Merge pull request #15741 from github/repo-sync

repo sync

Author: Octomerger

.gitignore

@@ -17,6 +17,9 @@ blc_output.log
 blc_output_internal.log
 broken_links.md
 lib/redirects/.redirects-cache.json
+# This one is purely for historical reasons because so many people might
+# still have thes files on their disk.
+lib/redirects/.redirects-cache_*.json
 
 # During the preview deploy untrusted user code may be cloned into this directory
 # We ignore it from git to keep things deterministic

assets/images/help/security/suggest-improvements-to-advisory.png

@@ -1,9 +1,9 @@
 import { useRouter } from 'next/router'
-import { ArrowRightIcon } from '@primer/octicons-react'
+import { ArrowRightIcon, InfoIcon } from '@primer/octicons-react'
 
 import { Link } from 'components/Link'
 import { useMainContext } from 'components/context/MainContext'
-import { useVersion } from 'components/hooks/useVersion'
+import { DEFAULT_VERSION, useVersion } from 'components/hooks/useVersion'
 import { useTranslation } from 'components/hooks/useTranslation'
 import { Picker } from 'components/ui/Picker'
 
@@ -17,7 +17,7 @@ export const VersionPicker = ({ variant }: Props) => {
   const { allVersions, page, enterpriseServerVersions } = useMainContext()
   const { t } = useTranslation(['pages', 'picker'])
 
-  if (page.permalinks && page.permalinks.length <= 1) {
+  if (page.permalinks && page.permalinks.length < 1) {
     return null
   }
 
@@ -37,7 +37,7 @@ export const VersionPicker = ({ variant }: Props) => {
       item: (
         <Link
           href={`/${router.locale}/${enterpriseServerVersions[0]}/admin/all-releases`}
-          className="f6 no-underline color-fg-muted"
+          className="f6 no-underline"
         >
           {t('all_enterprise_releases')}{' '}
           <ArrowRightIcon verticalAlign="middle" size={15} className="mr-2" />
@@ -46,6 +46,23 @@ export const VersionPicker = ({ variant }: Props) => {
     })
   }
 
+  if (allLinks) {
+    const currentVersionPathSegment = currentVersion === DEFAULT_VERSION ? '' : `/${currentVersion}`
+
+    allLinks.push({
+      text: t('docs_versions'),
+      selected: false,
+      item: (
+        <Link
+          href={`/${router.locale}${currentVersionPathSegment}/get-started/learning-about-github/about-versions-of-github-docs`}
+          className="f6 no-underline"
+        >
+          {t('about_versions')} <InfoIcon verticalAlign="middle" size={15} className="mr-2" />
+        </Link>
+      ),
+    })
+  }
+
   return (
     <Picker
       variant={variant}

components/page-header/VersionPicker.tsx

@@ -47,16 +47,16 @@ includeGuides:
   - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system
   - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-runner-in-your-ci-system
   - /code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/troubleshooting-codeql-runner-in-your-ci-system
-  - /code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
-  - /code-security/security-advisories/about-github-security-advisories
-  - /code-security/security-advisories/adding-a-collaborator-to-a-security-advisory
-  - /code-security/security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-security-vulnerability
-  - /code-security/security-advisories/creating-a-security-advisory
-  - /code-security/security-advisories/editing-a-security-advisory
-  - /code-security/security-advisories/permission-levels-for-security-advisories
-  - /code-security/security-advisories/publishing-a-security-advisory
-  - /code-security/security-advisories/removing-a-collaborator-from-a-security-advisory
-  - /code-security/security-advisories/withdrawing-a-security-advisory
+  - /code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
+  - /code-security/repository-security-advisories/about-github-security-advisories-for-repositories
+  - /code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory
+  - /code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability
+  - /code-security/repository-security-advisories/creating-a-repository-security-advisory
+  - /code-security/repository-security-advisories/editing-a-repository-security-advisory
+  - /code-security/repository-security-advisories/permission-levels-for-repository-security-advisories
+  - /code-security/repository-security-advisories/publishing-a-repository-security-advisory
+  - /code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory
+  - /code-security/repository-security-advisories/withdrawing-a-repository-security-advisory
   - /code-security/security-overview/about-the-security-overview
   - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/about-dependabot-version-updates
   - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions
@@ -72,6 +72,7 @@ includeGuides:
   - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-dependabot-security-updates
   - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-managing-vulnerable-dependencies
   - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database
+  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database
   - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates
   - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-notifications-for-vulnerable-dependencies
   - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/troubleshooting-dependabot-errors

content/code-security/guides.md

@@ -8,7 +8,7 @@ featuredLinks:
   guides:
     - /code-security/getting-started/securing-your-repository
     - /code-security/getting-started/securing-your-organization
-    - '{% ifversion fpt %}/code-security/security-advisories/creating-a-security-advisory{% endif %}'
+    - '{% ifversion fpt %}/code-security/repository-security-advisories/creating-a-repository-security-advisory{% endif %}'
     - '{% ifversion ghes or ghae %}/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/setting-up-code-scanning-for-a-repository{% endif%}'
   guideCards:
     - '{% ifversion fpt %}/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates{% endif %}'
@@ -22,7 +22,7 @@ featuredLinks:
   popular:
     - '{% ifversion ghes %}/admin/release-notes{% endif %}'
     - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/about-alerts-for-vulnerable-dependencies
-    - /code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
+    - /code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
     - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot
     - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates
     - /code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-encrypted-secrets-for-dependabot
@@ -51,7 +51,7 @@ children:
   - /getting-started
   - /secret-scanning
   - /code-scanning
-  - /security-advisories
+  - /repository-security-advisories
   - /supply-chain-security
   - /security-overview
   - /guides

content/code-security/index.md

@@ -1,6 +1,8 @@
 ---
 title: About coordinated disclosure of security vulnerabilities
 intro: Vulnerability disclosure is a coordinated effort between security reporters and repository maintainers.
+redirect_from:
+- /code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
 miniTocMaxHeadingLevel: 3
 versions:
   fpt: '*'
@@ -63,7 +65,7 @@ The process for reporting and disclosing vulnerabilities for projects on {% data
 
  If you are a maintainer, you can take ownership of the process at the very beginning of the pipeline by setting up a security policy for your repository, or otherwise making security reporting instructions clearly available, for example in your project’s README file. For information about adding a security policy, see "[About security policies](/code-security/getting-started/adding-a-security-policy-to-your-repository#about-security-policies)." If there is no security policy, it's likely that a vulnerability reporter will try to email you or otherwise privately contact you. Alternatively, someone may open a (public) issue with details of a security issue.
 
- As a maintainer, to disclose a vulnerability in your code, you first create a draft security advisory in the package's repository in {% data variables.product.prodname_dotcom %}. {% data reusables.security-advisory.security-advisory-overview %} For more information, see "[About {% data variables.product.prodname_security_advisories %}](/github/managing-security-vulnerabilities/about-github-security-advisories)."
+ As a maintainer, to disclose a vulnerability in your code, you first create a draft security advisory in the package's repository in {% data variables.product.prodname_dotcom %}. {% data reusables.security-advisory.security-advisory-overview %} For more information, see "[About {% data variables.product.prodname_security_advisories %} for repositories](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories)."
 
 
- To get started, see "[Creating a security advisory](/github/managing-security-vulnerabilities/creating-a-security-advisory)."
+ To get started, see "[Creating a repository security advisory](/code-security/repository-security-advisories/creating-a-repository-security-advisory)."

content/code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities.md renamed to content/code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities.md

@@ -1,10 +1,11 @@
 ---
-title: About GitHub Security Advisories
+title: About GitHub Security Advisories for repositories
 intro: 'You can use {% data variables.product.prodname_security_advisories %} to privately discuss, fix, and publish information about security vulnerabilities in your repository.'
 redirect_from:
   - /articles/about-maintainer-security-advisories
   - /github/managing-security-vulnerabilities/about-maintainer-security-advisories
   - /github/managing-security-vulnerabilities/about-github-security-advisories
+  - /code-security/security-advisories/about-github-security-advisories
 versions:
   fpt: '*'
   ghec: '*'
@@ -13,7 +14,7 @@ topics:
   - Security advisories
   - Vulnerabilities
   - CVEs
-shortTitle: Security advisories
+shortTitle: Repository security advisories
 ---
 
 {% data reusables.repositories.security-advisory-admin-permissions %}
@@ -22,23 +23,25 @@ shortTitle: Security advisories
 
 ## About {% data variables.product.prodname_security_advisories %}
 
-{% data reusables.security-advisory.disclosing-vulnerabilities %} For more information, see "[About coordinated disclosure of security vulnerabilities](/code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities)."
+{% data reusables.security-advisory.disclosing-vulnerabilities %} For more information, see "[About coordinated disclosure of security vulnerabilities](/code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities)."
 
 {% data reusables.security-advisory.security-advisory-overview %}
 
 With {% data variables.product.prodname_security_advisories %}, you can:
 
-1. Create a draft security advisory, and use the draft to privately discuss the impact of the vulnerability on your project. For more information, see "[Creating a security advisory](/github/managing-security-vulnerabilities/creating-a-security-advisory)."
+1. Create a draft security advisory, and use the draft to privately discuss the impact of the vulnerability on your project. For more information, see "[Creating a repository security advisory](/code-security/repository-security-advisories/creating-a-repository-security-advisory)."
 2. Privately collaborate to fix the vulnerability in a temporary private fork.
-3. Publish the security advisory to alert your community of the vulnerability once a patch is released. For more information, see "[Publishing a security advisory](/github/managing-security-vulnerabilities/publishing-a-security-advisory)."
+3. Publish the security advisory to alert your community of the vulnerability once a patch is released. For more information, see "[Publishing a repository security advisory](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)."
 
 {% data reusables.repositories.security-advisories-republishing %}
 
-You can give credit to individuals who contributed to a security advisory. For more information, see "[Editing a security advisory](/github/managing-security-vulnerabilities/editing-a-security-advisory#about-credits-for-security-advisories)."
+You can give credit to individuals who contributed to a security advisory. For more information, see "[Editing a repository security advisory](/code-security/repository-security-advisories/editing-a-repository-security-advisory#about-credits-for-security-advisories)."
 
 {% data reusables.repositories.security-guidelines %}
 
-If you created a security advisory in your repository, the security advisory will stay in your repository. We publish security advisories for any of the ecosystems supported by the dependency graph to the {% data variables.product.prodname_advisory_database %} on [github.com/advisories](https://github.com/advisories). If a security advisory is specifically for npm, we also publish the advisory to the npm security advisories. For more information, see [npmjs.com/advisories](https://www.npmjs.com/advisories).
+If you created a security advisory in your repository, the security advisory will stay in your repository. We publish security advisories for any of the ecosystems supported by the dependency graph to the {% data variables.product.prodname_advisory_database %} on [github.com/advisories](https://github.com/advisories). Anyone can submit a change to an advisory published in the {% data variables.product.prodname_advisory_database %}. For more information, see "[Editing security advisories in the {% data variables.product.prodname_advisory_database %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)."
+
+If a security advisory is specifically for npm, we also publish the advisory to the npm security advisories. For more information, see [npmjs.com/advisories](https://www.npmjs.com/advisories).
 
 {% data reusables.repositories.github-security-lab %}
 
@@ -51,7 +54,7 @@ If you created a security advisory in your repository, the security advisory wil
 When you create a security advisory for a public repository on {% data variables.product.prodname_dotcom %}, you have the option of providing an existing CVE identification number for the security vulnerability. {% data reusables.repositories.request-security-advisory-cve-id %}
 
 Once you've published the security advisory and {% data variables.product.prodname_dotcom %} has assigned a CVE identification number to the vulnerability, {% data variables.product.prodname_dotcom %} publishes the CVE to the MITRE database.
-For more information, see "[Publishing a security advisory](/github/managing-security-vulnerabilities/publishing-a-security-advisory#requesting-a-cve-identification-number)."
+For more information, see "[Publishing a repository security advisory](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)."
 
 ## {% data variables.product.prodname_dependabot_alerts %} for published security advisories
 

content/code-security/security-advisories/about-github-security-advisories.md renamed to content/code-security/repository-security-advisories/about-github-security-advisories-for-repositories.md

@@ -1,10 +1,11 @@
 ---
-title: Adding a collaborator to a security advisory
+title: Adding a collaborator to a repository security advisory
 intro: You can add other users or teams to collaborate on a security advisory with you.
 redirect_from:
   - /articles/adding-a-collaborator-to-a-maintainer-security-advisory
   - /github/managing-security-vulnerabilities/adding-a-collaborator-to-a-maintainer-security-advisory
   - /github/managing-security-vulnerabilities/adding-a-collaborator-to-a-security-advisory
+  - /code-security/security-advisories/adding-a-collaborator-to-a-security-advisory
 versions:
   fpt: '*'
   ghec: '*'
@@ -13,18 +14,20 @@ topics:
   - Security advisories
   - Vulnerabilities
   - Collaboration
-shortTitle: Add collaborator to advisory
+shortTitle: Add collaborators
 ---
 
 People with admin permissions to a security advisory can add collaborators to the security advisory.
 
+{% data reusables.security-advisory.repository-level-advisory-note %}
+
 ## Adding a collaborator to a security advisory
 
-Collaborators have write permissions to the security advisory. For more information, see "[Permission levels for security advisories](/github/managing-security-vulnerabilities/permission-levels-for-security-advisories)."
+Collaborators have write permissions to the security advisory. For more information, see "[Permission levels for repository security advisories](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)."
 
 {% note %}
 
-{% data reusables.repositories.security-advisory-collaborators-public-repositories %} For more information about removing a collaborator on a security advisory, see "[Removing a collaborator from a security advisory](/github/managing-security-vulnerabilities/removing-a-collaborator-from-a-security-advisory)."
+{% data reusables.repositories.security-advisory-collaborators-public-repositories %} For more information about removing a collaborator on a security advisory, see "[Removing a collaborator from a repository security advisory](/code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory)."
 
 {% endnote %}
 
@@ -39,6 +42,6 @@ Collaborators have write permissions to the security advisory. For more informat
 
 ## Further reading
 
-- "[Permission levels for security advisories](/github/managing-security-vulnerabilities/permission-levels-for-security-advisories)"
-- "[Collaborating in a temporary private fork to resolve a security vulnerability](/github/managing-security-vulnerabilities/collaborating-in-a-temporary-private-fork-to-resolve-a-security-vulnerability)"
-- "[Removing a collaborator from a security advisory](/github/managing-security-vulnerabilities/removing-a-collaborator-from-a-security-advisory)"
+- "[Permission levels for repository security advisories](/code-security/repository-security-advisories/permission-levels-for-repository-security-advisories)"
+- "[Collaborating in a temporary private fork to resolve a repository security vulnerability](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)"
+- "[Removing a collaborator from a repository security advisory](/code-security/repository-security-advisories/removing-a-collaborator-from-a-repository-security-advisory)."