的任何开发者产品均应自担风险。 除明确声明外,GitHub 将“按原样”和“视情况”提供 Marketplace 和开发者产品。 对于 Marketplace 和开发者产品,GitHub 不作任何明示或暗示的保证或承诺,包括但不限于通过 Marketplace 和开发者产品获取的特定功能、其可靠性、可用性或满足您需求的能力。 @@ -91,8 +74,6 @@ GitHub.com 会不时检查远程服务器(由 GitHub 或第三方托管)上 您同意,对于因您使用 Marketplace,包括但不限于您违反这些 Marketplace 条款,而引起的任何和所有索赔、责任和费用,您负责赔偿我们、为我们抗辩并保护我们免受任何损害,但 GitHub 应 (1) 及时向您提供有关索赔、要求、诉讼或程序的书面通知;(2) 赋予您对索赔、要求、诉讼或程序进行抗辩和解决的唯一控制权(但您对任何索赔、要求、诉讼或程序的解决方案必须无条件免除 GitHub 的所有责任);以及 (3) 向您提供所有合理的协助,但费用由您承担。 - - ## J. 其他 1. **适用法律。**您同意,这些 Marketplace 条款以及您对开发者产品的使用受加利福尼亚法律的管辖,对于与开发者产品相关的任何争议,必须提交给加利福尼亚州旧金山市或其附近具有管辖权的法院。 diff --git a/translations/zh-CN/content/github/site-policy/github-open-source-applications-terms-and-conditions.md b/translations/zh-CN/content/site-policy/github-terms/github-open-source-applications-terms-and-conditions.md similarity index 98% rename from translations/zh-CN/content/github/site-policy/github-open-source-applications-terms-and-conditions.md rename to translations/zh-CN/content/site-policy/github-terms/github-open-source-applications-terms-and-conditions.md index b3cdcd8c0c..4adaf16ab4 100644 --- a/translations/zh-CN/content/github/site-policy/github-open-source-applications-terms-and-conditions.md +++ b/translations/zh-CN/content/site-policy/github-terms/github-open-source-applications-terms-and-conditions.md @@ -2,6 +2,7 @@ title: GitHub 开源应用程序条款和条件 redirect_from: - /articles/github-open-source-applications-terms-and-conditions + - /github/site-policy/github-open-source-applications-terms-and-conditions versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-registered-developer-agreement.md b/translations/zh-CN/content/site-policy/github-terms/github-registered-developer-agreement.md similarity index 99% rename from translations/zh-CN/content/github/site-policy/github-registered-developer-agreement.md rename to translations/zh-CN/content/site-policy/github-terms/github-registered-developer-agreement.md index c4021d8824..22cfb1c08e 100644 --- a/translations/zh-CN/content/github/site-policy/github-registered-developer-agreement.md +++ b/translations/zh-CN/content/site-policy/github-terms/github-registered-developer-agreement.md @@ -2,6 +2,7 @@ title: GitHub 注册开发者协议 redirect_from: - /articles/github-registered-developer-agreement + - /github/site-policy/github-registered-developer-agreement versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-research-program-terms.md b/translations/zh-CN/content/site-policy/github-terms/github-research-program-terms.md similarity index 99% rename from translations/zh-CN/content/github/site-policy/github-research-program-terms.md rename to translations/zh-CN/content/site-policy/github-terms/github-research-program-terms.md index 233f763691..600bfaf70b 100644 --- a/translations/zh-CN/content/github/site-policy/github-research-program-terms.md +++ b/translations/zh-CN/content/site-policy/github-terms/github-research-program-terms.md @@ -2,6 +2,7 @@ title: GitHub 研究计划条款 redirect_from: - /articles/github-research-program-terms + - /github/site-policy/github-research-program-terms versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-sponsors-additional-terms.md b/translations/zh-CN/content/site-policy/github-terms/github-sponsors-additional-terms.md similarity index 99% rename from translations/zh-CN/content/github/site-policy/github-sponsors-additional-terms.md rename to translations/zh-CN/content/site-policy/github-terms/github-sponsors-additional-terms.md index b8c86c1812..5a3b01fee6 100644 --- a/translations/zh-CN/content/github/site-policy/github-sponsors-additional-terms.md +++ b/translations/zh-CN/content/site-policy/github-terms/github-sponsors-additional-terms.md @@ -2,6 +2,7 @@ title: GitHub 赞助附加条款 redirect_from: - /articles/github-sponsors-additional-terms + - /github/site-policy/github-sponsors-additional-terms versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-terms-for-additional-products-and-features.md b/translations/zh-CN/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md similarity index 99% rename from translations/zh-CN/content/github/site-policy/github-terms-for-additional-products-and-features.md rename to translations/zh-CN/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md index 3a665edfdc..01985612ec 100644 --- a/translations/zh-CN/content/github/site-policy/github-terms-for-additional-products-and-features.md +++ b/translations/zh-CN/content/site-policy/github-terms/github-terms-for-additional-products-and-features.md @@ -2,6 +2,7 @@ title: GitHub 其他产品和功能条款 redirect_from: - /github/site-policy/github-additional-product-terms + - /github/site-policy/github-terms-for-additional-products-and-features versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-terms-of-service.md b/translations/zh-CN/content/site-policy/github-terms/github-terms-of-service.md similarity index 99% rename from translations/zh-CN/content/github/site-policy/github-terms-of-service.md rename to translations/zh-CN/content/site-policy/github-terms/github-terms-of-service.md index bdd9a334f4..9c68ee6aa6 100644 --- a/translations/zh-CN/content/github/site-policy/github-terms-of-service.md +++ b/translations/zh-CN/content/site-policy/github-terms/github-terms-of-service.md @@ -6,6 +6,7 @@ redirect_from: - /terms-of-service - /github-terms-of-service-draft - /articles/github-terms-of-service + - /github/site-policy/github-terms-of-service versions: fpt: '*' topics: @@ -21,7 +22,7 @@ topics: | ----------------------------------------------------------- | ------------------------------------------------------------- | | [A. 定义](#a-definitions) | 一些基本术语,其定义方式将有助于您理解此协议。 不明确时请回头参阅本节内容。 | | [B. 帐户条款](#b-account-terms) | 这些是在GitHub 上开设帐户的基本要求。 | -| [C. 可接受的使用](#c-acceptable-use) | 这些是您使用 GitHub 帐户时必须遵循的基本规则。 | +| [C. 可接受使用](#c-acceptable-use) | 这些是您使用 GitHub 帐户时必须遵循的基本规则。 | | [D. 用户生成内容](#d-user-generated-content) | 您在 GitHub 上发布的内容归您所有。 但您对此负有一些责任,我们请您向我们授予一些权利,以便我们能够为您提供服务。 | | [E. 私有仓库](#e-private-repositories) | 本节讨论 GitHub 如何处理您在私有仓库中发布的内容。 | | [F. 版权和 DMCA 政策](#f-copyright-infringement-and-dmca-policy) | 本节介绍当您认为有人正在侵犯您在 GitHub 上的版权时,GitHub 将如何应对。 | @@ -72,7 +73,7 @@ topics: - 一个人或一个法律实体最多可以拥有一个免费帐户(如果您选择还控制一个机器帐户,没问题,但是它只能用于运行机器)。 - 用户必须年满 13 岁。 虽然我们很高兴看到优秀的年轻编码者热衷于学习编程,但我们必须遵守美国法律。 GitHub 并未针对 13 岁以下的儿童定制服务,因此我们不允许任何 13 岁以下的用户使用我们的服务。 如果我们发现任何用户未满 13 岁,我们将[立即终止该用户的帐户](#l-cancellation-and-termination)。 如果您是美国以外的国家/地区的居民,您所在国家/地区规定的最低年龄可能会更大;在这种情况下,您有责任遵守您所在国家/地区的法律。 - 您的登录名只能由一个人使用,即不允许多人共享一个登录名。 付费组织只能在订阅允许的范围内向多个用户帐户提供访问权限。 -- 不得违反美国或任何其他适用司法管辖区的出口管制或制裁法律使用 GitHub。 如果您是[特别指定国民 (SDN)](https://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx)或被美国政府机构实施的类似封锁或被拒方禁令所限制的个人,或者代表他们工作,则您不得使用 GitHub。 政府机构。 GitHub 可能会根据美国政府的授权,允许某些受制裁国家或地区的人访问某些 GitHub 服务。 政府授权。 更多信息请参阅我们的[出口管制政策](/articles/github-and-export-controls)。 +- 不得违反美国或任何其他适用司法管辖区的出口管制或制裁法律使用 GitHub。 如果您是[特别指定国民 (SDN)](https://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx)或被美国政府机构实施的类似封锁或被拒方禁令所限制的个人,或者代表他们工作,则您不得使用 GitHub。 政府机构。 GitHub 可能会根据美国政府的授权,允许某些受制裁国家或地区的人访问某些 GitHub 服务。 政府授权。 For more information, please see our [Export Controls policy](/articles/github-and-export-controls). ### 4. 用户帐户安全 在使用我们的服务时,您负责维护您的帐户安全。 我们提供双重身份验证等工具,帮助您维护帐户的安全性,但您的帐户内容及其安全性取决于您。 @@ -87,7 +88,7 @@ topics: 如果您注册了 GitHub Enterprise Cloud,则 [Enterprise Cloud 附录](/articles/github-enterprise-cloud-addendum/)适用于您,并且您同意其规定。 -## C. 可接受的使用 +## C. 可接受使用 **短版本:** *GitHub 托管全球各地大量的协作项目,仅当用户能够善意一起工作时,该协作才能正常进行。 在使用服务时,必须遵守此部分的条款,包括对您可以发布的内容、对服务的操作的一些限制,以及其他限制规定。 简言之,要互惠互利。* 您对网站和服务的使用不得违反任何相关法律,包括版权法或商标法、出口管制或制裁法律,或您的司法管辖区的法规。 您有责任确保您对服务的使用符合法律和任何适用条例。 diff --git a/translations/zh-CN/content/site-policy/github-terms/index.md b/translations/zh-CN/content/site-policy/github-terms/index.md new file mode 100644 index 0000000000..1068d5e6d5 --- /dev/null +++ b/translations/zh-CN/content/site-policy/github-terms/index.md @@ -0,0 +1,23 @@ +--- +title: GitHub Terms +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-corporate-terms-of-service + - /github-community-forum-code-of-conduct + - /github-community-guidelines + - /github-terms-of-service + - /github-sponsors-additional-terms + - /github-terms-for-additional-products-and-features + - /github-registered-developer-agreement + - /github-marketplace-terms-of-service + - /github-marketplace-developer-agreement + - /github-research-program-terms + - /github-open-source-applications-terms-and-conditions + - /github-event-terms + - /github-event-code-of-conduct +--- + diff --git a/translations/zh-CN/content/site-policy/index.md b/translations/zh-CN/content/site-policy/index.md new file mode 100644 index 0000000000..1d391b6fb1 --- /dev/null +++ b/translations/zh-CN/content/site-policy/index.md @@ -0,0 +1,21 @@ +--- +title: 站点策略 +redirect_from: + - /categories/61/articles + - /categories/site-policy + - /github/site-policy +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-terms + - /acceptable-use-policies + - /privacy-policies + - /other-site-policies + - /content-removal-policies + - /security-policies + - /github-company-policies +--- + diff --git a/translations/zh-CN/content/github/site-policy/github-and-trade-controls.md b/translations/zh-CN/content/site-policy/other-site-policies/github-and-trade-controls.md similarity index 98% rename from translations/zh-CN/content/github/site-policy/github-and-trade-controls.md rename to translations/zh-CN/content/site-policy/other-site-policies/github-and-trade-controls.md index 7eb3c02736..08970025c6 100644 --- a/translations/zh-CN/content/github/site-policy/github-and-trade-controls.md +++ b/translations/zh-CN/content/site-policy/other-site-policies/github-and-trade-controls.md @@ -5,6 +5,8 @@ redirect_from: - /articles/github-and-trade-control - /articles/github-and-trade-controls - /github/site-policy/github-and-export-controls + - /github/site-policy/github-and-trade-controls + - /github/site-policy/github-terms-and-other-site-policies/github-and-trade-controls versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-deceased-user-policy.md b/translations/zh-CN/content/site-policy/other-site-policies/github-deceased-user-policy.md similarity index 90% rename from translations/zh-CN/content/github/site-policy/github-deceased-user-policy.md rename to translations/zh-CN/content/site-policy/other-site-policies/github-deceased-user-policy.md index be13170db9..d412ae5724 100644 --- a/translations/zh-CN/content/github/site-policy/github-deceased-user-policy.md +++ b/translations/zh-CN/content/site-policy/other-site-policies/github-deceased-user-policy.md @@ -5,6 +5,9 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/github-deceased-user-policy + - /github/site-policy/github-terms-and-other-site-policies/github-deceased-user-policy --- 如果 GitHub 用户亡故,我们可以与授权的个人合作确定帐户内容的情况。 diff --git a/translations/zh-CN/content/github/site-policy/github-government-takedown-policy.md b/translations/zh-CN/content/site-policy/other-site-policies/github-government-takedown-policy.md similarity index 93% rename from translations/zh-CN/content/github/site-policy/github-government-takedown-policy.md rename to translations/zh-CN/content/site-policy/other-site-policies/github-government-takedown-policy.md index 7515df8772..c4299bbe9d 100644 --- a/translations/zh-CN/content/github/site-policy/github-government-takedown-policy.md +++ b/translations/zh-CN/content/site-policy/other-site-policies/github-government-takedown-policy.md @@ -5,6 +5,9 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/github-government-takedown-policy + - /github/site-policy/github-terms-and-other-site-policies/github-government-takedown-policy --- ## 这是什么? diff --git a/translations/zh-CN/content/github/site-policy/github-logo-policy.md b/translations/zh-CN/content/site-policy/other-site-policies/github-logo-policy.md similarity index 89% rename from translations/zh-CN/content/github/site-policy/github-logo-policy.md rename to translations/zh-CN/content/site-policy/other-site-policies/github-logo-policy.md index 33af16ab25..b6e7da2472 100644 --- a/translations/zh-CN/content/github/site-policy/github-logo-policy.md +++ b/translations/zh-CN/content/site-policy/other-site-policies/github-logo-policy.md @@ -4,6 +4,8 @@ redirect_from: - /articles/i-m-developing-a-third-party-github-app-what-do-i-need-to-know - /articles/using-an-octocat-to-link-to-github-or-your-github-profile - /articles/github-logo-policy + - /github/site-policy/github-logo-policy + - /github/site-policy/github-terms-and-other-site-policies/github-logo-policy versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-username-policy.md b/translations/zh-CN/content/site-policy/other-site-policies/github-username-policy.md similarity index 89% rename from translations/zh-CN/content/github/site-policy/github-username-policy.md rename to translations/zh-CN/content/site-policy/other-site-policies/github-username-policy.md index 4eacba6030..b39b80fdf6 100644 --- a/translations/zh-CN/content/github/site-policy/github-username-policy.md +++ b/translations/zh-CN/content/site-policy/other-site-policies/github-username-policy.md @@ -3,6 +3,8 @@ title: GitHub 用户名政策 redirect_from: - /articles/name-squatting-policy - /articles/github-username-policy + - /github/site-policy/github-username-policy + - /github/site-policy/github-terms-and-other-site-policies/github-username-policy versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md b/translations/zh-CN/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md similarity index 98% rename from translations/zh-CN/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md rename to translations/zh-CN/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md index b7d33b4d71..48a0a89a38 100644 --- a/translations/zh-CN/content/github/site-policy/guidelines-for-legal-requests-of-user-data.md +++ b/translations/zh-CN/content/site-policy/other-site-policies/guidelines-for-legal-requests-of-user-data.md @@ -3,6 +3,8 @@ title: 用户数据法律要求指南 redirect_from: - /law-enforcement-guidelines - /articles/guidelines-for-legal-requests-of-user-data + - /github/site-policy/guidelines-for-legal-requests-of-user-data + - /github/site-policy/github-terms-and-other-site-policies/guidelines-for-legal-requests-of-user-data versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/site-policy/other-site-policies/index.md b/translations/zh-CN/content/site-policy/other-site-policies/index.md new file mode 100644 index 0000000000..4080978c23 --- /dev/null +++ b/translations/zh-CN/content/site-policy/other-site-policies/index.md @@ -0,0 +1,16 @@ +--- +title: Other Site Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-and-trade-controls + - /github-deceased-user-policy + - /github-logo-policy + - /github-government-takedown-policy + - /github-username-policy + - /guidelines-for-legal-requests-of-user-data +--- + diff --git a/translations/zh-CN/content/github/site-policy/github-candidate-privacy-policy.md b/translations/zh-CN/content/site-policy/privacy-policies/github-candidate-privacy-policy.md similarity index 98% rename from translations/zh-CN/content/github/site-policy/github-candidate-privacy-policy.md rename to translations/zh-CN/content/site-policy/privacy-policies/github-candidate-privacy-policy.md index 45d15d5109..7c5e793bbb 100644 --- a/translations/zh-CN/content/github/site-policy/github-candidate-privacy-policy.md +++ b/translations/zh-CN/content/site-policy/privacy-policies/github-candidate-privacy-policy.md @@ -5,6 +5,8 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/github-candidate-privacy-policy --- 生效日期:2021 年 3 月 8 日 diff --git a/translations/zh-CN/content/github/site-policy/github-codespaces-privacy-statement.md b/translations/zh-CN/content/site-policy/privacy-policies/github-codespaces-privacy-statement.md similarity index 94% rename from translations/zh-CN/content/github/site-policy/github-codespaces-privacy-statement.md rename to translations/zh-CN/content/site-policy/privacy-policies/github-codespaces-privacy-statement.md index 2de78c3d38..8aacff59ae 100644 --- a/translations/zh-CN/content/github/site-policy/github-codespaces-privacy-statement.md +++ b/translations/zh-CN/content/site-policy/privacy-policies/github-codespaces-privacy-statement.md @@ -2,6 +2,7 @@ title: GitHub Codespaces 隐私声明 redirect_from: - /github/site-policy/github-codespaces-privacy-policy + - /github/site-policy/github-codespaces-privacy-statement versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-data-protection-agreement.md b/translations/zh-CN/content/site-policy/privacy-policies/github-data-protection-agreement.md similarity index 99% rename from translations/zh-CN/content/github/site-policy/github-data-protection-agreement.md rename to translations/zh-CN/content/site-policy/privacy-policies/github-data-protection-agreement.md index dbea19651e..038b73467d 100644 --- a/translations/zh-CN/content/github/site-policy/github-data-protection-agreement.md +++ b/translations/zh-CN/content/site-policy/privacy-policies/github-data-protection-agreement.md @@ -4,6 +4,7 @@ redirect_from: - /github/site-policy/github-data-protection-addendum - /github/site-policy-deprecated/github-data-protection-addendum - /github/site-policy/github-data-protection-agreement-non-enterprise-customers + - /github/site-policy/github-data-protection-agreement versions: fpt: '*' --- diff --git a/translations/zh-CN/content/github/site-policy/github-privacy-statement.md b/translations/zh-CN/content/site-policy/privacy-policies/github-privacy-statement.md similarity index 98% rename from translations/zh-CN/content/github/site-policy/github-privacy-statement.md rename to translations/zh-CN/content/site-policy/privacy-policies/github-privacy-statement.md index bc084f51fc..2654e37a24 100644 --- a/translations/zh-CN/content/github/site-policy/github-privacy-statement.md +++ b/translations/zh-CN/content/site-policy/privacy-policies/github-privacy-statement.md @@ -7,6 +7,7 @@ redirect_from: - /github-privacy-policy - /articles/github-privacy-policy - /articles/github-privacy-statement + - /github/site-policy/github-privacy-statement versions: fpt: '*' topics: @@ -244,7 +245,7 @@ GitHub 仅使用绝对必要的 Cookie。 Cookie 是网站通常存储在访客 使用我们的服务,即表示您同意我们将这些类型的 cookie 放在您的计算机或设备上。 如果您禁止浏览器或设备接受这些 cookie,则将无法登录或使用我们的服务。 -我们提供了一个有关 [cookie 和跟踪技术](/github/site-policy/github-subprocessors-and-cookies)的网页,介绍我们设置的 cookie、对这些 cookie 的需求以及它们的类型(临时或永久)。 +We provide more information about [cookies on GitHub](/github/site-policy/github-subprocessors-and-cookies#cookies-on-github) on our [GitHub Subprocessors and Cookies](/github/site-policy/github-subprocessors-and-cookies) page that describes the cookies we set, the needs we have for those cookies, and the expiration of such cookies. ### DNT @@ -321,7 +322,7 @@ GitHub 处理美国境内外的个人信息,并依靠标准合同条款作为 ## 隐私声明的变更 -GitHub 可能会不时更改我们的隐私声明,不过大多数情况都是小变动。 如果本隐私声明发生重大变更,我们会在变更生效之前至少 30 天通知用户 - 在我们网站的主页上发布通知,或者发送电子邮件到您的 GitHub 帐户中指定的主电子邮件地址。 我们还会更新我们的[站点政策仓库](https://github.com/github/site-policy/),通过它可跟踪本政策的所有变更。 对于本隐私声明的其他更改,我们建议用户[关注](/github/managing-subscriptions-and-notifications-on-github/configuring-notifications#configuring-your-watch-settings-for-an-individual-repository)或经常查看我们的网站政策仓库。 +GitHub 可能会不时更改我们的隐私声明,不过大多数情况都是小变动。 如果本隐私声明发生重大变更,我们会在变更生效之前至少 30 天通知用户 - 在我们网站的主页上发布通知,或者发送电子邮件到您的 GitHub 帐户中指定的主电子邮件地址。 我们还会更新我们的[站点政策仓库](https://github.com/github/site-policy/),通过它可跟踪本政策的所有变更。 For other changes to this Privacy Statement, we encourage Users to [watch](/github/managing-subscriptions-and-notifications-on-github/configuring-notifications#configuring-your-watch-settings-for-an-individual-repository) or to check our Site Policy repository frequently. ## 许可 @@ -335,7 +336,7 @@ GitHub 可能会不时更改我们的隐私声明,不过大多数情况都是 以下是本文档翻译成其他语言的版本。 如果任何这些版本与英文版之间存在任何冲突、含糊或明显不一致,以英文版为准。 ### 法语 -Cliquez ici pour obtenir la version française: [Déclaration de confidentialité de GitHub](/assets/images/help/site-policy/github-privacy-statement(12.20.19)(FR).pdf) +Cliquez ici pour obtenir la version française: [Déclaration de confidentialité de GitHub](/assets/images/help/site-policy/github-privacy-statement(07.22.20)(FR).pdf) ### 其他翻译版本: diff --git a/translations/zh-CN/content/github/site-policy/github-subprocessors-and-cookies.md b/translations/zh-CN/content/site-policy/privacy-policies/github-subprocessors-and-cookies.md similarity index 95% rename from translations/zh-CN/content/github/site-policy/github-subprocessors-and-cookies.md rename to translations/zh-CN/content/site-policy/privacy-policies/github-subprocessors-and-cookies.md index 839c995595..36a8f22da8 100644 --- a/translations/zh-CN/content/github/site-policy/github-subprocessors-and-cookies.md +++ b/translations/zh-CN/content/site-policy/privacy-policies/github-subprocessors-and-cookies.md @@ -6,6 +6,7 @@ redirect_from: - /github-tracking - /github-cookies - /articles/github-subprocessors-and-cookies + - /github/site-policy/github-subprocessors-and-cookies versions: fpt: '*' topics: @@ -45,7 +46,7 @@ GitHub 在如何使用您的数据、如何收集您的数据以及与谁分享 ## GitHub 上的 Cookie -GitHub 使用 Cookie 来提供和保护我们的网站,并分析我们网站的使用情况,以便为您提供出色的用户体验。 为此,我们制作了本页面,详细介绍[我们的子处理商](#github-subprocessors)、我们如何使用 [cookie](#cookies-on-github)、在何处进行跟踪以及如何[在 GitHub 上执行跟踪](#tracking-on-github)。 +GitHub 使用 Cookie 来提供和保护我们的网站,并分析我们网站的使用情况,以便为您提供出色的用户体验。 Please take a look at our [Privacy Statement](/github/site-policy/github-privacy-statement#our-use-of-cookies-and-tracking) if you’d like more information about cookies, and on how and why we use them. 由于 Cookie 的数量和名称可能会发生变化,下表可能会不时更新。 @@ -75,6 +76,6 @@ GitHub 使用 Cookie 来提供和保护我们的网站,并分析我们网站 | GitHub | `tz` | 此 Cookie 允许我们根据您的时区自定义时间戳。 | 会话 | | GitHub | `user_session` | 此 cookie 用于您的登录。 | 两周 | -_*_ GitHub 出于以下原因在用户设备上放置以下 cookie: +_*_ The **expiration** dates for the cookies listed below generally apply on a rolling basis. (!) 请注意,虽然我们将第三方 Cookie 的使用限制在呈现外部内容时提供外部功能的需要,但我们网站上的某些页面可能会设置其他第三方 Cookie。 例如,我们可能会嵌入来自其他网站的内容(例如视频),而该网站可能放置 cookie。 虽然我们尽可能减少这些第三方 cookie,但我们无法始终控制这些第三方内容放置哪些 cookie。 diff --git a/translations/zh-CN/content/github/site-policy/githubs-notice-about-the-california-consumer-privacy-act.md b/translations/zh-CN/content/site-policy/privacy-policies/githubs-notice-about-the-california-consumer-privacy-act.md similarity index 99% rename from translations/zh-CN/content/github/site-policy/githubs-notice-about-the-california-consumer-privacy-act.md rename to translations/zh-CN/content/site-policy/privacy-policies/githubs-notice-about-the-california-consumer-privacy-act.md index 2b0838fbf4..7848cdd39f 100644 --- a/translations/zh-CN/content/github/site-policy/githubs-notice-about-the-california-consumer-privacy-act.md +++ b/translations/zh-CN/content/site-policy/privacy-policies/githubs-notice-about-the-california-consumer-privacy-act.md @@ -5,6 +5,8 @@ versions: topics: - Policy - Legal +redirect_from: + - /github/site-policy/githubs-notice-about-the-california-consumer-privacy-act --- 2020 年 1 月 1 日起生效 diff --git a/translations/zh-CN/content/github/site-policy/global-privacy-practices.md b/translations/zh-CN/content/site-policy/privacy-policies/global-privacy-practices.md similarity index 99% rename from translations/zh-CN/content/github/site-policy/global-privacy-practices.md rename to translations/zh-CN/content/site-policy/privacy-policies/global-privacy-practices.md index cb9ba82efe..1c760f85ba 100644 --- a/translations/zh-CN/content/github/site-policy/global-privacy-practices.md +++ b/translations/zh-CN/content/site-policy/privacy-policies/global-privacy-practices.md @@ -3,6 +3,7 @@ title: 全球隐私实践 redirect_from: - /eu-safe-harbor - /articles/global-privacy-practices + - /github/site-policy/global-privacy-practices versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/site-policy/privacy-policies/index.md b/translations/zh-CN/content/site-policy/privacy-policies/index.md new file mode 100644 index 0000000000..7acb263d6d --- /dev/null +++ b/translations/zh-CN/content/site-policy/privacy-policies/index.md @@ -0,0 +1,17 @@ +--- +title: Privacy Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /github-codespaces-privacy-statement + - /global-privacy-practices + - /github-data-protection-agreement + - /github-privacy-statement + - /github-subprocessors-and-cookies + - /githubs-notice-about-the-california-consumer-privacy-act + - /github-candidate-privacy-policy +--- + diff --git a/translations/zh-CN/content/github/site-policy/coordinated-disclosure-of-security-vulnerabilities.md b/translations/zh-CN/content/site-policy/security-policies/coordinated-disclosure-of-security-vulnerabilities.md similarity index 87% rename from translations/zh-CN/content/github/site-policy/coordinated-disclosure-of-security-vulnerabilities.md rename to translations/zh-CN/content/site-policy/security-policies/coordinated-disclosure-of-security-vulnerabilities.md index ab63dda7ae..4216d45fc7 100644 --- a/translations/zh-CN/content/github/site-policy/coordinated-disclosure-of-security-vulnerabilities.md +++ b/translations/zh-CN/content/site-policy/security-policies/coordinated-disclosure-of-security-vulnerabilities.md @@ -4,7 +4,8 @@ redirect_from: - /responsible-disclosure - /coordinated-disclosure - /articles/responsible-disclosure-of-security-vulnerabilities - - /site-policy/responsible-disclosure-of-security-vulnerabilities + - /github/site-policy/responsible-disclosure-of-security-vulnerabilities + - /github/site-policy/coordinated-disclosure-of-security-vulnerabilities versions: fpt: '*' topics: diff --git a/translations/zh-CN/content/github/site-policy/github-bug-bounty-program-legal-safe-harbor.md b/translations/zh-CN/content/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor.md similarity index 100% rename from translations/zh-CN/content/github/site-policy/github-bug-bounty-program-legal-safe-harbor.md rename to translations/zh-CN/content/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor.md diff --git a/translations/zh-CN/content/site-policy/security-policies/index.md b/translations/zh-CN/content/site-policy/security-policies/index.md new file mode 100644 index 0000000000..35aab7da83 --- /dev/null +++ b/translations/zh-CN/content/site-policy/security-policies/index.md @@ -0,0 +1,12 @@ +--- +title: Security Policies +versions: + fpt: '*' +topics: + - Policy + - Legal +children: + - /coordinated-disclosure-of-security-vulnerabilities + - /github-bug-bounty-program-legal-safe-harbor +--- + diff --git a/translations/zh-CN/data/features/actions-cache-management.yml b/translations/zh-CN/data/features/actions-cache-management.yml new file mode 100644 index 0000000000..9d28e9b9db --- /dev/null +++ b/translations/zh-CN/data/features/actions-cache-management.yml @@ -0,0 +1,8 @@ +--- +#Reference: #6154 +#Documentation for Actions cache management APIs (initial ship) +versions: + fpt: '*' + ghec: '*' + ghes: '> 3.4' + ghae: 'issue-6154' diff --git a/translations/zh-CN/data/features/device-flow-is-opt-in.yml b/translations/zh-CN/data/features/device-flow-is-opt-in.yml new file mode 100644 index 0000000000..1b66880f95 --- /dev/null +++ b/translations/zh-CN/data/features/device-flow-is-opt-in.yml @@ -0,0 +1,6 @@ +--- +#docs-content 6307. OAuth device auth flow is opt in. +versions: + fpt: '*' + ghec: '*' + ghae: 'issue-6307' diff --git a/translations/zh-CN/data/features/mermaid.yml b/translations/zh-CN/data/features/mermaid.yml index 09870e35f9..db633f907d 100644 --- a/translations/zh-CN/data/features/mermaid.yml +++ b/translations/zh-CN/data/features/mermaid.yml @@ -1,8 +1,8 @@ --- -#Issue 5812 and 6172 -#Mermaid syntax support +#Issues 5812 and 6172, also 6411 +#Mermaid syntax support, also ASCII STL and geoJSON/topoJSON syntax support versions: fpt: '*' ghec: '*' - ghes: '>=3.5' + ghes: '>=3.6' ghae: 'issue-6172' diff --git a/translations/zh-CN/data/features/re-run-jobs.yml b/translations/zh-CN/data/features/re-run-jobs.yml new file mode 100644 index 0000000000..8090de2387 --- /dev/null +++ b/translations/zh-CN/data/features/re-run-jobs.yml @@ -0,0 +1,8 @@ +--- +#Issue 4722 +#Re-running failed jobs in an Actions workflow +versions: + fpt: '*' + ghec: '*' + ghes: '>=3.5' + ghae: 'issue-4722' diff --git a/translations/zh-CN/data/learning-tracks/admin.yml b/translations/zh-CN/data/learning-tracks/admin.yml index 3c957cda2d..6ef7226986 100644 --- a/translations/zh-CN/data/learning-tracks/admin.yml +++ b/translations/zh-CN/data/learning-tracks/admin.yml @@ -7,6 +7,7 @@ get_started_with_github_ae: guides: - /admin/overview/about-github-ae - /admin/overview/about-data-residency + - /admin/configuration/configuring-your-enterprise/deploying-github-ae - /admin/configuration/initializing-github-ae - /admin/configuration/restricting-network-traffic-to-your-enterprise - /admin/github-actions/getting-started-with-github-actions-for-github-ae diff --git a/translations/zh-CN/data/learning-tracks/code-security.yml b/translations/zh-CN/data/learning-tracks/code-security.yml index f2dabf0555..f8abf8dc63 100644 --- a/translations/zh-CN/data/learning-tracks/code-security.yml +++ b/translations/zh-CN/data/learning-tracks/code-security.yml @@ -18,39 +18,39 @@ dependabot_alerts: title: '获取漏洞依赖项的通知' description: '设置 Dependabot 提醒您的依赖项中有新漏洞。' guides: - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies + - /code-security/dependabot/dependabot-alerts/about-dependabot-alerts - '{% ifversion fpt or ghec or ghes > 3.2 %}/github/administering-a-repository/managing-repository-settings/managing-security-and-analysis-settings-for-your-repository{% endif %}' - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors + - /code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts + - /code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/troubleshooting-the-detection-of-vulnerable-dependencies + - /code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors #Feature available on dotcom and GHES 3.3+, so articles available on GHAE and earlier GHES hidden to hide the learning track dependabot_security_updates: title: '获取拉取请求以更新您的漏洞依赖项' description: '设置 Dependabot 以在报告新漏洞时创建拉取请求。' guides: - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates + - /code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates + - /code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates - '{% ifversion fpt or ghec or ghes > 3.2 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies{% endif %}' - '{% ifversion fpt or ghec or ghes > 3.2 %}/github/administering-a-repository/managing-repository-settings/managing-security-and-analysis-settings-for-your-repository{% endif %}' - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates - '{% ifversion fpt or ghec or ghes > 3.2 %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-the-detection-of-vulnerable-dependencies{% endif %}' #Feature available only on dotcom and GHES 3.3+ dependency_version_updates: title: '保持更新依赖项' description: '使用 Dependabot 检查新版本并创建拉取请求来更新您的依赖关系。' guides: - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-dependabot-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/customizing-dependency-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/listing-dependencies-configured-for-version-updates - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot - - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates - - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors + - /code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates + - /code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates + - /code-security/dependabot/dependabot-version-updates/customizing-dependency-updates + - /code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + - /code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot + - /code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions + - /code-security/dependabot/dependabot-version-updates/listing-dependencies-configured-for-version-updates + - /code-security/dependabot/working-with-dependabot/managing-encrypted-secrets-for-dependabot + - /code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates + - /code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors #Feature available in GHEC, GHES 3.0 up, and GHAE. Feature limited on FPT so hidden there. secret_scanning: title: '扫描密码' @@ -103,3 +103,12 @@ code_security_ci: - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/migrating-from-the-codeql-runner-to-codeql-cli - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/troubleshooting-codeql-runner-in-your-ci-system +#Feature available in all versions +end_to_end_supply_chain: + title: 'End-to-end supply chain' + description: 'How to think about securing your user accounts, your code, and your build process.' + guides: + - /code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-code + - /code-security/supply-chain-security/end-to-end-supply-chain/securing-builds diff --git a/translations/zh-CN/data/product-examples/code-security/code-examples.yml b/translations/zh-CN/data/product-examples/code-security/code-examples.yml index 3d3471e168..cd1da9f0ad 100644 --- a/translations/zh-CN/data/product-examples/code-security/code-examples.yml +++ b/translations/zh-CN/data/product-examples/code-security/code-examples.yml @@ -24,7 +24,7 @@ #Security policies title: Microsoft security policy template description: 示例安全策略 - href: https://github.com/microsoft/repo-templates/blob/main/shared/SECURITY.md + href: /microsoft/repo-templates/blob/main/shared/SECURITY.md tags: - 安全策略 - diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-1/0.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-1/0.yml index f4db0c2cc8..ccd0725cf4 100644 --- a/translations/zh-CN/data/release-notes/enterprise-server/3-1/0.yml +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-1/0.yml @@ -76,6 +76,7 @@ sections: - The latest release of the CodeQL CLI supports uploading analysis results to GitHub. This makes it easier to run code analysis for customers who wish to use CI/CD systems other than {% data variables.product.prodname_actions %}. Previously, such users had to use the separate CodeQL runner, which will continue to be available. For more information, see "[About CodeQL code scanning in your CI system](/enterprise-server@3.1/code-security/secure-coding/about-codeql-code-scanning-in-your-ci-system)." - '{% data variables.product.prodname_actions %} now supports skipping `push` and `pull_request` workflows by looking for some common keywords in your commit message.' - Check annotations older than four months will be archived. + - Scaling of worker allocation for background tasks has been revised. We recommend validating that the new defaults are appropriate for your workload. Custom background worker overrides should be unset in most cases. [Updated 2022-03-18] - heading: Security Changes notes: diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-4/0-rc1.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-4/0-rc1.yml index a33a842419..3e8bec4d28 100644 --- a/translations/zh-CN/data/release-notes/enterprise-server/3-4/0-rc1.yml +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-4/0-rc1.yml @@ -1,7 +1,7 @@ --- date: '2022-02-15' release_candidate: true -deprecated: false +deprecated: true intro: | {% note %} diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-4/0.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-4/0.yml new file mode 100644 index 0000000000..ae450a768d --- /dev/null +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-4/0.yml @@ -0,0 +1,193 @@ +--- +date: '2022-03-15' +intro: | + + For upgrade instructions, see "[Upgrading {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)." + + > This release is dedicated to our colleague and friend John, a Hubber who was always there to help. You will be greatly missed. + > + > **John "Ralph" Wiebalk 1986–2021** +sections: + features: + - + heading: Secret scanning REST API now returns locations + notes: + - | + {% data variables.product.prodname_GH_advanced_security %} customers can now use the REST API to retrieve commit details of secrets detected in private repository scans. The new endpoint returns details of a secret's first detection within a file, including the secret's location and commit SHA. For more information, see "[Secret scanning](/rest/reference/secret-scanning)" in the REST API documentation. + - + heading: Export license data of committer-based billing for GitHub Advanced Security + notes: + - | + Enterprise and organization owners can now export their {% data variables.product.prodname_GH_advanced_security %} license usage data to a CSV file. The {% data variables.product.prodname_advanced_security %} billing data can also be retrieved via billing endpoints in the REST API. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-11-export-github-advanced-security-license-usage-data/)." + - + heading: GitHub Actions reusable workflows in public beta + notes: + - | + You can now reuse entire workflows as if they were an action. This feature is available in public beta. Instead of copying and pasting workflow definitions across repositories, you can now reference an existing workflow with a single line of configuration. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-05-github-actions-dry-your-github-actions-configuration-by-reusing-workflows/)." + - + heading: Dependabot security and version updates in public beta + notes: + - | + {% data variables.product.prodname_dependabot %} is now available in {% data variables.product.prodname_ghe_server %} 3.4 as a public beta, offering both version updates and security updates for several popular ecosystems. {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_ghe_server %} requires {% data variables.product.prodname_actions %} and a pool of self-hosted runners configured for {% data variables.product.prodname_dependabot %} use. {% data variables.product.prodname_dependabot %} on {% data variables.product.prodname_ghe_server %} also requires {% data variables.product.prodname_github_connect %} and {% data variables.product.prodname_dependabot %} to be enabled by an administrator. Beta feedback and suggestions can be shared in the [{% data variables.product.prodname_dependabot %} Feedback GitHub discussion](https://github.com/github/feedback/discussions/categories/dependabot-feedback). For more information and to try the beta, see "[Setting up {% data variables.product.prodname_dependabot %} security and version updates on your enterprise](/admin/github-actions/enabling-github-actions-for-github-enterprise-server/setting-up-dependabot-updates)." + - + heading: SAML authentication supports encrypted assertions + notes: + - | + If you use SAML authentication for {% data variables.product.prodname_ghe_server %}, you can now configure encrypted assertions from your IdP to improve security. Encrypted assertions add an additional layer of encryption when your IdP transmits information to {% data variables.product.product_location %}. For more information, see "[Using SAML](/admin/identity-and-access-management/authenticating-users-for-your-github-enterprise-server-instance/using-saml#enabling-encrypted-assertions)." + changes: + - + heading: 管理更改 + notes: + - Users can now choose the number of spaces a tab is equal to, by setting their preferred tab size in the "Appearance" settings of their user account. All code with a tab indent will render using the preferred tab size. + - The {% data variables.product.prodname_github_connect %} data connection record now includes a count of the number of active and dormant users and the configured dormancy period. + - You can now give users access to enterprise-specific links by adding custom footers to {% data variables.product.prodname_ghe_server %}. For more information, see "[Configuring custom footers](/admin/configuration/configuring-your-enterprise/configuring-custom-footers)." + - + heading: Performance Changes + notes: + - WireGuard, used to secure communication between {% data variables.product.prodname_ghe_server %} instances in a High Availability configuration, has been migrated to the Kernel implementation. + - + heading: Notification Changes + notes: + - Organization owners can now unsubscribe from email notifications when new deploy keys are added to repositories belonging to their organizations. For more information, see "[Configuring notifications](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications)." + - 'Notification emails from newly created issues and pull requests now include `(Issue #xx)` or `(PR #xx)` in the email subject, so you can recognize and filter emails that reference these types of issues.' + - + heading: Organization Changes + notes: + - Organizations can now display a `README.md` file on their profile Overview. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-14-readmes-for-organization-profiles/)." + - 'Members of organizations can now view a list of their enterprise owners under the organization''s "People" tab. The enterprise owners list is also now accessible using the GraphQL API. For more information, see the "[`enterpriseOwners`](/graphql/reference/objects#organization)" field under the Organization object in the GraphQL API documentation.' + - + heading: Repositories changes + notes: + - | + A "Manage Access" section is now shown on the "Collaborators and teams" page in your repository settings. The new section makes it easier for repository administrators to see and manage who has access to their repository, and the level of access granted to each user. Administrators can now: + + * Search all members, teams and collaborators who have access to the repository. + * View when members have mixed role assignments, granted to them directly as individuals or indirectly via a team. This is visualized through a new "mixed roles" warning, which displays the highest level role the user is granted if their permission level is higher than their assigned role. + * Manage access to popular repositories reliably, with page pagination and fewer timeouts when large groups of users have access. + - '{% data variables.product.prodname_ghe_server %} 3.4 includes improvements to the repository invitation experience, such as notifications for private repository invites, a UI prompt when visiting a private repository you have a pending invitation for, and a banner on a public repository overview page when there is an pending invitation.' + - 'You can now use single-character prefixes for custom autolinks. Autolink prefixes also now allow `.`, `-`, `_`, `+`, `=`, `:`, `/`, and `#` characters, as well as alphanumerics. For more information about custom autolinks, see "[Configuring autolinks to reference external resources](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources)."' + - A `CODE_OF_CONDUCT.md` file in the root of a repository is now highlighted in the "About" sidebar on the repository overview page. + - + heading: 'Releases changes' + notes: + - '{% data variables.product.prodname_ghe_server %} 3.4 includes improvements to the Releases UI, such as automatically generated release notes which display a summary of all the pull requests for a given release. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-20-improvements-to-github-releases-generally-available/)."' + - When a release is published, an avatar list is now displayed at the bottom of the release. Avatars for all user accounts mentioned in the release notes are shown. For more information, see "[Managing releases in a repository](/repositories/releasing-projects-on-github/managing-releases-in-a-repository)." + - + heading: 'Markdown changes' + notes: + - You can now use the new "Accessibility" settings page to manage your keyboard shortcuts. You can choose to disable keyboard shortcuts that only use single characters like S, G C, and . (the period key). For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-16-managing-keyboard-shortcuts-using-accessibility-settings/)." + - You can now choose to use a fixed-width font in Markdown-enabled fields, like issue comments and pull request descriptions. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-12-fixed-width-font-support-in-markdown-enabled-fields/)." + - You can now paste a URL on selected text to quickly create a Markdown link. This works in all Markdown-enabled fields, such as issue comments and pull request descriptions. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-linkify-selected-text-on-url-paste/)." + - 'An image URL can now be appended with a theme context, such as `#gh-dark-mode-only`, to define how the Markdown image is displayed to a viewer. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-24-specify-theme-context-for-images-in-markdown/)."' + - When creating or editing a gist file with the Markdown (`.md`) file extension, you can now use the "Preview" or "Preview Changes" tab to display a Markdown rendering of the file contents. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-17-preview-the-markdown-rendering-of-gists/)." + - When typing the name of a {% data variables.product.prodname_dotcom %} user in issues, pull requests and discussions, the @mention suggester now ranks existing participants higher than other {% data variables.product.prodname_dotcom %} users, so that it's more likely the user you're looking for will be listed. + - Right-to-left languages are now supported natively in Markdown files, issues, pull requests, discussions, and comments. + - + heading: 'Issues and pull requests changes' + notes: + - The diff setting to hide whitespace changes in the pull request "Files changed" tab is now retained for your user account for that pull request. The setting you have chosen is automatically reapplied if you navigate away from the page and then revisit the "Files changed" tab of the same pull request. + - When using auto assignment for pull request code reviews, you can now choose to only notify requested team members independently of your auto assignment settings. This setting is useful in scenarios where many users are auto assigned but not all users require notification. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-team-member-pull-request-review-notifications-can-be-configured-independently-of-auto-assignment/)." + - + heading: 'Branches changes' + notes: + - 'Organization and repository administrators can now trigger webhooks to listen for changes to branch protection rules on their repositories. For more information, see the "[branch_protection_rule](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#branch_protection_rule)" event in the webhooks events and payloads documentation.' + - When configuring protected branches, you can now enforce that a required status check is provided by a specific {% data variables.product.prodname_github_app %}. If a status is then provided by a different application, or by a user via a commit status, merging is prevented. This ensures all changes are validated by the intended application. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-12-01-ensure-required-status-checks-provided-by-the-intended-app/)." + - Only users with administrator permissions are now able to rename protected branches and modify branch protection rules. Previously, with the exception of the default branch, a collaborator could rename a branch and consequently any non-wildcard branch protection rules that applied to that branch were also renamed. For more information, see "[Renaming a branch](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch)" and "[Managing a branch protection rule](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule)." + - Administrators can now allow only specific users and teams to bypass pull request requirements. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-19-allow-bypassing-required-pull-requests/)." + - Administrators can now allow only specific users and teams to force push to a repository. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-12-21-specify-who-can-force-push-to-a-repository/)." + - When requiring pull requests for all changes to a protected branch, administrators can now choose if approved reviews are also a requirement. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-require-pull-requests-without-requiring-reviews/)." + - + heading: 'GitHub Actions changes' + notes: + - '{% data variables.product.prodname_actions %} workflows triggered by {% data variables.product.prodname_dependabot %} for the `create`, `deployment`, and `deployment_status` events now always receive a read-only token and no secrets. Similarly, workflows triggered by {% data variables.product.prodname_dependabot %} for the `pull_request_target` event on pull requests where the base ref was created by {% data variables.product.prodname_dependabot %}, now always receive a read-only token and no secrets. These changes are designed to prevent potentially malicious code from executing in a privileged workflow. For more information, see "[Automating {% data variables.product.prodname_dependabot %} with {% data variables.product.prodname_actions %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)."' + - Workflow runs on `push` and `pull_request` events triggered by {% data variables.product.prodname_dependabot %} will now respect the permissions specified in your workflows, allowing you to control how you manage automatic dependency updates. The default token permissions will remain read-only. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-06-github-actions-workflows-triggered-by-dependabot-prs-will-respect-permissions-key-in-workflows/)." + - '{% data variables.product.prodname_actions %} workflows triggered by {% data variables.product.prodname_dependabot %} will now be sent the {% data variables.product.prodname_dependabot %} secrets. You can now pull from private package registries in your CI using the same secrets you have configured for {% data variables.product.prodname_dependabot %} to use, improving how {% data variables.product.prodname_actions %} and {% data variables.product.prodname_dependabot %} work together. For more information, see "[Automating {% data variables.product.prodname_dependabot %} with {% data variables.product.prodname_actions %}](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions)."' + - You can now manage runner groups and see the status of your self-hosted runners using new Runners and Runner Groups pages in the UI. The Actions settings page for your repository or organization now shows a summary view of your runners, and allows you to deep dive into a specific runner to edit it or see what job it may be currently running. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-20-github-actions-experience-refresh-for-the-management-of-self-hosted-runners/)." + - 'Actions authors can now have their action run in Node.js 16 by specifying [`runs.using` as `node16` in the action''s `action.yml`](/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-javascript-actions). This is in addition to the existing Node.js 12 support; actions can continue to specify `runs.using: node12` to use the Node.js 12 runtime.' + - 'For manually triggered workflows, {% data variables.product.prodname_actions %} now supports the `choice`, `boolean`, and `environment` input types in addition to the default `string` type. For more information, see "[`on.workflow_dispatch.inputs`](/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_dispatchinputs)."' + - Actions written in YAML, also known as composite actions, now support `if` conditionals. This lets you prevent specific steps from executing unless a condition has been met. Like steps defined in workflows, you can use any supported context and expression to create a conditional. + - The search order behavior for self-hosted runners has now changed, so that the first available matching runner at any level will run the job in all cases. This allows jobs to be sent to self-hosted runners much faster, especially for organizations and enterprises with lots of self-hosted runners. Previously, when running a job that required a self-hosted runner, {% data variables.product.prodname_actions %} would look for self-hosted runners in the repository, organization, and enterprise, in that order. + - 'Runner labels for {% data variables.product.prodname_actions %} self-hosted runners can now be listed, added and removed using the REST API. For more information about using the new APIs at a repository, organization, or enterprise level, see "[Repositories](/rest/reference/actions#list-labels-for-a-self-hosted-runner-for-a-repository)", "[Organizations](/rest/reference/actions#add-custom-labels-to-a-self-hosted-runner-for-an-organization)", and "[Enterprises](/rest/reference/enterprise-admin#list-labels-for-a-self-hosted-runner-for-an-enterprise)" in the REST API documentation.' + - + heading: 'Dependabot and Dependency graph changes' + notes: + - Dependency graph now supports detecting Python dependencies in repositories that use the Poetry package manager. Dependencies will be detected from both `pyproject.toml` and `poetry.lock` manifest files. + - When configuring {% data variables.product.prodname_dependabot %} security and version updates on GitHub Enterprise Server, we recommend you also enable {% data variables.product.prodname_dependabot %} in {% data variables.product.prodname_github_connect %}. This will allow {% data variables.product.prodname_dependabot %} to retrieve an updated list of dependencies and vulnerabilities from {% data variables.product.prodname_dotcom_the_website %}, by querying for information such as the changelogs of the public releases of open source code that you depend upon. For more information, see "[Enabling the dependency graph and Dependabot alerts for your enterprise](/admin/configuration/configuring-github-connect/enabling-the-dependency-graph-and-dependabot-alerts-for-your-enterprise)." + - '{% data variables.product.prodname_dependabot_alerts %} alerts can now be dismissed using the GraphQL API. For more information, see the "[dismissRepositoryVulnerabilityAlert](/graphql/reference/mutations#dismissrepositoryvulnerabilityalert)" mutation in the GraphQL API documentation.' + - + heading: 'Code scanning and secret scanning changes' + notes: + - The {% data variables.product.prodname_codeql %} CLI now supports including markdown-rendered query help in SARIF files, so that the help text can be viewed in the {% data variables.product.prodname_code_scanning %} UI when the query generates an alert. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-23-display-help-text-for-your-custom-codeql-queries-in-code-scanning/)." + - The {% data variables.product.prodname_codeql %} CLI and {% data variables.product.prodname_vscode %} extension now support building databases and analyzing code on machines powered by Apple Silicon, such as Apple M1. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-10-codeql-now-supports-apple-silicon-m1/)." + - | + The depth of {% data variables.product.prodname_codeql %}'s analysis has been improved by adding support for more [libraries and frameworks](https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/) from the Python ecosystem. As a result, {% data variables.product.prodname_codeql %} can now detect even more potential sources of untrusted user data, steps through which that data flows, and potentially dangerous sinks where the data could end up. This results in an overall improvement of the quality of {% data variables.product.prodname_code_scanning %} alerts. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-11-24-codeql-code-scanning-now-recognizes-more-python-libraries-and-frameworks/)." + - Code scanning with {% data variables.product.prodname_codeql %} now includes beta support for analyzing code in all common Ruby versions, up to and including 3.02. For more information, see the "[{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-10-27-codeql-code-scanning-adds-beta-support-for-ruby/)." + - | + Several improvements have been made to the {% data variables.product.prodname_code_scanning %} API: + + * The `fixed_at` timestamp has been added to alerts. This timestamp is the first time that the alert was not detected in an analysis. + * Alert results can now be sorted using `sort` and `direction` on either `created`, `updated` or `number`. For more information, see "[List code scanning alerts for a repository](/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository)." + * A `Last-Modified` header has been added to the alerts and alert endpoint response. For more information, see [`Last-Modified`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Last-Modified) in the Mozilla documentation. + * The `relatedLocations` field has been added to the SARIF response when you request a code scanning analysis. The field may contain locations which are not the primary location of the alert. See an example in the [SARIF spec](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html#_Toc16012616) and for more information see "[Get a code scanning analysis for a repository](/rest/reference/code-scanning#get-a-code-scanning-analysis-for-a-repository)." + * Both `help` and `tags` data have been added to the webhook response alert rule object. For more information, see "[Code scanning alert webhooks events and payloads](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#code_scanning_alert)." + * Personal access tokens with the `public_repo` scope now have write access for code scanning endpoints on public repos, if the user has permission. + + For more information, see "[Code scanning](/rest/reference/code-scanning)" in the REST API documentation. + - '{% data variables.product.prodname_GH_advanced_security %} customers can now use the REST API to retrieve private repository secret scanning results at the enterprise level. The new endpoint supplements the existing repository-level and organization-level endpoints. For more information, see "[Secret scanning](/rest/reference/secret-scanning)" in the REST API documentation.' + #No security/bug fixes for the GA release + #security_fixes: + #- PLACEHOLDER + #bugs: + #- PLACEHOLDER + known_issues: + - On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user. + - 自定义防火墙规则在升级过程中被删除。 + - Git LFS 跟踪的文件[通过 Web 界面上传](https://github.com/blog/2105-upload-files-to-your-repositories) 被错误地直接添加到仓库。 + - 如果议题包含文件路径长于 255 个字符的同一仓库中 blob 的永久链接,则议题无法关闭。 + - 对 GitHub Connect 启用“用户可以搜索 GitHub.com”后,私有和内部仓库中的议题不包括在 GitHub.com 搜索结果中。 + - '{% data variables.product.prodname_registry %} npm 注册表不再返回元数据响应的时间值。这样做是为了大幅改善性能。作为元数据响应的一部分,我们继续拥有返回时间值所需的所有数据,并将在我们解决现有性能问题后恢复返回这个值。' + - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail. + - Actions services needs to be restarted after restoring appliance from backup taken on a different host. + deprecations: + - + heading: Deprecation of GitHub Enterprise Server 3.0 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.0 was discontinued on February 16, 2022**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - + heading: Deprecation of GitHub Enterprise Server 3.1 + notes: + - '**{% data variables.product.prodname_ghe_server %} 3.1 will be discontinued on June 3, 2022**. This means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, [upgrade to the newest version of {% data variables.product.prodname_ghe_server %}](/enterprise-server@3.4/admin/enterprise-management/upgrading-github-enterprise-server) as soon as possible.' + - + heading: XenServer Hypervisor 支持终止 + notes: + - Starting in {% data variables.product.prodname_ghe_server %} 3.3, {% data variables.product.prodname_ghe_server %} on XenServer was deprecated and is no longer supported. Please contact [GitHub Support](https://support.github.com) with questions or concerns. + - + heading: Deprecation of the Content Attachments API preview + notes: + - Due to low usage, we have deprecated the Content References API preview in {% data variables.product.prodname_ghe_server %} 3.4. The API was previously accessible with the `corsair-preview` header. Users can continue to navigate to external URLs without this API. Any registered usages of the Content References API will no longer receive a webhook notification for URLs from your registered domain(s) and we no longer return valid response codes for attempted updates to existing content attachments. + - + heading: Deprecation of the Codes of Conduct API preview + notes: + - 'The Codes of Conduct API preview, which was accessible with the `scarlet-witch-preview` header, is deprecated and no longer accessible in {% data variables.product.prodname_ghe_server %} 3.4. We instead recommend using the "[Get community profile metrics](/rest/reference/repos#get-community-profile-metrics)" endpoint to retrieve information about a repository''s code of conduct. For more information, see the "[Deprecation Notice: Codes of Conduct API preview](https://github.blog/changelog/2021-10-06-deprecation-notice-codes-of-conduct-api-preview/)" in the {% data variables.product.prodname_dotcom %} changelog.' + - + heading: Deprecation of OAuth Application API endpoints and API authentication using query parameters + notes: + - | + Starting with {% data variables.product.prodname_ghe_server %} 3.4, the [deprecated version of the OAuth Application API endpoints](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/#endpoints-affected) have been removed. If you encounter 404 error messages on these endpoints, convert your code to the versions of the OAuth Application API that do not have `access_tokens` in the URL. We've also disabled the use of API authentication using query parameters. We instead recommend using [API authentication in the request header](https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param/#changes-to-make). + - + heading: Deprecation of the CodeQL runner + notes: + - The {% data variables.product.prodname_codeql %} runner is deprecated in {% data variables.product.prodname_ghe_server %} 3.4 and is no longer supported. The deprecation only affects users who use {% data variables.product.prodname_codeql %} code scanning in third party CI/CD systems; {% data variables.product.prodname_actions %} users are not affected. We strongly recommend that customers migrate to the {% data variables.product.prodname_codeql %} CLI, which is a feature-complete replacement for the {% data variables.product.prodname_codeql %} runner. For more information, see the [{% data variables.product.prodname_dotcom %} changelog](https://github.blog/changelog/2021-09-21-codeql-runner-deprecation/). + - + heading: Deprecation of custom bit-cache extensions + notes: + - | + Starting in {% data variables.product.prodname_ghe_server %} 3.1, support for {% data variables.product.company_short %}'s proprietary bit-cache extensions began to be phased out. These extensions are deprecated in {% data variables.product.prodname_ghe_server %} 3.3 onwards. + + Any repositories that were already present and active on {% data variables.product.product_location %} running version 3.1 or 3.2 will have been automatically updated. + + Repositories which were not present and active before upgrading to {% data variables.product.prodname_ghe_server %} 3.3 may not perform optimally until a repository maintenance task is run and has successfully completed. + + To start a repository maintenance task manually, browse to `https:///stafftools/repositories///network` for each affected repository and click the Schedule button. + backups: + - '{% data variables.product.prodname_ghe_server %} 3.4 requires at least [GitHub Enterprise Backup Utilities 3.4.0](https://github.com/github/backup-utils) for [Backups and Disaster Recovery](/admin/configuration/configuring-your-enterprise/configuring-backups-on-your-appliance).' diff --git a/translations/zh-CN/data/reusables/actions/enterprise-github-connect-warning.md b/translations/zh-CN/data/reusables/actions/enterprise-github-connect-warning.md deleted file mode 100644 index 2b048403c8..0000000000 --- a/translations/zh-CN/data/reusables/actions/enterprise-github-connect-warning.md +++ /dev/null @@ -1,15 +0,0 @@ -{% ifversion ghes > 3.2 or ghae-issue-4815 %} -{% note %} - -**Note:** When a workflow uses an action by referencing the repository where the action is stored, {% data variables.product.prodname_actions %} will try to find the repository on your {% data variables.product.prodname_ghe_server %} instance first before falling back to {% data variables.product.prodname_dotcom_the_website %}. If a user has already created an organization and repository in your enterprise that matches an organization and repository name on {% data variables.product.prodname_dotcom %}, the repository on your enterprise will be used in place of the {% data variables.product.prodname_dotcom %} repository. 更多信息请参阅“[自动停用在 {% data variables.product.prodname_dotcom_the_website%} 上访问的操作的命名空间](#automatic-retirement-of-namespaces-for-actions-accessed-on-githubcom)”。 - -{% endnote %} -{% endif %} - -{% ifversion ghes < 3.3 or ghae %} -{% note %} - -**Note:** When a workflow uses an action by referencing the repository where the action is stored, {% data variables.product.prodname_actions %} will try to find the repository on your {% data variables.product.prodname_ghe_server %} instance first before falling back to {% data variables.product.prodname_dotcom_the_website %}. 如果用户在企业中创建的组织和仓库与 {% data variables.product.prodname_dotcom %} 上的组织和仓库名称匹配,则将使用企业上的仓库代替 {% data variables.product.prodname_dotcom %} 仓库。 恶意用户可能利用此行为在工作流程中运行代码。 - -{% endnote %} -{% endif %} diff --git a/translations/zh-CN/data/reusables/actions/github-connect-resolution.md b/translations/zh-CN/data/reusables/actions/github-connect-resolution.md new file mode 100644 index 0000000000..816e314a30 --- /dev/null +++ b/translations/zh-CN/data/reusables/actions/github-connect-resolution.md @@ -0,0 +1 @@ +When a workflow uses an action by referencing the repository where the action is stored, {% data variables.product.prodname_actions %} will first try to find the repository on {% data variables.product.product_location %}. If the repository does not exist on {% data variables.product.product_location %}, and if you have automatic access to {% data variables.product.prodname_dotcom_the_website %} enabled, {% data variables.product.prodname_actions %} will try to find the repository on {% data variables.product.prodname_dotcom_the_website %}. \ No newline at end of file diff --git a/translations/zh-CN/data/reusables/actions/github-token-expiration.md b/translations/zh-CN/data/reusables/actions/github-token-expiration.md new file mode 100644 index 0000000000..3391ce321f --- /dev/null +++ b/translations/zh-CN/data/reusables/actions/github-token-expiration.md @@ -0,0 +1 @@ +The `GITHUB_TOKEN` expires when a job finishes or after a maximum of 24 hours. \ No newline at end of file diff --git a/translations/zh-CN/data/reusables/actions/self-hosted-runner-communications-for-ghae.md b/translations/zh-CN/data/reusables/actions/self-hosted-runner-communications-for-ghae.md deleted file mode 100644 index 572fec5569..0000000000 --- a/translations/zh-CN/data/reusables/actions/self-hosted-runner-communications-for-ghae.md +++ /dev/null @@ -1,7 +0,0 @@ -{% ifversion ghae %} - -You must ensure that the self-hosted runner has appropriate network access to communicate with your {% data variables.product.prodname_ghe_managed %} URL and its subdomains. 例如,如果实例名称是s `octoghae`,则需要允许自托管运行器访问 `octoghae.githubenterprise.com`、`api.octoghae.githubenterprise.com` 和 `codeload.octoghae.githubenterprise.com`。 - -If you use an IP address allow list for your organization or enterprise account on {% data variables.product.prodname_dotcom %}, you must add your self-hosted runner's IP address to the allow list. 更多信息请参阅“[管理组织允许的 IP 地址](/organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list)”。 - -{% endif %} diff --git a/translations/zh-CN/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md b/translations/zh-CN/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md new file mode 100644 index 0000000000..1f4a16995c --- /dev/null +++ b/translations/zh-CN/data/reusables/actions/self-hosted-runner-networking-to-dotcom.md @@ -0,0 +1 @@ +To use actions from {% data variables.product.prodname_dotcom_the_website %},{% ifversion ghes %} both {% data variables.product.product_location %} and{% endif %} your self-hosted runners must be able to make outbound connections to {% data variables.product.prodname_dotcom_the_website %}. No inbound connections from {% data variables.product.prodname_dotcom_the_website %} are required. For more information. 更多信息请参阅“[关于自托管的运行器](/actions/hosting-your-own-runners/about-self-hosted-runners#communication-betweens-self-hosted-runners-and-githubcom)”。 \ No newline at end of file diff --git a/translations/zh-CN/data/reusables/actions/self-hosted-runner-ports-protocols.md b/translations/zh-CN/data/reusables/actions/self-hosted-runner-ports-protocols.md index 57f16b0906..a24c445d1b 100644 --- a/translations/zh-CN/data/reusables/actions/self-hosted-runner-ports-protocols.md +++ b/translations/zh-CN/data/reusables/actions/self-hosted-runner-ports-protocols.md @@ -1 +1,3 @@ -Self-hosted runners must be able to communicate with {% ifversion ghae %}your enterprise on {% data variables.product.product_name %}{% elsif fpt or ghec or ghes %}{% data variables.product.product_location %}{% endif %} over HTTP (port 80) and HTTPS (port 443). +{% ifversion ghes or ghae %} +The connection between self-hosted runners and {% data variables.product.product_name %} is over {% ifversion ghes %}HTTP (port 80) or {% endif %}HTTPS (port 443). {% ifversion ghes %}To ensure connectivity over HTTPS, configure TLS for {% data variables.product.product_location %}. For more information, see "[Configuring TLS](/admin/configuration/configuring-network-settings/configuring-tls)."{% endif %} +{% endif %} diff --git a/translations/zh-CN/data/reusables/code-scanning/alert-default-branch.md b/translations/zh-CN/data/reusables/code-scanning/alert-default-branch.md new file mode 100644 index 0000000000..c6a6029e70 --- /dev/null +++ b/translations/zh-CN/data/reusables/code-scanning/alert-default-branch.md @@ -0,0 +1 @@ +The status and details on the alert page only reflect the state of the alert on the default branch of the repository, even if the alert exists in other branches. You can see the status of the alert on non-default branches in the **Affected branches** section on the right-hand side of the alert page. If an alert doesn't exist in the default branch, the status of the alert will display as "in pull request" or "in branch" and will be colored grey. \ No newline at end of file diff --git a/translations/zh-CN/data/reusables/code-scanning/beta.md b/translations/zh-CN/data/reusables/code-scanning/beta.md index 2737a4e73b..42bf4638be 100644 --- a/translations/zh-CN/data/reusables/code-scanning/beta.md +++ b/translations/zh-CN/data/reusables/code-scanning/beta.md @@ -1,4 +1,8 @@ -{% ifversion ghae %} +{% ifversion ghae-issue-5752 %} + + + +{% elsif ghae %} {% note %} diff --git a/translations/zh-CN/data/reusables/code-scanning/filter-non-default-branches.md b/translations/zh-CN/data/reusables/code-scanning/filter-non-default-branches.md new file mode 100644 index 0000000000..4df28a76d5 --- /dev/null +++ b/translations/zh-CN/data/reusables/code-scanning/filter-non-default-branches.md @@ -0,0 +1 @@ +Please note that if you have filtered for alerts on a non-default branch, but the same alerts exist on the default branch, the alert page for any given alert will still only reflect the alert's status on the default branch, even if that status conflicts with the status on a non-default branch. For example, an alert that appears in the "Open" list in the summary of alerts for `branch-x` could show a status of "Fixed" on the alert page, if the alert is already fixed on the default branch. You can view the status of the alert for the branch you filtered on in the **Affected branches** section on the right side of the alert page. \ No newline at end of file diff --git a/translations/zh-CN/data/reusables/dependabot/private-dependencies-note.md b/translations/zh-CN/data/reusables/dependabot/private-dependencies-note.md index 555ed25950..8a9fd456d6 100644 --- a/translations/zh-CN/data/reusables/dependabot/private-dependencies-note.md +++ b/translations/zh-CN/data/reusables/dependabot/private-dependencies-note.md @@ -1 +1 @@ -在运行安全性或版本更新时,有些生态系统必须能够解决来自其来源的所有依赖项,以验证版本更新是否成功。 如果清单或锁定文件包含任何私有依赖项,{% data variables.product.prodname_dependabot %} 必须能够访问这些依赖项所在的位置。 组织所有者可以授予 {% data variables.product.prodname_dependabot %} 访问包含同一个组织内项目依赖项的私有仓库. 更多信息请参阅“[管理组织的安全和分析设置](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)”。 您可以在仓库的 _dependabot.yml_ 配置文件中配置对私有注册表的访问。 更多信息请参阅“[依赖项更新的配置选项](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)。” +在运行安全性或版本更新时,有些生态系统必须能够解决来自其来源的所有依赖项,以验证版本更新是否成功。 如果清单或锁定文件包含任何私有依赖项,{% data variables.product.prodname_dependabot %} 必须能够访问这些依赖项所在的位置。 组织所有者可以授予 {% data variables.product.prodname_dependabot %} 访问包含同一个组织内项目依赖项的私有仓库. 更多信息请参阅“[管理组织的安全和分析设置](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization#allowing-dependabot-to-access-private-dependencies)”。 您可以在仓库的 _dependabot.yml_ 配置文件中配置对私有注册表的访问。 For more information, see "[Configuration options for the dependabot.yml file](/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-private-registries)." diff --git a/translations/zh-CN/data/reusables/dependabot/result-discrepancy.md b/translations/zh-CN/data/reusables/dependabot/result-discrepancy.md new file mode 100644 index 0000000000..c3a50a1bc9 --- /dev/null +++ b/translations/zh-CN/data/reusables/dependabot/result-discrepancy.md @@ -0,0 +1 @@ +{% data variables.product.product_name %} 报告的依赖项检测结果可能不同于其他工具返回的结果。 这是有原因的,它有助于了解 {% data variables.product.prodname_dotcom %} 如何确定项目的依赖项。 diff --git a/translations/zh-CN/data/reusables/enterprise/test-in-staging.md b/translations/zh-CN/data/reusables/enterprise/test-in-staging.md new file mode 100644 index 0000000000..18bcc6eec4 --- /dev/null +++ b/translations/zh-CN/data/reusables/enterprise/test-in-staging.md @@ -0,0 +1 @@ +{% data variables.product.company_short %} strongly recommends that you verify any new configuration for authentication in a staging environment. An incorrect configuration could result in downtime for {% data variables.product.product_location %}. 更多信息请参阅“[设置暂存实例](/admin/installation/setting-up-a-github-enterprise-server-instance/setting-up-a-staging-instance)”。 diff --git a/translations/zh-CN/data/reusables/getting-started/managing-team-settings.md b/translations/zh-CN/data/reusables/getting-started/managing-team-settings.md index e93be75abb..640a3dea33 100644 --- a/translations/zh-CN/data/reusables/getting-started/managing-team-settings.md +++ b/translations/zh-CN/data/reusables/getting-started/managing-team-settings.md @@ -1,3 +1,3 @@ -You can designate a "team maintainer" to manage team settings and discussions, among other privileges. For more information, see "[Assigning the team maintainer role to a team member](/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member)." +You can designate a "team maintainer" to manage team settings and discussions, among other privileges. 更多信息请参阅“[将团队维护者角色分配给团队成员](/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member)”。 You can manage code review assignments for your team, change team visibility, manage scheduled reminders for your team, and more in your team's settings. For more information, see "[Organizing members into teams](/organizations/organizing-members-into-teams)." diff --git a/translations/zh-CN/data/reusables/repositories/github-reviews-security-advisories.md b/translations/zh-CN/data/reusables/repositories/github-reviews-security-advisories.md index cf870a9e65..23dfa68dc7 100644 --- a/translations/zh-CN/data/reusables/repositories/github-reviews-security-advisories.md +++ b/translations/zh-CN/data/reusables/repositories/github-reviews-security-advisories.md @@ -1,3 +1,3 @@ {% data variables.product.prodname_dotcom %} will review each published security advisory, add it to the {% data variables.product.prodname_advisory_database %}, and may use the security advisory to send {% data variables.product.prodname_dependabot_alerts %} to affected repositories. If the security advisory comes from a fork, we'll only send an alert if the fork owns a package, published under a unique name, on a public package registry. This process can take up to 72 hours and {% data variables.product.prodname_dotcom %} may contact you for more information. -For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About alerts for vulnerable dependencies](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-dependabot-security-updates)." For more information about {% data variables.product.prodname_advisory_database %}, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)." +For more information about {% data variables.product.prodname_dependabot_alerts %}, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies#dependabot-alerts-for-vulnerable-dependencies)" and "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-dependabot-security-updates)." For more information about {% data variables.product.prodname_advisory_database %}, see "[Browsing security vulnerabilities in the {% data variables.product.prodname_advisory_database %}](/github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database)." diff --git a/translations/zh-CN/data/reusables/repositories/security-alert-delivery-options.md b/translations/zh-CN/data/reusables/repositories/security-alert-delivery-options.md index 4b1b8c82a2..8172cc2c16 100644 --- a/translations/zh-CN/data/reusables/repositories/security-alert-delivery-options.md +++ b/translations/zh-CN/data/reusables/repositories/security-alert-delivery-options.md @@ -1,4 +1,4 @@ {% ifversion not ghae %} 如果您的仓库具有受支持的依赖项清单 -{% ifversion fpt or ghec %}(并且对私有仓库设置了依赖图){% endif %},则只要 {% data variables.product.product_name %} 检测到仓库中易受攻击的依赖项,您就会收到每周摘要电子邮件。 您也可以在 {% data variables.product.product_name %} 界面中将安全警报配置为 web 通知、单个电子邮件通知、每日电子邮件摘要或警报。 更多信息请参阅“[关于易受攻击的依赖项的警报](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 +{% ifversion fpt or ghec %}(并且对私有仓库设置了依赖图){% endif %},则只要 {% data variables.product.product_name %} 检测到仓库中易受攻击的依赖项,您就会收到每周摘要电子邮件。 您也可以在 {% data variables.product.product_name %} 界面中将安全警报配置为 web 通知、单个电子邮件通知、每日电子邮件摘要或警报。 更多信息请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。 {% endif %} diff --git a/translations/zh-CN/data/reusables/rest-reference/actions/cache.md b/translations/zh-CN/data/reusables/rest-reference/actions/cache.md new file mode 100644 index 0000000000..d76a2cce2a --- /dev/null +++ b/translations/zh-CN/data/reusables/rest-reference/actions/cache.md @@ -0,0 +1,3 @@ +## 缓存 + +The cache API allows you to query and manage the {% data variables.product.prodname_actions %} cache for repositories. 更多信息请参阅“[缓存依赖项以加快工作流程](/actions/advanced-guides/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy)”。 \ No newline at end of file diff --git a/translations/zh-CN/data/reusables/rest-reference/deployments/keys.md b/translations/zh-CN/data/reusables/rest-reference/deploy_keys/deploy_keys.md similarity index 94% rename from translations/zh-CN/data/reusables/rest-reference/deployments/keys.md rename to translations/zh-CN/data/reusables/rest-reference/deploy_keys/deploy_keys.md index 7ae7efa109..7a0ca8693d 100644 --- a/translations/zh-CN/data/reusables/rest-reference/deployments/keys.md +++ b/translations/zh-CN/data/reusables/rest-reference/deploy_keys/deploy_keys.md @@ -1,5 +1,3 @@ -## 部署密钥 - {% data reusables.repositories.deploy-keys %} 部署密钥可以使用以下 API 端点进行设置,也可以使用 GitHub 进行设置。 要了解如何在 GitHub 中设置部署密钥,请参阅“[管理部署密钥](/developers/overview/managing-deploy-keys)”。 \ No newline at end of file diff --git a/translations/zh-CN/data/reusables/rest-reference/orgs/custom_roles.md b/translations/zh-CN/data/reusables/rest-reference/orgs/custom_roles.md index 310339895f..337d796c17 100644 --- a/translations/zh-CN/data/reusables/rest-reference/orgs/custom_roles.md +++ b/translations/zh-CN/data/reusables/rest-reference/orgs/custom_roles.md @@ -1 +1 @@ -## Custom repository roles \ No newline at end of file +## 自定义存储库角色 \ No newline at end of file diff --git a/translations/zh-CN/data/reusables/rest-reference/packages/packages.md b/translations/zh-CN/data/reusables/rest-reference/packages/packages.md index 32c478f7c8..87c94f8857 100644 --- a/translations/zh-CN/data/reusables/rest-reference/packages/packages.md +++ b/translations/zh-CN/data/reusables/rest-reference/packages/packages.md @@ -1,4 +1,4 @@ -The {% data variables.product.prodname_registry %} API enables you to manage packages using the REST API. To learn more about restoring or deleting packages, see "[Restoring and deleting packages](/packages/learn-github-packages/deleting-and-restoring-a-package)." +The {% data variables.product.prodname_registry %} API enables you to manage packages using the REST API.{% ifversion fpt or ghec or ghes > 3.1 or ghae %} To learn more about restoring or deleting packages, see "[Restoring and deleting packages](/packages/learn-github-packages/deleting-and-restoring-a-package)."{% endif %} To use this API, you must authenticate using a personal access token. - To access package metadata, your token must include the `read:packages` scope. diff --git a/translations/zh-CN/data/reusables/secret-scanning/beta.md b/translations/zh-CN/data/reusables/secret-scanning/beta.md index b7064d4a0a..4676aecb28 100644 --- a/translations/zh-CN/data/reusables/secret-scanning/beta.md +++ b/translations/zh-CN/data/reusables/secret-scanning/beta.md @@ -1,4 +1,9 @@ -{% ifversion ghae %} +{% ifversion ghae-issue-5752 %} + + + +{% elsif ghae %} + {% note %} **注意:**组织拥有的仓库的 {% data variables.product.prodname_secret_scanning_caps %} 目前处于公测阶段,可能会有变动。 diff --git a/translations/zh-CN/data/reusables/secret-scanning/fpt-GHAS-scans.md b/translations/zh-CN/data/reusables/secret-scanning/fpt-GHAS-scans.md new file mode 100644 index 0000000000..52f8b8e6da --- /dev/null +++ b/translations/zh-CN/data/reusables/secret-scanning/fpt-GHAS-scans.md @@ -0,0 +1 @@ +**注意:** 组织使用 {% data variables.product.prodname_ghe_cloud %} 和 {% data variables.product.prodname_GH_advanced_security %} 还可以在其拥有的任何存储库(包括私有存储库)上启用 {% data variables.product.prodname_secret_scanning_GHAS %}。 更多信息请参阅 [{% data variables.product.prodname_ghe_cloud %} 文档](/enterprise-cloud@latest/code-security/secret-security/about-secret-scanning#about-secret-scanning-for-advanced-security)。 diff --git a/translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-public-repo.md b/translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-public-repo.md index 3439f26415..a2d894498c 100644 --- a/translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-public-repo.md +++ b/translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-public-repo.md @@ -58,6 +58,7 @@ | 元数据 | Facebook Access Token | | npm | npm 访问令牌 | | NuGet | NuGet API 密钥 | +| Octopus Deploy | Octopus Deploy API Key | | OpenAI | OpenAI API 密钥 | | Palantir | Palantir JSON Web 令牌 | | PlanetScale | PlanetScale Database Password | diff --git a/translations/zh-CN/data/reusables/ssh/key-type-support.md b/translations/zh-CN/data/reusables/ssh/key-type-support.md index 4d8f1bf494..7bfdf23c4b 100644 --- a/translations/zh-CN/data/reusables/ssh/key-type-support.md +++ b/translations/zh-CN/data/reusables/ssh/key-type-support.md @@ -1,8 +1,8 @@ {% note %} -**Note:** {% data variables.product.company_short %} is improving security by dropping older, insecure key types. +**Note:** {% data variables.product.company_short %} improved security by dropping older, insecure key types on March 15, 2022. -DSA keys (`ssh-dss`) are no longer supported. Existing keys will continue to function through March 15, 2022. You cannot add new DSA keys to your user account on {% data variables.product.product_location %}. +As of that date, DSA keys (`ssh-dss`) are no longer supported. You cannot add new DSA keys to your user account on {% data variables.product.product_location %}. RSA keys (`ssh-rsa`) with a `valid_after` before November 2, 2021 may continue to use any signature algorithm. RSA keys generated after that date must use a SHA-2 signature algorithm. Some older clients may need to be upgraded in order to use SHA-2 signatures. diff --git a/translations/zh-CN/data/reusables/user-settings/appearance-settings.md b/translations/zh-CN/data/reusables/user-settings/appearance-settings.md index 449e2bfbe2..796263409e 100644 --- a/translations/zh-CN/data/reusables/user-settings/appearance-settings.md +++ b/translations/zh-CN/data/reusables/user-settings/appearance-settings.md @@ -1,5 +1,5 @@ {% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5658 %} -1. In the left sidebar, click **{% octicon "paintbrush" aria-label="The paintbrush icon" %} Appearance**. +1. 在左侧边栏中,单击 **{% octicon "paintbrush" aria-label="The paintbrush icon" %} 外观**。 {% else %} 1. 在用户设置侧边栏中,单击 **Appearance(外观)**。 diff --git a/translations/zh-CN/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md b/translations/zh-CN/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md index ad2466a83e..77b05afdbd 100644 --- a/translations/zh-CN/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md +++ b/translations/zh-CN/data/reusables/webhooks/repository_vulnerability_alert_short_desc.md @@ -1 +1 @@ -与仓库中的安全漏洞警报相关的活动。 {% data reusables.webhooks.action_type_desc %} 更多信息请参阅“[关于易受攻击的依赖项的警报](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)”。 +与仓库中的安全漏洞警报相关的活动。 {% data reusables.webhooks.action_type_desc %} For more information, see the "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies/)". diff --git a/translations/zh-CN/data/ui.yml b/translations/zh-CN/data/ui.yml index 07f39b9ec0..b98ef0fc4f 100644 --- a/translations/zh-CN/data/ui.yml +++ b/translations/zh-CN/data/ui.yml @@ -103,6 +103,8 @@ products: notes: 注: parameters: 参数 response: 响应 + error_codes: Error Codes + http_status_code: HTTP Status Code code_sample: 代码示例 code_samples: 代码示例 preview_notice: 预览通知 diff --git a/translations/zh-CN/data/variables/product.yml b/translations/zh-CN/data/variables/product.yml index 8daf51cd32..df050c6dde 100644 --- a/translations/zh-CN/data/variables/product.yml +++ b/translations/zh-CN/data/variables/product.yml @@ -142,7 +142,7 @@ prodname_vs: 'Visual Studio' prodname_vscode: 'Visual Studio Code' prodname_vss_ghe: 'Visual Studio subscriptions with GitHub Enterprise' prodname_vss_admin_portal_with_url: '[Visual Studio 订阅的管理员门户](https://visualstudio.microsoft.com/subscriptions-administration/)' -prodname_vscode_command_palette: 'VS Code Command Palette' +prodname_vscode_command_palette: 'VS 代码命令面板' #GitHub Dependabot prodname_dependabot: 'Dependabot' prodname_dependabot_alerts: 'Dependabot 警报' diff --git a/translations/zh-CN/data/variables/release_candidate.yml b/translations/zh-CN/data/variables/release_candidate.yml index 08448113ee..ec65ef6f94 100644 --- a/translations/zh-CN/data/variables/release_candidate.yml +++ b/translations/zh-CN/data/variables/release_candidate.yml @@ -1,2 +1,2 @@ --- -version: enterprise-server@3.4 +version: ''