New translation batch for cn (#23923)
* Add crowdin translations * Run script/i18n/homogenize-frontmatter.js * Run script/i18n/lint-translation-files.js --check parsing * Run script/i18n/lint-translation-files.js --check rendering * run script/i18n/reset-files-with-broken-liquid-tags.js --language=cn * run script/i18n/reset-known-broken-translation-files.js * Check in cn CSV report Co-authored-by: Francis <15894826+francisfuzz@users.noreply.github.com>
This commit is contained in:
docubot
@@ -400,6 +400,7 @@ translations/zh-CN/content/code-security/code-scanning/automatically-scanning-yo
|
||||
translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages.md,rendering error
|
||||
translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/index.md,rendering error
|
||||
translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md,rendering error
|
||||
translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/recommended-hardware-resources-for-running-codeql.md,rendering error
|
||||
translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/running-codeql-code-scanning-in-a-container.md,rendering error
|
||||
translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository.md,parsing error
|
||||
translations/zh-CN/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists.md,rendering error
|
||||
@@ -429,7 +430,6 @@ translations/zh-CN/content/code-security/supply-chain-security/keeping-your-depe
|
||||
translations/zh-CN/content/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot.md,rendering error
|
||||
translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md,Listed in localization-support#489
|
||||
translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md,parsing error
|
||||
translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies.md,rendering error
|
||||
translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates.md,rendering error
|
||||
translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database.md,rendering error
|
||||
translations/zh-CN/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates.md,rendering error
|
||||
|
||||
|
@@ -45,7 +45,7 @@ In the tutorial, you will first make a workflow file that uses the [`andymckay/l
|
||||
issues: write{% endif %}
|
||||
steps:
|
||||
- name: Label issues
|
||||
uses: andymckay/labeler@5c59dabdfd4dd5bd9c6e6d255b01b9d764af4414
|
||||
uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90
|
||||
with:
|
||||
add-labels: "triage"
|
||||
repo-token: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %}
|
||||
|
||||
@@ -161,6 +161,13 @@ This workflow scans:
|
||||
|
||||
If your code requires a specific operating system to compile, you can configure the operating system in your {% data variables.product.prodname_codeql_workflow %}. Edit the value of `jobs.analyze.runs-on` to specify the operating system for the machine that runs your {% data variables.product.prodname_code_scanning %} actions. {% ifversion ghes %}You specify the operating system by using an appropriate label as the second element in a two-element array, after `self-hosted`.{% else %}
|
||||
|
||||
``` yaml
|
||||
jobs:
|
||||
analyze:
|
||||
name: Analyze
|
||||
runs-on: [ubuntu-latest]
|
||||
```
|
||||
|
||||
If you choose to use a self-hosted runner for code scanning, you can specify an operating system by using an appropriate label as the second element in a two-element array, after `self-hosted`.{% endif %}
|
||||
|
||||
``` yaml
|
||||
@@ -170,12 +177,14 @@ jobs:
|
||||
runs-on: [self-hosted, ubuntu-latest]
|
||||
```
|
||||
|
||||
{% ifversion fpt or ghec %}For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners)" and "[Adding self-hosted runners](/actions/hosting-your-own-runners/adding-self-hosted-runners)."{% endif %}
|
||||
|
||||
{% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} supports the latest versions of Ubuntu, Windows, and macOS. Typical values for this setting are therefore: `ubuntu-latest`, `windows-latest`, and `macos-latest`. For more information, see {% ifversion ghes %}"[Workflow syntax for GitHub Actions](/actions/reference/workflow-syntax-for-github-actions#self-hosted-runners)" and "[Using labels with self-hosted runners](/actions/hosting-your-own-runners/using-labels-with-self-hosted-runners){% else %}"[Workflow syntax for GitHub Actions](/actions/reference/workflow-syntax-for-github-actions#jobsjob_idruns-on){% endif %}."
|
||||
|
||||
{% ifversion ghes %}You must ensure that Git is in the PATH variable on your self-hosted runners.{% else %}If you use a self-hosted runner, you must ensure that Git is in the PATH variable.{% endif %}
|
||||
|
||||
For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners)" and "[Adding self-hosted runners](/actions/hosting-your-own-runners/adding-self-hosted-runners)."
|
||||
|
||||
For recommended specifications (RAM, CPU cores, and disk) for running {% data variables.product.prodname_codeql %} analysis{% ifversion not ghes %} on self-hosted machines{% endif %}, see "[Recommended hardware resources for running {% data variables.product.prodname_codeql %}](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/recommended-hardware-resources-for-running-codeql)."
|
||||
|
||||
{% ifversion fpt or ghes > 3.1 or ghae or ghec %}
|
||||
## Specifying the location for {% data variables.product.prodname_codeql %} databases
|
||||
|
||||
|
||||
@@ -22,6 +22,7 @@ children:
|
||||
- /tracking-code-scanning-alerts-in-issues-using-task-lists
|
||||
- /configuring-code-scanning
|
||||
- /about-code-scanning-with-codeql
|
||||
- /recommended-hardware-resources-for-running-codeql
|
||||
- /configuring-the-codeql-workflow-for-compiled-languages
|
||||
- /troubleshooting-the-codeql-workflow
|
||||
- /running-codeql-code-scanning-in-a-container
|
||||
|
||||
@@ -0,0 +1,32 @@
|
||||
---
|
||||
title: Recommended hardware resources for running CodeQL
|
||||
shortTitle: Hardware resources for CodeQL
|
||||
intro: 'Recommended specifications (RAM, CPU cores, and disk) for running {% data variables.product.prodname_codeql %} analysis on self-hosted machines, based on the size of your codebase.'
|
||||
product: '{% data reusables.gated-features.code-scanning %}'
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '*'
|
||||
ghae: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
- Repositories
|
||||
- Integration
|
||||
- CI
|
||||
|
||||
---
|
||||
You can set up {% data variables.product.prodname_codeql %} on {% data variables.product.prodname_actions %} or on an external CI system. {% data variables.product.prodname_codeql %} is fully compatible with {% data variables.product.prodname_dotcom %}-hosted runners on {% data variables.product.prodname_actions %}.
|
||||
|
||||
If you're using an external CI system, or self-hosted runners on {% data variables.product.prodname_actions %} for private repositories, you're responsible for configuring your own hardware. The optimal hardware configuration for running {% data variables.product.prodname_codeql %} may vary based on the size and complexity of your codebase, the programming languages and build systems being used, and your CI workflow setup.
|
||||
|
||||
The table below provides recommended hardware specifications for running {% data variables.product.prodname_codeql %} analysis, based on the size of your codebase. Use these as a starting point for determining your choice of hardware or virtual machine. A machine with greater resources may improve analysis performance, but may also be more expensive to maintain.
|
||||
|
||||
| Codebase size | RAM | CPU |
|
||||
|--------|--------|--------|
|
||||
| Small (<100 K lines of code) | 8 GB or higher | 2 cores |
|
||||
| Medium (100 K to 1 M lines of code) | 16 GB or higher | 4 or 8 cores |
|
||||
| Large (>1 M lines of code) | 64 GB or higher | 8 cores |
|
||||
|
||||
For all codebase sizes, we recommend using an SSD with 14 GB or more of disk space. There must be enough disk space to check out and build your code, plus additional space for data produced by {% data variables.product.prodname_codeql %}.
|
||||
@@ -28,7 +28,7 @@ redirect_from:
|
||||
|
||||
## About using the {% data variables.product.prodname_codeql_cli %} for {% data variables.product.prodname_code_scanning %}
|
||||
|
||||
You can use the {% data variables.product.prodname_codeql_cli %} to run {% data variables.product.prodname_code_scanning %} on code that you're processing in a third-party continuous integration (CI) system. {% data reusables.code-scanning.about-code-scanning %} For information, see "[About {% data variables.product.prodname_code_scanning %} with {% data variables.product.prodname_codeql %}](/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql)."
|
||||
You can use the {% data variables.product.prodname_codeql_cli %} to run {% data variables.product.prodname_code_scanning %} on code that you're processing in a third-party continuous integration (CI) system. {% data reusables.code-scanning.about-code-scanning %} For information, see "[About {% data variables.product.prodname_code_scanning %} with {% data variables.product.prodname_codeql %}](/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql)." For recommended specifications (RAM, CPU cores, and disk) for running {% data variables.product.prodname_codeql %} analysis, see "[Recommended hardware resources for running {% data variables.product.prodname_codeql %}](/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/recommended-hardware-resources-for-running-codeql)."
|
||||
|
||||
{% data reusables.code-scanning.what-is-codeql-cli %}
|
||||
|
||||
|
||||
@@ -39,6 +39,8 @@ A typical workflow that uses the {% data variables.product.prodname_codeql_cli %
|
||||
- `codeql database analyze` to run queries to analyze each {% data variables.product.prodname_codeql %} database and summarize the results in a SARIF file. This command must be run once for each language or database.
|
||||
- `codeql github upload-results` to upload the resulting SARIF files to {% data variables.product.prodname_dotcom %}, to be displayed as code scanning alerts. This command must be run once for each language or SARIF file.
|
||||
|
||||
The {% data variables.product.prodname_codeql_runner %} is multithreaded by default. The {% data variables.product.prodname_codeql_cli %} only uses a single thread by default, but allows you to specify the amount of threads you want it to use. If you want to replicate the behavior of the {% data variables.product.prodname_codeql_runner %} to use all threads available on the machine when using the {% data variables.product.prodname_codeql_cli %}, you can pass `--threads 0` to `codeql database analyze`.
|
||||
|
||||
For more information, see "[Configuring {% data variables.product.prodname_codeql_cli %} in your CI system](/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system)."
|
||||
|
||||
## Examples of common uses for the {% data variables.product.prodname_codeql_cli %}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Renaming a branch
|
||||
intro: You can change the name of a branch in a repository.
|
||||
permissions: People with write permissions to a repository can rename a branch in the repository. People with admin permissions can rename the default branch.
|
||||
permissions: 'People with write permissions to a repository can rename a branch in the repository unless it is the [default branch](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch){% ifversion fpt or ghec %} or a [protected branch](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches){% endif %}. People with admin permissions can rename the default branch{% ifversion fpt or ghec %} and protected branches{% endif %}.'
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghes: '>=3.1'
|
||||
|
||||
@@ -109,11 +109,9 @@ The `is` qualifier matches commits from repositories with the specified visibili
|
||||
{%- ifversion fpt or ghes or ghec %}
|
||||
| `is:public` | [**is:public**](https://github.com/search?q=is%3Apublic&type=Commits) matches commits to public repositories.
|
||||
{%- endif %}
|
||||
|
||||
{%- ifversion ghes or ghec or ghae %}
|
||||
| `is:internal` | [**is:internal**](https://github.com/search?q=is%3Ainternal&type=Commits) matches commits to internal repositories.
|
||||
{%- endif %}
|
||||
|
||||
| `is:private` | [**is:private**](https://github.com/search?q=is%3Aprivate&type=Commits) matches commits to private repositories.
|
||||
|
||||
## Further reading
|
||||
|
||||
Reference in New Issue
Block a user