From ef0064696a19474c0335fc163b79ff95e2e2dc83 Mon Sep 17 00:00:00 2001 From: docubot <67483024+docubot@users.noreply.github.com> Date: Mon, 18 Jul 2022 09:59:31 -0400 Subject: [PATCH] New translation batch for cn (#29109) * Add crowdin translations * Run script/i18n/homogenize-frontmatter.js * Run script/i18n/lint-translation-files.js --check rendering * run script/i18n/reset-files-with-broken-liquid-tags.js --language=cn * run script/i18n/reset-known-broken-translation-files.js * Check in cn CSV report Co-authored-by: Hector Alfaro --- translations/log/cn-resets.csv | 4 +- .../creating-actions/about-custom-actions.md | 2 +- ...-hosted-runner-application-as-a-service.md | 2 +- .../automatic-token-authentication.md | 4 +- .../content/admin/code-security/index.md | 1 - ...ub-advanced-security-in-your-enterprise.md | 423 ------------------ ...b-advanced-security-for-your-enterprise.md | 2 +- .../index.md | 3 - ...-of-github-advanced-security-deployment.md | 267 ----------- .../reviewing-your-security-log.md | 2 +- ...g-spending-limits-for-github-codespaces.md | 4 +- .../viewing-your-github-codespaces-usage.md | 2 +- .../index.md | 22 + ...pting-github-advanced-security-at-scale.md | 54 +++ ...lign-on-your-rollout-strategy-and-goals.md | 71 +++ .../phase-2-preparing-to-enable-at-scale.md | 153 +++++++ .../phase-3-pilot-programs.md | 86 ++++ .../phase-4-create-internal-documentation.md | 32 ++ ...phase-5-rollout-and-scale-code-scanning.md | 56 +++ ...ase-6-rollout-and-scale-secret-scanning.md | 106 +++++ .../viewing-and-updating-dependabot-alerts.md | 13 +- ...ng-pull-requests-for-dependency-updates.md | 4 +- .../zh-CN/content/code-security/index.md | 1 + ...pace-to-access-a-private-image-registry.md | 2 +- ...disaster-recovery-for-github-codespaces.md | 4 +- .../security-in-github-codespaces.md | 2 +- ...rstanding-billing-for-github-codespaces.md | 4 +- ...ing-github-copilot-in-github-codespaces.md | 2 +- ...e-vs-code-command-palette-in-codespaces.md | 8 +- ...g-automatic-deletion-of-your-codespaces.md | 4 +- .../customizing-your-codespace/index.md | 2 +- ...ur-default-region-for-github-codespaces.md | 2 +- ...ur-timeout-period-for-github-codespaces.md | 2 +- .../codespaces-lifecycle.md | 2 +- .../connecting-to-a-private-network.md | 2 +- ...ing-github-codespaces-for-pull-requests.md | 2 +- .../codespaces/getting-started/deep-dive.md | 3 +- .../codespaces/getting-started/index.md | 1 + .../codespaces/getting-started/quickstart.md | 3 +- .../index.md | 2 +- ...-github-codespaces-in-your-organization.md | 4 +- ...-and-organization-for-github-codespaces.md | 2 +- .../restricting-access-to-machine-types.md | 4 +- .../restricting-the-idle-timeout-period.md | 4 +- ...ing-the-retention-period-for-codespaces.md | 2 +- ...ations-audit-logs-for-github-codespaces.md | 2 +- ...g-encrypted-secrets-for-your-codespaces.md | 4 +- ...-gpg-verification-for-github-codespaces.md | 2 +- ...our-security-logs-for-github-codespaces.md | 2 +- .../about-github-codespaces-prebuilds.md | 2 +- .../managing-prebuilds.md | 4 +- .../index.md | 1 + .../introduction-to-dev-containers.md | 2 +- .../troubleshooting/github-codespaces-logs.md | 2 +- ...g-port-forwarding-for-github-codespaces.md | 2 +- ...king-with-support-for-github-codespaces.md | 6 +- ...-with-github-copilot-in-a-jetbrains-ide.md | 6 +- .../scopes-for-oauth-apps.md | 2 +- .../about-github-advanced-security.md | 5 +- .../attaching-files.md | 12 +- .../guides/forming-calls-with-graphql.md | 7 +- .../creating-a-pull-request.md | 2 +- ...wing-proposed-changes-in-a-pull-request.md | 2 +- .../github-privacy-statement.md | 86 ++-- .../dependabot-most-important-sort-option.yml | 6 + .../enterprise-server/3-5/0-rc1.yml | 4 +- .../release-notes/enterprise-server/3-5/0.yml | 4 +- .../github-ae/2022-05/2022-05-17.yml | 2 - .../codespaces/codespaces-machine-types.md | 2 +- .../codespaces/links-to-get-started.md | 2 +- .../reusables/gated-features/codespaces.md | 2 +- .../webhooks/check_suite_properties.md | 2 +- 72 files changed, 729 insertions(+), 823 deletions(-) delete mode 100644 translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md delete mode 100644 translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/overview-of-github-advanced-security-deployment.md create mode 100644 translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/index.md create mode 100644 translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/introduction-to-adopting-github-advanced-security-at-scale.md create mode 100644 translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-1-align-on-your-rollout-strategy-and-goals.md create mode 100644 translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-2-preparing-to-enable-at-scale.md create mode 100644 translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs.md create mode 100644 translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-4-create-internal-documentation.md create mode 100644 translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-5-rollout-and-scale-code-scanning.md create mode 100644 translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md create mode 100644 translations/zh-CN/data/features/dependabot-most-important-sort-option.yml diff --git a/translations/log/cn-resets.csv b/translations/log/cn-resets.csv index 97dc7ddcc8..a7e0d22d61 100644 --- a/translations/log/cn-resets.csv +++ b/translations/log/cn-resets.csv @@ -25,7 +25,6 @@ translations/zh-CN/content/actions/using-workflows/storing-workflow-data-as-arti translations/zh-CN/content/actions/using-workflows/using-github-cli-in-workflows.md,broken liquid tags translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance.md,broken liquid tags translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-secret-scanning-for-your-appliance.md,broken liquid tags -translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md,broken liquid tags translations/zh-CN/content/admin/code-security/managing-supply-chain-security-for-your-enterprise/about-supply-chain-security-for-your-enterprise.md,broken liquid tags translations/zh-CN/content/admin/code-security/managing-supply-chain-security-for-your-enterprise/viewing-the-vulnerability-data-for-your-enterprise.md,broken liquid tags translations/zh-CN/content/admin/configuration/configuring-github-connect/about-github-connect.md,rendering error @@ -138,6 +137,8 @@ translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/s translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/troubleshooting-license-usage-for-github-enterprise.md,broken liquid tags translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/uploading-a-new-license-to-github-enterprise-server.md,broken liquid tags translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/viewing-license-usage-for-github-enterprise.md,broken liquid tags +translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-2-preparing-to-enable-at-scale.md,broken liquid tags +translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs.md,broken liquid tags translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md,broken liquid tags translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql.md,broken liquid tags translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning.md,broken liquid tags @@ -176,6 +177,7 @@ translations/zh-CN/content/code-security/supply-chain-security/understanding-you translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md,Listed in localization-support#489 translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md,broken liquid tags translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md,broken liquid tags +translations/zh-CN/content/codespaces/codespaces-reference/using-github-copilot-in-github-codespaces.md,broken liquid tags translations/zh-CN/content/codespaces/customizing-your-codespace/changing-the-machine-type-for-your-codespace.md,broken liquid tags translations/zh-CN/content/codespaces/customizing-your-codespace/personalizing-github-codespaces-for-your-account.md,broken liquid tags translations/zh-CN/content/codespaces/customizing-your-codespace/setting-your-default-editor-for-github-codespaces.md,broken liquid tags diff --git a/translations/zh-CN/content/actions/creating-actions/about-custom-actions.md b/translations/zh-CN/content/actions/creating-actions/about-custom-actions.md index 4218571497..5c8310c7b7 100644 --- a/translations/zh-CN/content/actions/creating-actions/about-custom-actions.md +++ b/translations/zh-CN/content/actions/creating-actions/about-custom-actions.md @@ -88,7 +88,7 @@ _复合_操作允许您在一个操作中组合多个工作流程步骤。 例 ### 发行版管理的良好做法 -如果您正在开发供其他人使用的操作,建议使用发行版管理来控制分发更新的方式。 用户期望操作的主要版本包括必要的关键修补程序和安全补丁,同时仍与其现有工作流程保持兼容。 每当更改影响兼容性时,应考虑发布新的主要版本。 +如果您正在开发供其他人使用的操作,建议使用发行版管理来控制分发更新的方式。 用户可以期望操作的修补程序版本包括必要的关键修复和安全修补程序,同时仍与其现有工作流程保持兼容。 每当更改影响兼容性时,应考虑发布新的主要版本。 在此发行版管理方法下,用户不应引用操作的默认分支,因为它可能包含最新的代码,因此可能不稳定。 相反地,您可以建议用户在使用您的操作时指定主要版本,并且仅在遇到问题时将其定向到更具体的版本。 diff --git a/translations/zh-CN/content/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service.md b/translations/zh-CN/content/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service.md index 35060da4f2..14e01a6ba9 100644 --- a/translations/zh-CN/content/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service.md +++ b/translations/zh-CN/content/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service.md @@ -65,7 +65,7 @@ shortTitle: 启动时运行运行器应用程序 sudo ./svc.sh install ``` -1. 或者,该命令采用可选的 `user` 参数,以其他用户身份安装服务。 +1. 该命令采用可选的 `user` 参数,以其他用户身份安装服务。 ```shell ./svc.sh install USERNAME diff --git a/translations/zh-CN/content/actions/security-guides/automatic-token-authentication.md b/translations/zh-CN/content/actions/security-guides/automatic-token-authentication.md index 61bc9000fc..5d41867841 100644 --- a/translations/zh-CN/content/actions/security-guides/automatic-token-authentication.md +++ b/translations/zh-CN/content/actions/security-guides/automatic-token-authentication.md @@ -53,8 +53,8 @@ name: Create issue on commit on: [ push ] jobs: - create_commit: - runs-on: ubuntu-latest + create_issue: + runs-on: ubuntu-latest permissions: issues: write steps: diff --git a/translations/zh-CN/content/admin/code-security/index.md b/translations/zh-CN/content/admin/code-security/index.md index c9499cd3f3..d1b6960dbb 100644 --- a/translations/zh-CN/content/admin/code-security/index.md +++ b/translations/zh-CN/content/admin/code-security/index.md @@ -4,7 +4,6 @@ shortTitle: 管理代码安全性 intro: 您可以使用将机密和漏洞排除在代码库之外并维护软件供应链的功能,将安全性构建到开发人员的工作流程中。 versions: ghes: '*' - ghec: '*' ghae: '*' topics: - Enterprise diff --git a/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md b/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md deleted file mode 100644 index d8b394574b..0000000000 --- a/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise.md +++ /dev/null @@ -1,423 +0,0 @@ ---- -title: Deploying GitHub Advanced Security in your enterprise -intro: 'Learn how to plan, prepare, and implement a phased approach for rolling out {% data variables.product.prodname_GH_advanced_security %} (GHAS) in your enterprise.' -product: '{% data reusables.gated-features.advanced-security %}' -redirect_from: - - /admin/advanced-security/deploying-github-advanced-security-in-your-enterprise -miniTocMaxHeadingLevel: 3 -versions: - ghes: '*' - ghec: '*' -type: how_to -topics: - - Advanced Security - - Code scanning - - Enterprise - - Security ---- - -## Overview of the deployment process - -{% data reusables.security.overview-of-phased-approach-for-ghas-rollout %} - -For a high-level summary of these different phases, see "[Overview of {% data variables.product.prodname_GH_advanced_security %} Deployment](/admin/advanced-security/overview-of-github-advanced-security-deployment)." - -Before starting your deployment, we recommend you review the prerequisites for installing GHAS and best practices for GHAS deployment in "[Overview of {% data variables.product.prodname_GH_advanced_security %} Deployment](/admin/advanced-security/overview-of-github-advanced-security-deployment)." - -## {% octicon "milestone" aria-label="The milestone icon" %} Phase 0: Planning & kickoff - -{% note %} - -{% octicon "clock" aria-label="Clock" %} **Estimated timing:** We estimate that phase 0 may last roughly between 1-4 weeks. This range can vary depending on your release needs and any necessary approvals your company may need on the deployment plan. - -{% endnote %} - -The goal of the planning and kickoff phase is to ensure that you have all of your people, processes, and technologies set up and ready for implementing GHAS. - -To help you reach buy-in from the executive sponsor, we recommend preparing and aligning on a rollout plan and goals before releasing GHAS in your enterprise. - -As a part of a phased rollout strategy, we recommend that you identify high-impact and critical teams or applications that should be targeted to join GHAS before the rest of your enterprise. - -If a phased rollout doesn't work for your enterprise, you can skip to the [pilot project phase](#--phase-1-pilot-projects). - -If you’re working with {% data variables.product.prodname_professional_services %}, during this phase you will also establish a plan for how your teams will work together throughout the rollout and implementation process. The {% data variables.product.prodname_professional_services_team %} team can support you with the creation of the phased rollout plan and goals as needed. - -### Step 1: Kickoff meeting with {% data variables.product.prodname_professional_services %} (optional) - -If you signed up for {% data variables.product.prodname_professional_services %}, you’ll begin the rollout and implementation process by meeting with your Services representative. - -If you haven't signed up for {% data variables.product.prodname_professional_services %}, you can skip to the next step. - -The goal of this meeting is to align the two teams on the necessary information to begin crafting a rollout and implementation plan that will work best for your company. In preparation for this meeting, we have created a survey that will help us better prepare for the discussion. Your Services representative will send you this survey. - -To help you prepare for this initial meeting, review these topics. - -- Aligning on how your company and {% data variables.product.prodname_professional_services %} will work best together - - Setting expectations on how to best utilize service hours/days purchased - - Communications plans/frequency of meetings - - Roles and responsibilities -- Review of how GHAS works within the Software Development Life cycle (SDLC). Your {% data variables.product.prodname_professional_services %} representative will explain how GHAS works. -- Review of best practices for deploying GHAS. This is offered as a refresher if your team finds it valuable or if your enterprise did not participate in the Proof of Concept (POC) exercise. This review includes a discussion of your existing Application Security program and its level of maturity, against something like the DevSecOps maturity model. -- Alignment on next steps for your GHAS deployment. Your {% data variables.product.prodname_professional_services %} representative will outline your next steps and the support you can expect from your partnership. - -To help you plan your rollout strategy, you can also expect to discuss these questions: - - How many teams will be enabled? - - What is the anatomy of the teams’ repositories? (Tech stack, current tooling, etc.) - - Some of this might have already been covered during the Proof of Concept exercise if your company participated. If not, this is a crucial time to discuss this. - - What level of adoption do we expect to be organic, assisted, or inorganic? - - What does assisted adoption look like from a resourcing and documentation perspective? - - How will you manage inorganic adoption down the line? (For example, using policy enforcement or centrally managed workflows.) - -### Step 2: Internal kickoff at your company - -Whether or not your company chooses to work with {% data variables.product.prodname_professional_services %}, we always recommend you hold your own kickoff meeting to align your own team(s). - -During this kickoff meeting, it's important to ensure there is a clear understanding of goals, expectations, and that a plan is in place for how to move forward with your rollout and implementation. - -In addition, this is a good time to begin thinking about training and preparations for your team to ensure they have the right tools and expertise to support the rollout and implementation of GHAS. - -#### Topics for your internal kickoff meeting - -We recommend you cover these topics in your internal kickoff meeting at your company if you haven't already covered these with the same group in your kickoff meeting with {% data variables.product.prodname_professional_services %}. - -- What are your business success metrics, how do you plan to measure and report on those measures? - - If these have not been defined, please define them. If they have been defined, communicate them and talk about how you plan to provide data-driven progress updates. -- Review of how GHAS works within the SDLC (Software Development Life cycle) and how this is -expected to work for your company. -- Review of best practices if your company did not participate in the Proof of Concept exercise (or a refresher if your team finds value in this review) - - How does this compare/contrast with your existing Application Security Program? -- Discuss and agree how your internal team will work best together throughout rollout and -implementation. - - Align on your communications plans and frequency of meetings for your internal team - - Review tasks for rollout and implementation completion, defining roles and responsibilities. We have outlined the majority of the tasks in this article, but there may be additional tasks your company requires we have not included. - - Consider establishing a “Champions Program” for scaled enablement - - Begin discussing timing for the completion of tasks -- Begin working on ideal rollout approaches that will work best for your company. This will include understanding a few important items: - - How many teams will be enabled? Some of this might have already been covered during the POC (Proof of Concept) exercise if your company participated. If not, this is a crucial time to discuss this. - - Of the critical applications identified for the initial rollout, how many are built on a technology supported by GHAS? - - How much organizational preparation is needed? To learn more, see "[Phase 2](#--phase-2-organizational-buy-in--rollout-preparation)." - -### Step 3: Prepare your rollout & implementation plan and goals - -Before you can move forward with pilot project(s) for the first phase of the rollout, it’s crucial to ensure a rollout plan and business goals have been established for how your company plans to proceed. - -If you’re working with {% data variables.product.prodname_professional_services %}, they can play a significant role in the creation of this plan. - -If you’re working independently, this section outlines some things to ensure are included in your plan as you prepare to move forward. - -Plans for process changes (if needed) and training for team members as needed: - - Documented team assignments for roles and responsibilities. For more information on the permissions required for each feature, see "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization#access-requirements-for-security-features)." - - Documented plan of tasks and timelines/timeframes where possible. This should include infrastructure changes, process changes/training, and all subsequent phases of enablement of GHAS, allowing for timeframes for remediations and configuration adjustments as needed. For more information, see "[Phase 1: Pilot projects(s)](/admin/advanced-security/deploying-github-advanced-security-in-your-enterprise#--phase-1-pilot-projects)" below. - - Prioritized plan for which projects/teams will have GHAS enabled first, and subsequent -plans for which projects/teams will come in following phases - - Success metrics based on business goals. This will be a crucial reference point following the Pilot Project(s) to gain buy-in for the full rollout. - -{% note %} - -**Note:** To ensure awareness, buy-in, and adoption comes from all groups in your company, it's important to set realistic expectations around the rollout timing and impact on your company's infrastructure, processes, and general day-to-day development workflows. For a smoother and more successful rollout, ensure your security and development teams understand the impact of GHAS. - -{% endnote %} - -{% ifversion ghes %} - -For {% data variables.product.prodname_ghe_server %} customers, to help ensure your instance can support the rollout and implementation of GHAS, review the following: - -- While upgrading to GHES 3.0 is not required, you must upgrade to GHES 3.0 or higher to take advantage of feature combinations such as code scanning and {% data variables.product.prodname_actions %}. For more information, see "[Upgrading {% data variables.product.prodname_ghe_server %}](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)." - -- In a high availability configuration, a fully redundant secondary {% data variables.product.prodname_ghe_server %} appliance is kept in sync with the primary appliance through replication of all major datastores. For more information on setting up high availability, see "[Configuring High Availability](/admin/enterprise-management/configuring-high-availability)." - -- To help support any discussions regarding potential changes to your company's set up, you can review the {% data variables.product.prodname_ghe_server %} system overview. For more information, see "[System overview](/admin/overview/system-overview)." - -{% endif %} - -### Step 4: Establish a baseline of organizational insights - -As your company prepares to begin your pilot project(s), it’s crucial to ensure that you have set a baseline for where your enterprise is today and have defined clear success metrics to measure your pilot project(s) progress against. - -There are likely key business goals your company has that will need to be measured -against, but there are other metrics we can identify to help gauge your pilot’s success. - -As a starting point, some of these metrics might include: - - The mean time to remediation for GHAS vulnerabilities versus the previous tooling and -practices the pilot project(s) / team(s) utilized. - - The code scanning integration's findings for the top X most critical applications. - - The number of applications that have SAST (Static application security testing) integrated versus before the engagement. - -If you participated in the POC exercise prior to purchasing GHAS, these objectives might look familiar. This success criteria includes several objectives for the following high-level roles: - - Implementation & Administration teams - - Security / CISO (Chief Information Security Officer) - - Application Development Teams - -If you’d like to take things a step further, you can look at utilizing OWASP’s DevSecOps -Maturity Model (DSOMM) to work towards reaching a Level 1 maturity. There are four main -evaluation criteria in DSOMM: - -- **Static depth:** How comprehensive is the static code scan that you’re performing within -the AppSec CI pipeline -- **Dynamic depth:** How comprehensive is the dynamic scan that is being run within the -AppSec CI pipeline -- **Intensity:** Your schedule frequency for the security scans running in AppSec CI pipeline -- **Consolidation:** Your remediation workflow for handling findings and process -completeness - -To learn more about this approach and how to implement it in GHAS, -you can download our white paper "[Achieving DevSecOps Maturity with GitHub](https://resources.github.com/whitepapers/achieving-devsecops-maturity-github/)." - -Based on your wider company’s goals and current levels of DevSecOps maturity, we can help you determine how to best measure your pilot’s progress and success. - -## {% octicon "milestone" aria-label="The milestone icon" %} Phase 1: Pilot project(s) - -{% note %} - -{% octicon "clock" aria-label="Clock" %} **Estimated timing:** We estimate that phase 1 may last roughly between 2 weeks to 3+ months. This range can vary largely depending on your company’s infrastructure or systems complexity, internal processes to manage/approve these changes, as well as if larger organizational process changes are needed to move forward with GHAS. - -{% endnote %} - -To begin enabling GHAS across your company, we recommend beginning with a few -high-impact projects or teams to pilot an initial rollout. This will allow an initial -group within your company to get familiar with GHAS and build a solid foundation on GHAS before rolling out to the remainder of your company. - -Before you start your pilot project(s), we recommend that you schedule some checkpoint meetings for your team(s), such as an initial meeting, midpoint review, and a wrap-up session when the pilot is complete. These checkpoint meetings will help you all make adjustments as needed and ensure your team(s) are prepared and supported to complete the pilot successfully. - -These steps will help you enable GHAS on your enterprise, begin using its features, and review your results. - -If you’re working with {% data variables.product.prodname_professional_services %}, they can provide additional assistance through this process through onboarding sessions, GHAS workshops, and troubleshooting as needed. - -### Step 1: GHAS set-up & installation - -{% ifversion ghes %} - -If you haven't already enabled GHAS for your {% data variables.product.prodname_ghe_server %} instance, see "[Enabling GitHub Advanced Security for your enterprise](/admin/advanced-security/enabling-github-advanced-security-for-your-enterprise)." - -{% endif %} - -You need to enable GHAS for each pilot project, either by enabling the GHAS feature for each repository or for all repositories in any organizations taking part in the project. For more information, see "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)" - -The vast majority of GHAS set-up and installation is centered around enabling and configuring code scanning on your enterprise and in your repositories. - -Code scanning allows you to analyze code in a {% data variables.product.prodname_dotcom %} repository to find security vulnerabilities and coding errors. Code scanning can be used to find, triage, and prioritize fixes for existing problems in your code, as well as help prevent developers from introducing new problems that may otherwise reach production. For more information, see "[About code scanning](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning)." - -### Step 2: Set up {% data variables.product.prodname_code_scanning_capc %} - -{% ifversion ghes %} - -To enable {% data variables.product.prodname_code_scanning %} on your {% data variables.product.prodname_ghe_server %} instance, see "[Configuring code scanning for your appliance](/admin/advanced-security/configuring-code-scanning-for-your-appliance)." - -{% endif %} - -To set up code scanning, you must decide whether you'll run code scanning with [{% data variables.product.prodname_actions %}](#using-github-actions-for-code-scanning) or your own [third-party CI system](#using-a-third-party-ci-system-with-the-codeql-cli-for-code-scanning). - -#### Using {% data variables.product.prodname_actions %} for {% data variables.product.prodname_code_scanning %} - -{% ifversion ghes %} - -To set up code scanning with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_server %}, you'll need to provision one or more self-hosted {% data variables.product.prodname_actions %} runners in your -environment. For more information, see "[Setting up a self-hosted runner](/admin/advanced-security/configuring-code-scanning-for-your-appliance#running-code-scanning-using-github-actions)." - -{% endif %} - -For {% data variables.product.prodname_ghe_cloud %}, you can start to create a {% data variables.product.prodname_actions %} workflow using the [CodeQL action](https://github.com/github/codeql-action/) to run code scanning on a repository. {% data variables.product.prodname_code_scanning_capc %} uses [GitHub-hosted runners](/actions/using-github-hosted-runners/about-github-hosted-runners) by default, but this can be customized if you plan to host your own runner with your own hardware specifications. For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners)." - -For more information about {% data variables.product.prodname_actions %}, see: - - "[Learn GitHub Actions](/actions/learn-github-actions)" - - "[Understanding GitHub Actions](/actions/learn-github-actions/understanding-github-actions)" - - "[Events that trigger workflows](/actions/learn-github-actions/events-that-trigger-workflows)" - - "[Filter Pattern Cheat Sheet](/actions/learn-github-actions/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet)" - -#### Using a third-party CI system with the CodeQL CLI for {% data variables.product.prodname_code_scanning %} - -If you’re not using {% data variables.product.prodname_actions %} and have your own continuous integration system, you can use the CodeQL CLI to perform CodeQL code scanning in a third-party CI system. - -For more information, see: - - "[About CodeQL code scanning in your CI system](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system)" - -### Step 3: Enable {% data variables.product.prodname_code_scanning_capc %} in repositories - -If you’re using a phased approach to roll out GHAS, we recommend enabling {% data variables.product.prodname_code_scanning %} on a repository-by-repository basis as part of your rollout plan. For more information, see "[Setting up code scanning for a repository](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository)." - -If you’re not planning on a phased rollout approach and want to enable code scanning for many repositories, you may want to script the process. - -For an example of a script that opens pull requests to add a {% data variables.product.prodname_actions %} workflow to multiple repositories, see the [`jhutchings1/Create-ActionsPRs`](https://github.com/jhutchings1/Create-ActionsPRs) repository for an example using PowerShell, or [`nickliffen/ghas-enablement`](https://github.com/NickLiffen/ghas-enablement) for teams who do not have PowerShell and instead would like to use NodeJS. - -### Step 4: Run code scans and review your results - -With code scanning enabled in the necessary repositories, you're ready to help your -development team(s) understand how to run code scans and reports, view reports, and process results. - -#### {% data variables.product.prodname_code_scanning_capc %} - -With code scanning, you can find vulnerabilities and errors in your project's code on GitHub, -as well as view, triage, understand, and resolve the related {% data variables.product.prodname_code_scanning %} alerts. - -When code scanning identifies a problem in a pull request, you can review the highlighted -code and resolve the alert. For more information, see "[Triaging {% data variables.product.prodname_code_scanning %} alerts in pull requests](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests)." - -If you have write permission to a repository you can manage code scanning alerts for that -repository. With write permission to a repository, {% ifversion delete-code-scanning-alerts %}you can view, fix, dismiss, or delete alerts {% else %}you can view, fix, or dismiss alerts{% endif %} for potential vulnerabilities or errors in your repository's code. For more information, see "[Managing code scanning alerts for your repository](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository)." - -#### Generate reports of {% data variables.product.prodname_code_scanning %} alerts - -If you’d like to create a report of your code scanning alerts, you can use the {% data variables.product.prodname_code_scanning_capc %} API. For more information, see the "[{% data variables.product.prodname_code_scanning_capc %} API](/rest/reference/code-scanning)." - -For an example of how to use the {% data variables.product.prodname_code_scanning_capc %} API, see the [`get-code-scanning-alerts-in-org-sample`](https://github.com/jhutchings1/get-code-scanning-alerts-in-org-sample) repository. - -### Step 5: Configure {% data variables.product.prodname_code_scanning_capc %} to fine tune your results - -When running initial code scans, you may find that no results are found or that an unusual number of results are returned. You may want to adjust what is flagged in future scans. - -For more information, see "[Configuring code scanning](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning)." - -If your company wants to use other third-party code analysis tools with GitHub code scanning, you can use actions to run those tools within GitHub. Alternatively, you can upload results, generated by third-party tools as SARIF files, to code scanning. For more information, see "[Integrating with code scanning](/code-security/code-scanning/integrating-with-code-scanning)." - -### Step 6: Set up secret scanning - -GitHub scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally. - -{% ifversion ghes %} - -To enable secret scanning for your {% data variables.product.prodname_ghe_server %} instance, see "[Configuring secret scanning for your appliance](/admin/advanced-security/configuring-secret-scanning-for-your-appliance)." - -{% endif %} - -You need to enable secret scanning for each pilot project, either by enabling the feature for each repository or for all repositories in any organizations taking part in the project. For more information, see "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)" - -To learn how to view and close alerts for secrets checked into your repository, see "[Managing alerts from secret scanning](/code-security/secret-scanning/managing-alerts-from-secret-scanning)." - -### Step 7: Set up dependency management - -GitHub helps you avoid using third-party software that contains known vulnerabilities. We provide the following tools for updating vulnerable dependencies{% ifversion GH-advisory-db-supports-malware %} and removing malware{% endif %}. - -| Dependency Management Tool | Description | -|----|----| -| Dependabot Alerts | You can track your repository's dependencies and receive Dependabot alerts when your enterprise detects insecure dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies)." | -| Dependency Graph | The dependency graph is a summary of the manifest and lock files stored in a repository. It shows you the ecosystems and packages your codebase depends on (its dependencies) and the repositories and packages that depend on your project (its dependents). For more information, see "[About the dependency graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)." |{% ifversion ghes or ghec %} -| Dependency Review | If a pull request contains changes to dependencies, you can view a summary of what has changed and whether there are known vulnerabilities in any of the dependencies. For more information, see "[About dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)" or "[Reviewing Dependency Changes in a Pull Request](/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request)." | {% endif %} {% ifversion ghec or ghes > 3.2 %} -| Dependabot Security Updates | Dependabot can fix vulnerable dependencies for you by raising pull requests with security updates. For more information, see "[About Dependabot security updates](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates)." | -| Dependabot Version Updates | Dependabot can be used to keep the packages you use updated to the latest versions. For more information, see "[About Dependabot version updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates)." | {% endif %} - -{% data reusables.dependabot.beta-security-and-version-updates-onboarding %} - -### Step 8: Establish a remediation process - -Once your team(s) have been able to run scans, identify vulnerabilities and dependencies, and can consume the results of each security feature, the next step is to ensure that they can remediate the vulnerabilities identified within their normal development processes without involving your security team. - -This means that the development teams understand how to utilize the GHAS features throughout the development process, can run scans, read reports, consume the results, and remediate vulnerabilities within their normal development workflows, without having to have a separate security phase at the end of development, or have a need to involve your security team to understand reports/results. - -### Step 9: Set up custom analysis if needed - -Custom analysis is an optional deeper use of code scanning when custom CodeQL queries are needed beyond the available default (and community) set of queries. The need for custom queries is rare. - -Custom queries are used to identify custom security alerts or help developers follow coding standards by detecting certain code patterns. - -If your company is interested in writing custom CodeQL queries, there are certain requirements your company should meet. - -If your team can provide some examples of existing vulnerabilities you'd like to find via CodeQL, please let the GitHub team know and we can schedule an introductory session to review the basics of the language and discuss how to tackle one of your problems. If you want to cover CodeQL in more depth, then we offer additional engagement options to cover more topics to enable your team to build their own queries. - -You can learn more about [CodeQL queries](https://codeql.github.com/docs/writing-codeql-queries/codeql-queries/) in our [CodeQL documentation](https://codeql.github.com/docs/codeql-overview/), or reach out to your {% data variables.product.prodname_professional_services %} team or sales representative. - -### Step 10: Create & maintain documentation - -All throughout the pilot phase, it’s essential to create and maintain high-quality internal documentation of the infrastructure and process changes made within your company, as well as learnings from the pilot process and configuration changes made as your team(s) progress throughout the rollout and implementation process. - -Having thorough and complete documentation helps make the remaining phases of your rollout more of a repeatable process. -Good documentation also ensures that new teams can be onboarded consistently throughout the rollout process and as new team members join your team(s). - -Good documentation doesn’t end when rollout and implementation are complete. The most helpful documentation is actively updated and evolves as your teams expand their experience using GHAS and as their needs grow. - -In addition to your documentation, we recommend your company provides clear channels to your team(s) for support and guidance all throughout rollout, implementation, and beyond. Depending on the level of change your company needs to take on in order to support the rollout and implementation of GHAS, having well-supported teams will help ensure a successful adoption into your development teams’ daily workflow. - -## {% octicon "milestone" aria-label="The milestone icon" %} Phase 2: Organizational buy-in & rollout preparation - -{% note %} - -{% octicon "clock" aria-label="Clock" %} **Estimated timing:** We estimate that phase 2 may last roughly between 1 week to over a month. This range can vary largely depending on your company’s internal approval processes. - -{% endnote %} - -One of the main goals of this phase is to ensure you have the organizational buy-in to make the full deployment of GHAS successful. - -During this phase, your company reviews the results of the pilot project(s) to determine if the pilot was successful, what adjustments may need to be made, and if the company is ready to continue forward with the rollout. - -Depending on your company’s approval process, organizational buy-in from your executive sponsor may be necessary to continue forward. In most cases, organizational buy-in from your team(s) is necessary to begin utilizing the value of GHAS for your company. - -Before moving forward to the next phase of rolling out GHAS more widely across your company, modifications are often made to the original rollout plan based on learnings from the pilot. - -Any changes that may impact the documentation should also be made to ensure it is current for continued rollout. - -We also recommend that you consider your plan to train any teams or team members that will be introduced to GHAS in the next phases of your rollout if you haven't already. - -### Step 1: Organize results - -At the completion of Phase 1, your team(s) should have {% ifversion ghes %} GHAS enabled on your {% data variables.product.prodname_ghe_server %} instance and have{% endif %} been able to utilize all of the key features of GHAS successfully, potentially with some configuration changes to optimize results. If your company clearly defined success metrics in Phase 0, you should be able to measure against these metrics to determine the success of your pilot. - -It’s important to revisit your baseline metrics when preparing your results to ensure that incremental progress can be demonstrated based on metrics collected from the pilot against your original business goals. If you need assistance with this information, GitHub can help by ensuring that your company has the right metrics to measure your progress against. For more information on help available, see "[GitHub services and support](/admin/advanced-security/overview-of-github-advanced-security-deployment#github-services-and-support)." - -### Step 2: Secure organizational buy-in - -Organizational buy-in will vary depending on a variety of factors, including your company’s size, approval process, or even the level of change required to rollout GHAS to name a few. - -For some companies, securing buy-in is a one-time meeting, but for others, this process can take quite some time (potentially weeks or months). Buy-in may require approval from your executive sponsor or may require the adoption of GHAS into your teams’ daily workflows. - -This duration of this stage is entirely up to your company and how quickly you would like to proceed. We recommend seeking support or services from GitHub where possible to help answer questions and provide any recommendations that may be needed to help support this process. For more information on help available, see "[GitHub services and support](/admin/advanced-security/overview-of-github-advanced-security-deployment#github-services-and-support)." - -### Step 3: Revise and update documentation - -Review the results and findings from your pilot project(s) and the needs of the remaining teams at your company. Based on your findings and needs analysis, update/revise your documentation. - -We've found that it’s essential to ensure that your documentation is up-to-date before continuing with the rollout to the remainder of your company's enterprise. - -### Step 4: Prepare a full rollout plan for your company - -Based on what you learned from your pilot project(s), update the rollout plan you designed in stage 0. To prepare for rolling out to your company, consider any training your teams will need, such as training on using GHAS, process changes, or migration training if your enterprise is migrating to GitHub. - -## {% octicon "milestone" aria-label="The milestone icon" %} Phase 3: Full organizational rollout & change management - -{% note %} - -{% octicon "clock" aria-label="Clock" %} **Estimated timing:** We estimate that phase 3 may -last anywhere from 2 weeks to multiple months. This range can vary largely depending on -your company’s size, number of repositories/teams, level of change the GHAS rollout will be for your company, etc. - -{% endnote %} - -Once your company has aligned on the results and findings from your pilot project(s) and all rollout preparation steps have been completed from Phase 2, you can move forward with the full rollout to your company based on your plan. - -### Step 1: Evaluate your rollout as you go - -If you're using a phased approach to rolling out GHAS, we recommend taking a brief pause and completing a short evaluation after rolling out GHAS to a different segment of your company to ensure the rollout is moving forward smoothly. Your evaluation can ensure that teams are enabled and trained properly, that any unique GHAS configuration needs are met, and that plans and documentation can be adjusted as needed. - -### Step 2: Set up any needed training - -When rolling GHAS out to any teams beyond your pilot project team(s), it’s important to ensure teams are either trained or there are training resources available to provide additional support where needed. - -These are the main areas where we see companies needing further support: - - training on GHAS - - training for customers new to GitHub - - training on how to migrate to GitHub - -Our {% data variables.product.prodname_professional_services_team %} team provides a variety of training services, bootcamps, and just general advice to help support your team(s) throughout the rollout and implementation process. For more information, see "[GitHub services and support](/admin/advanced-security/overview-of-github-advanced-security-deployment#github-services-and-support)." - -To help support your teams, here's a recap of relevant GitHub documentation. - -For documentation on how to enable GHAS, see: - - "[Enabling Advanced Security features](/get-started/learning-about-github/about-github-advanced-security)" - - "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)" - - "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)" - -For documentation on how to migrate to GitHub, see: - - "[Importing source code to GitHub](/github/importing-your-projects-to-github/importing-source-code-to-github)" - -For documentation on getting started with GitHub, see: - - "[Get started](/get-started)" - -### Step 3: Help your company manage change - -In step 4 of phase 2, we recommended that you update the initial rollout plan based on your learnings from the pilot project(s). Ensure that you continue to update your plan as you implement any necessary organizational changes to successfully roll out GHAS to your company. - -Successful GHAS rollouts and the adoption of best practices into daily workflows depend on ensuring that your teams understand why it’s necessary to include security in their work. - -### Step 4: Continued customization - -Configuration and customization of GHAS are not complete once it’s rolled out across your company's enterprise. Further custom configuration changes should continue to be made over time to ensure GHAS continues to support your company's changing needs. - -As your team becomes more experienced and skilled with GHAS over time, this will create additional opportunities for further customization. diff --git a/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/enabling-github-advanced-security-for-your-enterprise.md b/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/enabling-github-advanced-security-for-your-enterprise.md index 6c66aa64dd..9494eae772 100644 --- a/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/enabling-github-advanced-security-for-your-enterprise.md +++ b/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/enabling-github-advanced-security-for-your-enterprise.md @@ -27,7 +27,7 @@ topics: {% endif %} {% ifversion ghes %} -有关分阶段部署 GitHub Advanced Security 的指导,请参阅“[在企业中部署 GitHub Advanced Security](/admin/advanced-security/deploying-github-advanced-security-in-your-enterprise)”。 +有关分阶段部署 GitHub Advanced Security 的说明,请参阅“[大规模采用 GitHub Advanced Security 简介](/code-security/adopting-github-advanced-security-at-scale/introduction-to-adopting-github-advanced-security-at-scale)”。 {% endif %} ## 检查您的许可是否包含 {% data variables.product.prodname_GH_advanced_security %} diff --git a/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/index.md b/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/index.md index 06bed2cdc9..f3a53bcf69 100644 --- a/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/index.md +++ b/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/index.md @@ -9,14 +9,11 @@ redirect_from: - /admin/advanced-security versions: ghes: '*' - ghec: '*' topics: - Enterprise children: - /enabling-github-advanced-security-for-your-enterprise - /configuring-code-scanning-for-your-appliance - /configuring-secret-scanning-for-your-appliance - - /overview-of-github-advanced-security-deployment - - /deploying-github-advanced-security-in-your-enterprise --- diff --git a/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/overview-of-github-advanced-security-deployment.md b/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/overview-of-github-advanced-security-deployment.md deleted file mode 100644 index 3f27e05d5f..0000000000 --- a/translations/zh-CN/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/overview-of-github-advanced-security-deployment.md +++ /dev/null @@ -1,267 +0,0 @@ ---- -title: GitHub Advanced Security 部署概述 -intro: '通过查看和理解这些最佳实践、部署示例以及我们经过企业测试的分阶段方法,帮助您的公司成功准备采用 {% data variables.product.prodname_GH_advanced_security %} (GHAS)。' -product: '{% data variables.product.prodname_GH_advanced_security %} 是一组安全功能,旨在使企业代码更安全。 它可用于 {% data variables.product.prodname_ghe_server %} 3.0 或更高版本、 {% data variables.product.prodname_ghe_cloud %} 和开源存储库。 要了解有关 {% data variables.product.prodname_GH_advanced_security %} 中包含的功能的更多信息,请参阅“[关于GitHub Advanced Security](/get-started/learning-about-github/about-github-advanced-security)”。' -redirect_from: - - /admin/advanced-security/overview-of-github-advanced-security-deployment -miniTocMaxHeadingLevel: 3 -versions: - ghes: '*' - ghec: '*' -type: how_to -topics: - - Advanced Security - - Code scanning - - Enterprise - - Security ---- - -{% data variables.product.prodname_GH_advanced_security %} (GHAS) 可帮助团队使用集成工具(如 CodeQL,世界上最先进的语义代码分析引擎)更快地构建更安全的代码。 GHAS 是一套工具,需要整个企业的开发人员积极参与。 为了实现最佳的投资回报,您必须学习如何使用、应用和维护 GHAS,以真正保护您的代码。 - -为公司处理新软件的最大挑战之一可能是部署和实施过程,以及发生文化变革以获得部署成功所需的组织支持。 - -为帮助贵公司更好地了解和准备使用 GHAS 的这一过程,本概述旨在: - - 概述 GHAS 部署对您的公司来说可能是什么样子。 - - 帮助您的公司为部署做好准备。 - - 分享关键最佳实践,以帮助提高公司部署的成功率。 - -要了解 {% data variables.product.prodname_GH_advanced_security %} 提供的安全功能,请参阅“[{% data variables.product.prodname_dotcom %} 安全功能](/code-security/getting-started/github-security-features)”。 - -## 推荐用于 GHAS 部署的分阶段方法 - -我们创建了一种分阶段的 GHAS 部署方法,该方法根据行业和 GitHub 最佳实践开发。 您可以利用此方法与 {% data variables.product.prodname_professional_services %} 合作或独立部署。 - -虽然建议采用分阶段方法,但可以根据公司的需求进行调整。 我们还建议创建并遵守部署和实施的时间表。 当您开始规划时,我们可以一起确定最适合您公司的理想方法和时间表。 - -![显示 GitHub 高级安全部署和部署的三个阶段的图表,包括阶段 0:规划和 启动、阶段 1:试点项目、阶段 2:早期采用者组织支持和部署,以及阶段 3:全面组织部署和变更管理](/assets/images/enterprise/security/advanced-security-phased-approach-diagram.png) - - -根据我们帮助客户成功部署 {% data variables.product.prodname_GH_advanced_security %} 的经验,我们预计大多数客户都希望遵循这些阶段。 根据贵公司的需要,您可能需要修改此方法并更改或删除某些阶段或步骤。 - -关于执行每个阶段的详细指南,请参阅“[在企业中部署 {% data variables.product.prodname_GH_advanced_security %}](/admin/advanced-security/deploying-github-advanced-security-in-your-enterprise)”。 下一节将为您提供其中每个阶段的高级摘要。 - -### {% octicon "milestone" aria-label="The milestone icon" %} 第 0 阶段:规划和启动 - -在此阶段,总体目标是为部署进行规划和准备,确保您拥有适当的人员、流程和技术,并为部署做好准备。 您还应该考虑将使用哪些成功标准来衡量整个团队的 GHAS 采用和使用情况。 - -### {% octicon "milestone" aria-label="The milestone icon" %} 第 1 阶段:试点项目 - -要开始实施 GHAS,我们建议从几个影响力大的项目/团队开始,以便进行初始部署的试点。 这将允许您公司内的初始小组熟悉 GHAS,学习如何启用和配置 GHAS,并在部署到公司的其他部门之前在 GHAS 上建立坚实的基础。 - -### {% octicon "milestone" aria-label="The milestone icon" %} 第 2 阶段:组织支持和部署准备 - -第 2 阶段是对前几阶段的回顾,并为在公司其余部分进行更大规模的部署做准备。 在此阶段,组织支持是指公司决定在试点项目后继续推进,还是在公司再使用 GHAS 一段时间(这是最常见的)。 如果您的公司决定再使用 GHAS 一段时间,则第 2 阶段可以继续进入第 3 阶段及以后。 - -### {% octicon "milestone" aria-label="The milestone icon" %} 第 3 阶段:部署和变更管理的全面组织部署 - -在公司达成一致后,您就可以根据部署计划开始将 GHAS 推广到公司的其他部门。 在此阶段,请务必确保为部署 GHAS 期间可能需要进行的任何组织更改制定计划,并确保团队了解更改对当前工作流程的需求、价值和影响。 - -## 成功部署 GHAS 的最佳实践 - -我们发现,已经成功完成 GHAS 部署的公司具有几个类似的特征,这些特征有助于推动其成功。 为了帮助您的公司提高 GHAS 部署的成功率,请查看这些最佳实践。 - -### {% octicon "checklist" aria-label="The checklist icon" %} 为公司的部署设定明确的目标 - -设定目标似乎是显而易见的,但我们确实看到一些公司在开始部署 GHAS 时没有明确的目标。 对于这些公司来说,要获得完成部署并在公司内部实现 GHAS 价值所需的真正组织支持,就会更加困难。 - -当您开始规划部署和实施时,请先概述公司内部 GHAS 的目标,并确保将这些目标传达给您的团队。 目标可以是非常详细,也可以很简单,但必须有起点并达成一致。 这将有助于为公司的部署方向奠定基础,并帮助您制定实现目标的计划。 如果您在实现目标方面需要帮助, {% data variables.product.prodname_professional_services %} 可以根据我们在贵公司的经验以及之前与其他客户的合作情况,为您提供建议。 - -以下是一些简要示例,说明部署 GHAS 的目标可能是什么样子: - - **减少漏洞数量:** 这可能是一般目标,或者因为您的公司最近受到重大漏洞的影响,您认为可以通过 GHAS 等工具阻止这些漏洞。 - - **识别高风险存储库:** 一些公司可能只想找到包含最大风险的存储库,以便开始修复漏洞并降低风险。 - - **提高修复率:** 这可以通过推动开发人员采用调查结果并确保及时修复这些漏洞,防止安全问题累积来实现。 - - **满足合规性要求:** 这可以像创建新的合规性要求或更具体的内容一样简单。 我们发现许多医疗保健公司使用 GHAS 来防止 PHI(个人健康信息)的暴露。 - - **防止机密泄露:** 这通常是已经(或希望防止)关键信息泄露(如软件密钥,客户或财务数据等)的公司的目标。 - - **依赖项管理:** 对于可能由于未修补的依赖项的黑客攻击而成为受害者的公司,或者那些试图通过更新易受攻击的依赖项来防止这类攻击的公司来说,这通常是一个目标。 - -### {% octicon "checklist" aria-label="The checklist icon" %} 在团队之间建立清晰的沟通和一致性 - -清晰的沟通和一致性对于任何项目的成功都至关重要,GHAS 的部署也不例外。 我们发现,从购买 GHAS 到部署期间,其安全和开发团队以及其执行发起人(CISO 或 VP)之间具有明确沟通和一致性的公司,部署通常会取得更大的成功。 - -除了确保这些组在整个 GHAS 部署过程中保持一致之外,我们还建议关注一些特定领域。 - -#### 部署规划 - -如何将 GHAS 推广到您的公司? 可能会有很多想法和意见。 以下是在继续推进之前应考虑回答和调整的一些问题: - - 哪些团队将包含在试点中? - - 试点项目重点关注哪些项目? - - 应如何确定项目部署的优先级? - - 您计划如何衡量试点及以后的成功? - - 您的团队将会进行的日常改变程度如何? 如何沟通这些? - - 您的部署计划将如何在整个公司内传达? - - 您计划如何培训您的团队? - - 您最初计划如何管理扫描结果? (有关详细信息,请参阅下一节“处理结果”) - -#### 处理结果 - -在向团队推出 GHAS 之前,应明确协调如何随着时间的推移管理结果。 我们建议最初将结果视为信息量更大且非阻塞的结果。 公司可能具有完整的 CI/CD 管道,因此我们建议使用此方法以避免阻止公司的流程。 当您习惯于处理这些结果时,可以逐步将限制级别提高到对您的公司来说更准确的程度。 - -### {% octicon "checklist" aria-label="The checklist icon" %} 通过安全和开发团队领导您的部署 - -许多公司通过其安全小组领导其 GHAS 部署工作。 通常,在试点结束之前,开发团队不会参与部署过程。 但是,我们发现,通过安全和开发团队领导其部署的公司往往在部署 GHAS 方面取得更大的成功。 - -为什么? GHAS 采用以开发人员为中心的软件安全方法,无缝集成到开发人员工作流程中。 在流程的早期没有来自开发团队的关键代表会增大部署风险,获得组织支持也会更难。 - -当开发组更早参与时(最好是从购买开始),安全和开发组可以在流程的早期达成一致。 这有助于消除两个群体之间的隔离,建立和加强他们的工作关系,有助于团队摆脱“事不关己,高高挂起”的常见心态。 所有这些事情都有助于支持总体目标,即帮助公司转变并开始利用 GHAS 在开发过程的早期解决安全问题。 - -#### {% octicon "people" aria-label="The people icon" %} 建议的部署团队关键角色 - -我们建议您的团队设置几个关键角色,以确保您的团队在部署和实施的整个规划和执行过程中都能合适地代表公司。 - -我们强烈建议您的部署团队包括以下角色: -- **执行发起人:** 这通常是 CISO、CIO、安全副总裁或工程副总裁。 -- **技术安全主管:** 技术安全主管在整个实施过程中代表安全团队提供技术支持。 -- **技术开发主管:** 技术开发主管提供技术支持,并可能与开发团队一起领导实施工作。 - -我们还建议您的部署团队包括以下角色: -- **项目经理:** 我们发现,部署过程越早引入项目经理,成功的可能性就越高。 -- **质量保证工程师:** 公司质量保证团队的成员加入有助于确保 QA 团队考虑流程更改。 - -### {% octicon "checklist" aria-label="The checklist icon" %} 了解 GHAS 的关键事实,防止常见的误解 - -进入 GHAS 实施,重要的是要了解 GHAS 是什么以及可以做什么等一些关键的基本事实,以防止公司在部署 GHAS 时出现许多常见的误解。 - -{% note %} - -**注意:** 如果您有兴趣继续接受 GHAS 教育,{% data variables.product.prodname_professional_services %} 提供了多种额外的教育和培训选择,包括您的公司需要为 GHAS 做准备的主题。 这些产品可能采取研讨会、演示和训练营的形式。 主题范围可以从部署 GHAS 和 GHAS 的基本用法到更高级的主题,以继续培养团队的技能。 有关与 {% data variables.product.prodname_professional_services_team %} 团队合作的详细信息,请参阅“[{% data variables.product.prodname_professional_services %}](#github-professional-services)”。 - -{% endnote %} - - -#### 事实 1:GHAS 是一套安全工具,需要采取措施来保护您的代码。 - -它不是安装并被遗忘的安全软件 - 仅仅拥有 GHAS 本身并不能保护您的代码。 GHAS 是一套工具,在配置、维护、日常工作流程中使用以及与其他工具结合使用时,其价值会随之增加。 - -#### 事实 2:GHAS 需要开箱即用的调整。 - -在存储库上设置 GHAS 后,需要采取其他步骤来确保它符合您公司的需求。 代码扫描尤其需要进一步的配置来微调结果,例如,自定义扫描标记的内容以调整在将来的扫描中提取的内容。 许多客户发现,初始扫描要么没有发现任何结果,要么根据应用程序的威胁模型不相关,需要根据公司的需求进行调整。 - -#### 事实 3:GHAS 工具在一起使用时最有效,但最有效的 AppSec 程序涉及使用其他工具/活动。 - -当所有工具一起使用时,GHAS 最有效。 当公司将 GHAS 与其他工具和活动(例如渗透测试和动态扫描)集成时,会进一步提高 AppSec 程序的有效性。 我们建议始终使用多层保护。 - -#### 事实 4:并非所有公司都会使用/需要自定义 {% data variables.product.prodname_codeql %} 查询,但它们可以帮助您自定义/定位扫描结果。 - -代码扫描由 {% data variables.product.prodname_codeql %} 提供支持,是世界上最强大的代码分析引擎。 虽然许多公司对能够编写自定义查询的前景感到兴奋,但对于我们的大部分客户来说,社区提供的基本查询集和其他查询通常绰绰有余。 但是,许多公司可能会发现需要自定义 {% data variables.product.prodname_codeql %} 查询,以帮助降低结果中的误报率,或者精心创建新查询以找到公司可能需要的结果。 - -但是,如果您的公司有兴趣编写自定义 {% data variables.product.prodname_codeql %} 查询,我们建议您在探索自定义查询之前完成 GHAS 的部署和实施。 - -{% note %} - -**注意:** 在深入研究更深层次的安全实践之前,您的公司在GHAS上打下坚实的基础至关重要。 - -{% endnote %} - -当您的公司准备就绪时,我们的客户成功团队可以帮助您了解需要满足的要求,并有助于确保您的公司具有良好的自定义查询用例。 - -#### 事实 5: {% data variables.product.prodname_codeql %} 会扫描整个代码库,而不仅仅是在拉取请求中所做的更改。 - -当从拉取请求运行代码扫描时,扫描将包括完整的代码库,而不仅仅是在拉取请求中所做的更改。 虽然这有时似乎没有必要,但这是确保更改已针对代码库中的所有交互进行审查的重要步骤。 - -## 成功部署 {% data variables.product.prodname_GH_advanced_security %} 的示例 - -现在,您已经更好地了解了成功部署和实施 GHAS 的一些关键因素,以下是我们的客户如何成功部署的一些示例。 即使您的公司位于不同的地方,{% data variables.product.prodname_dotcom %} 也可以帮助您构建适合您的部署需求的自定义路径。 - -### 中型医疗保健技术公司的部署示例 - -一家位于旧金山的中型医疗保健技术公司成功完成了 GHAS 的部署过程。 虽然他们可能没有大量需要启用的存储库,但该公司成功的关键包括拥有一个组织良好且协调一致的部署团队,并有明确的关键联系人,可以与 {% data variables.product.prodname_dotcom %} 合作,以解决过程中的任何问题。 这使他们能够在两个月内完成部署。 - -此外,拥有一个敬业的开发团队可团队完成部署后在拉取请求级别使用代码扫描。 - -### 中型数据平台公司的部署示例 - -时至今天,一家全球性数据平台公司使用 GHAS 取得了巨大成功。 他们已经完成了最初的实施,目前正在通过推进部署过程。 该公司在安全态势和工具方面很成熟,作为一家公司很好地达成了一致。 这使他们能够完全自主运行,并且快速、顺利地完成部署。 - -该公司强大的一致性、高效的运营和安全工具的成熟度,使他们能够快速实施 GHAS,为 {% data variables.product.prodname_codeql %} 奠定良好的基础。 自实施后,他们现在可以自动启用跨不同存储库的 {% data variables.product.prodname_codeql %}。 - -除了安全性和技术成熟度之外,该公司成功的另一个关键是拥有项目所有者和团队的单一联系人来推动项目向前发展。 不仅拥有这样一个关键联系人,而且他们非常足智多谋和熟练,直接为部署的成功做出贡献。 - -## 公司在部署 GHAS 之前需满足的先决条件 - -{% data variables.product.prodname_professional_services %} 可以帮助提供额外的支持,帮助您的公司细分和了解这些先决条件,并帮助您为 GHAS 实施过程做好准备。 - - ### CI/CD 系统和流程 - -如果您的公司尚未投资或实施持续集成或持续交付 (CI/CD) 系统和流程,我们建议您在继续使用 GHAS 的同时采取此步骤。 这对贵公司来说可能是一个重大转变 - 我们可以与您合作,为实施 CI/CD 系统提供建议和指导,并支持可能需要的任何培训。 - -### 安装 {% data variables.product.prodname_GH_advanced_security %} 的要求 - -根据贵公司使用的技术组合,可以采用几种不同的路径进行 GHAS 安装。 本节概述了贵公司可能需要采取的不同路径的快速细分。 - -{% ifversion ghes %} - -#### {% data variables.product.prodname_ghe_server %} - -重要的是,您使用的是支持公司需求的 {% data variables.product.prodname_ghe_server %} (GHES) 版本。 - -如果您使用的是早期版本(3.0 之前)的 GHES 并希望升级,则在升级之前,您需要满足一些要求。 更多信息请参阅: - - “[升级 {% data variables.product.prodname_ghe_server %}](/enterprise-server@2.22/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server)” - - “[升级要求](/enterprise-server@2.20/admin/enterprise-management/upgrade-requirements)” - -如果您使用的是第三方 CI/CD 系统,并且想要使用 {% data variables.product.prodname_code_scanning %},请确保已下载 {% data variables.product.prodname_codeql_cli %}。 更多信息请参阅“[关于 CI 系统中的 CodeQL 代码扫描](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system)”。 - -如果您与 {% data variables.product.prodname_professional_services %} 合作部署 GHAS ,请准备好在启动会议中详细讨论这些项目。 - -{% endif %} - -{% ifversion ghec %} - -#### {% data variables.product.prodname_ghe_cloud %} - -如果您是 {% data variables.product.prodname_ghe_cloud %} (GHEC) 客户,则需要满足一些先决条件,具体取决于您计划使用的 CI/CD。 - -对 CI/CD 使用 {% data variables.product.prodname_actions %} : -- 为确保可以正确集成和利用 {% data variables.product.prodname_code_scanning %} ,在继续安装之前,您应该对 {% data variables.product.prodname_actions %} 有基本的了解。 - -对 CI/CD 使用第三方工具: -- 要集成 {% data variables.product.prodname_codeql_cli %},您应该对 CI/CD 系统以及 *nix 和 Windows 有基本的了解,特别是命令的执行方式以及成功/失败的信号。 有关如何集成第三方工具的更多信息,请参阅“[将 CodeQL 代码扫描与现有 CI 系统结合使用](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system)”。 - -{% endif %} - -## 与 GitHub 合作进行部署 - -在为实施 GHAS 做准备时,请务必考虑贵公司需要做些什么才能使该项目取得成功。 我们最成功的 GHAS 实施依赖于 GitHub 和客户在整个过程中,与拥有该项目的客户明确确定的利益相关者共同承担责任。 - -#### 客户和 GitHub 责任的成功模型 - -**客户责任** -- 完成基础架构和流程先决条件 -- 管理部署和实施,包括规划和执行 -- 内部培训 -- (可选)向 GitHub 社区提供 {% data variables.product.prodname_codeql %} 查询 - -**GitHub 责任** - -- 功能的维护和增强,如 {% ifversion ghes %}{% data variables.product.prodname_ghe_server %}{% endif %}、{% data variables.product.prodname_actions %}、{% data variables.product.prodname_GH_advanced_security %} -- 提供、维护和交付以下服务: {% data variables.product.prodname_dotcom %} 文档、{% data variables.product.prodname_dotcom %} 社区、{% data variables.product.prodname_dotcom %} 支持 - -{% note %} - -**注意:** {% data variables.product.prodname_professional_services %} 有助于支持履行许多客户职责。 要了解更多信息,请参阅“[GitHub 服务和支持](#github-services-and-support)”。 - -{% endnote %} - -## {% data variables.product.prodname_dotcom %} 服务和支持 - -### {% data variables.product.prodname_dotcom %} 支持 - -如果您在实施过程中遇到任何问题,可以搜索我们的深入文档以获取解决方案,或与 {% data variables.product.prodname_dotcom %} 支持部门合作,这是一个由高技术工程师组成的团队,可以在出现问题时为您提供支持。 更多信息请参阅“[GitHub Enterprise 支持](https://enterprise.github.com/support)”。 - -此外,您还可以尝试我们的 [ {% data variables.product.prodname_gcf %}](https://github.community/)。 - -如果您购买了高级支持计划,则可以在[高级支持门户](https://enterprise.github.com/support)提交事件单。 如果您不确定购买了哪个支持计划,可以联系您的销售代表或查看计划选项。 - -有关高级支持计划选项的详细信息,请参阅: - - “[高级支持](https://github.com/premium-support)” {% ifversion ghec %} - - “[关于 {% data variables.product.prodname_ghe_cloud %} 的 GitHub 高级支持](/github/working-with-github-support/about-github-premium-support-for-github-enterprise-cloud)”{% endif %}{% ifversion ghes %} - - “[关于 {% data variables.product.prodname_ghe_server %} 的 GitHub 高级支持](/admin/enterprise-support/overview/about-github-premium-support-for-github-enterprise-server)”{% endif %} - -### {% data variables.product.prodname_professional_services %} - -我们的 {% data variables.product.prodname_professional_services_team %} 团队可以与您合作,成功部署和实施 {% data variables.product.prodname_GH_advanced_security %}。 我们针对您的实施所需的指导和支持类型提供了多种选项。 我们还提供培训和训练营,帮助您的公司优化 GHAS 的价值。 - -如果您想与我们的 {% data variables.product.prodname_professional_services_team %} 团队合作进行部署,我们建议您开始考虑您的系统设计和基础架构,以及您希望使用 GHAS 设置的存储库数量,以开始这些对话。 此外,开始考虑您希望通过此部署实现的目标。 - -实施只是学习如何使用 GHAS 的安全驱动型成功旅程中的一步。 完成实施后,您将进一步了解整个基础架构和代码库中的部署。 请与您的销售代表联系,以获取有关所有可用 {% data variables.product.prodname_professional_services_team %} 选项的更多信息。 - -如果您最初选择退出其他服务,但在开始实施时发现需要其他支持,请联系您的销售代表,讨论可能需要哪些服务选项来支持您的实施。 diff --git a/translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md b/translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md index 99aa7b8f6b..1b81020d13 100644 --- a/translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md +++ b/translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md @@ -39,7 +39,7 @@ shortTitle: 安全日志 | 类别名称 | 描述 | | -------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |{% ifversion fpt or ghec %} | [`计费,帐单`](#billing-category-actions) | 包含与帐单信息相关的所有活动。 | -| [`codespaces`](#codespaces-category-actions) | Contains all activities related to {% data variables.product.prodname_github_codespaces %}. 更多信息请参阅“[关于 {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/about-codespaces)”。 | +| [`codespaces`](#codespaces-category-actions) | 包含与 {% data variables.product.prodname_github_codespaces %} 相关的所有活动。 更多信息请参阅“[关于 {% data variables.product.prodname_codespaces %}](/github/developing-online-with-codespaces/about-codespaces)”。 | | [`marketplace_agreement_signature`](#marketplace_agreement_signature-category-actions) | 包含与签署 {% data variables.product.prodname_marketplace %} 开发者协议相关的所有活动。 | | [`marketplace_listing`](#marketplace_listing-category-actions) | 包含与 {% data variables.product.prodname_marketplace %} 中列出的应用程序相关的所有活动。{% endif %} | [`oauth_access`](#oauth_access-category-actions) | 包含与您已连接的 [{% data variables.product.prodname_oauth_apps %}](/github/authenticating-to-github/keeping-your-account-and-data-secure/authorizing-oauth-apps) 相关的所有活动。{% ifversion fpt or ghec %} diff --git a/translations/zh-CN/content/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-github-codespaces.md b/translations/zh-CN/content/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-github-codespaces.md index 95ea419312..ae84a291ce 100644 --- a/translations/zh-CN/content/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-github-codespaces.md +++ b/translations/zh-CN/content/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-github-codespaces.md @@ -1,5 +1,5 @@ --- -title: Managing spending limits for GitHub Codespaces +title: 管理 GitHub Codespaces 的支出限制 intro: '您可以为 {% data variables.product.prodname_github_codespaces %} 的使用设置支出限额。' versions: fpt: '*' @@ -67,4 +67,4 @@ redirect_from: ## 延伸阅读 - "[限制对机器类型的访问](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)" -- "[Managing billing for {% data variables.product.prodname_github_codespaces %} in your organization](/codespaces/managing-codespaces-for-your-organization/managing-billing-for-github-codespaces-in-your-organization)" +- “[管理组织中 {% data variables.product.prodname_github_codespaces %} 的计费](/codespaces/managing-codespaces-for-your-organization/managing-billing-for-github-codespaces-in-your-organization)” diff --git a/translations/zh-CN/content/billing/managing-billing-for-github-codespaces/viewing-your-github-codespaces-usage.md b/translations/zh-CN/content/billing/managing-billing-for-github-codespaces/viewing-your-github-codespaces-usage.md index 08dc327218..2f85033f8d 100644 --- a/translations/zh-CN/content/billing/managing-billing-for-github-codespaces/viewing-your-github-codespaces-usage.md +++ b/translations/zh-CN/content/billing/managing-billing-for-github-codespaces/viewing-your-github-codespaces-usage.md @@ -1,5 +1,5 @@ --- -title: Viewing your GitHub Codespaces usage +title: 查看 GitHub Codespaces 使用情况 shortTitle: 查看使用情况 intro: '您可以查看 {% data variables.product.prodname_github_codespaces %} 使用的计算分钟数和存储空间。' permissions: 'To manage billing for {% data variables.product.prodname_github_codespaces %} for an organization, you must be an organization owner or a billing manager.' diff --git a/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/index.md b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/index.md new file mode 100644 index 0000000000..018a57420f --- /dev/null +++ b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/index.md @@ -0,0 +1,22 @@ +--- +title: 大规模采用 GitHub Advanced Security +shortTitle: 大规模采用 GHAS +intro: 使用行业和 GitHub 最佳实践在贵公司推出 GitHub Advanced Security 的分阶段方法。 +versions: + ghes: '*' + ghae: '*' + ghec: '*' +topics: + - Secret scanning + - Advanced Security + - Repositories +children: + - /introduction-to-adopting-github-advanced-security-at-scale + - /phase-1-align-on-your-rollout-strategy-and-goals + - /phase-2-preparing-to-enable-at-scale + - /phase-3-pilot-programs + - /phase-4-create-internal-documentation + - /phase-5-rollout-and-scale-code-scanning + - /phase-6-rollout-and-scale-secret-scanning +--- + diff --git a/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/introduction-to-adopting-github-advanced-security-at-scale.md b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/introduction-to-adopting-github-advanced-security-at-scale.md new file mode 100644 index 0000000000..ab80abaa68 --- /dev/null +++ b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/introduction-to-adopting-github-advanced-security-at-scale.md @@ -0,0 +1,54 @@ +--- +title: 大规模采用 GitHub Advanced Security 简介 +intro: '您可以按照行业和 GitHub 最佳实践在公司中大规模采用 {% data variables.product.prodname_GH_advanced_security %}。' +versions: + ghes: '*' + ghae: '*' + ghec: '*' +topics: + - Advanced Security +shortTitle: 简介 +redirect_from: + - /admin/advanced-security/overview-of-github-advanced-security-deployment + - /admin/code-security/managing-github-advanced-security-for-your-enterprise/overview-of-github-advanced-security-deployment + - /admin/advanced-security/deploying-github-advanced-security-in-your-enterprise + - /admin/code-security/managing-github-advanced-security-for-your-enterprise/deploying-github-advanced-security-in-your-enterprise +miniTocMaxHeadingLevel: 2 +--- + +## 关于这些文章 + +{% data variables.product.prodname_GH_advanced_security %} (GHAS) 可帮助团队使用集成工具(如机密扫描和使用 CodeQL 的代码扫描)更快地构建更安全的代码。 要了解通过 {% data variables.product.prodname_GH_advanced_security %} 提供的安全功能,请参阅“[关于 GitHub Advanced Security](/get-started/learning-about-github/about-github-advanced-security)”。 + +GHAS 是一套工具,需要整个企业的开发人员积极参与。 为了实现最佳的投资回报,您必须学习如何使用、应用和维护 GHAS。 + + +我们创建了一种分阶段的 GHAS 部署方法,该方法根据行业和 GitHub 最佳实践开发。 根据我们帮助客户成功部署 {% data variables.product.prodname_GH_advanced_security %} 的经验,我们预计大多数客户都希望遵循这些阶段,但您可能需要修改此方法以满足公司的需求。 + +在大型组织中启用 GHAS 可以分为六个核心阶段。 + +1. [**与您的推广策略和目标保持一致**](/code-security/adopting-github-advanced-security-at-scale/phase-1-align-on-your-rollout-strategy-and-goals):想想成功会是什么样子,并就 GHAS 将在您的公司中实施的方式保持一致。 此阶段可能只需要几天或一周的时间,但它为其余的部署奠定了坚实的基础。 + +2. [**准备大规模启用**](/code-security/adopting-github-advanced-security-at-scale/phase-2-preparing-to-enable-at-scale):准备开发人员,收集有关存储库的数据,并确保为下一阶段做好准备。 + +3. [**试点计划**](/code-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs):(可选)在一些高影响力的项目和团队试点初始部署。 这将允许贵公司内的初始小组熟悉 GHAS,然后再推广到公司的其余部分。 + +4. [**创建内部文档**](/code-security/adopting-github-advanced-security-at-scale/phase-4-create-internal-documentation):为 GHAS 的消费者创建和传达内部文档。 如果没有向开发人员、安全工程师和其他将使用 GHAS 的人提供适当的文档,价值将在推出中丢失。 + +5. [**推出和扩展 {% data variables.product.prodname_code_scanning %}**](/code-security/adopting-github-advanced-security-at-scale/phase-5-rollout-and-scale-code-scanning):利用可用的 API,使用您之前收集的存储库数据,按团队和整个企业的语言自动推出 {% data variables.product.prodname_code_scanning %}。 + +6. [**推出和扩展 {% data variables.product.prodname_secret_scanning %}**](/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning):推出 {% data variables.product.prodname_secret_scanning %},这涉及的配置更少,因此比 {% data variables.product.prodname_code_scanning %} 更容易采用。 尽管如此,制定处理新旧结果的策略仍然至关重要。 + +## {% data variables.contact.github_support %} 和 {% data variables.product.prodname_professional_services_team %} + +如果您在实施过程中遇到任何问题或有任何疑问,可以搜索我们的文档以获取解决方案或与 {% data variables.contact.github_support %} 互动。 更多信息请参阅“[关于 GitHub 支持](/support/learning-about-github-support/about-github-support)”。 + +如果您希望在整个推出过程中获得指导,{% data variables.product.prodname_professional_services %} 可以与您合作,成功推出和实施 {% data variables.product.prodname_GH_advanced_security %}。 我们提供各种指导和支持选项。 我们还提供培训和训练营,以帮助您的公司优化 {% data variables.product.prodname_GH_advanced_security %} 的价值。 + +请与您的销售代表联系,了解有关所有可用专业服务选项的更多信息。 更多信息请联系 {% data variables.contact.contact_enterprise_sales %}。 + +{% note %} + +有关本系列的第一篇文章,请参阅“[第 1 阶段:根据部署策略和目标保持一致](/code-security/adopting-github-advanced-security-at-scale/phase-1-align-on-your-rollout-strategy-and-goals)”。 + +{% endnote %} diff --git a/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-1-align-on-your-rollout-strategy-and-goals.md b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-1-align-on-your-rollout-strategy-and-goals.md new file mode 100644 index 0000000000..7e6f21cf01 --- /dev/null +++ b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-1-align-on-your-rollout-strategy-and-goals.md @@ -0,0 +1,71 @@ +--- +title: 第 1 阶段:根据部署策略和目标保持一致 +intro: '在启用 {% data variables.product.prodname_code_scanning %} 和 {% data variables.product.prodname_secret_scanning %}之前,请计划如何在整个企业中推广 GHAS。' +versions: + ghes: '*' + ghae: '*' + ghec: '*' +topics: + - Advanced Security +shortTitle: 1. 与策略一致 +miniTocMaxHeadingLevel: 3 +--- + +{% note %} + +本文是关于大规模采用 {% data variables.product.prodname_GH_advanced_security %} 系列文章的一部分。 有关本系列的介绍,请参阅“[大规模采用 {% data variables.product.prodname_GH_advanced_security %} 简介](/code-security/adopting-github-advanced-security-at-scale/introduction-to-adopting-github-advanced-security-at-scale)”。 + +{% endnote %} + +### 为公司的部署设定明确的目标 + +要为贵公司的部署方向奠定基础,请概述贵公司内部的 GHAS 目标,并将这些目标传达给您的团队。 你的目标可以是简单的,也可以是复杂的,只要您的团队保持一致。 如果您在实现目标方面需要帮助, {% data variables.product.prodname_professional_services %} 可以根据我们对贵公司和其他客户的经验提供建议。 + +以下是一些简要示例,说明部署 GHAS 的目标可能是什么样子: + + - **减少漏洞数量:** 这可能是一般目标,或者因为您的公司最近受到重大漏洞的影响,您认为可以通过 GHAS 等工具阻止这些漏洞。 + - **识别高风险存储库**:一些公司只想针对包含最多风险的存储库,从而通过修复漏洞来降低风险。 + - **提高修复率**:为了防止安全债务的积累,您可能希望推动开发人员采用调查结果并确保及时修复这些漏洞。 + - **满足合规要求**:例如,许多医疗保健公司使用 GHAS 来防止 PHI(个人健康信息)的暴露。 + - **防止机密泄露**:许多公司希望防止关键信息泄露,例如软件密钥或财务数据。 + +### 与安全和开发组一起领导您的部署 + +让安全和开发团队参与其 GHAS 推出的公司往往比仅涉及其安全团队的公司更成功,等待在试点结束后包括开发团队。 + +GHAS 采用以开发人员为中心的软件安全方法,无缝集成到开发人员工作流程中。 在流程的早期让开发团队拥有关键代表可以降低推出的风险,并鼓励组织支持。 + +尽早让开发团队参与进来,最好从购买之时开始,有助于公司利用 GHAS 在开发过程的早期解决安全问题。 当两个小组一起工作时,他们在流程的早期就实现了一致,消除了数据孤岛,建立并加强了他们的工作关系,并对推出承担更多责任。 + + +### 了解 GHAS + +要为推广设定切合实际的期望,请确保所有利益相关者了解以下有关 GHAS 如何运作的关键事实。 + +#### 1. GHAS 是一套安全工具,需要采取措施来保护您的代码。 + +GHAS 是一套工具,在配置、维护、日常工作流程中使用以及与其他工具结合使用时,其价值会随之增加。 + +#### 2. GHAS 需要开箱即用的调整。 + +在您的仓库上设置 GHAS 后,您需要配置 GHAS 以满足您公司的需求。 代码扫描尤其需要进一步的定制,例如评估初始结果并为将来的扫描进行调整。 许多客户发现,在根据应用程序的威胁模型调整代码扫描之前,初始扫描返回的结果有限或不相关。 + +#### 3. GHAS 工具一起使用并集成到您的应用安全程序中时最有效 + +当所有工具一起使用时,GHAS 最有效。 通过将 GHAS 与其他工具和活动(如渗透测试和动态扫描)集成,可以进一步提高应用程序安全程序的有效性。 我们建议始终使用多层保护。 + +#### 4. 一些公司使用自定义 {% data variables.product.prodname_codeql %} 查询来自定义和定位扫描结果 + +代码扫描由 {% data variables.product.prodname_codeql %} 提供支持,是世界上最强大的代码分析引擎。 对于我们的许多客户来说,社区中提供的基本查询集和其他查询已经绰绰有余。 但是,其他公司可能需要自定义 {% data variables.product.prodname_codeql %} 查询,以针对不同的结果或减少误报。 + +如果您的公司对定制 {% data variables.product.prodname_codeql %} 查询感兴趣,我们建议您先完成 GHAS 的推出和实施。 然后,当您的公司准备就绪时,{% data variables.product.prodname_professional_services %} 可以帮助您浏览要求,并确保您的公司需要自定义查询。 + +#### 5. {% data variables.product.prodname_codeql %} 扫描整个代码库,而不仅仅是在拉取请求中所做的更改 + +当从拉取请求运行代码扫描时,扫描将包括完整的代码库,而不仅仅是在拉取请求中所做的更改。 扫描整个代码库是确保已针对代码库中的所有交互检查更改的重要步骤。 + +{% note %} + +有关本系列的下一篇文章,请参阅“[阶段 2:准备大规模启用](/code-security/adopting-github-advanced-security-at-scale/phase-2-preparing-to-enable-at-scale)”。 + +{% endnote %} diff --git a/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-2-preparing-to-enable-at-scale.md b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-2-preparing-to-enable-at-scale.md new file mode 100644 index 0000000000..4e7cb8da6f --- /dev/null +++ b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-2-preparing-to-enable-at-scale.md @@ -0,0 +1,153 @@ +--- +title: 'Phase 2: Preparing to enable at scale' +intro: "In this phase you will prepare developers and collect data about your repositories to ensure your teams are ready and you have everything you need for pilot programs and rolling out {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_secret_scanning %}." +versions: + ghes: '*' + ghae: '*' + ghec: '*' +topics: + - Advanced Security +shortTitle: 2. Preparation +miniTocMaxHeadingLevel: 3 +--- + +{% note %} + +This article is part of a series on adopting {% data variables.product.prodname_GH_advanced_security %} at scale. For the previous article in this series, see "[Phase 1: Align on your rollout strategy and goals](/code-security/adopting-github-advanced-security-at-scale/phase-1-align-on-your-rollout-strategy-and-goals)." + +{% endnote %} + +## Preparing to enable {% data variables.product.prodname_code_scanning %} + +{% data reusables.code-scanning.about-code-scanning %} For more information, see "[About code scanning](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning)." + +Rolling {% data variables.product.prodname_code_scanning %} out across hundreds of repositories can be difficult, especially when done inefficiently. Following these steps will ensure your rollout is both efficient and successful. As part of your preparation, you will work with your teams, use automation to collect data about your repositories, and enable {% data variables.product.prodname_code_scanning %}. + +### Preparing teams for {% data variables.product.prodname_code_scanning %} + +First, prepare your teams to use {% data variables.product.prodname_code_scanning %}. The more teams that use {% data variables.product.prodname_code_scanning %}, the more data you'll have to drive remediation plans and monitor progress on your rollout. During this phase, focus on leveraging APIs and running internal enablement events. + +Your core focus should be preparing as many teams to use {% data variables.product.prodname_code_scanning %} as possible. You can also encourage teams to remediate appropriately, but we recommend prioritizing enablement and use of {% data variables.product.prodname_code_scanning %} over fixing issues during this phase. + +### Collecting information about your repositories + +You can programmatically gather information about the different programming languages used in your repositories and use that data to enable {% data variables.product.prodname_code_scanning %} on all repositories that use the same language, using {% data variables.product.product_name %}'s GraphQL API. + +{% note %} + +**Note:** To gather this data without manually running the GraphQL queries described in this article, you can use our publicly available tool. For more information, see the "[ghas-enablement tool](https://github.com/NickLiffen/ghas-enablement)" repository. + +{% endnote %} + +If you want to gather information from repositories belonging to multiple organizations in your enterprise, you can use the query below to obtain the names of your organizations and then feed those into repository query. Replace OCTO-ENTERPRISE with your enterprise name. + +```graphql +query { + enterprise(slug: "OCTO-ENTERPRISE") { + organizations(first: 100) { + totalCount + nodes { + name + } + pageInfo { + endCursor + hasNextPage + } + } + } +} +``` + +You can identify which repositories use which languages by collating repositories by language at the organization level. You can modify the sample GraphQL query below, replacing OCTO-ORG with the organization name. + +```graphql +query { + organization(login: "OCTO-ORG") { + repositories(first: 100) { + totalCount + nodes { + nameWithOwner + languages(first: 100) { + totalCount + nodes { + name + } + } + } + pageInfo { + endCursor + hasNextPage + } + } + } +} +``` + +For more information about running GraphQL queries, see "[Forming calls with GraphQL](/graphql/guides/forming-calls-with-graphql)." + +Then, convert the data from the GraphQL query into a readable format, such as a table. + +| Language | Number of Repos | Name of Repos | +|-------------------------|-----------------|-----------------------------------------| +| JavaScript (TypeScript) | 4212 | org/repo
org/repo | +| Python | 2012 | org/repo
org/repo | +| Go | 983 | org/repo
org/repo | +| Java | 412 | org/repo
org/repo | +| Swift | 111 | org/repo
org/repo | +| Kotlin | 82 | org/repo
org/repo | +| C | 12 | org/repo
org/repo | + +You can filter out the languages that are currently not supported by {% data variables.product.prodname_GH_advanced_security %} from this table. + +If you have repositories with multiple languages, you can format the GraphQL results as shown in the table below. Filter out languages that are not supported, but retain all repositories with at least one supported language. You can enable {% data variables.product.prodname_code_scanning %} on these repositories, and all supported languages will be scanned. + +| Language(s) | Number of Repos | Name of Repos | +|------------------------|-----------------|------------------------------------------| +| JavaScript/Python/Go | 16 | org/repo
org/repo | +| Rust/TypeScript/Python | 12 | org/repo
org/repo | + +An understanding of which repositories are using which languages will help you identify candidate repositories for pilot programs in phase 3, and prepares you to enable {% data variables.product.prodname_code_scanning %} across all repositories, one language at a time, in phase 5. + +{% ifversion ghes %} + +### Enabling {% data variables.product.prodname_code_scanning %} for your appliance + +Before you can proceed with pilot programs and rolling out {% data variables.product.prodname_code_scanning %} across your enterprise, you must first enable {% data variables.product.prodname_code_scanning %} for your appliance. For more information, see "[Configuring code scanning for your appliance](/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance)." + +{% endif %} + +## Preparing to enable {% data variables.product.prodname_secret_scanning %} + +If a project communicates with an external service, it might use a token or private key for authentication. If you check a secret into a repository, anyone who has read access to the repository can use the secret to access the external service with your privileges. {% data variables.product.prodname_secret_scanning_caps %} will scan your entire Git history on all branches present in your {% data variables.product.prodname_dotcom %} repositories for secrets and alert you{% ifversion secret-scanning-push-protection %} or block the push containing the secret{% endif %}. For more information, see "[About secret scanning](/code-security/secret-scanning/about-secret-scanning)." + +### Considerations when enabling {% data variables.product.prodname_secret_scanning %} + +{% data variables.product.product_name %}’s {% data variables.product.prodname_secret_scanning %} capability is slightly different from {% data variables.product.prodname_code_scanning %} since it requires no specific configuration per programming language or per repository and less configuration overall to get started. This means enabling {% data variables.product.prodname_secret_scanning %} at the organizational level can be easy but clicking **Enable All** at the organization level and ticking the option **Automatically enable {% data variables.product.prodname_secret_scanning %} for every new repository** has some downstream effects that you should be aware of: + +- **License consumption** + Enabling {% data variables.product.prodname_secret_scanning %} for all repositories will consume all your licenses, even if no one is using code scanning. This is fine unless you plan to increase the number of active developers in your organization. If the number of active developers is likely to increase in the coming months, you may exceed your license limit and then be unable to use {% data variables.product.prodname_GH_advanced_security %} on newly created repositories. +- **Initial high volume of detected secrets** + If you are enabling {% data variables.product.prodname_secret_scanning %} on a large organization, be prepared to see a high number of secrets found. Sometimes this comes as a shock to organizations and the alarm is raised. If you would like to turn on {% data variables.product.prodname_secret_scanning %} across all repositories at once, plan for how you will respond to multiple alerts across the organization. + +{% data variables.product.prodname_secret_scanning_caps %} can be enabled for individual repositories. For more information, see "[Configuring {% data variables.product.prodname_secret_scanning %} for your repositories](/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories)." {% data variables.product.prodname_secret_scanning_caps %} can also be enabled for all repositories in your organization, as described above. For more information on enabling for all repositories, see "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)." + +### Custom patterns for {% data variables.product.prodname_secret_scanning %} + +{% ifversion ghae %} +{% note %} + +**Note:** Custom patterns for {% data variables.product.prodname_secret_scanning %} is currently in beta and is subject to change. + +{% endnote %} +{% endif %} + +{% data variables.product.prodname_secret_scanning_caps %} detects a large number of default patterns but can also be configured to detect custom patterns, such as secret formats unique to your infrastructure or used by integrators that {% data variables.product.product_name %}'s {% data variables.product.prodname_secret_scanning %} does not currently detect. For more information about supported secrets for partner patterns, see "[Secret scanning patterns](/code-security/secret-scanning/secret-scanning-patterns)." + +As you audit your repositories and speak to security and developer teams, build a list of the secret types that you will later use to configure custom patterns for {% data variables.product.prodname_secret_scanning %}. For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)." + + +{% note %} + +For the next article in this series, see "[Phase 3: Pilot programs](/code-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs)." + +{% endnote %} \ No newline at end of file diff --git a/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs.md b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs.md new file mode 100644 index 0000000000..8ec074cea9 --- /dev/null +++ b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs.md @@ -0,0 +1,86 @@ +--- +title: 'Phase 3: Pilot programs' +intro: "You may benefit from beginning with a few high-impact projects and teams with which to pilot an initial rollout. This will allow an initial group within your company to get familiar with GHAS, learn how to enable and configure GHAS, and build a solid foundation on GHAS before rolling out to the remainder of your company." +versions: + ghes: '*' + ghae: '*' + ghec: '*' +topics: + - Advanced Security +shortTitle: 3. Pilot programs +miniTocMaxHeadingLevel: 3 +--- + +{% note %} + +This article is part of a series on adopting {% data variables.product.prodname_GH_advanced_security %} at scale. For the previous article in this series, see "[Phase 2: Preparing to enable at scale](/code-security/adopting-github-advanced-security-at-scale/phase-2-preparing-to-enable-at-scale)." + +{% endnote %} + +## About pilot programs + +We recommend you identify a few high-impact projects or teams to use in a pilot rollout of GHAS. This allows an initial group within your company to get familiar with GHAS and builds a solid foundation for GHAS before you roll it out to the remainder of your company. + +The steps in this phase will help you enable GHAS on your enterprise, begin using its features, and review your results. If you’re working with {% data variables.product.prodname_professional_services %}, they can provide additional assistance through this process through onboarding sessions, GHAS workshops, and troubleshooting as needed. + +Before you start your pilot projects, we recommend that you schedule some meetings for your teams, such as an initial meeting, midpoint review, and a wrap-up session when the pilot is complete. These meetings will help you all make adjustments as needed and ensure your teams are prepared and supported to complete the pilot successfully. + +{% ifversion ghes %} + +If you haven't already enabled GHAS for your {% data variables.product.prodname_ghe_server %} instance, see "[Enabling GitHub Advanced Security for your enterprise](/admin/advanced-security/enabling-github-advanced-security-for-your-enterprise)." + +{% endif %} + +You need to enable GHAS for each pilot project, either by enabling the GHAS features for each repository or for all repositories in any organizations taking part in the pilot. For more information, see "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)" + +## Piloting {% data variables.product.prodname_code_scanning %} + +{% ifversion ghes %} + +To enable {% data variables.product.prodname_code_scanning %} on your {% data variables.product.prodname_ghe_server %} instance, see "[Configuring code scanning for your appliance](/admin/advanced-security/configuring-code-scanning-for-your-appliance)." + +{% elsif ghae %} + +To enable {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_actions %} you must make runners available to run workflows in {% data variables.product.prodname_ghe_managed %}, see "[Getting started with {% data variables.product.prodname_actions %} for {% data variables.product.prodname_ghe_managed %}](/admin/github-actions/getting-started-with-github-actions-for-your-enterprise/getting-started-with-github-actions-for-github-ae)." + +{% endif %} + +You can run code scanning on a repository by creating a {% data variables.product.prodname_actions %} workflow to run the [CodeQL action](https://github.com/github/codeql-action/). {% ifversion ghec %}{% data variables.product.prodname_code_scanning_capc %} uses [GitHub-hosted runners](/actions/using-github-hosted-runners/about-github-hosted-runners) by default, but this can be customized if you plan to host your own runner with your own hardware specifications. For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners)."{% endif %} + +For more information about {% data variables.product.prodname_actions %}, see: + - "[Learn GitHub Actions](/actions/learn-github-actions)" + - "[Understanding GitHub Actions](/actions/learn-github-actions/understanding-github-actions)" + - "[Events that trigger workflows](/actions/learn-github-actions/events-that-trigger-workflows)" + - "[Filter Pattern Cheat Sheet](/actions/learn-github-actions/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet)" + +We recommend enabling {% data variables.product.prodname_code_scanning %} on a repository-by-repository basis as part of your pilot program. For more information, see "[Setting up code scanning for a repository](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository)." + +If you want to enable code scanning for many repositories, you may want to script the process. + +For an example of a script that opens pull requests to add a {% data variables.product.prodname_actions %} workflow to multiple repositories, see the [`jhutchings1/Create-ActionsPRs`](https://github.com/jhutchings1/Create-ActionsPRs) repository for an example using PowerShell, or [`nickliffen/ghas-enablement`](https://github.com/NickLiffen/ghas-enablement) for teams who do not have PowerShell and instead would like to use NodeJS. + +When running initial code scans, you may find that no results are found or that an unusual number of results are returned. You may want to adjust what is flagged in future scans. For more information, see "[Configuring code scanning](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning)." + +If your company wants to use other third-party code analysis tools with GitHub code scanning, you can use actions to run those tools within GitHub. Alternatively, you can upload results, which are generated by third-party tools as SARIF files, to code scanning. For more information, see "[Integrating with code scanning](/code-security/code-scanning/integrating-with-code-scanning)." + +## Piloting {% data variables.product.prodname_secret_scanning %} + +GitHub scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally. + +{% ifversion ghes %} + +To enable secret scanning for your {% data variables.product.prodname_ghe_server %} instance, see "[Configuring secret scanning for your appliance](/admin/advanced-security/configuring-secret-scanning-for-your-appliance)." + +{% endif %} + +You need to enable secret scanning for each pilot project, either by enabling the feature for each repository or for all repositories in any organizations taking part in the project. For more information, see "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)" or "[Managing security and analysis settings for your organization](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)." + +If you have collated any custom patterns specific to your enterprise, especially any related to the projects piloting {% data variables.product.prodname_secret_scanning %}, you can configure those. For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)." + +To learn how to view and close alerts for secrets checked into your repository, see "[Managing alerts from secret scanning](/code-security/secret-scanning/managing-alerts-from-secret-scanning)." + +{% note %} + +For the next article in this series, see "[Phase 4: Create internal documentation](/code-security/adopting-github-advanced-security-at-scale/phase-4-create-internal-documentation)." + +{% endnote %} \ No newline at end of file diff --git a/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-4-create-internal-documentation.md b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-4-create-internal-documentation.md new file mode 100644 index 0000000000..0c61eb5465 --- /dev/null +++ b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-4-create-internal-documentation.md @@ -0,0 +1,32 @@ +--- +title: 'Phase 4: Create internal documentation' +intro: 'You will create internal documentation and then communicate this to the consumers of {% data variables.product.prodname_GH_advanced_security %}.' +versions: + ghes: '*' + ghae: '*' + ghec: '*' +topics: + - Advanced Security +shortTitle: 4. Create internal documentation +miniTocMaxHeadingLevel: 3 +--- + +{% note %} + +本文是关于大规模采用 {% data variables.product.prodname_GH_advanced_security %} 系列文章的一部分。 For the previous article in this series, see "[Phase 3: Pilot programs](/code-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs)." + +{% endnote %} + +Before enabling {% data variables.product.prodname_GH_advanced_security %}, you should create internal documentation that defines processes for teams to follow. Everyone needs to know what to do when they receive a security alert, even if the process simply asks the team to apply their best judgment. Documentation will also prevent developers from getting blocked when they have questions. You should put the documentation about GHAS with existing developer-focused documentation, such as your developer portal or custom knowledge base. + +If you ran pilot programs, use the experiences and feedback from the teams involved in those pilots to influence your documentation. This is especially useful if you encountered issues that are specific to your company, that other teams will also likely encounter. + +If you skip creating internal documentation, your rollout won’t go at your intended pace. Creating internal documentation may slow the initial rollout by a week or two, but that time will be made up when developers can answer their own questions instead of coming to your team. + +Education is probably the most crucial part of the rollout as it teaches developers what to do in different situations. You should ensure developers are empowered to maintain the security of their repository and that the security team are authorized to verify both what developers are doing and that it's in the best interest of security. In additional to internal documentation, education can take the form of online sessions, Q&As, etc. + +{% note %} + +For the next article in this series, see "[Phase 5: Rollout and scale code scanning](/code-security/adopting-github-advanced-security-at-scale/phase-5-rollout-and-scale-code-scanning)." + +{% endnote %} diff --git a/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-5-rollout-and-scale-code-scanning.md b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-5-rollout-and-scale-code-scanning.md new file mode 100644 index 0000000000..bcffefea2e --- /dev/null +++ b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-5-rollout-and-scale-code-scanning.md @@ -0,0 +1,56 @@ +--- +title: 'Phase 5: Rollout and scale code scanning' +intro: 'You can leverage the available APIs to rollout {% data variables.product.prodname_code_scanning %} programmatically by team and by language across your enterprise using the repository data you collected earlier.' +versions: + ghes: '*' + ghae: '*' + ghec: '*' +topics: + - Advanced Security +shortTitle: 5. Rollout code scanning +miniTocMaxHeadingLevel: 3 +--- + +{% note %} + +本文是关于大规模采用 {% data variables.product.prodname_GH_advanced_security %} 系列文章的一部分。 For the previous article in this series, see "[Phase 4: Create internal documentation](/code-security/adopting-github-advanced-security-at-scale/phase-4-create-internal-documentation)." + +{% endnote %} + +### 启用代码扫描 + +Using the data you collated in [Phase 2](/code-security/adopting-github-advanced-security-at-scale/phase-2-preparing-to-enable-at-scale), you can begin to enable GHAS and then {% data variables.product.prodname_code_scanning %} on your repositories, one language at a time. The step-by-step process for enabling GHAS should look like this: + +1. Enable GHAS on the repository. 更多信息请参阅“[管理仓库的安全和分析设置](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)”。 +1. Create a pull request against the repository's default branch with a `codeql-analysis.yml` file containing an example of how to run CodeQL for that language. 更多信息请参阅“[创建拉取请求](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request)”。 +1. Create an issue in the repository to explain why a pull request has been raised. The issue you create can contain a link to the previous communication sent to all users, but can also explain what changes the pull request introduces, what next steps the team have to take, what the team's responsibilities are, and how the team should be using {% data variables.product.prodname_code_scanning %}. 更多信息请参阅“[创建议题](/issues/tracking-your-work-with-issues/creating-an-issue)”。 + +There is a publicly available tool that completes the first two steps called the [ghas-enablement tool](https://github.com/NickLiffen/ghas-enablement). You can re-run the ghas-enablement tool in batches of languages where it makes sense. For example, JavaScript, TypeScript, Python, and Go likely have a similar build process and could therefore use a similar CodeQL analysis file. The ghas-enablement tool can also be used for languages such as Java, C, and C++, but due to the varied nature of how these languages build and compile you may need to create more targeted CodeQL analysis files. + +{% note %} + +**Note:** If you are intending to use {% data variables.product.prodname_actions %} to control {% data variables.product.prodname_code_scanning %} and you do not use the [ghas-enablement tool](https://github.com/NickLiffen/ghas-enablement), keep in mind that there is no API access to the `.github/workflow` directory. This means that you cannot create a script without a git client underlying the automation. The workaround is to leverage bash scripting on a machine or container which has a git client. The git client can push and pull files into the `.github/workflows` directory where the `codeql-analysis.yml` file is located. + +{% endnote %} + +It is important to not just push the `codeql-analysis.yml` file the repository's default branch. Using a pull request puts ownership on the development team to review and merge, allowing the development team to learn about {% data variables.product.prodname_code_scanning %} and involving the team in the process. + +You should capture the pull request URLs created by automation, and check each week for any activity and see which ones are closed. After a few weeks, it may be worth creating another issue or sending internal emails if the pull request remains unmerged. + +### Creating subject matter experts + +You can then proceed to the next stage of enablement, which is creating internal subject matter experts (or SMEs) and arranging company meetings. Opening pull requests and issues in repositories will likely tackle a large percentage of your adoption, but this doesn’t tackle one-off use cases where a specific build process, framework, or library needs specific feature flags to be enabled. A more personalized and hands-on approach is required to push high adoption, especially for Java, C, and C++. + +It’s a good idea to run regular company meetings on specific topics to educate and discuss the rollout with a larger group. This is much more time-efficient for an enterprise with thousands of repositories compared to working with one team at a time. Teams can come to sessions that are relevant to them. Some example sessions that have been run before include: + +- 容器中的 {% data variables.product.prodname_code_scanning_capc %} +- {% data variables.product.prodname_code_scanning_capc %} & Java Struts +- {% data variables.product.prodname_code_scanning_capc %} & JSP + +You can use the data you have collected about the distribution of different languages among repositories to create targeted meetings. + +{% note %} + +For the next article in this series, see "[Phase 6: Rollout and scale secret scanning](/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning)." + +{% endnote %} diff --git a/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md new file mode 100644 index 0000000000..ee58926bcf --- /dev/null +++ b/translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md @@ -0,0 +1,106 @@ +--- +title: 'Phase 6: Rollout and scale secret scanning' +intro: 'For the final phase, you will focus on the rollout of {% data variables.product.prodname_secret_scanning %}. {% data variables.product.prodname_secret_scanning_caps %} is a more straightforward tool to rollout than {% data variables.product.prodname_code_scanning %}, as it involves less configuration, but it''s critical to have a strategy for handling new and old results.' +versions: + ghes: '*' + ghae: '*' + ghec: '*' +topics: + - Advanced Security +shortTitle: 6. Rollout secret scanning +miniTocMaxHeadingLevel: 3 +--- + +{% note %} + +本文是关于大规模采用 {% data variables.product.prodname_GH_advanced_security %} 系列文章的一部分。 For the previous article in this series, see "[Phase 5: Rollout and scale code scanning](/code-security/adopting-github-advanced-security-at-scale/phase-5-rollout-and-scale-code-scanning)." + +{% endnote %} + +You can enable secret scanning for individual repositories or for all repositories in an organization. 更多信息请参阅“[管理仓库的安全性和分析设置](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)”或“[管理组织的安全性和分析设置](/organizations/keeping-your-organization-secure/managing-security-and-analysis-settings-for-your-organization)”。 + +This article explains a high-level process focusing on enabling {% data variables.product.prodname_secret_scanning %} for all repositories in an organization. The principles described in this article can still be applied even if you take a more staggered approach of enabling {% data variables.product.prodname_secret_scanning %} for individual repositories. + +### 1. Focus on newly committed secrets + +When you enable {% data variables.product.prodname_secret_scanning %}, you should focus on remediating any newly committed credentials detected by secret scanning. If you focus on cleaning up committed credentials, developers could continue to accidentally push new credentials, which means your total secret count will stay around the same level, not decrease as intended. This is why it is essential to stop new credentials being leaked before focusing on revoking any current secrets. + +There are a few approaches for tackling newly committed credentials, but one example approach would be: + +1. **Notify**: Use webhooks to ensure that any new secret alerts are seen by the right teams as quickly as possible. A webhook fires when a secret alert is either created, resolved, or reopened. You can then parse the webhook payload, and integrate it into any tools you and your team use such Slack, Teams, Splunk, or email. For more information, see "[About webhooks](/developers/webhooks-and-events/webhooks/about-webhooks)" and "[Webhook events and payloads](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#secret_scanning_alert)." +2. **Follow Up**: Create a high-level remediation process that works for all secret types. For example, you could contact the developer who committed the secret and their technical lead on that project, highlighting the dangers of committing secrets to GitHub, and asking the them to revoke, and update the detected secret. + + {% note %} + + **Note:** You can automate this step. For large enterprises and organizations with hundreds of repositories, manually following up is unsustainable. You could incorporate automation into the webhook process defined in the first step. The webhook payload contains repository and organization information about the leaked secret. Using this information, you can contact the current maintainers on the repository and create a email/message to the responsible people or open an issue. + + {% endnote %} +3. **Educate**: Create an internal training document assigned to the developer who committed the secret. Within this training document, you can explain the risks created by committing secrets and direct them to your best practice information about using secrets securely in development. If the a developer doesn't learn from the experience and continues to commit secrets, you could create an escalation process, but education usually works well. + +Repeat the last two steps for any new secrets leaked. This process encourages developers to take responsibility for managing the secrets used in their code securely, and allows you to measure the reduction in newly committed secrets. + +{% note %} + +**Note:** More advanced organizations may want to perform auto-remediation of certain types of secrets. There is an open-source initiative called [GitHub Secret Scanner Auto Remediator](https://github.com/NickLiffen/GSSAR) which you can deploy into your AWS, Azure, or GCP environment and tailor to automatically revoke certain types of secrets based on what you define as the most critical. This is also an excellent way to react to new secrets being committed with a more automated approach. + +{% endnote %} + +### 2. Remediate previously committed secrets, starting with the most critical + +After you have established a process to monitor, notify and remediate newly published secrets, you can start work on secrets committed before {% data variables.product.prodname_GH_advanced_security %} was introduced. + +How you define your most critical secrets will depend on your organization's processes and integrations. For example, a company likely isn’t worried about a Slack Incoming Webhook secret if they don’t use Slack. You may find it useful to start by focusing on the top five most critical credential types for your organization. + +Once you have decided on the secret types, you can do the following: + +1. Define a process for remediating each type of secret. The actual procedure for each secret type is often drastically different. Write down the process for each type of secret in a document or internal knowledge base. + + {% note %} + + **Note:** When you create the process for revoking secrets, try and give the responsibility for revoking secrets to the team maintaining the repository instead of a central team. One of the principles of GHAS is developers taking ownership of security and having the responsibility of fixing security issues, especially if they have created them. + + {% endnote %} + +2. When you have created the process that teams will follow for revoking credentials, you can collate information about the types of secrets and other metadata associated with the leaked secrets so you can discern who to communicate the new process to. + + {% ifversion not ghae %} + + You can use the security overview to collect this information. For more information about using the security overview, see "[Filtering alerts in the security overview](/code-security/security-overview/filtering-alerts-in-the-security-overview)." + + {% endif %} + + Some information you may want to collect includes: + + - 组织 + - 仓库 + - 密钥类型 + - Secret value + - Maintainers on repository to contact + + {% note %} + + **Note:** Use the UI if you have few secrets leaked of that type. If you have hundreds of leaked secrets, use the API to collect information. For more information, see "[Secret scanning REST API](/rest/reference/secret-scanning)." + + {% endnote %} + +3. After you collect information about leaked secrets, create a targeted communication plan for the users who maintain the repositories affected by each secret type. You could use email, messaging, or even create GitHub issues in the affected repositories. If you can use APIs provided by these tools to send out the communications in an automated manner, this will make it easier for you to scale across multiple secret types. + +### 3. Expand the program to include more secret types and custom patterns + +You can now expand beyond the five most critical secret types into a more comprehensive list, with an additional focus on education. You can repeat the previous step, remediating previously committed secrets, for the different secret types you have targeted. + +You can also include more of the custom patterns collated in the earlier phases and invite security teams and developer teams to submit more patterns, establishing a process for submitting new patterns as new secret types are created. 更多信息请参阅“[定义机密扫描的自定义模式](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)”。 + +{% ifversion secret-scanning-push-protection %} + +You can also enable push protection with secret scanning. Once enabled, secret scanning checks pushes for high-confidence secrets and blocks the push. 更多信息请参阅“[使用机密扫描保护推送](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#using-secret-scanning-as-a-push-protection-from-the-command-line)”。 + +{% endif %} + +As you continue to build your remediation processes for other secret types, start to create proactive training material that can be shared with all developers of GitHub in your organization. Until this point, a lot of the focus has been reactive. It is an excellent idea to shift focus to being proactive and encourage developers not to push credentials to GitHub in the first place. This can be achieved in multiple ways but creating a short document explaining the risks and reasons would be a great place to start. + +{% note %} + +This is the final article of a series on adopting {% data variables.product.prodname_GH_advanced_security %} at scale. If you have questions or need support, see the section on {% data variables.contact.github_support %} and {% data variables.product.prodname_professional_services_team %} in "[Introduction to adopting {% data variables.product.prodname_GH_advanced_security %} at scale](/code-security/adopting-github-advanced-security-at-scale/introduction-to-adopting-github-advanced-security-at-scale#github-support-and-professional-services)." + +{% endnote %} diff --git a/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md index c5f7533b36..8c5ed3327b 100644 --- a/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md +++ b/translations/zh-CN/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md @@ -37,7 +37,7 @@ topics: {% data variables.product.product_name %} 在检测到您的代码库正在使用具有已知安全风险的依赖项时会生成 {% data variables.product.prodname_dependabot_alerts %}。 对于启用了 {% data variables.product.prodname_dependabot_security_updates %} 的仓库,当 {% data variables.product.product_name %} 在默认分支中检测到有漏洞的依赖项时,{% data variables.product.prodname_dependabot %} 会创建拉取请求来修复它。 拉取请求会将依赖项升级到避免漏洞所需的最低安全版本。 -{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %}您可以使用 {% data variables.product.prodname_dependabot_alerts %} 选项卡中的下拉菜单对 {% data variables.product.prodname_dependabot_alerts %} 进行排序和过滤,也可以在搜索栏中键入过滤条件作为`键:值`对。 可用的过滤器是存储库(例如 `repo:my-repository`)、包(例如 `package:django`)、生态系统(例如 `ecosystem:npm`)、清单(例如 `manifest:webwolf/pom.xml`)、状态(例如 `is:open`) 以及公告是否有补丁(例如 `has: patch`)。{% ifversion dependabot-alerts-development-label %} 还可以使用 `scope`(例如:`scope:development` 或 `scope:runtime`)筛选具有依赖关系范围数据的警报。 使用 `scope:development`,警报列表将仅显示开发期间使用的依赖项,而不显示生产期间使用的依赖项。{% endif %} +{% ifversion dependabot-most-important-sort-option %} 默认情况下,{% data variables.product.prodname_dependabot_alerts %} 按重要性顺序显示在 {% data variables.product.prodname_dependabot_alerts %} 选项卡中,但您可以按其他条件对警报进行排序。 {% endif %}{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %}您可以使用 {% data variables.product.prodname_dependabot_alerts %} 选项卡中的下拉菜单对 {% data variables.product.prodname_dependabot_alerts %} 进行排序和过滤,也可以在搜索栏中键入过滤条件作为`键:值`对。 可用的过滤器是存储库(例如 `repo:my-repository`)、包(例如 `package:django`)、生态系统(例如 `ecosystem:npm`)、清单(例如 `manifest:webwolf/pom.xml`)、状态(例如 `is:open`) 以及公告是否有补丁(例如 `has: patch`)。{% ifversion dependabot-alerts-development-label %} 还可以使用 `scope`(例如:`scope:development` 或 `scope:runtime`)筛选具有依赖关系范围数据的警报。 使用 `scope:development`,警报列表将仅显示开发期间使用的依赖项,而不显示生产期间使用的依赖项。{% endif %} 每个 {% data variables.product.prodname_dependabot %} 警报都有一个唯一的数字标识符,{% data variables.product.prodname_dependabot_alerts %} 选项卡列出了每个检测到的漏洞的警报。 旧版 {% data variables.product.prodname_dependabot_alerts %} 按依赖项对漏洞进行分组,并为每个依赖项生成一个警报。 如果导航到旧版 {% data variables.product.prodname_dependabot %} 警报,则会将您重定向到为该包筛选的 {% data variables.product.prodname_dependabot_alerts %} 选项卡。 {% endif %} {% endif %} @@ -90,7 +90,16 @@ topics: {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-dependabot-alerts %} -1. (可选)若要筛选警报,请选择 **Repository(仓库)**、**Package(包)**、**Ecosystem(生态系统)**或 **Manifest(清单)**下拉菜单,然后单击要应用的筛选器。 您还可以在搜索栏中键入过滤条件。 例如 `ecosystem:npm`{% ifversion ghes < 3.7 or ghae-issue-5638 %} 或 `has:patch`{% endif %}{% ifversion dependabot-alerts-development-label %}、`has:patch` 或 `scope:development`{% endif %}。 要对警报进行排序,请选择 **Sort(排序)**下拉菜单,然后单击要作为排序依据的选项。 +1. (可选)若要筛选警报,请选择 **Repository(仓库)**、**Package(包)**、**Ecosystem(生态系统)**或 **Manifest(清单)**下拉菜单,然后单击要应用的筛选器。 您还可以在搜索栏中键入过滤条件。 例如 `ecosystem:npm`{% ifversion ghes < 3.7 or ghae-issue-5638 %} 或 `has:patch`{% endif %}{% ifversion dependabot-alerts-development-label %}、`has:patch` 或 `scope:development`{% endif %}。 要对警报进行排序,请选择 **Sort(排序)**下拉菜单,然后单击要作为排序依据的选项,或在搜索栏中键入 `sort:`,然后从建议中选择一个选项(例如,`sort:newest`)。 + + {% ifversion dependabot-most-important-sort-option %} + {% note %} + + **注意:** 默认情况下,{% data variables.product.prodname_dependabot_alerts %} 按重要性排序。 “最重要”排序可帮助您确定要首先关注的 {% data variables.product.prodname_dependabot_alerts %} 的优先级。 警报根据其潜在影响、可操作性和相关性进行排名。 我们的优先级计算不断改进,包括 CVSS 分数、依赖范围以及是否为警报找到有漏洞的函数调用等因素。 + {% endnote %} + + ![带有"最重要"排序”的“排序”下拉列表的屏幕截图](/assets/images/help/dependabot/dependabot-alerts-sort-dropdown.png) + {% endif %} 还可以单击警报上的标签以仅显示该类型的警报。{% ifversion dependabot-alerts-development-label %} 例如,单击警报列表中的 `Development` 标签将仅显示与开发中使用的依赖项相关的警报,而不显示与生产中使用的依赖项相关的警报。 有关支持的生态系统列表的信息,请参阅[依赖项范围支持的生态系统和清单](#supported-ecosystems-and-manifests-for-dependency-scope)”。 diff --git a/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md index 1f2da4a1fb..b19cc9d4bc 100644 --- a/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md +++ b/translations/zh-CN/content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md @@ -44,9 +44,9 @@ shortTitle: 管理 Dependabot PR 默认情况下,{% data variables.product.prodname_dependabot %} 会自动为拉取请求变基,以解决各种冲突。 如果您喜欢手动处理合并冲突,可以使用 `rebase-strategy` 选项禁用此功能。 有关详细信息,请参阅“[dependabot.yml 文件的配置选项](/github/administering-a-repository/configuration-options-for-dependency-updates#rebase-strategy)”。 -## Allowing {% data variables.product.prodname_dependabot %} to rebase and force push over extra commits +## 允许 {% data variables.product.prodname_dependabot %} 变基并强制推送额外的提交 -By default, {% data variables.product.prodname_dependabot %} will stop rebasing a pull request once extra commits have been pushed to it. To allow {% data variables.product.prodname_dependabot %} to force push over commits added to its branches, include any of the following strings: `[dependabot skip]` , `[skip dependabot]`, `[dependabot-skip]`, or `[skip-dependabot]`, in either lower or uppercase, to the commit message. +默认情况下,{% data variables.product.prodname_dependabot %} 将在推送额外的提交后停止变基拉取请求。 要允许 {% data variables.product.prodname_dependabot %} 强制推送添加到其分支的提交,请包含以下任何字符串: `[dependabot skip]`、`[skip dependabot]`、`[dependabot-skip]` 或 `[skip-dependabot]`(小写或大写)到提交消息。 ## 管理带注释命令的 {% data variables.product.prodname_dependabot %} 拉取请求 diff --git a/translations/zh-CN/content/code-security/index.md b/translations/zh-CN/content/code-security/index.md index 06f49ecadb..00145bb9b7 100644 --- a/translations/zh-CN/content/code-security/index.md +++ b/translations/zh-CN/content/code-security/index.md @@ -50,6 +50,7 @@ topics: - Vulnerabilities children: - /getting-started + - /adopting-github-advanced-security-at-scale - /secret-scanning - /code-scanning - /repository-security-advisories diff --git a/translations/zh-CN/content/codespaces/codespaces-reference/allowing-your-codespace-to-access-a-private-image-registry.md b/translations/zh-CN/content/codespaces/codespaces-reference/allowing-your-codespace-to-access-a-private-image-registry.md index 9d83dac61e..a5ab209231 100644 --- a/translations/zh-CN/content/codespaces/codespaces-reference/allowing-your-codespace-to-access-a-private-image-registry.md +++ b/translations/zh-CN/content/codespaces/codespaces-reference/allowing-your-codespace-to-access-a-private-image-registry.md @@ -58,7 +58,7 @@ shortTitle: 私有映像注册表 - `<*>_CONTAINER_REGISTRY_USER` - `<*>_CONTAINER_REGISTRY_PASSWORD` -您可以在用户、仓库或组织级别存储密钥,从而在不同的代码空间之间安全地共享它们。 当您为私有映像注册表创建一组密钥时,您需要用一致的标识符替换名称中的 “<*>”。 For more information, see "[Managing encrypted secrets for your codespaces](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)" and "[Managing encrypted secrets for your repository and organization for {% data variables.product.prodname_github_codespaces %}](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces)." +您可以在用户、仓库或组织级别存储密钥,从而在不同的代码空间之间安全地共享它们。 当您为私有映像注册表创建一组密钥时,您需要用一致的标识符替换名称中的 “<*>”。 更多信息请参阅“[管理代码空间的加密密码](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)”和“[管理 {% data variables.product.prodname_github_codespaces %} 的仓库和组织加密密码](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces)”。 如果您在用户或组织级别设置机密,请确保将这些机密分配到仓库,您将从下拉列表中选择访问策略来创建代码空间。 diff --git a/translations/zh-CN/content/codespaces/codespaces-reference/disaster-recovery-for-github-codespaces.md b/translations/zh-CN/content/codespaces/codespaces-reference/disaster-recovery-for-github-codespaces.md index dafb70eb08..e0c20307af 100644 --- a/translations/zh-CN/content/codespaces/codespaces-reference/disaster-recovery-for-github-codespaces.md +++ b/translations/zh-CN/content/codespaces/codespaces-reference/disaster-recovery-for-github-codespaces.md @@ -1,5 +1,5 @@ --- -title: Disaster recovery for GitHub Codespaces +title: GitHub Codespaces 的灾难恢复 intro: 本文描述了当整个地区因重大自然灾害或大范围服务中断而中断时,灾难恢复情景的指导。 versions: fpt: '*' @@ -26,7 +26,7 @@ redirect_from: ## 选项 1:在另一个区域中创建新的代码空间 -如果发生区域性断电,我们建议您在未受影响的区域中重新创建代码空间以继续工作。 此新代码将包含您上次推送到 {% data variables.product.prodname_dotcom %} 后的所有更改。 For information on manually setting another region, see "[Setting your default region for {% data variables.product.prodname_github_codespaces %}](/codespaces/customizing-your-codespace/setting-your-default-region-for-github-codespaces)." +如果发生区域性断电,我们建议您在未受影响的区域中重新创建代码空间以继续工作。 此新代码将包含您上次推送到 {% data variables.product.prodname_dotcom %} 后的所有更改。 有关手动设置其他区域的信息,请参阅“[为 {% data variables.product.prodname_github_codespaces %} 设置默认区域](/codespaces/customizing-your-codespace/setting-your-default-region-for-github-codespaces)”。 您可以通过在项目仓库中配置 `devcontainer.json` 来优化恢复时间,允许您定义工具、运行时间、框架、编辑器设置、扩展以及其他自动恢复开发环境所需的配置。 更多信息请参阅“[开发容器简介](/codespaces/setting-up-your-codespace/configuring-codespaces-for-your-project)”。 diff --git a/translations/zh-CN/content/codespaces/codespaces-reference/security-in-github-codespaces.md b/translations/zh-CN/content/codespaces/codespaces-reference/security-in-github-codespaces.md index 38337ccca8..d422d11e5a 100644 --- a/translations/zh-CN/content/codespaces/codespaces-reference/security-in-github-codespaces.md +++ b/translations/zh-CN/content/codespaces/codespaces-reference/security-in-github-codespaces.md @@ -1,5 +1,5 @@ --- -title: Security in GitHub Codespaces +title: GitHub Codespaces 中的安全性 intro: '{% data variables.product.prodname_github_codespaces %} 安全体系结构概述,包括可帮助您维护安全性并最大限度地降低攻击风险的指导原则。' miniTocMaxHeadingLevel: 3 versions: diff --git a/translations/zh-CN/content/codespaces/codespaces-reference/understanding-billing-for-github-codespaces.md b/translations/zh-CN/content/codespaces/codespaces-reference/understanding-billing-for-github-codespaces.md index 5de4ea0abf..929cd16279 100644 --- a/translations/zh-CN/content/codespaces/codespaces-reference/understanding-billing-for-github-codespaces.md +++ b/translations/zh-CN/content/codespaces/codespaces-reference/understanding-billing-for-github-codespaces.md @@ -1,5 +1,5 @@ --- -title: Understanding billing for GitHub Codespaces +title: 了解 GitHub Codespaces 的计费 intro: '了解如何对 {% data variables.product.prodname_github_codespaces %} 的使用进行计费。' versions: fpt: '*' @@ -60,4 +60,4 @@ shortTitle: 了解计费 ## 延伸阅读 -- "[Managing billing for {% data variables.product.prodname_github_codespaces %} in your organization](/codespaces/managing-codespaces-for-your-organization/managing-billing-for-github-codespaces-in-your-organization)" +- “[管理组织中 {% data variables.product.prodname_github_codespaces %} 的计费](/codespaces/managing-codespaces-for-your-organization/managing-billing-for-github-codespaces-in-your-organization)” diff --git a/translations/zh-CN/content/codespaces/codespaces-reference/using-github-copilot-in-github-codespaces.md b/translations/zh-CN/content/codespaces/codespaces-reference/using-github-copilot-in-github-codespaces.md index 1cbce7f467..d3b02e4b07 100644 --- a/translations/zh-CN/content/codespaces/codespaces-reference/using-github-copilot-in-github-codespaces.md +++ b/translations/zh-CN/content/codespaces/codespaces-reference/using-github-copilot-in-github-codespaces.md @@ -16,7 +16,7 @@ redirect_from: - /codespaces/codespaces-reference/using-github-copilot-in-codespaces --- -## 使用 {% data variables.product.prodname_copilot %} +## Using {% data variables.product.prodname_copilot %} [{% data variables.product.prodname_copilot %}](https://copilot.github.com/), an AI pair programmer, can be used in any codespace. To start using {% data variables.product.prodname_copilot_short %} in {% data variables.product.prodname_github_codespaces %}, install the [{% data variables.product.prodname_copilot_short %} extension from the {% data variables.product.prodname_vscode_marketplace %}](https://marketplace.visualstudio.com/items?itemName=GitHub.copilot). diff --git a/translations/zh-CN/content/codespaces/codespaces-reference/using-the-vs-code-command-palette-in-codespaces.md b/translations/zh-CN/content/codespaces/codespaces-reference/using-the-vs-code-command-palette-in-codespaces.md index 31b326aa4d..a824b77600 100644 --- a/translations/zh-CN/content/codespaces/codespaces-reference/using-the-vs-code-command-palette-in-codespaces.md +++ b/translations/zh-CN/content/codespaces/codespaces-reference/using-the-vs-code-command-palette-in-codespaces.md @@ -1,6 +1,6 @@ --- -title: Using the Visual Studio Code Command Palette in GitHub Codespaces -intro: 'You can use the Command Palette feature of {% data variables.product.prodname_vscode %} to access many commands in {% data variables.product.prodname_github_codespaces %}.' +title: 在 GitHub Codespaces 中使用 Visual Studio 代码命令面板 +intro: '您可以使用 {% data variables.product.prodname_vscode %} 的“命令面板”功能访问 {% data variables.product.prodname_github_codespaces %} 中的许多命令。' versions: fpt: '*' ghec: '*' @@ -17,7 +17,7 @@ redirect_from: ## 关于 {% data variables.product.prodname_vscode_command_palette %} -The Command Palette is one of the focal features of {% data variables.product.prodname_vscode %} and is available for you to use in {% data variables.product.prodname_github_codespaces %}. {% data variables.product.prodname_vscode_command_palette %} 允许您访问 {% data variables.product.prodname_codespaces %} 和 {% data variables.product.prodname_vscode_shortname %} 的许多命令。 有关使用 {% data variables.product.prodname_vscode_command_palette_shortname %} 的更多信息,请参阅 {% data variables.product.prodname_vscode_shortname %} 文档中的[用户界面](https://code.visualstudio.com/docs/getstarted/userinterface#_command-palette)。 +命令面板是 {% data variables.product.prodname_vscode %} 的焦点功能之一,可用于 {% data variables.product.prodname_github_codespaces %}。 {% data variables.product.prodname_vscode_command_palette %} 允许您访问 {% data variables.product.prodname_codespaces %} 和 {% data variables.product.prodname_vscode_shortname %} 的许多命令。 有关使用 {% data variables.product.prodname_vscode_command_palette_shortname %} 的更多信息,请参阅 {% data variables.product.prodname_vscode_shortname %} 文档中的[用户界面](https://code.visualstudio.com/docs/getstarted/userinterface#_command-palette)。 ## 访问 {% data variables.product.prodname_vscode_command_palette_shortname %} @@ -63,6 +63,6 @@ The Command Palette is one of the focal features of {% data variables.product.pr 可以使用 {% data variables.product.prodname_vscode_command_palette_shortname %} 访问代码空间创建日志,也可以使用它导出所有日志。 -To retrieve the logs for {% data variables.product.prodname_codespaces %}, [access the {% data variables.product.prodname_vscode_command_palette_shortname %}](#accessing-the-command-palette), then start typing "log". Select **Codespaces: Export Logs** to export all logs related to {% data variables.product.prodname_codespaces %} or select **Codespaces: View Creation Logs** to view logs related to the setup. +要检索 {% data variables.product.prodname_codespaces %} 的日志,[请访问 {% data variables.product.prodname_vscode_command_palette_shortname %}](#accessing-the-command-palette),然后开始键入“log”。 选择 **Codespaces: Export Logs(Codespaces:导出日志)**以导出所有与 {% data variables.product.prodname_codespaces %} 相关的日志,或选择 **Codespaces: View Creation Logs(Codespaces:查看创建日志)**以查看与设置相关的日志。 ![访问日志的命令](/assets/images/help/codespaces/codespaces-logs.png) diff --git a/translations/zh-CN/content/codespaces/customizing-your-codespace/configuring-automatic-deletion-of-your-codespaces.md b/translations/zh-CN/content/codespaces/customizing-your-codespace/configuring-automatic-deletion-of-your-codespaces.md index 1c91b32cbb..173c907707 100644 --- a/translations/zh-CN/content/codespaces/customizing-your-codespace/configuring-automatic-deletion-of-your-codespaces.md +++ b/translations/zh-CN/content/codespaces/customizing-your-codespace/configuring-automatic-deletion-of-your-codespaces.md @@ -13,7 +13,7 @@ type: how_to 默认情况下,{% data variables.product.prodname_codespaces %} 在停止后会自动删除,并保持非活动状态 30 天。 -但是,由于 {% data variables.product.prodname_codespaces %} 会产生存储费用,因此您可能希望通过在个人设置中更改 {% data variables.product.prodname_github_codespaces %} 的默认保留期来缩短保留期。 For more information about storage charges, see "[About billing for {% data variables.product.prodname_github_codespaces %}](/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces#codespaces-pricing)." +但是,由于 {% data variables.product.prodname_codespaces %} 会产生存储费用,因此您可能希望通过在个人设置中更改 {% data variables.product.prodname_github_codespaces %} 的默认保留期来缩短保留期。 有关存储费用的详细信息,请参阅[关于 {% data variables.product.prodname_github_codespaces %} 的计费](/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces#codespaces-pricing)”。 {% note %} @@ -50,7 +50,7 @@ type: how_to {% warning %} - **警告**:将期限设置为 `0` 将导致在停止代码空间时立即删除代码空间,或者由于不活动超时而删除。 For more information, see "[Setting your timeout period for {% data variables.product.prodname_github_codespaces %}](/codespaces/customizing-your-codespace/setting-your-timeout-period-for-github-codespaces)." + **警告**:将期限设置为 `0` 将导致在停止代码空间时立即删除代码空间,或者由于不活动超时而删除。 有关详细信息,请参阅“[设置 {% data variables.product.prodname_github_codespaces %} 的超时期](/codespaces/customizing-your-codespace/setting-your-timeout-period-for-github-codespaces)”。 {% endwarning %} diff --git a/translations/zh-CN/content/codespaces/customizing-your-codespace/index.md b/translations/zh-CN/content/codespaces/customizing-your-codespace/index.md index 469fd7b4f6..4da572040d 100644 --- a/translations/zh-CN/content/codespaces/customizing-your-codespace/index.md +++ b/translations/zh-CN/content/codespaces/customizing-your-codespace/index.md @@ -1,6 +1,6 @@ --- title: 自定义代码空间 -intro: '{% data variables.product.prodname_github_codespaces %} 是您专用的环境。 You can configure your repositories with a dev container to define their default {% data variables.product.prodname_github_codespaces %} environment, and personalize your development experience across all of your codespaces with dotfiles and Settings Sync.' +intro: '{% data variables.product.prodname_github_codespaces %} 是您专用的环境。 您可以使用开发容器配置仓库,以定义其默认的 {% data variables.product.prodname_github_codespaces %} 环境,并使用 dotfiles 和 Settings Sync 在所有代码空间中个性化您的开发体验。' product: '{% data reusables.gated-features.codespaces %}' versions: fpt: '*' diff --git a/translations/zh-CN/content/codespaces/customizing-your-codespace/setting-your-default-region-for-github-codespaces.md b/translations/zh-CN/content/codespaces/customizing-your-codespace/setting-your-default-region-for-github-codespaces.md index 6715eeb8a9..b97f0bbedb 100644 --- a/translations/zh-CN/content/codespaces/customizing-your-codespace/setting-your-default-region-for-github-codespaces.md +++ b/translations/zh-CN/content/codespaces/customizing-your-codespace/setting-your-default-region-for-github-codespaces.md @@ -1,5 +1,5 @@ --- -title: Setting your default region for GitHub Codespaces +title: 设置 GitHub Codespaces 的默认区域 shortTitle: 设置默认区域 intro: '您可以在 {% data variables.product.prodname_github_codespaces %} 配置文件设置页面中设置默认地区,以个性化您的数据保存位置。' product: '{% data reusables.gated-features.codespaces %}' diff --git a/translations/zh-CN/content/codespaces/customizing-your-codespace/setting-your-timeout-period-for-github-codespaces.md b/translations/zh-CN/content/codespaces/customizing-your-codespace/setting-your-timeout-period-for-github-codespaces.md index 2df116c1b1..fc1555b588 100644 --- a/translations/zh-CN/content/codespaces/customizing-your-codespace/setting-your-timeout-period-for-github-codespaces.md +++ b/translations/zh-CN/content/codespaces/customizing-your-codespace/setting-your-timeout-period-for-github-codespaces.md @@ -1,5 +1,5 @@ --- -title: Setting your timeout period for GitHub Codespaces +title: 设置 GitHub Codespaces 超时期 shortTitle: 设置超时 intro: '您可以在个人设置页面中设置 {% data variables.product.prodname_codespaces %} 的默认超时。' product: '{% data reusables.gated-features.codespaces %}' diff --git a/translations/zh-CN/content/codespaces/developing-in-codespaces/codespaces-lifecycle.md b/translations/zh-CN/content/codespaces/developing-in-codespaces/codespaces-lifecycle.md index bc0055342c..a767ec8e49 100644 --- a/translations/zh-CN/content/codespaces/developing-in-codespaces/codespaces-lifecycle.md +++ b/translations/zh-CN/content/codespaces/developing-in-codespaces/codespaces-lifecycle.md @@ -35,7 +35,7 @@ product: '{% data reusables.gated-features.codespaces %}' ## 代码空间超时 -如果使代码空间在没有交互的情况下保持运行状态,或者退出代码空间而不显式停止它,则代码空间将在一段时间不活动后超时并停止运行。 默认情况下,代码空间将在处于非活动状态 30 分钟后超时,但您可以自定义所创建的新代码空间的超时期限的持续时间。 For more information about setting the default timeout period for your codespaces, see "[Setting your timeout period for {% data variables.product.prodname_github_codespaces %}](/codespaces/customizing-your-codespace/setting-your-timeout-period-for-github-codespaces)." 有关停止代码空间的详细信息,请参阅“[停止代码空间](#stopping-a-codespace)”。 +如果使代码空间在没有交互的情况下保持运行状态,或者退出代码空间而不显式停止它,则代码空间将在一段时间不活动后超时并停止运行。 默认情况下,代码空间将在处于非活动状态 30 分钟后超时,但您可以自定义所创建的新代码空间的超时期限的持续时间。 有关为代码空间设置默认超时期限的详细信息,请参阅“[为 {% data variables.product.prodname_github_codespaces %} 设置超时期限](/codespaces/customizing-your-codespace/setting-your-timeout-period-for-github-codespaces)”。 有关停止代码空间的详细信息,请参阅“[停止代码空间](#stopping-a-codespace)”。 当代码空间超时时,将保留上次保存更改时的数据。 更多信息请参阅“[在代码空间中保存更改](#saving-changes-in-a-codespace)”。 diff --git a/translations/zh-CN/content/codespaces/developing-in-codespaces/connecting-to-a-private-network.md b/translations/zh-CN/content/codespaces/developing-in-codespaces/connecting-to-a-private-network.md index 2b811e25b3..4717c477dd 100644 --- a/translations/zh-CN/content/codespaces/developing-in-codespaces/connecting-to-a-private-network.md +++ b/translations/zh-CN/content/codespaces/developing-in-codespaces/connecting-to-a-private-network.md @@ -42,4 +42,4 @@ topics: 目前,没有办法限制代码空间访问公共互联网,或者限制经过适当身份验证的用户访问转发端口。 -For more information on how to secure your codespaces, see "[Security in {% data variables.product.prodname_github_codespaces %}](/codespaces/codespaces-reference/security-in-github-codespaces)." +有关如何保护代码空间的详细信息,请参阅“[{% data variables.product.prodname_github_codespaces %} 中的安全性](/codespaces/codespaces-reference/security-in-github-codespaces)”。 diff --git a/translations/zh-CN/content/codespaces/developing-in-codespaces/using-github-codespaces-for-pull-requests.md b/translations/zh-CN/content/codespaces/developing-in-codespaces/using-github-codespaces-for-pull-requests.md index 3381002cd4..a3580b5f91 100644 --- a/translations/zh-CN/content/codespaces/developing-in-codespaces/using-github-codespaces-for-pull-requests.md +++ b/translations/zh-CN/content/codespaces/developing-in-codespaces/using-github-codespaces-for-pull-requests.md @@ -1,5 +1,5 @@ --- -title: Using GitHub Codespaces for pull requests +title: 将 GitHub Codespaces 用于拉取请求 shortTitle: 拉取请求 intro: '您可以在开发工作流程中使用 {% data variables.product.prodname_github_codespaces %} 来创建拉取请求、审阅拉取请求和处理审阅注释。' product: '{% data reusables.gated-features.codespaces %}' diff --git a/translations/zh-CN/content/codespaces/getting-started/deep-dive.md b/translations/zh-CN/content/codespaces/getting-started/deep-dive.md index ac43a0edce..e6c2ba9006 100644 --- a/translations/zh-CN/content/codespaces/getting-started/deep-dive.md +++ b/translations/zh-CN/content/codespaces/getting-started/deep-dive.md @@ -1,5 +1,6 @@ --- -title: Deep dive into GitHub Codespaces +title: '深入了解 {% data variables.product.prodname_github_codespaces %}' +shortTitle: '深入了解 {% data variables.product.prodname_codespaces %}' intro: '了解 {% data variables.product.prodname_github_codespaces %} 的工作原理.' allowTitleToDifferFromFilename: true product: '{% data reusables.gated-features.codespaces %}' diff --git a/translations/zh-CN/content/codespaces/getting-started/index.md b/translations/zh-CN/content/codespaces/getting-started/index.md index 70a004c674..a01dd6c3de 100644 --- a/translations/zh-CN/content/codespaces/getting-started/index.md +++ b/translations/zh-CN/content/codespaces/getting-started/index.md @@ -1,5 +1,6 @@ --- title: '开始使用 {% data variables.product.prodname_github_codespaces %}' +shortTitle: 入门指南 intro: '了解如何开始使用 {% data variables.product.prodname_github_codespaces %},包括特定语言的设置和配置。' product: '{% data reusables.gated-features.codespaces %}' versions: diff --git a/translations/zh-CN/content/codespaces/getting-started/quickstart.md b/translations/zh-CN/content/codespaces/getting-started/quickstart.md index ff724c66ef..28c7d40992 100644 --- a/translations/zh-CN/content/codespaces/getting-started/quickstart.md +++ b/translations/zh-CN/content/codespaces/getting-started/quickstart.md @@ -1,5 +1,6 @@ --- -title: Codespaces 快速入门 +title: '{% data variables.product.prodname_github_codespaces %} 快速入门' +shortTitle: '{% data variables.product.prodname_codespaces %} 快速入门' intro: '在 5 分钟内尝试 {% data variables.product.prodname_github_codespaces %}。' allowTitleToDifferFromFilename: true product: '{% data reusables.gated-features.codespaces %}' diff --git a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/index.md b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/index.md index b15b300742..c2700b1435 100644 --- a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/index.md +++ b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/index.md @@ -1,5 +1,6 @@ --- title: 管理组织的代码空间 +shortTitle: 管理组织 intro: '您可以管理和审查您组织中的用户如何使用 {% data variables.product.prodname_github_codespaces %}。' product: '{% data reusables.gated-features.codespaces %}' versions: @@ -17,6 +18,5 @@ children: - /restricting-the-visibility-of-forwarded-ports - /restricting-the-idle-timeout-period - /restricting-the-retention-period-for-codespaces -shortTitle: 管理组织 --- diff --git a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/managing-billing-for-github-codespaces-in-your-organization.md b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/managing-billing-for-github-codespaces-in-your-organization.md index 9e1b8ffcc3..013b8ed73a 100644 --- a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/managing-billing-for-github-codespaces-in-your-organization.md +++ b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/managing-billing-for-github-codespaces-in-your-organization.md @@ -1,5 +1,5 @@ --- -title: Managing billing for GitHub Codespaces in your organization +title: 管理组织中 GitHub Codespaces 的计费 shortTitle: 管理计费 intro: '您可以检查 {% data variables.product.prodname_github_codespaces %} 使用情况并设置使用限制。' product: '{% data reusables.gated-features.codespaces %}' @@ -31,7 +31,7 @@ redirect_from: - **计算分钟数:**计算使用率是按所有 {% data variables.product.prodname_codespaces %} 实例在活动期间使用的实际分钟数计算的。 这些总计每天报告给计费服务,并按月计费。 您可以为组织中 {% data variables.product.prodname_codespaces %} 使用设置支出限制。 更多信息请参阅“[管理 {% data variables.product.prodname_github_codespaces %} 的支出限制](/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-github-codespaces)”。 -- **存储使用情况:** 出于 {% data variables.product.prodname_codespaces %} 计费目的,这包括您帐户中所有代码空间使用的所有存储空间。 这包括代码空间使用的所有内容,例如克隆的存储库、配置文件和扩展等。 这些总计每天报告给计费服务,并按月计费。 到月底,{% data variables.product.prodname_dotcom %} 会将您的存储量舍入到最接近的 MB。 To check how many compute minutes and storage GB have been used by {% data variables.product.prodname_codespaces %}, see "[Viewing your {% data variables.product.prodname_github_codespaces %} usage"](/billing/managing-billing-for-github-codespaces/viewing-your-github-codespaces-usage)." +- **存储使用情况:** 出于 {% data variables.product.prodname_codespaces %} 计费目的,这包括您帐户中所有代码空间使用的所有存储空间。 这包括代码空间使用的所有内容,例如克隆的存储库、配置文件和扩展等。 这些总计每天报告给计费服务,并按月计费。 到月底,{% data variables.product.prodname_dotcom %} 会将您的存储量舍入到最接近的 MB。 要检查 {% data variables.product.prodname_codespaces %} 已使用多少计算分钟数和存储 GB,请参阅“[查看 {% data variables.product.prodname_github_codespaces %} 使用情况](/billing/managing-billing-for-github-codespaces/viewing-your-github-codespaces-usage)”。 ## 禁用或限制 {% data variables.product.prodname_codespaces %} diff --git a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces.md b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces.md index 1211d30cea..929bcdce9f 100644 --- a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces.md +++ b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces.md @@ -1,5 +1,5 @@ --- -title: Managing encrypted secrets for your repository and organization for GitHub Codespaces +title: 为您的仓库和 GitHub Codespaces 组织管理加密的密钥 shortTitle: 加密机密 intro: '加密密钥允许您将敏感信息存储在您的组织、仓库或 {% data variables.product.prodname_github_codespaces %} 中。' product: '{% data reusables.gated-features.codespaces %}' diff --git a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types.md b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types.md index bbdde2752b..8f5b7859ab 100644 --- a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types.md +++ b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types.md @@ -14,7 +14,7 @@ topics: ## 概览 -通常,在创建代码空间时,系统会为将运行代码空间的计算机提供一系列规范。 您可以选择最适合您需求的计算机类型。 更多信息请参阅“[创建代码空间](/codespaces/developing-in-codespaces/creating-a-codespace#creating-a-codespace)”。 如果您为使用 {% data variables.product.prodname_github_codespaces %} 付费,那么您选择的计算机类型将影响您的账单金额。 For more information about pricing, see "[About billing for {% data variables.product.prodname_github_codespaces %}](/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces)." +通常,在创建代码空间时,系统会为将运行代码空间的计算机提供一系列规范。 您可以选择最适合您需求的计算机类型。 更多信息请参阅“[创建代码空间](/codespaces/developing-in-codespaces/creating-a-codespace#creating-a-codespace)”。 如果您为使用 {% data variables.product.prodname_github_codespaces %} 付费,那么您选择的计算机类型将影响您的账单金额。 有关定价的更多信息,请参阅“[关于 {% data variables.product.prodname_github_codespaces %} 的计费](/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces)”。 作为组织所有者,您可能希望对可用的计算机类型配置约束。 例如,如果组织中的工作不需要大量的计算能力或存储空间,则可以从用户可以选择的选项列表中删除资源丰富的计算机。 为此,您可以在组织的 {% data variables.product.prodname_codespaces %} 设置中定义一个或多个策略。 @@ -76,4 +76,4 @@ topics: ## 延伸阅读 -- "[Managing spending limits for {% data variables.product.prodname_github_codespaces %}](/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-github-codespaces)" +- “[管理 {% data variables.product.prodname_github_codespaces %} 的支出限额](/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-github-codespaces)” diff --git a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period.md b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period.md index 179f2919df..378aadb5c4 100644 --- a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period.md +++ b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period.md @@ -16,7 +16,7 @@ topics: 默认情况下,代码空间在处于非活动状态 30 分钟后超时。 若代码空间超时,它将停止,并且将不再产生计算使用费用。 -{% data variables.product.prodname_dotcom %} 用户的个人设置允许他们为其创建的代码空间定义自己的超时期限。 这可能比默认的 30 分钟长。 For more information, see "[Setting your timeout period for {% data variables.product.prodname_github_codespaces %}](/codespaces/customizing-your-codespace/setting-your-timeout-period-for-github-codespaces)." +{% data variables.product.prodname_dotcom %} 用户的个人设置允许他们为其创建的代码空间定义自己的超时期限。 这可能比默认的 30 分钟长。 有关详细信息,请参阅“[设置 {% data variables.product.prodname_github_codespaces %} 的超时期](/codespaces/customizing-your-codespace/setting-your-timeout-period-for-github-codespaces)”。 作为组织所有者,您可能希望为为组织拥有的存储库创建的代码空间的最大空闲超时期限配置限制。 这可以帮助您限制与代码空间相关的成本,这些代码空间在长时间处于非活动状态后会超时。 您可以为组织拥有的所有存储库的代码空间或特定存储库的代码空间设置最大超时。 @@ -26,7 +26,7 @@ topics: {% endnote %} -For more information about pricing for {% data variables.product.prodname_github_codespaces %} compute usage, see "[About billing for {% data variables.product.prodname_github_codespaces %}](/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces#codespaces-pricing)." +有关 {% data variables.product.prodname_github_codespaces %} 计算使用价格的更多信息,请参阅“[关于 {% data variables.product.prodname_github_codespaces %} 的计费](/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces#codespaces-pricing)”。 ### 设置最大空闲超时约束时的行为 diff --git a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces.md b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces.md index 3f9a444d41..eb1e426089 100644 --- a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces.md +++ b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces.md @@ -18,7 +18,7 @@ topics: 有权访问 {% data variables.product.prodname_github_codespaces %} 的每个人都可以为他们创建的代码空间配置保留期。 此默认保留期的初始设置为 30 天。 单个用户可以将此时间段设置在 0-30 天的范围内。 更多信息请参阅“[配置代码空间的自动删除](/codespaces/customizing-your-codespace/configuring-automatic-deletion-of-your-codespaces)”。 -作为组织所有者,您可能希望为为组织拥有的存储库创建的代码空间的最长保留期配置限制。 这可以帮助您限制与代码空间相关的存储成本,这些代码空间已停止,然后一直处于未使用状态,直到它们被自动删除。 For more information about storage charges, see "[About billing for {% data variables.product.prodname_github_codespaces %}](/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces#codespaces-pricing)." 您可以为组织拥有的所有仓库或特定仓库设置最长保留期。 +作为组织所有者,您可能希望为为组织拥有的存储库创建的代码空间的最长保留期配置限制。 这可以帮助您限制与代码空间相关的存储成本,这些代码空间已停止,然后一直处于未使用状态,直到它们被自动删除。 有关存储费用的详细信息,请参阅[关于 {% data variables.product.prodname_github_codespaces %} 的计费](/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces#codespaces-pricing)”。 您可以为组织拥有的所有仓库或特定仓库设置最长保留期。 ### 设置组织范围和存储库特定的策略 diff --git a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/reviewing-your-organizations-audit-logs-for-github-codespaces.md b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/reviewing-your-organizations-audit-logs-for-github-codespaces.md index 59a77b87d4..c52a2ea9ae 100644 --- a/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/reviewing-your-organizations-audit-logs-for-github-codespaces.md +++ b/translations/zh-CN/content/codespaces/managing-codespaces-for-your-organization/reviewing-your-organizations-audit-logs-for-github-codespaces.md @@ -1,5 +1,5 @@ --- -title: Reviewing your organization's audit logs for GitHub Codespaces +title: 查看组织的 GitHub Codespaces 审核日志 shortTitle: 审核日志 intro: '您可以使用审核日志查看与 {% data variables.product.prodname_github_codespaces %} 相关的所有操作。' product: '{% data reusables.gated-features.codespaces %}' diff --git a/translations/zh-CN/content/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces.md b/translations/zh-CN/content/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces.md index 858687b026..bcba1f9c7e 100644 --- a/translations/zh-CN/content/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces.md +++ b/translations/zh-CN/content/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces.md @@ -20,7 +20,7 @@ shortTitle: 加密机密 -## About encrypted secrets for {% data variables.product.prodname_github_codespaces %} +## 关于 {% data variables.product.prodname_github_codespaces %} 的加密密码 您可以将要在代码空间中使用的加密密码添加到您的个人帐户。 例如,您可能想要存储和访问以下敏感信息作为加密密码。 @@ -41,7 +41,7 @@ shortTitle: 加密机密 ### 密码的限制 -You can store up to 100 secrets for {% data variables.product.prodname_github_codespaces %}. +您最多可以为 {% data variables.product.prodname_github_codespaces %} 存储 100 个密钥。 密码大小限于 64 KB。 diff --git a/translations/zh-CN/content/codespaces/managing-your-codespaces/managing-gpg-verification-for-github-codespaces.md b/translations/zh-CN/content/codespaces/managing-your-codespaces/managing-gpg-verification-for-github-codespaces.md index 7974c6ea9a..f8c55b8e83 100644 --- a/translations/zh-CN/content/codespaces/managing-your-codespaces/managing-gpg-verification-for-github-codespaces.md +++ b/translations/zh-CN/content/codespaces/managing-your-codespaces/managing-gpg-verification-for-github-codespaces.md @@ -1,5 +1,5 @@ --- -title: Managing GPG verification for GitHub Codespaces +title: 管理 GitHub Codespaces 的 GPG 验证 intro: '您可以允许 {% data variables.product.company_short %} 自动使用 GPG 对在代码空间中所做的提交进行签名,以便其他人可以确信更改来自受信任的源。' product: '{% data reusables.gated-features.codespaces %}' versions: diff --git a/translations/zh-CN/content/codespaces/managing-your-codespaces/reviewing-your-security-logs-for-github-codespaces.md b/translations/zh-CN/content/codespaces/managing-your-codespaces/reviewing-your-security-logs-for-github-codespaces.md index 06d948f07e..00bbff4705 100644 --- a/translations/zh-CN/content/codespaces/managing-your-codespaces/reviewing-your-security-logs-for-github-codespaces.md +++ b/translations/zh-CN/content/codespaces/managing-your-codespaces/reviewing-your-security-logs-for-github-codespaces.md @@ -1,5 +1,5 @@ --- -title: Reviewing your security logs for GitHub Codespaces +title: 查看 GitHub Codespaces 的安全日志 shortTitle: 安全日志 intro: '您可以使用安全日志查看与 {% data variables.product.prodname_github_codespaces %} 相关的所有操作。' product: '{% data reusables.gated-features.codespaces %}' diff --git a/translations/zh-CN/content/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds.md b/translations/zh-CN/content/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds.md index 86da84fd57..59249cb886 100644 --- a/translations/zh-CN/content/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds.md +++ b/translations/zh-CN/content/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds.md @@ -1,5 +1,5 @@ --- -title: About GitHub Codespaces prebuilds +title: 关于 GitHub Codespaces 预构建 shortTitle: 关于预构建 intro: 代码空间预构建有助于加快为大型或复杂存储库创建新代码空间的速度。 versions: diff --git a/translations/zh-CN/content/codespaces/prebuilding-your-codespaces/managing-prebuilds.md b/translations/zh-CN/content/codespaces/prebuilding-your-codespaces/managing-prebuilds.md index de0fb1276a..120ad973d5 100644 --- a/translations/zh-CN/content/codespaces/prebuilding-your-codespaces/managing-prebuilds.md +++ b/translations/zh-CN/content/codespaces/prebuilding-your-codespaces/managing-prebuilds.md @@ -14,7 +14,7 @@ miniTocMaxHeadingLevel: 3 ## 检查、更改和删除预构建配置 -The prebuilds that you configure for a repository are created and updated using a {% data variables.product.prodname_actions %} workflow, managed by the {% data variables.product.prodname_github_codespaces %} service. +您为存储库配置的预构建是使用 {% data variables.product.prodname_actions %} 工作流程创建和更新的,由 {% data variables.product.prodname_github_codespaces %} 服务管理。 根据预构建配置中的设置,更新预构建模板的工作流程可能由以下事件触发: @@ -115,7 +115,7 @@ The prebuilds that you configure for a repository are created and updated using {% endif %} 1. 复制令牌字符串。 您将此密钥分配给 {% data variables.product.prodname_codespaces %} 存储库机密。 1. 重新登录到对存储库具有管理员访问权限的帐户。 -1. 在要为其创建 {% data variables.product.prodname_codespaces %} 预构建的存储库中,创建一个名为 `CODESPACES_PREBUILD_TOKEN` 的新 {% data variables.product.prodname_codespaces %} 存储库机密,为其提供您创建和复制的令牌值。 For more information, see "[Managing encrypted secrets for your repository and organization for {% data variables.product.prodname_github_codespaces %}](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces#adding-secrets-for-a-repository)." +1. 在要为其创建 {% data variables.product.prodname_codespaces %} 预构建的存储库中,创建一个名为 `CODESPACES_PREBUILD_TOKEN` 的新 {% data variables.product.prodname_codespaces %} 存储库机密,为其提供您创建和复制的令牌值。 更多信息请参阅“[管理用于 {% data variables.product.prodname_github_codespaces %} 的仓库和组织的加密密钥](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces#adding-secrets-for-a-repository)”。 PAT 将用于为存储库创建的所有后续预构建模板。 与其他 {% data variables.product.prodname_codespaces %} 存储库机密不同, `CODESPACES_PREBUILD_TOKEN` 机密仅用于预构建,不可用于从存储库创建的代码空间。 diff --git a/translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/index.md b/translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/index.md index 41ef47ce48..fba7bfbf24 100644 --- a/translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/index.md +++ b/translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/index.md @@ -1,5 +1,6 @@ --- title: '为 {% data variables.product.prodname_github_codespaces %} 设置存储库' +shortTitle: 设置存储库 allowTitleToDifferFromFilename: true intro: '了解如何开始使用 {% data variables.product.prodname_github_codespaces %},包括特定语言的设置和配置。' product: '{% data reusables.gated-features.codespaces %}' diff --git a/translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers.md b/translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers.md index cff1ed74f4..485b1341ab 100644 --- a/translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers.md +++ b/translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers.md @@ -53,7 +53,7 @@ product: '{% data reusables.gated-features.codespaces %}' 将 `devcontainer.json` 文件视为提供“自定义”而不是“个性化”是很有用的。 您应该只将每个在代码库上工作的人都需要的东西作为开发环境的标准元素,而不是个人偏好的东西。 像语法检查这样的东西非常适合标准化,并且要求每个人都已安装,因此最好将它们包含在您的 `devcontainer.json` 文件中。 像用户界面装饰器或主题这样的东西是个人选择,不应该放在 `devcontainer.json` 文件中。 -您可以使用 dotfiles 和 Settings Sync 对代码空间进行个性化设置。 For more information, see "[Personalizing {% data variables.product.prodname_github_codespaces %} for your account](/codespaces/customizing-your-codespace/personalizing-github-codespaces-for-your-account)." +您可以使用 dotfiles 和 Settings Sync 对代码空间进行个性化设置。 更多信息请参阅“[为帐户个性化 {% data variables.product.prodname_github_codespaces %}](/codespaces/customizing-your-codespace/personalizing-github-codespaces-for-your-account)”。 ### Dockerfile diff --git a/translations/zh-CN/content/codespaces/troubleshooting/github-codespaces-logs.md b/translations/zh-CN/content/codespaces/troubleshooting/github-codespaces-logs.md index 979abc8d65..788b32e4ca 100644 --- a/translations/zh-CN/content/codespaces/troubleshooting/github-codespaces-logs.md +++ b/translations/zh-CN/content/codespaces/troubleshooting/github-codespaces-logs.md @@ -1,5 +1,5 @@ --- -title: GitHub Codespaces logs +title: GitHub Codespaces 日志 intro: '{% data variables.product.prodname_github_codespaces %} 使用的日志记录位置概述。' product: '{% data reusables.gated-features.codespaces %}' versions: diff --git a/translations/zh-CN/content/codespaces/troubleshooting/troubleshooting-port-forwarding-for-github-codespaces.md b/translations/zh-CN/content/codespaces/troubleshooting/troubleshooting-port-forwarding-for-github-codespaces.md index c294b78228..d6ef9ddd3e 100644 --- a/translations/zh-CN/content/codespaces/troubleshooting/troubleshooting-port-forwarding-for-github-codespaces.md +++ b/translations/zh-CN/content/codespaces/troubleshooting/troubleshooting-port-forwarding-for-github-codespaces.md @@ -1,5 +1,5 @@ --- -title: Troubleshooting port forwarding for GitHub Codespaces +title: GitHub Codespaces 的端口转发疑难解答 intro: 常见端口转发问题的疑难解答步骤。 product: '{% data reusables.gated-features.codespaces %}' versions: diff --git a/translations/zh-CN/content/codespaces/troubleshooting/working-with-support-for-github-codespaces.md b/translations/zh-CN/content/codespaces/troubleshooting/working-with-support-for-github-codespaces.md index 19e0ce0b03..c245c0e369 100644 --- a/translations/zh-CN/content/codespaces/troubleshooting/working-with-support-for-github-codespaces.md +++ b/translations/zh-CN/content/codespaces/troubleshooting/working-with-support-for-github-codespaces.md @@ -1,5 +1,5 @@ --- -title: Working with support for GitHub Codespaces +title: 使用对 GitHub Codespaces 的支持 intro: '有关从 {% data variables.product.prodname_github_codespaces %} 的支持中获得最佳帮助的提示。' product: '{% data reusables.gated-features.codespaces %}' versions: @@ -13,7 +13,7 @@ redirect_from: - /codespaces/troubleshooting/working-with-support-for-codespaces --- -在支持人员帮助您解决代码空间问题之前,您需要知道代码空间的名称及其代码空间 ID(标识符)。 此外,支持人员可能会要求您与他们共享一些日志。 For more information, see "[{% data variables.product.prodname_github_codespaces %} logs](/codespaces/troubleshooting/github-codespaces-logs)" and "[About GitHub Support](/github/working-with-github-support/about-github-support)." +在支持人员帮助您解决代码空间问题之前,您需要知道代码空间的名称及其代码空间 ID(标识符)。 此外,支持人员可能会要求您与他们共享一些日志。 更多信息请参阅“[{% data variables.product.prodname_github_codespaces %} 日志](/codespaces/troubleshooting/github-codespaces-logs)”和“[关于 GitHub 支持](/github/working-with-github-support/about-github-support)”。 ### 代码空间名称 @@ -24,7 +24,7 @@ redirect_from: - 在浏览器中打开代码空间。 URL 的子域是代码空间的名称。 例如: `https://octocat-myrepo-gmc7.github.dev` 是 `octocat-myrepo-gmc7` 代码空间的 URL。 - 如果无法打开代码空间,则可以在 https://github.com/codespaces 上访问 {% data variables.product.product_name %} 中的名称。 当您将鼠标悬停在 https://github.com/codespaces 上的 **Open in browser(在浏览器中打开)**选项上时,该名称将显示在弹出窗口中。 ![将鼠标悬停在上方时显示的代码空间名称](/assets/images/help/codespaces/find-codespace-name-github.png) -代码空间的名称也包含在许多日志文件中。 例如,在代码空间日志中作为 `friendlyName` 的值,在 `发出 GET 请求`后的 {% data variables.product.prodname_github_codespaces %} 扩展日志中,以及在 `clientUrl` 之后的浏览器控制台日志中。 For more information, see "[{% data variables.product.prodname_github_codespaces %} logs](/codespaces/troubleshooting/github-codespaces-logs)." +代码空间的名称也包含在许多日志文件中。 例如,在代码空间日志中作为 `friendlyName` 的值,在 `发出 GET 请求`后的 {% data variables.product.prodname_github_codespaces %} 扩展日志中,以及在 `clientUrl` 之后的浏览器控制台日志中。 更多信息请参阅“[{% data variables.product.prodname_github_codespaces %} 日志](/codespaces/troubleshooting/github-codespaces-logs)”。 ### 代码空间 ID diff --git a/translations/zh-CN/content/copilot/getting-started-with-github-copilot/getting-started-with-github-copilot-in-a-jetbrains-ide.md b/translations/zh-CN/content/copilot/getting-started-with-github-copilot/getting-started-with-github-copilot-in-a-jetbrains-ide.md index 67c306c7a1..fce881113b 100644 --- a/translations/zh-CN/content/copilot/getting-started-with-github-copilot/getting-started-with-github-copilot-in-a-jetbrains-ide.md +++ b/translations/zh-CN/content/copilot/getting-started-with-github-copilot/getting-started-with-github-copilot-in-a-jetbrains-ide.md @@ -23,9 +23,9 @@ topics: 要在 JetBrains IDE 中使用 {% data variables.product.prodname_copilot %},必须安装 {% data variables.product.prodname_copilot %} 扩展。 以下过程将指导您在 IntelliJ IDEA 中安装 {% data variables.product.prodname_copilot %} 插件。 在其他受支持的 IDE 中安装插件的步骤可能有所不同。 -1. In your JetBrains IDE, under the **File** menu for Windows or under the name of your IDE for Mac (for example, **PyCharm** or **IntelliJ**), click **Settings** for Windows or **Preferences** for Mac. -2. In the left-side menu of the **Settings/Preferences** dialog box, click **Plugins**. -3. At the top of the **Settings/Preferences** dialog box, click **Marketplace**. In the search bar, search for **{% data variables.product.prodname_copilot %}**, then click **Install**. ![Marketplace 搜索的屏幕截图](/assets/images/help/copilot/jetbrains-marketplace.png) +1. 在 JetBrains IDE 中,在 Windows 的**文件**菜单下,或在 Mac 版 IDE 的名称下(例如,**PyCharm** 或 **IntelliJ**),单击**设置** (Windows) 或**首选项** (Mac)。 +2. 在**设置/首选项**对话框的左侧菜单中,单击**插件**。 +3. 在**设置/首选项**对话框顶部,单击 **Marketplace**。 在搜索栏中,搜索 **{% data variables.product.prodname_copilot %}**,然后单击 **Install(安装)**。 ![Marketplace 搜索的屏幕截图](/assets/images/help/copilot/jetbrains-marketplace.png) 1. 安装 {% data variables.product.prodname_copilot %} 后,单击 **Restart IDE(重新启动 IDE)**。 1. 重新启动 JetBrains IDE 后,单击 **Tools(工具)**菜单。 单击 **{% data variables.product.prodname_copilot %}**,然后单击**登录 {% data variables.product.prodname_dotcom %}**。 ![JetBrains 工具菜单的屏幕截图](/assets/images/help/copilot/jetbrains-tools-menu.png) 1. 在“登录 {% data variables.product.prodname_dotcom %}”对话框中,若要复制设备代码并打开设备激活窗口,请单击 **Copy and Open(复制并打开)**。 ![设备代码复制和打开的屏幕截图](/assets/images/help/copilot/device-code-copy-and-open.png) diff --git a/translations/zh-CN/content/developers/apps/building-oauth-apps/scopes-for-oauth-apps.md b/translations/zh-CN/content/developers/apps/building-oauth-apps/scopes-for-oauth-apps.md index c892fb5c79..4deeee48ae 100644 --- a/translations/zh-CN/content/developers/apps/building-oauth-apps/scopes-for-oauth-apps.md +++ b/translations/zh-CN/content/developers/apps/building-oauth-apps/scopes-for-oauth-apps.md @@ -76,7 +76,7 @@ X-Accepted-OAuth-Scopes: user | **`admin:gpg_key`** | 全面管理 GPG 密钥。 | |  `write:gpg_key` | 创建、列出和查看 GPG 密钥的详细信息。 | |  `read:gpg_key` | 列出和查看 GPG 密钥的详细信息。{% ifversion fpt or ghec %} -| **`代码空间`** | 授予创建和管理代码空间的能力。 Codespaces 可以暴露可能有不同范围集的 GITHUB_TOKEN。 For more information, see "[Security in {% data variables.product.prodname_github_codespaces %}](/codespaces/codespaces-reference/security-in-github-codespaces#authentication)."{% endif %} +| **`代码空间`** | 授予创建和管理代码空间的能力。 Codespaces 可以暴露可能有不同范围集的 GITHUB_TOKEN。 更多信息请参阅“[{% data variables.product.prodname_github_codespaces %} 中的安全性](/codespaces/codespaces-reference/security-in-github-codespaces#authentication)”。{% endif %} | **`工作流程`** | 授予添加和更新 {% data variables.product.prodname_actions %} 工作流程文件的权限。 如果在同一仓库中的另一个分支上存在相同的文件(具有相同的路径和内容),则工作流程文件可以在没有此作用域的情况下提交。 工作流程文件可以暴露可能有不同范围集的 `GITHUB_TOKEN`。 更多信息请参阅“[工作流程中的身份验证](/actions/reference/authentication-in-a-workflow#permissions-for-the-github_token)。 | {% note %} diff --git a/translations/zh-CN/content/get-started/learning-about-github/about-github-advanced-security.md b/translations/zh-CN/content/get-started/learning-about-github/about-github-advanced-security.md index 691bf03588..ec6b3b6496 100644 --- a/translations/zh-CN/content/get-started/learning-about-github/about-github-advanced-security.md +++ b/translations/zh-CN/content/get-started/learning-about-github/about-github-advanced-security.md @@ -63,12 +63,11 @@ For information about {% data variables.product.prodname_advanced_security %} fe {% data variables.product.prodname_GH_advanced_security %} features are enabled for all public repositories on {% data variables.product.prodname_dotcom_the_website %}{% ifversion ghec %}, except for the security overview{% endif %}. Organizations that use {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_advanced_security %} can additionally enable these features for private and internal repositories. They also have access to an organization-level security overview. {% ifversion fpt %}For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/get-started/learning-about-github/about-github-advanced-security#enabling-advanced-security-features).{% endif %} {% endif %} -{% ifversion ghes or ghec %} +{% ifversion ghes > 3.1 or ghec %} ## Deploying GitHub Advanced Security in your enterprise -To learn about what you need to know to plan your {% data variables.product.prodname_GH_advanced_security %} deployment at a high level, see "[Overview of {% data variables.product.prodname_GH_advanced_security %} deployment](/admin/advanced-security/overview-of-github-advanced-security-deployment)." +To learn about what you need to know to plan your {% data variables.product.prodname_GH_advanced_security %} deployment at a high level and to review the rollout phases we recommended, see "[Adopting {% data variables.product.prodname_GH_advanced_security %} at scale](/code-security/adopting-github-advanced-security-at-scale)." -To review the rollout phases we recommended in more detail, see "[Deploying {% data variables.product.prodname_GH_advanced_security %} in your enterprise](/admin/advanced-security/deploying-github-advanced-security-in-your-enterprise)." {% endif %} {% ifversion not fpt %} diff --git a/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/attaching-files.md b/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/attaching-files.md index da2a048e9e..2c44352f70 100644 --- a/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/attaching-files.md +++ b/translations/zh-CN/content/get-started/writing-on-github/working-with-advanced-formatting/attaching-files.md @@ -18,7 +18,7 @@ topics: {% warning %} -**警告:**如果您在拉取请求或议题评论中添加了图像或视频,则任何人都可以查看匿名化 URL,无需身份验证,即使该拉取请求位于私有仓库中{% ifversion ghes %} 或者启用了私有模式{% endif %}。 要对敏感媒体文件保密,请从需要身份验证的私有网络或服务器提供它们。 {% ifversion fpt or ghec %}有关匿名 URL 的更多信息,请参阅“[关于匿名 URL](/github/authenticating-to-github/about-anonymized-urls)”。{% endif %} +**警告:** 如果将文件附加到拉取请求或发出注释,则任何人都可以在不进行身份验证的情况下查看匿名 URL,即使拉取请求位于私有存储库中{% ifversion ghes %},或者启用了私有模式{% endif %}。 要对敏感媒体文件保密,请从需要身份验证的私有网络或服务器提供它们。 {% ifversion fpt or ghec %}有关匿名 URL 的更多信息,请参阅“[关于匿名 URL](/github/authenticating-to-github/about-anonymized-urls)”。{% endif %} {% endwarning %} @@ -35,7 +35,7 @@ topics: 最大文件大小为: - 10MB,对于图像和 gif{% ifversion fpt or ghec %} - 10MB,对于上传到使用免费 GitHub 计划的用户或组织所拥有仓库的视频 -- 100MB,对于上传到使用付费 GitHub 计划的用户或组织所拥有仓库的视频{% elsif ghes or ghae %} +- 100MB,对于上传到使用付费 GitHub 计划的用户或组织所拥有仓库的视频{% elsif ghes or ghae-issue-7575 %} - 100MB,对于视频{% endif %} - 25MB,对于所有其他文件 @@ -51,13 +51,13 @@ topics: * Microsoft Word (*.docx*)、Powerpoint (*.pptx*) 和 Excel (*.xlsx*) 文档 * 文本文件 (*.txt*) * PDF (*.pdf*) -* ZIP(*.zip*、*.gz*) -* 视频(*.mp4*、*.mov*) +* ZIP(*.zip*、*.gz*){% ifversion fpt or ghec or ghes or ghae-issue-7575 %} +* 视频(*.mp4*、*.mov*){% endif %} -{% note %} +{% ifversion fpt or ghec or ghes or ghae-issue-7575 %}{% note %} **注意:** 视频编解码器兼容性是浏览器特定的,上传到一个浏览器的视频可能无法在另一个浏览器上查看。 目前,我们建议使用 h.264 实现最大兼容性。 -{% endnote %} +{% endnote %}{% endif %} ![附件动画 GIF](/assets/images/help/pull_requests/dragging_images.gif) diff --git a/translations/zh-CN/content/graphql/guides/forming-calls-with-graphql.md b/translations/zh-CN/content/graphql/guides/forming-calls-with-graphql.md index 3fee59b65d..76d117a1a5 100644 --- a/translations/zh-CN/content/graphql/guides/forming-calls-with-graphql.md +++ b/translations/zh-CN/content/graphql/guides/forming-calls-with-graphql.md @@ -33,13 +33,14 @@ shortTitle: 使用 GraphQL 建立调用 ``` repo -repo:status -repo_deployment{% ifversion not ghae %} -public_repo{% endif %} +repo_deployment +read:packages read:org read:public_key read:repo_hook user +read:discussion +read:enterprise read:gpg_key ``` diff --git a/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request.md b/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request.md index 8988d31c69..f9ffb58f2c 100644 --- a/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request.md +++ b/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request.md @@ -154,7 +154,7 @@ gh pr create --web 1. 检查作为合并来源的本地分支和仓库以及作为合并目标的远程分支和仓库是否正确。 然后为拉取请求提供标题和描述。 ![GitHub 拉取请求侧栏](/assets/images/help/codespaces/codespaces-commit-pr.png) 1. 单击 **Create(创建)**。 -For more information on creating pull requests in {% data variables.product.prodname_github_codespaces %}, see "[Using {% data variables.product.prodname_github_codespaces %} for pull requests](/codespaces/developing-in-codespaces/using-github-codespaces-for-pull-requests)." +有关在 {% data variables.product.prodname_github_codespaces %} 中创建拉取请求的更多信息,请参阅“[对拉取请求使用 {% data variables.product.prodname_github_codespaces %}”](/codespaces/developing-in-codespaces/using-github-codespaces-for-pull-requests)。 {% endcodespaces %} diff --git a/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md b/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md index bbd738a93b..3ea87da463 100644 --- a/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md +++ b/translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request.md @@ -58,7 +58,7 @@ shortTitle: 审核建议的更改 {% data reusables.codespaces.review-pr %} -For more information on reviewing pull requests in {% data variables.product.prodname_codespaces %}, see "[Using {% data variables.product.prodname_github_codespaces %} for pull requests](/codespaces/developing-in-codespaces/using-github-codespaces-for-pull-requests)." +有关在 {% data variables.product.prodname_codespaces %} 中审查拉取请求的更多信息,请参阅“[对拉取请求使用 {% data variables.product.prodname_github_codespaces %}”](/codespaces/developing-in-codespaces/using-github-codespaces-for-pull-requests)。 {% endcodespaces %} {% endif %} diff --git a/translations/zh-CN/content/site-policy/privacy-policies/github-privacy-statement.md b/translations/zh-CN/content/site-policy/privacy-policies/github-privacy-statement.md index ecc4a9c37e..4c5ebbb6d5 100644 --- a/translations/zh-CN/content/site-policy/privacy-policies/github-privacy-statement.md +++ b/translations/zh-CN/content/site-policy/privacy-policies/github-privacy-statement.md @@ -32,21 +32,21 @@ topics: ## 摘要 -| 节 | 说明 | -| ------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| [谁负责处理您的信息](#who-is-responsible-for-the-processing-of-your-information) | Subject to limited exceptions, GitHub is the controller and entity responsible for the processing of your personal data in connection with the Website or Service. | -| [GitHub 收集哪些信息](#what-information-github-collects) | GitHub 直接从您的注册、付款、交易和用户个人资料中收集信息。 我们还自动从您的使用信息、cookie 和设备信息中收集,但在必要时会征得您的同意。 GitHub may also collect personal data from third parties. We only collect the minimum amount of personal data necessary from you, unless you choose to provide more. | -| [GitHub 如何使用您的信息](#how-github-uses-your-information) | 在本节中,我们将介绍我们使用您的信息的方式,包括为您提供服务、与您沟通、出于安全性和合规性目的,以及改进我们的网站或服务或开发我们网站或服务的新特性和功能。 我们还介绍了在法律要求的情况下处理个人信息的法律依据。 | -| [我们如何分享所收集的信息](#how-we-share-the-information-we-collect) | 在以下情况下,我们可能会与第三方分享您的信息:经您同意、与我们的服务提供商分享、出于安全目的、为履行我们的法律义务,或者公司实体或业务单位的控制权发生变更或出售。 我们不会出售您的个人信息,也不会在 GitHub 上发布广告。 | -| [您对我们处理您的个人数据的选择](#your-choices-regarding-our-processing-of-your-personal-data) | 我们为您提供访问、更改或删除个人信息的途径。 | -| [Cookie](#cookies) | 我们仅使用绝对必要的 cookie 来提供、保护和改进我们的网站或服务,或开发我们网站或服务的新特性和功能。 我们提供了一个非常透明地说明此技术的网页。 我们不会向第三方分析服务发送任何信息。 | -| [GitHub 如何保护您的信息](#how-github-secures-your-information) | We take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your personal data on GitHub and to protect the resilience of our servers. | -| [沟通偏好](#communication-preferences) | 我们通过电子邮件与您通信。 您可以在帐户设置中或通过联系我们来控制我们与您联系的方式。 | -| [解决投诉](#resolving-complaints) | 万一我们无法快速彻底地解决隐私问题,我们提供一条解决争议的途径。 | -| [隐私声明的变更](#changes-to-our-privacy-statement) | 如果本隐私声明发生重大变更,我们会在任何此类变更生效之前 30 天通知您。 您也可以在我们的站点政策仓库中跟踪变更。 | -| [许可](#license) | 本隐私声明的许可采用[知识共享零许可](https://creativecommons.org/publicdomain/zero/1.0/)原则。 | -| [联系 GitHub](#contacting-github) | 如果您对我们的隐私声明有疑问,请随时联系我们。 | -| [翻译](#translations) | 我们提供本隐私声明的一些翻译版本的链接。 | +| 节 | 说明 | +| ------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | +| [谁负责处理您的信息](#who-is-responsible-for-the-processing-of-your-information) | 除有限的例外情况外,GitHub 是负责处理与网站或服务相关的个人数据的控制者和实体。 | +| [GitHub 收集哪些信息](#what-information-github-collects) | GitHub 直接从您的注册、付款、交易和用户个人资料中收集信息。 我们还自动从您的使用信息、cookie 和设备信息中收集,但在必要时会征得您的同意。 GitHub 还可能从第三方收集个人数据。 我们只收集极少量的必要个人数据,除非您自己选择提供更多信息。 | +| [GitHub 如何使用您的信息](#how-github-uses-your-information) | 在本节中,我们将介绍我们使用您的信息的方式,包括为您提供服务、与您沟通、出于安全性和合规性目的,以及改进我们的网站或服务或开发我们网站或服务的新特性和功能。 我们还介绍了在法律要求的情况下处理个人信息的法律依据。 | +| [我们如何分享所收集的信息](#how-we-share-the-information-we-collect) | 在以下情况下,我们可能会与第三方分享您的信息:经您同意、与我们的服务提供商分享、出于安全目的、为履行我们的法律义务,或者公司实体或业务单位的控制权发生变更或出售。 我们不会出售您的个人信息,也不会在 GitHub 上发布广告。 | +| [您对我们处理您的个人数据的选择](#your-choices-regarding-our-processing-of-your-personal-data) | 我们为您提供访问、更改或删除个人信息的途径。 | +| [Cookie](#cookies) | 我们仅使用绝对必要的 cookie 来提供、保护和改进我们的网站或服务,或开发我们网站或服务的新特性和功能。 我们提供了一个非常透明地说明此技术的网页。 我们不会向第三方分析服务发送任何信息。 | +| [GitHub 如何保护您的信息](#how-github-secures-your-information) | 我们采取一切合理必要的措施来保护您在 GitHub 上个人数据的机密性、完整性和可用性,并保护我们服务器的弹性。 | +| [沟通偏好](#communication-preferences) | 我们通过电子邮件与您通信。 您可以在帐户设置中或通过联系我们来控制我们与您联系的方式。 | +| [解决投诉](#resolving-complaints) | 万一我们无法快速彻底地解决隐私问题,我们提供一条解决争议的途径。 | +| [隐私声明的变更](#changes-to-our-privacy-statement) | 如果本隐私声明发生重大变更,我们会在任何此类变更生效之前 30 天通知您。 您也可以在我们的站点政策仓库中跟踪变更。 | +| [许可](#license) | 本隐私声明的许可采用[知识共享零许可](https://creativecommons.org/publicdomain/zero/1.0/)原则。 | +| [联系 GitHub](#contacting-github) | 如果您对我们的隐私声明有疑问,请随时联系我们。 | +| [翻译](#translations) | 我们提供本隐私声明的一些翻译版本的链接。 | ## GitHub 隐私声明 @@ -57,7 +57,7 @@ topics: ## GitHub 代表您行事 -In some cases, GitHub is acting only on your behalf for the personal data we collect and process in connection with our Service (for example, for the personal data added to a repository by the contributors to such repository). 在这种情况下,GitHub 将仅处理数据以提供您请求的服务。 Please note that subject to our [Private Information Removal Policy](/site-policy/content-removal-policies/github-private-information-removal-policy) contributors’ requests to remove personal data generally require notice to and action from the repository owner. +在某些情况下,GitHub 仅代表您处理我们收集和处理的与我们的服务相关的个人数据(例如,对于此类存储库的贡献者添加到存储库中的个人数据)。 在这种情况下,GitHub 将仅处理数据以提供您请求的服务。 请注意,根据我们的[个人信息删除政策](/site-policy/content-removal-policies/github-private-information-removal-policy)贡献者删除个人数据的请求通常需要通知存储库所有者并采取行动。 ## GitHub 收集哪些信息 @@ -102,7 +102,7 @@ In some cases, GitHub is acting only on your behalf for the personal data we col ### 从第三方收集信息 -您选择与之合作的其他公司。 GitHub may collect personal data about you from third parties. 例如,如果您报名参加培训或从我们的供应商、合作伙伴或附属公司获取有关 GitHub 的信息,就可能会发生这种情况。 GitHub does not purchase personal data from third-party data brokers. +您选择与之合作的其他公司。 GitHub 可能会从第三方收集有关您的个人数据。 例如,如果您报名参加培训或从我们的供应商、合作伙伴或附属公司获取有关 GitHub 的信息,就可能会发生这种情况。 GitHub 不从第三方数据中间商购买个人数据。 服务提供商。 我们还可能从代表我们处理数据的处理者或服务提供商接收信息,例如处理与我们服务相关的付款和账单信息的支付处理者。 @@ -112,7 +112,7 @@ In some cases, GitHub is acting only on your behalf for the personal data we col 公开可用的来源。 我们还可能从公开可用的来源获取信息,作为 GitHub 存储库。 -When you are asked to provide personal data, you may decline. 您可以使用 Web 浏览器或操作系统控件来防止某些类型的自动数据收集。 但是,如果您选择不提供或允许某些服务或功能所需的信息,则这些服务或功能可能不可用或功能不完全可用。 +当您被要求提供个人数据时,您可以拒绝。 您可以使用 Web 浏览器或操作系统控件来防止某些类型的自动数据收集。 但是,如果您选择不提供或允许某些服务或功能所需的信息,则这些服务或功能可能不可用或功能不完全可用。 ## GitHub 如何使用您的信息 我们可能会使用您的信息来提供、管理、分析、管理和运营我们的服务。 例如,我们将您的信息用于以下目的: @@ -128,7 +128,7 @@ When you are asked to provide personal data, you may decline. 您可以使用 We ## 我们如何分享所收集的信息 -We share personal data with your consent or as necessary to complete your transactions or provide the services you have requested or authorized. In addition, we may share each of the categories of your personal data described above with the types of third parties described below for the following business purposes: +我们会在您同意的情况下或在必要时共享个人数据,以完成您的交易或提供您请求或授权的服务。 此外,出于以下商业目的,我们可能会与下述类型的第三方共享上述每个类别的个人数据: ### 公开信息 您可以选择通过我们的服务提供的选项,以公开显示和共享您的姓名和/或用户名以及某些其他信息,例如您的个人资料、人口统计数据、内容和文件或地理位置数据。 例如,如果您希望自己的电子邮件地址保持私密,即使您正在评论公共存储库,[也可以在用户配置文件中将电子邮件地址的设置调整为为私密](https://github.com/settings/emails)。 您还可以[更新本地 Git 配置以使用您的私密电子邮件地址](/github/setting-up-and-managing-your-github-user-account/setting-your-commit-email-address)。 有关提交消息中电子邮件地址的更多信息,请参阅[此处](/github/setting-up-and-managing-your-github-user-account/setting-your-commit-email-address)。 @@ -136,50 +136,50 @@ We share personal data with your consent or as necessary to complete your transa 请注意,如果您想编译 GitHub 数据,则必须遵守我们关于信息使用和隐私 [服务条款](/site-policy/github-terms/github-terms-of-service) ,并且您只能将您收集的任何面向公众的信息用于我们用户授权的目的。 例如,如果 GitHub 用户出于识别和归因的目的而公开电子邮件地址,请不要将该电子邮件地址用于向用户发送未经请求的电子邮件或出售个人信息(例如向招聘人员、猎头和职介所出售)或用于商业广告。 我们希望您合理地保护从 GitHub 收集的任何信息,并且必须及时回应 GitHub 或 GitHub 用户的投诉以及删除和“别碰”要求。 ### 第三方应用程序 -We share your personal data with third parties when you tell us to do so. 例如,如果您购买我们 Marketplace 上列出的应用程序,我们将分享您的用户名以便该应用程序开发者为您提供服务。 Additionally, you may direct us through your actions on GitHub to share your personal data. 例如,如果您加入组织,则表明您愿意向组织所有者提供在组织访问日志中查看您的活动的权限。 +当您要求时,我们会与第三方共享您的个人数据。 例如,如果您购买我们 Marketplace 上列出的应用程序,我们将分享您的用户名以便该应用程序开发者为您提供服务。 此外,您可以通过在 GitHub 上的操作来指示我们分享您的个人数据。 例如,如果您加入组织,则表明您愿意向组织所有者提供在组织访问日志中查看您的活动的权限。 -您可以启用或添加第三方应用程序(称为“开发人员产品”)到您的帐户。 这些开发者产品并非使用 GitHub 的必要条件。 We will share your personal data with such third-party applications when you ask us to; however, you are responsible for your use of the third-party Developer Product and for the amount of personal data you choose to share with it. 您可以查看我们的 [API 文档](/rest/reference/users),以了解您使用自己的 GitHub 个人资料向开发者产品验证时会提供哪些信息。 +您可以启用或添加第三方应用程序(称为“开发人员产品”)到您的帐户。 这些开发者产品并非使用 GitHub 的必要条件。 当您要求我们时,我们将与此类第三方应用程序共享您的个人数据;但是,您应对您对第三方开发者产品的使用以及您选择与其共享的个人数据量负责。 您可以查看我们的 [API 文档](/rest/reference/users),以了解您使用自己的 GitHub 个人资料向开发者产品验证时会提供哪些信息。 ### 您参与的组织 -You may indicate, through your actions on GitHub, that you are willing to share your personal data. If you collaborate on or become a member of an organization, then its Account owners may receive your personal data. 当您接受组织邀请时,您将被告知所有者可以看到的信息类型(更多信息请参阅[关于组织成员](/github/setting-up-and-managing-your-github-user-account/about-organization-membership))。 Please contact the Account owners for more information about how they might process your personal data in their Organization and the ways for you to access, update, alter, or delete your personal data stored in the Account. +您可以通过在 GitHub 上的操作来表明您愿意分享自己的个人数据。 如果您与组织协作或成为组织成员,则其帐户所有者可能会收到您的个人数据。 当您接受组织邀请时,您将被告知所有者可以看到的信息类型(更多信息请参阅[关于组织成员](/github/setting-up-and-managing-your-github-user-account/about-organization-membership))。 请联系帐户所有者,详细了解他们在组织中如何处理您的个人数据,以及您访问、更新、更改或删除存储在该帐户中的个人数据的方式。 ### 服务提供商 -We share your personal data with service providers who process the information on our behalf to provide or improve our Service. 例如,我们的服务提供商履行付款处理、客户支持事件单、网络数据传输、安全及其他类似服务。 While GitHub processes all personal data in the United States, our service providers may process data outside of the United States or the European Union. 服务提供商的此类处理将遵守适用法律,包括任何相关的传输机制。 +我们与代表我们处理信息的服务提供商共享您的个人数据,以提供或改进我们的服务。 例如,我们的服务提供商履行付款处理、客户支持事件单、网络数据传输、安全及其他类似服务。 虽然 GitHub 在美国处理所有个人数据,但我们的服务提供商可能在美国或欧盟外部处理数据。 服务提供商的此类处理将遵守适用法律,包括任何相关的传输机制。 - ### Affiliates We enable access to personal data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems or where access is needed to operate and provide the Service. + ### 关联公司 我们允许跨子公司、关联公司和相关公司访问个人数据,例如,我们共享通用数据系统或需要访问权限来运营和提供服务。 ### 出于安全目的 -We will disclose personal data if we believe it is necessary to: +如果我们认为是实现以下目的所必需,将公布个人数据: - 保护我们的客户和其他人,例如防止垃圾邮件或欺诈企图,或帮助防止任何人的生命损失或严重伤害; - 运营和维护服务的安全性,包括防止或阻止对我们系统或网络的攻击;或 - 保护权利或财产或我们自己或他人,包括执行我们的协议、条款和政策。 ### 法律要求披露 -GitHub may disclose personal data or other information we collect about you to law enforcement or other governmental agencies if required in response to a valid legal process. 有关我们为响应法律要求而披露的更多信息,请参阅我们的[用户数据法律要求指南](/github/site-policy/guidelines-for-legal-requests-of-user-data)。 +GitHub 可能会向执法部门或其他政府机构披露我们收集的有关您的个人数据或其他信息,以响应有效的法律程序。 有关我们为响应法律要求而披露的更多信息,请参阅我们的[用户数据法律要求指南](/github/site-policy/guidelines-for-legal-requests-of-user-data)。 ### 控制权变更或出售 -We may share your personal data if we are involved in a merger, sale, or acquisition of corporate entities or business units as described in this Privacy Statement. +如果我们参与本隐私声明中所述的公司实体或业务部门的合并、出售或收购,我们可能会共享您的个人数据。 -请注意,我们服务的某些功能包括集成、引用或指向隐私惯例与我们不同的第三方提供的服务的链接。 If you provide personal data to any of those third parties, or allow us to share personal data with them, that data is governed by their privacy statements. +请注意,我们服务的某些功能包括集成、引用或指向隐私惯例与我们不同的第三方提供的服务的链接。 如果您向任何这些第三方提供个人数据,或允许我们与他们共享个人数据,则该数据受其隐私声明的约束。 最后,我们可能会根据适用法律共享去识别化的信息。 -### No selling of personal data -We *do not* sell your personal data for monetary or other consideration as defined under California and Nevada state laws. 您可以在[此处](#githubs-notice-to-california-residents)了解有关 CCPA 以及我们如何遵守它的更多信息。 +### 不出售个人数据 +我们*不会*出于加利福尼亚州和内华达州法律定义的金钱或其他考虑而出售您的个人数据。 您可以在[此处](#githubs-notice-to-california-residents)了解有关 CCPA 以及我们如何遵守它的更多信息。 ## 您对我们处理您的个人数据的选择 -We provide choices about the personal data we collect about you. The choices you make will not apply to any personal data associated with an Organization under your Account. +我们提供有关我们收集的有关您的个人数据的选择。 您所做的选择将不适用于与您帐户下的组织相关的任何个人数据。 访问、更正和删除。 如果您是 GitHub 用户,则可以通过[编辑用户个人资料](https://github.com/settings/profile)或联系 [GitHub 支持](https://support.github.com/contact)或 [GitHub 高级支持](https://enterprise.githubsupport.com/hc/en-us),访问、更新、更改或删除您的基本用户个人资料信息。 您可以在个人资料中限制信息、保持更新个人信息或者联系 [GitHub 支持](https://support.github.com/contact)或 [GitHub 高级支持](https://enterprise.githubsupport.com/hc/en-us),以控制我们收集的信息。 -我们按照本隐私声明中所述保留和使用您的信息,但除非法律要求,否则我们将在您提出请求后的 90 天内删除您的完整个人资料。 删除帐户后,某些数据,例如对其他用户仓库的贡献和对其他议题的评论,仍然保留。 However, we will delete or de-identify your personal data, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user. 也就是说,您通过 Git 提交设置提供的电子邮件地址将始终与 Git 系统中的提交相关联。 如果您已选择将自己的电子邮件地址设为私密,则还应更新您的 Git 提交设置。 我们无法更改或删除 Git 提交历史记录中的数据 — 虽然 Git 软件设计用于维护记录,但我们让您来控制在该记录中放入哪些信息。 +我们按照本隐私声明中所述保留和使用您的信息,但除非法律要求,否则我们将在您提出请求后的 90 天内删除您的完整个人资料。 删除帐户后,某些数据,例如对其他用户仓库的贡献和对其他议题的评论,仍然保留。 但是,我们通过将其与空用户相关联,从议题、拉取请求和评论的作者字段中删除或去识别化您的个人数据,包括您的用户名和电子邮件地址。 也就是说,您通过 Git 提交设置提供的电子邮件地址将始终与 Git 系统中的提交相关联。 如果您已选择将自己的电子邮件地址设为私密,则还应更新您的 Git 提交设置。 我们无法更改或删除 Git 提交历史记录中的数据 — 虽然 Git 软件设计用于维护记录,但我们让您来控制在该记录中放入哪些信息。 -If GitHub processes personal data other than your profile information, such as information about you GitHub receives from [third parties](/github/site-policy/github-privacy-statement#information-we-collect-from-third-parties), then you may, subject to applicable law, access, update, alter, delete, object to or restrict the processing of your personal data by contacting [GitHub Support](https://support.github.com/contact) or [GitHub Premium Support](https://enterprise.githubsupport.com/hc/en-us). +如果 GitHub 处理除您的个人资料信息以外的个人数据,例如 GitHub 从[第三方](/github/site-policy/github-privacy-statement#information-we-collect-from-third-parties)收到的有关您的信息,则根据适用法律,您可以联系 [GitHub 支持](https://support.github.com/contact) 或 [GitHub 高级支持](https://enterprise.githubsupport.com/hc/en-us)访问、更新、更改、删除、反对或限制处理您的个人数据。 -You can adjust the settings on your Account regarding the display of your personal data in private or public repositories or personal data processed in connection with Community Features (such as GitHub Feed, GitHub Sponsors, and GitHub Explore) through [profile settings](https://github.com/settings/profile). +您可以通过[个人资料设置](https://github.com/settings/profile)来调整帐户上的设置,包括将您的个人数据显示在私人或公共存储库中,或与社区功能(例如 GitHub Feed、GitHub Sponsors 和 GitHub Explore)相关的个人数据。 -Additionally, if you are unable to access certain personal data we have via the means described above, you can request access by contacting us as described at the bottom of this privacy statement. +此外,如果您无法通过上述方式访问我们拥有的某些个人数据,您可以按照本隐私声明底部所述与我们联系以请求访问。 ### 数据可移植性 @@ -196,13 +196,13 @@ Additionally, if you are unable to access certain personal data we have via the ### 欧洲数据保护权利 -If the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data: +如果有关您的个人数据的处理受欧盟数据保护法的约束,则您对该数据拥有某些权利: -You can request access to, and rectification or erasure of, personal data; If any automated processing of personal data is based on your consent or a contract with you, you have a right to transfer or receive a copy of the personal data in a usable and portable format; If the processing of personal data is based on your consent, you can withdraw consent at any time for future processing; You can to object to, or obtain a restriction of, the processing of personal data under certain circumstances; and For residents of France, you can send us specific instructions regarding the use of your data after your death. +您可以要求访问、更正或删除个人数据; 如果个人数据的任何自动处理是基于您的同意或与您的合同,您有权以可用和可移植的格式传输或接收个人数据的副本; 如果个人数据的处理是基于您的同意,您可以随时撤回同意以供将来处理; 在某些情况下,您可以反对或限制个人数据的处理; 对于法国居民,您可以在去世后向我们发送有关使用您的数据的具体说明。 要提出此类请求,请使用本声明底部的联系信息。 当我们代表另一方(即 GitHub 充当数据处理者)处理数据时,您应将您的请求定向到该方。 您也有权向监管机构提出投诉,但我们鼓励您首先与我们联系,提出任何问题或疑虑。 -We rely on different lawful bases for collecting and processing personal data about you, for example, with your consent and/or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests. +我们依靠不同的法律依据来收集和处理您的个人数据,例如,在您同意和/或在必要时提供您使用的服务,运营我们的业务,履行我们的合同和法律义务,保护我们的系统和客户的安全,或履行其他合法利益。 ## 我们对 Cookie 和跟踪技术的使用 @@ -216,11 +216,11 @@ GitHub 使用 Cookie 来提供、保护和改进我们的服务,或开发我 “[别跟踪](https://www.eff.org/issues/do-not-track)”(DNT) 是有一种隐私首选项,如果您不希望在线服务(特别是广告网络)通过第三方跟踪服务收集和分享有关您在线活动的某类信息,您可以在浏览器中设置该选项。 GitHub 响应浏览器的 DNT 信号,并遵循[关于响应 DNT 信号的 W3C 标准](https://www.w3.org/TR/tracking-dnt/)。 如果您要设置浏览器以传达不希望被跟踪的信号,请查看浏览器的文档以了解如何启用该信号。 还有一些很适合阻止在线跟踪的应用程序,例如 [Privacy Badger](https://privacybadger.org/)。 -## Retention of personal data -We retain personal data for as long as necessary to provide the services and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. 由于在不同服务环境中,不同数据类型的这些需求可能会有所不同,因此实际保留期可能会根据用户期望或同意、数据的敏感性、使用户能够删除数据的自动控制的可用性以及我们的法律或合同义务等标准而有很大差异。 For example, we may retain your personal data for longer periods, where necessary, subject to applicable law, for security purposes. +## 个人数据的保留 +只要有必要,我们就会保留个人数据,以提供服务并完成您请求的交易,遵守我们的法律义务,解决争议,执行我们的协议以及其他合法和合法的商业目的。 由于在不同服务环境中,不同数据类型的这些需求可能会有所不同,因此实际保留期可能会根据用户期望或同意、数据的敏感性、使用户能够删除数据的自动控制的可用性以及我们的法律或合同义务等标准而有很大差异。 例如,出于安全目的,我们可能会在必要时根据适用法律将您的个人数据保留更长时间。 ## GitHub 如何保护您的信息 -GitHub takes reasonable measures necessary to protect your personal data from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of your personal data. 为了帮助我们保护个人数据,我们要求您使用强密码,切勿与任何人共享密码或与其他网站或帐户使用相同的密码。 +GitHub 采取必要的合理措施来保护您的个人数据免遭未经授权的访问、更改或破坏;保持数据准确性;并帮助确保正确使用您的个人数据。 为了帮助我们保护个人数据,我们要求您使用强密码,切勿与任何人共享密码或与其他网站或帐户使用相同的密码。 此外,如果您的帐户具有私有仓库,则可以控制对该内容的访问。 GitHub 人员不能访问私有仓库内容,除非 - 出于安全目的, @@ -233,10 +233,10 @@ GitHub takes reasonable measures necessary to protect your personal data from un Github 将在法律不禁止的情况下,或者在响应安全威胁或其他安全风险的情况下,提供有关私有仓库访问的通知。 ### 跨境数据传输 -GitHub processes personal data both inside and outside of the United States and relies on legal mechanisms such as Standard Contractual Clauses to lawfully transfer data from the European Economic Area, the United Kingdom, and Switzerland to the United States. 您可以使用下面标题为“联系 GitHub”的部分中提供的联系方式索取标准合同条款的副本。 +GitHub 处理美国境内外的个人数据,并依靠标准合同条款等法律机制将数据从欧洲经济区、英国和瑞士合法传输到美国。 您可以使用下面标题为“联系 GitHub”的部分中提供的联系方式索取标准合同条款的副本。 ### 解决投诉 -If you have concerns about the way GitHub is handling your personal data, please let us know immediately. 我们乐于提供帮助。 您可以通过填写[隐私问题联系表](https://support.github.com/contact/privacy)联系我们。 您也可以直接通过 **(privacy [at] github [dot] com)** 给我们发送主题行为“隐私问题”的电子邮件。 我们将尽快回复 — 最迟不超过 45 天。 +如果您对 GitHub 处理您的个人数据的方式有疑问,请立即告诉我们。 我们乐于提供帮助。 您可以通过填写[隐私问题联系表](https://support.github.com/contact/privacy)联系我们。 您也可以直接通过 **(privacy [at] github [dot] com)** 给我们发送主题行为“隐私问题”的电子邮件。 我们将尽快回复 — 最迟不超过 45 天。 您还可以直接联系我们的数据保护官。 diff --git a/translations/zh-CN/data/features/dependabot-most-important-sort-option.yml b/translations/zh-CN/data/features/dependabot-most-important-sort-option.yml new file mode 100644 index 0000000000..429c3e6be0 --- /dev/null +++ b/translations/zh-CN/data/features/dependabot-most-important-sort-option.yml @@ -0,0 +1,6 @@ +#Reference: Issue #7510 - Dependabot alerts: "Most important" sort (prioritization score) - [GA] +versions: + fpt: '*' + ghec: '*' + ghes: '>3.6' + ghae: 'issue-7510' diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-5/0-rc1.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-5/0-rc1.yml index 0c4372c7b2..8ea8cfb702 100644 --- a/translations/zh-CN/data/release-notes/enterprise-server/3-5/0-rc1.yml +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-5/0-rc1.yml @@ -180,10 +180,10 @@ sections: 更多信息请参阅“[管理组织的自定义存储库角色](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)”。 - - heading: Secret scanning now supports archived repositories + heading: 机密扫描现在支持存档的存储库 notes: - | - GitHub Advanced Security customers can now enable secret scanning for archived repositories via the UI and API. For more information, see "[About secret scanning](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-private-repositories)," "[About archived repositories](/repositories/archiving-a-github-repository/archiving-repositories)," and "[Repositories](/rest/repos/repos#update-a-repository)" in the REST API documentation. + GitHub Advanced Security 客户现在可以通过 UI 和 API 为存档的存储库启用机密扫描。更多信息请参阅 REST API 文档中的“[关于机密扫描](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-private-repositories)”、“[关于存档的存储库](/repositories/archiving-a-github-repository/archiving-repositories)”和“[Repositories](/rest/repos/repos#update-a-repository)”。 - heading: Secret scanning webhooks for alert locations notes: diff --git a/translations/zh-CN/data/release-notes/enterprise-server/3-5/0.yml b/translations/zh-CN/data/release-notes/enterprise-server/3-5/0.yml index a68eb153b8..91b54f033e 100644 --- a/translations/zh-CN/data/release-notes/enterprise-server/3-5/0.yml +++ b/translations/zh-CN/data/release-notes/enterprise-server/3-5/0.yml @@ -173,10 +173,10 @@ sections: 更多信息请参阅“[管理组织的自定义存储库角色](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)”。 - - heading: Secret scanning now supports archived repositories + heading: 机密扫描现在支持存档的存储库 notes: - | - GitHub Advanced Security customers can now enable secret scanning for archived repositories via the UI and API. For more information, see "[About secret scanning](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-private-repositories)," "[About archived repositories](/repositories/archiving-a-github-repository/archiving-repositories)," and "[Repositories](/rest/repos/repos#update-a-repository)" in the REST API documentation. + GitHub Advanced Security 客户现在可以通过 UI 和 API 为存档的存储库启用机密扫描。更多信息请参阅 REST API 文档中的“[关于机密扫描](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-private-repositories)”、“[关于存档的存储库](/repositories/archiving-a-github-repository/archiving-repositories)”和“[Repositories](/rest/repos/repos#update-a-repository)”。 - heading: Secret scanning webhooks for alert locations notes: diff --git a/translations/zh-CN/data/release-notes/github-ae/2022-05/2022-05-17.yml b/translations/zh-CN/data/release-notes/github-ae/2022-05/2022-05-17.yml index 886aedb684..052fb8e5b5 100644 --- a/translations/zh-CN/data/release-notes/github-ae/2022-05/2022-05-17.yml +++ b/translations/zh-CN/data/release-notes/github-ae/2022-05/2022-05-17.yml @@ -115,8 +115,6 @@ sections: You can now use footnote syntax in any Markdown field to reference relevant information without disrupting the flow of your prose. Footnotes are displayed as superscript links. Click a footnote to jump to the reference, displayed in a new section at the bottom of the document. For more information, see "[Basic writing and formatting syntax](/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#footnotes)." - | You can now toggle between the source view and rendered Markdown view through the web UI by clicking the {% octicon "code" aria-label="The Code icon" %} button to "Display the source diff" at the top of any Markdown file. Previously, you needed to use the blame view to link to specific line numbers in the source of a Markdown file. - - | - You can now add images and videos to Markdown files in gists by pasting them into the Markdown body or selecting them from the dialog at the bottom of the Markdown file. For information about supported file types, see "[Attaching files](/github/writing-on-github/working-with-advanced-formatting/attaching-files)." - | GitHub AE now automatically generates a table of contents for Wikis, based on headings. changes: diff --git a/translations/zh-CN/data/reusables/codespaces/codespaces-machine-types.md b/translations/zh-CN/data/reusables/codespaces/codespaces-machine-types.md index 1601bf341b..052f37713a 100644 --- a/translations/zh-CN/data/reusables/codespaces/codespaces-machine-types.md +++ b/translations/zh-CN/data/reusables/codespaces/codespaces-machine-types.md @@ -1,3 +1,3 @@ -通常,您可以在选择的远程机器上运行代码空间,从 2 核到 32 核。 每种类型都有不同的资源水平和不同的计费等级。 For information, see "[About billing for {% data variables.product.prodname_github_codespaces %}](/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces)." +通常,您可以在选择的远程机器上运行代码空间,从 2 核到 32 核。 每种类型都有不同的资源水平和不同的计费等级。 有关信息请参阅“[关于 {% data variables.product.prodname_github_codespaces %} 的计费](/billing/managing-billing-for-github-codespaces/about-billing-for-github-codespaces)”。 默认情况下,在创建代码空间时,将使用具有最低有效资源的计算机类型。 diff --git a/translations/zh-CN/data/reusables/codespaces/links-to-get-started.md b/translations/zh-CN/data/reusables/codespaces/links-to-get-started.md index 966fb6d108..0da1684157 100644 --- a/translations/zh-CN/data/reusables/codespaces/links-to-get-started.md +++ b/translations/zh-CN/data/reusables/codespaces/links-to-get-started.md @@ -1 +1 @@ -要开始使用 {% data variables.product.prodname_codespaces %},请参阅“[{% data variables.product.prodname_github_codespaces %}](/codespaces/getting-started/quickstart)快速入门”。 To learn more about how {% data variables.product.prodname_codespaces %} works, see "[Deep dive into {% data variables.product.prodname_github_codespaces %}](/codespaces/getting-started/deep-dive)." +要开始使用 {% data variables.product.prodname_codespaces %},请参阅“[{% data variables.product.prodname_github_codespaces %}](/codespaces/getting-started/quickstart)快速入门”。 要了解有关 {% data variables.product.prodname_codespaces %} 工作原理的更多信息,请参阅“[深入了解 {% data variables.product.prodname_github_codespaces %}](/codespaces/getting-started/deep-dive)”。 diff --git a/translations/zh-CN/data/reusables/gated-features/codespaces.md b/translations/zh-CN/data/reusables/gated-features/codespaces.md index 572854b8ff..04b424cfd7 100644 --- a/translations/zh-CN/data/reusables/gated-features/codespaces.md +++ b/translations/zh-CN/data/reusables/gated-features/codespaces.md @@ -1 +1 @@ -{% data variables.product.prodname_github_codespaces %} is available for organizations using {% data variables.product.prodname_team %} or {% data variables.product.prodname_ghe_cloud %}. {% data reusables.gated-features.more-info-org-products %} +{% data variables.product.prodname_github_codespaces %} 可用于使用 {% data variables.product.prodname_team %} 或 {% data variables.product.prodname_ghe_cloud %} 的组织。 {% data reusables.gated-features.more-info-org-products %} diff --git a/translations/zh-CN/data/reusables/webhooks/check_suite_properties.md b/translations/zh-CN/data/reusables/webhooks/check_suite_properties.md index 957984c3e9..6992f4d32e 100644 --- a/translations/zh-CN/data/reusables/webhooks/check_suite_properties.md +++ b/translations/zh-CN/data/reusables/webhooks/check_suite_properties.md @@ -4,7 +4,7 @@ | `check_suite` | `对象` | [check_suite](/rest/reference/checks#suites)。 | | `check_suite[head_branch]` | `字符串` | 更改所在的头部分支的名称。 | | `check_suite[head_sha]` | `字符串` | 此检查套件的最新提交的 SHA。 | -| `check_suite[status]` | `字符串` | 检查套件中所有检查运行的摘要状态。 可以是 `requested`、`in_progress` 或 `completed`。 | +| `check_suite[status]` | `字符串` | 检查套件中所有检查运行的摘要状态。 Can be `queued`, `requested`, `in_progress`, or `completed`. | | `check_suite[conclusion]` | `字符串` | 检查套件中所有检查运行的摘要结论。 可以是 `success`、`failure`、`neutral`、`cancelled`、`timed_out`、`action_required` 或 `stale` 之一。 此值将为 `null`,直到检查运行 `completed`。 | | `check_suite[url]` | `字符串` | 指向检查套件 API 资源的 URL。 | | `check_suite[pull_requests]` | `数组` | 匹配此检查套件的拉取请求数组。 如果拉取请求具有相同的 `head_branch`,则它们与检查套件匹配。

**注意:** |