New translation batch for cn (#32252)

translations/log/msft-cn-resets.csv

@@ -302,7 +302,6 @@ translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-pers
 translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-security-and-analysis-settings-for-your-personal-account.md,rendering error
 translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-the-default-branch-name-for-your-repositories.md,rendering error
 translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-your-theme-settings.md,rendering error
-translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/permission-levels-for-a-personal-account-repository.md,broken liquid tags
 translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps.md,rendering error
 translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/best-practices-for-leaving-your-company.md,broken liquid tags
 translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/converting-a-user-into-an-organization.md,broken liquid tags
@@ -507,6 +506,7 @@ translations/zh-CN/content/admin/user-management/managing-organizations-in-your-
 translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/adding-people-to-teams.md,rendering error
 translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/continuous-integration-using-jenkins.md,broken liquid tags
 translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/creating-teams.md,rendering error
+translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/index.md,broken liquid tags
 translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/requiring-two-factor-authentication-for-an-organization.md,rendering error
 translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/restoring-a-deleted-organization.md,broken liquid tags
 translations/zh-CN/content/admin/user-management/managing-repositories-in-your-enterprise/configuring-git-large-file-storage-for-your-enterprise.md,broken liquid tags
@@ -518,7 +518,6 @@ translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your
 translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your-enterprise/exporting-migration-data-from-your-enterprise.md,broken liquid tags
 translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your-enterprise/index.md,broken liquid tags
 translations/zh-CN/content/admin/user-management/migrating-data-to-and-from-your-enterprise/migrating-data-to-your-enterprise.md,broken liquid tags
-translations/zh-CN/content/authentication/authenticating-with-saml-single-sign-on/about-authentication-with-saml-single-sign-on.md,broken liquid tags
 translations/zh-CN/content/authentication/authenticating-with-saml-single-sign-on/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on.md,rendering error
 translations/zh-CN/content/authentication/authenticating-with-saml-single-sign-on/authorizing-an-ssh-key-for-use-with-saml-single-sign-on.md,rendering error
 translations/zh-CN/content/authentication/connecting-to-github-with-ssh/about-ssh.md,broken liquid tags
@@ -571,10 +570,9 @@ translations/zh-CN/content/billing/managing-billing-for-your-github-account/conn
 translations/zh-CN/content/billing/managing-billing-for-your-github-account/downgrading-your-github-subscription.md,broken liquid tags
 translations/zh-CN/content/billing/managing-billing-for-your-github-account/upgrading-your-github-subscription.md,broken liquid tags
 translations/zh-CN/content/billing/managing-billing-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account.md,rendering error
-translations/zh-CN/content/billing/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/about-visual-studio-subscriptions-with-github-enterprise.md,broken liquid tags
-translations/zh-CN/content/billing/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/setting-up-visual-studio-subscriptions-with-github-enterprise.md,broken liquid tags
 translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/about-licenses-for-github-enterprise.md,broken liquid tags
 translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/downloading-your-license-for-github-enterprise.md,broken liquid tags
+translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/troubleshooting-license-usage-for-github-enterprise.md,rendering error
 translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/uploading-a-new-license-to-github-enterprise-server.md,broken liquid tags
 translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/viewing-license-usage-for-github-enterprise.md,broken liquid tags
 translations/zh-CN/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md,rendering error
@@ -623,6 +621,7 @@ translations/zh-CN/content/code-security/secret-scanning/defining-custom-pattern
 translations/zh-CN/content/code-security/secret-scanning/managing-alerts-from-secret-scanning.md,rendering error
 translations/zh-CN/content/code-security/secret-scanning/protecting-pushes-with-secret-scanning.md,rendering error
 translations/zh-CN/content/code-security/secret-scanning/pushing-a-branch-blocked-by-push-protection.md,rendering error
+translations/zh-CN/content/code-security/security-advisories/global-security-advisories/about-the-github-advisory-database.md,rendering error
 translations/zh-CN/content/code-security/security-overview/about-the-security-overview.md,rendering error
 translations/zh-CN/content/code-security/security-overview/filtering-alerts-in-the-security-overview.md,rendering error
 translations/zh-CN/content/code-security/security-overview/viewing-the-security-overview.md,rendering error
@@ -634,7 +633,6 @@ translations/zh-CN/content/code-security/supply-chain-security/understanding-you
 translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review.md,rendering error
 translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-the-dependency-graph.md,broken liquid tags
 translations/zh-CN/content/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph.md,rendering error
-translations/zh-CN/content/codespaces/codespaces-reference/allowing-your-codespace-to-access-a-private-image-registry.md,broken liquid tags
 translations/zh-CN/content/codespaces/codespaces-reference/disaster-recovery-for-github-codespaces.md,broken liquid tags
 translations/zh-CN/content/codespaces/codespaces-reference/security-in-github-codespaces.md,broken liquid tags
 translations/zh-CN/content/codespaces/codespaces-reference/using-github-copilot-in-github-codespaces.md,broken liquid tags
@@ -673,7 +671,6 @@ translations/zh-CN/content/codespaces/prebuilding-your-codespaces/allowing-a-pre
 translations/zh-CN/content/codespaces/prebuilding-your-codespaces/configuring-prebuilds.md,broken liquid tags
 translations/zh-CN/content/codespaces/prebuilding-your-codespaces/managing-prebuilds.md,broken liquid tags
 translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers.md,broken liquid tags
-translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/setting-a-minimum-specification-for-codespace-machines.md,broken liquid tags
 translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/setting-up-your-dotnet-project-for-codespaces.md,broken liquid tags
 translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/setting-up-your-java-project-for-codespaces.md,broken liquid tags
 translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/setting-up-your-nodejs-project-for-codespaces.md,broken liquid tags
@@ -818,7 +815,6 @@ translations/zh-CN/content/organizations/managing-organization-settings/managing
 translations/zh-CN/content/organizations/managing-organization-settings/managing-the-forking-policy-for-your-organization.md,broken liquid tags
 translations/zh-CN/content/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators.md,rendering error
 translations/zh-CN/content/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization.md,rendering error
-translations/zh-CN/content/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on.md,broken liquid tags
 translations/zh-CN/content/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta.md,broken liquid tags
 translations/zh-CN/content/organizations/organizing-members-into-teams/about-teams.md,broken liquid tags
 translations/zh-CN/content/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team.md,rendering error
@@ -1004,6 +1000,7 @@ translations/zh-CN/data/reusables/actions/enterprise-postinstall-nextsteps.md,br
 translations/zh-CN/data/reusables/actions/enterprise-storage-ha-backups.md,broken liquid tags
 translations/zh-CN/data/reusables/actions/github-connect-resolution.md,broken liquid tags
 translations/zh-CN/data/reusables/actions/ip-allow-list-self-hosted-runners.md,broken liquid tags
+translations/zh-CN/data/reusables/actions/jobs/section-choosing-the-runner-for-a-job.md,broken liquid tags
 translations/zh-CN/data/reusables/actions/jobs/section-defining-outputs-for-jobs.md,broken liquid tags
 translations/zh-CN/data/reusables/actions/jobs/section-running-jobs-in-a-container.md,broken liquid tags
 translations/zh-CN/data/reusables/actions/message-parameters.md,rendering error
@@ -1174,7 +1171,6 @@ translations/zh-CN/data/reusables/repositories/navigate-to-code-security-and-ana
 translations/zh-CN/data/reusables/repositories/navigate-to-commit-page.md,broken liquid tags
 translations/zh-CN/data/reusables/repositories/navigate-to-repo.md,broken liquid tags
 translations/zh-CN/data/reusables/repositories/repository-branches.md,rendering error
-translations/zh-CN/data/reusables/repositories/security-advisories-republishing.md,broken liquid tags
 translations/zh-CN/data/reusables/repositories/sidebar-notifications.md,rendering error
 translations/zh-CN/data/reusables/repositories/suggest-changes.md,broken liquid tags
 translations/zh-CN/data/reusables/repositories/you-can-fork.md,broken liquid tags
@@ -1193,7 +1189,6 @@ translations/zh-CN/data/reusables/secret-scanning/enterprise-enable-secret-scann
 translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-private-repo.md,rendering error
 translations/zh-CN/data/reusables/secret-scanning/partner-secret-list-public-repo.md,broken liquid tags
 translations/zh-CN/data/reusables/secret-scanning/secret-list-private-push-protection.md,rendering error
-translations/zh-CN/data/reusables/security-advisory/security-advisory-overview.md,broken liquid tags
 translations/zh-CN/data/reusables/security-overview/permissions.md,rendering error
 translations/zh-CN/data/reusables/security/displayed-information.md,rendering error
 translations/zh-CN/data/reusables/shortdesc/rate_limits_github_apps.md,broken liquid tags

translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/about-your-profile.md

@@ -14,12 +14,12 @@ versions:
   ghec: '*'
 topics:
   - Profiles
-ms.openlocfilehash: edbe34a38c2ab23de22e3b5ea466e35276c6bc35
-ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5
+ms.openlocfilehash: e27e14102b4f57e9eb50266c5c271a2f6bb3892c
+ms.sourcegitcommit: bf11c3e08cbb5eab6320e0de35b32ade6d863c03
 ms.translationtype: HT
 ms.contentlocale: zh-CN
-ms.lasthandoff: 09/05/2022
-ms.locfileid: '146199952'
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148111609'
 ---
 您可以在传记中加入您的个人信息，比如您以前工作的地方、您参与过的项目，或者其他人可能想知道的个人兴趣。 有关详细信息，请参阅“[将传记添加到个人资料](/articles/personalizing-your-profile/#adding-a-bio-to-your-profile)”。
 
@@ -36,7 +36,7 @@ ms.locfileid: '146199952'
 访问您的个人资料的人也可以看到以下信息。
 
 - 你拥有或参与的仓库和 gists。 {% ifversion fpt or ghes or ghec %}你可以通过将存储库和 Gist 固定到个人资料中来展示你的最佳作品。 有关详细信息，请参阅“[将项目固定到个人资料](/github/setting-up-and-managing-your-github-profile/pinning-items-to-your-profile)”。{% endif %}
-- 你已加星标{% ifversion fpt or ghec %} 并组织到列表中的存储库。{% endif %} 有关详细信息，请参阅“[保存有星标的存储库](/articles/saving-repositories-with-stars/)”。
+- 已加星标{% ifversion fpt or ghec %}和已整理到列表中{% endif %}的存储库。 有关详细信息，请参阅“[使用星标保存存储库](/articles/saving-repositories-with-stars/)”。
 - 您在经常参与的组织、仓库和团队中的活动概述。 有关详细信息，请参阅“[在个人资料中显示活动概述](/articles/showing-an-overview-of-your-activity-on-your-profile)”。{% ifversion fpt or ghec %}
 - 徽章或成就，它们突出显示了你的活动，或者显示你是否使用 {% data variables.product.prodname_pro %} 或参与计划，例如 {% data variables.product.prodname_arctic_vault %}、{% data variables.product.prodname_sponsors %} 或 {% data variables.product.company_short %} 开发人员计划。 有关详细信息，请参阅“[个性化个人资料](/github/setting-up-and-managing-your-github-profile/personalizing-your-profile#displaying-badges-on-your-profile)”。{% endif %}
 

translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/why-are-my-contributions-not-showing-up-on-my-profile.md

@@ -26,7 +26,7 @@ If you are part of an organization that uses SAML single sign-on (SSO), you won
 
 ### Issues, pull requests and discussions
 
-Issues, pull requests and discussions will appear on your contribution graph if they were opened in a standalone repository, not a fork.
+Issues, pull requests, and discussions will appear on your contribution graph if they were opened in a standalone repository, not a fork.
 
 ### Commits
 Commits will appear on your contributions graph if they meet **all** of the following conditions:

translations/zh-CN/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/permission-levels-for-a-personal-account-repository.md

@@ -1,6 +1,6 @@
 ---
-title: Permission levels for a personal account repository
-intro: 'A repository owned by a personal account has two permission levels: the repository owner and collaborators.'
+title: 个人帐户存储库的权限级别
+intro: 个人帐户拥有的存储库有两种权限级别：存储库所有者和协作者 。
 redirect_from:
   - /articles/permission-levels-for-a-user-account-repository
   - /github/setting-up-and-managing-your-github-user-account/permission-levels-for-a-user-account-repository
@@ -14,79 +14,85 @@ versions:
 topics:
   - Accounts
 shortTitle: Repository permissions
+ms.openlocfilehash: dd2124c23054fa7bd44bb6501dae4363e59bab75
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113871'
 ---
-## About permissions levels for a personal account repository
+## 关于个人帐户存储库的权限级别
 
-Repositories owned by personal accounts have one owner. Ownership permissions can't be shared with another personal account.
+个人帐户拥有的存储库有一个所有者。 所有权权限无法与其他个人帐户共享。
 
-You can also {% ifversion fpt or ghec %}invite{% else %}add{% endif %} users on {% data variables.product.product_name %} to your repository as collaborators. For more information, see "[Inviting collaborators to a personal repository](/github/setting-up-and-managing-your-github-user-account/inviting-collaborators-to-a-personal-repository)."
+还可以{% ifversion fpt or ghec %}邀请{% else %}添加{% endif %} {% data variables.product.product_name %} 上的用户成为存储库的协作者。 有关详细信息，请参阅“[邀请协作者访问个人存储库](/github/setting-up-and-managing-your-github-user-account/inviting-collaborators-to-a-personal-repository)”。
 
 {% tip %}
 
-**Tip:** If you require more granular access to a repository owned by your personal account, consider transferring the repository to an organization. For more information, see "[Transferring a repository](/github/administering-a-repository/transferring-a-repository#transferring-a-repository-owned-by-your-personal-account)."
+提示：如果需要对个人帐户拥有的存储库实施更精细的访问控制，请考虑将存储库转让给组织。 有关详细信息，请参阅“[转让存储库](/github/administering-a-repository/transferring-a-repository#transferring-a-repository-owned-by-your-personal-account)”。
 
 {% endtip %}
 
-## Owner access for a repository owned by a personal account
+## 所有者对个人帐户拥有的存储库的权限
 
-The repository owner has full control of the repository. In addition to the actions that any collaborator can perform, the repository owner can perform the following actions.
+仓库所有者对仓库具有完全控制权。 除了任何协作者可以执行的操作外，仓库所有者还可以执行以下操作。
 
-| Action | More information |
+| 操作 | 详细信息 |
 | :- | :- |
-| {% ifversion fpt or ghec %}Invite collaborators{% else %}Add collaborators{% endif %} | "[Inviting collaborators to a personal repository](/github/setting-up-and-managing-your-github-user-account/inviting-collaborators-to-a-personal-repository)" |
-| Change the visibility of the repository | "[Setting repository visibility](/github/administering-a-repository/setting-repository-visibility)" |{% ifversion fpt or ghec %}
-| Limit interactions with the repository | "[Limiting interactions in your repository](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository)" |{% endif %}
-| Rename a branch, including the default branch | "[Renaming a branch](/github/administering-a-repository/renaming-a-branch)" |
-| Merge a pull request on a protected branch, even if there are no approving reviews | "[About protected branches](/github/administering-a-repository/about-protected-branches)" |
-| Delete the repository | "[Deleting a repository](/repositories/creating-and-managing-repositories/deleting-a-repository)" |
-| Manage the repository's topics | "[Classifying your repository with topics](/github/administering-a-repository/classifying-your-repository-with-topics)" |{% ifversion fpt or ghec %}
-| Manage security and analysis settings for the repository | "[Managing security and analysis settings for your repository](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository)" |{% endif %}{% ifversion fpt or ghec %}
-| Enable the dependency graph for a private repository | "[Exploring the dependencies of a repository](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository)" |{% endif %}
-| Delete and restore packages | "[Deleting and restoring a package](/packages/learn-github-packages/deleting-and-restoring-a-package)" |
-| Customize the repository's social media preview | "[Customizing your repository's social media preview](/github/administering-a-repository/customizing-your-repositorys-social-media-preview)" |
-| Create a template from the repository | "[Creating a template repository](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository)" |
-| Control access to {% data variables.product.prodname_dependabot_alerts %}| "[Managing security and analysis settings for your repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts)" |{% ifversion fpt or ghec %}
-| Dismiss {% data variables.product.prodname_dependabot_alerts %} in the repository | "[Viewing and updating {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts)" |
-| Manage data use for a private repository | "[Managing data use settings for your private repository](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)"|{% endif %}
-| Define code owners for the repository | "[About code owners](/github/creating-cloning-and-archiving-repositories/about-code-owners)" |
-| Archive the repository | "[Archiving repositories](/repositories/archiving-a-github-repository/archiving-repositories)" |{% ifversion fpt or ghec %}
-| Create security advisories | "[About repository security advisories](/github/managing-security-vulnerabilities/about-github-security-advisories)" |
-| Display a sponsor button | "[Displaying a sponsor button in your repository](/github/administering-a-repository/displaying-a-sponsor-button-in-your-repository)" |{% endif %}
-| Allow or disallow auto-merge for pull requests | "[Managing auto-merge for pull requests in your repository](/github/administering-a-repository/managing-auto-merge-for-pull-requests-in-your-repository)" | 
-| Manage webhooks and deploy keys	| "[Managing deploy keys](/developers/overview/managing-deploy-keys#deploy-keys)" |
+| {% ifversion fpt or ghec %}邀请协作者{% else %}添加协作者{% endif %} | [邀请协作者加入个人存储库](/github/setting-up-and-managing-your-github-user-account/inviting-collaborators-to-a-personal-repository) |
+| 更改仓库的可见性 | [设置存储库可见性](/github/administering-a-repository/setting-repository-visibility) |{% ifversion fpt or ghec %}
+| 限制与仓库的交互 | [限制存储库中的交互](/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository) |{% endif %}
+| 重命名分支，包括默认分支 | [重命名分支](/github/administering-a-repository/renaming-a-branch) |
+| 合并受保护分支上的拉取请求（即使没有批准审查） | [关于受保护分支](/github/administering-a-repository/about-protected-branches) |
+| 删除仓库 | [删除存储库](/repositories/creating-and-managing-repositories/deleting-a-repository) |
+| 管理仓库的主题 | [使用主题对存储库分类](/github/administering-a-repository/classifying-your-repository-with-topics) |{% ifversion fpt or ghec %}
+| 管理仓库的安全性和分析设置 | [管理存储库的安全和分析设置](/github/administering-a-repository/managing-security-and-analysis-settings-for-your-repository) |{% endif %}{% ifversion fpt or ghec %}
+| 为私有仓库启用依赖项图 | [探索存储库的依赖项](/github/visualizing-repository-data-with-graphs/exploring-the-dependencies-of-a-repository#enabling-and-disabling-the-dependency-graph-for-a-private-repository) |{% endif %}
+| 删除和恢复包 | [删除和恢复包](/packages/learn-github-packages/deleting-and-restoring-a-package) |
+| 自定义仓库的社交媒体预览 | [自定义存储库的社交媒体预览](/github/administering-a-repository/customizing-your-repositorys-social-media-preview) |
+| 从仓库创建模板 | [创建模板存储库](/github/creating-cloning-and-archiving-repositories/creating-a-template-repository) |
+| {% data variables.product.prodname_dependabot_alerts %} 的控制访问| [管理存储库的安全性和分析设置](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts) |{% ifversion fpt or ghec %}
+| 忽略仓库中的 {% data variables.product.prodname_dependabot_alerts %} | [查看和更新 {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts) |
+| 管理私有仓库的数据使用 | [管理专用存储库的数据使用设置](/get-started/privacy-on-github/managing-data-use-settings-for-your-private-repository)|{% endif %}
+| 定义仓库的代码所有者 | “[关于代码所有者](/github/creating-cloning-and-archiving-repositories/about-code-owners)” |
+| 存档仓库 | [存档存储库](/repositories/archiving-a-github-repository/archiving-repositories) |{% ifversion fpt or ghec %}
+| 创建安全通告 | “[关于存储库安全公告](/github/managing-security-vulnerabilities/about-github-security-advisories)” |
+| 显示赞助按钮 | [在存储库中显示赞助者按钮](/github/administering-a-repository/displaying-a-sponsor-button-in-your-repository) |{% endif %}
+| 允许或禁止自动合并拉取请求 | [管理存储库中拉取请求的自动合并](/github/administering-a-repository/managing-auto-merge-for-pull-requests-in-your-repository) | 
+| 管理 web 挂钩和部署密钥   | “[管理部署密钥](/developers/overview/managing-deploy-keys#deploy-keys)” |
 
-## Collaborator access for a repository owned by a personal account
+## 协作者对个人帐户拥有的存储库的权限
 
-Collaborators on a personal repository can pull (read) the contents of the repository and push (write) changes to the repository.
+个人仓库的协作者可以拉取（读取）仓库的内容并向仓库推送（写入）更改。
 
 {% note %}
 
-**Note:** In a private repository, repository owners can only grant write access to collaborators. Collaborators can't have read-only access to repositories owned by a personal account.
+注意：在专用存储库中，存储库所有者只能为协作者授予写入权限。 协作者不能对个人帐户拥有的存储库具有只读权限。
 
 {% endnote %}
 
-Collaborators can also perform the following actions.
+协作者还可以执行以下操作。
 
-| Action | More information |
+| 操作 | 详细信息 |
 | :- | :- |
-| Fork the repository | "[About forks](/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks)" |
-| Rename a branch other than the default branch | "[Renaming a branch](/github/administering-a-repository/renaming-a-branch)" |
-| Create, edit, and delete comments on commits, pull requests, and issues in the repository | <ul><li>"[About issues](/github/managing-your-work-on-github/about-issues)"</li><li>"[Commenting on a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/commenting-on-a-pull-request)"</li><li>"[Managing disruptive comments](/communities/moderating-comments-and-conversations/managing-disruptive-comments)"</li></ul> |
-| Create, assign, close, and re-open issues in the repository | "[Managing your work with issues](/github/managing-your-work-on-github/managing-your-work-with-issues)" |
-| Manage labels for issues and pull requests in the repository | "[Labeling issues and pull requests](/github/managing-your-work-on-github/labeling-issues-and-pull-requests)" |
-| Manage milestones for issues and pull requests in the repository | "[Creating and editing milestones for issues and pull requests](/github/managing-your-work-on-github/creating-and-editing-milestones-for-issues-and-pull-requests)" |
-| Mark an issue or pull request in the repository as a duplicate | "[About duplicate issues and pull requests](/github/managing-your-work-on-github/about-duplicate-issues-and-pull-requests)" |
-| Create, merge, and close pull requests in the repository | "[Proposing changes to your work with pull requests](/github/collaborating-with-issues-and-pull-requests/proposing-changes-to-your-work-with-pull-requests)" |
-| Enable and disable auto-merge for a pull request | "[Automatically merging a pull request](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)"
-| Apply suggested changes to pull requests in the repository |"[Incorporating feedback in your pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/incorporating-feedback-in-your-pull-request)" |
-| Create a pull request from a fork of the repository | "[Creating a pull request from a fork](/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork)" |
-| Submit a review on a pull request that affects the mergeability of the pull request | "[Reviewing proposed changes in a pull request](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request)" |
-| Create and edit a wiki for the repository | "[About wikis](/communities/documenting-your-project-with-wikis/about-wikis)" |
-| Create and edit releases for the repository | "[Managing releases in a repository](/github/administering-a-repository/managing-releases-in-a-repository)" |
-| Act as a code owner for the repository | "[About code owners](/articles/about-code-owners)" |{% ifversion fpt or ghae or ghec %}
-| Publish, view, or install packages | "[Publishing and managing packages](/github/managing-packages-with-github-packages/publishing-and-managing-packages)" |{% endif %}
-| Remove themselves as collaborators on the repository | "[Removing yourself from a collaborator's repository](/github/setting-up-and-managing-your-github-user-account/removing-yourself-from-a-collaborators-repository)" |
+| 为存储库创建分支 | [关于分支](/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks) |
+| 重命名除默认分支以外的分支 | [重命名分支](/github/administering-a-repository/renaming-a-branch) |
+| 在仓库中创建、编辑和删除关于提交、拉取请求和议题的评论 | <ul><li>[关于问题](/github/managing-your-work-on-github/about-issues)</li><li>[评论拉取请求](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/commenting-on-a-pull-request)</li><li>[管理中断性注释](/communities/moderating-comments-and-conversations/managing-disruptive-comments)</li></ul> |
+| 在仓库中创建、分配、关闭和重新打开议题 | [使用问题管理工作](/github/managing-your-work-on-github/managing-your-work-with-issues) |
+| 在仓库中管理议题和拉取请求的标签 | [标记问题和拉取请求](/github/managing-your-work-on-github/labeling-issues-and-pull-requests) |
+| 在仓库中管理议题和拉取请求的里程碑 | “[创建和编辑议题及拉取请求的里程碑](/github/managing-your-work-on-github/creating-and-editing-milestones-for-issues-and-pull-requests)” |
+| 将仓库中的议题或拉取请求标记为重复项 | [关于重复的问题和拉取请求](/github/managing-your-work-on-github/about-duplicate-issues-and-pull-requests) |
+| 在仓库中创建、合并和关闭拉取请求 | [通过拉取请求提议工作更改](/github/collaborating-with-issues-and-pull-requests/proposing-changes-to-your-work-with-pull-requests) |
+| 启用或禁用自动合并拉取请求 | [自动合并拉取请求](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request)
+| 将建议的更改应用于仓库中的拉取请求 |[在拉取请求中加入反馈](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/incorporating-feedback-in-your-pull-request) |
+| 从仓库的复刻创建拉取请求 | “[从复刻创建拉取请求](/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork)” |
+| 提交影响拉取请求可合并性的拉取请求审查 | [查看拉取请求中的建议更改](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request) |
+| 为仓库创建和编辑 wiki | [关于 Wiki](/communities/documenting-your-project-with-wikis/about-wikis) |
+| 为仓库创建和编辑发行版 | [管理存储库中的发行版](/github/administering-a-repository/managing-releases-in-a-repository) |
+| 作为仓库的代码所有者 | “[关于代码所有者](/articles/about-code-owners)” |{% ifversion fpt or ghae or ghec %}
+| 发布、查看或安装包 | [发布和管理包](/github/managing-packages-with-github-packages/publishing-and-managing-packages) |{% endif %}
+| 作为仓库协作者删除自己 | [从协作者的存储库中删除你自己](/github/setting-up-and-managing-your-github-user-account/removing-yourself-from-a-collaborators-repository) |
 
-## Further reading
+## 延伸阅读
 
-- "[Repository roles for an organization](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)"
+- [组织的存储库角色](/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization)

translations/zh-CN/content/actions/creating-actions/setting-exit-codes-for-actions.md

@@ -1,6 +1,6 @@
 ---
 title: 设置操作的退出代码
-shortTitle: Setting exit codes
+shortTitle: Set exit codes
 intro: '您可以使用退出代码来设置操作的状态。 {% data variables.product.prodname_dotcom %} 显示状态以指示操作通过还是失败。'
 redirect_from:
   - /actions/building-actions/setting-exit-codes-for-actions
@@ -10,12 +10,12 @@ versions:
   ghae: '*'
   ghec: '*'
 type: how_to
-ms.openlocfilehash: 28aecc646814736beb8c814dfe4b8385a6605cd2
-ms.sourcegitcommit: 76b840f45ba85fb79a7f0c1eb43bc663b3eadf2b
+ms.openlocfilehash: 394b17dc03c4998797df222fe7c81c3269003ec9
+ms.sourcegitcommit: d3929a033c42c99b153910685256d079d7d87467
 ms.translationtype: HT
 ms.contentlocale: zh-CN
-ms.lasthandoff: 09/12/2022
-ms.locfileid: '145084703'
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148114275'
 ---
 {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %}
 
@@ -25,7 +25,7 @@ ms.locfileid: '145084703'
 
 退出状态 | 检查运行状态 | 说明
 ------------|------------------|------------
-`0` | `success` | 操作已成功完成，依赖它的其他操作可以开始。
+`0` | `success` | 操作已成功完成，依赖它的其他操作可以开始了。
 非零值（0 除外的任何整数）| `failure` | 任何其他退出代码都表示操作失败。 当操作失败时，所有同时进行的操作都会取消，且跳过未来的操作。 检查运行和检查套件都将收到 `failure` 状态。
 
 ## 在 JavaScript 操作中设置失败退出代码

translations/zh-CN/content/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups.md

@@ -4,6 +4,7 @@ shortTitle: Manage access with runner groups
 intro: You can use policies to limit access to self-hosted runners that have been added to an organization or enterprise.
 redirect_from:
   - /actions/hosting-your-own-runners/managing-access-to-self-hosted-runners
+miniTocMaxHeadingLevel: 3
 versions:
   fpt: '*'
   ghes: '*'
@@ -15,6 +16,10 @@ type: tutorial
 {% data reusables.actions.enterprise-beta %}
 {% data reusables.actions.enterprise-github-hosted-runners %}
 
+{% ifversion target-runner-groups %}
+For information on how to route jobs to runners in a specific group, see "[Choosing runners in a group](/actions/using-jobs/choosing-the-runner-for-a-job#choosing-runners-in-a-group)."
+{% endif %}
+
 ## About runner groups
 
 {% data reusables.actions.about-runner-groups %} {% ifversion fpt %}For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups).{% endif %}
@@ -71,3 +76,5 @@ type: tutorial
 {% data reusables.actions.removing-a-runner-group %}
 
 {% endif %}
+
+{% data reusables.actions.section-using-unique-names-for-runner-groups %}

translations/zh-CN/content/actions/hosting-your-own-runners/using-labels-with-self-hosted-runners.md

@@ -13,7 +13,7 @@ shortTitle: Label runners
 {% data reusables.actions.enterprise-beta %}
 {% data reusables.actions.enterprise-github-hosted-runners %}
 
-For information on how to use labels to route jobs to specific types of self-hosted runners, see "[Using self-hosted runners in a workflow](/actions/hosting-your-own-runners/using-self-hosted-runners-in-a-workflow)."
+For information on how to use labels to route jobs to specific types of self-hosted runners, see "[Using self-hosted runners in a workflow](/actions/hosting-your-own-runners/using-self-hosted-runners-in-a-workflow)." {% ifversion target-runner-groups %}You can also route jobs to runners in a specific group. For more information, see "[Targeting runners in a group](/actions/using-jobs/choosing-the-runner-for-a-job#targeting-runners-in-a-group)."{% endif %}
 
 {% data reusables.actions.self-hosted-runner-management-permissions-required %}
 

translations/zh-CN/content/actions/using-github-hosted-runners/controlling-access-to-larger-runners.md

@@ -3,6 +3,7 @@ title: Controlling access to larger runners
 shortTitle: 'Control access to {% data variables.actions.hosted_runner %}s'
 intro: 'You can use policies to limit access to {% data variables.actions.hosted_runner %}s that have been added to an organization or enterprise.'
 product: '{% data reusables.gated-features.hosted-runners %}'
+miniTocMaxHeadingLevel: 3
 versions:
   feature: actions-hosted-runners
 type: tutorial
@@ -29,6 +30,8 @@ type: tutorial
 
 {% endif %}
 
+{% data reusables.actions.section-using-unique-names-for-runner-groups %}
+
 ## Changing the access policy of a runner group
 
 {% data reusables.actions.hosted-runner-security-admonition %}

translations/zh-CN/content/actions/using-github-hosted-runners/using-larger-runners.md

@@ -28,13 +28,13 @@ When you add a {% data variables.actions.hosted_runner %} to an organization, yo
 
 ## Architectural overview of {% data variables.actions.hosted_runner %}s
 
-The {% data variables.actions.hosted_runner %}s are managed at the organization level, where they are arranged into groups that can contain multiple instances of the runner. They can also be created at the enterprise level and shared with organizations in the hierarchy. Once you've created a group, you can then add a runner to the group and update your workflows to target the label assigned to the {% data variables.actions.hosted_runner %}. You can also control which repositories are permitted to send jobs to the group for processing. For more information about groups, see "[Controlling access to {% data variables.actions.hosted_runner %}s](/actions/using-github-hosted-runners/controlling-access-to-larger-runners)."
+The {% data variables.actions.hosted_runner %}s are managed at the organization level, where they are arranged into groups that can contain multiple instances of the runner. They can also be created at the enterprise level and shared with organizations in the hierarchy. Once you've created a group, you can then add a runner to the group and update your workflows to target either the group name or the label assigned to the {% data variables.actions.hosted_runner %}. You can also control which repositories are permitted to send jobs to the group for processing. For more information about groups, see "[Controlling access to {% data variables.actions.hosted_runner %}s](/actions/using-github-hosted-runners/controlling-access-to-larger-runners)."
 
 In the following diagram, a class of hosted runner named `ubuntu-20.04-16core` has been defined with customized hardware and operating system configuration.
 
 ![Diagram explaining {% data variables.actions.hosted_runner %}](/assets/images/hosted-runner.png)
 
-1. Instances of this runner are automatically created and added to a group called `ubuntu-20.04-16core`. 
+1. Instances of this runner are automatically created and added to a group called `grp-ubuntu-20.04-16core`. 
 2. The runners have been assigned the label `ubuntu-20.04-16core`. 
 3. Workflow jobs use the `ubuntu-20.04-16core` label in their `runs-on` key to indicate the type of runner they need to execute the job.
 4. {% data variables.product.prodname_actions %} checks the runner group to see if your repository is authorized to send jobs to the runner.
@@ -99,14 +99,25 @@ You can add a {% data variables.actions.hosted_runner %} to an organization, whe
 
 ## Running jobs on your runner
 
-Once your runner type has been defined, you can update your workflow YAML files to send jobs to your newly created runner instances for processing. In this example, a runner group is populated with Ubuntu 16-core runners, which have been assigned the label `ubuntu-20.04-16core`. If you have a runner matching this label, the `check-bats-version` job then uses the `runs-on` key to target that runner whenever the job is run:
+Once your runner type has been defined, you can update your workflow YAML files to send jobs to your newly created runner instances for processing. You can use runner groups or labels to define where your jobs run. 
+
+Only owner or administrator accounts can see the runner settings. Non-administrative users can contact the organization administrator to find out which runners are enabled. Your organization administrator can create new runners and runner groups, as well as configure permissions to specify which repositories can access a runner group.
+
+### Using groups to control where jobs are run
+
+{% data reusables.actions.jobs.example-runs-on-groups %}
+
+### Using labels to control where jobs are run
+
+In this example, a runner group is populated with Ubuntu 16-core runners, which have also been assigned the label `ubuntu-20.04-16core`. The `runs-on` key sends the job to any available runner with a matching label:
 
 ```yaml
 name: learn-github-actions
 on: [push]
 jobs:
   check-bats-version:
-    runs-on: ubuntu-20.04-16core
+    runs-on:
+      labels: ubuntu-20.04-16core
     steps:
       - uses: {% data reusables.actions.action-checkout %}
       - uses: {% data reusables.actions.action-setup-node %}
@@ -116,7 +127,33 @@ jobs:
       - run: bats -v
 ```
 
-To find out which runners are enabled for your repository and organization, you must contact your organization admin. Your organization admin can create new runners and runner groups, as well as configure permissions to specify which repositories can access a runner group.
+### Using labels and groups to control where jobs are run
+
+{% data reusables.actions.jobs.example-runs-on-labels-and-groups %}
+
+### Using multiple labels
+
+You can specify multiple labels that need to be matched for a job to run on a runner. A runner will need to match all labels to be eligible to run the job.
+
+In this example, a runner will need to match all three of the labels to run the job:
+
+```yaml
+name: learn-github-actions
+on: [push]
+jobs:
+  check-bats-version:
+    runs-on:
+      labels: [ ubuntu-20.04-16core, gpu, qa ]
+    steps:
+      - uses: {% data reusables.actions.action-checkout %}
+      - uses: {% data reusables.actions.action-setup-node %}
+        with:
+          node-version: '14'
+      - run: npm install -g bats
+      - run: bats -v
+```
+
+{% data reusables.actions.section-using-unique-names-for-runner-groups %}
 
 ## Managing access to your runners
 

translations/zh-CN/content/actions/using-jobs/choosing-the-runner-for-a-job.md

@@ -1,19 +1,19 @@
 ---
 title: 选择作业的运行器
-shortTitle: Choosing the runner for a job
+shortTitle: Choose the runner for a job
 intro: 定义将在工作流程中处理作业的计算机类型。
+miniTocMaxHeadingLevel: 3
 versions:
   fpt: '*'
   ghes: '*'
   ghae: '*'
   ghec: '*'
-miniTocMaxHeadingLevel: 4
-ms.openlocfilehash: b3deaec1dfc4770f2dfc6d3b264fa75ce79762ca
-ms.sourcegitcommit: fb047f9450b41b24afc43d9512a5db2a2b750a2a
+ms.openlocfilehash: 18ba9ac5abe0e78d4b3608d5e225a34021ec2a2e
+ms.sourcegitcommit: d0cea547f6a5d991a28c310257cafd616235889f
 ms.translationtype: HT
 ms.contentlocale: zh-CN
-ms.lasthandoff: 09/11/2022
-ms.locfileid: '145100155'
+ms.lasthandoff: 11/01/2022
+ms.locfileid: '148120879'
 ---
 {% data reusables.actions.enterprise-beta %} {% data reusables.actions.enterprise-github-hosted-runners %}
 

translations/zh-CN/content/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server.md

@@ -69,7 +69,7 @@ There are two types of snapshots:
 | Azure | VM | <https://docs.microsoft.com/azure/backup/backup-azure-vms-first-look-arm>
 | Hyper-V | VM | <https://docs.microsoft.com/windows-server/virtualization/hyper-v/manage/enable-or-disable-checkpoints-in-hyper-v>
 | Google Compute Engine | Disk | <https://cloud.google.com/compute/docs/disks/create-snapshots>
-| VMware | VM | <https://pubs.vmware.com/vsphere-50/topic/com.vmware.wssdk.pg.doc_50/PG_Ch11_VM_Manage.13.3.html>
+| VMware | VM | <https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.hostclient.doc/GUID-64B866EF-7636-401C-A8FF-2B4584D9CA72.html>
 
 ## Upgrading with a hotpatch
 

translations/zh-CN/content/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication.md

@@ -85,6 +85,8 @@ When you configure SAML authentication, {% data variables.product.product_name %
 
 1. Usernames created from email addresses are created from the normalized characters that precede the `@` character.
 
+1. Usernames created from domain accounts are created from the normalized characters after the `\\` separator. 
+
 1. If multiple accounts are normalized into the same {% data variables.product.product_name %} username, only the first user account is created. Subsequent users with the same username won't be able to sign in. {% ifversion ghec %}For more information, see "[Resolving username problems](#resolving-username-problems)."{% endif %}
 
 ### Examples of username normalization
@@ -97,6 +99,7 @@ When you configure SAML authentication, {% data variables.product.product_name %
 | The!!Octocat | `the--octocat{% ifversion ghec %}_SHORT-CODE{% endif %}` | This username is not created, because it contains two consecutive dashes. |
 | The!Octocat | `the-octocat{% ifversion ghec %}_SHORT-CODE{% endif %}` | This username is not created. Although the normalized username is valid, it already exists. |
 | `The.Octocat@example.com` | `the-octocat{% ifversion ghec %}_SHORT-CODE{% endif %}` | This username is not created. Although the normalized username is valid, it already exists. |
+| `internal\\The.Octocat` | `the-octocat{% ifversion ghec %}_SHORT-CODE{% endif %}` | This username is not created. Although the normalized username is valid, it already exists. |
 | `mona.lisa.the.octocat.from.github.united.states@example.com` | `mona-lisa-the-octocat-from-github-united-states{% ifversion ghec %}_SHORT-CODE{% endif %}` | This username is not created, because it exceeds the 39-character limit. |
 
 {% ifversion not ghec %}

translations/zh-CN/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md

@@ -790,6 +790,9 @@ Before you'll see `git` category actions, you must enable Git events in the audi
 {%- ifversion ghes or audit-log-sso-response-events %}
 | `org.sso_response` | A SAML single sign-on (SSO) response was generated when a member attempted to authenticate with your organization. This event is only available via audit log streaming and the REST API.
 {%- endif %}
+{%- ifversion ghec %}
+| `org.transfer` | An organization was transferred between enterprise accounts. For more information, see "[Adding organizations to your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#transferring-an-organization-between-enterprise-accounts)."
+{%- endif %}
 {%- ifversion not ghae %}
 | `org.transform`    | A user account was converted into an organization. For more information, see "[Converting a user into an organization](/github/setting-up-and-managing-your-github-user-account/converting-a-user-into-an-organization)."
 {%- endif %}

translations/zh-CN/content/admin/overview/about-enterprise-accounts.md

@@ -35,7 +35,7 @@ The enterprise account on {% ifversion ghes %}{% data variables.location.product
 Organizations are shared accounts where enterprise members can collaborate across many projects at once. Organization owners can manage access to the organization's data and projects with sophisticated security and administrative features. For more information, see "[About organizations](/organizations/collaborating-with-groups-in-organizations/about-organizations)."
 
 {% ifversion ghec %} 
-Enterprise owners can invite existing organizations to join your enterprise account, or create new organizations in the enterprise settings. For more information, see "[Adding organizations to your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise)."
+In the enterprise settings, enterprise owners can invite existing organizations to join your enterprise account, transfer organizations between enterprise accounts, or create new organizations. For more information, see "[Adding organizations to your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise)."
 {% endif %}
 
 Your enterprise account allows you to manage and enforce policies for all the organizations owned by the enterprise. {% data reusables.enterprise.about-policies %} For more information, see "[About enterprise policies](/admin/policies/enforcing-policies-for-your-enterprise/about-enterprise-policies)."

translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise.md

@@ -1,6 +1,6 @@
 ---
 title: Adding organizations to your enterprise
-intro: You can create new organizations or invite existing organizations to manage within your enterprise.
+intro: You can add organizations to manage within your enterprise by creating a new organization, inviting an existing organization, or transferring an organization from a different enterprise account.
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/adding-organizations-to-your-enterprise-account
   - /articles/adding-organizations-to-your-enterprise-account
@@ -57,17 +57,36 @@ Enterprise owners who create an organization owned by the enterprise account aut
 
 ## Inviting an organization to join your enterprise account
 
-Enterprise owners can invite existing organizations to join their enterprise account. If the organization you want to invite is already owned by another enterprise, you will not be able to issue an invitation until the previous enterprise gives up ownership of the organization. For more information, see "[Removing an organization from your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/removing-organizations-from-your-enterprise)."
+Enterprise owners can invite existing organizations to join their enterprise account. If the organization you want to invite is already owned by another enterprise account, you must be an owner of both enterprise accounts, or the previous enterprise must give up ownership of the organization first. For more information, see "[Removing an organization from your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/removing-organizations-from-your-enterprise)." 
 
 {% data reusables.enterprise-accounts.access-enterprise %}
-2. On the **Organizations** tab, above the list of organizations, click **Invite organization**.
+1. On the **Organizations** tab, above the list of organizations, click **Invite organization**.
 ![Invite organization](/assets/images/help/business-accounts/enterprise-account-invite-organization.png)
-3. Under "Organization name", start typing the name of the organization you want to invite and select it when it appears in the drop-down list.
+3. Under "Organization name", start typing the name of the organization you want to invite and select it when it appears in the dropdown list.
 ![Search for organization](/assets/images/help/business-accounts/enterprise-account-search-for-organization.png)
 4. Click **Invite organization**.
 5. The organization owners will receive an email inviting them to join the enterprise. At least one owner needs to accept the invitation before the process can continue. You can cancel or resend the invitation at any time before an owner approves it.
 ![Cancel or resend](/assets/images/help/business-accounts/enterprise-account-invitation-sent.png)
 6. Once an organization owner has approved the invitation, you can view its status in the list of pending invitations.
 ![Pending invitation](/assets/images/help/business-accounts/enterprise-account-pending.png)
-7. Click **Approve** to complete the transfer, or **Cancel** to cancel it.
+7. To complete the transfer, click **Approve**.
 ![Approve invitation](/assets/images/help/business-accounts/enterprise-account-transfer-approve.png)
+
+## Transferring an organization between enterprise accounts
+
+Enterprise owners can transfer existing organizations between enterprise accounts. You must be an enterprise owner of both enterprise accounts. 
+
+{% note %}
+
+**Note:** You cannot transfer an existing organization to or from an {% data variables.enterprise.prodname_emu_enterprise %}.  
+
+{% endnote %}
+
+{% data reusables.enterprise-accounts.access-enterprise %}
+1. Next to the organization you want to transfer, select the {% octicon "gear" width="16" aria-label="Gear" %} dropdown, and then click **Transfer organization**. 
+![Screenshot of the transfer button](/assets/images/help/business-accounts/org-transfer-button.png)
+1. Select the **Select enterprise** dropdown menu, start typing the name of the destination enterprise, and select the enterprise when it appears in the dropdown list.
+![Screenshot of the enterprise dropdown](/assets/images/help/business-accounts/org-transfer-select-enterprise.png)
+2. Click **Review transfer**.
+3. To confirm the transfer, click **Transfer organization**.
+![Screenshot of the transfer organization button](/assets/images/help/business-accounts/org-transfer-confirm-button.png)

translations/zh-CN/content/admin/user-management/managing-organizations-in-your-enterprise/index.md

@@ -1,5 +1,5 @@
 ---
-title: 管理企业中的组织
+title: Managing organizations in your enterprise
 redirect_from:
   - /enterprise/admin/articles/adding-users-and-teams
   - /enterprise/admin/categories/admin-bootcamp
@@ -12,7 +12,7 @@ redirect_from:
   - /github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/managing-unowned-organizations-in-your-enterprise-account
   - /github/setting-up-and-managing-your-enterprise-account/managing-unowned-organizations-in-your-enterprise-account
   - /github/setting-up-and-managing-your-enterprise/managing-unowned-organizations-in-your-enterprise-account
-intro: '组织适合在您的公司内创建不同的用户组，例如部门或参与相似项目的组。 属于组织的{% ifversion ghae %}内部{% else %}公共和内部{% endif %}仓库可供企业中其他组织中的成员访问，而私有仓库只能供被授予访问权限的组织成员访问。'
+intro: 'You can use organizations to group users within your company, such as divisions or groups working on similar projects, and manage access to repositories.'
 versions:
   ghec: '*'
   ghes: '*'
@@ -33,11 +33,5 @@ children:
   - /managing-projects-using-jira
   - /continuous-integration-using-jenkins
 shortTitle: Manage organizations
-ms.openlocfilehash: 333d9b8d50bcdb86f709a447fee5a4078353dfe2
-ms.sourcegitcommit: f638d569cd4f0dd6d0fb967818267992c0499110
-ms.translationtype: HT
-ms.contentlocale: zh-CN
-ms.lasthandoff: 10/25/2022
-ms.locfileid: '148108126'
 ---
 

translations/zh-CN/content/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise.md

@@ -100,7 +100,7 @@ In the list of pending members, for any individual account, you can cancel all i
 
 {% endnote %}
 
-If you use {% data variables.product.prodname_vss_ghe %}, the list of pending invitations includes all {% data variables.product.prodname_vs %} subscribers that haven't joined any of your organizations on {% data variables.product.prodname_dotcom %}, even if the subscriber does not have a pending invitation to join an organization. For more information about how to get {% data variables.product.prodname_vs %} subscribers access to {% data variables.product.prodname_enterprise %}, see "[Setting up {% data variables.product.prodname_vss_ghe %}](/billing/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/setting-up-visual-studio-subscriptions-with-github-enterprise)."
+If you use {% data variables.visual_studio.prodname_vss_ghe %}, the list of pending invitations includes all {% data variables.product.prodname_vs %} subscribers that haven't joined any of your organizations on {% data variables.product.prodname_dotcom %}, even if the subscriber does not have a pending invitation to join an organization. For more information about how to get {% data variables.product.prodname_vs %} subscribers access to {% data variables.product.prodname_enterprise %}, see "[Setting up {% data variables.visual_studio.prodname_vss_ghe %}](/billing/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/setting-up-visual-studio-subscriptions-with-github-enterprise)."
 
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.people-tab %}

translations/zh-CN/content/authentication/authenticating-with-saml-single-sign-on/about-authentication-with-saml-single-sign-on.md

@@ -1,6 +1,6 @@
 ---
-title: About authentication with SAML single sign-on
-intro: 'You can access {% ifversion ghae %}{% data variables.location.product_location %}{% elsif ghec %}an organization that uses SAML single sign-on (SSO){% endif %} by authenticating {% ifversion ghae %}with SAML single sign-on (SSO) {% endif %}through an identity provider (IdP).'
+title: 关于使用 SAML 单点登录进行身份验证
+intro: '可以通过身份提供商 (IdP) {% ifversion ghae %}以 SAML 单一登录 (SSO) {% endif %}验证来访问{% ifversion ghae %}{% data variables.location.product_location %}{% elsif ghec %}使用 SAML 单一登录 (SSO) 的组织{% endif %}。'
 redirect_from:
   - /articles/about-authentication-with-saml-single-sign-on
   - /github/authenticating-to-github/about-authentication-with-saml-single-sign-on
@@ -11,62 +11,67 @@ versions:
 topics:
   - SSO
 shortTitle: SAML single sign-on
+ms.openlocfilehash: 827db3181f742916ba4fdeefd92f25c196c28188
+ms.sourcegitcommit: bf11c3e08cbb5eab6320e0de35b32ade6d863c03
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148111511'
 ---
-## About authentication with SAML SSO
+## 关于使用 SAML SSO 进行身份验证
 
 {% ifversion ghae %}
 
-SAML SSO allows an enterprise owner to centrally control and secure access to {% data variables.product.product_name %} from a SAML IdP. When you visit {% data variables.location.product_location %} in a browser, {% data variables.product.product_name %} will redirect you to your IdP to authenticate. After you successfully authenticate with an account on the IdP, the IdP redirects you back to {% data variables.location.product_location %}. {% data variables.product.product_name %} validates the response from your IdP, then grants access.
+SAML SSO 允许企业所有者从 SAML IdP 集中控制和安全访问 {% data variables.product.product_name %}。 在浏览器中访问 {% data variables.location.product_location %} 时，{% data variables.product.product_name %} 会将你重定向到你的 IdP 进行身份验证。 在使用 IdP 上的帐户成功进行身份验证后，IdP 会将你重定向回 {% data variables.location.product_location %}。 {% data variables.product.product_name %} 将验证 IdP 的响应，然后授予访问权限。
 
 {% data reusables.saml.you-must-periodically-authenticate %}
 
-If you can't access {% data variables.product.product_name %}, contact your local enterprise owner or administrator for {% data variables.product.product_name %}. You may be able to locate contact information for your enterprise by clicking **Support** at the bottom of any page on {% data variables.product.product_name %}. {% data variables.product.company_short %} and {% data variables.contact.github_support %} do not have access to your IdP, and cannot troubleshoot authentication problems. 
+如果您无法访问 {% data variables.product.product_name %}，请与本地企业所有者或 {% data variables.product.product_name %} 的管理员联系。 你可以在 {% data variables.product.product_name %} 上的任何页面底部单击“支持”找到企业的联系信息。 {% data variables.product.company_short %} 和 {% data variables.contact.github_support %} 无法访问您的 IdP，并且无法解决身份验证问题。 
 
 {% endif %}
 
 {% ifversion ghec %}
 
-{% data reusables.saml.dotcom-saml-explanation %} Organization owners can invite your personal account on {% data variables.product.prodname_dotcom %} to join their organization that uses SAML SSO, which allows you to contribute to the organization and retain your existing identity and contributions on {% data variables.product.prodname_dotcom %}.
+{% data reusables.saml.dotcom-saml-explanation %} 组织所有者可以邀请你在 {% data variables.product.prodname_dotcom %} 上的个人帐户加入其使用 SAML SSO 的组织，这样你可以对该组织做出贡献，并且保留你在 {% data variables.product.prodname_dotcom %} 上的现有身份和贡献。
 
-If you're a member of an {% data variables.enterprise.prodname_emu_enterprise %}, you will instead use a new account that is provisioned for you and controlled by your enterprise. {% data reusables.enterprise-accounts.emu-more-info-account %}
+如果你是 {% data variables.enterprise.prodname_emu_enterprise %} 的成员，则将转而使用为你预配且由你的企业控制的新帐户。 {% data reusables.enterprise-accounts.emu-more-info-account %}
 
-When you attempt to access most resources within an organization that uses SAML SSO, {% data variables.product.prodname_dotcom %} will redirect you to the organization's SAML IdP to authenticate. After you successfully authenticate with your account on the IdP, the IdP redirects you back to {% data variables.product.prodname_dotcom %}, where you can access the organization's resources.
+在试图访问使用 SAML SSO 的组织中的大多数资源时，{% data variables.product.prodname_dotcom %} 会将你重定向到组织的 SAML IdP 进行身份验证。 在 IdP 上成功验证您的帐户后，IdP 会将您重定向回到 {% data variables.product.prodname_dotcom %}，您可以在那里访问组织的资源。
 
 {% data reusables.saml.resources-without-sso %}
 
 {% data reusables.saml.outside-collaborators-exemption %}
 
-If you have recently authenticated with your organization's SAML IdP in your browser, you are automatically authorized when you access a {% data variables.product.prodname_dotcom %} organization that uses SAML SSO. If you haven't recently authenticated with your organization's SAML IdP in your browser, you must authenticate at the SAML IdP before you can access the organization.
+如果您最近在浏览器中使用组织的 SAML IdP 进行过身份验证，则在访问使用 SAML SSO 的 {% data variables.product.prodname_dotcom %} 组织时会自动获得授权。 如果您最近没有在浏览器中使用组织的 SAML IdP 进行身份验证，则必须在 SAML IdP 进行身份验证后才可访问组织。
 
 {% data reusables.saml.you-must-periodically-authenticate %}
 
-## Linked SAML identities
+## 关联的 SAML 标识
 
-When you authenticate with your IdP account and return to {% data variables.product.prodname_dotcom %}, {% data variables.product.prodname_dotcom %} will record a link in the organization or enterprise between your {% data variables.product.prodname_dotcom %} personal account and the SAML identity you signed into.  This linked identity is used to validate your membership in that organization, and depending on your organization or enterprise setup, is also used to determine which organizations and teams you're a member of as well. Each {% data variables.product.prodname_dotcom %} account can be linked to exactly one SAML identity per organization. Likewise, each SAML identity can be linked to exactly one {% data variables.product.prodname_dotcom %} account in an organization. 
+使用 IdP 帐户进行身份验证并返回到 {% data variables.product.prodname_dotcom %} 时，{% data variables.product.prodname_dotcom %} 会在组织或企业中记录你的 {% data variables.product.prodname_dotcom %} 个人帐户与你登录到的 SAML 标识之间的关联。  这个关联的标识用于验证你在该组织中的成员身份，并且根据你的组织或企业设置，还用于确定你所属的具体组织和团队。 每个 {% data variables.product.prodname_dotcom %} 帐户只能关联到每个组织的一个 SAML 标识。 同样地，每个 SAML 标识只能关联到一个组织中的一个 {% data variables.product.prodname_dotcom %} 帐户。 
 
-If you sign in with a SAML identity that is already linked to another {% data variables.product.prodname_dotcom %} account, you will receive an error message indicating that you cannot sign in with that SAML identity. This situation can occur if you are attempting to use a new {% data variables.product.prodname_dotcom %} account to work inside of your organization. If you didn't intend to use that SAML identity with that {% data variables.product.prodname_dotcom %} account, then you'll need to sign out of that SAML identity and then repeat the SAML login. If you do want to use that SAML identity with your {% data variables.product.prodname_dotcom %} account, you'll need to ask your admin to unlink your SAML identity from your old account, so that you can link it to your new account.  Depending on the setup of your organization or enterprise, your admin may also need to reassign your identity within your SAML provider.  For more information, see "[Viewing and managing a member's SAML access to your organization](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization#viewing-and-revoking-a-linked-identity)."
+如果使用已关联到其他 {% data variables.product.prodname_dotcom %} 帐户的 SAML 标识登录，会收到一条错误消息，指示无法使用该 SAML 标识进行登录。 如果尝试使用新的 {% data variables.product.prodname_dotcom %} 帐户在组织内部工作，就可能会出现这种情况。 如果不想将该 SAML 标识与该 {% data variables.product.prodname_dotcom %} 帐户一起使用，则需要注销该 SAML 标识，然后重复 SAML 登录。 如果确实要将该 SAML 标识与 {% data variables.product.prodname_dotcom %} 帐户一起使用，需要要求管理员取消该 SAML 标识与旧帐户的关联，以便你可将其关联到新帐户。  根据组织或企业的设置，管理员可能需要在 SAML 提供商中重新分配你的标识。  有关详细信息，请参阅“[查看和管理成员对组织的 SAML 访问权限](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization#viewing-and-revoking-a-linked-identity)”。
 
-If the SAML identity you sign in with does not match the SAML identity that is currently linked to your {% data variables.product.prodname_dotcom %} account, you'll receive a warning that you are about to relink your account. Because your SAML identity is used to govern access and team membership, continuing with the new SAML identity can cause you to lose access to teams and organizations inside of {% data variables.product.prodname_dotcom %}. Only continue if you know that you're supposed to use that new SAML identity for authentication in the future. 
+如果用于登录的 SAML 标识与当前关联到 {% data variables.product.prodname_dotcom %} 帐户的 SAML 标识不匹配，会收到一条警告，要求你重新关联帐户。 SAML 标识用于管理访问权限和团队成员身份，因此继续使用新的 SAML 标识可能会导致你无法再访问 {% data variables.product.prodname_dotcom %} 中的团队和组织。 只有当你知道将来应该使用这个新的 SAML 标识进行身份验证时，才继续操作。 
 
-## Authorizing {% data variables.product.pat_generic %}s and SSH keys with SAML SSO
+## 使用 SAML SSO 授权{% data variables.product.pat_generic %}和 SSH 密钥
 
-To use the API or Git on the command line to access protected content in an organization that uses SAML SSO, you will need to use an authorized {% data variables.product.pat_generic %} over HTTPS or an authorized SSH key.
+要在命令行上使用 API 或 Git 访问使用 SAML SSO 的组织中受保护的内容，需要使用授权的 HTTPS {% data variables.product.pat_generic %}或授权的 SSH 密钥。
 
-If you don't have a {% data variables.product.pat_generic %} or an SSH key, you can create a {% data variables.product.pat_generic %} for the command line or generate a new SSH key. For more information, see "[Creating a {% data variables.product.pat_generic %}](/github/authenticating-to-github/creating-a-personal-access-token)" or "[Generating a new SSH key and adding it to the ssh-agent](/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent)."
+如果你没有{% data variables.product.pat_generic %}或 SSH 密钥，可以为命令行创建{% data variables.product.pat_generic %}或生成新 SSH 密钥。 有关详细信息，请参阅“[创建{% data variables.product.pat_generic %}](/github/authenticating-to-github/creating-a-personal-access-token)”或“[生成新 SSH 密钥并添加到 ssh-agent](/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent)”。
 
-To use a new or existing {% data variables.product.pat_generic %} or SSH key with an organization that uses or enforces SAML SSO, you will need to authorize the token or authorize the SSH key for use with a SAML SSO organization. For more information, see "[Authorizing a {% data variables.product.pat_generic %} for use with SAML single sign-on](/articles/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on)" or "[Authorizing an SSH key for use with SAML single sign-on](/articles/authorizing-an-ssh-key-for-use-with-saml-single-sign-on)."
+要对使用或实施 SAML SSO 的组织使用新的或现有的{% data variables.product.pat_generic %}或 SSH 密钥，需要授权该令牌或授权 SSH 密钥用于 SAML SSO 组织。 有关详细信息，请参阅“[授权用于 SAML 单一登录的{% data variables.product.pat_generic %}](/articles/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on)”或“[授权用于 SAML 单一登录的 SSH 密钥](/articles/authorizing-an-ssh-key-for-use-with-saml-single-sign-on)”。
 
-## About {% data variables.product.prodname_oauth_apps %}, {% data variables.product.prodname_github_apps %}, and SAML SSO
+## 关于 {% data variables.product.prodname_oauth_apps %}、{% data variables.product.prodname_github_apps %} 和 SAML SSO
 
-You must have an active SAML session each time you authorize an {% data variables.product.prodname_oauth_app %} or {% data variables.product.prodname_github_app %} to access an organization that uses or enforces SAML SSO. You can create an active SAML session by navigating to `https://github.com/orgs/ORGANIZATION-NAME/sso` in your browser.
+每次授权 {% data variables.product.prodname_oauth_app %} 或 {% data variables.product.prodname_github_app %} 访问使用或实施 SAML SSO 的组织时，你都必须有一个活动的 SAML 会话。 可以通过在浏览器中导航到 `https://github.com/orgs/ORGANIZATION-NAME/sso` 来创建活动的 SAML 会话。
 
-After an enterprise or organization owner enables or enforces SAML SSO for an organization, and after you authenticate via SAML for the first time, you must reauthorize any {% data variables.product.prodname_oauth_apps %} or {% data variables.product.prodname_github_apps %} that you previously authorized to access the organization. 
+企业或组织所有者为组织启用或强制实施 SAML SSO 后，以及首次通过 SAML 进行身份验证后，必须对之前授权访问组织的任何 {% data variables.product.prodname_oauth_apps %} 或 {% data variables.product.prodname_github_apps %} 进行重新授权。 
 
-To see the {% data variables.product.prodname_oauth_apps %} you've authorized, visit your [{% data variables.product.prodname_oauth_apps %} page](https://github.com/settings/applications). To see the {% data variables.product.prodname_github_apps %} you've authorized, visit your [{% data variables.product.prodname_github_apps %} page](https://github.com/settings/apps/authorizations).
+若要查看已授权的 {% data variables.product.prodname_oauth_apps %}，请访问 [{% data variables.product.prodname_oauth_apps %} 页面](https://github.com/settings/applications)。 若要查看已授权的 {% data variables.product.prodname_github_apps %}，请访问 [{% data variables.product.prodname_github_apps %} 页面](https://github.com/settings/apps/authorizations)。
 
 {% endif %}
 
-## Further reading
+## 延伸阅读
 
-{% ifversion ghec %}- "[About identity and access management with SAML single sign-on](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)"{% endif %}
-{% ifversion ghae %}- "[About identity and access management for your enterprise](/admin/authentication/about-identity-and-access-management-for-your-enterprise)"{% endif %}
+{% ifversion ghec %}- “[关于 SAML 单一登录的标识和访问管理](/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on)”{% endif %} {% ifversion ghae %}- “[关于企业标识和访问管理](/admin/authentication/about-identity-and-access-management-for-your-enterprise)”{% endif %}

translations/zh-CN/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md

@@ -185,6 +185,7 @@ An overview of some of the most common actions that are recorded as events in th
 | `remove_member` | Triggered when a {% data variables.product.product_name %} user is [removed from a repository as a collaborator](/articles/removing-a-collaborator-from-a-personal-repository).
 | `remove_topic` | Triggered when a repository owner removes a topic from a repository.
 | `rename` | Triggered when [a repository is renamed](/articles/renaming-a-repository).
+| `staff_unlock` | Triggered when an enterprise owner or {% data variables.contact.github_support %} (with permission from a repository administrator) temporarily unlocked the repository. The visibility of the repository isn't changed.
 | `transfer` | Triggered when [a repository is transferred](/articles/how-to-transfer-a-repository).
 | `transfer_start` | Triggered when a repository transfer is about to occur.
 | `unarchived` | Triggered when a repository owner unarchives a repository.

translations/zh-CN/content/billing/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/about-visual-studio-subscriptions-with-github-enterprise.md

@@ -1,6 +1,6 @@
 ---
-title: About Visual Studio subscriptions with GitHub Enterprise
-intro: 'You can give {% data variables.product.prodname_vs %} subscribers on your team access to {% data variables.product.prodname_enterprise %} with a combined offering from Microsoft.'
+title: 关于包含 GitHub Enterprise 的 Visual Studio 订阅
+intro: '您可以通过 Microsoft 的组合服务授予团队中的 {% data variables.product.prodname_vs %} 订阅者访问 {% data variables.product.prodname_enterprise %}。'
 redirect_from:
   - /github/setting-up-and-managing-your-enterprise/managing-your-enterprise-account/managing-licenses-for-visual-studio-subscription-with-github-enterprise
   - /github/setting-up-and-managing-your-enterprise/managing-licenses-for-the-github-enterprise-and-visual-studio-bundle
@@ -17,35 +17,40 @@ topics:
   - Enterprise
   - Licensing
 shortTitle: About
+ms.openlocfilehash: dd66572e3de9f34f6783b15d9fe8c876f4bb9d6b
+ms.sourcegitcommit: 6b649e03ca2fef38c9ebbeec92102219849380e2
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/31/2022
+ms.locfileid: '148120607'
 ---
+## 关于 {% data variables.visual_studio.prodname_vss_ghe %}
 
-## About {% data variables.product.prodname_vss_ghe %}
+{% data reusables.enterprise-accounts.vss-ghe-description %} {% data variables.visual_studio.prodname_vss_ghe %} 可根据 Microsoft 企业协议的条款从 Microsoft 获得。 有关详细信息，请参阅 {% data variables.product.prodname_vs %} 网站上的 [{% data variables.visual_studio.prodname_vss_ghe %}](https://visualstudio.microsoft.com/subscriptions/visual-studio-github/)。
 
-{% data reusables.enterprise-accounts.vss-ghe-description %} {% data variables.product.prodname_vss_ghe %} is available from Microsoft under the terms of the Microsoft Enterprise Agreement. For more information, see [{% data variables.product.prodname_vss_ghe %}](https://visualstudio.microsoft.com/subscriptions/visual-studio-github/) on the {% data variables.product.prodname_vs %} website.
+要使用许可的 {% data variables.product.prodname_enterprise %} 部分，每个订阅者在 {% data variables.product.prodname_dotcom_the_website %} 上的个人帐户必须是或成为 {% data variables.product.prodname_dotcom_the_website %} 上的企业所拥有组织的成员。 为此，组织所有者可以通过电子邮件地址邀请新成员加入组织。 订阅者可以使用 {% data variables.product.prodname_dotcom_the_website %} 上的现有个人帐户或新建一个帐户来接受邀请。
 
-To use the {% data variables.product.prodname_enterprise %} portion of the license, each subscriber's personal account on {% data variables.product.prodname_dotcom_the_website %} must be or become a member of an organization owned by your enterprise on {% data variables.product.prodname_dotcom_the_website %}. To accomplish this, organization owners can invite new members to an organization by email address. The subscriber can accept the invitation with an existing personal account on {% data variables.product.prodname_dotcom_the_website %} or create a new account.
+有关设置 {% data variables.visual_studio.prodname_vss_ghe %} 的详细信息，请参阅“[设置 {% data variables.visual_studio.prodname_vss_ghe %}](/billing/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/setting-up-visual-studio-subscriptions-with-github-enterprise)”。
 
-For more information about the setup of {% data variables.product.prodname_vss_ghe %}, see "[Setting up {% data variables.product.prodname_vss_ghe %}](/billing/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/setting-up-visual-studio-subscriptions-with-github-enterprise)."
+## 关于 {% data variables.visual_studio.prodname_vss_ghe %} 许可证
 
-## About licenses for {% data variables.product.prodname_vss_ghe %}
+将 {% data variables.visual_studio.prodname_vss_ghe %} 许可证分配给订阅者后，订阅者将使用 {% data variables.product.prodname_dotcom_the_website %} 上的个人帐户加入你企业中的组织，从而使用该许可证的 {% data variables.product.prodname_enterprise %} 部分。 如果 {% data variables.product.prodname_dotcom_the_website %} 上的企业成员个人帐户经过认证的电子邮件地址与 {% data variables.product.prodname_vs %} 帐户订阅者的用户主名 (UPN) 匹配，则 {% data variables.product.prodname_vs %} 订阅者将自动占用一个 {% data variables.visual_studio.prodname_vss_ghe %} 许可证。
 
-After you assign a license for {% data variables.product.prodname_vss_ghe %} to a subscriber, the subscriber will use the {% data variables.product.prodname_enterprise %} portion of the license by joining an organization in your enterprise with a personal account on {% data variables.product.prodname_dotcom_the_website %}. If the verified email address for the personal account of an enterprise member on {% data variables.product.prodname_dotcom_the_website %} matches the User Primary Name (UPN) for a subscriber to your {% data variables.product.prodname_vs %} account, the {% data variables.product.prodname_vs %} subscriber will automatically consume one license for {% data variables.product.prodname_vss_ghe %}.
+您的企业在 {% data variables.product.prodname_dotcom %} 上的许可总数等于任何标准 {% data variables.product.prodname_enterprise %} 许可和包括 {% data variables.product.prodname_dotcom %} 访问权限的 {% data variables.product.prodname_vs %} 订阅许可数量的总和。 如果企业成员的个人帐户与 {% data variables.product.prodname_vs %} 订阅者的电子邮件地址不对应，则该个人帐户占用的许可不适用于 {% data variables.product.prodname_vs %} 订阅者。
 
-The total quantity of your licenses for your enterprise on {% data variables.product.prodname_dotcom %} is the sum of any standard {% data variables.product.prodname_enterprise %} licenses and the number of {% data variables.product.prodname_vs %} subscription licenses that include access to {% data variables.product.prodname_dotcom %}. If the personal account for an enterprise member does not correspond with the email address for a {% data variables.product.prodname_vs %} subscriber, the license that the personal account consumes is unavailable for a {% data variables.product.prodname_vs %} subscriber.
+有关 {% data variables.product.prodname_enterprise %} 的详细信息，请参阅“[{% data variables.product.company_short %} 的产品](/github/getting-started-with-github/githubs-products#github-enterprise)”。 有关 {% data variables.product.prodname_dotcom_the_website %} 帐户的详细信息，请参阅“[{% data variables.product.prodname_dotcom %} 帐户的类型](/github/getting-started-with-github/types-of-github-accounts)”。
 
-For more information about {% data variables.product.prodname_enterprise %}, see "[{% data variables.product.company_short %}'s products](/github/getting-started-with-github/githubs-products#github-enterprise)." For more information about accounts on {% data variables.product.prodname_dotcom_the_website %}, see "[Types of {% data variables.product.prodname_dotcom %} accounts](/github/getting-started-with-github/types-of-github-accounts)."
-
-You can view the number of {% data variables.product.prodname_enterprise %} licenses available to your enterprise on {% data variables.location.product_location %}. The list of pending invitations includes subscribers who are not yet members of at least one organization in your enterprise. For more information, see "[Viewing the subscription and usage for your enterprise account](/billing/managing-billing-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account)" and "[Viewing people in your enterprise](/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#viewing-members-and-outside-collaborators)."
+可以在 {% data variables.location.product_location %} 上查看企业可用的 {% data variables.product.prodname_enterprise %} 许可证数量。 待处理的邀请列表包括尚未成为企业中至少一个组织成员的订阅者。 有关详细信息，请参阅“[查看企业帐户的订阅和使用情况](/billing/managing-billing-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account)”和“[查看企业中的人员](/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#viewing-members-and-outside-collaborators)”。
 
 {% tip %}
 
-**Tip**: If you download a CSV file with your enterprise's license usage in step 6 of "[Viewing the subscription and usage for your enterprise account](/billing/managing-billing-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account#viewing-the-subscription-and-usage-for-your-enterprise-account)," any members with a missing value for the "Name" or "Profile" columns have not yet accepted an invitation to join an organization within the enterprise.
+**提示**：如果在“[查看企业帐户的订阅和使用情况](/billing/managing-billing-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account#viewing-the-subscription-and-usage-for-your-enterprise-account)”的步骤 6 中下载了包含企业许可证使用情况的 CSV 文件，则“名称”或“配置文件”列缺少值的任何成员尚未接受加入企业内组织的邀请。
 
 {% endtip %}
 
-You can also see pending {% data variables.product.prodname_enterprise %} invitations to subscribers in {% data variables.product.prodname_vss_admin_portal_with_url %}.
+也可以在 {% data variables.visual_studio.prodname_vss_admin_portal_with_url %} 中查看向订阅者发出的待处理 {% data variables.product.prodname_enterprise %} 邀请。
 
-## Further reading
+## 延伸阅读
 
-- [{% data variables.product.prodname_vs %} subscriptions with {% data variables.product.prodname_enterprise %}](https://docs.microsoft.com/visualstudio/subscriptions/access-github) in Microsoft Docs
-- [Use {% data variables.product.prodname_vs %} or {% data variables.product.prodname_vscode %} to deploy apps from {% data variables.product.prodname_dotcom %}](https://docs.microsoft.com/en-us/azure/developer/github/deploy-with-visual-studio) in Microsoft Docs
+- Microsoft Docs 中的[包含 {% data variables.product.prodname_enterprise %} 的 {% data variables.product.prodname_vs %} 订阅](https://docs.microsoft.com/visualstudio/subscriptions/access-github)。
+- Microsoft Docs 中的[使用 {% data variables.product.prodname_vs %} 或 {% data variables.product.prodname_vscode %} 从 {% data variables.product.prodname_dotcom %} 部署应用](https://docs.microsoft.com/en-us/azure/developer/github/deploy-with-visual-studio)

translations/zh-CN/content/billing/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/setting-up-visual-studio-subscriptions-with-github-enterprise.md

@@ -1,6 +1,6 @@
 ---
-title: Setting up Visual Studio subscriptions with GitHub Enterprise
-intro: 'Your team''s subscription to {% data variables.product.prodname_vs %} can also provide access to {% data variables.product.prodname_enterprise %}.'
+title: 使用 GitHub Enterprise 设置 Visual Studio 订阅
+intro: '您的团队订阅 {% data variables.product.prodname_vs %} 还可以获得 {% data variables.product.prodname_enterprise %} 的访问权限。'
 versions:
   ghec: '*'
 type: how_to
@@ -8,64 +8,67 @@ topics:
   - Enterprise
   - Licensing
 shortTitle: Set up
+ms.openlocfilehash: ae030de637593aa723a5d2990485881ae30b333c
+ms.sourcegitcommit: 6b649e03ca2fef38c9ebbeec92102219849380e2
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/31/2022
+ms.locfileid: '148120623'
 ---
+## 关于 {% data variables.visual_studio.prodname_vss_ghe %} 的设置
 
-## About setup of {% data variables.product.prodname_vss_ghe %}
+{% data reusables.enterprise-accounts.vss-ghe-description %} 有关详细信息，请参阅“[关于 {% data variables.visual_studio.prodname_vss_ghe %}](/billing/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/about-visual-studio-subscriptions-with-github-enterprise)”。
 
-{% data reusables.enterprise-accounts.vss-ghe-description %} For more information, see "[About {% data variables.product.prodname_vss_ghe %}](/billing/managing-licenses-for-visual-studio-subscriptions-with-github-enterprise/about-visual-studio-subscriptions-with-github-enterprise)."
+本指南展示团队如何获得 {% data variables.product.prodname_vs %} 订阅者的许可，以及 {% data variables.product.prodname_enterprise %} 使用入门。
 
-This guide shows you how your team can get {% data variables.product.prodname_vs %} subscribers licensed and started with {% data variables.product.prodname_enterprise %}.
+如果你更喜欢视频，可以观看 Microsoft Visual Studio 的 YouTube 频道上的[使用 {% data variables.product.prodname_vs %} 订阅设置 {% data variables.product.prodname_enterprise %} 许可证](https://www.youtube.com/watch?v=P_zBgp_BE_I)。
 
-If you prefer video, you can watch [Setting up your {% data variables.product.prodname_enterprise %} licenses with {% data variables.product.prodname_vs %} subscriptions](https://www.youtube.com/watch?v=P_zBgp_BE_I) on 
-Microsoft Visual Studio's YouTube channel.
+## {% data variables.visual_studio.prodname_vss_ghe %} 角色
 
-## Roles for {% data variables.product.prodname_vss_ghe %}
+在设置 {% data variables.visual_studio.prodname_vss_ghe %} 之前，请务必了解此组合产品的角色。
 
-Before setting up {% data variables.product.prodname_vss_ghe %}, it's important to understand the roles for this combined offering.
-
-| Role | Service | Description | More information |
+| 角色 | 服务 | 说明 | 详细信息 |
 | :- | :- | :- | :- |
-| **Subscriptions admin** | {% data variables.product.prodname_vs %} subscription | Person who assigns licenses for {% data variables.product.prodname_vs %} subscription | [Overview of admin responsibilities](https://docs.microsoft.com/en-us/visualstudio/subscriptions/admin-responsibilities) in Microsoft Docs |
-| **Subscriber** | {% data variables.product.prodname_vs %} subscription | Person who uses a license for {% data variables.product.prodname_vs %} subscription | [Visual Studio Subscriptions documentation](https://docs.microsoft.com/en-us/visualstudio/subscriptions/) in Microsoft Docs |
-| **Enterprise owner** | {% data variables.product.prodname_dotcom %} | Person who has a personal account that's an administrator of an enterprise on {% data variables.location.product_location %} | "[Roles in an enterprise](/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise#enterprise-owner)" |
-| **Organization owner** | {% data variables.product.prodname_dotcom %} | Person who has a personal account that's an owner of an organization in your team's enterprise on {% data variables.location.product_location %} | "[Roles in an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#organization-owners)" |
-| **Enterprise member** | {% data variables.product.prodname_dotcom %} | Person who has a personal account that's a member of an enterprise on {% data variables.location.product_location %} | "[Roles in an enterprise](/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise#enterprise-members)"  |
+| **订阅管理员** | {% data variables.product.prodname_vs %} 订阅 | 为 {% data variables.product.prodname_vs %} 订阅分配许可证的人员 | Microsoft Docs 中的[管理员职责概述](https://docs.microsoft.com/en-us/visualstudio/subscriptions/admin-responsibilities) |
+| **订阅服务器** | {% data variables.product.prodname_vs %} 订阅 | 使用许可证进行 {% data variables.product.prodname_vs %} 订阅的人员 | Microsoft Docs 中的 [Visual Studio 订阅文档](https://docs.microsoft.com/en-us/visualstudio/subscriptions/)。 |
+| **企业所有者** | {% data variables.product.prodname_dotcom %} | 在 {% data variables.location.product_location %} 上拥有企业管理员个人帐户的人员 | [企业中的角色](/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise#enterprise-owner) |
+| **组织所有者** | {% data variables.product.prodname_dotcom %} | 在 {% data variables.location.product_location %} 上拥有团队企业中组织所有者个人帐户的人员 | [组织中的角色](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#organization-owners) |
+| **企业成员** | {% data variables.product.prodname_dotcom %} | 在 {% data variables.location.product_location %} 上拥有企业成员个人帐户的人员 | [企业中的角色](/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise#enterprise-members)  |
 
-## Prerequisites
+## 先决条件
 
-- Your team's {% data variables.product.prodname_vs %} subscription must include {% data variables.product.prodname_enterprise %}. For more information, see [{% data variables.product.prodname_vs %} Subscriptions and Benefits](https://visualstudio.microsoft.com/subscriptions/) on the {% data variables.product.prodname_vs %} website and
- [Overview of admin responsibilities](https://docs.microsoft.com/en-us/visualstudio/subscriptions/admin-responsibilities) in Microsoft Docs.
+- 团队的 {% data variables.product.prodname_vs %} 订阅必须包含 {% data variables.product.prodname_enterprise %}。 有关详细信息，请参阅 {% data variables.product.prodname_vs %} 网站上的 [{% data variables.product.prodname_vs %} 订阅和权益](https://visualstudio.microsoft.com/subscriptions/)以及 Microsoft 文档中的[管理员职责概述](https://docs.microsoft.com/en-us/visualstudio/subscriptions/admin-responsibilities)。
  
- - Your team must have an enterprise on {% data variables.location.product_location %}. If you're not sure whether your team has an enterprise, contact your {% data variables.product.prodname_dotcom %} administrator. If you're not sure who on your team is responsible for {% data variables.product.prodname_dotcom %}, contact {% data variables.contact.contact_enterprise_sales %}. For more information, see "[About enterprise accounts](/admin/overview/about-enterprise-accounts)."
+ - 你的团队必须在 {% data variables.location.product_location %} 上有企业。 如果您不确定您的团队是否拥有企业，请与您的 {% data variables.product.prodname_dotcom %} 管理员联系。 如果您不确定团队中谁负责 {% data variables.product.prodname_dotcom %}，请联系 {% data variables.contact.contact_enterprise_sales %}。 有关详细信息，请参阅“[关于企业帐户](/admin/overview/about-enterprise-accounts)”。
 
-## Setting up {% data variables.product.prodname_vss_ghe %}
+## 设置 {% data variables.visual_studio.prodname_vss_ghe %}
 
-To set up {% data variables.product.prodname_vss_ghe %}, members of your team must complete the following tasks.
+要设置 {% data variables.visual_studio.prodname_vss_ghe %}，团队成员必须完成以下任务。
 
-One person may be able to complete the tasks because the person has all of the roles, but you may need to coordinate the tasks with multiple people. For more information, see "[Roles for {% data variables.product.prodname_vss_ghe %}](#roles-for-visual-studio-subscriptions-with-github-enterprise)."
+一个人或许能够完成任务，因为此人具有所有角色，但您可能需要与多个人协调任务。 有关详细信息，请参阅“[{% data variables.visual_studio.prodname_vss_ghe %} 角色](#roles-for-visual-studio-subscriptions-with-github-enterprise)”。
 
-1. An enterprise owner must create at least one organization in your enterprise on {% data variables.location.product_location %}. For more information, see "[Adding organizations to your enterprise](/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise)."
+1. 企业所有者必须在 {% data variables.location.product_location %} 上在企业中创建至少一个组织。 有关详细信息，请参阅[将组织添加到企业](/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise)。
 
-1. The subscription admin must assign a license for {% data variables.product.prodname_vs %} to a subscriber in {% data variables.product.prodname_vss_admin_portal_with_url %}. For more information, see [Overview of the {% data variables.product.prodname_vs %} Subscriptions Administrator Portal](https://docs.microsoft.com/en-us/visualstudio/subscriptions/using-admin-portal) and [Assign {% data variables.product.prodname_vs %} Licenses in the {% data variables.product.prodname_vs %} Subscriptions Administration Portal](https://docs.microsoft.com/en-us/visualstudio/subscriptions/assign-license) in Microsoft Docs.
+1. 订阅管理员必须将 {% data variables.product.prodname_vs %} 许可证分配给 {% data variables.visual_studio.prodname_vss_admin_portal_with_url %} 中的订阅者。 更多信息请参阅 Microsoft 文档中的 [{% data variables.product.prodname_vs %} 订阅管理员门户概述](https://docs.microsoft.com/en-us/visualstudio/subscriptions/using-admin-portal)和[在 {% data variables.product.prodname_vs %} 订阅管理员门户中分配 {% data variables.product.prodname_vs %} 许可证](https://docs.microsoft.com/en-us/visualstudio/subscriptions/assign-license)。
 
-1. Optionally, if the subscription admin assigned licenses to subscribers in {% data variables.product.prodname_vs %} before adding {% data variables.product.prodname_enterprise %} to the subscription, the subscription admin can move the subscribers to the combined offering in the {% data variables.product.prodname_vs %} administration portal. For more information, see [Manage {% data variables.product.prodname_vs %} subscriptions with {% data variables.product.prodname_enterprise %}](https://docs.microsoft.com/en-us/visualstudio/subscriptions/assign-github#moving-to-visual-studio-with-github-enterprise) in Microsoft Docs.
+1. （可选）如果订阅管理员在将 {% data variables.product.prodname_enterprise %} 添加到订阅之前将许可证分配给 {% data variables.product.prodname_vs %} 中的订阅者，则订阅管理员可以在 {% data variables.product.prodname_vs %} 管理门户中将订阅者移动到组合产品/服务。 有关详细信息，请参阅 Microsoft Docs 中的[使用 {% data variables.product.prodname_enterprise %} 管理 {% data variables.product.prodname_vs %} 订阅](https://docs.microsoft.com/en-us/visualstudio/subscriptions/assign-github#moving-to-visual-studio-with-github-enterprise)。
 
-1. If the subscription admin has not disabled email notifications, the subscriber will receive two confirmation emails. For more information, see [{% data variables.product.prodname_vs %} subscriptions with {% data variables.product.prodname_enterprise %}](https://docs.microsoft.com/en-us/visualstudio/subscriptions/access-github#what-is-the-visual-studio-subscription-with-github-enterprise-setup-process) in Microsoft Docs.
+1. 如果订阅管理员尚未禁用电子邮件通知，则订阅者将收到两封确认电子邮件。 有关详细信息，请参阅Microsoft 文档中的[包含 {% data variables.product.prodname_enterprise %} 的 {% data variables.product.prodname_vs %} 订阅](https://docs.microsoft.com/en-us/visualstudio/subscriptions/access-github#what-is-the-visual-studio-subscription-with-github-enterprise-setup-process)。
 
-1. An organization owner must invite the subscriber to the organization on {% data variables.location.product_location %} from step 1. The subscriber can accept the invitation with an existing personal account on {% data variables.product.prodname_dotcom_the_website %} or create a new account. After the subscriber joins the organization, the subscriber becomes an enterprise member. For more information, see "[Inviting users to join your organization](/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization)."
+1. 组织所有者必须在步骤 1 中在 {% data variables.location.product_location %} 上邀请订阅者加入组织。 订阅者可以使用 {% data variables.product.prodname_dotcom_the_website %} 上的现有个人帐户或新建一个帐户来接受邀请。 订阅者加入组织后，订阅者将成为企业成员。 有关详细信息，请参阅“[邀请用户加入你的组织](/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization)”。
 
    {% tip %}
 
-   **Tips**:
+   **提示**：
 
-   - While not required, we recommend that the organization owner sends an invitation to the same email address used for the subscriber's User Primary Name (UPN). When the email address on {% data variables.location.product_location %} matches the subscriber's UPN, you can ensure that another enterprise does not claim the subscriber's license.
-   - If the subscriber accepts the invitation to the organization with an existing personal account on {% data variables.location.product_location %}, we recommend that the subscriber add the email address they use for {% data variables.product.prodname_vs %} to their personal account on {% data variables.location.product_location %}. For more information, see "[Adding an email address to your {% data variables.product.prodname_dotcom %} account](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account)."
-   - If the organization owner must invite a large number of subscribers, a script may make the process faster. For more information, see [the sample PowerShell script](https://github.com/github/platform-samples/blob/master/api/powershell/invite_members_to_org.ps1) in the `github/platform-samples` repository.
+   - 虽然不是必需的，但我们建议组织所有者向订阅者的用户主名 (UPN) 使用的同一电子邮件地址发送邀请。 当 {% data variables.location.product_location %} 上的电子邮件地址与订阅者的 UPN 匹配时，可以确保其他企业不会索要该订阅者的许可证。
+   - 如果订阅者在 {% data variables.location.product_location %} 上接受具有现有个人帐户的组织邀请，建议订阅者在 {% data variables.location.product_location %} 上将他们用于 {% data variables.product.prodname_vs %} 的电子邮件地址添加到其个人帐户。 有关详细信息，请参阅“[将电子邮件地址添加到 {% data variables.product.prodname_dotcom %} 帐户](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account)”。
+   - 如果组织所有者必须邀请大量订阅者，脚本可以使进程更快。 有关详细信息，请参阅 `github/platform-samples` 存储库中的[示例 PowerShell 脚本](https://github.com/github/platform-samples/blob/master/api/powershell/invite_members_to_org.ps1)。
 
     {% endtip %}
 
-After {% data variables.product.prodname_vss_ghe %} is set up for subscribers on your team, enterprise owners can review licensing information on {% data variables.location.product_location %}. For more information, see "[Viewing the subscription and usage for your enterprise account](/billing/managing-billing-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account)."
+为团队中的订阅者设置 {% data variables.visual_studio.prodname_vss_ghe %} 后，企业所有者可以在 {% data variables.location.product_location %} 上查看许可信息。 有关详细信息，请参阅“[查看企业帐户的订阅和使用情况](/billing/managing-billing-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account)”。
 
-## Further reading
+## 延伸阅读
 
-- "[Getting started with {% data variables.product.prodname_ghe_cloud %}](/get-started/onboarding/getting-started-with-github-enterprise-cloud)"
+- “[{% data variables.product.prodname_ghe_cloud %} 入门](/get-started/onboarding/getting-started-with-github-enterprise-cloud)”

translations/zh-CN/content/billing/managing-your-license-for-github-enterprise/troubleshooting-license-usage-for-github-enterprise.md

@@ -1,6 +1,6 @@
 ---
-title: GitHub Enterprise 许可证使用情况疑难解答
-intro: 你可以通过审核许可证报告来排查企业的许可证使用情况问题。
+title: Troubleshooting license usage for GitHub Enterprise
+intro: You can troubleshoot license usage for your enterprise by auditing license reports.
 permissions: 'Enterprise owners can review license usage for {% data variables.product.prodname_enterprise %}.'
 versions:
   ghec: '*'
@@ -10,30 +10,25 @@ topics:
   - Enterprise
   - Licensing
 shortTitle: Troubleshoot license usage
-ms.openlocfilehash: f23ca2380e71f5b037278c71da57dc8fab94c750
-ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5
-ms.translationtype: HT
-ms.contentlocale: zh-CN
-ms.lasthandoff: 09/05/2022
-ms.locfileid: '147572657'
 ---
-## 关于意外的许可证使用情况
 
-如果企业使用的许可证数量出现异常，你可以查看已使用的许可证报告以审核整个企业部署和订阅中的许可证使用情况。 有关详细信息，请参阅“[查看 GitHub Enterprise 的许可证使用情况](/billing/managing-your-license-for-github-enterprise/viewing-license-usage-for-github-enterprise)”和“[查看企业帐户的订阅和使用情况](/billing/managing-billing-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account)”。
+## About unexpected license usage
 
-如果发现错误，可以尝试执行故障排除步骤。
+If the number of consumed licenses for your enterprise is unexpected, you can review your consumed license report to audit your license usage across all your enterprise deployments and subscriptions. For more information, see "[Viewing license usage for GitHub Enterprise](/billing/managing-your-license-for-github-enterprise/viewing-license-usage-for-github-enterprise)" and "[Viewing the subscription and usage for your enterprise account](/billing/managing-billing-for-your-github-account/viewing-the-subscription-and-usage-for-your-enterprise-account)."
 
-出于隐私原因，除非使用 {% data variables.product.prodname_emus %}，否则企业所有者无法直接访问用户帐户的详细信息。
+If you find errors, you can try troubleshooting steps.
 
-## 关于已使用的许可证的计算
+For privacy reasons, enterprise owners cannot directly access the details of user accounts unless you use {% data variables.product.prodname_emus %}.
 
-{% data variables.product.company_short %} 会对以下每个人员计费：使用 {% data variables.product.prodname_ghe_server %} 的部署；为 {% data variables.product.prodname_ghe_cloud %} 上的其中一个组织的成员；为 {% data variables.product.prodname_vs_subscriber %}。 有关企业中使用许可证的人员的详细信息，请参阅“[关于每用户定价](/billing/managing-billing-for-your-github-account/about-per-user-pricing)”。
+## About the calculation of consumed licenses
 
-对于使用单个席位而不管使用多少部署的每个用户，你必须在 {% data variables.product.prodname_ghe_server %} 和 {% data variables.product.prodname_ghe_cloud %} 之间同步许可证使用情况。 有关详细信息，请参阅“[同步 {% data variables.product.prodname_ghe_server %} 和 {% data variables.product.prodname_ghe_cloud %} 之间的许可证使用情况](/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud)”。
+{% data variables.product.company_short %} bills for each person who uses deployments of {% data variables.product.prodname_ghe_server %}, is a member of one of your organizations on {% data variables.product.prodname_ghe_cloud %}, or is a {% data variables.visual_studio.prodname_vs_subscriber %}. For more information about the people in your enterprise who consume a license, see "[About per-user pricing](/billing/managing-billing-for-your-github-account/about-per-user-pricing)."
 
-同步许可证使用情况后，{% data variables.product.prodname_dotcom %} 会按电子邮件地址将 {% data variables.product.prodname_ghe_server %} 上的用户帐户与 {% data variables.product.prodname_ghe_cloud %} 上的用户帐户进行匹配。
+For each user to consume a single seat regardless of how many deployments they use, you must synchronize license usage between {% data variables.product.prodname_ghe_server %} and {% data variables.product.prodname_ghe_cloud %}. For more information, see "[Syncing license usage between {% data variables.product.prodname_ghe_server %} and {% data variables.product.prodname_ghe_cloud %}](/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud)."
 
-首先，我们先检查 {% data variables.product.prodname_ghe_server %} 上每个用户的主电子邮件地址。 然后尝试将该地址与 {% data variables.product.prodname_ghe_cloud %} 上的用户帐户的电子邮件地址进行匹配。 如果企业使用 SAML SSO，我们首先检查电子邮件地址的以下 SAML 属性。
+After you synchronize license usage, {% data variables.product.prodname_dotcom %} matches user accounts on {% data variables.product.prodname_ghe_server %} with user accounts on {% data variables.product.prodname_ghe_cloud %} by email address.
+
+First, we first check the primary email address of each user on {% data variables.product.prodname_ghe_server %}. Then, we attempt to match that address with the email address for a user account on {% data variables.product.prodname_ghe_cloud %}. If your enterprise uses SAML SSO, we first check the following SAML attributes for email addresses.
 
 - `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name`
 - `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress`
@@ -41,64 +36,64 @@ ms.locfileid: '147572657'
 - `NameID`
 - `emails`
 
-如果在这些属性中找不到与 {% data variables.product.prodname_ghe_server %} 上的主电子邮件地址匹配的电子邮件地址，或如果企业不使用 SAML SSO，则我们将在 {% data variables.product.prodname_ghe_cloud %} 上检查该用户的每个已验证的电子邮件地址。 有关 {% data variables.product.prodname_dotcom_the_website %} 上的电子邮件地址验证的详细信息，请参阅 {% data variables.product.prodname_ghe_cloud %} 文档中的“[验证电子邮件地址](/enterprise-cloud@latest/get-started/signing-up-for-github/verifying-your-email-address){% ifversion not ghec %}”。{% else %}."{% endif %}
+If no email addresses found in these attributes match the primary email address on {% data variables.product.prodname_ghe_server %}, or if your enterprise doesn't use SAML SSO, we then check each of the user's verified email addresses on {% data variables.product.prodname_ghe_cloud %}. For more information about verification of email addresses on {% data variables.product.prodname_dotcom_the_website %}, see "[Verifying your email address](/enterprise-cloud@latest/get-started/signing-up-for-github/verifying-your-email-address){% ifversion not ghec %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %}
 
-## 已使用的许可证文件中的字段
+## Fields in the consumed license files
 
-{% data variables.product.prodname_dotcom_the_website %} 许可证使用情况报告和 {% data variables.product.prodname_ghe_server %} 导出的许可证使用情况文件包含各种字段，可帮助你排查企业的许可证使用情况的问题。 
+The {% data variables.product.prodname_dotcom_the_website %} license usage report and {% data variables.product.prodname_ghe_server %} exported license usage file include a variety of fields to help you troubleshoot license usage for your enterprise. 
 
-### {% data variables.product.prodname_dotcom_the_website %} 许可证使用情况报告（CSV 文件）
+### {% data variables.product.prodname_dotcom_the_website %} license usage report (CSV file)
 
-企业的许可证使用情况报告是一个 CSV 文件，其中包含有关企业成员的以下信息。 某些字段特定于 {% data variables.product.prodname_ghe_cloud %} (GHEC) 部署、{% data variables.product.prodname_ghe_server %} (GHES) 通连环境或带有 GitHub Enterprise 的 {% data variables.product.prodname_vs %} 订阅 (VSS)。
+The license usage report for your enterprise is a CSV file that contains the following information about members of your enterprise. Some fields are specific to your {% data variables.product.prodname_ghe_cloud %} (GHEC) deployment, {% data variables.product.prodname_ghe_server %} (GHES) connected environments, or your {% data variables.product.prodname_vs %} subscriptions (VSS) with GitHub Enterprise.
 
-| 字段 | 说明
+| Field | Description
 | ----- | -----------
-| github_com_login | 用户的 GHEC 帐户的用户名
-| github_com_name | 用户的 GHEC 帐户的显示名称
-| github_com_profile | GHEC 上的用户配置文件页的 URL
-| github_com_user   | 用户是否在 GHEC 上拥有帐户 |
-| github_com_member_roles | 对于 GHEC 上用户所属的每个组织，组织名称和用户在该组织中的角色（`Owner` 或 `Member`）由冒号分隔<br><br>组织由逗号分隔 |
-| github_com_enterprise_role | 可以是下述之一：`Owner`、`Member` 或 `Outside collaborator`
-| github_com_verified_domain_emails | 与用户的 GHEC 帐户关联且与企业的已验证域匹配的所有电子邮件地址 |
-| github_com_saml_name_id | SAML 用户名 |
-| github_com_orgs_with_pending_invites | 用户 GHEC 帐户加入企业内组织的所有待定邀请 |
-| license_type | 可以是下述之一：`Visual Studio subscription` 或 `Enterprise`
-| enterprise_server_user| 用户是否在 GHES 上至少有一个帐户 |
-| enterprise_server_primary_emails | 与用户的每个 GHES 帐户关联的主电子邮件地址 |
-| enterprise_server_user_ids | 对于用户的每个 GHES 帐户，帐户的用户 ID
-| total_user_accounts | 此人在 GHEC 和 GHES 上拥有的帐户总数
-| visual_studio_subscription_user | 用户是否为 {% data variables.product.prodname_vs_subscriber %} |
-| visual_studio_subscription_email | 与用户的 VSS 关联的电子邮件地址 |
-| visual_studio_license_status | Visual Studio 许可证是否已与 {% data variables.product.company_short %} 用户匹配 |
+| github_com_login | The username for the user's GHEC account
+| github_com_name | The display name for the user's GHEC account
+| github_com_profile | The URL for the user's profile page on GHEC
+| github_com_user	| Whether or not the user has an account on GHEC |
+| github_com_member_roles | For each of the organizations the user belongs to on GHEC, the organization name and the user's role in that organization (`Owner` or `Member`) separated by a colon<br><br>Organizations delimited by commas |
+| github_com_enterprise_role | Can be one of: `Owner`, `Member`, or `Outside collaborator`
+| github_com_verified_domain_emails | All email addresses associated with the user's GHEC account that match your enterprise's verified domains |
+| github_com_saml_name_id | The SAML username |
+| github_com_orgs_with_pending_invites | All pending invitations for the user's GHEC account to join organizations within your enterprise |
+| license_type | Can be one of: `Visual Studio subscription` or `Enterprise`
+| enterprise_server_user| Whether or not the user has at least one account on GHES |
+| enterprise_server_primary_emails | The primary email addresses associated with each of the user's GHES accounts |
+| enterprise_server_user_ids | For each of the user's GHES accounts, the account's user ID
+| total_user_accounts | The total number of accounts the person has across both GHEC and GHES
+| visual_studio_subscription_user | Whether or not the user is a {% data variables.visual_studio.prodname_vs_subscriber %} |
+| visual_studio_subscription_email | The email address associated with the user's VSS |
+| visual_studio_license_status | Whether the Visual Studio license has been matched to a {% data variables.product.company_short %} user |
 
-尚未成为企业中至少一个组织的成员的 {% data variables.product.prodname_vs_subscriber %}将包含在此报告中，为待定邀请状态，并且将缺少“名称”或“个人资料链接”字段的值。
+{% data variables.visual_studio.prodname_vs_subscriber %}s who are not yet members of at least one organization in your enterprise will be included in the report with a pending invitation status, and will be missing values for the "Name" or "Profile link" field.
 
-### {% data variables.product.prodname_ghe_server %} 导出的许可证使用情况（JSON 文件）
+### {% data variables.product.prodname_ghe_server %} exported license usage (JSON file)
 
-{% data variables.product.prodname_ghe_server %} 许可证使用情况是一个 JSON 文件，通常是在 {% data variables.product.prodname_ghe_server %} 和 {% data variables.product.prodname_ghe_cloud %} 部署之间执行手动用户许可证同步时会用到。 此文件包含特定于 {% data variables.product.prodname_ghe_server %} 环境的以下信息。
+Your {% data variables.product.prodname_ghe_server %} license usage is a JSON file that is typically used when performing a manual sync of user licenses between {% data variables.product.prodname_ghe_server %} and {% data variables.product.prodname_ghe_cloud %} deployments. The file contains the following information specific to your {% data variables.product.prodname_ghe_server %} environment.
 
-| 字段 | 说明
+| Field | Description
 | ----- | -----------
-| 功能 | 在 {% data variables.product.prodname_ghe_server %} 实例上启用的 {% data variables.product.prodname_github_connect %} 功能，以及启用的日期和时间。
-| 主机名 | {% data variables.product.prodname_ghe_server %} 实例的主机名。
-| 仅 HTTP | 是否在 {% data variables.product.prodname_ghe_server %} 实例上启用并配置了传输层安全性 (TLS)。 可以是以下选项之一：`True` 或 `False`。 
-| 许可证 | {% data variables.product.prodname_ghe_server %} 许可证的哈希。
-| 公钥 | {% data variables.product.prodname_ghe_server %} 许可证的公钥部分。
-| 服务器 ID | 为 {% data variables.product.prodname_ghe_server %} 实例生成的 UUID。
-| 版本 | {% data variables.product.prodname_ghe_server %} 实例的版本。
+| Features | The {% data variables.product.prodname_github_connect %} features that are enabled on your {% data variables.product.prodname_ghe_server %} instance, and the date and time of enablement.
+| Host name | The hostname of your {% data variables.product.prodname_ghe_server %} instance.
+| HTTP only | Whether Transport Layer Security (TLS) is enabled and configured on your {% data variables.product.prodname_ghe_server %} instance. Can be one of: `True` or `False`. 
+| License | A hash of your {% data variables.product.prodname_ghe_server %} license.
+| Public key | The public key portion of your {% data variables.product.prodname_ghe_server %} license.
+| Server ID | UUID generated for your {% data variables.product.prodname_ghe_server %} instance.
+| Version | The version of your {% data variables.product.prodname_ghe_server %} instance.
 
-## 已使用的许可证疑难解答
+## Troubleshooting consumed licenses
 
-要确保每个用户只使用单个席位进行不同的部署和订阅，请尝试以下故障排除步骤。
+To ensure that the each user is only consuming a single seat for different deployments and subscriptions, try the following troubleshooting steps.
 
-1. 为帮助识别使用多个席位的用户，如果你的企业对 {% data variables.product.prodname_ghe_cloud %} 使用已验证的域，请查看企业成员的电子邮件地址不是来自与他们 {% data variables.product.prodname_dotcom_the_website %} 帐户关联的已验证域的企业成员列表。 通常，这些是错误使用了多个许可的席位的用户。 有关详细信息，请参阅“[查看电子邮件地址不是来自已验证的域的成员](/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#viewing-members-without-an-email-address-from-a-verified-domain)”。
+1. To help identify users that are consuming multiple seats, if your enterprise uses verified domains for {% data variables.product.prodname_ghe_cloud %}, review the list of enterprise members who do not have an email address from a verified domain associated with their account on {% data variables.product.prodname_dotcom_the_website %}. Often, these are the users who erroneously consume more than one licensed seat. For more information, see "[Viewing members without an email address from a verified domain](/admin/user-management/managing-users-in-your-enterprise/viewing-people-in-your-enterprise#viewing-members-without-an-email-address-from-a-verified-domain)."
 
    {% note %}
 
-  注意：为简化故障排除，建议使用与你在 {% data variables.product.prodname_dotcom_the_website %} 上的企业帐户相关联的已验证的域。 有关详细信息，请参阅“[验证或批准企业的域](/enterprise-cloud@latest/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise)”。
+  **Note:** To make troubleshooting easier, we recommend using verified domains with your enterprise account on {% data variables.product.prodname_dotcom_the_website %}. For more information, see "[Verifying or approving a domain for your enterprise](/enterprise-cloud@latest/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise)."
 
   {% endnote %}
-1. 识别出使用多个席位的用户后，请确保同一电子邮件地址与该用户的所有帐户相关联。 有关哪些电子邮件地址必须匹配的详细信息，请参阅“[关于已使用的许可证的计算](#about-the-calculation-of-consumed-licenses)”。
-1. 如果电子邮件地址最近进行了更新或验证以解决不匹配问题，请查看上次许可证同步作业的时间戳。 如果作业自更正后尚未运行，请手动触发新作业。 有关详细信息，请参阅“[在 GitHub Enterprise Server 和 GitHub Enterprise Cloud 之间同步许可证使用情况](/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud)”。
+1. After you identify users who are consuming multiple seats, make sure that the same email address is associated with all of the user's accounts. For more information about which email addresses must match, see "[About the calculation of consumed licenses](#about-the-calculation-of-consumed-licenses)."
+1. If an email address was recently updated or verified to correct a mismatch, view the timestamp of the last license sync job. If a job hasn't run since the correction was made, manually trigger a new job. For more information, see "[Syncing license usage between GitHub Enterprise Server and GitHub Enterprise Cloud](/billing/managing-your-license-for-github-enterprise/syncing-license-usage-between-github-enterprise-server-and-github-enterprise-cloud)."
 
-如果在看完上述故障排除信息后仍对已使用的许可证有任何问题，可以通过 {% data variables.contact.contact_enterprise_portal %}联系 {% data variables.contact.github_support %}。
+If you still have questions about your consumed licenses after reviewing the troubleshooting information above, you can contact {% data variables.contact.github_support %} through the {% data variables.contact.contact_enterprise_portal %}.

translations/zh-CN/content/code-security/secret-scanning/about-secret-scanning.md

@@ -84,9 +84,9 @@ When you enable {% data variables.product.prodname_secret_scanning %} for a repo
 
 If {% data variables.product.prodname_secret_scanning %} detects a secret, {% data variables.product.prodname_dotcom %} generates an alert.
 
-- {% data variables.product.prodname_dotcom %} sends an email alert to the repository administrators and organization owners.
+- {% data variables.product.prodname_dotcom %} sends an email alert to the repository administrators and organization owners. You'll receive an alert if you are watching the repository, or if you have enabled notifications for security alerts, or for all the activity on the repository.
 {% ifversion ghes or ghae or ghec %}
-- {% data variables.product.prodname_dotcom %} sends an email alert to the contributor who committed the secret to the repository, with a link to the related {% data variables.product.prodname_secret_scanning %} alert. The commit author can then view the alert in the repository, and resolve the alert.
+- If the contributor who committed the secret isn't ignoring the repository, {% data variables.product.prodname_dotcom %} will also send an email alert to the contributor. The emails contains a link to the related {% data variables.product.prodname_secret_scanning %} alert. The commit author can then view the alert in the repository, and resolve the alert.
 {% endif %}
 - {% data variables.product.prodname_dotcom %} displays an alert in the "Security" tab of the repository.
 

translations/zh-CN/content/code-security/secret-scanning/managing-alerts-from-secret-scanning.md

@@ -1,6 +1,7 @@
 ---
 title: Managing alerts from secret scanning
 intro: You can view and close alerts for secrets checked in to your repository.
+permissions: 'People with admin access to a repository can view and dismiss alerts.'
 product: '{% data reusables.gated-features.secret-scanning %}'
 redirect_from:
   - /github/administering-a-repository/managing-alerts-from-secret-scanning

translations/zh-CN/content/code-security/security-advisories/global-security-advisories/about-global-security-advisories.md

@@ -0,0 +1,38 @@
+---
+title: 关于全局安全公告
+intro: '全局安全数据库位于 {% data variables.product.prodname_advisory_database %}，其中包含影响开放源代码环境的 CVE 和 {% data variables.product.company_short %} 发起的安全公告。 你可以为改进全局公告做出贡献。'
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+type: overview
+topics:
+  - Security advisories
+  - Alerts
+  - Vulnerabilities
+  - CVEs
+ms.openlocfilehash: d28de180b9fee592dcba89d03ca537d4ffd2d9eb
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113982'
+---
+## 关于全局安全公告
+
+{% ifversion fpt or ghec %}有两种类型的公告：全局安全公告和存储库安全公告。 有关存储库安全公告的详细信息，请参阅“[关于存储库安全公告](/code-security/security-advisories/repository-security-advisories/about-repository-security-advisories)”。{% endif %}
+
+全局安全公告分为两类：{% data variables.product.company_short %} 已审核和未审核的公告。
+- 经 {% data variables.product.company_short %} 审核的公告是已映射到支持的生态系统中的包的安全漏洞{% ifversion GH-advisory-db-supports-malware %}或恶意软件{% endif %}。
+- 未审核的公告是我们直接从国家漏洞数据库源自动发布到 {% data variables.product.prodname_advisory_database %} 的安全漏洞。 
+
+有关 {% data variables.product.prodname_advisory_database %} 的详细信息，请参阅“[关于 {% data variables.product.prodname_advisory_database %}](/code-security/security-advisories/global-security-advisories/about-the-github-advisory-database)”。
+
+{% data reusables.security-advisory.global-advisories %}
+
+每个存储库公告都由 {% data variables.product.prodname_security %} 策展团队负责审核，作为全局公告纳入考虑范围。 我们在 [github.com/advantores](https://github.com/advisories) 上的 {% data variables.product.prodname_advisory_database %} 发布任何由依赖关系图支持的生态系统的安全公告。
+
+可以访问 {% data variables.product.prodname_advisory_database %} 中的任何公告。 有关详细信息，请参阅“[在 GitHub 公告数据库中浏览安全公告](/code-security/security-advisories/global-security-advisories/browsing-security-advisories-in-the-github-advisory-database)”。
+
+您可以对 {% data variables.product.prodname_advisory_database %} 中的任何公告提出改进建议。 有关详细信息，请参阅“[在 {% data variables.product.prodname_advisory_database %} 中编辑安全公告](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)”。

translations/zh-CN/content/code-security/security-advisories/global-security-advisories/about-the-github-advisory-database.md

@@ -0,0 +1,82 @@
+---
+title: About the GitHub Advisory database
+intro: 'The {% data variables.product.prodname_advisory_database %} contains a list of known security vulnerabilities {% ifversion GH-advisory-db-supports-malware %}and malware, {% endif %}grouped in two categories: {% data variables.product.company_short %}-reviewed advisories and unreviewed advisories.'
+miniTocMaxHeadingLevel: 3
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+type: overview
+topics:
+  - Security advisories
+  - Alerts
+  - Vulnerabilities
+  - CVEs
+---
+
+## About the {% data variables.product.prodname_advisory_database %}
+
+{% data reusables.repositories.tracks-vulnerabilities %}
+
+## About types of security advisories
+
+{% data reusables.advisory-database.beta-malware-advisories %}
+
+Each advisory in the {% data variables.product.prodname_advisory_database %} is for a vulnerability in open source projects{% ifversion GH-advisory-db-supports-malware %} or for malicious open source software{% endif %}. 
+
+{% data reusables.repositories.a-vulnerability-is %} Vulnerabilities in code are usually introduced by accident and fixed soon after they are discovered. You should update your code to use the fixed version of the dependency as soon as it is available.
+
+{% ifversion GH-advisory-db-supports-malware %}
+
+In contrast, malicious software, or malware, is code that is intentionally designed to perform unwanted or harmful functions. The malware may target hardware, software, confidential data, or users of any application that uses the malware. You need to remove the malware from your project and find an alternative, more secure replacement for the dependency.
+
+{% endif %}
+
+### {% data variables.product.company_short %}-reviewed advisories
+
+{% data variables.product.company_short %}-reviewed advisories are security vulnerabilities{% ifversion GH-advisory-db-supports-malware %} or malware{% endif %} that have been mapped to packages in ecosystems we support. We carefully review each advisory for validity and ensure that they have a full description, and contain both ecosystem and package information.
+
+Generally, we name our supported ecosystems after the software programming language's associated package registry. We review advisories if they are for a vulnerability in a package that comes from a supported registry.
+
+- Composer (registry: https://packagist.org/){% ifversion GH-advisory-db-erlang-support %}
+- Erlang (registry: https://hex.pm/){% endif %}
+- Go (registry: https://pkg.go.dev/)
+{%- ifversion fpt or ghec or ghes > 3.6 or ghae > 3.6 %}
+- GitHub Actions (https://github.com/marketplace?type=actions/) {% endif %}
+- Maven (registry: https://repo.maven.apache.org/maven2)
+- npm (registry: https://www.npmjs.com/)
+- NuGet (registry: https://www.nuget.org/)
+- pip (registry: https://pypi.org/){% ifversion dependency-graph-dart-support %}
+- pub (registry: https://pub.dev/packages/registry){% endif %}
+- RubyGems (registry: https://rubygems.org/)
+- Rust (registry: https://crates.io/)
+
+If you have a suggestion for a new ecosystem we should support, please open an [issue](https://github.com/github/advisory-database/issues) for discussion.
+
+If you enable {% data variables.product.prodname_dependabot_alerts %} for your repositories, you are automatically notified when a new {% data variables.product.company_short %}-reviewed advisory reports a vulnerability {% ifversion GH-advisory-db-supports-malware %}or malware{% endif %} for a package you depend on. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)."
+
+### Unreviewed advisories
+
+Unreviewed advisories are security vulnerabilites that we publish automatically into the {% data variables.product.prodname_advisory_database %}, directly from the National Vulnerability Database feed. 
+
+{% data variables.product.prodname_dependabot %} doesn't create {% data variables.product.prodname_dependabot_alerts %} for unreviewed advisories as this type of advisory isn't checked for validity or completion.
+
+## About information in security advisories
+
+Each security advisory contains information about the vulnerability{% ifversion GH-advisory-db-supports-malware %} or malware,{% endif %} which may include the description, severity, affected package, package ecosystem, affected versions and patched versions, impact, and optional information such as references, workarounds, and credits. In addition, advisories from the National Vulnerability Database list contain a link to the CVE record, where you can read more details about the vulnerability, its CVSS scores, and its qualitative severity level. For more information, see the "[National Vulnerability Database](https://nvd.nist.gov/)" from the National Institute of Standards and Technology.
+
+The severity level is one of four possible levels defined in the "[Common Vulnerability Scoring System (CVSS), Section 5](https://www.first.org/cvss/specification-document)."
+- Low
+- Medium/Moderate
+- High
+- Critical
+
+The {% data variables.product.prodname_advisory_database %} uses the CVSS levels described above. If {% data variables.product.company_short %} obtains a CVE, the {% data variables.product.prodname_advisory_database %} uses CVSS version 3.1. If the CVE is imported, the {% data variables.product.prodname_advisory_database %} supports both CVSS versions 3.0 and 3.1.
+
+{% data reusables.repositories.github-security-lab %}
+
+## Further reading
+
+- "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)"
+- MITRE's [definition of "vulnerability"](https://www.cve.org/ResourcesSupport/Glossary#vulnerability)

translations/zh-CN/content/code-security/security-advisories/global-security-advisories/browsing-security-advisories-in-the-github-advisory-database.md

@@ -0,0 +1,128 @@
+---
+title: 在 GitHub Advisory Database 中浏览安全公告
+intro: '可以浏览 {% data variables.product.prodname_advisory_database %} 以查找托管在 {% data variables.product.company_short %} 上的开放源代码项目中的安全风险公告。'
+shortTitle: Browse Advisory Database
+miniTocMaxHeadingLevel: 3
+redirect_from:
+  - /github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database
+  - /code-security/supply-chain-security/browsing-security-vulnerabilities-in-the-github-advisory-database
+  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database
+  - /code-security/dependabot/dependabot-alerts/browsing-security-vulnerabilities-in-the-github-advisory-database
+  - /code-security/dependabot/dependabot-alerts/browsing-security-advisories-in-the-github-advisory-database
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+type: how_to
+topics:
+  - Security advisories
+  - Alerts
+  - Dependabot
+  - Vulnerabilities
+  - CVEs
+ms.openlocfilehash: 19c37d2a1a1101f9984de13cd034bb0ee5e285a8
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113981'
+---
+<!--Marketing-LINK: From /features/security/software-supply-chain page "Browsing security vulnerabilities in the GitHub Advisory Database".-->
+
+## 访问 {% data variables.product.prodname_advisory_database %} 中的通告
+
+可以访问 {% data variables.product.prodname_advisory_database %} 中的任何公告。
+
+1. 导航到 https://github.com/advisories。
+2. （可选）要过滤列表，请使用任意下拉菜单。
+  ![下拉筛选器](/assets/images/help/security/advisory-database-dropdown-filters.png) {% tip %}
+
+   提示：可以使用左侧边栏分别浏览 {% data variables.product.company_short %} 已审核和未审核的公告。
+
+   {% endtip %}
+3. 单击任何公告以查看详细信息。 默认情况下，你将看到经 {% data variables.product.company_short %} 审核的安全漏洞公告。 {% ifversion GH-advisory-db-supports-malware %}要显示恶意软件公告，请在搜索栏中使用 `type:malware`。{% endif %}
+
+
+{% note %}
+
+也可以使用 GraphQL API 访问数据库。 {% ifversion GH-advisory-db-supports-malware %}默认情况下，除非指定 `type:malware`，否则查询将返回经 {% data variables.product.company_short %} 审核的安全漏洞公告。{% endif %}有关详细信息，请参阅“[`security_advisory`Webhook 事件](/webhooks/event-payloads/#security_advisory)”。
+
+{% endnote %}
+
+## 在 {% data variables.product.prodname_advisory_database %} 中编辑公告
+您可以对 {% data variables.product.prodname_advisory_database %} 中的任何公告提出改进建议。 有关详细信息，请参阅“[在 {% data variables.product.prodname_advisory_database %} 中编辑安全公告](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)”。
+
+## 搜索 {% data variables.product.prodname_advisory_database %}
+
+您可以搜索数据库，并使用限定符缩小搜索范围。 例如，您可以搜索在特定日期、特定生态系统或特定库中创建的通告。
+
+{% data reusables.time_date.date_format %} {% data reusables.time_date.time_format %}
+
+{% data reusables.search.date_gt_lt %}
+
+| 限定符  | 示例 |
+| ------------- | ------------- |
+| `type:reviewed`| [**type:reviewed**](https://github.com/advisories?query=type%3Areviewed) 将显示经 {% data variables.product.company_short %} 审核的安全漏洞公告。 |
+{% ifversion GH-advisory-db-supports-malware %}| `type:malware` | [**type:malware**](https://github.com/advisories?query=type%3Amalware) 将显示经 {% data variables.product.company_short %} 审核的恶意软件公告。 |
+{% endif %}| `type:unreviewed`| [**type:unreviewed**](https://github.com/advisories?query=type%3Aunreviewed) 显示未审核的公告。 |
+| `GHSA-ID`| [**GHSA-49wp-qq6x-g2rf**](https://github.com/advisories?query=GHSA-49wp-qq6x-g2rf) 显示包含此 {% data variables.product.prodname_advisory_database %} ID 的公告。 |
+| `CVE-ID`| [**CVE-2020-28482**](https://github.com/advisories?query=CVE-2020-28482) 显示具有此 CVE ID 编号的公告。 |
+| `ecosystem:ECOSYSTEM`| [**ecosystem:npm**](https://github.com/advisories?utf8=%E2%9C%93&query=ecosystem%3Anpm) 仅显示影响 NPM 包的公告。 |
+| `severity:LEVEL`| [**severity:high**](https://github.com/advisories?utf8=%E2%9C%93&query=severity%3Ahigh) 仅显示具有较高严重性级别的公告。 |
+| `affects:LIBRARY`| [**affects:lodash**](https://github.com/advisories?utf8=%E2%9C%93&query=affects%3Alodash) 仅显示影响 lodash 库的公告。 |
+| `cwe:ID`| [**cwe:352**](https://github.com/advisories?query=cwe%3A352) 仅显示具有此 CWE 编号的公告。 |
+| `credit:USERNAME`| [**credit:octocat**](https://github.com/advisories?query=credit%3Aoctocat) 仅显示属于“octocat”用户帐户的公告。 |
+| `sort:created-asc`| [**sort:created-asc**](https://github.com/advisories?utf8=%E2%9C%93&query=sort%3Acreated-asc) 按最旧的公告在前的顺序进行排序。 |
+| `sort:created-desc`| [**sort:created-desc**](https://github.com/advisories?utf8=%E2%9C%93&query=sort%3Acreated-desc) 按最新的公告在前的顺序进行排序。 |
+| `sort:updated-asc`| [**sort:updated-asc**](https://github.com/advisories?utf8=%E2%9C%93&query=sort%3Aupdated-asc) 按更新时间由远及近的顺序排序。 |
+| `sort:updated-desc`| [**sort:updated-desc**](https://github.com/advisories?utf8=%E2%9C%93&query=sort%3Aupdated-desc) 按更新时间由近及远的顺序排序。 |
+| `is:withdrawn`| [**is:withdrawn**](https://github.com/advisories?utf8=%E2%9C%93&query=is%3Awithdrawn) 仅显示已撤回的公告。 |
+| `created:YYYY-MM-DD`| [**created:2021-01-13**](https://github.com/advisories?utf8=%E2%9C%93&query=created%3A2021-01-13) 仅显示在此日期创建的公告。 |
+| `updated:YYYY-MM-DD`| [**updated:2021-01-13**](https://github.com/advisories?utf8=%E2%9C%93&query=updated%3A2021-01-13) 仅显示在此日期更新的公告。 |
+
+## 查看有漏洞的仓库
+
+对于 {% data variables.product.prodname_advisory_database %} 中任何经 {% data variables.product.company_short %} 审核的公告，你都可以查看哪些存储库受该安全漏洞{% ifversion GH-advisory-db-supports-malware %}或恶意软件{% endif %}的影响。 要查看有漏洞的仓库，您必须有权访问该仓库的 {% data variables.product.prodname_dependabot_alerts %}。 有关详细信息，请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)”。
+
+1. 导航到 https://github.com/advisories。
+2. 单击通告。
+3. 在公告页面顶部，单击“Dependabot 警报”。
+   ![Dependabot 警报](/assets/images/help/security/advisory-database-dependabot-alerts.png)
+4. （可选）要过滤列表，请使用搜索栏或下拉菜单。 “Organization（组织）”下拉菜单用于按所有者（组织或用户）过滤 {% data variables.product.prodname_dependabot_alerts %}。
+   ![用于筛选警报的搜索栏和下拉菜单](/assets/images/help/security/advisory-database-dependabot-alerts-filters.png)
+5. 有关公告的更多详细信息，以及有关如何修复有漏洞的存储库的建议，请单击存储库名称。
+
+{% ifversion security-advisories-ghes-ghae %}
+## 访问 {% data variables.location.product_location %} 上的本地公告数据库
+
+如果站点管理员已为 {% data variables.location.product_location %} 启用 {% data variables.product.prodname_github_connect %}，你还可以在本地浏览已审核的公告。 有关详细信息，请参阅“[关于 {% data variables.product.prodname_github_connect %}](/admin/configuration/configuring-github-connect/about-github-connect)”。
+
+可使用本地公告数据库来检查是否包含特定的安全漏洞，从而检查是否会收到有关易受攻击的依赖项的警报。 还可以查看任何易受攻击的存储库。 
+
+1. 导航到 `https://HOSTNAME/advisories`。
+2. （可选）要过滤列表，请使用任意下拉菜单。
+  ![下拉筛选器](/assets/images/help/security/advisory-database-dropdown-filters.png) {% note %}
+
+   注意：只会列出已审核的公告。 可以在 {% data variables.product.prodname_dotcom_the_website %} 上的 {% data variables.product.prodname_advisory_database %} 中查看未审核的公告。 有关详细信息，请参阅“[访问 GitHub 公告数据库中的公告](#accessing-an-advisory-in-the-github-advisory-database)”。 
+
+   {% endnote %}
+3. 单击公告以查看详细信息。{% ifversion GH-advisory-db-supports-malware %}默认情况下，你将看到经 {% data variables.product.company_short %} 审核的安全漏洞公告。 若要显示恶意软件公告，请在搜索栏中使用 `type:malware`。{% endif %}
+
+还可以直接从本地公告数据库中对任何公告提出改进建议。 有关详细信息，请参阅“[编辑来自 {% data variables.location.product_location %} 的公告](/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database#editing-advisories-from-your-github-enterprise-server-instance)”。
+
+### 查看 {% data variables.location.product_location %} 的易受攻击的存储库
+
+{% data reusables.repositories.enable-security-alerts %}
+
+在本地公告数据库中，可以看到哪些存储库受到每个安全漏洞{% ifversion GH-advisory-db-supports-malware %}或恶意软件{% endif %}的影响。 要查看有漏洞的仓库，您必须有权访问该仓库的 {% data variables.product.prodname_dependabot_alerts %}。 有关详细信息，请参阅“[关于 {% data variables.product.prodname_dependabot_alerts %}](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies#access-to-dependabot-alerts)”。
+
+1. 导航到 `https://HOSTNAME/advisories`。
+2. 单击通告。
+3. 在公告页面顶部，单击“Dependabot 警报”。
+   ![Dependabot 警报](/assets/images/help/security/advisory-database-dependabot-alerts.png)
+4. （可选）要过滤列表，请使用搜索栏或下拉菜单。 “Organization（组织）”下拉菜单用于按所有者（组织或用户）过滤 {% data variables.product.prodname_dependabot_alerts %}。
+   ![用于筛选警报的搜索栏和下拉菜单](/assets/images/help/security/advisory-database-dependabot-alerts-filters.png)
+5. 有关公告的更多详细信息，以及有关如何修复有漏洞的存储库的建议，请单击存储库名称。
+
+{% endif %}

translations/zh-CN/content/code-security/security-advisories/global-security-advisories/editing-security-advisories-in-the-github-advisory-database.md

@@ -0,0 +1,62 @@
+---
+title: 在 GitHub Advisory Database 中编辑安全公告
+intro: '你可以对 {% data variables.product.prodname_advisory_database %} 中发布的任何公告提交改进建议。'
+redirect_from:
+  - /code-security/security-advisories/editing-security-advisories-in-the-github-advisory-database
+  - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database
+  - /code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+type: how_to
+topics:
+  - Security advisories
+  - Alerts
+  - Dependabot
+  - Vulnerabilities
+  - CVEs
+shortTitle: Edit Advisory Database
+ms.openlocfilehash: 7cfe2ff49c830922457ef5192ca0db7d326e1388
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148114002'
+---
+## 在 {% data variables.product.prodname_advisory_database %} 中编辑公告
+
+{% data variables.product.prodname_advisory_database %} 中的公告属于全局安全公告。 有关全局安全公告的详细信息，请参阅“[关于全局安全公告](/code-security/security-advisories/global-security-advisories/about-global-security-advisories)”。
+
+任何人都可以对 {% data variables.product.prodname_advisory_database %} 中的任何全局安全公告提出改进建议。 可以编辑或添加任何详细信息，包括其他受影响的生态系统、严重性级别或受影响方的说明。 {% data variables.product.prodname_security %} 策展团队将评审提交的改进，并在接受后将其发布到 {% data variables.product.prodname_advisory_database %} 上。
+{% ifversion fpt or ghec %}只有存储库所有者和管理员才能编辑存储库级别的安全公告。 有关详细信息，请参阅“[编辑存储库安全性公告](/code-security/security-advisories/editing-a-security-advisory)”。{% endif %}
+
+
+1. 导航到 https://github.com/advisories。
+1. 选择要编辑的安全公告。
+1. 在页面右侧，单击“此漏洞的建议改进”链接。
+   
+   ![建议改进链接的屏幕截图](/assets/images/help/security/suggest-improvements-to-advisory.png)
+
+1. 在“改进安全公告”表单中，进行所需的改进。 可以编辑或添加任何详细信息。{% ifversion fpt or ghec %} 有关在表单上正确指定信息（包括受影响的版本）的信息，请参阅“[编写存储库安全公告的最佳做法](/code-security/repository-security-advisories/best-practices-for-writing-repository-security-advisories)”。{% endif %}{% ifversion security-advisories-reason-for-change %}
+1. 在“更改原因”下，解释为何要进行此改进。 如果包含指向支持材料的链接，这将帮助我们的审阅者。
+   
+   ![更改字段的原因的屏幕截图](/assets/images/help/security/security-advisories-suggest-improvement-reason.png){% endif %}
+
+1. 编辑完公告后，单击“提交改进”。
+1. 提交改进后，系统将创建包含你的更改的拉取请求，供 {% data variables.product.prodname_security %} 策展团队在 [github/advisory-database](https://github.com/github/advisory-database) 中查看。 如果公告源自 {% data variables.product.prodname_dotcom %} 存储库，我们还会标记原始发布者以便提供可选评论。 可以在拉取请求更新或关闭时查看拉取请求并获取通知。
+
+还可以直接在 [github/advisory-database](https://github.com/github/advisory-database) 存储库中的公告文件上打开拉取请求。 有关详细信息，请参阅[贡献指南](https://github.com/github/advisory-database/blob/main/CONTRIBUTING.md)。 
+
+{% ifversion security-advisories-ghes-ghae %}
+## 编辑来自 {% data variables.location.product_location %} 的公告
+
+如果已为 {% data variables.location.product_location %} 启用 {% data variables.product.prodname_github_connect %}，你将能够通过将 `/advisories` 添加到实例 URL 来查看公告。 
+
+1. 导航到 `https://HOSTNAME/advisories`。
+2. 选择要编辑的安全公告。
+3. 在页面右侧，单击“在 {% data variables.product.prodname_dotcom_the_website %} 上针对此漏洞提出改进建议”。 链接。 此时会在 {% data variables.product.prodname_dotcom_the_website %} 上打开一个新选项卡，该选项卡具有相同的安全公告。
+![建议改进链接](/assets/images/help/security/suggest-improvements-to-advisory-on-github-com.png)
+4. 按照上述“[在 GitHub 公告数据库中编辑公告](#editing-advisories-in-the-github-advisory-database)”中的步骤 4 到 6 编辑公告。
+{% endif %}

translations/zh-CN/content/code-security/security-advisories/global-security-advisories/index.md

@@ -0,0 +1,27 @@
+---
+title: 使用 GitHub 公告数据库中的全局安全公告
+shortTitle: Global security advisories
+intro: '浏览 {% data variables.product.prodname_advisory_database %} 并提交对任何全局安全公告的改进。'
+versions:
+  fpt: '*'
+  ghes: '*'
+  ghae: '*'
+  ghec: '*'
+topics:
+  - Security advisories
+  - Vulnerabilities
+  - Repositories
+  - CVEs
+children:
+  - /about-the-github-advisory-database
+  - /about-global-security-advisories
+  - /browsing-security-advisories-in-the-github-advisory-database
+  - /editing-security-advisories-in-the-github-advisory-database
+ms.openlocfilehash: ff0ba15abd3a404cbdb8ce97347d8dd5a4090280
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113984'
+---
+

translations/zh-CN/content/code-security/security-advisories/guidance-on-reporting-and-writing/index.md

@@ -0,0 +1,22 @@
+---
+title: 有关报告和编写漏洞相关信息的指南
+shortTitle: Guidance on reporting and writing
+intro: 编写安全公告和管理私下报告的安全漏洞的最佳做法。
+versions:
+  fpt: '*'
+  ghec: '*'
+topics:
+  - Security advisories
+  - Vulnerabilities
+  - Repositories
+  - CVEs
+children:
+  - /best-practices-for-writing-repository-security-advisories
+ms.openlocfilehash: 71eb2be3bc1590536bdb43f9bb08953859924748
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113978'
+---
+

translations/zh-CN/content/code-security/security-advisories/index.md

@@ -0,0 +1,26 @@
+---
+title: 使用安全公告
+shortTitle: Security advisories
+intro: '了解如何在 {% data variables.product.prodname_dotcom %},{% ifversion fpt or ghec %} 上使用安全公告，无论是想要为现有的全局公告做出贡献，还是创建存储库安全公告，{% endif %}这样做都可以改进存储库维护人员和安全研究者之间的协作。'
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+  ghae: '*'
+topics:
+  - Security advisories
+  - Vulnerabilities
+  - Repositories
+  - CVEs
+children:
+  - /global-security-advisories
+  - /repository-security-advisories
+  - /guidance-on-reporting-and-writing
+ms.openlocfilehash: a42c57006a05bd1fffc09c8241d22eddc67ed8f1
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113997'
+---
+

translations/zh-CN/content/code-security/security-advisories/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities.md

@@ -0,0 +1,77 @@
+---
+title: 关于安全漏洞的协调披露
+intro: 漏洞披露是安全报告者与仓库维护者之间的协调工作。
+redirect_from:
+  - /code-security/security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
+  - /code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
+miniTocMaxHeadingLevel: 3
+versions:
+  fpt: '*'
+  ghec: '*'
+type: overview
+topics:
+  - Security advisories
+  - Vulnerabilities
+shortTitle: Coordinated disclosure
+ms.openlocfilehash: c451554e08b4193ca20f9af8a5e694750808bf19
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113999'
+---
+## 关于披露行业漏洞
+
+{% data reusables.security-advisory.disclosing-vulnerabilities %}
+
+漏洞的初始报告是私下发布的，并且只有在维护者确认问题后才会公布全部详细信息，最好提供补救或修补程序，有时会延迟，以便有更多的时间安装修补程序。 有关详细信息，请参阅 OWASP 备忘单系列网站上的“[关于漏洞披露的 OWASP 备忘单系列](https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html#commercial-and-open-source-software)”。
+
+### 漏洞报告者的最佳实践
+
+私下向维护者报告漏洞是一项良好的做法。 如果可能，作为漏洞报告者，我们建议您避免：
+- 公开披露漏洞而不给维护者补救的机会。
+- 绕过维护者。
+- 在代码的修复版可用之前披露漏洞。
+- 在没有公共奖励方案的情况下，报告某个问题时期望得到补偿。
+
+漏洞报告者如果已尝试联系维护者但未收到回复，或与已联系他们但被要求等待很久才能披露，则在一段时间后公开披露漏洞是可以接受的。 
+
+我们建议漏洞报告者在报告过程中明确说明其披露政策的条款。 即使漏洞报告者不遵守严格的政策，最好在预期漏洞披露的时间表上对维护者设定明确的期望。 有关披露策略的示例，请参阅 GitHub 安全实验室网站上的“[安全实验室披露策略](https://securitylab.github.com/advisories#policy)”。
+
+### 维护者最佳实践
+
+作为维护者，最佳做法是明确说明您想如何和在何处收到关于漏洞的报告。 如果此信息不可明确，但漏洞报告者不知道如何联系您，可能寻求从 git 提交历史记录中提取开发人员电子邮件地址，以尝试找到适当的安全联系人。 这可能导致摩擦、丢失报告或发布未解决的报告。
+
+维护者应及时披露漏洞。 如果您的仓库存在安全漏洞，我们建议您：
+- 在响应和披露中，将漏洞视为安全问题，而不是简单的错误。 例如，您需要明确提及问题在发布说明中是一个安全漏洞。
+- 即使没有即时的调查资源，也应尽快确认收到漏洞报告。 这传递了这样一个信息：您可以快速响应并采取行动，并为您与漏洞报告者之间的其余互动设定了积极的基调。
+- 当您验证报告的影响和真实性时，请让漏洞报告者参与。 漏洞报告者可能已经花时间考虑了各种情景中的漏洞，其中一些情况您自己可能都没有考虑过。
+- 以你认为合适的方式解决这个问题，认真考虑漏洞报告者提出的任何关切和建议。 通常，漏洞报告者会了解没有安全研究背景时容易错过的某些角落案例和补救旁路。
+- 始终将漏洞的发现归功于漏洞报告者。
+- 目标是尽快发布修复。
+- 确保您在披露漏洞时让更广泛的生态系统意识到问题及其补救措施。 在项目当前开发分支中修复已识别的安全问题，但提交或后续版本未明确标记为安全修复或发布的情况并不少见。 这可能给下游消费者造成问题。
+
+发布安全漏洞的详细信息不会使维护者看起来很糟糕。 安全漏洞在软件中随处可见。用户会信任那些在其守则中明确制定了安全漏洞披露程序的维护者。
+
+## 关于在 {% data variables.product.prodname_dotcom %} 上报告和披露项目中的漏洞
+
+在 {% data variables.product.prodname_dotcom_the_website %} 上报告和披露项目漏洞的流程如下：
+
+ 如果您是要报告漏洞的漏洞报告者（例如安全研究人员），请先检查相关仓库是否有安全策略。 有关详细信息，请参阅“[关于安全策略](/code-security/getting-started/adding-a-security-policy-to-your-repository#about-security-policies)”。 如果有的话，请先了解该流程，然后再联系该仓库的安全团队。 
+ 
+ 如果没有安全策略，与维护者建立私人通信手段的最有效办法是制造一个要求优先安全联系的问题。 值得注意的是，这个问题将立即公开可见，所以它不应该包括任何有关漏洞的信息。 建立通信后，您可以建议维护者制定安全策略以供将来使用。
+
+{% note %}
+
+注意：如果我们收到 npm 包中的恶意软件报告，我们会尝试私下与你联系（仅适用于 npm）。 如果您不及时解决问题，我们将予以披露。 有关详细信息，请参阅 npm Docs 网站上的“[报告 npm 包中的恶意软件](https://docs.npmjs.com/reporting-malware-in-an-npm-package)”。
+
+{% endnote %}
+
+ 如果您在 {% data variables.product.prodname_dotcom_the_website %} 中发现了安全漏洞，请通过我们协调的披露流程报告该漏洞。 有关详细信息，请参阅“[{% data variables.product.prodname_dotcom %}  安全 Bug 赏金](https://bounty.github.com/)”网站。
+
+ 如果您是维护者， 您可以在管道开始时通过为您的仓库设置安全策略来掌控这一过程，或者以其他方式使安全报告说明清楚可用，例如在项目的 README 文件中。 有关添加安全策略的信息，请参阅“[关于安全策略](/code-security/getting-started/adding-a-security-policy-to-your-repository#about-security-policies)”。 如果没有安全策略，漏洞报告者可能会尝试向您发送电子邮件或以其他方式私下与您联系。 或者，有人可能会开一个（公共）议题讨论安全问题的细节。
+
+ 作为维护者，要在您的代码中披露漏洞，请先在 {% data variables.product.prodname_dotcom %} 中软件包的仓库内创建安全通告。 {% data reusables.security-advisory.security-advisory-overview %} 有关详细信息，请参阅“[关于存储库安全公告](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories)”。
+
+
+ 要开始使用，请参阅“[创建存储库安全公告](/code-security/repository-security-advisories/creating-a-repository-security-advisory)”。

translations/zh-CN/content/code-security/security-advisories/repository-security-advisories/about-repository-security-advisories.md

@@ -0,0 +1,67 @@
+---
+title: 关于存储库安全公告
+intro: 可以使用存储库安全公告来私下讨论、修复和发布有关存储库中安全漏洞的信息。
+shortTitle: About repository security advisories
+redirect_from:
+  - /articles/about-maintainer-security-advisories
+  - /github/managing-security-vulnerabilities/about-maintainer-security-advisories
+  - /github/managing-security-vulnerabilities/about-github-security-advisories
+  - /code-security/security-advisories/about-github-security-advisories
+  - /code-security/repository-security-advisories/about-github-security-advisories-for-repositories
+versions:
+  fpt: '*'
+  ghec: '*'
+type: overview
+topics:
+  - Security advisories
+  - Vulnerabilities
+  - CVEs
+ms.openlocfilehash: a9f411a28812edadb810861a6b4d5239db1722a5
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148114000'
+---
+{% data reusables.repositories.security-advisory-admin-permissions %}
+
+{% data reusables.security-advisory.security-researcher-cannot-create-advisory %}
+
+## 关于存储库安全公告
+
+{% data reusables.security-advisory.disclosing-vulnerabilities %} 更多信息请参阅“[关于协调披露安全漏洞](/code-security/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities)”。
+
+{% data reusables.security-advisory.security-advisory-overview %}
+
+使用存储库安全公告，可以执行以下操作：
+
+1. 创建安全通告草稿，并使用草稿私下讨论漏洞对项目的影响。 有关详细信息，请参阅“[创建存储库安全公告](/code-security/repository-security-advisories/creating-a-repository-security-advisory)”。
+2. 在临时私有复刻中私下协作以修复漏洞。
+3. 在补丁发布后发布通告向社区提醒漏洞。 有关详细信息，请参阅“[发布存储库安全性公告](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)”。
+
+{% data reusables.repositories.security-advisories-republishing %}
+
+您可以向为安全通告做出贡献的个人提供积分。 有关详细信息，请参阅“[编辑存储库安全性公告](/code-security/repository-security-advisories/editing-a-repository-security-advisory#about-credits-for-security-advisories)”。
+
+{% data reusables.repositories.security-guidelines %}
+
+如果您在仓库中创建了安全通告，安全通告将保留在您的仓库中。 我们在 [github.com/advantores](https://github.com/advisories) 上的 {% data variables.product.prodname_advisory_database %} 发布任何由依赖关系图支持的生态系统的安全公告。 任何人都可以提交对 {% data variables.product.prodname_advisory_database %} 中发布的公告的更改。 有关详细信息，请参阅“[在 {% data variables.product.prodname_advisory_database %} 中编辑安全公告](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)”。
+
+如果安全通告是专门针对 npm 的，我们也会向 npm 安全通告发布该通告。 有关详细信息，请参阅 [npmjs.com/advisories](https://www.npmjs.com/advisories)。
+
+{% data reusables.repositories.github-security-lab %}
+
+## CVE 识别号
+
+{% data variables.product.prodname_security_advisories %} 基于通用漏洞披露 (CVE) 列表而构建。 在 {% data variables.product.prodname_dotcom %} 上的安全通告表是符合 CVE 描述格式的标准化表格。 
+
+{% data variables.product.prodname_dotcom %} 是 CVE 编号颁发机构 (CNA)，被授权分配 CVE 标识号。 有关详细信息，请参阅 CVE 网站上的[关于 CVE](https://www.cve.org/About/Overview) 和 [CVE 编号机构](https://www.cve.org/ProgramOrganization/CNAs)。
+
+在 {% data variables.product.prodname_dotcom %} 上为公共仓库创建安全通告时，您可以选择为安全漏洞提供现有的 CVE 标识号。 {% data reusables.repositories.request-security-advisory-cve-id %}
+
+在您发布了安全通告并且 {% data variables.product.prodname_dotcom %} 为漏洞分配 CVE 标识号后，{% data variables.product.prodname_dotcom %} 会将 CVE 发布到 MITRE 数据库。
+有关详细信息，请参阅“[发布存储库安全性公告](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)”。
+
+## 对于发布的安全通告的 {% data variables.product.prodname_dependabot_alerts %}
+
+{% data reusables.repositories.github-reviews-security-advisories %}

translations/zh-CN/content/code-security/security-advisories/repository-security-advisories/creating-a-repository-security-advisory.md

@@ -0,0 +1,45 @@
+---
+title: 创建存储库安全公告
+intro: 您可以创建安全通告草稿，以私下讨论和修复开源项目中的安全漏洞。
+redirect_from:
+  - /articles/creating-a-maintainer-security-advisory
+  - /github/managing-security-vulnerabilities/creating-a-maintainer-security-advisory
+  - /github/managing-security-vulnerabilities/creating-a-security-advisory
+  - /code-security/security-advisories/creating-a-security-advisory
+  - /code-security/repository-security-advisories/creating-a-repository-security-advisory
+versions:
+  fpt: '*'
+  ghec: '*'
+type: how_to
+topics:
+  - Security advisories
+  - Vulnerabilities
+shortTitle: Create repository advisories
+ms.openlocfilehash: de22432173f6bf909d001a3f780b0f9943769ec0
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113988'
+---
+任何对仓库有管理员权限的人都可以创建安全通告。
+
+{% data reusables.security-advisory.security-researcher-cannot-create-advisory %}
+
+## 创建安全通知
+
+{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
+4. 单击“新建安全公告草稿”，打开草稿公告表单。
+  ![“打开公告草稿”按钮](/assets/images/help/security/security-advisory-new-draft-security-advisory-button.png)
+5. 键入安全通告的标题。
+{% data reusables.repositories.security-advisory-edit-details %} {% data reusables.repositories.security-advisory-edit-severity %} {% data reusables.repositories.security-advisory-edit-cwe-cve %} {% data reusables.repositories.security-advisory-edit-description %}
+11. 单击“创建安全公告草稿”。
+  ![“创建安全公告”按钮](/assets/images/help/security/security-advisory-create-security-advisory-button.png)
+
+## 后续步骤
+
+- 评论安全通告草稿，与团队讨论漏洞。
+- 添加协作者到安全通告。 有关详细信息，请参阅“[将协作者添加到存储库安全公告](/code-security/repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)”。
+- 在临时私有复刻中私下协作以修复漏洞。 有关详细信息，请参阅“[在临时专用分支中协作以解决存储库安全漏洞](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)”。
+- 添加因对安全通告做出贡献而应获得积分的个人。 有关详细信息，请参阅“[编辑存储库安全公告](/code-security/repository-security-advisories/editing-a-repository-security-advisory#about-credits-for-security-advisories)”。
+- 发布安全通告以向社区提醒安全漏洞。 有关详细信息，请参阅“[发布存储库安全公告](/code-security/repository-security-advisories/publishing-a-repository-security-advisory)”。

translations/zh-CN/content/code-security/security-advisories/repository-security-advisories/editing-a-repository-security-advisory.md

@@ -0,0 +1,49 @@
+---
+title: 编辑存储库安全通告
+intro: 如果需要更新详细信息或更正错误，可以编辑存储库安全公告的元数据和说明。
+redirect_from:
+  - /github/managing-security-vulnerabilities/editing-a-security-advisory
+  - /code-security/security-advisories/editing-a-security-advisory
+  - /code-security/repository-security-advisories/editing-a-repository-security-advisory
+versions:
+  fpt: '*'
+  ghec: '*'
+type: how_to
+topics:
+  - Security advisories
+  - Vulnerabilities
+shortTitle: Edit repository advisories
+ms.openlocfilehash: db25b39285c65cd1ba83e1a2b6e76e7ec0d6e3e4
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113992'
+---
+对存储库安全通告具有管理员权限的人员可以编辑安全通告。
+
+{% data reusables.security-advisory.repository-level-advisory-note %}
+
+## 关于安全通告的积分
+
+您可以向帮助发现、报告或修复安全漏洞的人提供积分。 如果您向某人提供积分，他们可以选择接受或拒绝积分。
+
+如果某人接受积分，则其用户名将显示在安全通告的“Credits（积分）”部分。 拥有仓库读取权限的任何人都可以看到通告和接受其积分的人。
+
+如果您认为您应该获得安全通告积分，请联系通告的创建者并让他们编辑通告以包含您的贡献积分。 只有通告创建者才可计入您的功劳积分，因此请不要就安全通告的积分一事联系 GitHub 支持。
+
+## 编辑安全通告
+
+{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
+4. 在“Security Advisories（安全通告）”列表中，单击您要编辑的安全通告。
+5. 在安全通告详细信息的右上角，单击 {% octicon "pencil" aria-label="The edit icon" %}。 这将在编辑模式下打开安全公告表单。
+  ![安全通告的“编辑”按钮](/assets/images/help/security/security-advisory-edit-button.png) {% data reusables.repositories.security-advisory-edit-details %} {% data reusables.repositories.security-advisory-edit-severity %} {% data reusables.repositories.security-advisory-edit-cwe-cve %} {% data reusables.repositories.security-advisory-edit-description %}
+11. （可选）编辑安全通告的“Credits（积分）”。
+  ![安全公告的额度](/assets/images/help/security/security-advisory-credits.png)
+12. 单击“更新安全公告”。
+  ![“更新安全公告”按钮](/assets/images/help/security/update-advisory-button.png)
+13. “Credits（积分）”部分列出的人员将会收到邀请他们接受积分的电子邮件或 web 通知。 如果某人接受，则其用户名将在安全通告发布后公开可见。
+
+## 延伸阅读
+
+- [撤消存储库安全公告](/code-security/repository-security-advisories/withdrawing-a-repository-security-advisory)

translations/zh-CN/content/code-security/security-advisories/repository-security-advisories/index.md

@@ -0,0 +1,35 @@
+---
+title: 使用存储库安全公告
+shortTitle: Repository security advisories
+intro: 使用存储库安全公告讨论、修正和披露存储库中的安全漏洞。
+redirect_from:
+  - /articles/managing-security-vulnerabilities-in-your-project
+  - /github/managing-security-vulnerabilities/managing-security-vulnerabilities-in-your-project
+  - /code-security/repository-security-advisories
+versions:
+  fpt: '*'
+  ghec: '*'
+topics:
+  - Security advisories
+  - Vulnerabilities
+  - Repositories
+  - CVEs
+children:
+  - /about-coordinated-disclosure-of-security-vulnerabilities
+  - /about-repository-security-advisories
+  - /permission-levels-for-repository-security-advisories
+  - /creating-a-repository-security-advisory
+  - /editing-a-repository-security-advisory
+  - /collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability
+  - /publishing-a-repository-security-advisory
+  - /adding-a-collaborator-to-a-repository-security-advisory
+  - /removing-a-collaborator-from-a-repository-security-advisory
+  - /withdrawing-a-repository-security-advisory
+ms.openlocfilehash: 2584e75893b9e8ce97af843a61b8fae8e5fc9704
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113979'
+---
+

translations/zh-CN/content/code-security/security-advisories/repository-security-advisories/publishing-a-repository-security-advisory.md

@@ -0,0 +1,102 @@
+---
+title: 发布存储库安全公告
+intro: 您可以发布安全通告，向社区提醒项目中的安全漏洞。
+redirect_from:
+  - /articles/publishing-a-maintainer-security-advisory
+  - /github/managing-security-vulnerabilities/publishing-a-maintainer-security-advisory
+  - /github/managing-security-vulnerabilities/publishing-a-security-advisory
+  - /code-security/security-advisories/publishing-a-security-advisory
+  - /code-security/repository-security-advisories/publishing-a-repository-security-advisory
+versions:
+  fpt: '*'
+  ghec: '*'
+type: how_to
+topics:
+  - Security advisories
+  - Vulnerabilities
+  - CVEs
+  - Repositories
+shortTitle: Publish repository advisories
+ms.openlocfilehash: 17d98e3027c0968f21107ccefdb70fbebca67a35
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113983'
+---
+<!--Marketing-LINK: From /features/security/software-supply-chain page "Publishing a security advisory".-->
+
+对安全通告具有管理员权限的任何人都可发布安全通告。
+
+{% data reusables.security-advisory.repository-level-advisory-note %}
+
+## 先决条件
+
+在发布安全通告或申请 CVE 标识号之前，必须创建安全通告草稿，并提供受安全漏洞影响的项目版本的相关信息。 有关详细信息，请参阅“[创建存储库安全公告](/code-security/repository-security-advisories/creating-a-repository-security-advisory)”。
+
+如果您已创建安全通告，但尚未提供有关安全漏洞影响的项目版本的详细信息，则可以编辑安全通告。 有关详细信息，请参阅“[编辑存储库安全公告](/code-security/repository-security-advisories/editing-a-repository-security-advisory)”。
+
+## 关于发布安全通告
+
+发布安全通告时，会通知您的社区关于该安全通告解决的安全漏洞。 发布安全通告使您的社区能够更轻松地更新包依赖项和研究安全漏洞的影响。
+
+{% data reusables.repositories.security-advisories-republishing %}
+
+在发布安全通告之前，您可以私下协作在临时私有复刻中修复漏洞。 有关详细信息，请参阅“[在临时专用分支中协作以解决存储库安全漏洞问题](/code-security/repository-security-advisories/collaborating-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability)”。
+
+{% warning %}
+
+警告：只要可能，你都应该始终在发布安全公告之前向该公告添加修复版本。 否则，通告将在没有修复版本的情况下发布，并且 {% data variables.product.prodname_dependabot %} 将向您的用户提醒有关问题，而不需提供任何安全版本来更新。
+
+我们建议您在以下不同情况下采取以下步骤：
+
+- 如果修复版本即将可用，请尽可能等到修复版本准备好后再发布。
+- 如果修复版本正在开发中，但尚不可用，请在通告中提及，等发布后再编辑通告。
+- 如果您不打算修复问题，请在通告中明确说明，以免用户联系您询问何时进行修复。 在这种情况下，列入用户可用于缓解这一问题的步骤会有帮助。
+
+{% endwarning %}
+
+从公共仓库发布通告草稿时，每个人都可以看到：
+
+- 通告数据的当前版本。
+- 积分用户已接受的任何通告积分。
+  
+{% note %}
+
+注意：公众无权查看公告的编辑历史记录，只能看到已发布的版本。
+
+{% endnote %}
+
+发布安全通告后，安全通告的 URL 将与发布安全通告之前保持相同。 对仓库具有读取权限的任何人都能看到安全通告。 安全通告的协作者可以继续查看安全通告中过去的对话，包括完整的评论流，除非有管理员权限的人从安全通告删除该协作者。 
+
+如果需要更新或更正已发布的安全通告中的信息，可以编辑安全通告。 有关详细信息，请参阅“[编辑存储库安全公告](/code-security/repository-security-advisories/editing-a-repository-security-advisory)”。
+
+## 发布安全通告
+
+发布安全通告会删除该安全通告的临时私有复刻。
+
+{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
+4. 在“Security Advisories（安全通告）”列表中，单击您要发布的安全通告。
+  ![列表中的安全公告](/assets/images/help/security/security-advisory-in-list.png)
+5. 单击页面底部的“发布公告”。
+  ![“发布公告”按钮](/assets/images/help/security/publish-advisory-button.png)
+  
+## 对于发布的安全通告的 {% data variables.product.prodname_dependabot_alerts %}
+
+{% data reusables.repositories.github-reviews-security-advisories %}
+
+## 申请 CVE 识别号（可选）
+
+{% data reusables.repositories.request-security-advisory-cve-id %} 有关详细信息，请参阅“[关于存储库安全公告](/code-security/repository-security-advisories/about-github-security-advisories-for-repositories#cve-identification-numbers)”。
+
+{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-advisories %}
+4. 在“Security Advisories（安全通告）”列表中，单击要为其申请 CVE 识别号的安全通告。
+  ![列表中的安全公告](/assets/images/help/security/security-advisory-in-list.png)
+5. 使用“发布公告”下拉菜单，然后单击“申请 CVE” 。
+  ![下拉列表中的“申请 CVE”](/assets/images/help/security/security-advisory-drop-down-request-cve.png)
+6. 单击“申请 CVE”。
+  ![“申请 CVE”按钮](/assets/images/help/security/security-advisory-request-cve-button.png)
+
+## 延伸阅读
+
+- [撤消存储库安全公告](/code-security/repository-security-advisories/withdrawing-a-repository-security-advisory)

translations/zh-CN/content/codespaces/codespaces-reference/allowing-your-codespace-to-access-a-private-image-registry.md

@@ -1,6 +1,6 @@
 ---
-title: Allowing your codespace to access a private image registry
-intro: 'You can use secrets to allow {% data variables.product.prodname_github_codespaces %} to access a private image registry'
+title: 允许代码空间访问私有映像注册表
+intro: '你可以使用密钥允许 {% data variables.product.prodname_github_codespaces %} 访问私有映像注册表'
 versions:
   fpt: '*'
   ghec: '*'
@@ -8,65 +8,70 @@ topics:
   - Codespaces
 product: '{% data reusables.gated-features.codespaces %}'
 shortTitle: Private image registry
+ms.openlocfilehash: 653584296b5513b670c145f9fa2f092f5a9fdae8
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113887'
 ---
+## 关于私人映像注册表和 {% data variables.product.prodname_github_codespaces %}
 
-## About private image registries and {% data variables.product.prodname_github_codespaces %}
+注册表是用于存储、管理和提取专用容器映像的安全空间。 您可以使用一个来存储一个或多个映像。 注册表的示例很多，例如 {% data variables.product.prodname_container_registry %}、{% data variables.product.prodname_npm_registry %}、Azure 容器注册表或 DockerHub。
 
-A registry is a secure space for storing, managing, and fetching private container images. You may use one to store one or more images. There are many examples of registries, such as {% data variables.product.prodname_container_registry %}, {% data variables.product.prodname_npm_registry %}, Azure Container Registry, or DockerHub.
+{% data variables.packages.prodname_ghcr_and_npm_registry %} 可以配置为允许在创建 codespace 期间无缝地将容器映像拉取到 {% data variables.product.prodname_github_codespaces %} 中，而无需提供任何身份验证凭据。 对于其他映像注册表，必须在 {% data variables.product.prodname_dotcom %} 中创建机密以存储访问详细信息，这将允许 {% data variables.product.prodname_github_codespaces %} 访问存储在该注册表中的映像。
 
-{% data variables.packages.prodname_ghcr_and_npm_registry %} can be configured to allow container images to be pulled seamlessly into {% data variables.product.prodname_github_codespaces %} during codespace creation, without having to provide any authentication credentials. For other image registries, you must create secrets in {% data variables.product.prodname_dotcom %} to store the access details, which will allow {% data variables.product.prodname_github_codespaces %} to access images stored in that registry.
+## 访问存储在 {% data variables.packages.prodname_ghcr_and_npm_registry %} 中的映像
 
-## Accessing images stored in {% data variables.packages.prodname_ghcr_and_npm_registry %}
+{% data variables.packages.prodname_ghcr_and_npm_registry %} 为 {% data variables.product.prodname_github_codespaces %} 使用开发容器映像提供了最简单的方法。
 
-{% data variables.packages.prodname_ghcr_and_npm_registry %} provide the easiest way for {% data variables.product.prodname_github_codespaces %} to consume dev container images.
+有关详细信息，请参阅“[使用容器注册表](/packages/working-with-a-github-packages-registry/working-with-the-container-registry)”和“[使用 npm 注册表](/packages/working-with-a-github-packages-registry/working-with-the-npm-registry)”。
 
-For more information, see "[Working with the Container registry](/packages/working-with-a-github-packages-registry/working-with-the-container-registry)" and "[Working with the npm registry](/packages/working-with-a-github-packages-registry/working-with-the-npm-registry)".
+### 访问发布到与代码空间相同的仓库的映像
 
-### Accessing an image published to the same repository as the codespace
+如果将容器映像发布到启动 codespace 的相同存储库中的 {% data variables.packages.prodname_ghcr_or_npm_registry %}，你将能够在创建 codespace 时自动提取该映像。 无需提供任何其他凭据，除非在发布容器映像时未选中“从存储库继承访问权限”选项。
 
-If you publish a container image to {% data variables.packages.prodname_ghcr_or_npm_registry %} in the same repository that the codespace is being launched in, you will automatically be able to fetch that image on codespace creation. You won't have to provide any additional credentials, unless the **Inherit access from repo** option was unselected when the container image was published.
+#### 从发布映像的仓库继承访问权限
 
-#### Inheriting access from the repository from which an image was published
+默认情况下，将容器映像发布到 {% data variables.packages.prodname_ghcr_or_npm_registry %} 时，该映像将继承从中发布映像的存储库的访问设置。 例如，如果仓库是公共的，则映像也是公共的。 如果仓库是私有的，则映像也是私有的，但可以从仓库访问。
 
-By default, when you publish a container image to {% data variables.packages.prodname_ghcr_or_npm_registry %}, the image inherits the access setting of the repository from which the image was published. For example, if the repository is public, the image is also public. If the repository is private, the image is also private, but is accessible from the repository.
+此行为由“从存储库继承访问权限”选项控制。 通过 {% data variables.product.prodname_actions %} 发布时，默认情况下会选择“从存储库继承访问权限”，但在使用 {% data variables.product.pat_generic %} 直接发布到 {% data variables.packages.prodname_ghcr_or_npm_registry %} 时，不会选择该选项。
 
-This behavior is controlled by the **Inherit access from repo** option. **Inherit access from repo** is selected by default when publishing via {% data variables.product.prodname_actions %}, but not when publishing directly to {% data variables.packages.prodname_ghcr_or_npm_registry %} using a {% data variables.product.pat_generic %}.
+如果在发布映像时未选择“从存储库继承访问权限”选项，则可以手动将存储库添加到已发布容器映像的访问控制中。 有关详细信息，请参阅“[配置包的访问控制和可见性](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#inheriting-access-for-a-container-image-from-a-repository)”。
 
-If the **Inherit access from repo** option was not selected when the image was published, you can manually add the repository to the published container image's access controls. For more information, see "[Configuring a package's access control and visibility](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#inheriting-access-for-a-container-image-from-a-repository)."
+### 访问发布到组织、代码空间将在 其中启动的映像
 
-### Accessing an image published to the organization a codespace will be launched in
+如果希望组织中的所有代码空间都可以访问容器映像，建议发布具有内部可见性的容器映像。 这将自动使映像对组织内的所有代码空间可见，除非从中启动代码空间的仓库是公开的。
 
-If you want a container image to be accessible to all codespaces in an organization, we recommend that you publish the container image with internal visibility. This will automatically make the image visible to all codespaces within the organization, unless the repository the codespace is launched from is public.
+如果代码空间是从引用内部或私有映像的公共公共仓库启动的，则必须手动允许公共公共仓库访问内部容器映像。 这可以防止内部映像意外公开泄露。 有关详细信息，请参阅“[确保 Codespace 访问你的包](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-codespaces-access-to-your-package)”。
 
-If the codespace is being launched from a public repository referencing an internal or private image, you must manually allow the public repository access to the internal container image. This prevents the internal image from being accidentally leaked publicly. For more information, see "[Ensuring Codespaces access to your package](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-codespaces-access-to-your-package)."
+### 从组织中仓库的子集访问私有容器
 
-### Accessing a private container from a subset of repositories in an organization
+如果要允许组织的存储库子集访问容器映像，或者允许从在公共存储库中启动的 codespace 访问内部或专用映像，则可以手动将存储库添加到容器<span class="x x-first x-last">映像的</span>访问设置。 有关详细信息，请参阅“[确保 Codespace 访问你的包](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-codespaces-access-to-your-package)”<span class="x x-first x-last"></span>。
 
-If you want to allow a subset of an organization's repositories to access a container image, or allow an internal or private image to be accessed from a codespace launched in a public repository, you can manually add repositories to a container <span class="x x-first x-last">image's</span> access settings. For more information, see "[Ensuring Codespaces access to your package](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-codespaces-access-to-your-package)<span class="x x-first x-last">.</span>"
+### 从代码空间发布容器映像
 
-### Publishing a container image from a codespace
+从 codespace 到 {% data variables.packages.prodname_ghcr_or_npm_registry %} 的无缝访问仅限于拉取容器映像。 如果要从 codespace 内部发布容器映像，则必须结合使用 {% data variables.product.pat_v1 %} 与 `write:packages` 作用域。
 
-Seamless access from a codespace to {% data variables.packages.prodname_ghcr_or_npm_registry %} is limited to pulling container images. If you want to publish a container image from inside a codespace, you must use a {% data variables.product.pat_v1 %} with the `write:packages` scope.
+我们建议通过 {% data variables.product.prodname_actions %} 发布映像。 有关详细信息，请参阅“[发布 Docker 映像](/actions/publishing-packages/publishing-docker-images)”和“[发布 Node.js 包](/actions/publishing-packages/publishing-nodejs-packages)”。
 
-We recommend publishing images via {% data variables.product.prodname_actions %}. For more information, see "[Publishing Docker images](/actions/publishing-packages/publishing-docker-images)" and "[Publishing Node.js packages](/actions/publishing-packages/publishing-nodejs-packages)."
+## 访问存储在其他容器注册表中的映像
 
-## Accessing images stored in other container registries
-
-If you are accessing a container image from a registry that isn't {% data variables.packages.prodname_ghcr_or_npm_registry %}, {% data variables.product.prodname_github_codespaces %} checks for the presence of three secrets, which define the server name, username, and {% data variables.product.pat_generic %} for a container registry. If these secrets are found, {% data variables.product.prodname_github_codespaces %} will make the registry available inside your codespace.
+如果要从不是 {% data variables.packages.prodname_ghcr_or_npm_registry %} 的注册表访问容器映像，{% data variables.product.prodname_github_codespaces %} 将检查是否存在三个机密，这些机密定义了容器注册表的服务器名称、用户名和 {% data variables.product.pat_generic %}。 如果找到这些密钥，{% data variables.product.prodname_github_codespaces %} 将在 codespace 中提供注册表。
 
 - `<*>_CONTAINER_REGISTRY_SERVER`
 - `<*>_CONTAINER_REGISTRY_USER`
 - `<*>_CONTAINER_REGISTRY_PASSWORD`
 
-You can store secrets at the user, repository, or organization-level, allowing you to share them securely between different codespaces. When you create a set of secrets for a private image registry, you need to replace the "<*>" in the name with a consistent identifier. For more information, see "[Managing encrypted secrets for your codespaces](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)" and "[Managing encrypted secrets for your repository and organization for {% data variables.product.prodname_github_codespaces %}](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces)."
+您可以在用户、仓库或组织级别存储密钥，从而在不同的代码空间之间安全地共享它们。 当您为私有映像注册表创建一组密钥时，您需要用一致的标识符替换名称中的 “<*>”。 有关详细信息，请参阅“[管理 codespace 的加密机密](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)”和“[管理 {% data variables.product.prodname_github_codespaces %} 的存储库和组织的加密机密](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces)”。
 
-If you are setting the secrets at the user or organization level, make sure to assign those secrets to the repository you'll be creating the codespace in by choosing an access policy from the dropdown list.  
+如果您在用户或组织级别设置机密，请确保将这些机密分配到仓库，您将从下拉列表中选择访问策略来创建代码空间。  
 
-![Image registry secret example](/assets/images/help/codespaces/secret-repository-access.png)
+![映像注册表密钥示例](/assets/images/help/codespaces/secret-repository-access.png)
 
-### Example secrets
+### 示例机密
 
-For a private image registry in Azure, you could create the following secrets:
+如果您在 Azure 中拥有私有映像注册表，则可以创建以下机密：
 
 ```
 ACR_CONTAINER_REGISTRY_SERVER = mycompany.azurecr.io
@@ -74,15 +79,15 @@ ACR_CONTAINER_REGISTRY_USER = acr-user-here
 ACR_CONTAINER_REGISTRY_PASSWORD = <PERSONAL_ACCESS_TOKEN>
 ```
 
-For information on common image registries, see "[Common image registry servers](#common-image-registry-servers)." Note that accessing AWS Elastic Container Registry (ECR) is different.
+有关通用映像注册表的信息，请参阅“[通用映像注册表服务器](#common-image-registry-servers)”。 请注意，访问 AWS Elastic Container Registry (ECR) 是不同的。
 
-![Image registry secret example](/assets/images/help/settings/codespaces-image-registry-secret-example.png)
+![映像注册表密钥示例](/assets/images/help/settings/codespaces-image-registry-secret-example.png)
 
-Once you've added the secrets, you may need to stop and then start the codespace you are in for the new environment variables to be passed into the container. For more information, see "[Suspending or stopping a codespace](/codespaces/codespaces-reference/using-the-command-palette-in-codespaces#suspending-or-stopping-a-codespace)."
+添加机密后，您可能需要停止并启动您所在的代码空间，以便将新的环境变量传递到容器。 有关详细信息，请参阅“[暂停或停止 codespace](/codespaces/codespaces-reference/using-the-command-palette-in-codespaces#suspending-or-stopping-a-codespace)”。
 
-#### Accessing AWS Elastic Container Registry
+#### 访问 AWS Elastic Container Registry
 
-To access AWS Elastic Container Registry (ECR),  you can provide an AWS access key ID and secret key, and {% data variables.product.prodname_dotcom %}  can retrieve an access token for you and log in on your behalf.
+要访问 AWS 弹性容器注册表 (ECR)，您可以提供 AWS 访问密钥 ID 和私有密钥，{% data variables.product.prodname_dotcom %}  可以为您检索访问令牌并代表您登录。
 
 ```
 *_CONTAINER_REGISTRY_SERVER = <ECR_URL>
@@ -90,9 +95,9 @@ To access AWS Elastic Container Registry (ECR),  you can provide an AWS access k
 *_CONTAINER_REGISTRY_PASSWORD = <AWS_SECRET_KEY>
 ```
 
-You must also ensure you have the appropriate AWS IAM permissions to perform the credential swap (e.g. `sts:GetServiceBearerToken`) as well as the ECR read operation (either `AmazonEC2ContainerRegistryFullAccess` or `ReadOnlyAccess`).
+你还必须确保具有适当的 AWS IAM 权限来执行凭据交换（例如 `sts:GetServiceBearerToken`）以及 ECR 读取操作（`AmazonEC2ContainerRegistryFullAccess` 或 `ReadOnlyAccess`）。
 
-Alternatively, if you don't want GitHub to perform the credential swap on your behalf, you can provide an authorization token fetched via AWS's APIs or CLI.
+或者，如果您不希望 GitHub 代表您执行凭证交换，则可以提供通过 AWS 的 API 或 CLI 获取的授权令牌。
 
 ```
 *_CONTAINER_REGISTRY_SERVER = <ECR_URL>
@@ -100,22 +105,22 @@ Alternatively, if you don't want GitHub to perform the credential swap on your b
 *_CONTAINER_REGISTRY_PASSWORD = <TOKEN>
 ```
 
-Since these tokens are short lived and need to be refreshed periodically, we recommend providing an access key ID and secret.
+由于这些令牌的生存期较短，需要定期刷新，因此我们建议提供访问密钥 ID 和机密。
 
-While these secrets can have any name, so long as the `*_CONTAINER_REGISTRY_SERVER` is an ECR URL, we recommend using `ECR_CONTAINER_REGISTRY_*` unless you are dealing with multiple ECR registries.
+尽管这些机密可以具有任何名称，但只要 `*_CONTAINER_REGISTRY_SERVER` 是 ECR URL，仍建议使用 `ECR_CONTAINER_REGISTRY_*`，除非你正在处理多个 ECR 注册表。
 
-For more information, see AWS ECR's "[Private registry authentication documentation](https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry_auth.html)."
+有关详细信息，请参阅 AWS ECR 的“[专用注册表身份验证文档](https://docs.aws.amazon.com/AmazonECR/latest/userguide/registry_auth.html)”。
 
-### Common image registry servers
+### 通用映像注册表服务器
 
-Some of the common image registry servers are listed below:
+下面列出了一些通用映像注册表服务器：
 
 - [DockerHub](https://docs.docker.com/engine/reference/commandline/info/) - `https://index.docker.io/v1/`
-- [GitHub Container Registry](/packages/working-with-a-github-packages-registry/working-with-the-container-registry) - `ghcr.io`
-- [Azure Container Registry](https://docs.microsoft.com/azure/container-registry/) - `<registry name>.azurecr.io`
-- [AWS Elastic Container Registry](https://docs.aws.amazon.com/AmazonECR/latest/userguide/Registries.html) - `<aws_account_id>.dkr.ecr.<region>.amazonaws.com`
-- [Google Cloud Container Registry](https://cloud.google.com/container-registry/docs/overview#registries) - `gcr.io` (US), `eu.gcr.io` (EU), `asia.gcr.io` (Asia)
+- [GitHub 容器注册表](/packages/working-with-a-github-packages-registry/working-with-the-container-registry) - `ghcr.io`
+- [Azure 容器注册表](https://docs.microsoft.com/azure/container-registry/) - `<registry name>.azurecr.io`
+- [AWS 弹性容器注册表](https://docs.aws.amazon.com/AmazonECR/latest/userguide/Registries.html) - `<aws_account_id>.dkr.ecr.<region>.amazonaws.com`
+- [Google Cloud 容器注册表](https://cloud.google.com/container-registry/docs/overview#registries) - `gcr.io` (US)、`eu.gcr.io` (EU)、`asia.gcr.io` (Asia)
 
-## Debugging private image registry access
+## 调试私有映像注册表访问
 
-If you are having trouble pulling an image from a private image registry, make sure you are able to run `docker login -u <user> -p <password> <server>`, using the values of the secrets defined above. If login fails, ensure that the login credentials are valid and that you have the apprioriate permissions on the server to fetch a container image. If login succeeds, make sure that these values are copied appropriately into the right {% data variables.product.prodname_github_codespaces %} secrets, either at the user, repository, or organization level and try again.
+如果在从专用映像注册表中提取映像时遇到问题，请确保能够使用上述机密值运行 `docker login -u <user> -p <password> <server>`。 如果登录失败，请确保登录凭据有效，并且您在服务器上具有提取容器映像的适当权限。 如果登录成功，请确保将这些值适当地复制到正确的 {% data variables.product.prodname_github_codespaces %} 机密中，无论是在用户、仓储库还是组织级别，然后重试。

translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/automatically-opening-files-in-the-codespaces-for-a-repository.md

@@ -0,0 +1,55 @@
+---
+title: 在存储库的 codespace 中自动打开文件
+shortTitle: Automatically opening files
+intro: '当用户为你的存储库创建 codespace 并在 {% data variables.product.prodname_vscode %} Web 客户端中打开 codespace 时，你可以设置自动打开特定文件。'
+permissions: People with write permissions to a repository can create or edit the codespace configuration.
+versions:
+  fpt: '*'
+  ghec: '*'
+type: how_to
+topics:
+  - Codespaces
+  - Set up
+ms.openlocfilehash: a57b76eda4bfc47071f3cfeade8f50afde9e01e6
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113987'
+---
+## 概述
+
+如果在用户为存储库创建 codespace 时，有一个有用的特定文件可供查看，则可以将此文件设置为在 {% data variables.product.prodname_vscode_shortname %} Web 客户端中自动打开。 可以在存储库的开发容器配置文件中对此进行设置。 
+
+指定的文件仅在 Web 客户端中第一次打开 codespace 时打开。 如果用户关闭了指定文件，则下次打开或重启 codespace 时，不会自动重新打开这些文件。
+
+{% note %}
+
+注意：此自动化仅适用于 {% data variables.product.prodname_vscode_shortname %} Web 客户端，而不适用于 {% data variables.product.prodname_vscode_shortname %} 桌面应用程序或其他受支持的编辑器。
+
+{% endnote %}
+
+## 设置要自动打开的文件
+
+{% data reusables.codespaces.edit-devcontainer-json %}
+1. 编辑 `devcontainer.json` 文件，添加属性 `customizations.codespaces.openFiles`。 属性 `customizations` 驻留在文件顶层，位于封闭的 JSON 对象内。 例如：
+
+   ```json{:copy}
+   "customizations": {
+     "codespaces": {
+       "openFiles": [
+         "README.md",
+         "scripts/tsconfig.json",
+         "docs/main/CODING_STANDARDS.md"
+       ]
+     }
+   }
+   ```
+
+   属性 `openFiles` 的值是存储库中一个或多个文件的数组。 路径相对于存储库的根路径（绝对路径不受支持）。 按指定顺序在 Web 客户端中打开文件，数组中的第一个文件显示在编辑器中。
+   
+1. 保存文件并将更改提交到存储库的所需分支。
+
+## 延伸阅读
+
+- “[开发容器简介](/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers)”

translations/zh-CN/content/codespaces/setting-up-your-project-for-codespaces/setting-a-minimum-specification-for-codespace-machines.md

@@ -1,7 +1,7 @@
 ---
-title: Setting a minimum specification for codespace machines
+title: 为代码空间计算机设置最低规范
 shortTitle: Set a minimum machine spec
-intro: 'You can avoid under-resourced machine types being used for {% data variables.product.prodname_github_codespaces %} for your repository.'
+intro: '你可以避免资源不足的计算机类型用于存储库的 {% data variables.product.prodname_github_codespaces %}。'
 permissions: People with write permissions to a repository can create or edit the codespace configuration.
 versions:
   fpt: '*'
@@ -11,24 +11,29 @@ topics:
   - Codespaces
   - Set up
 product: '{% data reusables.gated-features.codespaces %}'
+ms.openlocfilehash: 623b50a9423d855f807e2b480882f1e5eb2c479f
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148113855'
 ---
+## 概述
 
-## Overview
+创建的每个代码空间都托管在单独的虚拟机上，通常可以从不同类型的虚拟机中进行选择。 每个计算机类型都有不同的资源（处理器内核、内存、存储），默认情况下，使用资源最少的计算机类型。 有关详细信息，请参阅“[更改 codespace 的计算机类型](/codespaces/customizing-your-codespace/changing-the-machine-type-for-your-codespace#about-machine-types)”。
 
-Each codespace that you create is hosted on a separate virtual machine, and you can usually choose from different types of virtual machines. Each machine type has different resources (processor cores, memory, storage) and, by default, the machine type with the least resources is used. For more information, see "[Changing the machine type for your codespace](/codespaces/customizing-your-codespace/changing-the-machine-type-for-your-codespace#about-machine-types)."
-
-If your project needs a certain level of compute power, you can configure {% data variables.product.prodname_github_codespaces %} so that only machine types that meet these requirements can be used by default, or selected by users. You configure this in a `devcontainer.json` file.
+如果项目需要一定程度的计算能力，则可以配置 {% data variables.product.prodname_github_codespaces %} 以便默认情况下只能使用或由用户选择满足这些要求的计算机类型。 可以在 `devcontainer.json` 文件中进行此配置。
 
 {% note %}
 
-**Important:** Access to some machine types may be restricted at the organization level. Typically this is done to prevent people choosing higher resourced machines that are billed at a higher rate. If your repository is affected by an organization-level policy for machine types you should make sure you don't set a minimum specification that would leave no available machine types for people to choose. For more information, see "[Restricting access to machine types](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)."
+重要提示：对某些计算机类型的访问可能在组织级别受到限制。 通常，这样做是为了防止人们选择以较高费率计费的资源较高的计算机。 如果您的存储库受到组织级计算机类型策略的影响，则应确保不要设置最低规范，因为该规范不会留下任何可用的计算机类型供人们选择。 有关详细信息，请参阅“[限制对计算机类型的访问](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)”。
 
 {% endnote %}
 
-## Setting a minimum machine specification
+## 设置最低计算机规范
 
 {% data reusables.codespaces.edit-devcontainer-json %}
-1. Edit the `devcontainer.json` file, adding the `hostRequirements` property at the top level of the file, within the enclosing JSON object. For example:
+1. 编辑 `devcontainer.json` 文件，将属性 `hostRequirements` 添加到文件顶层，位于封闭的 JSON 对象内。 例如：
 
    ```json{:copy}
    "hostRequirements": {
@@ -38,16 +43,16 @@ If your project needs a certain level of compute power, you can configure {% dat
    }
    ```
 
-   You can specify any or all of the options: `cpus`, `memory`, and `storage`.
+   可以指定以下任何或所有选项：`cpus`、`memory` 和 `storage`。
    
-   To check the specifications of the {% data variables.product.prodname_github_codespaces %} machine types that are currently available for your repository, step through the process of creating a codespace until you see the choice of machine types. For more information, see "[Creating a codespace](/codespaces/developing-in-codespaces/creating-a-codespace#creating-a-codespace)."
+   要检查当前可用于存储库的 {% data variables.product.prodname_github_codespaces %} 计算机类型的规范，请逐步完成创建 codespace 的过程，直到看到选择的计算机类型。 有关详细信息，请参阅“[创建 codespace](/codespaces/developing-in-codespaces/creating-a-codespace#creating-a-codespace)”。
    
-1. Save the file and commit your changes to the required branch of the repository.
+1. 保存文件并将更改提交到存储库的所需分支。
 
-   Now when you create a codespace for that branch of the repository, and you go to the creation configuration options, you will only be able to select machine types that match or exceed the resources you've specified.
+   现在，当你为存储库的该分支创建代码空间时，前往创建配置选项，只能选择与指定资源匹配或超过你指定的资源的计算机类型。
 
-   ![Dialog box showing a limited choice of machine types](/assets/images/help/codespaces/machine-types-limited-choice.png)
+   ![显示有限计算机类型选择的对话框](/assets/images/help/codespaces/machine-types-limited-choice.png)
 
-## Further reading
+## 延伸阅读
 
-- "[Introduction to dev containers](/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers)"
+- “[开发容器简介](/codespaces/setting-up-your-project-for-codespaces/introduction-to-dev-containers)”

translations/zh-CN/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md

@@ -486,6 +486,8 @@ For more information, see "[Managing the publication of {% data variables.produc
 | `oauth_app_access_approved` | Triggered when an owner [grants organization access to an {% data variables.product.prodname_oauth_app %}](/articles/approving-oauth-apps-for-your-organization/).
 | `oauth_app_access_denied` | Triggered when an owner [disables a previously approved {% data variables.product.prodname_oauth_app %}'s access](/articles/denying-access-to-a-previously-approved-oauth-app-for-your-organization) to your organization.
 | `oauth_app_access_requested` | Triggered when an organization member requests that an owner grant an {% data variables.product.prodname_oauth_app %} access to your organization.{% endif %}
+{% ifversion ghec %}
+| `org.transfer` | Triggered when an organization is transferred between enterprise accounts. For more information, see "[Transferring an organization between enterprise accounts](/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#transferring-an-organization-between-enterprise-accounts)."{% endif %}
 | `register_self_hosted_runner` | Triggered when a new self-hosted runner is registered. For more information, see "[Adding a self-hosted runner to an organization](/actions/hosting-your-own-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-an-organization)."
 | `remove_actions_secret` | Triggered when a {% data variables.product.prodname_actions %} secret is removed.{% ifversion fpt or ghec %}
 | `remove_billing_manager` | Triggered when an [owner removes a billing manager from an organization](/articles/removing-a-billing-manager-from-your-organization/) or when [two-factor authentication is required in an organization](/articles/requiring-two-factor-authentication-in-your-organization) and a billing manager doesn't use 2FA or disables 2FA. |{% endif %}
@@ -686,6 +688,7 @@ For more information, see "[Managing the publication of {% data variables.produc
 | `set_actions_fork_pr_approvals_policy` | Triggered when the setting for requiring approvals for workflows from public forks is changed. For more information, see "[Managing {% data variables.product.prodname_actions %} settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks)."{% endif %}
 | `set_actions_retention_limit` | Triggered when the retention period for {% data variables.product.prodname_actions %} artifacts and logs is changed. For more information, see "[Managing {% data variables.product.prodname_actions %} settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository)."{% ifversion fpt or ghes or ghec %}
 | `set_fork_pr_workflows_policy` | Triggered when the policy for workflows on private repository forks is changed. For more information, see "[Managing {% data variables.product.prodname_actions %} settings for a repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks)."{% endif %}
+| `staff_unlock` | Triggered when an enterprise owner or {% data variables.contact.github_support %} (with permission from a repository administrator) temporarily unlocked the repository. The visibility of the repository isn't changed.
 | `transfer` | Triggered when [a repository is transferred](/articles/how-to-transfer-a-repository).
 | `transfer_start` | Triggered when a repository transfer is about to occur.
 | `unarchived` | Triggered when a repository admin unarchives a repository.{% ifversion fpt or ghes or ghec %}

translations/zh-CN/content/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on.md

@@ -1,6 +1,6 @@
 ---
-title: About identity and access management with SAML single sign-on
-intro: 'If you centrally manage your users'' identities and applications with an identity provider (IdP), you can configure Security Assertion Markup Language (SAML) single sign-on (SSO) to protect your organization''s resources on {% data variables.product.prodname_dotcom %}.'
+title: 关于使用 SAML 单一登录进行的标识和访问管理
+intro: '如果您使用身份提供程序 (IdP) 集中管理用户身份和应用程序，可以配置安全声明标记语言 (SAML) 单点登录 (SSO) 来保护组织在 {% data variables.product.prodname_dotcom %} 上的资源。'
 redirect_from:
   - /articles/about-identity-and-access-management-with-saml-single-sign-on
   - /github/setting-up-and-managing-organizations-and-teams/about-identity-and-access-management-with-saml-single-sign-on
@@ -10,11 +10,16 @@ topics:
   - Organizations
   - Teams
 shortTitle: IAM with SAML SSO
+ms.openlocfilehash: 63ed023c1ca5d52ea7b06f5fd485c5e0b34c9750
+ms.sourcegitcommit: 6b649e03ca2fef38c9ebbeec92102219849380e2
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/31/2022
+ms.locfileid: '148120615'
 ---
-
 {% data reusables.saml.ghec-only %}
 
-## About SAML SSO
+## 关于 SAML SSO
 
 {% data reusables.saml.dotcom-saml-explanation %}
 
@@ -24,46 +29,52 @@ shortTitle: IAM with SAML SSO
 
 {% data reusables.saml.outside-collaborators-exemption %}
 
-Organization owners can enforce SAML SSO for an individual organization, or enterprise owners can enforce SAML SSO for all organizations in an enterprise account. For more information, see "[Configuring SAML single sign-on for your enterprise](/enterprise-cloud@latest/admin/authentication/managing-identity-and-access-for-your-enterprise/configuring-saml-single-sign-on-for-your-enterprise)."
+组织所有者可以对单个组织强制实施 SAML SSO，企业所有者可以为企业帐户中的所有组织强制实施 SAML SSO。 有关详细信息，请参阅“[为企业配置 SAML 单一登录](/enterprise-cloud@latest/admin/authentication/managing-identity-and-access-for-your-enterprise/configuring-saml-single-sign-on-for-your-enterprise)”。
 
-Before enabling SAML SSO for your organization, you'll need to connect your IdP to your organization. For more information, see "[Connecting your identity provider to your organization](/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization)."
+在为您的组织启用 SAML SSO 之前，您需要将 IdP 连接到组织。 有关详细信息，请参阅“[将标识提供者连接到组织](/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization)”。
 
-For an organization, SAML SSO can be disabled, enabled but not enforced, or enabled and enforced. After you enable SAML SSO for your organization and your organization's members successfully authenticate with your IdP, you can enforce the SAML SSO configuration. For more information about enforcing SAML SSO for your {% data variables.product.prodname_dotcom %} organization, see "[Enforcing SAML single sign-on for your organization](/articles/enforcing-saml-single-sign-on-for-your-organization)."
+对于组织，SAML SSO 可以禁用、启用但不实施或者启用并实施。 为组织启用 SAML SSO 并且组织成员使用 IdP 成功完成身份验证后，您可以实施 SAML SSO 配置。 有关为 {% data variables.product.prodname_dotcom %} 组织强制实施 SAML SSO 的更多信息，请参阅“[为组织强制实施 SAML 单一登录](/articles/enforcing-saml-single-sign-on-for-your-organization)”。
 
-Members must periodically authenticate with your IdP to authenticate and gain access to your organization's resources. The duration of this login period is specified by your IdP and is generally 24 hours. This periodic login requirement limits the length of access and requires users to re-identify themselves to continue.
+成员必须定期使用您的 IdP 进行身份验证，以获得对组织资源的访问权限。 此登录期的持续时间由 IdP 指定，一般为 24 小时。 此定期登录要求会限制访问的时长，您必须重新验证身份后才可继续访问。
 
-To access the organization's protected resources using the API and Git on the command line, members must authorize and authenticate with a {% data variables.product.pat_generic %} or SSH key. For more information, see "[Authorizing a {% data variables.product.pat_generic %} for use with SAML single sign-on](/github/authenticating-to-github/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on)" and "[Authorizing an SSH key for use with SAML single sign-on](/github/authenticating-to-github/authorizing-an-ssh-key-for-use-with-saml-single-sign-on)."
+要在命令行上使用 API 和 Git 访问组织受保护的资源，成员必须授权并使用{% data variables.product.pat_generic %}或 SSH 密钥验证身份。 有关详细信息，请参阅“[授权用于 SAML 单一登录的{% data variables.product.pat_generic %}](/github/authenticating-to-github/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on)”和“[授权用于 SAML 单一登录的 SSH 密钥](/github/authenticating-to-github/authorizing-an-ssh-key-for-use-with-saml-single-sign-on)”。
 
-The first time a member uses SAML SSO to access your organization, {% data variables.product.prodname_dotcom %} automatically creates a record that links your organization, the member's account on {% data variables.location.product_location %}, and the member's account on your IdP. You can view and revoke the linked SAML identity, active sessions, and authorized credentials for members of your organization or enterprise account. For more information, see "[Viewing and managing a member's SAML access to your organization](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization)" and "[Viewing and managing a user's SAML access to your enterprise account](/enterprise-cloud@latest/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise)."
+成员第一次使用 SAML SSO 访问你的组织时，{% data variables.product.prodname_dotcom %} 会自动创建一条记录，以链接你的组织、成员在 {% data variables.location.product_location %} 上的帐户以及成员在 IdP 上的帐户。 您可以查看和撤销组织成员或企业帐户关联的 SAML 身份、活动的会话以及授权的凭据。 有关详细信息，请参阅“[查看和管理成员对组织的 SAML 访问](/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization)”和“[查看和管理用户对企业帐户的 SAML 访问](/enterprise-cloud@latest/admin/user-management/managing-users-in-your-enterprise/viewing-and-managing-a-users-saml-access-to-your-enterprise)”。
 
-If members are signed in with a SAML SSO session when they create a new repository, the default visibility of that repository is private. Otherwise, the default visibility is public. For more information on repository visibility, see "[About repositories](/repositories/creating-and-managing-repositories/about-repositories#about-repository-visibility)."
+如果成员在创建新的仓库时使用 SAML SSO 会话登录，则该仓库的默认可见性为私密。 否则，默认可见性为公开。 有关存储库可见性的详细信息，请参阅“[关于存储库](/repositories/creating-and-managing-repositories/about-repositories#about-repository-visibility)”。
 
-Organization members must also have an active SAML session to authorize an {% data variables.product.prodname_oauth_app %}. You can opt out of this requirement by contacting {% data variables.contact.contact_support %}. {% data variables.product.product_name %} does not recommend opting out of this requirement, which will expose your organization to a higher risk of account takeovers and potential data loss.
+组织成员还必须具有活动的 SAML 会话才可授权 {% data variables.product.prodname_oauth_app %}。 您可以联系 {% data variables.contact.contact_support %} 选择退出此要求。 {% data variables.product.product_name %} 不建议退出此要求，因为它会使您的组织面临更高的帐户接管风险和潜在的数据丢失风险。
 
 {% data reusables.saml.saml-single-logout-not-supported %}
 
-## Supported SAML services
+## 支持的 SAML 服务
 
 {% data reusables.saml.saml-supported-idps %}
 
-Some IdPs support provisioning access to a {% data variables.product.prodname_dotcom %} organization via SCIM. For more information, see "[About SCIM for organizations](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)."
+有些 IdP 支持配置通过 SCIM 访问 {% data variables.product.prodname_dotcom %} 组织。 有关详细信息，请参阅“[关于组织的 SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)”。
 
 {% data reusables.scim.enterprise-account-scim %} 
 
-## Adding members to an organization using SAML SSO
+## 使用 SAML SSO 添加成员到组织
 
-After you enable SAML SSO, there are multiple ways you can add new members to your organization. Organization owners can invite new members manually on {% data variables.product.product_name %} or using the API. For more information, see "[Inviting users to join your organization](/articles/inviting-users-to-join-your-organization)" and "[Members](/rest/reference/orgs#add-or-update-organization-membership)."
+启用 SAML SSO 后，可以通过多种方式向组织添加新成员。 组织所有者可在 {% data variables.product.product_name %} 上或使用 API 手动邀请新成员。 有关详细信息，请参阅“[邀请用户加入你的组织](/articles/inviting-users-to-join-your-organization)”和“[成员](/rest/reference/orgs#add-or-update-organization-membership)”。
 
-To provision new users without an invitation from an organization owner, you can use the URL `https://github.com/orgs/ORGANIZATION/sso/sign_up`, replacing _ORGANIZATION_ with the name of your organization. For example, you can configure your IdP so that anyone with access to the IdP can click a link on the IdP's dashboard to join your {% data variables.product.prodname_dotcom %} organization.
+若要在没有组织所有者邀请的情况下预配新用户，可使用 URL `https://github.com/orgs/ORGANIZATION/sso/sign_up`，并将“ORGANIZATION”替换为你的组织名称。 例如，您可以配置 IdP，让能访问 IdP 的任何人都可单击 IdP 仪表板上的链接加入 {% data variables.product.prodname_dotcom %} 组织。
 
-If your IdP supports SCIM, {% data variables.product.prodname_dotcom %} can automatically invite members to join your organization when you grant access on your IdP. If you remove a member's access to your {% data variables.product.prodname_dotcom %} organization on your SAML IdP, the member will be automatically removed from the {% data variables.product.prodname_dotcom %} organization. For more information, see "[About SCIM for organizations](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)."
+{% note %}
+
+注意：只有在组织级别而不是企业帐户级别配置 SAML SSO 时，才支持通过 `https://github.com/orgs/ORGANIZATION/sso/sign_up` 预配新用户。 有关企业帐户 SAML SSO 的详细信息，请参阅“[关于企业 IAM 的 SAML](/admin/identity-and-access-management/using-saml-for-enterprise-iam/about-saml-for-enterprise-iam)”。
+
+{% endnote %}
+
+如果您的 IdP 支持 SCIM，当您在 IdP 上授予访问权限时，{% data variables.product.prodname_dotcom %} 可以自动邀请成员加入您的组织。 如果您删除成员对 SAML IdP 上 {% data variables.product.prodname_dotcom %} 组织的访问权限，该成员将自动从 {% data variables.product.prodname_dotcom %} 组织删除。 有关详细信息，请参阅“[关于组织的 SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)”。
 
 {% data reusables.organizations.team-synchronization %}
 
 {% data reusables.saml.saml-single-logout-not-supported %}
 
-## Further reading
+## 延伸阅读
 
-- "[SAML configuration reference](/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference)"
-- "[About two-factor authentication and SAML single sign-on ](/articles/about-two-factor-authentication-and-saml-single-sign-on)"
-- "[About authentication with SAML single sign-on](/github/authenticating-to-github/about-authentication-with-saml-single-sign-on)"
+- “[SAML 配置参考](/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference)”
+- “[关于双因素身份验证和 SAML 单一登录](/articles/about-two-factor-authentication-and-saml-single-sign-on)”
+- “[关于使用 SAML 单一登录进行身份验证](/github/authenticating-to-github/about-authentication-with-saml-single-sign-on)”

translations/zh-CN/content/repositories/creating-and-managing-repositories/renaming-a-repository.md

@@ -12,12 +12,12 @@ versions:
   ghec: '*'
 topics:
   - Repositories
-ms.openlocfilehash: e56e8ca634ca1bfec3c587fe8fb606ab73ac72d4
-ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5
+ms.openlocfilehash: d0067d96dce2f2cf9fe8bb2dd519668780d861ff
+ms.sourcegitcommit: bd8b3e152f17d90acf222a0d50ba9595184c1f5f
 ms.translationtype: HT
 ms.contentlocale: zh-CN
-ms.lasthandoff: 09/05/2022
-ms.locfileid: '145129368'
+ms.lasthandoff: 10/27/2022
+ms.locfileid: '148111671'
 ---
 重命名仓库时，除项目网站 URL 外，所有现有信息将自动重定向到新名称，包括：
 
@@ -31,7 +31,7 @@ ms.locfileid: '145129368'
 除了重定向 Web 流量之外，所有针对先前位置的 `git clone`、`git fetch` 或 `git push` 操作都将继续跟在新位置上的方式一样运行。 不过，为了减少混淆，我们强烈建议将任何现有的本地克隆更新为指向新仓库 URL。 可以通过在命令行上使用 `git remote` 完成此操作：
 
 ```shell
-$ git remote set-url origin <em>new_url</em>
+$ git remote set-url origin NEW_URL
 ```
 
 有关详细信息，请参阅“[管理远程存储库](/github/getting-started-with-github/managing-remote-repositories)”。
@@ -50,7 +50,7 @@ $ git remote set-url origin <em>new_url</em>
 
 {% warning %}
 
-警告：如果将来在你的帐户下创建新存储库，请不要重复使用重命名存储库的原始名称。 否则到重命名的仓库的重定向将会中断。
+警告：如果将来在你的帐户下创建新存储库，请不要重复使用重命名存储库的原始名称。 如果这样做，重定向到重命名的存储库将不再有效。
 
 {% endwarning %}
 

translations/zh-CN/content/support/learning-about-github-support/about-github-support.md

@@ -122,7 +122,7 @@ Enterprise owners can also add support entitlements to members of organizations
 {% ifversion fpt or ghec %}
 ## Granting {% data variables.contact.github_support %} temporary access to a private repository
 
-If {% data variables.contact.github_support %} needs to access a private repository to address your support request, the owner of the repository will receive an email with a link to accept or decline temporary access. The owner will have 20 days to accept or decline the request before the request expires. If the owner accepts the request, {% data variables.contact.github_support %} will have access the repository for five days.
+If {% data variables.contact.github_support %} needs to access a private repository to address your support request, the owner of the repository will receive an email with a link to accept or decline temporary access. The owner will have 20 days to accept or decline the request before the request expires. If the owner accepts the request, {% data variables.contact.github_support %} will have access the repository for five days. During this window, {% data variables.contact.github_support %} staff with the required privileges can unlock the repository for up to two hours at a time, and will relock the repository if the work is completed early. All {% data variables.contact.github_support %} staff access generates audit log events, and the visibility of the repository is not affected at any time.
 
 {% data variables.contact.github_support %} will never access your private repositories without your explicit consent. For more information, see the [Terms of Service](/free-pro-team@latest/github/site-policy/github-terms-of-service#3-access).
 {% endif %}

translations/zh-CN/data/reusables/actions/jobs/section-choosing-the-runner-for-a-job.md

@@ -1,43 +1,61 @@
----
-ms.openlocfilehash: bca2838e65fedf0ec5d512a21891b594dc90c1f6
-ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5
-ms.translationtype: HT
-ms.contentlocale: zh-CN
-ms.lasthandoff: 09/05/2022
-ms.locfileid: "147521528"
----
-使用 `jobs.<job_id>.runs-on` 定义要运行作业的计算机类型。 {% ifversion fpt or ghec %}计算机可以是 {% data variables.product.prodname_dotcom %} 托管的运行器，也可以是自托管运行器。{% endif %}可以将 `runs-on` 作为单个字符串或字符串数组提供。 如果指定字符串数组，则工作流将在自托管运行器上运行，其标签与所有指定的 `runs-on` 值匹配（如果可用）。 如果要在多台计算机上运行工作流，请使用 [`jobs.<job_id>.strategy`](/actions/learn-github-actions/workflow-syntax-for-github-actions#jobsjob_idstrategy)。
+Use `jobs.<job_id>.runs-on` to define the type of machine to run the job on. 
 
+{% ifversion fpt or ghec %}- The destination machine can be either a [{% data variables.product.prodname_dotcom %}-hosted runner](#choosing-github-hosted-runners), [{% data variables.actions.hosted_runner %}](#choosing-runners-in-a-group), or a [self-hosted runner](#choosing-self-hosted-runners).{% else %}
+- The destination machine can be a [self-hosted runner](#choosing-self-hosted-runners).{% endif %} 
+{% ifversion target-runner-groups %}- You can target runners based on the labels assigned to them, or their group membership, or a combination of these.{% else %}
+- You can target runners based on the labels assigned to them.{% endif %}
+- You can provide `runs-on` as a single string or as an array of strings. 
+- If you specify an array of strings, your workflow will execute on any runner that matches all of the specified `runs-on` values. 
+- If you would like to run your workflow on multiple machines, use [`jobs.<job_id>.strategy`](/actions/learn-github-actions/workflow-syntax-for-github-actions#jobsjob_idstrategy).
 
-{% ifversion fpt or ghec or ghes %} {% data reusables.actions.enterprise-github-hosted-runners %}
+{% ifversion fpt or ghec or ghes %}
+{% data reusables.actions.enterprise-github-hosted-runners %}
 
-### 选择 {% data variables.product.prodname_dotcom %} 托管的运行器
+### Choosing {% data variables.product.prodname_dotcom %}-hosted runners
 
-如果使用 {% data variables.product.prodname_dotcom %} 托管的运行器，每个作业将在 `runs-on` 指定的运行器映像的新实例中运行。
+If you use a {% data variables.product.prodname_dotcom %}-hosted runner, each job runs in a fresh instance of a runner image specified by `runs-on`.
 
-可用的 {% data variables.product.prodname_dotcom %} 托管的运行器类型包括：
+Available {% data variables.product.prodname_dotcom %}-hosted runner types are:
 
 {% data reusables.actions.supported-github-runners %}
 
-#### 示例：指定操作系统
+#### Example: Specifying an operating system
 
 ```yaml
 runs-on: ubuntu-latest
 ```
 
-有关详细信息，请参阅“[关于 {% data variables.product.prodname_dotcom %} 托管的运行器](/actions/using-github-hosted-runners/about-github-hosted-runners)”。
+For more information, see "[About {% data variables.product.prodname_dotcom %}-hosted runners](/actions/using-github-hosted-runners/about-github-hosted-runners)."
 {% endif %}
 
 {% ifversion fpt or ghec or ghes %}
-### 选择自托管运行器
+### Choosing self-hosted runners
 {% endif %}
 
 {% data reusables.actions.self-hosted-runner-labels-runs-on %}
 
-#### 示例：使用标签进行运行器选择
+#### Example: Using labels for runner selection
 
 ```yaml
 runs-on: [self-hosted, linux]
 ```
 
-有关详细信息，请参阅“[关于自托管运行器](/github/automating-your-workflow-with-github-actions/about-self-hosted-runners)”和“[在工作流中使用自托管运行器](/github/automating-your-workflow-with-github-actions/using-self-hosted-runners-in-a-workflow)”。
+For more information, see "[About self-hosted runners](/github/automating-your-workflow-with-github-actions/about-self-hosted-runners)" and "[Using self-hosted runners in a workflow](/github/automating-your-workflow-with-github-actions/using-self-hosted-runners-in-a-workflow)."
+
+{% ifversion target-runner-groups %}
+
+### Choosing runners in a group
+
+You can use `runs-on` to target runner groups, so that the job will execute on any runner that is a member of that group. For more granular control, you can also combine runner groups with labels.
+
+Runner groups can only have [{% data variables.actions.hosted_runner %}s](/actions/using-github-hosted-runners/using-larger-runners) or [self-hosted runners](/actions/hosting-your-own-runners) as members.
+
+#### Example: Using groups to control where jobs are run
+
+{% data reusables.actions.jobs.example-runs-on-groups %}
+
+#### Example: Combining groups and labels
+
+{% data reusables.actions.jobs.example-runs-on-labels-and-groups %}
+
+{% endif %}

translations/zh-CN/data/reusables/audit_log/audit-log-action-categories.md

@@ -33,7 +33,6 @@
 {%- ifversion ghes %}
 | `config_entry` |  Contains activities related to configuration settings. These events are only visible in the site admin audit log.
 {%- endif %}
-|
 | `dependabot_alerts`  | Contains organization-level configuration activities for {% data variables.product.prodname_dependabot_alerts %} in existing repositories. For more information, see "[About {% data variables.product.prodname_dependabot_alerts %}](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)."
 | `dependabot_alerts_new_repos`   | Contains organization-level configuration activities for  {% data variables.product.prodname_dependabot_alerts %} in new repositories created in the organization.
 | `dependabot_repository_access` | Contains activities related to which private repositories in an organization {% data variables.product.prodname_dependabot %} is allowed to access.

translations/zh-CN/data/reusables/billing/license-statuses.md

@@ -1,12 +1,12 @@
 ---
-ms.openlocfilehash: 7604b9a565888d01aee7eac1643ddf4652a54ed9
-ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d
+ms.openlocfilehash: 67d1494a61de0411dec87f78177cd695055e82db
+ms.sourcegitcommit: 6b649e03ca2fef38c9ebbeec92102219849380e2
 ms.translationtype: HT
 ms.contentlocale: zh-CN
-ms.lasthandoff: 09/10/2022
-ms.locfileid: "145098295"
+ms.lasthandoff: 10/31/2022
+ms.locfileid: "148120634"
 ---
-{% ifversion ghec %} 如果许可证包含 {% data variables.product.prodname_vss_ghe %}，你可以通过下载包含其他许可证详细信息的 CSV 文件来确定 {% data variables.product.prodname_dotcom_the_website %} 上的用户帐户是否已成功匹配 {% data variables.product.prodname_vs %} 订阅者。 许可证状态将是以下之一。
+{% ifversion ghec %} 如果许可证包含 {% data variables.visual_studio.prodname_vss_ghe %}，你可以通过下载包含其他许可证详细信息的 CSV 文件来确定 {% data variables.product.prodname_dotcom_the_website %} 上的用户帐户是否已成功匹配 {% data variables.product.prodname_vs %} 订阅者。 许可证状态将是以下之一。
 - “匹配”：{% data variables.product.prodname_dotcom_the_website %} 上的用户帐户与 {% data variables.product.prodname_vs %} 订阅者链接。
 - “待定邀请”：已向 {% data variables.product.prodname_vs %} 订阅者发送了邀请，但订阅者尚未接受邀请。 
 - 空白：对于 {% data variables.product.prodname_dotcom_the_website %} 上的用户帐户，没有要考虑的 {% data variables.product.prodname_vs %} 关联。

translations/zh-CN/data/reusables/enterprise-accounts/vss-ghe-description.md

@@ -1,9 +1,9 @@
 ---
-ms.openlocfilehash: e8fcb120bbfd58d97607b749e78e3ed6aa94c7fb
-ms.sourcegitcommit: fcf3546b7cc208155fb8acdf68b81be28afc3d2d
+ms.openlocfilehash: b53fd15933e9ffe71da5ae0f25b8ddce4b4a5222
+ms.sourcegitcommit: 6b649e03ca2fef38c9ebbeec92102219849380e2
 ms.translationtype: HT
 ms.contentlocale: zh-CN
-ms.lasthandoff: 09/10/2022
-ms.locfileid: "145100893"
+ms.lasthandoff: 10/31/2022
+ms.locfileid: "148120632"
 ---
-{% data variables.product.prodname_vss_ghe %} 是 Microsoft 的组合产品，允许订阅者使用 {% data variables.product.prodname_vs %} 和 {% data variables.product.prodname_enterprise %}。
+{% data variables.visual_studio.prodname_vss_ghe %} 是 Microsoft 的组合产品，允许订阅者使用 {% data variables.product.prodname_vs %} 和 {% data variables.product.prodname_enterprise %}。

translations/zh-CN/data/reusables/package_registry/authenticate_with_pat_for_v2_registry.md

@@ -0,0 +1,15 @@
+---
+ms.openlocfilehash: 902af6bdbe3c48fe8b5930bdf1041151f343b60b
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: "148113863"
+---
+如果你的工作流使用 {% data variables.product.pat_generic %} 向注册表进行身份验证，则强烈建议更新工作流以使用 `GITHUB_TOKEN`。
+
+{% ifversion fpt or ghec %}有关更新使用 {% data variables.product.pat_generic %} 对注册表进行身份验证的工作流的指南，请参阅“[升级使用 {% data variables.product.pat_generic %} 访问注册表的工作流](/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#upgrading-a-workflow-that-accesses-a-registry-using-a-personal-access-token)”。{% endif %}
+
+有关 `GITHUB_TOKEN` 的详细信息，请参阅“[工作流中的身份验证](/actions/reference/authentication-in-a-workflow#using-the-github_token-in-a-workflow)”。
+
+有关在操作中使用注册表时的最佳做法的详细信息，请参阅“[GitHub Actions 的安全强化](/actions/getting-started-with-github-actions/security-hardening-for-github-actions#considering-cross-repository-access)”。

translations/zh-CN/data/reusables/repositories/security-advisories-republishing.md

@@ -1 +1,9 @@
-You can also use repository security advisories to republish the details of a security vulnerability that you have already disclosed elsewhere by copying and pasting the details of the vulnerability into a new security advisory.
+---
+ms.openlocfilehash: 7b189ead10534e3ac5330033621ce26f9185e729
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: "148113989"
+---
+还可以使用存储库安全公告重新发布已在其他地方披露的安全漏洞详细信息，方法是将该漏洞的详细信息复制并粘贴到新的安全公告中。

translations/zh-CN/data/reusables/saml/outside-collaborators-exemption.md

@@ -1,16 +1,13 @@
 ---
-ms.openlocfilehash: 4d4e5a2d205dd4774e4d40394e07f339536e1dcb
-ms.sourcegitcommit: 47bd0e48c7dba1dde49baff60bc1eddc91ab10c5
+ms.openlocfilehash: 2756814ec2c08dfce708645cec499588fbad330d
+ms.sourcegitcommit: bf11c3e08cbb5eab6320e0de35b32ade6d863c03
 ms.translationtype: HT
 ms.contentlocale: zh-CN
-ms.lasthandoff: 09/05/2022
-ms.locfileid: "147526813"
+ms.lasthandoff: 10/27/2022
+ms.locfileid: "148111610"
 ---
 {% note %}
 
-**注意：** 
-
-- 组织成员不需要 SAML 身份验证来执行读取操作，例如查看、克隆公共资源和创建其分支。
-- 外部协作者不需要进行 SAML 身份验证。 有关外部协作者的详细信息，请参阅“[组织中的角色](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#outside-collaborators)”。
+**注意：** 外部协作者不需要进行 SAML 身份验证。 有关外部协作者的详细信息，请参阅“[组织中的角色](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#outside-collaborators)”。
 
 {% endnote %}

translations/zh-CN/data/reusables/saml/resources-without-sso.md

@@ -0,0 +1,15 @@
+---
+ms.openlocfilehash: 6801c86b93cfe8a48f1380bcb65e3fc8802e0eae
+ms.sourcegitcommit: bf11c3e08cbb5eab6320e0de35b32ade6d863c03
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: "148111608"
+---
+以某些方式访问公共存储库时不需要 IdP 身份验证：
+
+- 查看 {% data variables.product.prodname_dotcom %} 上的存储库概述页面和文件内容
+- 复刻存储库
+- 通过 Git 执行读取操作，例如克隆存储库
+
+通过其他方式访问公共存储库（例如查看问题、拉取请求、项目和发布）时需要身份验证。

translations/zh-CN/data/reusables/saml/saml-accounts.md

@@ -1,12 +1,12 @@
 ---
-ms.openlocfilehash: b5ea320db35c6a770853644bcdb50117d3da578d
-ms.sourcegitcommit: f638d569cd4f0dd6d0fb967818267992c0499110
+ms.openlocfilehash: 7f8e979109d851c152b9cb2b90569ea12155b2dd
+ms.sourcegitcommit: bf11c3e08cbb5eab6320e0de35b32ade6d863c03
 ms.translationtype: HT
 ms.contentlocale: zh-CN
-ms.lasthandoff: 10/25/2022
-ms.locfileid: "148108018"
+ms.lasthandoff: 10/27/2022
+ms.locfileid: "148111519"
 ---
-如果配置了 SAML SSO，组织成员将继续在 {% data variables.product.prodname_dotcom_the_website %} 上登录到其个人帐户。 当成员访问组织内的非公共资源时，{% data variables.product.prodname_dotcom %} 会将成员重定向到你的 IdP 以进行身份验证。 身份验证成功后，IdP 将该成员重定向回 {% data variables.product.prodname_dotcom %}。 有关详细信息，请参阅“[关于通过 SAML 单一登录进行身份验证](/enterprise-cloud@latest/authentication/authenticating-with-saml-single-sign-on/about-authentication-with-saml-single-sign-on)”。
+如果配置了 SAML SSO，组织成员将继续在 {% data variables.product.prodname_dotcom_the_website %} 上登录到其个人帐户。 当成员访问组织内的大部分资源时，{% data variables.product.prodname_dotcom %} 会将成员重定向到你的 IdP 以进行身份验证。 身份验证成功后，IdP 将该成员重定向回 {% data variables.product.prodname_dotcom %}。 有关详细信息，请参阅“[关于通过 SAML 单一登录进行身份验证](/enterprise-cloud@latest/authentication/authenticating-with-saml-single-sign-on/about-authentication-with-saml-single-sign-on)”。
 
 {% note %}
 

translations/zh-CN/data/reusables/security-advisory/security-advisory-overview.md

@@ -1 +1,9 @@
-Repository security advisories allow repository maintainers to privately discuss and fix a security vulnerability in a project. After collaborating on a fix, repository maintainers can publish the security advisory to publicly disclose the security vulnerability to the project's community. By publishing security advisories, repository maintainers make it easier for their community to update package dependencies and research the impact of the security vulnerabilities.
+---
+ms.openlocfilehash: 329fc14d26f27da725619bc862b99ff239c9aa14
+ms.sourcegitcommit: 27882d9b3f19979c817c25952a2fb4dc4c6f0a65
+ms.translationtype: HT
+ms.contentlocale: zh-CN
+ms.lasthandoff: 10/27/2022
+ms.locfileid: "148113975"
+---
+使用存储库安全公告，存储库维护人员可私下讨论和修复项目中的安全漏洞。 协作得到修补程序后，存储库维护人员可发布安全通知，向项目社区公开安全漏洞。 通过发布安全通知，存储库维护人员可使其社区更轻松地更新包依赖项并对安全漏洞的影响进行调查。

translations/zh-CN/data/variables/product.yml

@@ -202,9 +202,6 @@ prodname_dependency_review_action: 'dependency review action'
 prodname_vs: 'Visual Studio'
 prodname_vscode_shortname: 'VS Code'
 prodname_vscode: 'Visual Studio Code'
-prodname_vs_subscriber: '{% data variables.product.prodname_vs %} subscriber'
-prodname_vss_ghe: 'Visual Studio subscriptions with GitHub Enterprise'
-prodname_vss_admin_portal_with_url: 'the [administrator portal for Visual Studio subscriptions](https://visualstudio.microsoft.com/subscriptions-administration/)'
 prodname_vscode_command_palette_shortname: 'VS Code Command Palette'
 prodname_vscode_command_palette: 'Visual Studio Code Command Palette'
 prodname_vscode_marketplace: 'Visual Studio Code Marketplace'