New translation batch for cn (#33241)

Co-authored-by: Robert Sese <734194+rsese@users.noreply.github.com>

translations/log/msft-cn-resets.csv

@@ -543,6 +543,7 @@ translations/zh-CN/content/admin/configuration/configuring-your-enterprise/confi
 translations/zh-CN/content/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode.md,rendering error
 translations/zh-CN/content/admin/configuration/configuring-your-enterprise/enabling-private-mode.md,rendering error
 translations/zh-CN/content/admin/configuration/configuring-your-enterprise/managing-github-mobile-for-your-enterprise.md,rendering error
+translations/zh-CN/content/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list.md,broken liquid tags
 translations/zh-CN/content/admin/configuration/configuring-your-enterprise/site-admin-dashboard.md,rendering error
 translations/zh-CN/content/admin/configuration/configuring-your-enterprise/troubleshooting-tls-errors.md,rendering error
 translations/zh-CN/content/admin/enterprise-management/caching-repositories/about-repository-caching.md,rendering error
@@ -579,7 +580,6 @@ translations/zh-CN/content/admin/identity-and-access-management/using-built-in-a
 translations/zh-CN/content/admin/identity-and-access-management/using-built-in-authentication/inviting-people-to-use-your-instance.md,rendering error
 translations/zh-CN/content/admin/identity-and-access-management/using-cas-for-enterprise-iam/index.md,rendering error
 translations/zh-CN/content/admin/identity-and-access-management/using-cas-for-enterprise-iam/using-cas.md,rendering error
-translations/zh-CN/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md,rendering error
 translations/zh-CN/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-support-for-your-idps-conditional-access-policy.md,rendering error
 translations/zh-CN/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-oidc-for-enterprise-managed-users.md,rendering error
 translations/zh-CN/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-scim-provisioning-for-enterprise-managed-users.md,rendering error
@@ -638,7 +638,6 @@ translations/zh-CN/content/authentication/connecting-to-github-with-ssh/testing-
 translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/about-authentication-to-github.md,rendering error
 translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token.md,rendering error
 translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/creating-a-strong-password.md,rendering error
-translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints.md,broken liquid tags
 translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/preventing-unauthorized-access.md,rendering error
 translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/removing-sensitive-data-from-a-repository.md,rendering error
 translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/reviewing-your-deploy-keys.md,rendering error
@@ -660,7 +659,6 @@ translations/zh-CN/content/authentication/troubleshooting-commit-signature-verif
 translations/zh-CN/content/authentication/troubleshooting-ssh/error-agent-admitted-failure-to-sign.md,rendering error
 translations/zh-CN/content/authentication/troubleshooting-ssh/error-key-already-in-use.md,rendering error
 translations/zh-CN/content/authentication/troubleshooting-ssh/recovering-your-ssh-key-passphrase.md,broken liquid tags
-translations/zh-CN/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md,rendering error
 translations/zh-CN/content/billing/managing-billing-for-github-actions/about-billing-for-github-actions.md,rendering error
 translations/zh-CN/content/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security.md,broken liquid tags
 translations/zh-CN/content/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md,rendering error
@@ -924,6 +922,7 @@ translations/zh-CN/content/repositories/releasing-projects-on-github/automatical
 translations/zh-CN/content/repositories/releasing-projects-on-github/comparing-releases.md,rendering error
 translations/zh-CN/content/repositories/releasing-projects-on-github/linking-to-releases.md,rendering error
 translations/zh-CN/content/repositories/releasing-projects-on-github/managing-releases-in-a-repository.md,rendering error
+translations/zh-CN/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md,rendering error
 translations/zh-CN/content/repositories/working-with-files/managing-files/adding-a-file-to-a-repository.md,rendering error
 translations/zh-CN/content/repositories/working-with-files/managing-large-files/about-large-files-on-github.md,rendering error
 translations/zh-CN/content/repositories/working-with-files/using-files/getting-permanent-links-to-files.md,rendering error
@@ -1060,7 +1059,6 @@ translations/zh-CN/data/reusables/enterprise-accounts/actions-packages-report-do
 translations/zh-CN/data/reusables/enterprise-accounts/billing-microsoft-ea-overview.md,broken liquid tags
 translations/zh-CN/data/reusables/enterprise-accounts/dormant-user-activity.md,rendering error
 translations/zh-CN/data/reusables/enterprise-accounts/emu-cap-validates.md,broken liquid tags
-translations/zh-CN/data/reusables/enterprise-accounts/emu-forks.md,rendering error
 translations/zh-CN/data/reusables/enterprise-accounts/emu-permission-follow.md,broken liquid tags
 translations/zh-CN/data/reusables/enterprise-accounts/emu-permission-fork.md,broken liquid tags
 translations/zh-CN/data/reusables/enterprise-accounts/emu-permission-gist.md,broken liquid tags

translations/zh-CN/content/admin/configuration/configuring-github-connect/enabling-server-statistics-for-your-enterprise.md

@@ -14,7 +14,7 @@ shortTitle: Server Statistics
 
 {% data variables.product.prodname_server_statistics %} collects aggregate usage data from {% data variables.location.product_location %}, which you can use to better anticipate the needs of your organization, understand how your team works, and show the value you get from {% data variables.product.prodname_ghe_server %}. 
 
-{% data variables.product.prodname_server_statistics %} only collects certain aggregate metrics on repositories, issues, pull requests, and other features.{% data variables.product.prodname_dotcom %} content, such as code, issues, comments, or pull request content, is not collected. For more information, see "[About {% data variables.product.prodname_server_statistics %}](/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics)."
+{% data variables.product.prodname_server_statistics %} only collects certain aggregate metrics on repositories, issues, pull requests, and other features. {% data variables.product.prodname_dotcom %} content, such as code, issues, comments, or pull request content, is not collected. For more information, see "[About {% data variables.product.prodname_server_statistics %}](/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics)."
 
 By enabling {% data variables.product.prodname_server_statistics %}, you are also helping to improve {% data variables.product.company_short %}. The aggregated data you will provide helps us understand how our customers are using {% data variables.product.prodname_dotcom %}, and make better and more informed product decisions, ultimately benefiting you.
 

translations/zh-CN/content/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list.md

@@ -1,7 +1,7 @@
 ---
-title: 使用 IP 允许列表限制到企业的网络流量
+title: Restricting network traffic to your enterprise with an IP allow list
 shortTitle: Restricting network traffic
-intro: 可以使用 IP 允许列表限制对企业的访问，仅允许从指定的 IP 地址访问资源。
+intro: You can restrict access to your enterprise and only allow access to your resources from specified IP addresses by using an IP allow list.
 permissions: Enterprise owners can configure IP allow lists.
 miniTocMaxHeadingLevel: 3
 versions:
@@ -17,150 +17,192 @@ topics:
 redirect_from:
   - /admin/configuration/restricting-network-traffic-to-your-enterprise
   - /admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise
-ms.openlocfilehash: b62ab2a143ed0e7ec57f7e7225a09c0ca713295c
-ms.sourcegitcommit: 7fb7ec2e665856fc5f7cd209b53bd0fb1c9bbc67
-ms.translationtype: HT
-ms.contentlocale: zh-CN
-ms.lasthandoff: 11/29/2022
-ms.locfileid: '148185041'
 ---
-## 关于网络流量限制
 
-默认情况下，授权用户可以从任何 IP 地址访问您的企业。 可以通过为特定 IP 地址配置允许列表来限制对{% ifversion ghec %}企业帐户中组织拥有的{% endif %}资源的访问。 {% data reusables.identity-and-permissions.ip-allow-lists-example-and-restrictions %}
+## About network traffic restrictions
+
+By default, authorized users can access your enterprise from any IP address. You can restrict access to resources {% ifversion ghec %}owned by organizations in an enterprise account {% endif %}by configuring an allow list for specific IP addresses. {% data reusables.identity-and-permissions.ip-allow-lists-example-and-restrictions %}
 
 {% ifversion ghec %}
 
-如果你的企业将 {% data variables.product.prodname_emus %} 与 OIDC 配合使用，你则可以选择是使用 {% data variables.product.company_short %} 的 IP 允许列表功能，还是为标识提供者 (IdP) 使用允许列表限制。 如果你的企业未将 {% data variables.product.prodname_emus %} 与 OIDC 配合使用，你则可以使用 {% data variables.product.company_short %} 的允许列表功能。 
+If your enterprise uses {% data variables.product.prodname_emus %} with Azure AD and OIDC, you can choose whether to use {% data variables.product.company_short %}'s IP allow list feature or to use the allow list restrictions for your identity provider (IdP). If your enterprise does not use {% data variables.product.prodname_emus %} with Azure and OIDC, you can use {% data variables.product.company_short %}'s allow list feature. 
 
 {% elsif ghae %}
 
-默认情况下，Azure 网络安全组 (NSG) 规则允许所有入站流量在端口 22、80、443 和 25 打开。 可以联系 {% data variables.contact.github_support %} 为 {% data variables.product.product_name %} 配置访问限制。
+By default, Azure network security group (NSG) rules leave all inbound traffic open on ports 22, 80, 443, and 25. You can contact {% data variables.contact.github_support %} to configure access restrictions for {% data variables.product.product_name %}.
 
-对于使用 Azure NSG 的限制，请联系 {% data variables.contact.github_support %} 以获取应允许访问 {% data variables.product.product_name %} 的 IP 地址。 使用标准 CIDR（无类域间路由）格式指定地址范围。 {% data variables.contact.github_support %} 将配置合适的防火墙规则，以限制通过 HTTP、SSH、HTTPS 和 SMTP 的网络访问。 有关详细信息，请参阅“[从 {% data variables.contact.github_support %} 获取帮助](/admin/enterprise-support/receiving-help-from-github-support)”。
+For restrictions using Azure NSGs, contact {% data variables.contact.github_support %} with the IP addresses that should be allowed to access {% data variables.product.product_name %}. Specify address ranges using the standard CIDR (Classless Inter-Domain Routing) format. {% data variables.contact.github_support %} will configure the appropriate firewall rules to restrict network access over HTTP, SSH, HTTPS, and SMTP. For more information, see "[Receiving help from {% data variables.contact.github_support %}](/admin/enterprise-support/receiving-help-from-github-support)."
 
 {% endif %}
 
 {% ifversion ghec %}
 
-## 关于 {% data variables.product.company_short %} 的 IP 允许列表
+## About {% data variables.product.company_short %}'s IP allow list
 
-可以使用 {% data variables.product.company_short %} 的 IP 允许列表来控制对企业和企业中组织拥有的资产的访问。 
+You can use {% data variables.product.company_short %}'s IP allow list to control access to your enterprise and assets owned by organizations in your enterprise. 
 
 {% data reusables.identity-and-permissions.ip-allow-lists-cidr-notation %} 
 
 {% data reusables.identity-and-permissions.ip-allow-lists-enable %} {% data reusables.identity-and-permissions.ip-allow-lists-enterprise %} 
 
-## 关于 IdP 的允许列表
+## About your IdP's allow list
 
-如果将 {% data variables.product.prodname_emus %} 与 OIDC 配合使用，则可以使用 IdP 的允许列表。 
+If you are using {% data variables.product.prodname_emus %} with Azure AD and OIDC, you can use your IdP's allow list.
 
-使用 IdP 的允许列表会停用企业中所有组织的 {% data variables.product.company_short %} IP 允许列表配置，并停用 GraphQL API 以启用和管理 IP 允许列表。 
+Using your IdP's allow list deactivates the {% data variables.product.company_short %} IP allow list configurations for all organizations in your enterprise and deactivates the GraphQL APIs for enabling and managing IP allow lists. 
 
-默认情况下，你的 IdP 会在初始交互式 SAML 或 OIDC 登录到 {% data variables.product.company_short %} 时为你所选择的任何 IP 允许列表配置运行 CAP。
+By default, your IdP runs the CAP on the initial interactive SAML or OIDC sign-in to {% data variables.product.company_short %} for any IP allow list configuration you choose.
 
-OIDC CAP 仅适用于使用用户到服务器令牌对 API 的请求，例如 {% data variables.product.prodname_oauth_app %} 或代表用户操作的 {% data variables.product.prodname_github_app %} 的令牌。 当 {% data variables.product.prodname_github_app %} 使用服务器到服务器令牌时，OIDC CAP 不适用。 有关详细信息，请参阅“[使用 {% data variables.product.prodname_github_apps %} 进行身份验证](/developers/apps/building-github-apps/authenticating-with-github-apps#authenticating-as-an-installation)”和“[关于对 IdP 条件访问策略的支持](/enterprise-cloud@latest/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-support-for-your-idps-conditional-access-policy#github-apps-and-oauth-apps)”。
+The OIDC CAP only applies for requests to the API using a user-to-server token, such as a token for an {% data variables.product.prodname_oauth_app %} or a {% data variables.product.prodname_github_app %} acting on behalf of a user. The OIDC CAP does not apply when a {% data variables.product.prodname_github_app %} uses a server-to-server token. For more information, see "[Authenticating with {% data variables.product.prodname_github_apps %}](/developers/apps/building-github-apps/authenticating-with-github-apps#authenticating-as-an-installation)" and "[About support for your IdPs Conditional Access Policy](/enterprise-cloud@latest/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-support-for-your-idps-conditional-access-policy#github-apps-and-oauth-apps)."
 
-为了确保在将策略应用到用户到服务器令牌的同时无缝使用 OIDC CAP，必须将企业使用的每个 {% data variables.product.prodname_github_app %} 中的所有 IP 范围复制到 IdP 策略。 
+To ensure seamless use of the OIDC CAP while still applying the policy to user-to-server tokens, you must copy all of the IP ranges from each {% data variables.product.prodname_github_app %} that your enterprise uses to your IdP policy. 
 
-## 使用 {% data variables.product.company_short %} 的 IP 允许列表
+## Using {% data variables.product.company_short %}'s IP allow list
 
-### 启用 {% data variables.product.company_short %} 的 IP 允许列表
-{% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} {% data reusables.organizations.security %}
-1. 在“IP 允许列表”下，启用 IP 允许列表。 
-   - 如果将 {% data variables.product.prodname_emus %} 与 OIDC 配合使用，请选择下拉菜单并单击“GitHub”。
-      ![显示三个 IP 允许列表配置选项“已禁用”、“标识提供者”和“GitHub”的下拉菜单的屏幕截图](/assets/images/help/security/enable-github-ip-allow-list.png)
+### Enabling {% data variables.product.company_short %}'s IP allow list
+{% data reusables.profile.access_org %}
+{% data reusables.profile.org_settings %}
+{% data reusables.organizations.security %}
+1. Under "IP allow list", enable the IP allow list. 
+   - If you are using {% data variables.product.prodname_emus %} with OIDC, select the dropdown menu and click **GitHub**.
+      ![Screenshot of dropdown menu showing three IP allow list configuration options: Disabled, Identity Provider, and GitHub](/assets/images/help/security/enable-github-ip-allow-list.png)
    
-      选择“启用 IP 允许列表”。
-      ![允许 IP 地址的复选框的屏幕截图](/assets/images/help/security/enable-ip-allow-list-ghec.png)
+      Select **Enable IP allow list**.
+      ![Screenshot of checkbox to allow IP addresses](/assets/images/help/security/enable-ip-allow-list-ghec.png)
 
-   - 如果未将 {% data variables.product.prodname_emus %} 与 OIDC 配合使用，请选择“启用 IP 允许列表”。
-     ![允许 IP 地址的复选框的屏幕截图](/assets/images/help/security/enable-ip-allowlist-enterprise-checkbox.png)
-1. 单击“ **保存**”。
+   - If you are not using {% data variables.product.prodname_emus %} with OIDC, select **Enable IP allow list**.
+     ![Screenshot of checkbox to allow IP addresses](/assets/images/help/security/enable-ip-allowlist-enterprise-checkbox.png)
+1. Click **Save**.
 
-### 添加允许的 IP 地址
+### Adding an allowed IP address
 
 {% data reusables.identity-and-permissions.about-adding-ip-allow-list-entries %}
 
 {% data reusables.identity-and-permissions.ipv6-allow-lists %}
 
-{% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} {% data reusables.enterprise-accounts.security-tab %} {% data reusables.identity-and-permissions.ip-allow-lists-add-ip %} {% data reusables.identity-and-permissions.ip-allow-lists-add-description %} {% data reusables.identity-and-permissions.ip-allow-lists-add-entry %} {% data reusables.identity-and-permissions.check-ip-address %}
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+{% data reusables.enterprise-accounts.security-tab %}
+{% data reusables.identity-and-permissions.ip-allow-lists-add-ip %}
+{% data reusables.identity-and-permissions.ip-allow-lists-add-description %}
+{% data reusables.identity-and-permissions.ip-allow-lists-add-entry %}
+{% data reusables.identity-and-permissions.check-ip-address %}
 
-### 允许 {% data variables.product.prodname_github_apps %} 访问
+### Allowing access by {% data variables.product.prodname_github_apps %}
 
 {% data reusables.identity-and-permissions.ip-allow-lists-githubapps-enterprise %}
 
-### 编辑允许的 IP 地址
+### Editing an allowed IP address
 
 {% data reusables.identity-and-permissions.about-editing-ip-allow-list-entries %}
 
-{% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} {% data reusables.enterprise-accounts.security-tab %} {% data reusables.identity-and-permissions.ip-allow-lists-edit-entry %} {% data reusables.identity-and-permissions.ip-allow-lists-edit-ip %} {% data reusables.identity-and-permissions.ip-allow-lists-edit-description %}
-8. 单击“更新”。
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+{% data reusables.enterprise-accounts.security-tab %}
+{% data reusables.identity-and-permissions.ip-allow-lists-edit-entry %}
+{% data reusables.identity-and-permissions.ip-allow-lists-edit-ip %}
+{% data reusables.identity-and-permissions.ip-allow-lists-edit-description %}
+8. Click **Update**.
 {% data reusables.identity-and-permissions.check-ip-address %}
 
-### 检查是否允许使用 IP 地址
+### Checking if an IP address is permitted
 
 {% data reusables.identity-and-permissions.about-checking-ip-address %}
 
-{% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} {% data reusables.enterprise-accounts.security-tab %} {% data reusables.identity-and-permissions.check-ip-address-step %}
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+{% data reusables.enterprise-accounts.security-tab %}
+{% data reusables.identity-and-permissions.check-ip-address-step %}
 
-### 删除允许的 IP 地址
+### Deleting an allowed IP address
 
-{% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} {% data reusables.enterprise-accounts.security-tab %} {% data reusables.identity-and-permissions.ip-allow-lists-delete-entry %} {% data reusables.identity-and-permissions.ip-allow-lists-confirm-deletion %}
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+{% data reusables.enterprise-accounts.security-tab %}
+{% data reusables.identity-and-permissions.ip-allow-lists-delete-entry %}
+{% data reusables.identity-and-permissions.ip-allow-lists-confirm-deletion %}
 
-## 使用标识提供者的允许列表
+## Using your identity provider's allow list
 
-如果将 {% data variables.product.prodname_emus %} 与 OIDC 配合使用，则可以使用 IdP 的允许列表。
+{% note %}
 
-{% data reusables.profile.access_org %} {% data reusables.profile.org_settings %} {% data reusables.organizations.security %}
-1. 在“IP 允许列表”下，选择下拉列表并单击“标识提供者”。
+**Note:** Using your IdP's allow list is only supported for {% data variables.product.prodname_emus %} with Azure AD and OIDC. 
 
-   ![显示三个 IP 允许列表配置选项“已禁用”、“标识提供者”和“GitHub”的下拉菜单的屏幕截图](/assets/images/help/security/enable-identity-provider-ip-allow-list.png)
-1. （可选）若要允许已安装的 {% data variables.product.company_short %} 和 {% data variables.product.prodname_oauth_apps %} 从任意 IP 地址访问你的企业，请选择“为应用程序跳过 IdP 检查”。
+{% endnote %}
 
-   ![允许 IP 地址的复选框](/assets/images/help/security/ip-allow-list-skip-idp-check.png)
-1. 单击“ **保存**”。
+{% data reusables.profile.access_org %}
+{% data reusables.profile.org_settings %}
+{% data reusables.organizations.security %}
+1. Under "IP allow list", select the dropdown and click **Identity Provider**.
+
+   ![Screenshot of dropdown menu showing three IP allow list configuration options: Disabled, Identity Provider, and GitHub](/assets/images/help/security/enable-identity-provider-ip-allow-list.png)
+1. Optionally, to allow installed {% data variables.product.company_short %} and {% data variables.product.prodname_oauth_apps %} to access your enterprise from any IP address, select **Skip IdP check for applications**.
+
+   ![Checkbox to allow IP addresses](/assets/images/help/security/ip-allow-list-skip-idp-check.png)
+1. Click **Save**.
 
 {% endif %}
 
 {% ifversion ghae %}
 
-## 启用允许的 IP 地址
+## Enabling allowed IP addresses
 
 {% data reusables.identity-and-permissions.about-enabling-allowed-ip-addresses %}
 
-{% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} {% data reusables.enterprise-accounts.security-tab %}
-1. 在“IP 允许列表”下，选择“启用 IP 允许列表”。
-  ![允许 IP 地址的复选框](/assets/images/help/security/enable-ip-allowlist-enterprise-checkbox.png)
-4. 单击“ **保存**”。
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+{% data reusables.enterprise-accounts.security-tab %}
+1. Under "IP allow list", select **Enable IP allow list**.
+  ![Checkbox to allow IP addresses](/assets/images/help/security/enable-ip-allowlist-enterprise-checkbox.png)
+4. Click **Save**.
 
-## 添加允许的 IP 地址
+## Adding an allowed IP address
 
-{% data reusables.identity-and-permissions.about-adding-ip-allow-list-entries %} {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} {% data reusables.enterprise-accounts.security-tab %} {% data reusables.identity-and-permissions.ip-allow-lists-add-ip %} {% data reusables.identity-and-permissions.ip-allow-lists-add-description %} {% data reusables.identity-and-permissions.ip-allow-lists-add-entry %} {% data reusables.identity-and-permissions.check-ip-address %}
+{% data reusables.identity-and-permissions.about-adding-ip-allow-list-entries %}
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+{% data reusables.enterprise-accounts.security-tab %}
+{% data reusables.identity-and-permissions.ip-allow-lists-add-ip %}
+{% data reusables.identity-and-permissions.ip-allow-lists-add-description %}
+{% data reusables.identity-and-permissions.ip-allow-lists-add-entry %}
+{% data reusables.identity-and-permissions.check-ip-address %}
 
-## 允许 {% data variables.product.prodname_github_apps %} 访问
+## Allowing access by {% data variables.product.prodname_github_apps %}
 
 {% data reusables.identity-and-permissions.ip-allow-lists-githubapps-enterprise %}
 
-## 编辑允许的 IP 地址
+## Editing an allowed IP address
 
 {% data reusables.identity-and-permissions.about-editing-ip-allow-list-entries %}
 
-{% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} {% data reusables.enterprise-accounts.security-tab %} {% data reusables.identity-and-permissions.ip-allow-lists-edit-entry %} {% data reusables.identity-and-permissions.ip-allow-lists-edit-ip %} {% data reusables.identity-and-permissions.ip-allow-lists-edit-description %}
-8. 单击“更新”。
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+{% data reusables.enterprise-accounts.security-tab %}
+{% data reusables.identity-and-permissions.ip-allow-lists-edit-entry %}
+{% data reusables.identity-and-permissions.ip-allow-lists-edit-ip %}
+{% data reusables.identity-and-permissions.ip-allow-lists-edit-description %}
+8. Click **Update**.
 {% data reusables.identity-and-permissions.check-ip-address %}
 
-## 检查是否允许使用 IP 地址
+## Checking if an IP address is permitted
 
 {% data reusables.identity-and-permissions.about-checking-ip-address %}
 
-{% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} {% data reusables.enterprise-accounts.security-tab %} {% data reusables.identity-and-permissions.check-ip-address-step %}
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+{% data reusables.enterprise-accounts.security-tab %}
+{% data reusables.identity-and-permissions.check-ip-address-step %}
 
-## 删除允许的 IP 地址
+## Deleting an allowed IP address
 
-{% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} {% data reusables.enterprise-accounts.security-tab %} {% data reusables.identity-and-permissions.ip-allow-lists-delete-entry %} {% data reusables.identity-and-permissions.ip-allow-lists-confirm-deletion %}
+{% data reusables.enterprise-accounts.access-enterprise %}
+{% data reusables.enterprise-accounts.settings-tab %}
+{% data reusables.enterprise-accounts.security-tab %}
+{% data reusables.identity-and-permissions.ip-allow-lists-delete-entry %}
+{% data reusables.identity-and-permissions.ip-allow-lists-confirm-deletion %}
 
 {% endif %}
 
-## 对 {% data variables.product.prodname_actions %} 使用 IP 允许列表
+## Using {% data variables.product.prodname_actions %} with an IP allow list
 
 {% data reusables.actions.ip-allow-list-self-hosted-runners %}

translations/zh-CN/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md

@@ -1,7 +1,7 @@
 ---
-title: About {% data variables.product.prodname_emus %}
+title: '关于 {% data variables.product.prodname_emus %}'
 shortTitle: About managed users
-intro: 'You can centrally manage identity and access for your enterprise members on {% data variables.product.prodname_dotcom %} from your identity provider.'
+intro: '可以从标识提供者的 {% data variables.product.prodname_dotcom %} 上集中管理企业成员的标识和访问。'
 redirect_from:
   - /early-access/github/articles/get-started-with-managed-users-for-your-enterprise
   - /github/setting-up-and-managing-your-enterprise/managing-your-enterprise-users-with-your-identity-provider/about-enterprise-managed-users
@@ -17,48 +17,53 @@ topics:
   - Enterprise
   - SSO
 allowTitleToDifferFromFilename: true
+ms.openlocfilehash: 72d8263029317783e60d8f81f45edc3dbb8b1c8b
+ms.sourcegitcommit: c562c85cc75ffe1eb4e9595d8adc09ec71697ab1
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 11/22/2022
+ms.locfileid: '148180011'
 ---
+## 关于 {% data variables.product.prodname_emus %}
 
-## About {% data variables.product.prodname_emus %}
+使用 {% data variables.product.prodname_emus %}，可以通过标识提供者 (IdP) 控制企业成员的用户帐户。 IdP 中分配给 {% data variables.product.prodname_emu_idp_application %} 应用程序的用户将会预配为 {% data variables.product.prodname_dotcom %} 上的新用户帐户，并添加到企业中。 可以通过 IdP 控制用户帐户的用户名、配置文件数据、团队成员身份和存储库访问权限。
 
-With {% data variables.product.prodname_emus %}, you can control the user accounts of your enterprise members through your identity provider (IdP). Users assigned to the {% data variables.product.prodname_emu_idp_application %} application in your IdP are provisioned as new user accounts on {% data variables.product.prodname_dotcom %} and added to your enterprise. You control usernames, profile data, team membership, and repository access for the user accounts from your IdP.
-
-In your IdP, you can give each {% data variables.enterprise.prodname_managed_user %} the role of user, enterprise owner, or billing manager. {% data variables.enterprise.prodname_managed_users_caps %} can own organizations within your enterprise and can add other {% data variables.enterprise.prodname_managed_users %} to the organizations and teams within. For more information, see "[Roles in an enterprise](/github/setting-up-and-managing-your-enterprise/managing-users-in-your-enterprise/roles-in-an-enterprise)" and "[About organizations](/organizations/collaborating-with-groups-in-organizations/about-organizations)."
+在 IdP 中，你可以为每个 {% data variables.enterprise.prodname_managed_user %} 提供用户、企业所有者或计费管理员的角色。 {% data variables.enterprise.prodname_managed_users_caps %} 可以拥有企业内的组织，并且可以将其他 {% data variables.enterprise.prodname_managed_users %} 添加到组织和其中的团队。 有关详细信息，请参阅“[企业中的角色](/github/setting-up-and-managing-your-enterprise/managing-users-in-your-enterprise/roles-in-an-enterprise)”和“[关于组织](/organizations/collaborating-with-groups-in-organizations/about-organizations)”。
 
 {% ifversion oidc-for-emu %}
 
-{% data reusables.enterprise-accounts.emu-cap-validates %} For more information, see "[About support for your IdP's Conditional Access Policy](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-support-for-your-idps-conditional-access-policy)."
+{% data reusables.enterprise-accounts.emu-cap-validates %} 有关详细信息，请参阅“[关于对 IdP 的条件访问策略的支持](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-support-for-your-idps-conditional-access-policy)”。
 
 {% endif %}
 
-You can grant {% data variables.enterprise.prodname_managed_users %} access to and the ability to contribute to repositories within your enterprise, but {% data variables.enterprise.prodname_managed_users %} cannot create public content or collaborate with other users, organizations, and enterprises on the rest of {% data variables.product.prodname_dotcom %}. For more information, see "[Abilities and restrictions of {% data variables.enterprise.prodname_managed_users %}](#abilities-and-restrictions-of-enterprise-managed-users)."
+可以授予 {% data variables.enterprise.prodname_managed_users %} 访问权限以及参与企业内部存储库的能力，但 {% data variables.enterprise.prodname_managed_users %} 无法创建公共内容，也不能与其他用户、组织和企业协作处理 {% data variables.product.prodname_dotcom %} 的其余部分。 有关详细信息，请参阅“[{% data variables.enterprise.prodname_managed_users %} 的功能和限制](#abilities-and-restrictions-of-enterprise-managed-users)”。
 
-The usernames of your enterprise's {% data variables.enterprise.prodname_managed_users %} and their profile information, such as display names and email addresses, are set by through your IdP and cannot be changed by the users themselves. For more information, see "[Usernames and profile information](#usernames-and-profile-information)."
+企业的 {% data variables.enterprise.prodname_managed_users %} 的用户名及其个人资料信息（例如显示名称和电子邮件地址）通过 IdP 设置，用户无法自行更改。 有关详细信息，请参阅“[用户名和个人资料信息](#usernames-and-profile-information)”。
 
-Enterprise owners can audit all of the {% data variables.enterprise.prodname_managed_users %}' actions on {% data variables.product.prodname_dotcom %}. For more information, see "[Audit log events for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise#about-audit-log-events-for-your-enterprise)."
+企业所有者可以在 {% data variables.product.prodname_dotcom %} 上审核所有 {% data variables.enterprise.prodname_managed_users %} 的操作。 有关详细信息，请参阅“[企业的审核日志事件](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise#about-audit-log-events-for-your-enterprise)”。
 
-To use {% data variables.product.prodname_emus %}, you need a separate type of enterprise account with {% data variables.product.prodname_emus %} enabled. For more information about creating this account, see "[About enterprises with managed users](#about-enterprises-with-managed-users)."
+若要使用 {% data variables.product.prodname_emus %}，需要启用了 {% data variables.product.prodname_emus %} 的单独企业帐户类型。 有关创建此帐户的详细信息，请参阅“[关于具有托管用户的企业](#about-enterprises-with-managed-users)”。
 
 {% note %}
 
-**Note:** There are multiple options for identity and access management with {% data variables.product.prodname_ghe_cloud %}, and {% data variables.product.prodname_emus %} is not the best solution for every customer. For more information about whether {% data variables.product.prodname_emus %} is right for your enterprise, see "[About authentication for your enterprise](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#identifying-the-best-authentication-method-for-your-enterprise)."
+注意：使用 {% data variables.product.prodname_ghe_cloud %} 进行标识和访问管理有多个选项，而 {% data variables.product.prodname_emus %} 并不是每个客户的最佳解决方案。 如需详细了解 {% data variables.product.prodname_emus %} 是否适合你的企业，请参阅“[关于企业身份验证](/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise#identifying-the-best-authentication-method-for-your-enterprise)”。
 
 {% endnote %}
 
-## About organization membership management
+## 关于组织成员身份管理
 
-Organization memberships can be managed manually, or you can update memberships automatically using IdP groups. To manage organization memberships through your IdP, the members must be added to an IdP group, and the IdP group must be connected to a team within the organization. For more information about managing organization and team memberships automatically, see "[Managing team memberships with identity provider groups](/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/managing-team-memberships-with-identity-provider-groups)."
+可手动管理组织成员身份，也可使用 IdP 组自动更新成员身份。 要通过 IdP 管理组织成员身份，必须将成员添加到 IdP 组，并且 IdP 组必须连接到组织内的团队。 有关自动管理组织和团队成员身份的详细信息，请参阅“[使用标识提供者组管理团队成员身份](/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/managing-team-memberships-with-identity-provider-groups)”。
 
-The way a member is added to an organization owned by your enterprise (through IdP groups or manually) determines how they must be removed from an organization. 
+将成员添加到企业拥有的组织的方式（通过 IdP 组或手动）决定了必须如何从组织中删除他们。 
 
-- If a member was added to an organization manually, you must remove them manually. Unassigning them from the {% data variables.product.prodname_emu_idp_application %} application on your IdP will suspend the user but not remove them from the organization.
-- If a user became a member of an organization because they were added to IdP groups mapped to one or more teams in the organization, removing them from _all_ of the mapped IdP groups associated with the organization will remove them from the organization.
+- 如果将成员手动添加到组织，则必须手动将其删除。 从 IdP 上的 {% data variables.product.prodname_emu_idp_application %} 应用程序中取消分配他们，将暂停用户，但不会将其从组织中删除。
+- 如果用户由于被添加到映射到组织中的一个或多个团队的 IdP 组而成为该组织的成员，则从与组织关联的所有映射的 IdP 组中删除这些用户会将其从组织中删除。
 
-To discover how a member was added to an organization, you can filter the member list by type. For more information, see "[Viewing people in your enterprise](/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#filtering-by-member-type-in-an-enterprise-with-managed-users)."
+要了解成员是如何添加到组织中的，可以按类型筛选成员列表。 有关详细信息，请参阅[查看企业中的人员](/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#filtering-by-member-type-in-an-enterprise-with-managed-users)。
 
-## Identity provider support
+## 标识提供者支持
 
-{% data variables.product.prodname_emus %} supports the following IdPs{% ifversion oidc-for-emu %} and authentication methods:
+{% data variables.product.prodname_emus %} 支持以下 IdP{% ifversion oidc-for-emu %} 和身份验证方法：
 
 |                                  | SAML                                          | OIDC                                          |
 |----------------------------------|-----------------------------------------------|-----------------------------------------------|
@@ -70,36 +75,36 @@ To discover how a member was added to an organization, you can filter the member
 
 {% endif %}
 
-## Abilities and restrictions of {% data variables.enterprise.prodname_managed_users %}
+## {% data variables.enterprise.prodname_managed_users %} 的功能和限制
 
-{% data variables.enterprise.prodname_managed_users_caps %} can only contribute to private and internal repositories within their enterprise and private repositories owned by their user account. {% data variables.enterprise.prodname_managed_users_caps %} have read-only access to the wider {% data variables.product.prodname_dotcom %} community. These visibility and access restrictions for users and content apply to all requests, including API requests.
+{% data variables.enterprise.prodname_managed_users_caps %} 只能参与企业中的专用和内部存储库及其用户帐户拥有的专用存储库。 {% data variables.enterprise.prodname_managed_users_caps %} 对更广泛的 {% data variables.product.prodname_dotcom %} 社区具有只读访问权限。 这些针对用户和内容的可见性和访问限制适用于所有请求，包括 API 请求。
 
-* {% data variables.enterprise.prodname_managed_users_caps %} cannot be invited to organizations or repositories outside of the enterprise, nor can the {% data variables.enterprise.prodname_managed_users %} be invited to other enterprises. 
-* Outside collaborators are not supported by {% data variables.product.prodname_emus %}.
-* {% data variables.enterprise.prodname_managed_users_caps %} cannot create issues or pull requests in, comment or add reactions to, nor star, watch, or fork repositories outside of the enterprise.
-* {% data variables.enterprise.prodname_managed_users_caps %} can view all public repositories on {% data variables.product.prodname_dotcom_the_website %}, but cannot push code to repositories outside of the enterprise.
-* {% data variables.enterprise.prodname_managed_users_caps %} and the content they create is only visible to other members of the enterprise. 
-* {% data variables.enterprise.prodname_managed_users_caps %} cannot follow users outside of the enterprise.
-* {% data variables.enterprise.prodname_managed_users_caps %} cannot create gists or comment on gists.
-* {% data variables.enterprise.prodname_managed_users_caps %} cannot create starter workflows for {% data variables.product.prodname_actions %}.
-* {% data variables.enterprise.prodname_managed_users_caps %} cannot install {% data variables.product.prodname_github_apps %} on their user accounts.
-* Other {% data variables.product.prodname_dotcom %} users cannot see, mention, or invite a {% data variables.enterprise.prodname_managed_user %} to collaborate.
-* You can choose whether {% data variables.enterprise.prodname_managed_users %} are able to create repositories owned by their user accounts. For more information, see "[Enforcing repository management policies in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-creation)."
-* If you allow {% data variables.enterprise.prodname_managed_users %} to create repositories owned by their user accounts, they can only own private repositories and can only invite other enterprise members to collaborate on their user-owned repositories.
+* 不能邀请 {% data variables.enterprise.prodname_managed_users_caps %} 加入企业外部的组织或存储库，也不能邀请 {% data variables.enterprise.prodname_managed_users %} 加入其他企业。 
+* {% data variables.product.prodname_emus %} 不支持外部协作者。
+* {% data variables.enterprise.prodname_managed_users_caps %} 无法在企业外部的存储库中创建问题或拉取请求、添加评论或添加反应，也不能加注星标、监视或创建分支。
+* {% data variables.enterprise.prodname_managed_users_caps %} 可以查看 {% data variables.product.prodname_dotcom_the_website %} 上的所有公共存储库，但无法将代码推送到企业外部的存储库。
+* {% data variables.enterprise.prodname_managed_users_caps %} 和创建的内容只对企业的其他成员可见。 
+* {% data variables.enterprise.prodname_managed_users_caps %} 无法关注企业外部的用户。
+* {% data variables.enterprise.prodname_managed_users_caps %} 无法创建 Gist 或对 Gist 添加评论。
+* {% data variables.enterprise.prodname_managed_users_caps %} 无法为 {% data variables.product.prodname_actions %} 创建入门工作流。
+* {% data variables.enterprise.prodname_managed_users_caps %} 无法在其用户帐户上安装 {% data variables.product.prodname_github_apps %}。
+* 其他 {% data variables.product.prodname_dotcom %} 用户无法查看、提及或邀请 {% data variables.enterprise.prodname_managed_user %} 进行协作。
+* 可以选择 {% data variables.enterprise.prodname_managed_users %} 是否能够创建其用户帐户拥有的存储库。 有关详细信息，请参阅“[在企业中实施存储库管理策略](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-creation)”。
+* 如果允许 {% data variables.enterprise.prodname_managed_users %} 创建其用户帐户拥有的存储库，则他们只能拥有专用存储库，并且只能邀请其他企业成员协作处理其用户拥有的存储库。
 * {% data reusables.enterprise-accounts.emu-forks %}
-* Only private and internal repositories can be created in organizations owned by an {% data variables.enterprise.prodname_emu_enterprise %}, depending on organization and enterprise repository visibility settings. 
-* {% data variables.enterprise.prodname_managed_users_caps %} are limited in their use of {% data variables.product.prodname_pages %}. For more information, see "[About {% data variables.product.prodname_pages %}](/pages/getting-started-with-github-pages/about-github-pages#limitations-for-enterprise-managed-users)."
+* 只能在 {% data variables.enterprise.prodname_emu_enterprise %} 拥有的组织中创建专用和内部存储库，具体取决于组织和企业存储库可见性设置。 
+* {% data variables.enterprise.prodname_managed_users_caps %} 在使用 {% data variables.product.prodname_pages %} 方面受到限制。 有关详细信息，请参阅“[关于 {% data variables.product.prodname_pages %}](/pages/getting-started-with-github-pages/about-github-pages#limitations-for-enterprise-managed-users)”。
 * {% data reusables.copilot.emus-cannot-use-copilot %}
 
-## Getting started with {% data variables.product.prodname_emus %}
+## {% data variables.product.prodname_emus %} 入门
 
-Before your developers can use {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_emus %}, you must follow a series of configuration steps.
+必须先执行一系列配置步骤，开发人员才能将 {% data variables.product.prodname_ghe_cloud %} 与 {% data variables.product.prodname_emus %} 一起使用。
 
-1. To use {% data variables.product.prodname_emus %}, you need a separate type of enterprise account with {% data variables.product.prodname_emus %} enabled. To try out {% data variables.product.prodname_emus %} or to discuss options for migrating from your existing enterprise, please contact [{% data variables.product.prodname_dotcom %}'s Sales team](https://enterprise.github.com/contact).
+1. 若要使用 {% data variables.product.prodname_emus %}，需要启用了 {% data variables.product.prodname_emus %} 的单独企业帐户类型。 若要试用 {% data variables.product.prodname_emus %} 或讨论从现有企业迁移的选项，请联系 [{% data variables.product.prodname_dotcom %} 的销售团队](https://enterprise.github.com/contact)。
   
-  Your contact on the GitHub Sales team will work with you to create your new {% data variables.enterprise.prodname_emu_enterprise %}. You'll need to provide the email address for the user who will set up your enterprise and a short code that will be used as the suffix for your enterprise members' usernames. {% data reusables.enterprise-accounts.emu-shortcode %} For more information, see "[Usernames and profile information](#usernames-and-profile-information)."
+  GitHub 销售团队的联系人将与你合作创建新的 {% data variables.enterprise.prodname_emu_enterprise %}。 你需要为将设置企业的用户提供电子邮件地址，以及一个短代码，该代码将用作企业成员用户名的后缀。 {% data reusables.enterprise-accounts.emu-shortcode %} 有关详细信息，请参阅“[用户名和个人资料信息](#usernames-and-profile-information)”。
   
-2. After we create your enterprise, you will receive an email from {% data variables.product.prodname_dotcom %} inviting you to choose a password for your enterprise's setup user, which will be the first owner in the enterprise. Use an incognito or private browsing window when setting the password. The setup user is only used to configure single sign-on and SCIM provisioning integration for the enterprise. It will no longer have access to administer the enterprise account once SSO is successfully enabled. The setup user's username is your enterprise's shortcode suffixed with `_admin`. 
+2. 创建企业后，你将收到来自 {% data variables.product.prodname_dotcom %} 的电子邮件，邀请你为企业的设置用户选择密码，该用户将是企业的第一个所有者。 设置密码时，请使用隐身或专用浏览窗口。 设置用户仅用于为企业配置单一登录和 SCIM 预配集成。 成功启用 SSO 后，设置用户将不再有权管理企业帐户。 设置用户的用户名是企业的短代码，后缀为 `_admin`。 
   
   {% note %}
   
@@ -107,54 +112,53 @@ Before your developers can use {% data variables.product.prodname_ghe_cloud %} w
   
   {% endnote %}
   
-3. After you log in as the setup user, we recommend enabling two-factor authentication. For more information, see "[Configuring two-factor authentication](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication)."
+3. 你以设置用户身份登录后，我们建议你启用双因素身份验证。 有关详细信息，请参阅“[配置双因素身份验证](/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication)”。
 
-1. To get started, configure {% ifversion oidc-for-emu %}how your members will authenticate. If you are using Azure Active Directory as your identity provider, you can choose between OpenID Connect (OIDC) and Security Assertion Markup Language (SAML). We recommend OIDC, which includes support for Conditional Access Policies (CAP). If you require multiple enterprises with {% data variables.enterprise.prodname_managed_users %} provisioned from one tenant, you must use SAML for each enterprise after the first. If you are using Okta as your identity provider, you can use SAML to authenticate your members.{% else %}SAML SSO for your enterprise. For more information, see "[Configuring SAML single sign-on for Enterprise Managed Users](/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users)."{% endif %}
+1. 首先，请配置 {% ifversion oidc-for-emu %} 成员如何进行身份验证。 如果使用 Azure Active Directory 作为标识提供者，可以在 OpenID Connect (OIDC) 和安全断言标记语言 (SAML) 之间进行选择。 建议使用 OIDC，其中包括对条件访问策略 (CAP) 的支持。 如果需要从一个租户预配具有 {% data variables.enterprise.prodname_managed_users %} 的多个企业，则必须在第一个之后为每个企业使用 SAML。 如果使用 Okta 作为标识提供者，则可以使用 SAML 对成员进行身份验证。{% else %}SAML SSO 适用于企业。 有关详细信息，请参阅“[为 Enterprise 托管用户配置 SAML 单一登录](/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users)”。{% endif %}
   
   {% ifversion oidc-for-emu %}
   
-  To get started, read the guide for your chosen authentication method.
+  首先，请阅读所选身份验证方法的指南。
   
-    - "[Configuring OIDC for Enterprise Managed Users](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-oidc-for-enterprise-managed-users)."
-    - "[Configuring SAML single sign-on for Enterprise Managed Users](/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users)."
+    - “[为企业托管用户配置 OIDC](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-oidc-for-enterprise-managed-users)”。
+    - “[为企业托管用户配置 SAML 单一登录](/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/configuring-saml-single-sign-on-for-enterprise-managed-users)”。
   
   {% endif %}
   
-4. Once you have configured SSO, you can configure SCIM provisioning. SCIM is how your identity provider will create {% data variables.enterprise.prodname_managed_users %} on {% data variables.product.prodname_dotcom_the_website %}. For more information on configuring SCIM provisioning, see "[Configuring SCIM provisioning for enterprise managed users](/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/configuring-scim-provisioning-for-enterprise-managed-users)."
+4. 配置 SSO 后，可以配置 SCIM 预配。 SCIM 是标识提供者在 {% data variables.product.prodname_dotcom_the_website %} 上创建 {% data variables.enterprise.prodname_managed_users %} 的方式。 有关配置 SCIM 预配的详细信息，请参阅“[为企业托管用户配置 SCIM 预配](/admin/identity-and-access-management/managing-iam-with-enterprise-managed-users/configuring-scim-provisioning-for-enterprise-managed-users)”。
   
-5. Once authentication and provisioning are configured, you can start managing organization membership for your {% data variables.enterprise.prodname_managed_users %} by synchronizing IdP groups with teams. For more information, see "[Managing team memberships with identity provider groups](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups)."
+5. 配置身份验证和预配后，可以通过将 IdP 组与团队同步来开始管理 {% data variables.enterprise.prodname_managed_users %} 的组织成员身份。 有关详细信息，请参阅[使用标识提供者组管理团队成员身份](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups)。
 
-If members of your enterprise must use one workstation to contribute to repositories on {% data variables.location.product_location %} from both a {% data variables.enterprise.prodname_managed_user %} and a personal account, you can provide support. For more information, see "[Supporting developers with multiple user accounts on {% data variables.product.prodname_dotcom_the_website %}](#supporting-developers-with-multiple-user-accounts-on-githubcom)."
+如果企业成员必须使用一个工作站同时从 {% data variables.enterprise.prodname_managed_user %} 和个人帐户参与 {% data variables.location.product_location %} 上的存储库，则可以提供支持。 有关详细信息，请参阅“[支持在 {% data variables.product.prodname_dotcom_the_website %} 上具有多个用户帐户的开发人员](#supporting-developers-with-multiple-user-accounts-on-githubcom)”。
 
-## Authenticating as a {% data variables.enterprise.prodname_managed_user %}
+## 作为 {% data variables.enterprise.prodname_managed_user %} 进行身份验证
 
-{% data variables.enterprise.prodname_managed_users_caps %} must authenticate through their identity provider. To authenticate, a {% data variables.enterprise.prodname_managed_user %} can visit their IdP application portal or use the login page on {% data variables.product.prodname_dotcom_the_website %}. 
+{% data variables.enterprise.prodname_managed_users_caps %} 必须通过其标识提供者进行身份验证。 若要进行身份验证，{% data variables.enterprise.prodname_managed_user %} 可以访问其 IdP 应用程序门户或使用 {% data variables.product.prodname_dotcom_the_website %} 上的登录页。 
 
-By default, when an unauthenticated user attempts to access an enterprise that uses {% data variables.product.prodname_emus %}, {% data variables.product.company_short %} displays a 404 error. An enterprise owner can optionally enable automatic redirects to single sign-on (SSO) instead of the 404. For more information, see "[Enforcing policies for security settings in your enterprise](/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-sso-for-unauthenticated-users)."
+默认情况下，当未经身份验证的用户尝试访问使用 {% data variables.product.prodname_emus %} 的企业时，{% data variables.product.company_short %} 会显示 404 错误。 企业所有者可以选择性地启用自动重定向到单一登录 (SSO)，而不会显示 404。 有关详细信息，请参阅“[为企业中的安全设置强制实施策略](/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-sso-for-unauthenticated-users)”。
 
-{% data reusables.enterprise-accounts.about-recovery-codes %} For more information, see "[Managing recovery codes for your enterprise](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise)."
+{% data reusables.enterprise-accounts.about-recovery-codes %} 有关详细信息，请参阅“[管理企业的恢复代码](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise)”。
 
-### Authenticating as a {% data variables.enterprise.prodname_managed_user %} via {% data variables.product.prodname_dotcom_the_website %}
+### 通过 {% data variables.product.prodname_dotcom_the_website %} 作为 {% data variables.enterprise.prodname_managed_user %} 进行身份验证
 
-1. Navigate to [https://github.com/login](https://github.com/login).
-1. In the "Username or email address" text box, enter your username including the underscore and short code.
-  ![Screenshot showing login form](/assets/images/help/enterprises/emu-login-username.png)
-  When the form recognizes your username, the form will update. You do not need to enter your password on this form.
-1. To continue to your identity provider, click **Sign in with your identity provider**.
-  ![Screenshot showing "Sign in with your identity provider" button](/assets/images/help/enterprises/emu-login-submit.png)
+1. 导航到 [https://github.com/login](https://github.com/login)。
+1. 在“用户名或电子邮件地址”文本框中，输入用户名，包括下划线和短代码。
+  ![显示登录表单的屏幕截图](/assets/images/help/enterprises/emu-login-username.png) 表单识别用户名后将更新。 无需在此表单中输入密码。
+1. 若要继续访问标识提供者，请单击“使用标识提供者登录”。
+  ![显示“使用标识提供者登录”按钮的屏幕截图](/assets/images/help/enterprises/emu-login-submit.png)
 
-## Usernames and profile information
+## 用户名和个人资料信息
 
-{% data variables.product.product_name %} automatically creates a username for each person by normalizing an identifier provided by your IdP. For more information, see "[Username considerations for external authentication](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication)."
+{% data variables.product.product_name %} 通过规范 IdP 提供的标识符自动为每个用户创建用户名。 有关详细信息，请参阅“[外部身份验证的用户名注意事项](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication)”。
 
-A conflict may occur when provisioning users if the unique parts of the identifier provided by your IdP are removed during normalization. If you're unable to provision a user due to a username conflict, you should modify the username provided by your IdP. For more information, see "[Resolving username problems](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication#resolving-username-problems)."
+如果在规范化期间删除 IdP 提供的标识符的唯一部分，则预配用户时可能会发生冲突。 如果由于用户名冲突而无法预配用户，则应修改 IdP 提供的用户名。 有关详细信息，请参阅“[解决用户名问题](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication#resolving-username-problems)”。
 
 {% data reusables.enterprise-accounts.emu-only-emails-within-the-enterprise-can-conflict %} 
 
-The profile name and email address of a {% data variables.enterprise.prodname_managed_user %} is also provided by the IdP. {% data variables.enterprise.prodname_managed_users_caps %} cannot change their profile name or email address on {% data variables.product.prodname_dotcom %}, and the IdP can only provide a single email address.
+IdP 还提供了 {% data variables.enterprise.prodname_managed_user %} 的个人资料名称和电子邮件地址。 {% data variables.enterprise.prodname_managed_users_caps %} 无法更改 {% data variables.product.prodname_dotcom %} 上的个人资料名称或电子邮件地址，并且 IdP 仅可提供单个电子邮件地址。
 
-## Supporting developers with multiple user accounts on {% data variables.location.product_location %}
+## 支持在 {% data variables.location.product_location %} 上具有多个用户帐户的开发人员
 
-People on your team may need to contribute to resources on {% data variables.location.product_location %} that are outside of your {% data variables.enterprise.prodname_emu_enterprise %}. For example, you may wish to maintain a separate enterprise for your company's open source projects. Because a {% data variables.enterprise.prodname_managed_user %} cannot contribute to public resources, users will need to maintain a separate, personal account for this work.
+团队中的人员可能需要在 {% data variables.location.product_location %} 上参与 {% data variables.enterprise.prodname_emu_enterprise %} 外部的资源。 例如，你可能希望为公司的开放源代码项目维护单独的企业。 由于 {% data variables.enterprise.prodname_managed_user %} 无法参与公共资源，因此用户需要为此工作维护单独的个人帐户。
 
-People who must contribute from two user accounts on {% data variables.location.product_location %} using one workstation can configure Git to simplify the process. For more information, see "[Managing multiple accounts](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/managing-multiple-accounts)."
+必须使用一个工作站在 {% data variables.location.product_location %} 上从两个用户帐户进行参与的人员可以配置 Git 以简化该过程。 有关详细信息，请参阅“[管理多个帐户](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/managing-multiple-accounts)”。

translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints.md

@@ -1,6 +1,6 @@
 ---
-title: GitHub's SSH key fingerprints
-intro: Public key fingerprints can be used to validate a connection to a remote server.
+title: GitHub 的 SSH 密钥指纹
+intro: 公钥指纹可用于验证与远程服务器的连接。
 redirect_from:
   - /articles/what-are-github-s-ssh-key-fingerprints
   - /articles/github-s-ssh-key-fingerprints
@@ -14,15 +14,21 @@ topics:
   - Identity
   - Access management
 shortTitle: SSH key fingerprints
+ms.openlocfilehash: 153c1b4ac8be917cf111fe8998ac8df8bd1bc7ed
+ms.sourcegitcommit: 8c8d8598beeaa4f83b3f30cb160a5288fdb4ef9a
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 12/02/2022
+ms.locfileid: '148190328'
 ---
-These are {% data variables.product.prodname_dotcom %}'s public key fingerprints:
+以下是 {% data variables.product.prodname_dotcom %} 的公钥指纹：
 
 - `SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8` (RSA)
-- `SHA256:br9IjFspm1vxR3iA35FWE+4VTyz1hYVLIE2t1/CeyWQ` (DSA - deprecated)
+- `SHA256:br9IjFspm1vxR3iA35FWE+4VTyz1hYVLIE2t1/CeyWQ`（DSA - 已弃用）
 - `SHA256:p2QAMXNIC1TJYWeIOttrVc98/R1BUFWu3/LiyKgUfQM` (ECDSA)
 - `SHA256:+DiY3wvvV6TuJJhbpZisF/zLDA0zPMSvHdkr4UvCOqU` (Ed25519)
 
-You can add the following ssh key entries to your `~.ssh/known_hosts` file to avoid manually verifying {% data variables.product.prodname_dotcom %} hosts:
+可以将以下 ssh 密钥条目添加到 `~.ssh/known_hosts` 文件中，以避免手动验证 {% data variables.product.prodname_dotcom %} 主机：
 
 ```text
 github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl
@@ -30,4 +36,4 @@ github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAA
 github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
 ```
 
-For more information, see "[Get {% data variables.product.prodname_dotcom %} Meta Information](/rest/meta#get-github-meta-information)."
+有关详细信息，请参阅“[获取 {% data variables.product.prodname_dotcom %} 元信息](/rest/meta#get-github-meta-information)”。

translations/zh-CN/content/authentication/troubleshooting-ssh/using-ssh-over-the-https-port.md

@@ -1,6 +1,6 @@
 ---
-title: Using SSH over the HTTPS port
-intro: 'Sometimes, firewalls refuse to allow SSH connections entirely.  If using [HTTPS cloning with credential caching](/github/getting-started-with-github/caching-your-github-credentials-in-git) is not an option, you can attempt to clone using an SSH connection made over the HTTPS port.  Most firewall rules should allow this, but proxy servers may interfere.'
+title: 在 HTTPS 端口使用 SSH
+intro: '有时，防火墙会完全拒绝允许 SSH 连接。  如果无法选择使用[具有凭据缓存的 HTTPS 克隆](/github/getting-started-with-github/caching-your-github-credentials-in-git)，可以尝试使用通过 HTTPS 端口建立的 SSH 连接克隆。  大多数防火墙规则应允许此操作，但代理服务器可能会干扰。'
 redirect_from:
   - /articles/using-ssh-over-the-https-port
   - /github/authenticating-to-github/using-ssh-over-the-https-port
@@ -11,14 +11,20 @@ versions:
 topics:
   - SSH
 shortTitle: Use SSH over HTTPS port
+ms.openlocfilehash: 24a56147129e68c674eaf8dc733a203e2b03348a
+ms.sourcegitcommit: 8c8d8598beeaa4f83b3f30cb160a5288fdb4ef9a
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 12/02/2022
+ms.locfileid: '148190320'
 ---
 {% tip %}
 
-**{% data variables.product.prodname_ghe_server %} users**: Accessing {% data variables.product.prodname_ghe_server %} via SSH over the HTTPS port is currently not supported.
+{% data variables.product.prodname_ghe_server %} 用户：目前不支持经 SSH 通过 HTTPS 端口访问 {% data variables.product.prodname_ghe_server %}。
 
 {% endtip %}
 
-To test if SSH over the HTTPS port is possible, run this SSH command:
+要测试通过 HTTPS 端口的 SSH 是否可行，请运行以下 SSH 命令：
 
 ```shell
 $ ssh -T -p 443 git@ssh.github.com
@@ -28,23 +34,23 @@ $ ssh -T -p 443 git@ssh.github.com
 
 {% note %}
 
-**Note**: The hostname for port 443 is `ssh.{% data variables.command_line.backticks %}`, not `{% data variables.command_line.backticks %}`.
+注意：端口 443 的主机名为 `ssh.{% data variables.command_line.backticks %}`，而不是 `{% data variables.command_line.backticks %}`。
 
 {% endnote %}
 
-If that worked, great! If not, you may need to [follow our troubleshooting guide](/articles/error-permission-denied-publickey).
+如果这样有效，万事大吉！ 否则，可能需要[遵循我们的故障排除指南](/articles/error-permission-denied-publickey)。
 
-Now, to clone the repository, you can run the following command:
+现在，若要克隆存储库，可以运行以下命令：
 
 ```
 $ git clone ssh://git@ssh.{% data variables.command_line.codeblock %}:443/YOUR-USERNAME/YOUR-REPOSITORY.git
 ```
 
-## Enabling SSH connections over HTTPS
+## 启用通过 HTTPS 的 SSH 连接
 
-If you are able to SSH into `git@ssh.{% data variables.command_line.backticks %}` over port 443, you can override your SSH settings to force any connection to {% data variables.location.product_location %} to run through that server and port.
+如果你能在端口 443 上通过 SSH 连接到 `git@ssh.{% data variables.command_line.backticks %}`，则可覆盖你的 SSH 设置来强制与 {% data variables.location.product_location %} 的任何连接均通过该服务器和端口运行。
 
-To set this in your SSH configuration file, edit the file at `~/.ssh/config`, and add this section:
+要在 SSH 配置文件中设置此行为，请在 `~/.ssh/config` 编辑该文件，并添加以下部分：
 
 ```
 Host {% data variables.command_line.codeblock %}
@@ -53,7 +59,7 @@ Port 443
 User git
 ```
 
-You can test that this works by connecting once more to {% data variables.location.product_location %}:
+你可以通过再次连接到 {% data variables.location.product_location %} 来测试这是否有效：
 
 ```shell
 $ ssh -T git@{% data variables.command_line.codeblock %}
@@ -61,10 +67,9 @@ $ ssh -T git@{% data variables.command_line.codeblock %}
 > provide shell access.
 ```
 
-## Updating known hosts
+## 更新已知主机
 
-The first time you interact with GitHub after switching to port 443, you may get a warning message
-that the host wasn't found in `known_hosts`, or that it was found by another name.
+在切换到端口 443 后第一次与 GitHub 交互时，你可能会收到一条警告消息，指出在 `known_hosts` 中找不到主机，或者该主机由其他名称找到。
 
 ```ShellSession
 > The authenticity of host '[ssh.github.com]:443 ([140.82.112.36]:443)' can't be established.
@@ -74,5 +79,4 @@ that the host wasn't found in `known_hosts`, or that it was found by another nam
 > Are you sure you want to continue connecting (yes/no/[fingerprint])?
 ```
 
-It is safe to answer "yes" to this question, assuming that the SSH fingerprint matches
-one of GitHub's published fingerprints. For the list of fingerprints, see "[Github's SSH key fingerprints](/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints)."
+假设 SSH 指纹与 GitHub 发布的指纹之一匹配，那么可以针对这个问题安全地回答“是”。 有关指纹列表，请参阅“[Github 的 SSH 密钥指纹](/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints)”。

translations/zh-CN/content/get-started/quickstart/contributing-to-projects.md

@@ -16,9 +16,11 @@ topics:
 
 ## About forking
 
-After using GitHub by yourself for a while, you may find yourself wanting to contribute to someone else’s project. Or maybe you’d like to use someone’s project as the starting point for your own. This process is known as forking.
+If you want to contribute to someone else's project but don't have write access to the repository, you can use a "fork and pull request" workflow. 
 
-Creating a "fork" is producing a personal copy of someone else's project. Forks act as a sort of bridge between the original repository and your personal copy. You can submit pull requests to help make other people's projects better by offering your changes up to the original project. Forking is at the core of social coding at GitHub. For more information, see "[Fork a repo](/get-started/quickstart/fork-a-repo)."
+{% data reusables.repositories.fork-definition-long %}
+
+You can contribute by submitting pull requests from your fork to the upstream repository. For more information, see "[Fork a repo](/get-started/quickstart/fork-a-repo)."
 
 ## Forking a repository
 
@@ -29,7 +31,7 @@ This tutorial uses [the Spoon-Knife project](https://github.com/octocat/Spoon-Kn
    ![Fork button](/assets/images/help/repository/fork_button.png){% ifversion fpt or ghec or ghes > 3.5 or ghae > 3.5 %}
 3. Select an owner for the forked repository.
    ![Create a new fork page with owner dropdown emphasized](/assets/images/help/repository/fork-choose-owner.png)
-4. By default, forks are named the same as their parent repositories. You can change the name of the fork to distinguish it further.
+4. By default, forks are named the same as their upstream repositories. You can change the name of the fork to distinguish it further. 
    ![Create a new fork page with repository name field emphasized](/assets/images/help/repository/fork-choose-repo-name.png)
 5. Optionally, add a description of your fork.
    ![Create a new fork page with description field emphasized](/assets/images/help/repository/fork-description.png)
@@ -40,7 +42,7 @@ This tutorial uses [the Spoon-Knife project](https://github.com/octocat/Spoon-Kn
 
 {% note %}
 
-**Note:** If you want to copy additional branches from the parent repository, you can do so from the **Branches** page. For more information, see "[Creating and deleting branches within your repository](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository)."
+**Note:** If you want to copy additional branches from the upstream repository, you can do so from the **Branches** page. For more information, see "[Creating and deleting branches within your repository](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository)."
 
 {% endnote %}
 {% endif %}
@@ -192,7 +194,7 @@ To do so, head on over to the repository on {% data variables.product.product_na
 
 ## Managing feedback
 
-Pull Requests are an area for discussion. In this case, the Octocat is very busy, and probably won't merge your changes. For other projects, don't be offended if the project owner rejects your pull request, or asks for more information on why it's been made. It may even be that the project owner chooses not to merge your pull request, and that's totally okay. Your copy will exist in infamy on the Internet. And who knows--maybe someone you've never met will find your changes much more valuable than the original project.
+Pull Requests are an area for discussion. In this case, the Octocat is very busy, and probably won't merge your changes. For other projects, don't be offended if the project owner rejects your pull request, or asks for more information on why it's been made. It may even be that the project owner chooses not to merge your pull request, and that's totally okay. Your changes exist in your fork. And who knows--maybe someone you've never met will find your changes much more valuable than the original project.
 
 ## Finding projects
 

translations/zh-CN/content/get-started/quickstart/fork-a-repo.md

@@ -6,7 +6,7 @@ redirect_from:
   - /articles/fork-a-repo
   - /github/getting-started-with-github/fork-a-repo
   - /github/getting-started-with-github/quickstart/fork-a-repo
-intro: A fork is a copy of a repository. Forking a repository allows you to freely experiment with changes without affecting the original project.
+intro: A fork is a new repository that shares code and visibility settings with the original “upstream” repository.
 permissions: '{% data reusables.enterprise-accounts.emu-permission-fork %}'
 versions:
   fpt: '*'
@@ -21,7 +21,7 @@ topics:
 ---
 ## About forks
 
-Most commonly, forks are used to either propose changes to someone else's project to which you do not have write access, or to use someone else's project as a starting point for your own idea. You can fork a repository to create a copy of the repository and make changes without affecting the upstream repository. For more information, see "[Working with forks](/github/collaborating-with-issues-and-pull-requests/working-with-forks)."
+{% data reusables.repositories.fork-definition-long %}  For more information, see "[Working with forks](/github/collaborating-with-issues-and-pull-requests/working-with-forks)."
 
 ### Propose changes to someone else's project
 
@@ -47,20 +47,20 @@ When creating your public repository from a fork of someone's project, make sure
 
 ## Prerequisites
 
-If you have not yet, you should first [set up Git](/articles/set-up-git). Don't forget to [set up authentication to {% data variables.location.product_location %} from Git](/articles/set-up-git#next-steps-authenticating-with-github-from-git) as well.
+If you haven't yet, first set up Git and authentication with {% data variables.location.product_location %} from Git. For more information, see "[Set up Git](/articles/set-up-git)."
 
 ## Forking a repository
 
 {% webui %}
 
-You might fork a project to propose changes to the upstream, or original, repository. In this case, it's good practice to regularly sync your fork with the upstream repository. To do this, you'll need to use Git on the command line. You can practice setting the upstream repository using the same [octocat/Spoon-Knife](https://github.com/octocat/Spoon-Knife) repository you just forked.
+You might fork a project to propose changes to the upstream repository. In this case, it's good practice to regularly sync your fork with the upstream repository. To do this, you'll need to use Git on the command line. You can practice setting the upstream repository using the same [octocat/Spoon-Knife](https://github.com/octocat/Spoon-Knife) repository you just forked.
 
 1. On {% ifversion fpt or ghec %}{% data variables.product.prodname_dotcom_the_website %}{% else %}{% data variables.location.product_location %}{% endif %}, navigate to the [octocat/Spoon-Knife](https://github.com/octocat/Spoon-Knife) repository.
 2. In the top-right corner of the page, click **Fork**.
    ![Fork button](/assets/images/help/repository/fork_button.png){% ifversion fpt or ghec or ghes > 3.5 or ghae > 3.5 %}
 3. Select an owner for the forked repository.
    ![Create a new fork page with owner dropdown emphasized](/assets/images/help/repository/fork-choose-owner.png)
-4. By default, forks are named the same as their parent repositories. You can change the name of the fork to distinguish it further. 
+4. By default, forks are named the same as their upstream repositories. You can change the name of the fork to distinguish it further. 
    ![Create a new fork page with repository name field emphasized](/assets/images/help/repository/fork-choose-repo-name.png)
 5. Optionally, add a description of your fork.
    ![Create a new fork page with description field emphasized](/assets/images/help/repository/fork-description.png)
@@ -72,7 +72,7 @@ You might fork a project to propose changes to the upstream, or original, reposi
 
 {% note %}
 
-**Note:** If you want to copy additional branches from the parent repository, you can do so from the **Branches** page. For more information, see "[Creating and deleting branches within your repository](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository)."{% endnote %}{% endif %}
+**Note:** If you want to copy additional branches from the upstream repository, you can do so from the **Branches** page. For more information, see "[Creating and deleting branches within your repository](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository)."{% endnote %}{% endif %}
 
 {% endwebui %}
 
@@ -146,9 +146,9 @@ gh repo fork REPOSITORY --clone=true
 
 {% enddesktop %}
 
-## Configuring Git to sync your fork with the original repository
+## Configuring Git to sync your fork with the upstream repository
 
-When you fork a project in order to propose changes to the original repository, you can configure Git to pull changes from the original, or upstream, repository into the local clone of your fork.
+When you fork a project in order to propose changes to the upstream repository, you can configure Git to pull changes from the upstream repository into the local clone of your fork.
 
 {% webui %}
 
@@ -172,7 +172,7 @@ When you fork a project in order to propose changes to the original repository,
   $ git remote add upstream https://{% data variables.command_line.codeblock %}/ORIGINAL_OWNER/Spoon-Knife.git
   ```
 
-7. To verify the new upstream repository you have specified for your fork, type `git remote -v` again. You should see the URL for your fork as `origin`, and the URL for the original repository as `upstream`.
+7. To verify the new upstream repository you have specified for your fork, type `git remote -v` again. You should see the URL for your fork as `origin`, and the URL for the upstream repository as `upstream`.
   ```shell
   $ git remote -v
   > origin    https://{% data variables.command_line.codeblock %}/YOUR_USERNAME/YOUR_FORK.git (fetch)
@@ -208,7 +208,7 @@ gh repo fork REPOSITORY --remote-name "main-remote-repo"
 You can make any changes to a fork, including:
 
 - **Creating branches:** [*Branches*](/articles/creating-and-deleting-branches-within-your-repository/) allow you to build new features or test out ideas without putting your main project at risk.
-- **Opening pull requests:** If you are hoping to contribute back to the original repository, you can send a request to the original author to pull your fork into their repository by submitting a [pull request](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests).
+- **Opening pull requests:** If you want to contribute back to the upstream repository, you can send a request to the original author to pull your fork into their repository by submitting a [pull request](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests).
 
 ## Find another repository to fork
 Fork a repository to start contributing to a project. {% data reusables.repositories.you-can-fork %}

translations/zh-CN/content/pull-requests/collaborating-with-pull-requests/working-with-forks/what-happens-to-forks-when-a-repository-is-deleted-or-changes-visibility.md

@@ -15,12 +15,12 @@ versions:
 topics:
   - Pull requests
 shortTitle: Deleted or changes visibility
-ms.openlocfilehash: d52215a7406edc84bc71022517f848faa9e48600
-ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a
+ms.openlocfilehash: 95296f33d9163cd1171481386efd0a2351095c39
+ms.sourcegitcommit: 468a0323fa636517985a3e08e2772dbb0545cab8
 ms.translationtype: HT
 ms.contentlocale: zh-CN
-ms.lasthandoff: 09/12/2022
-ms.locfileid: '147886796'
+ms.lasthandoff: 12/03/2022
+ms.locfileid: '148191354'
 ---
 {% data reusables.repositories.deleted_forks_from_private_repositories_warning %}
 
@@ -32,7 +32,7 @@ ms.locfileid: '147886796'
 
 ## 删除公共仓库
 
-当您删除公共仓库时，将选择现有的公共复刻之一作为新的父仓库。 所有其他仓库均从这一新的父仓库复刻，并且后续的拉取请求都转到这一新的父仓库。
+当你删除公共仓库时，将选择现有的公共分支之一作为新的上游存储库。 所有其他存储库均从这一新的上游存储库创建分支，并且后续的拉取请求都转到这一新的上游存储库。
 
 {% endif %}
 
@@ -44,9 +44,9 @@ ms.locfileid: '147886796'
 
 ## 将公共仓库更改为私有仓库
 
-如果将公共仓库设为私有，其公共复刻将拆分到新网络中。 与删除公共仓库一样，选择现有的公共分支之一作为新的父仓库，并且所有其他仓库都从这个新的父仓库中复刻。 后续的拉取请求都转到这一新的父仓库。
+如果将公共仓库设为私有，其公共复刻将拆分到新网络中。 与删除公共存储库一样，选择现有的公共分支之一作为新的上游存储库，并且所有其他存储库都从这个新的上游存储库中创建分支。 后续的拉取请求都转到这一新的上游存储库。
 
-换句话说，即使将父仓库设为私有后，公共仓库的复刻也将在其各自的仓库网络中保持公开。 这样复刻所有者便可继续工作和协作，而不会中断。 如果公共分支没有通过这种方式移动到单独的网络中，则这些分支的所有者将需要获得适当的[访问权限](/articles/access-permissions-on-github)以从（现在私有的）父存储库中拉取更改并提交拉取请求 - 即使它们以前不需要这些权限。
+换句话说，即使将上游存储库设为专用后，公共存储库的分支也将在其各自的存储库网络中保持公开。 这样复刻所有者便可继续工作和协作，而不会中断。 如果公共分支没有通过这种方式移动到单独的网络中，这些分支的所有者将需要获得适当的[访问权限](/articles/access-permissions-on-github)以从（现在专用的）上游存储库中拉取更改并提交拉取请求 - 即使它们以前不需要这些权限。
 
 {% ifversion ghes or ghae %} 如果公共存储库启用了匿名 Git 读取权限并且该存储库设为私有，则所有存储库的分支都将失去匿名 Git 读取权限并恢复为默认的禁用设置。 如果将复刻的仓库设为公共，则仓库管理员可以重新启用 Git 读取权限。 有关详细信息，请参阅“[为存储库启用匿名 Git 读取访问](/enterprise/user/articles/enabling-anonymous-git-read-access-for-a-repository)”。
 {% endif %}
@@ -57,7 +57,7 @@ ms.locfileid: '147886796'
 
 ## 将私有仓库更改为公共仓库
 
-如果将私有仓库设为公共，则其每个私有复刻都将变为独立的私有仓库并且成为自己新仓库网络的父仓库。 私有复刻绝不会自动设为公共，因为它们可能包含不应公开显示的敏感提交。
+如果将专用存储库设为公共，则其每个专用分支都将变为独立的专用存储库并且成为自己新的存储库网络的上游存储库。 私有复刻绝不会自动设为公共，因为它们可能包含不应公开显示的敏感提交。
 
 ### 删除公共仓库
 

translations/zh-CN/content/repositories/viewing-activity-and-data-for-your-repository/understanding-connections-between-repositories.md

@@ -1,6 +1,6 @@
 ---
-title: 了解仓库之间的连接
-intro: 通过查看存储库的网络和分叉以及依赖于存储库的项目，您可以更好地了解存储库之间存在的连接。
+title: Understanding connections between repositories
+intro: Use the network graph and forks list to understand fork networks.
 product: '{% data reusables.gated-features.repository-insights %}'
 redirect_from:
   - /articles/viewing-a-repository-s-network
@@ -22,59 +22,57 @@ versions:
 topics:
   - Repositories
 shortTitle: Connections between repositories
-ms.openlocfilehash: f1b92a62d0acf9f31a16ce1b7c57850b87c1bf9c
-ms.sourcegitcommit: 76b840f45ba85fb79a7f0c1eb43bc663b3eadf2b
-ms.translationtype: HT
-ms.contentlocale: zh-CN
-ms.lasthandoff: 09/12/2022
-ms.locfileid: '147060064'
 ---
-## 查看仓库的网络
 
-网络图显示整个仓库网络的分支历史记录，包括根仓库的分支和包含网络独有提交的复刻的分支。
+## Viewing a repository's network
 
-![仓库网络图](/assets/images/help/graphs/repo_network_graph.png)
+The network graph displays the branch history of the entire repository network, including fork branches. This graph is a timeline of the most recent commits, and shows up to 100 of the most recently pushed-to branches. The first row references the date and the first column references the branch owner. Use arrow keys or other keyboard shortcuts to more easily navigate the graph. They are provided in the “Keyboard shortcuts available” pop up under the graph.
+
+
+![Repository network graph](/assets/images/help/graphs/repo_network_graph.png)
 
 {% tip %}
 
-提示：若要查看较旧的分支，请在图中单击并拖动。
+**Tip:** To see older branches, click and drag within the graph.
 
 {% endtip %}
 
-## 访问网络图
+## Accessing the network graph
 
-{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.accessing-repository-graphs %}
-3. 在左侧边栏中，单击“网络”。
-![“网络”选项卡](/assets/images/help/graphs/network_tab.png)
+{% data reusables.repositories.navigate-to-repo %}
+{% data reusables.repositories.accessing-repository-graphs %}
+3. In the left sidebar, click **Network**.
+![Network tab](/assets/images/help/graphs/network_tab.png)
 
-## 列出仓库的复刻
+## Listing the forks of a repository
 
-成员图显示仓库的所有复刻。
+The Members graph displays all the forks of a repository.
 
-复刻按仓库复刻者用户名的字母顺序列出。 您可以单击要重定向到用户 {% data variables.product.product_name %} 个人资料页面的用户名，或者单击要重定向到仓库特定复刻的复刻名称。
+Forks are listed alphabetically by the organization or username of the person who forked the repository. You can click on the organization or username to be redirected to the organization or user's {% data variables.product.product_name %} profile page or click on the fork name to be redirected to the specific fork of the repository.
 
 {% ifversion fpt or ghec %}
 
-![仓库成员图](/assets/images/help/graphs/repo_forks_graph_dotcom.png)
+![Repository members graph](/assets/images/help/graphs/repo_forks_graph_dotcom.png)
 
 {% else %}
 
-![仓库成员图](/assets/images/help/graphs/repo_members_graph.png)
+![Repository members graph](/assets/images/help/graphs/repo_members_graph.png)
 
 {% endif %}
 
-### 访问成员图
+### Accessing the Members graph
 
-{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.accessing-repository-graphs %}
-3. 在左侧边栏中，单击“分支”。
-![“分支”选项卡](/assets/images/help/graphs/graphs-sidebar-forks-tab.png)
+{% data reusables.repositories.navigate-to-repo %}
+{% data reusables.repositories.accessing-repository-graphs %}
+3. In the left sidebar, click **Forks**.
+![Forks tab](/assets/images/help/graphs/graphs-sidebar-forks-tab.png)
 
-## 查看仓库的依赖项
+## Viewing the dependencies of a repository
 
-您可以使用依赖关系图来浏览仓库所依赖的代码。
+You can use the dependency graph to explore the code your repository depends on.
 
-几乎所有软件都依赖于其他开发者开发和维护的代码，常常被称为供应链。 例如，实用程序、库和框架。 这些依赖项是代码不可分割的一部分，其中的任何错误或漏洞都可能影响您的代码。 审查和维护这些依赖项非常重要。
+Almost all software relies on code developed and maintained by other developers, often known as a supply chain. For example, utilities, libraries, and frameworks. These dependencies are an integral part of your code and any bugs or vulnerabilities in them may affect your code. It's important to review and maintain these dependencies.
 
-依赖关系图提供了可视化和探索仓库依赖关系的好方法。 有关详细信息，请参阅“[关于依赖项关系图](/code-security/supply-chain-security/about-the-dependency-graph)”和“[探索存储库的依赖项](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository)”。
+The dependency graph provides a great way to visualize and explore the dependencies for a repository. For more information, see "[About the dependency graph](/code-security/supply-chain-security/about-the-dependency-graph)" and "[Exploring the dependencies of a repository](/code-security/supply-chain-security/exploring-the-dependencies-of-a-repository)."
 
-您也可以设置仓库，以便在您的一个依赖项中发现安全漏洞时，{% data variables.product.company_short %} 会自动提醒您。 有关详细信息，请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)”。
+You can also set up your repository so that {% data variables.product.company_short %} alerts you automatically whenever a security vulnerability is found in one of your dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies)."

translations/zh-CN/content/rest/overview/libraries.md

@@ -11,12 +11,12 @@ versions:
   ghec: '*'
 topics:
   - API
-ms.openlocfilehash: 4560ae5e63f8a607f068bb24e84f1a014f44885c
-ms.sourcegitcommit: 82b1242de02ecc4bdec02a5b6d11568fb2deb1aa
+ms.openlocfilehash: ab880cef09b936bb573d783373f048395d0a2f58
+ms.sourcegitcommit: 16548aa24259e37cc0ac4900ca8fefc46dc84cdb
 ms.translationtype: HT
 ms.contentlocale: zh-CN
-ms.lasthandoff: 11/21/2022
-ms.locfileid: '148179734'
+ms.lasthandoff: 12/01/2022
+ms.locfileid: '148190059'
 ---
 ![Gundamcat](/assets/images/gundamcat.png)
 
@@ -24,7 +24,6 @@ ms.locfileid: '148179734'
 
 使用官方的 Octokit 库，或者使用任何适用的第三方库。
 
-- Python → [octokit.py](https://github.com/khornberg/octokit.py)
 - Ruby → [octokit.rb](https://github.com/octokit/octokit.rb)
 - .NET → [octokit.net](https://github.com/octokit/octokit.net)
 - JavaScript → [octokit/octokit.js](https://github.com/octokit/octokit.js)
@@ -131,6 +130,7 @@ ms.locfileid: '148179734'
 |**github-flask**|[github-flask（官方网站）](http://github-flask.readthedocs.org)|
 |**torngithub**|[jkeylu/torngithub](https://github.com/jkeylu/torngithub)|
 |githubkit|[yanyongyu/githubkit](https://github.com/yanyongyu/githubkit)|
+|octokit.py|[khornberg/octokit.py](https://github.com/khornberg/octokit.py)|
 
 ### Ruby
 

translations/zh-CN/data/reusables/enterprise-accounts/emu-forks.md

@@ -1 +1,9 @@
-{% data variables.enterprise.prodname_managed_users_caps %} cannot fork repositories from outside of the enterprise or fork internal repositories. {% data variables.enterprise.prodname_managed_users_caps %} can fork private repositories owned by organizations in the enterprise into other organizations owned by the enterprise, or as a fork owned by the {% data variables.enterprise.prodname_managed_user %}.
+---
+ms.openlocfilehash: 484a4230527deebe6f4aeb24ceabdf95eb75b492
+ms.sourcegitcommit: 468a0323fa636517985a3e08e2772dbb0545cab8
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 12/03/2022
+ms.locfileid: "148191328"
+---
+{% data variables.enterprise.prodname_managed_users_caps %} 无法从企业外部创建分支存储库。 {% data variables.enterprise.prodname_managed_users_caps %} 可以将企业中组织所拥有的专用或内部存储库的分支创建到其用户帐户命名空间或企业拥有的其他组织，具体由企业策略规定。

translations/zh-CN/data/reusables/repositories/fork-definition-long.md

@@ -0,0 +1,9 @@
+---
+ms.openlocfilehash: eb538c8746bf9d5ec4cd0e422e50ccc032309812
+ms.sourcegitcommit: 468a0323fa636517985a3e08e2772dbb0545cab8
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 12/03/2022
+ms.locfileid: "148191355"
+---
+分支是一个新存储库，与原“上游”存储库共享代码和可见性设置。 分支通常用于在向上游存储库提出想法或修改之前进行迭代，比如在开放源代码项目中，或当用户没有对上游存储库的写入权限时。