github
/
docs
зеркало из https://github.com/github/docs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

New translation batch for ja (#30269) 

* Add crowdin translations

* Run script/i18n/homogenize-frontmatter.js

* Run script/i18n/lint-translation-files.js --check rendering

* run script/i18n/reset-files-with-broken-liquid-tags.js --language=ja

* run script/i18n/reset-known-broken-translation-files.js

* Check in ja CSV report

Co-authored-by: Hector Alfaro <hectorsector@github.com>
This commit is contained in:
docubot 2022-08-26 11:51:20 -04:00 коммит произвёл GitHub
Родитель e7280bb896
Коммит b61e658250
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
155 изменённых файлов: 2223 добавлений и 860 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

3
translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/index.md
Просмотреть файл

@ -1,6 +1,6 @@
---
title: Setting up and managing your personal account on GitHub
intro: 'You can manage settings for your personal account on {% data variables.product.prodname_dotcom %}, including email preferences, collaborator access for personal repositories, and organization memberships.'
intro: 'You can manage settings for your personal account on {% ifversion fpt or ghec or ghes %}{% data variables.product.product_location %}{% elsif ghae %}{% data variables.product.product_name %}{% endif %}, including email preferences, access to personal repositories, and organization memberships. You can also manage the account itself.'
shortTitle: Personal accounts
redirect_from:
- /categories/setting-up-and-managing-your-github-user-account
@ -15,6 +15,7 @@ topics:
- Accounts
children:
- /managing-personal-account-settings
- /managing-your-personal-account
- /managing-email-preferences
- /managing-access-to-your-personal-repositories
- /managing-your-membership-in-organizations

6
translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/index.md
Просмотреть файл

@ -1,6 +1,6 @@
---
title: ユーザ アカウント設定の管理
intro: ユーザ名を変更する、アカウントを削除するなど、個人アカウントの設定を変更できます。
intro: 'You can manage settings for your personal account, including your theme, username, default branch, accessibility, and security settings.'
redirect_from:
- /categories/29/articles
- /categories/user-accounts
@ -19,9 +19,6 @@ children:
- /managing-your-theme-settings
- /managing-your-tab-size-rendering-preference
- /changing-your-github-username
- /merging-multiple-personal-accounts
- /converting-a-user-into-an-organization
- /deleting-your-personal-account
- /permission-levels-for-a-personal-account-repository
- /permission-levels-for-a-project-board-owned-by-a-personal-account
- /managing-accessibility-settings
@ -29,7 +26,6 @@ children:
- /managing-security-and-analysis-settings-for-your-personal-account
- /managing-access-to-your-personal-accounts-project-boards
- /integrating-jira-with-your-personal-projects
- /best-practices-for-leaving-your-company
- /what-does-the-available-for-hire-checkbox-do
shortTitle: Personal account settings
---

1
translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/best-practices-for-leaving-your-company.md → translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/best-practices-for-leaving-your-company.md
Просмотреть файл

@ -6,6 +6,7 @@ redirect_from:
- /github/setting-up-and-managing-your-github-user-account/best-practices-for-leaving-your-company
- /github/setting-up-and-managing-your-github-user-account/managing-user-account-settings/best-practices-for-leaving-your-company
- /account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/best-practices-for-leaving-your-company
- /account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/best-practices-for-leaving-your-company
versions:
fpt: '*'
ghec: '*'

3
translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/converting-a-user-into-an-organization.md → translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/converting-a-user-into-an-organization.md
Просмотреть файл

@ -7,6 +7,7 @@ redirect_from:
- /github/setting-up-and-managing-your-github-user-account/converting-a-user-into-an-organization
- /github/setting-up-and-managing-your-github-user-account/managing-user-account-settings/converting-a-user-into-an-organization
- /account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/converting-a-user-into-an-organization
- /account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/converting-a-user-into-an-organization
intro: You can convert your personal account into an organization. これにより、Organization に属するリポジトリに対して、より細かく権限を設定できます。
versions:
fpt: '*'
@ -66,5 +67,5 @@ You can also convert your personal account directly into an organization. アカ
## 参考リンク
- [Team の設定](/articles/setting-up-teams)
{% ifversion fpt or ghec %}-"[Organization に参加するようユーザを招待する](/articles/inviting-users-to-join-your-organization){% endif %}
{% ifversion fpt or ghec %}- 「[ユーザを Organization に招待する](/articles/inviting-users-to-join-your-organization){% endif %}
- [Organization にアクセスする](/articles/accessing-an-organization)

30
translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/deleting-your-personal-account.md → translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/deleting-your-personal-account.md
Просмотреть файл

@ -1,39 +1,53 @@
---
title: Deleting your personal account
intro: 'You can delete your personal account on {% data variables.product.product_name %} at any time.'
intro: 'You can delete your personal account on {% data variables.product.product_location %} at any time.'
redirect_from:
- /articles/deleting-a-user-account
- /articles/deleting-your-user-account
- /github/setting-up-and-managing-your-github-user-account/deleting-your-user-account
- /github/setting-up-and-managing-your-github-user-account/managing-user-account-settings/deleting-your-user-account
- /account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/deleting-your-user-account
- /account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/deleting-your-personal-account
versions:
fpt: '*'
ghes: '*'
ghec: '*'
topics:
- Accounts
shortTitle: Delete your personal account
shortTitle: Delete your account
---
Deleting your personal account removes all repositories, forks of private repositories, wikis, issues, pull requests, and pages owned by your account. {% ifversion fpt or ghec %} 他のユーザが所有するリポジトリでこれまで作成した Issue とプルリクエスト、また行ったコメントが削除されることはなく、代わりに [ゴーストユーザ](https://github.com/ghost)に関連付けられます。{% else %}他のユーザが所有するリポジトリでこれまで作成した Issue とプルリクエスト、また行ったコメントが削除されることはありません。{% endif %}
## About deletion of your personal account
{% ifversion fpt or ghec %} When you delete your account we stop billing you. The email address associated with the account becomes available for use with a different account on {% data variables.product.product_location %}. After 90 days, the account name also becomes available to anyone else to use on a new account. {% endif %}
Deleting your personal account removes all repositories, forks of private repositories, wikis, issues, pull requests, and pages owned by your account. {% ifversion fpt or ghec %}Issues and pull requests you've created and comments you've made in repositories owned by other users will not be deleted. Your resources and comments will become associated with the [ghost user](https://github.com/ghost).{% else %}Issues and pull requests you've created and comments you've made in repositories owned by other users will not be deleted.{% endif %}
If youre the only owner of an organization, you must transfer ownership to another person or delete the organization before you can delete your personal account. If there are other owners in the organization, you must remove yourself from the organization before you can delete your personal account.
{% ifversion ghec %}
{% note %}
**Note**: If your enterprise manages your account and you sign into {% data variables.product.product_location %} through your company's identity provider (IdP), you cannot delete your account. 詳しい情報については「[{% data variables.product.prodname_emus %}について](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users)」を参照してください。
{% endnote %}
{% endif %}
{% ifversion fpt or ghec %}When you delete your account we stop billing you. The email address associated with the account becomes available for use with a different account on {% data variables.product.product_location %}. After 90 days, the account name also becomes available to anyone else to use on a new account. {% endif %}
If you're the only owner of an organization, you must transfer ownership to another person or delete the organization before you can delete your personal account. If there are other owners in the organization, you must remove yourself from the organization before you can delete your personal account.
詳しい情報については、次の記事を参照してください。
詳しい情報については、以下を参照してください。
- "[Organization の所有権の移譲](/articles/transferring-organization-ownership)"
- "[Organization アカウントの削除](/articles/deleting-an-organization-account)"
- "[Organization から自分を削除する](/articles/removing-yourself-from-an-organization/)"
## アカウントデータのバックアップ
Before you delete your personal account, make a copy of all repositories, private forks, wikis, issues, and pull requests owned by your account.
Before you delete your personal account, make a copy of all repositories, private forks, wikis, issues, and pull requests owned by your account. For more information, see "[Backing up a repository](/repositories/archiving-a-github-repository/backing-up-a-repository)."
{% warning %}
**Warning:** Once your personal account has been deleted, GitHub cannot restore your content.
**Warning:** Once your personal account has been deleted, {% ifversion fpt or ghec %}{% data variables.product.company_short %}{% elsif ghes or ghae %}an enterprise owner{% endif %} cannot restore your content.
{% endwarning %}

19
translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/index.md Normal file
Просмотреть файл

@ -0,0 +1,19 @@
---
title: Managing your personal account
intro: 'You can manage your personal account on {% ifversion fpt or ghec or ghes %}{% data variables.product.product_location %}{% elsif ghae %}{% data variables.product.product_name %}{% endif %}. For example, you can {% ifversion fpt or ghec %}manage multiple accounts, {% endif %}convert an account to an organization{% ifversion fpt or ghec or ghes %}, or delete an account{% endif %}.'
shortTitle: Manage personal account
versions:
fpt: '*'
ghes: '*'
ghae: '*'
ghec: '*'
topics:
- Accounts
children:
- /managing-multiple-accounts
- /merging-multiple-personal-accounts
- /converting-a-user-into-an-organization
- /best-practices-for-leaving-your-company
- /deleting-your-personal-account
---

105
translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/managing-multiple-accounts.md Normal file
Просмотреть файл

@ -0,0 +1,105 @@
---
title: Managing multiple accounts
intro: 'If you use one workstation to contribute to projects for more than one account on {% data variables.product.product_location %}, you can modify your Git configuration to simplify the contribution process.'
versions:
feature: multiple-accounts-one-workstation
topics:
- Accounts
- Git
- GitHub
shortTitle: Manage multiple accounts
---
## About management of multiple accounts
In some cases, you may need to use multiple accounts on {% data variables.product.product_location %}. For example, you may have a personal account for open source contributions, and your employer may also create and manage a user account for you within an enterprise.
You cannot use your {% data variables.product.prodname_managed_user %} to contribute to public projects on {% data variables.product.product_location %}, so you must contribute to those resources using your personal account. For more information, see "[About {% data variables.product.prodname_emus %}]({% ifversion fpt %}/enterprise-cloud@latest{% endif %}/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users#abilities-and-restrictions-of-managed-user-accounts){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% elsif ghec %}."{% endif %}
If you want to use one workstation to contribute from both accounts, you can simplify contribution with Git by using a mixture of protocols to access repository data, or by using credentials on a per-repository basis.
{% warning %}
**Warning**: Be mindful when you use one workstation to contribute to two separate accounts. Management of two or more accounts can increase the chance of mistakenly leaking internal code to the public.
{% endwarning %}
If you aren't required to use a {% data variables.product.prodname_managed_user %}, {% data variables.product.company_short %} recommends that you use one personal account for all your work on {% data variables.product.product_location %}. With a single personal account, you can contribute to a combination of personal, open source, or professional projects using one identity. Other people can invite the account to contribute to both individual repositories and repositories owned by an organization, and the account can be a member of multiple organizations or enterprises.
## Contributing to two accounts using HTTPS and SSH
If you contribute with two accounts from one workstation, you can access repositories by using a different protocol and credentials for each account.
Git can use either the HTTPS or SSH protocol to access and update data in repositories on {% data variables.product.product_location %}. The protocol you use to clone a repository determines which credentials your workstation will use to authenticate when you access the repository. With this approach to account management, you store the credentials for one account to use for HTTPS connections and upload an SSH key to the other account to use for SSH connections.
You can find both the HTTPS or an SSH URLs for cloning a repository on {% data variables.product.product_name %}. 詳しい情報については[リポジトリのクローン](/repositories/creating-and-managing-repositories/cloning-a-repository)を参照してください。
For more information about the use of SSH to access repositories on {% data variables.product.product_name %}, see "[Connecting to {% data variables.product.prodname_dotcom %} with SSH](/authentication/connecting-to-github-with-ssh)."
## Contributing to multiple accounts using HTTPS and PATs
Alternatively, if you want to use the HTTPS protocol for both accounts, you can use different personal access tokens (PAT) for each account by configuring Git to store different credentials for each repository.
{% mac %}
{% data reusables.git.open-terminal %}
{% data reusables.git.confirm-credential-manager %}
{% data reusables.git.clear-the-stored-credentials %}
{% data reusables.git.no-credential-manager %}
- If the output is `osxkeychain`, you're using the macOS keychain. To clear the credentials, enter the following command.
```shell{:copy}
git credential-osxkeychain erase https://github.com
```
{% data reusables.git.clear-stored-gcm-credentials %}
{% data reusables.git.cache-on-repository-path %}
{% data reusables.accounts.create-personal-access-tokens %}
{% data reusables.git.provide-credentials %}
{% endmac %}
{% windows %}
1. Git Bash を開きます。
{% data reusables.git.confirm-credential-manager %}
{% data reusables.git.clear-the-stored-credentials %}
{% data reusables.git.no-credential-manager %}
{% data reusables.git.clear-stored-gcm-credentials %}
- If the output is `wincred`, you're using the Windows Credential Manager. To clear the credentials, enter the following command.
```shell{:copy}
cmdkey /delete:LegacyGeneric:target=git:https://github.com
```
{% data reusables.git.cache-on-repository-path %}
{% data reusables.accounts.create-personal-access-tokens %}
{% data reusables.git.provide-credentials %}
{% endwindows %}
{% linux %}
{% data reusables.git.open-terminal %}
{% data reusables.git.confirm-credential-manager %}
{% data reusables.git.clear-the-stored-credentials %}
{% data reusables.git.no-credential-manager %}
{% data reusables.git.clear-stored-gcm-credentials %}
{% data reusables.git.cache-on-repository-path %}
{% data reusables.accounts.create-personal-access-tokens %}
{% data reusables.git.provide-credentials %}
{% endlinux %}
## Contributing to multiple accounts using SSH and `GIT_SSH_COMMAND`
If you want to use the SSH protocol for both accounts, you can use different SSH keys for each account. For more information about using SSH, see "[Connecting to {% data variables.product.prodname_dotcom %} with SSH](/authentication/connecting-to-github-with-ssh)."
To use a different SSH key for different repositories that you clone to your workstation, you must write a shell wrapper function for Git operations. The function should perform the following steps.
1. Determine the repository's full name with owner, using a command such as `git config --get remote.origin.url`.
2. Choose the correct SSH key for authentication.
3. Modify `GIT_SSH_COMMAND` accordingly. For more information about `GIT_SSH_COMMAND`, see [Environment Variables](https://git-scm.com/docs/git#Documentation/git.txt-codeGITSSHCOMMANDcode) in the Git documentation.
For example, the following command sets the `GIT_SSH_COMMAND` environment variable to specify an SSH command that uses the private key file at **_PATH/TO/KEY/FILE_** for authentication to clone the repository named **_OWNER_**/**_REPOSITORY_** on {% data variables.product.product_location %}.
<pre>
GIT_SSH_COMMAND='ssh -i <em>PATH/TO/KEY/FILE</em> -o IdentitiesOnly=yes' git clone git@github.com:<em>OWNER</em>/<em>REPOSITORY</em>
</pre>

3
translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/merging-multiple-personal-accounts.md → translations/ja-JP/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/merging-multiple-personal-accounts.md
Просмотреть файл

@ -8,12 +8,13 @@ redirect_from:
- /github/setting-up-and-managing-your-github-user-account/merging-multiple-user-accounts
- /github/setting-up-and-managing-your-github-user-account/managing-user-account-settings/merging-multiple-user-accounts
- /account-and-profile/setting-up-and-managing-your-github-user-account/managing-user-account-settings/merging-multiple-user-accounts
- /account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/merging-multiple-personal-accounts
versions:
fpt: '*'
ghec: '*'
topics:
- Accounts
shortTitle: Merge multiple personal accounts
shortTitle: Merge multiple accounts
---
{% tip %}

181
translations/ja-JP/content/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect.md
Просмотреть файл

@ -73,6 +73,7 @@ The following example OIDC token uses a subject (`sub`) that references a job en
"repository": "octo-org/octo-repo",
"repository_owner": "octo-org",
"actor_id": "12",
"repo_visibility": private,
"repository_id": "74",
"repository_owner_id": "65",
"run_id": "example-run-id",
@ -130,6 +131,7 @@ The token also includes custom claims provided by {% data variables.product.prod
| `job_workflow_ref` | This is the ref path to the reusable workflow used by this job. For more information, see "["Using OpenID Connect with reusable workflows"](/actions/deployment/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows)." |
| `ref` | _(Reference)_ The git ref that triggered the workflow run. |
| `ref_type` | The type of `ref`, for example: "branch". |
| `repo_visibility` | The visibility of the repository where the workflow is running. Accepts the following values: `internal`, `private`, or `public`. |
| `リポジトリ` | The repository from where the workflow is running. |
| `repository_id` | The ID of the repository from where the workflow is running. |
| `repository_owner` | The name of the organization in which the `repository` is stored. |
@ -240,6 +242,185 @@ curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOK
{% data reusables.actions.oidc-permissions-token %}
{% ifversion actions-oidc-hardening-config %}
## Customizing the token claims
You can security harden your OIDC configuration by customizing the claims that are included with the JWT. This allows your cloud provider to apply more granular trust conditions when determining whether to grant access to its resources. For example, {% ifversion ghec %}you can customize the issuer (`iss`) claim to only allow access from a specific enterprise URL, and {% endif %}you can customize the subject (`sub`) value to require that requests originate from a specific repository, reusable workflow, or other source.
To configure the claim conditions on {% data variables.product.prodname_dotcom %}, you can use the REST API endpoints described in the following sections.
{% ifversion ghec %}
### Switching to a unique token URL
By default, the JWT is issued by {% data variables.product.prodname_dotcom %}'s OIDC provider at `https://token.actions.githubusercontent.com`. This path is presented to your cloud provider using the `iss` value in the JWT.
Enterprise admins can security harden their OIDC configuration by configuring their enterprise to receive tokens from a unique URL at `https://api.github.com/enterprises/<enterpriseSlug>/actions/oidc/customization/issuer`. Replace `<enterpriseSlug>` with the slug value of your enterprise.
This configuration means that your enterprise will receive the OIDC token from a unique URL, and you can then configure your cloud provider to only accept tokens from that URL. This helps ensure that only the enterprise's repositories can access your cloud resources using OIDC.
To activate this setting for your enterprise, an enterprise admin must use the `/enterprises/{enterprise}/actions/oidc/customization/issuer` endpoint and specify `"include_enterprise_slug": true` in the request body. For more information, see "[Set the {% data variables.product.prodname_actions %} OIDC custom issuer policy for an enterprise](/rest/actions/oidc#set-the-github-actions-oidc-custom-issuer-policy-for-an-enterprise)."
After this setting is applied, the JWT will contain the updated `iss` value. In the following example, the `iss` key uses `octocat-inc` as its `enterpriseSlug` value:
```json
{
"jti": "6f4762ed-0758-4ccb-808d-ee3af5d723a8"
"sub": "repo:octocat-inc/private-server:ref:refs/heads/main"
"aud": "http://octocat-inc.example/octocat-inc"
"enterprise": "octocat-inc"
"iss": "https://api.github.com/enterprises/octocat-inc/actions/oidc/customization/issuer",
"bf": 1755350653,
"exp": 1755351553,
"iat": 1755351253
}
```
{% endif %}
### Customizing the subject claims for an organization
To configure organization-wide security, compliance, and standardization, you can customize the standard claims to suit your required access conditions. If your cloud provider supports conditions on subject claims, you can create a condition that checks whether the `sub` value matches the path of the reusable workflow, such as `"job_workflow_ref: "octo-org/octo-automation/.github/workflows/oidc.yml@refs/heads/main""`. The exact format will vary depending on your cloud provider's OIDC configuration. To configure the matching condition on {% data variables.product.prodname_dotcom %}, you can can use the REST API to require that the `sub` claim must always include a specific custom claim, such as `job_workflow_ref`. For more information, see "[Set the customization template for an OIDC subject claim for an organization](/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-an-organization)."
The following example templates demonstrate various ways to customize the subject claim. To configure these settings on {% data variables.product.prodname_dotcom %}, organization admins use the REST API to specify a list of claims that must be included in the subject (`sub`) claim. {% data reusables.actions.use-request-body-api %}
To customize your subject claims, you should first create a matching condition in your cloud provider's OIDC configuration, before adding the configuration using the REST API. Once the configuration is completed, each time a new job runs, the OIDC token generated during that job will follow the new customization template. If the matching condition doesn't exist in the cloud provider's OIDC configuration before the job runs, the generated token might not be accepted by the cloud provider, since the cloud conditions may not be synchronized.
{% note %}
**Note**: When the organization template is applied, it will not affect any existing repositories that already use OIDC. For new repositories that are created after the template has been applied, the repository owner will need to opt-in to receive this configuration. For more information, see "[Set the opt-in flag of an OIDC subject claim customization for a repository](/rest/actions/oidc#set-the-opt-in-flag-of-an-oidc-subject-claim-customization-for-a-repository)."
{% endnote %}
#### Example: Allowing repository based on visibility and owner
This example template enables cloud access based on repository visibility and owner, letting you restrict cloud role access to only private repositories within an organization or enterprise. {% data reusables.actions.use-request-body-api %}
```json
{
"include_claim_keys": [
"repository_owner",
"repository_visibility"
]
}
```
In your cloud provider's OIDC configuration, configure the `sub` condition to require that claims must include specific values for `repository_owner` and `repository_visibility`. For example: `"repository_owner: "monalisa":repository_visibility:private"`.
#### Example: Allowing access to all repositories with a specific owner
This example template grants access to all repositories with a specified `repository_owner`. {% data reusables.actions.use-request-body-api %}
```json
{
"include_claim_keys": [
"repository_owner"
]
}
```
In your cloud provider's OIDC configuration, configure the `sub` condition to require that claims must include a specific value for `repository_owner`. For example: `"repository_owner: "monalisa""`
#### Example: Requiring a reusable workflow
This example template requires a specific reusable workflow in a claim, letting an enterprise enforce consistent deployments across its enterprise, organizations, and repositories. {% data reusables.actions.use-request-body-api %}
```json
{
"include_claim_keys": [
"job_workflow_ref"
]
}
```
In your cloud provider's OIDC configuration, configure the `sub` condition to require that claims must include a specific value for `job_workflow_ref`. For example: `"job_workflow_ref: "octo-org/octo-automation/.github/workflows/oidc.yml@refs/heads/main""`.
#### Example: Requiring a reusable workflow and other claims
This example template combines the requirement of a specific reusable workflow with additional claims. {% data reusables.actions.use-request-body-api %}
```json
{
"include_claim_keys": [
"repo",
"context",
"job_workflow_ref"
]
}
```
In your cloud provider's OIDC configuration, configure the `sub` condition to require that claims must include specific values for `repo`, `context`, and `job_workflow_ref`.
#### Example: Granting access to a specific repository
This example template lets you grant cloud access to all the workflows in a specific repository, across all branches/tags and environments. To help improve security, combine this template with the custom issuer URL described in "[Customizing the token URL for an enterprise](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#customizing-the-token-url-for-an-enterprise)."
{% data reusables.actions.use-request-body-api %}
```json
{
"include_claim_keys": [
"repo"
]
}
```
In your cloud provider's OIDC configuration, configure the `sub` condition to require a `repo` claim that matches the required value.
#### Example: Using system-generated GUIDs
This example template enables predictable OIDC claims with system-generated GUIDs that do not change between renames of entities (such as renaming a repository). {% data reusables.actions.use-request-body-api %}
```json
{
"include_claim_keys": [
"repository_id"
]
}
```
In your cloud provider's OIDC configuration, configure the `sub` condition to require a `repository_id` claim that matches the required value.
oR:
```json
{
"include_claim_keys": [
"repository_owner_id"
]
}
```
In your cloud provider's OIDC configuration, configure the `sub` condition to require a `repository_owner_id` claim that matches the required value.
#### Resetting your customizations
This example template resets the subject claims to the default format. {% data reusables.actions.use-request-body-api %} This template effectively opts out of any organization-level customization policy.
```json
{
"include_claim_keys": [
"repo",
"context"
]
}
```
In your cloud provider's OIDC configuration, configure the `sub` condition to require that claims must include specific values for `repo` and `context`.
#### Using the default subject claims
For repositories that can receive a subject claim policy from their organization, the repository owner can later choose to opt-out and instead use the default `sub` claim format. To configure this, the repository admin must use the REST API endpoint at "[Set the opt-out flag of an OIDC subject claim customization for a repository](/rest/actions/oidc#set-the-opt-out-flag-of-an-oidc-subject-claim-customization-for-a-repository)" with the following request body:
```json
{
"use_default": true
}
```
{% endif %}
## Updating your workflows for OIDC
You can now update your YAML workflows to use OIDC access tokens instead of secrets. Popular cloud providers have published their official login actions that make it easy for you to get started with OIDC. For more information about updating your workflows, see the cloud-specific guides listed below in "[Enabling OpenID Connect for your cloud provider](#enabling-openid-connect-for-your-cloud-provider)."

143
translations/ja-JP/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-hashicorp-vault.md
Просмотреть файл

@ -32,10 +32,52 @@ This guide gives an overview of how to configure HashiCorp Vault to trust {% dat
To use OIDC with HashiCorp Vault, you will need to add a trust configuration for the {% data variables.product.prodname_dotcom %} OIDC provider. For more information, see the HashiCorp Vault [documentation](https://www.vaultproject.io/docs/auth/jwt).
Configure the vault to accept JSON Web Tokens (JWT) for authentication:
- For the `oidc_discovery_url`, use {% ifversion ghes %}`https://HOSTNAME/_services/token`{% else %}`https://token.actions.githubusercontent.com`{% endif %}
- For `bound_issuer`, use {% ifversion ghes %}`https://HOSTNAME/_services/token`{% else %}`https://token.actions.githubusercontent.com`{% endif %}
- Ensure that `bound_subject` is correctly defined for your security requirements. For more information, see ["Configuring the OIDC trust with the cloud"](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud) and [`hashicorp/vault-action`](https://github.com/hashicorp/vault-action).
To configure your Vault server to accept JSON Web Tokens (JWT) for authentication:
1. Enable the JWT `auth` method, and use `write` to apply the configuration to your Vault. For `oidc_discovery_url` and `bound_issuer` parameters, use {% ifversion ghes %}`https://HOSTNAME/_services/token`{% else %}`https://token.actions.githubusercontent.com`{% endif %}. These parameters allow the Vault server to verify the received JSON Web Tokens (JWT) during the authentication process.
```sh{:copy}
vault auth enable jwt
```
```sh{:copy}
vault write auth/jwt/config \
bound_issuer="{% ifversion ghes %}https://HOSTNAME/_services/token{% else %}https://token.actions.githubusercontent.com{% endif %}" \
oidc_discovery_url="{% ifversion ghes %}https://HOSTNAME/_services/token{% else %}https://token.actions.githubusercontent.com{% endif %}"
```
2. Configure a policy that only grants access to the specific paths your workflows will use to retrieve secrets. For more advanced policies, see the HashiCorp Vault [Policies documentation](https://www.vaultproject.io/docs/concepts/policies).
```sh{:copy}
vault policy write myproject-production - <<EOF
# Read-only permission on 'secret/data/production/*' path
path "secret/data/production/*" {
capabilities = [ "read" ]
}
EOF
```
3. Configure roles to group different policies together. If the authentication is successful, these policies are attached to the resulting Vault access token.
```sh{:copy}
vault write auth/jwt/role/myproject-production -<<EOF
{
"role_type": "jwt",
"user_claim": "actor",
"bound_claims": {
"repository": "user-or-org-name/repo-name"
},
"policies": ["myproject-production"],
"ttl": "10m"
}
EOF
```
- `ttl` defines the validity of the resulting access token.
- Ensure that the `bound_claims` parameter is defined for your security requirements, and has at least one condition. Optionally, you can also set the `bound_subject` as well as the `bound_audiences` parameter.
- To check arbitrary claims in the received JWT payload, the `bound_claims` parameter contains a set of claims and their required values. In the above example, the role will accept any incoming authentication requests from the `repo-name` repository owned by the `user-or-org-name` account.
- To see all the available claims supported by {% data variables.product.prodname_dotcom %}'s OIDC provider, see ["Configuring the OIDC trust with the cloud"](/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud).
For more information, see the HashiCorp Vault [documentation](https://www.vaultproject.io/docs/auth/jwt).
## {% data variables.product.prodname_actions %} ワークフローを更新する
@ -49,39 +91,96 @@ To add OIDC integration to your workflows that allow them to access secrets in V
- {% data variables.product.prodname_dotcom %} OIDCプロバイダーからトークンをフェッチする権限の付与:
- The workflow needs `permissions:` settings with the `id-token` value set to `write`. これによって、ワークフロー中のすべてのジョブからODICトークンをフェッチできるようになります。
- Request the JWT from the {% data variables.product.prodname_dotcom %} OIDC provider, and present it to HashiCorp Vault to receive an access token:
- You could use the [Actions toolkit](https://github.com/actions/toolkit/) to fetch the tokens for your job, or you can use the [`hashicorp/vault-action`](https://github.com/hashicorp/vault-action) action to fetch the JWT and receive the access token from the Vault.
- You can use the [`hashicorp/vault-action`](https://github.com/hashicorp/vault-action) action to fetch the JWT and receive the access token from Vault, or you could use the [Actions toolkit](https://github.com/actions/toolkit/) to fetch the tokens for your job.
This example demonstrates how to use OIDC with the official action to request a secret from HashiCorp Vault.
### Adding permissions settings
 {% data reusables.actions.oidc-permissions-token %}
{% data reusables.actions.oidc-permissions-token %}
{% note %}
**ノート**:
When the `permissions` key is used, all unspecified permissions are set to _no access_, with the exception of the metadata scope, which always gets _read_ access. As a result, you may need to add other permissions, such as `contents: read`. See [Automatic token authentication](/actions/security-guides/automatic-token-authentication) for more information.
{% endnote %}
### Requesting the access token
The `hashicorp/vault-action` action receives a JWT from the {% data variables.product.prodname_dotcom %} OIDC provider, and then requests an access token from your HashiCorp Vault instance to retrieve secrets. For more information, see the HashiCorp Vault [documentation](https://github.com/hashicorp/vault-action).
The `hashicorp/vault-action` action receives a JWT from the {% data variables.product.prodname_dotcom %} OIDC provider, and then requests an access token from your HashiCorp Vault instance to retrieve secrets. For more information, see the HashiCorp Vault GitHub Action [documentation](https://github.com/hashicorp/vault-action).
This example demonstrates how to create a job that requests a secret from HashiCorp Vault.
- `<Vault URL>`: Replace this with the URL of your HashiCorp Vault.
- `<Vault Namespace>`: Replace this with the Namespace you've set in HashiCorp Vault. For example: `admin`.
- `<Role name>`: Replace this with the role you've set in the HashiCorp Vault trust relationship.
- `<Audience>`: Replace this with the audience you've defined in the HashiCorp Vault trust relationship.
- `<Secret-Path>`: Replace this with the path to the secret you're retrieving from HashiCorp Vault. For example: `secret/data/ci npmToken`.
- `<Secret-Path>`: Replace this with the path to the secret you're retrieving from HashiCorp Vault. For example: `secret/data/production/ci npmToken`.
```yaml{:copy}
jobs:
retrieve-secret:
steps:
- name: Retrieve secret from Vault
uses: hashicorp/vault-action@v2.4.0
with:
url: <Vault URL>
role: <Role name>
method: jwt
jwtGithubAudience: <Audience>
secrets: <Secret-Path>
retrieve-secret:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- name: Retrieve secret from Vault
uses: hashicorp/vault-action@v2.4.0
with:
method: jwt
url: <Vault URL>
namespace: <Vault Namespace - HCP Vault and Vault Enterprise only>
role: <Role name>
secrets: <Secret-Path>
- name: Use secret from Vault
run: |
# This step has access to the secret retrieved above; see hashicorp/vault-action for more details.
- name: Use secret from Vault
run: |
# This step has access to the secret retrieved above; see hashicorp/vault-action for more details.
```
{% note %}
**ノート**:
- If your Vault server is not accessible from the public network, consider using a self-hosted runner with other available Vault [auth methods](https://www.vaultproject.io/docs/auth). 詳しい情報については「[セルフホストランナーについて](/actions/hosting-your-own-runners/about-self-hosted-runners)」を参照してください。
- `<Vault Namespace>` must be set for a Vault Enterprise (including HCP Vault) deployment. For more information, see [Vault namespace](https://www.vaultproject.io/docs/enterprise/namespaces).
{% endnote %}
### Revoking the access token
By default, the Vault server will automatically revoke access tokens when their TTL is expired, so you don't have to manually revoke the access tokens. However, if you do want to revoke access tokens immediately after your job has completed or failed, you can manually revoke the issued token using the [Vault API](https://www.vaultproject.io/api/auth/token#revoke-a-token-self).
1. Set the `exportToken` option to `true` (default: `false`). This exports the issued Vault access token as an environment variable: `VAULT_TOKEN`.
2. Add a step to call the [Revoke a Token (Self)](https://www.vaultproject.io/api/auth/token#revoke-a-token-self) Vault API to revoke the access token.
```yaml{:copy}
jobs:
retrieve-secret:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- name: Retrieve secret from Vault
uses: hashicorp/vault-action@v2.4.0
with:
exportToken: true
method: jwt
url: <Vault URL>
role: <Role name>
secrets: <Secret-Path>
- name: Use secret from Vault
run: |
# This step has access to the secret retrieved above; see hashicorp/vault-action for more details.
- name: Revoke token
# This step always runs at the end regardless of the previous steps result
if: always()
run: |
curl -X POST -sv -H "X-Vault-Token: {% raw %}${{ env.VAULT_TOKEN }}{% endraw %}" \
<Vault URL>/v1/auth/token/revoke-self
```

88
translations/ja-JP/content/actions/learn-github-actions/contexts.md
Просмотреть файл

@ -33,17 +33,13 @@ You can access contexts using the expression syntax. For more information, see "
{% data reusables.actions.context-injection-warning %}
| コンテキスト名 | 種類 | 説明 |
| ---------- | -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
| `github` | `オブジェクト` | ワークフロー実行に関する情報。 詳しい情報については、「[`github` コンテキスト](#github-context)」を参照してください。 |
| `env` | `オブジェクト` | ワークフロー、ジョブ、ステップで設定された環境変数が含まれます。 詳しい情報については、[`env` コンテキスト](#env-context)を参照してください。 |
| `ジョブ` | `オブジェクト` | Information about the currently running job. 詳しい情報については、「[`job` コンテキスト](#job-context)」を参照してください。 |
| `steps` | `オブジェクト` | Information about the steps that have been run in the current job. 詳しい情報については、「[`steps` コンテキスト](#steps-context)」を参照してください。 |
| `runner` | `オブジェクト` | 現在のジョブを実行している runner に関する情報。 詳しい情報については[`runner`コンテキスト](#runner-context)を参照してください。 |
| `secrets` | `オブジェクト` | Contains the names and values of secrets that are available to a workflow run. For more information, see [`secrets` context](#secrets-context). |
| `strategy` | `オブジェクト` | Information about the matrix execution strategy for the current job. For more information, see [`strategy` context](#strategy-context). |
| `matrix` | `オブジェクト` | Contains the matrix properties defined in the workflow that apply to the current job. For more information, see [`matrix` context](#matrix-context). |
| `needs` | `オブジェクト` | Contains the outputs of all jobs that are defined as a dependency of the current job. 詳しい情報については[`needs`コンテキスト](#needs-context)を参照してください。 |
| コンテキスト名 | 種類 | 説明 |
| -------- | -------- | ------------------------------------------------------------------------------------------------ |
| `github` | `オブジェクト` | ワークフロー実行に関する情報。 詳しい情報については、「[`github` コンテキスト](#github-context)」を参照してください。 |
| `env` | `オブジェクト` | ワークフロー、ジョブ、ステップで設定された環境変数が含まれます。 詳しい情報については、[`env` コンテキスト](#env-context)を参照してください。 |
| `ジョブ` | `オブジェクト` | Information about the currently running job. 詳しい情報については、「[`job` コンテキスト](#job-context)」を参照してください。 |
{%- ifversion fpt or ghes > 3.3 or ghae-issue-4757 or ghec %}
| `jobs` | `object` | For reusable workflows only, contains outputs of jobs from the reusable workflow. For more information, see [`jobs` context](#jobs-context). |{% endif %} | `steps` | `object` | Information about the steps that have been run in the current job. 詳しい情報については、「[`steps` コンテキスト](#steps-context)」を参照してください。 | | `runner` | `object` | Information about the runner that is running the current job. 詳しい情報については[`runner`コンテキスト](#runner-context)を参照してください。 | | `secrets` | `object` | Contains the names and values of secrets that are available to a workflow run. For more information, see [`secrets` context](#secrets-context). | | `strategy` | `object` | Information about the matrix execution strategy for the current job. For more information, see [`strategy` context](#strategy-context). | | `matrix` | `object` | Contains the matrix properties defined in the workflow that apply to the current job. For more information, see [`matrix` context](#matrix-context). | | `needs` | `object` | Contains the outputs of all jobs that are defined as a dependency of the current job. 詳しい情報については[`needs`コンテキスト](#needs-context)を参照してください。 |
{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-4757 %}
| `inputs` | `object` | Contains the inputs of a reusable {% ifversion actions-unified-inputs %}or manually triggered {% endif %}workflow. For more information, see [`inputs` context](#inputs-context). |{% endif %}
@ -184,7 +180,7 @@ jobs:
| {% ifversion actions-stable-actor-ids %}The username of the user that triggered the initial workflow run. If the workflow run is a re-run, this value may differ from `github.triggering_actor`. Any workflow re-runs will use the privileges of `github.actor`, even if the actor initiating the re-run (`github.triggering_actor`) has different privileges.{% else %}The username of the user that initiated the workflow run.{% endif %} | | |
| | | |
| `github.api_url` | `string` | The URL of the {% data variables.product.prodname_dotcom %} REST API. |
| `github.base_ref` | `string` | ワークフローの実行における `base_ref` またはプルリクエストのターゲットブランチ。 このプロパティは、ワークフローの実行をトリガーするイベントが `pull_request` または `pull_request_target` のいずれかである場合にのみ使用できます。 |
| `github.base_ref` | `string` | ワークフローの実行における `base_ref` またはPull Requestのターゲットブランチ。 このプロパティは、ワークフローの実行をトリガーするイベントが `pull_request` または `pull_request_target` のいずれかである場合にのみ使用できます。 |
| `github.env` | `string` | Path on the runner to the file that sets environment variables from workflow commands. This file is unique to the current step and is a different file for each step in a job. For more information, see "[Workflow commands for {% data variables.product.prodname_actions %}](/actions/learn-github-actions/workflow-commands-for-github-actions#setting-an-environment-variable)." |
| `github.event` | `オブジェクト` | webhook ペイロードの完全なイベント。 このコンテキストを使用して、イベントの個々のプロパティにアクセスできます。 This object is identical to the webhook payload of the event that triggered the workflow run, and is different for each event. The webhooks for each {% data variables.product.prodname_actions %} event is linked in "[Events that trigger workflows](/articles/events-that-trigger-workflows/)." For example, for a workflow run triggered by the [`push` event](/actions/using-workflows/events-that-trigger-workflows#push), this object contains the contents of the [push webhook payload](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#push). |
| `github.event_name` | `string` | ワークフローの実行をトリガーしたイベントの名前。 |
@ -196,7 +192,7 @@ jobs:
{%- ifversion fpt or ghec or ghes > 3.3 or ghae-issue-5338 %}
| `github.ref_name` | `string` | {% data reusables.actions.ref_name-description %} | | `github.ref_protected` | `string` | {% data reusables.actions.ref_protected-description %} | | `github.ref_type` | `string` | {% data reusables.actions.ref_type-description %}
{%- endif %}
| `github.path` | `string` | Path on the runner to the file that sets system `PATH` variables from workflow commands. This file is unique to the current step and is a different file for each step in a job. 詳しい情報については「[{% data variables.product.prodname_actions %}のワークフローコマンド](/actions/learn-github-actions/workflow-commands-for-github-actions#adding-a-system-path)」を参照してください。 | | `github.repository` | `string` | The owner and repository name. `Codertocat/Hello-World`などです。 | | `github.repository_owner` | `string` | The repository owner's name. たとえば`Codertocat`。 | | `github.repositoryUrl` | `string` | The Git URL to the repository. For example, `git://github.com/codertocat/hello-world.git`. | | `github.retention_days` | `string` | The number of days that workflow run logs and artifacts are kept. | | `github.run_id` | `string` | {% data reusables.actions.run_id_description %} | | `github.run_number` | `string` | {% data reusables.actions.run_number_description %}
| `github.path` | `string` | Path on the runner to the file that sets system `PATH` variables from workflow commands. This file is unique to the current step and is a different file for each step in a job. For more information, see "[Workflow commands for {% data variables.product.prodname_actions %}](/actions/learn-github-actions/workflow-commands-for-github-actions#adding-a-system-path)." | | `github.repository` | `string` | The owner and repository name. `Codertocat/Hello-World`などです。 | | `github.repository_owner` | `string` | The repository owner's name. たとえば`Codertocat`。 | | `github.repositoryUrl` | `string` | The Git URL to the repository. For example, `git://github.com/codertocat/hello-world.git`. | | `github.retention_days` | `string` | The number of days that workflow run logs and artifacts are kept. | | `github.run_id` | `string` | {% data reusables.actions.run_id_description %} | | `github.run_number` | `string` | {% data reusables.actions.run_number_description %}
{%- ifversion fpt or ghec or ghes > 3.5 or ghae-issue-4722 %}
| `github.run_attempt` | `string` | A unique number for each attempt of a particular workflow run in a repository. This number begins at 1 for the workflow run's first attempt, and increments with each re-run. |
{%- endif %}
@ -390,6 +386,72 @@ jobs:
- run: ./run-tests
```
{% ifversion fpt or ghes > 3.3 or ghae-issue-4757 or ghec %}
## `jobs` context
The `jobs` context is only available in reusable workflows, and can only be used to set outputs for a reusable workflow. 詳しい情報については「[ワークフローの再利用](/actions/using-workflows/reusing-workflows#using-outputs-from-a-reusable-workflow)」を参照してください。
| プロパティ名 | 種類 | 説明 |
| ------------------------------------------------- | -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `jobs` | `オブジェクト` | This is only available in reusable workflows, and can only be used to set outputs for a reusable workflow. This object contains all the properties listed below. |
| `jobs.<job_id>.result` | `string` | The result of a job in the reusable workflow. `success`、`failure`、`cancelled`、`skipped`のいずれかの値をとります。 |
| `jobs.<job_id>.outputs` | `オブジェクト` | The set of outputs of a job in a reusable workflow. |
| `jobs.<job_id>.outputs.<output_name>` | `string` | The value of a specific output for a job in a reusable workflow. |
### Example contents of the `jobs` context
This example `jobs` context contains the result and outputs of a job from a reusable workflow run.
```json
{
example_job: {
result: success,
outputs: {
output1: hello,
output2: world
}
}
}
```
### Example usage of the `jobs` context
This example reusable workflow uses the `jobs` context to set outputs for the reusable workflow. Note how the outputs flow up from the steps, to the job, then to the `workflow_call` trigger. 詳しい情報については「[ワークフローの再利用](/actions/using-workflows/reusing-workflows#using-outputs-from-a-reusable-workflow)」を参照してください。
{% raw %}
```yaml{:copy}
name: Reusable workflow
on:
workflow_call:
# Map the workflow outputs to job outputs
outputs:
firstword:
description: "The first output string"
value: ${{ jobs.example_job.outputs.output1 }}
secondword:
description: "The second output string"
value: ${{ jobs.example_job.outputs.output2 }}
jobs:
example_job:
name: Generate output
runs-on: ubuntu-latest
# Map the job outputs to step outputs
outputs:
output1: ${{ steps.step1.outputs.firstword }}
output2: ${{ steps.step2.outputs.secondword }}
steps:
- id: step1
run: echo "::set-output name=firstword::hello"
- id: step2
run: echo "::set-output name=secondword::world"
```
{% endraw %}
{% endif %}
## `steps` コンテキスト
The `steps` context contains information about the steps in the current job that have an [`id`](/actions/learn-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepsid) specified and have already run.

2
translations/ja-JP/content/actions/learn-github-actions/understanding-github-actions.md
Просмотреть файл

@ -93,7 +93,7 @@ You can write your own actions, or you can find actions to use in your workflows
- {% data variables.product.prodname_actions %} について詳しくは、「[アクションの検索とカスタマイズ](/actions/learn-github-actions/finding-and-customizing-actions)」を参照してください。
{% ifversion fpt or ghec or ghes %}
- To understand how billing works for {% data variables.product.prodname_actions %}, see "[About billing for {% data variables.product.prodname_actions %}](/actions/reference/usage-limits-billing-and-administration#about-billing-for-github-actions)".
- To understand how billing works for {% data variables.product.prodname_actions %}, see "[About billing for {% data variables.product.prodname_actions %}](/actions/reference/usage-limits-billing-and-administration#about-billing-for-github-actions)."
{% endif %}
## サポートへの連絡

10
translations/ja-JP/content/actions/using-workflows/events-that-trigger-workflows.md
Просмотреть файл

@ -812,6 +812,8 @@ Runs your workflow when activity on a pull request in the workflow's repository
This event runs in the context of the base of the pull request, rather than in the context of the merge commit, as the `pull_request` event does. This prevents execution of unsafe code from the head of the pull request that could alter your repository or steal any secrets you use in your workflow. This event allows your workflow to do things like label or comment on pull requests from forks. Avoid using this event if you need to build or run code from the pull request.
To ensure repository security, branches with names that match certain patterns (such as those which look similar to SHAs) may not trigger workflows with the `pull_request_target` event.
{% warning %}
**Warning:** For workflows that are triggered by the `pull_request_target` event, the `GITHUB_TOKEN` is granted read/write repository permission unless the `permissions` key is specified and the workflow can access secrets, even when it is triggered from a fork. ワークフローはPull Requestのベースのコンテキストで実行されますが、このイベントでPull Requestから信頼できないコードをチェックアウトしたり、ビルドしたり、実行したりしないようにしなければなりません。 Additionally, any caches share the same scope as the base branch. To help prevent cache poisoning, you should not save the cache if there is a possibility that the cache contents were altered. 詳細については、GitHub Security Lab Web サイトの「[GitHub Actions とワークフローを安全に保つ: pwn リクエストの防止](https://securitylab.github.com/research/github-actions-preventing-pwn-requests)」を参照してください。
@ -957,7 +959,7 @@ on:
#### Running your workflow only when a push to specific branches occurs
You can use the `branches` or `branches-ignore` filter to configure your workflow to only run when specific branches are pushed. 詳しい情報については「[GitHub Actionsのワークフロー構文](/actions/learn-github-actions/workflow-syntax-for-github-actions#onpushbranchestagsbranches-ignoretags-ignore)」を参照してください。
You can use the `branches` or `branches-ignore` filter to configure your workflow to only run when specific branches are pushed. For more information, see "[Workflow syntax for GitHub Actions](/actions/learn-github-actions/workflow-syntax-for-github-actions#onpushbranchestagsbranches-ignoretags-ignore)."
For example, this workflow will run when someone pushes to `main` or to a branch that starts with `releases/`.
@ -986,7 +988,7 @@ on:
#### Running your workflow only when a push of specific tags occurs
You can use the `tags` or `tags-ignore` filter to configure your workflow to only run when specific tags are pushed. 詳しい情報については「[GitHub Actionsのワークフロー構文](/actions/learn-github-actions/workflow-syntax-for-github-actions#onpushbranchestagsbranches-ignoretags-ignore)」を参照してください。
You can use the `tags` or `tags-ignore` filter to configure your workflow to only run when specific tags are pushed. For more information, see "[Workflow syntax for GitHub Actions](/actions/learn-github-actions/workflow-syntax-for-github-actions#onpushbranchestagsbranches-ignoretags-ignore)."
For example, this workflow will run when someone pushes a tag that starts with `v1.`.
@ -1039,7 +1041,7 @@ on:
{% data reusables.actions.branch-requirement %}
Runs your workflow when activity related to {% data variables.product.prodname_registry %} occurs in your repository. 詳しい情報については、「[{% data variables.product.prodname_registry %} のドキュメント](/packages)」を参照してください。
Runs your workflow when activity related to {% data variables.product.prodname_registry %} occurs in your repository. For more information, see "[{% data variables.product.prodname_registry %} Documentation](/packages)."
For example, you can run a workflow when a new package version has been `published`.
@ -1091,7 +1093,7 @@ on:
{% data reusables.actions.branch-requirement %}
{% data variables.product.product_name %} の外部で生じるアクティビティのためにワークフローをトリガーしたい場合、{% data variables.product.product_name %} API を使って、[`repository_dispatch`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads/#repository_dispatch) と呼ばれる webhook イベントをトリガーできます。 詳細については、「[リポジトリディスパッチ イベントの作成](/rest/reference/repos#create-a-repository-dispatch-event)」を参照してください。
You can use the {% data variables.product.product_name %} API to trigger a webhook event called [`repository_dispatch`](/developers/webhooks-and-events/webhooks/webhook-events-and-payloads/#repository_dispatch) when you want to trigger a workflow for activity that happens outside of {% data variables.product.product_name %}. 詳細については、「[リポジトリディスパッチ イベントの作成](/rest/reference/repos#create-a-repository-dispatch-event)」を参照してください。
When you make a request to create a `repository_dispatch` event, you must specify an `event_type` to describe the activity type. By default, all `repository_dispatch` activity types trigger a workflow to run. You can use the `types` keyword to limit your workflow to run when a specific `event_type` value is sent in the `repository_dispatch` webhook payload.

4
translations/ja-JP/content/actions/using-workflows/workflow-syntax-for-github-actions.md
Просмотреть файл

@ -365,9 +365,9 @@ For more information, see "[Context availability](/actions/learn-github-actions/
ジョブでステップの一部として実行されるアクションを選択します。 アクションとは、再利用可能なコードの単位です。 ワークフロー、パブリックリポジトリ、または[公開されているDockerコンテナイメージ](https://hub.docker.com/)と同じリポジトリで定義されているアクションを使用できます。
Git ref、SHA、またはDockerタグ番号を指定して、使用しているアクションのバージョンを含めることを強く推奨します。 バージョンを指定しないと、アクションのオーナーがアップデートを公開したときに、ワークフローが中断したり、予期せぬ動作をしたりすることがあります。
We strongly recommend that you include the version of the action you are using by specifying a Git ref, SHA, or Docker tag. バージョンを指定しないと、アクションのオーナーがアップデートを公開したときに、ワークフローが中断したり、予期せぬ動作をしたりすることがあります。
- リリースされたアクションバージョンのコミットSHAを使用するのが、安定性とセキュリティのうえで最も安全です。
- 特定のメジャーアクションバージョンを使用すると、互換性を維持したまま重要な修正とセキュリティパッチを受け取ることができます。 ワークフローが引き続き動作することも保証できます。
- If the action publishes major version tags, you should expect to receive critical fixes and security patches while still retaining compatibility. Note that this behavior is at the discretion of the action's author.
- アクションのデフォルトブランチを使用すると便利なこともありますが、別のユーザが破壊的変更を加えた新しいメジャーバージョンをリリースすると、ワークフローが動作しなくなる場合があります。
入力が必要なアクションもあり、入力を[`with`](#jobsjob_idstepswith)キーワードを使って設定する必要があります。 必要な入力を判断するには、アクションのREADMEファイルをお読みください。

19
translations/ja-JP/content/admin/configuration/configuring-github-connect/about-github-connect.md
Просмотреть файл

@ -8,6 +8,7 @@ type: overview
topics:
- Enterprise
- GitHub Connect
miniTocMaxHeadingLevel: 3
---
## About {% data variables.product.prodname_github_connect %}
@ -37,6 +38,16 @@ Unified contributions | Allow users to include anonymized contribution counts fo
## Data transmission for {% data variables.product.prodname_github_connect %}
When {% data variables.product.prodname_github_connect %} is enabled, a record on {% data variables.product.prodname_ghe_cloud %} stores information about the connection. If you enable individual features of {% data variables.product.prodname_github_connect %}, additional data is transmitted.
{% note %}
**Note:** No repositories, issues, or pull requests are ever transmitted from {% data variables.product.product_name %} to {% data variables.product.prodname_dotcom_the_website %} by {% data variables.product.prodname_github_connect %}.
{% endnote %}
### Data transmitted when {% data variables.product.prodname_github_connect %} is enabled
When you enable {% data variables.product.prodname_github_connect %} or specific {% data variables.product.prodname_github_connect %} features, a record on {% data variables.product.prodname_ghe_cloud %} stores the following information about the connection.
{% ifversion ghes %}
- The public key portion of your {% data variables.product.prodname_ghe_server %} license
@ -54,11 +65,7 @@ When you enable {% data variables.product.prodname_github_connect %} or specific
{% data variables.product.prodname_github_connect %} syncs the above connection data between {% data variables.product.product_location %} and {% data variables.product.prodname_ghe_cloud %} weekly, from the day and approximate time that {% data variables.product.prodname_github_connect %} was enabled.
{% note %}
**Note:** No repositories, issues, or pull requests are ever transmitted from {% data variables.product.product_name %} to {% data variables.product.prodname_dotcom_the_website %} by {% data variables.product.prodname_github_connect %}.
{% endnote %}
### Data transmitted by individual features of {% data variables.product.prodname_github_connect %}
Additional data is transmitted if you enable individual features of {% data variables.product.prodname_github_connect %}.
@ -68,7 +75,7 @@ Automatic user license sync | Each {% data variables.product.product_name %} use
{% data variables.product.prodname_dependabot_alerts %} | Vulnerability alerts | From {% data variables.product.prodname_dotcom_the_website %} to {% data variables.product.product_name %} | {% data variables.product.product_name %} |{% endif %}{% ifversion dependabot-updates-github-connect %}
{% data variables.product.prodname_dependabot_updates %} | Dependencies and the metadata for each dependency's repository<br><br>If a dependency is stored in a private repository on {% data variables.product.prodname_dotcom_the_website %}, data will only be transmitted if {% data variables.product.prodname_dependabot %} is configured and authorized to access that repository. | From {% data variables.product.prodname_dotcom_the_website %} to {% data variables.product.product_name %} | {% data variables.product.product_name %} {% endif %}
{% data variables.product.prodname_dotcom_the_website %} actions | Name of action, action (YAML file from {% data variables.product.prodname_marketplace %}) | From {% data variables.product.prodname_dotcom_the_website %} to {% data variables.product.product_name %}<br><br>From {% data variables.product.product_name %} to {% data variables.product.prodname_dotcom_the_website %} | {% data variables.product.product_name %}{% ifversion server-statistics %}
{% data variables.product.prodname_server_statistics %} | Aggregate {% data variables.product.prodname_ghe_server %} usage metrics<br>For the list of aggregate metrics collected, see "[{% data variables.product.prodname_server_statistics %} data collected](/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics#server-statistics-data-collected)." | From {% data variables.product.product_name %} to {% data variables.product.prodname_ghe_cloud %} | {% data variables.product.prodname_ghe_cloud %}{% endif %}
{% data variables.product.prodname_server_statistics %} | Aggregate metrics about your usage of {% data variables.product.prodname_ghe_server %}. For the complete list of metrics, see "[About {% data variables.product.prodname_server_statistics %}](/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/about-server-statistics#server-statistics-data-collected)." | From {% data variables.product.product_name %} to {% data variables.product.prodname_ghe_cloud %} | {% data variables.product.prodname_ghe_cloud %}{% endif %}
Unified search | Search terms, search results | From {% data variables.product.prodname_dotcom_the_website %} to {% data variables.product.product_name %}<br><br>From {% data variables.product.product_name %} to {% data variables.product.prodname_dotcom_the_website %} | {% data variables.product.product_name %} |
Unified contributions | Contribution counts | From {% data variables.product.product_name %} to {% data variables.product.prodname_dotcom_the_website %} | {% data variables.product.prodname_dotcom_the_website %} |

2
translations/ja-JP/content/admin/configuration/configuring-your-enterprise/command-line-utilities.md
Просмотреть файл

@ -672,7 +672,7 @@ ghe-repo <em>ユーザ名</em>/<em>reponame</em>
{% warning %}
**Warning**: Before using the `--prune` argument to remove unreachable Git objects, put {% data variables.product.product_location %} into maintenance mode, or ensure the repository is offline. 詳しい情報については"[メンテナンスモードの有効化とスケジューリング](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode)"を参照してください。
**Warning**: Before using the `--prune` argument to remove unreachable Git objects, put {% data variables.product.product_location %} into maintenance mode, or ensure all repositories within the same repository network are locked. 詳しい情報については"[メンテナンスモードの有効化とスケジューリング](/admin/configuration/configuring-your-enterprise/enabling-and-scheduling-maintenance-mode)"を参照してください。
{% endwarning %}

19
translations/ja-JP/content/admin/configuration/configuring-your-enterprise/restricting-network-traffic-to-your-enterprise.md
Просмотреть файл

@ -31,12 +31,15 @@ Azure NSG を使用したインスタンスレベルの制限については、E
## 許可 IP アドレスを追加する
{% data reusables.identity-and-permissions.about-adding-ip-allow-list-entries %}
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.security-tab %}
{% data reusables.identity-and-permissions.ip-allow-lists-add-ip %}
{% data reusables.identity-and-permissions.ip-allow-lists-add-description %}
{% data reusables.identity-and-permissions.ip-allow-lists-add-entry %}
{% data reusables.identity-and-permissions.check-ip-address %}
## {% data variables.product.prodname_github_apps %}によるアクセスの許可
@ -44,6 +47,8 @@ Azure NSG を使用したインスタンスレベルの制限については、E
## 許可 IP アドレスを有効化する
{% data reusables.identity-and-permissions.about-enabling-allowed-ip-addresses %}
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.security-tab %}
@ -52,6 +57,8 @@ Azure NSG を使用したインスタンスレベルの制限については、E
## 許可 IP アドレスを編集する
{% data reusables.identity-and-permissions.about-editing-ip-allow-list-entries %}
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.security-tab %}
@ -59,6 +66,18 @@ Azure NSG を使用したインスタンスレベルの制限については、E
{% data reusables.identity-and-permissions.ip-allow-lists-edit-ip %}
{% data reusables.identity-and-permissions.ip-allow-lists-edit-description %}
8. [**Update**] をクリックします。
{% data reusables.identity-and-permissions.check-ip-address %}
{% ifversion ip-allow-list-address-check %}
## Checking if an IP address is permitted
{% data reusables.identity-and-permissions.about-checking-ip-address %}
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.security-tab %}
{% data reusables.identity-and-permissions.check-ip-address-step %}
{% endif %}
## 許可 IP アドレスを削除する

2
translations/ja-JP/content/admin/enterprise-management/configuring-high-availability/creating-a-high-availability-replica.md
Просмотреть файл

@ -20,7 +20,7 @@ shortTitle: Create HA replica
## High Availabilityレプリカの作成
1. 新しい {% data variables.product.prodname_ghe_server %} アプライアンスを希望するプラットフォームにセットアップします。 レプリカアプライアンスのCPU、RAM、ストレージ設定は、プライマリアプライアンスと同じにするべきです。 レプリカアプライアンスは、独立した環境にインストールすることをお勧めします。 下位層のハードウェア、ソフトウェア、ネットワークコンポーネントは、プライマリアプライアンスのそれらとは分離されているべきです。 クラウドプロバイダを利用している場合には、別個のリージョンもしくはゾーンを使ってください。 詳細は「["{% data variables.product.prodname_ghe_server %} インスタンスをセットアップする](/enterprise/admin/guides/installation/setting-up-a-github-enterprise-server-instance)」を参照してください。
1. Ensure that both the primary appliance and the new replica appliance can communicate with each other over ports 122/TCP and 1194/UDP. 詳しい情報については"[ネットワークポート](/admin/configuration/configuring-network-settings/network-ports#administrative-ports)"を参照してください。
1. Ensure that the new appliance can communicate with all other appliances in this high availability environment over ports 122/TCP and 1194/UDP. 詳しい情報については"[ネットワークポート](/admin/configuration/configuring-network-settings/network-ports#administrative-ports)"を参照してください。
1. ブラウザで新しいレプリカアプライアンスのIPアドレスにアクセスして、所有する{% data variables.product.prodname_enterprise %}のライセンスをアップロードしてください。
{% data reusables.enterprise_installation.replica-steps %}
1. SSHを使ってレプリカアプライアンスのIPアドレスに接続してください。

8
translations/ja-JP/content/admin/identity-and-access-management/managing-iam-for-your-enterprise/about-authentication-for-your-enterprise.md
Просмотреть файл

@ -45,7 +45,7 @@ If you use a standalone organization with {% data variables.product.product_name
### Authentication with {% data variables.product.prodname_emus %} and federation
If you need more control of the accounts for your enterprise members on {% data variables.product.product_location %}, you can use {% data variables.product.prodname_emus %}. With {% data variables.product.prodname_emus %}, you provision and manage accounts for your enterprise members on {% data variables.product.product_location %} using your IdP. Each member signs into an account that you create, and your enterprise manages the account. Contributions to the rest of {% data variables.product.prodname_dotcom_the_website %} are restricted. For more information, see "[About {% data variables.product.prodname_emus %}](/admin/identity-and-access-management/using-enterprise-managed-users-and-saml-for-iam/about-enterprise-managed-users)."
If you need more control of the accounts for your enterprise members on {% data variables.product.product_location %}, you can use {% data variables.product.prodname_emus %}. With {% data variables.product.prodname_emus %}, you provision and manage accounts for your enterprise members on {% data variables.product.product_location %} using your IdP. Each member signs into an account that you create, and your enterprise manages the account. Contributions to the rest of {% data variables.product.prodname_dotcom_the_website %} are restricted. 詳しい情報については「[{% data variables.product.prodname_emus %}について](/admin/identity-and-access-management/using-enterprise-managed-users-and-saml-for-iam/about-enterprise-managed-users)」を参照してください。
## Identifying the best authentication method for your enterprise
@ -82,7 +82,11 @@ These restrictions are unacceptable for some enterprises. To determine whether {
### Do your developers rely on collaboration outside of your enterprise?
{% data variables.product.prodname_managed_users_caps %} can only contribute to repositories within your enterprise. If your developers need to collaborate in repositories outside your enterprise, even private repositories, to complete their work, {% data variables.product.prodname_emus %} may not be right for your enterprise, and SAML SSO may be a better solution.
{% data variables.product.prodname_managed_users_caps %} can only contribute to repositories within your enterprise. If your developers must contribute to both repositories within and outside of your enterprise, including private repositories, {% data variables.product.prodname_emus %} may not be right for your enterprise. SAML SSO may be a better solution.
Some companies maintain repositories within an existing enterprise using SAML SSO on {% data variables.product.product_location %}, and also create an {% data variables.product.prodname_emu_enterprise %}. Developers who contribute to repositories owned by both enterprises from a single workstation must switch between the accounts on {% data variables.product.product_location %} within a single browser, or use a different browser for each account. The developer may also need to customize the workstation's Git configuration to accommodate the two accounts. The complexity of this workflow can increase the risk of mistakenly leaking internal code to the public.
If you decide to create an {% data variables.product.prodname_emu_enterprise %} but require that developers contribute to resources outside of the enterprise from a single workstation, you can provide support for switching between the accounts in a developer's local Git configuration. 詳しい情報については「[{% data variables.product.prodname_emus %}について](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users#supporting-developers-with-multiple-user-accounts-on-githubcom)」を参照してください。
### Does your enterprise rely on outside collaborators?

2
translations/ja-JP/content/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/accessing-your-enterprise-account-if-your-identity-provider-is-unavailable.md
Просмотреть файл

@ -15,7 +15,7 @@ permissions: Enterprise owners can use a recovery code to access an enterprise a
You can use a recovery code to access your enterprise account when an authentication configuration error or an issue with your identity provider (IdP) prevents you from using SSO.
In order to access your enterprise account this way, you must have previously downloaded and stored the recovery codes for your enterprise. For more information, see "[Downloading your enterprise account's single sign-on recovery codes](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes)."
In order to access your enterprise account this way, you must have previously downloaded and stored the recovery codes for your enterprise. 詳しい情報については「[Enterpriseアカウントのシングルサインオンリカバリコードのダウンロード](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes)」を参照してください。
{% data reusables.saml.recovery-code-caveats %}

13
translations/ja-JP/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md
Просмотреть файл

@ -36,8 +36,6 @@ You can grant {% data variables.product.prodname_managed_users %} access to and
The usernames of your enterprise's {% data variables.product.prodname_managed_users %} and their profile information, such as display names and email addresses, are set by through your IdP and cannot be changed by the users themselves. For more information, see "[Usernames and profile information](#usernames-and-profile-information)."
{% data reusables.enterprise-accounts.emu-forks %}
Enterprise owners can audit all of the {% data variables.product.prodname_managed_users %}' actions on {% data variables.product.prodname_dotcom %}. For more information, see "[Audit log events for your enterprise](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise#about-audit-log-events-for-your-enterprise)."
To use {% data variables.product.prodname_emus %}, you need a separate type of enterprise account with {% data variables.product.prodname_emus %} enabled. For more information about creating this account, see "[About enterprises with managed users](#about-enterprises-with-managed-users)."
@ -75,7 +73,8 @@ To use {% data variables.product.prodname_emus %}, you need a separate type of e
* {% data variables.product.prodname_managed_users_caps %} cannot create gists or comment on gists.
* {% data variables.product.prodname_managed_users_caps %} cannot install {% data variables.product.prodname_github_apps %} on their user accounts.
* Other {% data variables.product.prodname_dotcom %} users cannot see, mention, or invite a {% data variables.product.prodname_managed_user %} to collaborate.
* {% data variables.product.prodname_managed_users_caps %} can only own private repositories and {% data variables.product.prodname_managed_users %} can only invite other enterprise members to collaborate on their owned repositories.
* You can choose whether {% data variables.product.prodname_managed_users %} are able to create repositories owned by their user accounts. 詳しい情報については、「[Enterprise でのリポジトリ管理ポリシーを適用する](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-creation)」を参照してください。
* If you allow {% data variables.product.prodname_managed_users %} to create repositories owned by their user accounts, they can only own private repositories and can only invite other enterprise members to collaborate on their user-owned repositories.
* {% data reusables.enterprise-accounts.emu-forks %}
* Only private and internal repositories can be created in organizations owned by an {% data variables.product.prodname_emu_enterprise %}, depending on organization and enterprise repository visibility settings.
* {% data variables.product.prodname_managed_users_caps %} are limited in their use of {% data variables.product.prodname_pages %}. 詳しい情報については、「[{% data variables.product.prodname_pages %} について](/pages/getting-started-with-github-pages/about-github-pages#limitations-for-enterprise-managed-users)」を参照してください。
@ -113,6 +112,8 @@ Before your developers can use {% data variables.product.prodname_ghe_cloud %} w
5. Once authentication and provisioning are configured, you can start provisioning members and managing teams. For more information, see "[Managing team memberships with identity provider groups](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups)."
If members of your enterprise must use one workstation to contribute to repositories on {% data variables.product.product_location %} from both a {% data variables.product.prodname_managed_user %} and a personal account, you can provide support. For more information, see "[Supporting developers with multiple user accounts on {% data variables.product.prodname_dotcom_the_website %}](#supporting-developers-with-multiple-user-accounts-on-githubcom)."
## {% data variables.product.prodname_managed_user %} として認証を行う
{% data variables.product.prodname_managed_users_caps %} must authenticate through their identity provider. To authenticate, a {% data variables.product.prodname_managed_user %} can visit their IdP application portal or use the login page on {% data variables.product.prodname_dotcom_the_website %}.
@ -132,3 +133,9 @@ Before your developers can use {% data variables.product.prodname_ghe_cloud %} w
A conflict may occur when provisioning users if the unique parts of the identifier provided by your IdP are removed during normalization. If you're unable to provision a user due to a username conflict, you should modify the username provided by your IdP. For more information, see "[Resolving username conflicts](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication#resolving-username-conflicts)."
The profile name and email address of a {% data variables.product.prodname_managed_user %} is also provided by the IdP. {% data variables.product.prodname_managed_users_caps %} cannot change their profile name or email address on {% data variables.product.prodname_dotcom %}, and the IdP can only provide a single email address.
## Supporting developers with multiple user accounts on {% data variables.product.product_location %}
People on your team may need to contribute to resources on {% data variables.product.product_location %} that are outside of your {% data variables.product.prodname_emu_enterprise %}. For example, you may wish to maintain a separate enterprise for your company's open source projects. Because a {% data variables.product.prodname_managed_user %} cannot contribute to public resources, users will need to maintain a separate, personal account for this work.
People who must contribute from two user accounts on {% data variables.product.product_location %} using one workstation can configure Git to simplify the process. For more information, see "[Managing multiple accounts](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/managing-multiple-accounts)."

6
translations/ja-JP/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-support-for-your-idps-conditional-access-policy.md
Просмотреть файл

@ -22,9 +22,11 @@ CAP support is enabled automatically for any {% data variables.product.prodname_
For more information about using OIDC with {% data variables.product.prodname_emus %}, see "[Configuring OIDC for Enterprise Managed Users](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/configuring-oidc-for-enterprise-managed-users)" and "[Migrating from SAML to OIDC](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/migrating-from-saml-to-oidc)."
## About using CAP with IP allow lists
{% note %}
We recommend disabling your enterprise account's IP allow list and relying on your IdP's CAP. If you enable IP allow lists for your enterprise and also make use of your IdP's CAP, both the IP allow list and CAP will be enforced. If either restriction rejects a user's IP address, the request fails. For more information about IP allow lists, see "[Enforcing policies for security settings in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-allowed-ip-addresses-for-organizations-in-your-enterprise)."
**Note:** If you use Conditional Access (CA) network location policies in your Azure AD tenant, do not use the IP allow list feature on {% data variables.product.prodname_dotcom_the_website %}, with your enterprise account or with any of the organizations owned by the enterprise. Using both is unsupported and can result in the wrong policy applying. For more information about IP allow lists, see "[Enforcing security settings in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-allowed-ip-addresses-for-organizations-in-your-enterprise)" and "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization)."
{% endnote %}
## Considerations for integrations and automations

3
translations/ja-JP/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/migrating-from-saml-to-oidc.md
Просмотреть файл

@ -26,11 +26,12 @@ If you're new to {% data variables.product.prodname_emus %} and haven't yet conf
{% note %}
**Note:** To sign in as the setup user, you will need a recovery code. If you do not already have your recovery codes, you can access the codes while signed in as an enterprise owner. For more information, see "[Downloading your enterprise account's single sign-on recovery codes](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes)."
**Note:** To sign in as the setup user, you will need a recovery code. If you do not already have your recovery codes, you can access the codes while signed in as an enterprise owner. 詳しい情報については「[Enterpriseアカウントのシングルサインオンリカバリコードのダウンロード](/admin/identity-and-access-management/managing-recovery-codes-for-your-enterprise/downloading-your-enterprise-accounts-single-sign-on-recovery-codes)」を参照してください。
{% endnote %}
1. Before you begin the migration, sign in to Azure and disable provisioning in the existing {% data variables.product.prodname_emu_idp_application %} application.
1. If you use [Conditional Access (CA) network location policies](https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition) in Azure AD, and you're currently using an IP allow list with your enterprise account or any of the organizations owned by the enterprise account on {% data variables.product.prodname_dotcom_the_website %}, disable the IP allow lists. For more information, see "[Enforcing security settings in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-allowed-ip-addresses-for-organizations-in-your-enterprise)" and "[Managing allowed IP addresses for your organization](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization)."
1. Sign into {% data variables.product.prodname_dotcom_the_website %} as the setup user for your enterprise with the username **@<em>SHORT-CODE</em>_admin**.
1. When prompted to continue to your identity provider, click **Use a recovery code** and sign in using one of your enterprise's recovery codes.
{% data reusables.enterprise-accounts.access-enterprise %}

2
translations/ja-JP/content/admin/identity-and-access-management/using-saml-for-enterprise-iam/saml-configuration-reference.md
Просмотреть файл

@ -77,7 +77,7 @@ The following SAML attributes are available for {% data variables.product.produc
| Name | Required? | Description |
| :- | :- | :- |
| `NameID` | Yes | A persistent user identifier. Any persistent name identifier format may be used. {% ifversion ghec %}If you use an enterprise with {% data variables.product.prodname_emus %}, {% endif %}{% data variables.product.product_name %} will normalize the `NameID` element to use as a username unless one of the alternative assertions is provided. For more information, see "[Username considerations for external authentication](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication)." |
| `NameID` | Yes | A persistent user identifier. Any persistent name identifier format may be used. {% ifversion ghec %}If you use an enterprise with {% data variables.product.prodname_emus %}, {% endif %}{% data variables.product.product_name %} will normalize the `NameID` element to use as a username unless one of the alternative assertions is provided. For more information, see "[Username considerations for external authentication](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication)."<br><br>{% note %}**Note:** It's important to use a human-readable, persistent identifier. Using a transient identifier format like `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` will result in re-linking of accounts on every sign-in, which can be detrimental to authorization management.{% endnote %} |
| `SessionNotOnOrAfter` | No | The date that {% data variables.product.product_name %} invalidates the associated session. After invalidation, the person must authenticate once again to access {% ifversion ghec or ghae %}your enterprise's resources{% elsif ghes %}{% data variables.product.product_location %}{% endif %}. For more information, see "[Session duration and timeout](#session-duration-and-timeout)." |
{%- ifversion ghes or ghae %}
| `administrator` | No | When the value is `true`, {% data variables.product.product_name %} will automatically promote the user to be a {% ifversion ghes %}site administrator{% elsif ghae %}enterprise owner{% endif %}. Setting this attribute to anything but `true` will result in demotion, as long as the value is not blank. Omitting this attribute or leaving the value blank will not change the role of the user. |

23
translations/ja-JP/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md
Просмотреть файл

@ -77,12 +77,15 @@ Enterprise owners can restrict access to private assets owned by organizations i
### 許可 IP アドレスを追加する
{% data reusables.identity-and-permissions.about-adding-ip-allow-list-entries %}
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.security-tab %}
{% data reusables.identity-and-permissions.ip-allow-lists-add-ip %}
{% data reusables.identity-and-permissions.ip-allow-lists-add-description %}
{% data reusables.identity-and-permissions.ip-allow-lists-add-entry %}
{% data reusables.identity-and-permissions.check-ip-address %}
### {% data variables.product.prodname_github_apps %}によるアクセスの許可
@ -90,6 +93,8 @@ Enterprise owners can restrict access to private assets owned by organizations i
### 許可 IP アドレスを有効化する
{% data reusables.identity-and-permissions.about-enabling-allowed-ip-addresses %}
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.security-tab %}
@ -98,6 +103,8 @@ Enterprise owners can restrict access to private assets owned by organizations i
### 許可 IP アドレスを編集する
{% data reusables.identity-and-permissions.about-editing-ip-allow-list-entries %}
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.security-tab %}
@ -105,6 +112,18 @@ Enterprise owners can restrict access to private assets owned by organizations i
{% data reusables.identity-and-permissions.ip-allow-lists-edit-ip %}
{% data reusables.identity-and-permissions.ip-allow-lists-edit-description %}
8. [**Update**] をクリックします。
{% data reusables.identity-and-permissions.check-ip-address %}
{% ifversion ip-allow-list-address-check %}
### Checking if an IP address is permitted
{% data reusables.identity-and-permissions.about-checking-ip-address %}
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.security-tab %}
{% data reusables.identity-and-permissions.check-ip-address-step %}
{% endif %}
### 許可 IP アドレスを削除する
@ -124,13 +143,13 @@ Enterprise owners can restrict access to private assets owned by organizations i
## Managing SSH certificate authorities for your enterprise
You can use a SSH certificate authorities (CA) to allow members of any organization owned by your enterprise to access that organization's repositories using SSH certificates you provide. {% data reusables.organizations.can-require-ssh-cert %}詳しい情報については、「[SSS 認証局について](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities)」を参照してください。
You can use a SSH certificate authorities (CA) to allow members of any organization owned by your enterprise to access that organization's repositories using SSH certificates you provide. {% data reusables.organizations.can-require-ssh-cert %}詳細については、「[SSH認証局について](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities)」を参照してください。
{% data reusables.organizations.add-extension-to-cert %}
### SSH 認証局を追加する
If you require SSH certificates for your enterprise, enterprise members should use a special URL for Git operations over SSH. 詳しい情報については、「[SSH 認証局について](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#about-ssh-urls-with-ssh-certificates)」を参照してください。
EnterpriseでSSH証明書が必要な場合、EnterpriseのメンバーはSSH経由のGitの操作に特別なURLを使わなければなりません。 詳しい情報については、「[SSH 認証局について](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#about-ssh-urls-with-ssh-certificates)」を参照してください。
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.settings-tab %}

58
translations/ja-JP/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise.md
Просмотреть файл

@ -71,24 +71,28 @@ Enterprise オーナーがメンバーによる特定のタイプのリポジト
{% endif %}
## Enforcing a policy for {% ifversion ghec or ghes or ghae %}base{% else %}default{% endif %} repository permissions
## Enforcing a policy for base repository permissions
Across all organizations owned by your enterprise, you can set a {% ifversion ghec or ghes or ghae %}base{% else %}default{% endif %} repository permission level (none, read, write, or admin) for organization members, or allow owners to administer the setting on the organization level.
Across all organizations owned by your enterprise, you can set a base repository permission level (none, read, write, or admin) for organization members, or allow owners to administer the setting on the organization level.
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.policies-tab %}
{% data reusables.enterprise-accounts.repositories-tab %}
4. Under "{% ifversion ghec or ghes or ghae %}Base{% else %}Default{% endif %} permissions", review the information about changing the setting. {% data reusables.enterprise-accounts.view-current-policy-config-orgs %}
5. Under "{% ifversion ghec or ghes or ghae %}Base{% else %}Default{% endif %} permissions", use the drop-down menu and choose a policy.
{% ifversion ghec or ghes or ghae %}
![リポジトリ権限ポリシーオプションのドロップダウンメニュー](/assets/images/help/business-accounts/repository-permissions-policy-drop-down.png)
{% else %}
![リポジトリ権限ポリシーオプションのドロップダウンメニュー](/assets/images/enterprise/business-accounts/repository-permissions-policy-drop-down.png)
{% endif %}
4. Under "Base permissions", review the information about changing the setting. {% data reusables.enterprise-accounts.view-current-policy-config-orgs %}
5. Under "Base permissions", use the drop-down menu and choose a policy. ![リポジトリ権限ポリシーオプションのドロップダウンメニュー](/assets/images/help/business-accounts/repository-permissions-policy-drop-down.png)
## Enforcing a policy for repository creation
Across all organizations owned by your enterprise, you can allow members to create repositories, restrict repository creation to organization owners, or allow owners to administer the setting on the organization level. メンバーにリポジトリの作成を許可する場合は、パブリック、プライベート、内部の各リポジトリをどう組み合わせて作成するかを任意に選択できます。 {% data reusables.repositories.internal-repo-default %} 詳しい情報については「[内部リポジトリを作成する](/articles/creating-an-internal-repository)」を参照してください。
Across all organizations owned by your enterprise, you can allow members to create repositories, restrict repository creation to organization owners, or allow owners to administer the setting on the organization level.
If you allow members to create repositories in your organizations, you can choose which types of repositories (public, private, and internal) that members can create.
{% ifversion enterprise-namespace-repo-setting %}
{% ifversion ghec %}If your enterprise uses {% data variables.product.prodname_emus %}, you{% else %}You{% endif %} can also prevent users from creating repositories owned by their user accounts.
{% endif %}
{% data reusables.repositories.internal-repo-default %} 詳しい情報については「[内部リポジトリを作成する](/articles/creating-an-internal-repository)」を参照してください。
{% data reusables.organizations.repo-creation-constants %}
@ -96,33 +100,32 @@ Across all organizations owned by your enterprise, you can allow members to crea
{% data reusables.enterprise-accounts.policies-tab %}
{% data reusables.enterprise-accounts.repositories-tab %}
5. [Repository creation] で、設定変更に関する情報を読みます。 {% data reusables.enterprise-accounts.view-current-policy-config-orgs %}
{% ifversion ghes or ghae or ghec %}
{% data reusables.enterprise-accounts.repo-creation-policy %}
{% data reusables.enterprise-accounts.repo-creation-types %}
{% else %}
6. [Repository creationリポジトリの作成] で、ドロップダウンメニューを使用してポリシーを選択します。
![リポジトリ作成ポリシーのドロップダウンメニュー](/assets/images/enterprise/site-admin-settings/repository-creation-drop-down.png)
{% endif %}
{% data reusables.enterprise-accounts.repo-creation-types %}{% ifversion enterprise-namespace-repo-setting %}
1. Optionally, {% ifversion ghec %}if your enterprise uses {% data variables.product.prodname_emus %} and you want {% endif %}to prevent enterprise members from creating repositories owned by their user accounts, select **Block the creation of user namespace repositories**. ![Screenshot showing the list of disabled options from forking policy](/assets/images/help/business-accounts/restrict-personal-namespace-enabled-setting.png){% endif %}
## Enforcing a policy for forking private or internal repositories
Enterprise が所有しているすべての Organization 全体で、ユーザーにリポジトリのフォーク用にプライベートまたは内部リポジトリへのアクセスを許可したり、プライベートまたは内部リポジトリのフォークを一切禁止したり、オーナーが Organization レベルで設定を管理できるようにしたりすることができます。
{% ifversion enterprise-namespace-repo-setting %}
{% note %}
**Note:** If {% ifversion ghec %}your enterprise uses {% data variables.product.prodname_emus %} and {% endif %}your "Repository creation" policy prevents enterprise members from creating repositories owned by their user accounts, members will not be allowed to fork a repository in their user accounts, regardless of your "Repository forking" policy.
{% endnote %}
{% endif %}
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.policies-tab %}
{% data reusables.enterprise-accounts.repositories-tab %}
3. Under "Repository forking", review the information about changing the setting. {% data reusables.enterprise-accounts.view-current-policy-config-orgs %}
4. [Repository forking] で、ドロップダウンメニューを使用してポリシーを選択します。
![リポジトリ フォーク ポリシー オプションのドロップダウンメニュー](/assets/images/help/business-accounts/repository-forking-policy-drop-down.png)
{% ifversion innersource-fork-policies %}
![リポジトリ フォーク ポリシー オプションのドロップダウンメニュー](/assets/images/help/business-accounts/repository-forking-policy-drop-down.png){% ifversion innersource-fork-policies %}
5. If forking is enabled, you can specify where users are allowed to fork repositories. Review the information about changing the setting and choose a policy.
![Screenshot showing the list of repository forking policy options](/assets/images/help/business-accounts/repository-forking-policy-settings.png)
{% endif %}
![Screenshot showing the list of repository forking policy options](/assets/images/help/business-accounts/repository-forking-policy-settings.png){% endif %}
## Enforcing a policy for inviting{% ifversion ghec %} outside{% endif %} collaborators to repositories
@ -140,8 +143,6 @@ Across all organizations owned by your enterprise, you can allow members to invi
![Drop-down menu with invitation policy options](/assets/images/enterprise/business-accounts/repository-invitation-policy-drop-down.png)
{% endif %}
{% ifversion ghec or ghes or ghae %}
## Enforcing a policy for the default branch name
Across all organizations owned by your enterprise, you can set the default branch name for any new repositories that members create. すべての Organization 全体でそのデフォルトブランチ名を施行することも、Organization ごとに異なる名前を設定することもできます。
@ -152,8 +153,6 @@ Across all organizations owned by your enterprise, you can set the default branc
4. オプションで、Enterprise のすべての Organization に対してデフォルトブランチ名を施行する場合は [**Enforce across this enterprise**] を選択します。 ![[Enforcement] チェックボックス](/assets/images/help/business-accounts/default-branch-name-enforce.png)
5. [**Update**] をクリックします。 ![[Update] ボタン](/assets/images/help/business-accounts/default-branch-name-update.png)
{% endif %}
## Enforcing a policy for changes to repository visibility
Across all organizations owned by your enterprise, you can allow members with admin access to change a repository's visibility, restrict repository visibility changes to organization owners, or allow owners to administer the setting on the organization level. メンバーがリポジトリの可視性を変更できないようにした場合、Enterprise のオーナーのみがリポジトリの可視性を変更できます。
@ -163,9 +162,8 @@ Enterprise のオーナーがリポジトリの作成を Organization のオー
{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.policies-tab %}
{% data reusables.enterprise-accounts.repositories-tab %}
5. [Repository visibility change] で、設定変更についての情報を確認します。 {% data reusables.enterprise-accounts.view-current-policy-config-orgs %}
{% data reusables.enterprise-accounts.repository-visibility-policy %}
1. [Repository visibility change] で、設定変更についての情報を確認します。 {% data reusables.enterprise-accounts.view-current-policy-config-orgs %}
1. "Repository visibility changeリポジトリの可視性の変更"の下で、ドロップダウンメニューを使ってポリシーを選択してください。 ![リポジトリの可視性のポリシーの選択肢があるドロップダウンメニュー](/assets/images/help/business-accounts/repository-visibility-policy-drop-down.png)
## Enforcing a policy for repository deletion and transfer

5
translations/ja-JP/content/authentication/connecting-to-github-with-ssh/about-ssh.md
Просмотреть файл

@ -1,6 +1,6 @@
---
title: SSH について
intro: 'SSH プロトコルを利用すれば、リモートのサーバーやサービスに接続し、認証を受けられます。 SSH キーを使用すると、アクセスのたびにユーザ名と個人アクセストークンを入力することなく {% data variables.product.product_name %} に接続できます。'
intro: 'SSH プロトコルを利用すれば、リモートのサーバーやサービスに接続し、認証を受けられます。 With SSH keys, you can connect to {% data variables.product.product_name %} without supplying your username and personal access token at each visit.{% ifversion ssh-commit-verification %} You can also use an SSH key to sign commits.{% endif %}'
redirect_from:
- /articles/about-ssh
- /github/authenticating-to-github/about-ssh
@ -16,7 +16,7 @@ topics:
{% data reusables.ssh.about-ssh %} For more information about SSH, see [Secure Shell](https://en.wikipedia.org/wiki/Secure_Shell) on Wikipedia.
When you set up SSH, you will need to generate a new private SSH key and add it to the SSH agent. You must also add the public SSH key to your account on {% data variables.product.product_name %} before you use the key to authenticate. For more information, see "[Generating a new SSH key and adding it to the ssh-agent](/github/authenticating-to-github/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent)" and "[Adding a new SSH key to your {% data variables.product.prodname_dotcom %} account](/github/authenticating-to-github/adding-a-new-ssh-key-to-your-github-account)."
When you set up SSH, you will need to generate a new private SSH key and add it to the SSH agent. You must also add the public SSH key to your account on {% data variables.product.product_name %} before you use the key to authenticate{% ifversion ssh-commit-verification %} or sign commits{% endif %}. For more information, see "[Generating a new SSH key and adding it to the ssh-agent](/github/authenticating-to-github/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent)"{% ifversion ssh-commit-verification %}, {% else %} and{% endif %} "[Adding a new SSH key to your {% data variables.product.prodname_dotcom %} account](/github/authenticating-to-github/adding-a-new-ssh-key-to-your-github-account){% ifversion ssh-commit-verification %}" and "[About commit signature verification](/articles/about-commit-signature-verification){% endif %}."
You can further secure your SSH key by using a hardware security key, which requires the physical hardware security key to be attached to your computer when the key pair is used to authenticate with SSH. You can also secure your SSH key by adding your key to the ssh-agent and using a passphrase. 詳しい情報については[SSH キーのパスフレーズを使う](/github/authenticating-to-github/working-with-ssh-key-passphrases)を参照してください。
@ -33,7 +33,6 @@ Organizations that use {% data variables.product.prodname_ghe_cloud %} can provi
{% else ghec or ghes or ghae %}
If you're a member of an organization that provides SSH certificates, you can use your certificate to access that organization's repositories without adding the certificate to your account on {% data variables.product.product_name %}. You cannot use your certificate to access forks of the organization's repositories, if the forks is owned by your personal account. 詳しい情報については「[SSH認証局について](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities)」を参照してください。
{% endif %}
## 参考リンク
- [SSH のトラブルシューティング](/articles/troubleshooting-ssh)

112
translations/ja-JP/content/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account.md
Просмотреть файл

@ -19,6 +19,8 @@ shortTitle: Add a new SSH key
{% data reusables.ssh.about-ssh %} For more information, see "[About SSH](/authentication/connecting-to-github-with-ssh/about-ssh)."
{% ifversion ssh-commit-verification %}You can also use SSH to sign commits and tags. For more information about commit signing, see "[About commit signature verification](/articles/about-commit-signature-verification)."{% endif %}
After you generate an SSH key pair, you must add the public key to {% ifversion fpt or ghec or ghes %}{% data variables.product.product_location %}{% elsif ghae %}{% data variables.product.product_name %}{% endif %} to enable SSH access for your account.
## 必要な環境
@ -30,111 +32,45 @@ Before adding a new SSH key to your account on {% ifversion ghae %}{% data varia
## Adding a new SSH key to your account
After adding a new SSH key to your account on {% ifversion ghae %}{% data variables.product.product_name %}{% else %}{% data variables.product.product_location %}{% endif %}, you can reconfigure any local repositories to use SSH. 詳しい情報については[リモート URL の HTTPS から SSH への切り替え](/github/getting-started-with-github/managing-remote-repositories/#switching-remote-urls-from-https-to-ssh)を参照してください。
After adding a new SSH authentication key to your account on {% ifversion ghae %}{% data variables.product.product_name %}{% else %}{% data variables.product.product_location %}{% endif %}, you can reconfigure any local repositories to use SSH. 詳しい情報については[リモート URL の HTTPS から SSH への切り替え](/github/getting-started-with-github/managing-remote-repositories/#switching-remote-urls-from-https-to-ssh)を参照してください。
{% data reusables.ssh.key-type-support %}
{% mac %}
{% webui %}
1. SSH 公開鍵をクリップボードにコピーします。
SSH 公開鍵のファイル名がサンプルコードと異なる場合は、現在の設定に一致するようにファイル名を変更してください。 キーをコピーする際には、改行や空白を追加しないでください。
```shell
$ pbcopy &lt; ~/.ssh/id_{% ifversion ghae %}rsa{% else %}ed25519{% endif %}.pub
# Copies the contents of the id_{% ifversion ghae %}rsa{% else %}ed25519{% endif %}.pub file to your clipboard
```
{% tip %}
**ヒント:** `pbcopy` がうまく動作しない場合は、隠れフォルダ `.ssh` にアクセスし、使い慣れたテキストエディタでこのファイルを開き、クリップボードにコピーしてください。
{% endtip %}
{% data reusables.gpg.copy-ssh-public-key %}
{% data reusables.user-settings.access_settings %}
{% data reusables.user-settings.ssh %}
4. [**New SSH key**] または [**Add SSH key**] をクリックします。 ![SSH キーボタン](/assets/images/help/settings/ssh-add-ssh-key.png)
5. [Title] フィールドで、新しいキーを説明するラベルを追加します。 たとえば、個人のMacを使っているなら、このキーを「Personal MacBook Air」とすることができるでしょう。
6. キーを [Key] フィールドに貼り付けます。 ![キーフィールド](/assets/images/help/settings/ssh-key-paste.png)
7. **[Add SSH key]** をクリックしてください。 ![キーの追加ボタン](/assets/images/help/settings/ssh-add-key.png)
4. [**New SSH key**] または [**Add SSH key**] をクリックします。
{% ifversion ssh-commit-verification %}
![SSH キーボタン](/assets/images/help/settings/ssh-add-ssh-key-with-auth.png)
{% else %}
![SSH キーボタン](/assets/images/help/settings/ssh-add-ssh-key.png)
{% endif %}
5. [Title] フィールドで、新しいキーを説明するラベルを追加します。 For example, if you're using a personal laptop, you might call this key "Personal laptop".
{% ifversion ssh-commit-verification %}
6. Select the type of key, either authentication or signing. For more information about commit signing, see "[About commit signature verification](/articles/about-commit-signature-verification)."
{% endif %}
7. キーを [Key] フィールドに貼り付けます。
{% ifversion ssh-commit-verification %}
![キーフィールド](/assets/images/help/settings/ssh-key-paste-with-type.png)
{% else %}
![キーフィールド](/assets/images/help/settings/ssh-key-paste.png)
{% endif %}
8. **[Add SSH key]** をクリックしてください。 ![キーの追加ボタン](/assets/images/help/settings/ssh-add-key.png)
{% data reusables.user-settings.sudo-mode-popup %}
{% endwebui %}
{% endmac %}
{% windows %}
{% webui %}
1. SSH 公開鍵をクリップボードにコピーします。
SSH 公開鍵のファイル名がサンプルコードと異なる場合は、現在の設定に一致するようにファイル名を変更してください。 キーをコピーする際には、改行や空白を追加しないでください。
```shell
$ clip &lt; ~/.ssh/id_{% ifversion ghae %}rsa{% else %}ed25519{% endif %}.pub
# Copies the contents of the id_{% ifversion ghae %}rsa{% else %}ed25519{% endif %}.pub file to your clipboard
```
{% tip %}
**ヒント:** `clip` がうまく動作しない場合は、隠しフォルダ `.ssh` にアクセスし、使い慣れたテキストエディタでこのファイルを開き、クリップボードにコピーしてください。
{% endtip %}
{% data reusables.user-settings.access_settings %}
{% data reusables.user-settings.ssh %}
4. [**New SSH key**] または [**Add SSH key**] をクリックします。 ![SSH キーボタン](/assets/images/help/settings/ssh-add-ssh-key.png)
5. [Title] フィールドで、新しいキーを説明するラベルを追加します。 たとえば、個人のMacを使っているなら、このキーを「Personal MacBook Air」とすることができるでしょう。
6. キーを [Key] フィールドに貼り付けます。 ![キーフィールド](/assets/images/help/settings/ssh-key-paste.png)
7. **[Add SSH key]** をクリックしてください。 ![キーの追加ボタン](/assets/images/help/settings/ssh-add-key.png)
{% data reusables.user-settings.sudo-mode-popup %}
{% endwebui %}
{% endwindows %}
{% linux %}
{% webui %}
1. SSH 公開鍵をクリップボードにコピーします。
SSH 公開鍵のファイル名がサンプルコードと異なる場合は、現在の設定に一致するようにファイル名を変更してください。 キーをコピーする際には、改行や空白を追加しないでください。
```shell
$ cat ~/.ssh/id_{% ifversion ghae %}rsa{% else %}ed25519{% endif %}.pub
# Then select and copy the contents of the id_{% ifversion ghae %}rsa{% else %}ed25519{% endif %}.pub file
# displayed in the terminal to your clipboard
```
{% tip %}
**Tip:** Alternatively, you can locate the hidden `.ssh` folder, open the file in your favorite text editor, and copy it to your clipboard.
{% endtip %}
{% data reusables.user-settings.access_settings %}
{% data reusables.user-settings.ssh %}
4. [**New SSH key**] または [**Add SSH key**] をクリックします。 ![SSH キーボタン](/assets/images/help/settings/ssh-add-ssh-key.png)
5. [Title] フィールドで、新しいキーを説明するラベルを追加します。 たとえば、個人のMacを使っているなら、このキーを「Personal MacBook Air」とすることができるでしょう。
6. キーを [Key] フィールドに貼り付けます。 ![キーフィールド](/assets/images/help/settings/ssh-key-paste.png)
7. **[Add SSH key]** をクリックしてください。 ![キーの追加ボタン](/assets/images/help/settings/ssh-add-key.png)
{% data reusables.user-settings.sudo-mode-popup %}
{% endwebui %}
{% endlinux %}
{% cli %}
{% data reusables.cli.cli-learn-more %}
Before you can use the {% data variables.product.prodname_cli %} to add an SSH key to your account, you must authenticate to the {% data variables.product.prodname_cli %}. For more information, see [`gh auth login`](https://cli.github.com/manual/gh_auth_login) in the {% data variables.product.prodname_cli %} documentation.
To add an SSH key to your GitHub account, use the `ssh-key add` subcommand, specifying your public key.
{% ifversion ssh-commit-verification %}At present, you can only use {% data variables.product.prodname_cli %} to add SSH authentication keys, you cannot add SSH signing keys.{% endif %}
To add an SSH authentication key to your GitHub account, use the `ssh-key add` subcommand, specifying your public key.
```shell
gh ssh-key add <em>key-file</em>

83
translations/ja-JP/content/authentication/managing-commit-signature-verification/about-commit-signature-verification.md
Просмотреть файл

@ -1,6 +1,6 @@
---
title: About commit signature verification
intro: 'Using GPG or S/MIME, you can sign tags and commits locally. These tags or commits are marked as verified on {% data variables.product.product_name %} so other people can be confident that the changes come from a trusted source.'
title: コミット署名の検証について
intro: 'Using GPG{% ifversion ssh-commit-verification %}, SSH,{% endif %} or S/MIME, you can sign tags and commits locally. これらのタグやコミットは {% data variables.product.product_name %} で検証済みとしてマークされているため、他のユーザはその変更が信頼できるソースからのものであると確信できます。'
redirect_from:
- /articles/about-gpg-commit-and-tag-signatures
- /articles/about-gpg
@ -17,11 +17,20 @@ topics:
- Access management
shortTitle: Commit signature verification
---
## About commit signature verification
You can sign commits and tags locally, to give other people confidence about the origin of a change you have made. If a commit or tag has a GPG or S/MIME signature that is cryptographically verifiable, GitHub marks the commit or tag {% ifversion fpt or ghec %}"Verified" or "Partially verified."{% else %}"Verified."{% endif %}
## コミット署名の検証について
![Verified commit](/assets/images/help/commits/verified-commit.png)
コミットとタグにローカルで署名して、行った変更の根拠を他のユーザに信頼してもらうことができます。 If a commit or tag has a GPG{% ifversion ssh-commit-verification %}, SSH,{% endif %} or S/MIME signature that is cryptographically verifiable, {% data variables.product.product_name %} marks the commit or tag {% ifversion fpt or ghec %}"Verified" or "Partially verified."{% else %}"Verified."{% endif %}
![検証されたコミット](/assets/images/help/commits/verified-commit.png)
{% ifversion ghes or ghae %}
If a commit or tag has a signature that can't be verified, {% data variables.product.product_name %} marks the commit or tag "Unverified."
{% endif %}
{% ifversion ssh-commit-verification %}
For most individual users, GPG or SSH will be the best choice for signing commits. S/MIME signatures are usually required in the context of a larger organization. SSH signatures are the simplest to generate. You can even upload your existing authentication key to {% data variables.product.product_name %} to also use as a signing key. Generating a GPG signing key is more involved than generating an SSH key, but GPG has features that SSH does not. A GPG key can expire or be revoked when no longer used. {% data variables.product.product_name %} shows commits that were signed with such a key as "Verified" unless the key was marked as compromised. SSH keys don't have this capability.
{% endif %}
{% ifversion fpt or ghec %}
Commits and tags have the following verification statuses, depending on whether you have enabled vigilant mode. By default vigilant mode is not enabled. For information on how to enable vigilant mode, see "[Displaying verification statuses for all of your commits](/github/authenticating-to-github/displaying-verification-statuses-for-all-of-your-commits)."
@ -30,27 +39,26 @@ Commits and tags have the following verification statuses, depending on whether
Signing commits differs from signing off on a commit. For more information about signing off on commits, see "[Managing the commit signoff policy for your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-the-commit-signoff-policy-for-your-repository)."
### Default statuses
### デフォルトのステータス
| Status | Description |
| -------------- | ----------- |
| **Verified** | The commit is signed and the signature was successfully verified.
| **Unverified** | The commit is signed but the signature could not be verified.
| No verification status | The commit is not signed.
| 状況 | 説明 |
| ---------------------- | ----------------------------- |
| **Verified** | コミットが署名され、署名が正常に検証されました。 |
| **Unverified** | コミットは署名されていますが、署名を検証できませんでした。 |
| No verification status | コミットが署名されていません。 |
### Signature verification for rebase and merge
{% data reusables.pull_requests.rebase_and_merge_verification %}
For more information, see "[Rebasing and merging your commits](/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/about-merge-methods-on-github#rebasing-and-merging-your-commits)."
### Statuses with vigilant mode enabled
### 警戒モードが有効になっているステータス
{% data reusables.identity-and-permissions.vigilant-mode-verification-statuses %}
{% else %}
If a commit or tag has a signature that can't be verified, {% data variables.product.product_name %} marks the commit or tag "Unverified."
{% endif %}
Repository administrators can enforce required commit signing on a branch to block all commits that are not signed and verified. For more information, see "[About protected branches](/github/administering-a-repository/about-protected-branches#require-signed-commits)."
{% data reusables.identity-and-permissions.verification-status-check %}
@ -59,10 +67,10 @@ Repository administrators can enforce required commit signing on a branch to blo
{% ifversion ghes %}If a site administrator has enabled web commit signing, {% data variables.product.product_name %} will automatically use GPG to sign commits you make using the web interface. Commits signed by {% data variables.product.product_name %} will have a verified status. You can verify the signature locally using the public key available at `https://HOSTNAME/web-flow.gpg`. For more information, see "[Configuring web commit signing](/admin/configuration/configuring-your-enterprise/configuring-web-commit-signing)."
{% else %}{% data variables.product.prodname_dotcom %} will automatically use GPG to sign commits you make using the web interface. Commits signed by {% data variables.product.prodname_dotcom %} will have a verified status. You can verify the signature locally using the public key available at https://github.com/web-flow.gpg. The full fingerprint of the key is `5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23`.
You can optionally choose to have {% data variables.product.prodname_dotcom %} sign commits you make in {% data variables.product.prodname_github_codespaces %}. For more information about enabling GPG verification for your codespaces, see "[Managing GPG verification for {% data variables.product.prodname_github_codespaces %}](/codespaces/managing-your-codespaces/managing-gpg-verification-for-github-codespaces)."{% endif %}
You can optionally choose to have {% data variables.product.prodname_dotcom %} GPG sign commits you make in {% data variables.product.prodname_github_codespaces %}. For more information about enabling GPG verification for your codespaces, see "[Managing GPG verification for {% data variables.product.prodname_github_codespaces %}](/codespaces/managing-your-codespaces/managing-gpg-verification-for-github-codespaces)."{% endif %}
{% endif %}
## GPG commit signature verification
## GPG コミット署名の検証
You can use GPG to sign commits with a GPG key that you generate yourself.
@ -70,13 +78,32 @@ You can use GPG to sign commits with a GPG key that you generate yourself.
To sign commits using GPG and have those commits verified on {% data variables.product.product_name %}, follow these steps:
1. [Check for existing GPG keys](/articles/checking-for-existing-gpg-keys)
2. [Generate a new GPG key](/articles/generating-a-new-gpg-key)
1. [既存の GPG キーがあるかチェックする](/articles/checking-for-existing-gpg-keys)
2. [新しい GPG キーを生成する](/articles/generating-a-new-gpg-key)
3. [Add a GPG key to your GitHub account](/articles/adding-a-gpg-key-to-your-github-account)
4. [Tell Git about your signing key](/articles/telling-git-about-your-signing-key)
5. [Sign commits](/articles/signing-commits)
6. [Sign tags](/articles/signing-tags)
4. [Git へ署名キーを伝える](/articles/telling-git-about-your-signing-key)
5. [コミットに署名する](/articles/signing-commits)
6. [タグに署名する](/articles/signing-tags)
{% ifversion ssh-commit-verification %}
## SSH commit signature verification
You can use SSH to sign commits with an SSH public key that you generate yourself. If you already use an SSH key to authenticate with {% data variables.product.product_name %}, you can also upload that same key again for use as a signing key. There's no limit on the number of signing keys you can add to your account.
{% data variables.product.product_name %} uses [ssh_data](https://github.com/github/ssh_data), an open source Ruby library, to confirm that your locally signed commits and tags are cryptographically verifiable against a public key you have added to your account on {% ifversion ghae %}{% data variables.product.product_name %}{% else %}{% data variables.product.product_location %}{% endif %}.
{% data reusables.gpg.ssh-git-version %}
To sign commits using SSH and have those commits verified on {% data variables.product.product_name %}, follow these steps:
1. [Check for existing SSH keys](/articles/checking-for-existing-ssh-keys)
2. [Generate a new SSH key](/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent)
3. [Add a SSH signing key to your GitHub account](/articles/adding-a-new-ssh-key-to-your-github-account)
4. [Git へ署名キーを伝える](/articles/telling-git-about-your-signing-key)
5. [コミットに署名する](/articles/signing-commits)
6. [タグに署名する](/articles/signing-tags)
{% endif %}
## S/MIME commit signature verification
You can use S/MIME to sign commits with an X.509 key issued by your organization.
@ -87,9 +114,9 @@ You can use S/MIME to sign commits with an X.509 key issued by your organization
To sign commits using S/MIME and have those commits verified on {% data variables.product.product_name %}, follow these steps:
1. [Tell Git about your signing key](/articles/telling-git-about-your-signing-key)
2. [Sign commits](/articles/signing-commits)
3. [Sign tags](/articles/signing-tags)
1. [Git へ署名キーを伝える](/articles/telling-git-about-your-signing-key)
2. [コミットに署名する](/articles/signing-commits)
3. [タグに署名する](/articles/signing-tags)
You don't need to upload your public key to {% data variables.product.product_name %}.
@ -101,8 +128,8 @@ Organizations and {% data variables.product.prodname_github_apps %} that require
Signature verification for bots will only work if the request is verified and authenticated as the {% data variables.product.prodname_github_app %} or bot and contains no custom author information, custom committer information, and no custom signature information, such as Commits API.
{% endif %}
## Further reading
## 参考リンク
- "[Signing commits](/articles/signing-commits)"
- "[Signing tags](/articles/signing-tags)"
- "[Troubleshooting commit signature verification](/articles/troubleshooting-commit-signature-verification)"
- 「[コミットに署名する](/articles/signing-commits)」
- 「[タグに署名する](/articles/signing-tags)」
- 「[コミット署名検証のトラブルシューティング](/articles/troubleshooting-commit-signature-verification)」

2
translations/ja-JP/content/authentication/managing-commit-signature-verification/displaying-verification-statuses-for-all-of-your-commits.md
Просмотреть файл

@ -19,7 +19,7 @@ redirect_from:
コンピューターでローカルで作業する場合、Git を使用すると、変更の作者とコミッターのアイデンティティを設定できます。 これにより、他のユーザが、自分が作成したコミットとタグが実際に自分によって作成されたものであると確信することが困難になる可能性があります。 この問題を解決するため、コミットとタグに署名することができます。 詳しい情報については、「[コミットに署名する](/github/authenticating-to-github/signing-commits)」および「[タグに署名する](/github/authenticating-to-github/signing-tags)」を参照してください。 {% data variables.product.prodname_dotcom %} は、署名されたコミットとタグに検証ステータスのマークを付けます。
デフォルトでは、コミットとタグは、正常に検証された GPG または S/MIME キーで署名されている場合、「検証済み」としてマークされます。 If a commit or tag has a signature that can't be verified by {% data variables.product.prodname_dotcom %}, we mark the commit or tag "Unverified." それ以外の場合、検証ステータスは表示されません。
By default commits and tags are marked "Verified" if they are signed with a GPG{% ifversion ssh-commit-verification %}, SSH,{% endif %} or S/MIME key that was successfully verified. If a commit or tag has a signature that can't be verified by {% data variables.product.prodname_dotcom %}, we mark the commit or tag "Unverified." それ以外の場合、検証ステータスは表示されません。
ただし、{% data variables.product.prodname_dotcom %} 設定で警戒モードを有効にすることで、他のユーザにコミットとタグに起因するアイデンティティの信頼性を高めることができます。 警戒モードを有効にすると、すべてのコミットとタグに 3 つの検証ステータスのいずれかがマークされます。

2
translations/ja-JP/content/authentication/managing-commit-signature-verification/index.md
Просмотреть файл

@ -1,6 +1,6 @@
---
title: コミット署名の検証を管理する
intro: 'GPG または S/MIME を使用してローカルで作業に署名できます。 信頼できるソースによるコミットであることを他のユーザに知らせるために、{% data variables.product.product_name %} はこの署名を検証します。{% ifversion fpt %} {% data variables.product.product_name %} は、{% data variables.product.product_name %} Web インターフェイスを使用して自動的にコミットに署名します。{% endif %}'
intro: '{% data variables.product.product_name %} will verify GPG{% ifversion ssh-commit-verification %}, SSH,{% endif %} or S/MIME signatures so other people will know that your commits come from a trusted source.{% ifversion fpt %} {% data variables.product.product_name %} will automatically sign commits you make using the {% data variables.product.product_name %} web interface.{% endif %}'
redirect_from:
- /articles/generating-a-gpg-key
- /articles/signing-commits-with-gpg

6
translations/ja-JP/content/authentication/managing-commit-signature-verification/signing-commits.md
Просмотреть файл

@ -1,6 +1,6 @@
---
title: コミットに署名する
intro: GPG または S/MIME を使用してローカルでコミットに署名できます。
intro: 'You can sign commits locally using GPG{% ifversion ssh-commit-verification %}, SSH,{% endif %} or S/MIME.'
redirect_from:
- /articles/signing-commits-and-tags-using-gpg
- /articles/signing-commits-using-gpg
@ -52,9 +52,5 @@ Git バージョン 2.0.0 以降で、ローカルリポジトリでデフォル
## 参考リンク
* [既存の GPG キーのチェック](/articles/checking-for-existing-gpg-keys)
* [新しい GPG キーの生成](/articles/generating-a-new-gpg-key)
* "[Adding a GPG key to your GitHub account](/articles/adding-a-gpg-key-to-your-github-account)"
* 「[Git へ署名キーを伝える](/articles/telling-git-about-your-signing-key)」
* [GPG キーとメールの関連付け](/articles/associating-an-email-with-your-gpg-key)
* 「[タグに署名する](/articles/signing-tags)」

5
translations/ja-JP/content/authentication/managing-commit-signature-verification/signing-tags.md
Просмотреть файл

@ -1,6 +1,6 @@
---
title: タグに署名する
intro: GPG または S/MIME を使用してローカルでタグに署名できます。
intro: 'You can sign tags locally using GPG{% ifversion ssh-commit-verification %}, SSH,{% endif %} or S/MIME.'
redirect_from:
- /articles/signing-tags-using-gpg
- /articles/signing-tags
@ -32,9 +32,6 @@ topics:
## 参考リンク
- [リポジトリのタグを表示する](/articles/viewing-your-repositorys-tags)
- [既存の GPG キーのチェック](/articles/checking-for-existing-gpg-keys)
- [新しい GPG キーの生成](/articles/generating-a-new-gpg-key)
- "[Adding a GPG key to your GitHub account](/articles/adding-a-gpg-key-to-your-github-account)"
- 「[Git へ署名キーを伝える](/articles/telling-git-about-your-signing-key)」
- [GPG キーとメールの関連付け](/articles/associating-an-email-with-your-gpg-key)
- 「[コミットに署名する](/articles/signing-commits)」

28
translations/ja-JP/content/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key.md
Просмотреть файл

@ -1,6 +1,6 @@
---
title: Git へ署名キーを伝える
intro: ローカルでコミットに署名するには、使用する GPG または X.509 キーがあることを Git に知らせる必要があります。
intro: 'To sign commits locally, you need to inform Git that there''s a GPG{% ifversion ssh-commit-verification %}, SSH,{% endif %} or X.509 key you''d like to use.'
redirect_from:
- /articles/telling-git-about-your-gpg-key
- /articles/telling-git-about-your-signing-key
@ -52,8 +52,6 @@ If you're using a GPG key that matches your committer identity and your verified
$ killall gpg-agent
```
{% data reusables.gpg.x-509-key %}
{% endmac %}
{% windows %}
@ -75,8 +73,6 @@ If you're using a GPG key that matches your committer identity and your verified
{% data reusables.gpg.copy-gpg-key-id %}
{% data reusables.gpg.paste-gpg-key-id %}
{% data reusables.gpg.x-509-key %}
{% endwindows %}
{% linux %}
@ -101,15 +97,25 @@ If you're using a GPG key that matches your committer identity and your verified
```bash
$ [ -f ~/.bashrc ] && echo 'export GPG_TTY=$(tty)' >> ~/.bashrc
```
{% endlinux %}
{% ifversion ssh-commit-verification %}
## Telling Git about your SSH key
You can use an existing SSH key to sign commits and tags, or generate a new one specifically for signing. 詳しい情報については、「[新しい SSH キーを生成して ssh-agent に追加する](/github/authenticating-to-github/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent)」を参照してください。
{% data reusables.gpg.ssh-git-version %}
{% data reusables.command_line.open_the_multi_os_terminal %}
{% data reusables.gpg.configure-ssh-signing %}
{% data reusables.gpg.copy-ssh-public-key %}
{% data reusables.gpg.paste-ssh-public-key %}
{% endif %}
{% data reusables.gpg.x-509-key %}
## 参考リンク
- [既存の GPG キーのチェック](/articles/checking-for-existing-gpg-keys)
- [新しい GPG キーの生成](/articles/generating-a-new-gpg-key)
- [GPG キーで検証済みのメールアドレスを使う](/articles/using-a-verified-email-address-in-your-gpg-key)
- "[Adding a GPG key to your GitHub account](/articles/adding-a-gpg-key-to-your-github-account)"
- [GPG キーとメールの関連付け](/articles/associating-an-email-with-your-gpg-key)
- "[Adding a new SSH key to your GitHub account](/github/authenticating-to-github/adding-a-new-ssh-key-to-your-github-account)."
- 「[コミットに署名する](/articles/signing-commits)」
- 「[タグに署名する](/articles/signing-tags)」

5
translations/ja-JP/content/authentication/troubleshooting-commit-signature-verification/checking-your-commit-and-tag-signature-verification-status.md
Просмотреть файл

@ -22,7 +22,10 @@ shortTitle: Check verification status
1. {% data variables.product.product_name %}上で、プルリクエストに移動します。
{% data reusables.repositories.review-pr-commits %}
3. コミットの省略されたコミットハッシュの横に、コミット署名が検証済みか{% ifversion fpt or ghec %}、部分的に検証済みか、{% endif %}未検証かを示すボックスがあります。 ![署名されたコミット](/assets/images/help/commits/gpg-signed-commit-verified-without-details.png)
4. コミットシグニチャの詳細情報を表示するには、[**検証済み**]{% ifversion fpt or ghec %}、[**部分的に検証済み**]、{% endif %}または [**未検証**] をクリックします。 ![検証された署名済みコミット](/assets/images/help/commits/gpg-signed-commit_verified_details.png)
4. コミットシグニチャの詳細情報を表示するには、[**検証済み**]{% ifversion fpt or ghec %}、[**部分的に検証済み**]、{% endif %}または [**未検証**] をクリックします。 GPG signed commits will show the ID of the key that was used. ![Verified GPG signed commit](/assets/images/help/commits/gpg-signed-commit_verified_details.png)
{% ifversion ssh-commit-verification %}
SSH signed commits will show the signature of the public key that was used. ![Verified SSH signed commit](/assets/images/help/commits/ssh-signed-commit-verified-details.png)
{% endif %}
## タグの署名検証のステータスの確認

4
translations/ja-JP/content/billing/managing-billing-for-github-packages/about-billing-for-github-packages.md
Просмотреть файл

@ -49,9 +49,9 @@ All data transferred out, when triggered by {% data variables.product.prodname_a
Storage usage is shared with build artifacts produced by {% data variables.product.prodname_actions %} for repositories owned by your account. For more information, see "[About billing for {% data variables.product.prodname_actions %}](/billing/managing-billing-for-github-actions/about-billing-for-github-actions)."
{% data variables.product.prodname_dotcom %} charges usage to the account that owns the repository where the package is published. If your account's usage surpasses these limits and you have set a spending limit above $0 USD, you will pay $0.25 USD per GB of storage per day and $0.50 USD per GB of data transfer.
{% data variables.product.prodname_dotcom %} charges usage to the account that owns the repository where the package is published. If your account's usage surpasses these limits and you have set a spending limit above $0 USD, you will pay $0.008 USD per GB of storage per day and $0.50 USD per GB of data transfer.
For example, if your organization uses {% data variables.product.prodname_team %}, allows unlimited spending, uses 150GB of storage, and has 50GB of data transfer out during a month, the organization would have overages of 148GB for storage and 40GB for data transfer for that month. The storage overage would cost $0.25 USD per GB per day or $37 USD. The overage for data transfer would cost $0.50 USD per GB or $20 USD.
For example, if your organization uses {% data variables.product.prodname_team %}, allows unlimited spending, uses 150GB of storage, and has 50GB of data transfer out during a month, the organization would have overages of 148GB for storage and 40GB for data transfer for that month. The storage overage would cost $0.008 USD per GB per day or approximately $37 USD for a 31-day month. The overage for data transfer would cost $0.50 USD per GB or $20 USD.
{% data reusables.dotcom_billing.pricing_calculator.pricing_cal_packages %}

2
translations/ja-JP/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md
Просмотреть файл

@ -32,7 +32,7 @@ There are a few approaches for tackling newly committed credentials, but one exa
{% note %}
**Note:** You can automate this step. For large enterprises and organizations with hundreds of repositories, manually following up is unsustainable. You could incorporate automation into the webhook process defined in the first step. The webhook payload contains repository and organization information about the leaked secret. Using this information, you can contact the current maintainers on the repository and create a email/message to the responsible people or open an issue.
**Note:** You can automate this step. For large enterprises and organizations with hundreds of repositories, manually following up is unsustainable. You could incorporate automation into the webhook process defined in the first step. The webhook payload contains repository and organization information about the leaked secret. Using this information, you can contact the current maintainers on the repository and create an email/message to the responsible people or open an issue.
{% endnote %}
3. **Educate**: Create an internal training document assigned to the developer who committed the secret. Within this training document, you can explain the risks created by committing secrets and direct them to your best practice information about using secrets securely in development. If the a developer doesn't learn from the experience and continues to commit secrets, you could create an escalation process, but education usually works well.

6
translations/ja-JP/content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/running-codeql-code-scanning-in-a-container.md
Просмотреть файл

@ -32,6 +32,12 @@ topics:
{% data variables.product.prodname_codeql %}は、コードをビルドするコンテナ内で実行しなければなりません。 これは、{% data variables.product.prodname_codeql_cli %}{% ifversion codeql-runner-supported %}、{% data variables.product.prodname_codeql_runner %}{% endif %}、{% data variables.product.prodname_actions %}のいずれを使っていても当てはまります。 {% data variables.product.prodname_codeql_cli %}{% ifversion codeql-runner-supported %}あるいは{% data variables.product.prodname_codeql_runner %}{% endif %}については、詳しい情報は「[CIシステムへの{% data variables.product.prodname_codeql_cli %}のインストール](/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system)」{% ifversion codeql-runner-supported %}あるいは「[CIシステムでの{% data variables.product.prodname_codeql_runner %}の実行](/code-security/secure-coding/running-codeql-runner-in-your-ci-system)」{% endif %}を参照してください。 {% data variables.product.prodname_actions %} を使用している場合は、同じコンテナですべてのアクションを実行するようワークフローを設定します。 詳しい情報については「[ワークフローの例](#example-workflow)」を参照してください。
{% note %}
**ノート:** {% data reusables.code-scanning.non-glibc-linux-support %}
{% endnote %}
## 依存関係
使用しているコンテナで特定の依存関係がない場合 (たとえば、Git は PATH 変数にインストールされ、追加されている必要がある)、{% data variables.product.prodname_code_scanning %} を実行する上で困難が生じる場合があります。 依存関係の問題が生じた場合は、通常{% data variables.product.prodname_dotcom %}のランナーのイメージに含まれているソフトウェアのリストをレビューしてください。 詳しい情報については、次の場所にある特定のバージョンの `readme` ファイルを参照してください。

19
translations/ja-JP/content/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts.md
Просмотреть файл

@ -40,24 +40,24 @@ topics:
それぞれの{% data variables.product.prodname_dependabot %}アラートは一意の数値識別子を持っており、{% data variables.product.prodname_dependabot_alerts %}タブにはすべての検出された脆弱性に対するアラートがリストされます。 旧来の{% data variables.product.prodname_dependabot_alerts %}は依存関係で脆弱性をグループ化し、依存関係ごとに1つのアラートを生成しました。 旧来の{% data variables.product.prodname_dependabot %}アラートにアクセスすると、そのパッケージでフィルタされた{% data variables.product.prodname_dependabot_alerts %}タブにリダイレクトされます。 {% endif %}
{% ifversion fpt or ghec or ghes > 3.4 or ghae-issue-5638 %}
You can filter and sort {% data variables.product.prodname_dependabot_alerts %} using a variety of filters and sort options available on the user interface. For more information, see "[Prioritizing {% data variables.product.prodname_dependabot_alerts %}](#prioritizing-across--data-variablesproductprodname_dependabot_alerts-)" below.
ユーザインターフェースで利用できる様々なフィルタとソートのオプションを使って、{% data variables.product.prodname_dependabot_alerts %}をフィルタリング及びソートできます。 詳しい情報については下の「[{% data variables.product.prodname_dependabot_alerts %}の優先順位付け](#prioritizing-across--data-variablesproductprodname_dependabot_alerts-)」を参照してください。
## Prioritizing {% data variables.product.prodname_dependabot_alerts %}
## {% data variables.product.prodname_dependabot_alerts %}の優先順位付け
{% data variables.product.company_short %} helps you prioritize fixing {% data variables.product.prodname_dependabot_alerts %}. {% ifversion dependabot-most-important-sort-option %} By default, {% data variables.product.prodname_dependabot_alerts %} are sorted by importance. The "Most important" sort order helps you prioritize which {% data variables.product.prodname_dependabot_alerts %} to focus on first. アラートは、潜在的な影響、行動可能性、関連性に基づいてランク付けされます。 優先順位の計算は常に改善されており、CSVVスコア、依存関係スコープ、脆弱性のある関数呼び出しがアラートで見つかっているかといった要素を含みます。
{% data variables.product.company_short %}は{% data variables.product.prodname_dependabot_alerts %}の修正の優先順位付けに役立ちます。 {% ifversion dependabot-most-important-sort-option %}デフォルトでは、{% data variables.product.prodname_dependabot_alerts %}は重要度でソートされます。 "Most important重要な順"のソート順は、まず焦点を置くべき{% data variables.product.prodname_dependabot_alerts %}の優先順位付けを助けてくれます。 アラートは、潜在的な影響、行動可能性、関連性に基づいてランク付けされます。 優先順位の計算は常に改善されており、CSVVスコア、依存関係スコープ、脆弱性のある関数呼び出しがアラートで見つかっているかといった要素を含みます。
!["Most important"ソートのあるソートドロップダウンのスクリーンショット](/assets/images/help/dependabot/dependabot-alerts-sort-dropdown.png)
{% endif %}
{% data reusables.dependabot.dependabot-alerts-filters %}
In addition to the filters available via the search bar, you can sort and filter {% data variables.product.prodname_dependabot_alerts %} using the dropdown menus at the top of the alert list. The search bar also allows for full text searching of alerts and related security advisories. You can search for part of a security advisory name or description to return the alerts in your repository that relate to that security advisory. For example, searching for `yaml.load() API could execute arbitrary code` will return {% data variables.product.prodname_dependabot_alerts %} linked to "[PyYAML insecurely deserializes YAML strings leading to arbitrary code execution](https://github.com/advisories/GHSA-rprw-h62v-c2w7)" as the search string appears in the advisory description.
検索バーを通じて利用できるフィルタに加えて、アラートリストの上部にあるドロップダウンメニューを使って{% data variables.product.prodname_dependabot_alerts %}をソート及びフィルタリングできます。 検索バーでは、アラートと関連するセキュリティアドバイザリの全文検索もできます。 セキュリティアドバイザリ名または説明の一部を検索して、そのセキュリティアドバイザリに関連するリポジトリ内のアラートを返させることができます。 たとえば`yaml.load() API could execute arbitrary code`を検索すれば、この検索文字列はアドバイザリの説明にあるので「[PyYAML insecurely deserializes YAML strings leading to arbitrary code execution](https://github.com/advisories/GHSA-rprw-h62v-c2w7)」にリンクされた{% data variables.product.prodname_dependabot_alerts %}が返されます。
{% endif %}
{% ifversion dependabot-bulk-alerts %}
![{% data variables.product.prodname_dependabot_alerts %}タブ中のフィルタ及びソートメニューのスクリーンショット](/assets/images/help/graphs/dependabot-alerts-filters-checkbox.png){% elsif ghes = 3.5 %}
You can select a filter in a dropdown menu at the top of the list, then click the filter that you would like to apply. ![Screenshot of the filter and sort menus in the {% data variables.product.prodname_dependabot_alerts %} tab](/assets/images/enterprise/3.5/dependabot/dependabot-alerts-filters.png){% endif %}
リストの上部にあるドロップダウンメニューでフィルタを選択し、続いて適用したいフィルタをクリックできます。 ![Screenshot of the filter and sort menus in the {% data variables.product.prodname_dependabot_alerts %} tab](/assets/images/enterprise/3.5/dependabot/dependabot-alerts-filters.png){% endif %}
{% ifversion dependabot-alerts-development-label %}
## 依存関係のスコープに対してサポートされているエコシステムとマニフェスト
@ -110,7 +110,7 @@ You can select a filter in a dropdown menu at the top of the list, then click th
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.sidebar-security %}
{% data reusables.repositories.sidebar-dependabot-alerts %}
1. Optionally, to filter alerts, select a filter in a dropdown menu then click the filter that you would like to apply. 検索バーにフィルタを入力することもできます。 For more information about filtering and sorting alerts, see "[Prioritizing {% data variables.product.prodname_dependabot_alerts %}](#prioritizing-across--data-variablesproductprodname_dependabot_alerts-)."
1. あるいは、アラートをフィルタリングするには、ドロップダウンメニューでフィルタを選択し、続いて適用したいフィルタをクリックしてください。 検索バーにフィルタを入力することもできます。 アラートのフィルタリングとソートに関する詳しい情報については「[{% data variables.product.prodname_dependabot_alerts %}の優先順位付け](#prioritizing-across--data-variablesproductprodname_dependabot_alerts-)」を参照してください。
{%- ifversion dependabot-bulk-alerts %}
![{% data variables.product.prodname_dependabot_alerts %}タブ中のフィルタ及びソートメニューのスクリーンショット](/assets/images/help/graphs/dependabot-alerts-filters-checkbox.png){% else %}
![Screenshot of the filter and sort menus in the {% data variables.product.prodname_dependabot_alerts %} tab](/assets/images/enterprise/3.5/dependabot/dependabot-alerts-filters.png){% endif %}
@ -163,7 +163,12 @@ You can select a filter in a dropdown menu at the top of the list, then click th
依存関係のアップグレードのための広汎な作業をスケジュールしていたり、アラートを修正する必要はないと判断したりした場合、アラートを却下できます。 すでに評価済みのアラートを却下すると、新しいアラートが現れたときにトリアージしやすくなります。
1. アラートの詳細を表示させます。 詳しい情報については上の「[脆弱性のある依存関係の表示](#viewing-dependabot-alerts)」を参照してください。
1. "Dismiss却下"ドロップダウンを選択し、アラートを却下する理由をクリックしてください。{% ifversion reopen-dependabot-alerts %}却下された未修正のアラートは、後で再度オープンできます。{% endif %} ![[Dismiss] ドロップダウンでアラートを却下する理由を選択する](/assets/images/help/repository/dependabot-alert-dismiss-drop-down-ungrouped.png)
1. "Dismiss却下"ドロップダウンを選択し、アラートを却下する理由をクリックしてください。{% ifversion reopen-dependabot-alerts %}却下された未修正のアラートは、後で再度オープンできます。{% endif %}
{% ifversion dependabot-alerts-dismissal-comment %}1. あるいは、却下のコメントを追加してください。 却下のコメントはアラートのタイムラインに追加され、監査とレポートの際の正当性として利用できます。 GraphQL APIを使って、コメントの取得や設定ができます。 コメントは`dismissComment`フィールドに含まれます。 詳しい情報については、GraphQL APIドキュメンテーションの「[{% data variables.product.prodname_dependabot_alerts %}](/graphql/reference/objects#repositoryvulnerabilityalert)を参照してください。
![却下のコメントを追加するオプション付きで、"Dismiss"ドロップダウンからアラートを却下する方法を示しているスクリーンショット](/assets/images/help/repository/dependabot-alerts-dismissal-comment.png)
1. **Dismiss alertアラートを却下**をクリックしてください。
{% else %}
![[Dismiss] ドロップダウンでアラートを却下する理由を選択する](/assets/images/help/repository/dependabot-alert-dismiss-drop-down-ungrouped.png){% endif %}
{% ifversion dependabot-bulk-alerts %}
### 複数のアラートを一度に却下する

2
translations/ja-JP/content/code-security/secret-scanning/about-secret-scanning.md
Просмотреть файл

@ -39,7 +39,7 @@ Service providers can partner with {% data variables.product.company_short %} to
{% ifversion secret-scanning-push-protection %}
You can also enable {% data variables.product.prodname_secret_scanning %} as a push protection for a repository or an organization. When you enable this feature, {% data variables.product.prodname_secret_scanning %} prevents contributors from pushing code with a detected secret. To proceed, contributors must either remove the secret(s) from the push or, if needed, bypass the protection. For more information, see "[Protecting pushes with {% data variables.product.prodname_secret_scanning %}](/code-security/secret-scanning/protecting-pushes-with-secret-scanning)."
You can also enable {% data variables.product.prodname_secret_scanning %} as a push protection for a repository or an organization. When you enable this feature, {% data variables.product.prodname_secret_scanning %} prevents contributors from pushing code with a detected secret. To proceed, contributors must either remove the secret(s) from the push or, if needed, bypass the protection. {% ifversion push-protection-custom-link-orgs %}Admins can also specify a custom link that is displayed to the contributor when a push is blocked; the link can contain resources specific to the organization to aid contributors. {% endif %}For more information, see "[Protecting pushes with {% data variables.product.prodname_secret_scanning %}](/code-security/secret-scanning/protecting-pushes-with-secret-scanning)."
{% endif %}

20
translations/ja-JP/content/code-security/secret-scanning/protecting-pushes-with-secret-scanning.md
Просмотреть файл

@ -60,8 +60,20 @@ shortTitle: プッシュ保護の有効化
コマンドラインでは、一度に最大で5つの検出されたシークレットが表示されます。 特定のシークレットが既にリポジトリ中で検出されており、アラートが既に存在するなら、{% data variables.product.prodname_dotcom %}はそのシークレットをブロックしません。
{% ifversion push-protection-custom-link-orgs %}
Organizationの管理者は、プッシュがブロックされたときに表示されるカスタムリンクを提供できます。 このカスタムリンクには、Organization固有のリソースと、利用を進めるシークレットの保管庫や、ブロックされたシークレットに関連して質問の連絡を取る相手といったアドバイスを含めることができます。
{% ifversion push-protection-custom-link-orgs-beta %}{% data reusables.advanced-security.custom-link-beta %}{% endif %}
![ユーザがシークレットをリポジトリにプッシュしようとしたときにプッシュがブロックされたことを示しているスクリーンショット](/assets/images/help/repository/secret-scanning-push-protection-with-custom-link.png)
{% else %}
![ユーザがシークレットをリポジトリにプッシュしようとしたときにプッシュがブロックされたことを示しているスクリーンショット](/assets/images/help/repository/secret-scanning-push-protection-with-link.png)
{% endif %}
{% data reusables.secret-scanning.push-protection-remove-secret %} ブロックされたシークレットの修復に関する詳しい情報については「[プッシュ保護によってブロックされたブランチのプッシュ](/code-security/secret-scanning/pushing-a-branch-blocked-by-push-protection#resolving-a-blocked-push-on-the-command-line)」を参照してください。
シークレットが本物であることが確認され、後で修復しようと考えているなら、できるかぎり早くそのシークレットを修復すべきです。 たとえば、そのシークレットを取り消して、リポジトリのコミット履歴から削除することになるでしょう。 露出してしまった実際のシークレットは、不正アクセスを避けるために取り消さなければなりません。 取り消す前にシークレットをまずローテートすることを検討すべきかもしれません。 詳しい情報については「[センシティブなデータをリポジトリから削除する](/authentication/keeping-your-account-and-data-secure/removing-sensitive-data-from-a-repository)」を参照してください。
@ -88,6 +100,14 @@ shortTitle: プッシュ保護の有効化
Web UIでは、{% data variables.product.prodname_dotcom %}は検出されたシークレットを一度に1つだけしか表示しません。 特定のシークレットが既にリポジトリ中で検出されており、アラートが既に存在するなら、{% data variables.product.prodname_dotcom %}はそのシークレットをブロックしません。
{% ifversion push-protection-custom-link-orgs %}
Organizationの管理者は、プッシュがブロックされたときに表示されるカスタムリンクを提供できます。 このカスタムリンクには、Organization固有のリソースやアドバイスを含めることができます。 たとえば、このカスタムリンクはOrganizationのシークレットの保管庫に関する情報を持つREADMEファイルや、質問のエスカレート先のチームや個人、あるいはOrganizationで承認されたシークレットの扱いやコミット履歴の書き換えのポリシーなどを指すようにすることができます。
{% ifversion push-protection-custom-link-orgs-beta %}{% data reusables.advanced-security.custom-link-beta %}{% endif %}
{% endif %}
Web UIを使って、シークレットをファイルから削除できます。 シークレットを削除すると、ページ上部のバナーは変化し、変更をコミットできるようになったことを知らせてくれます。
![シークレットの修正後にコミットが許可されたことをWeb Uiで表示しているスクリーンショット](/assets/images/help/repository/secret-scanning-push-protection-web-ui-commit-allowed.png)

8
translations/ja-JP/content/code-security/secret-scanning/pushing-a-branch-blocked-by-push-protection.md
Просмотреть файл

@ -26,6 +26,14 @@ shortTitle: ブロックされたブランチのプッシュ
{% endtip %}
{% ifversion push-protection-custom-link-orgs %}
Organizationの管理者は、プッシュがブロックされた際の{% data variables.product.product_name %}からのメッセージに含められるカスタムリンクを提供できます。 このカスタムリンクには、Organization固有のリソースやアドバイスと、Organizationのポリシーを含めることができます。
{% ifversion push-protection-custom-link-orgs-beta %}{% data reusables.advanced-security.custom-link-beta %}{% endif %}
{% endif %}
## ブロックされたプッシュのコマンドラインでの解決
{% data reusables.secret-scanning.push-protection-command-line-choice %}

10
translations/ja-JP/content/codespaces/customizing-your-codespace/personalizing-github-codespaces-for-your-account.md
Просмотреть файл

@ -90,15 +90,13 @@ You can add further script, preferences, configuration files to your dotfiles re
If your codespace fails to pick up configuration settings from dotfiles, see "[Troubleshooting dotfiles for {% data variables.product.prodname_codespaces %}](/codespaces/troubleshooting/troubleshooting-dotfiles-for-codespaces)."
## Other available settings
You can also personalize {% data variables.product.prodname_codespaces %} using additional [{% data variables.product.prodname_codespaces %} settings](https://github.com/settings/codespaces):
- To set your default region, see "[Setting your default region for {% data variables.product.prodname_github_codespaces %}](/codespaces/customizing-your-codespace/setting-your-default-region-for-github-codespaces)."
- To set your editor, see "[Setting your default editor for {% data variables.product.prodname_github_codespaces %}](/codespaces/customizing-your-codespace/setting-your-default-editor-for-github-codespaces)."
- To add encrypted secrets, see "[Managing encrypted secrets for {% data variables.product.prodname_github_codespaces %}](/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces)."
- To enable GPG verification, see "[Managing GPG verification for {% data variables.product.prodname_github_codespaces %}](/codespaces/managing-your-codespaces/managing-gpg-verification-for-github-codespaces)."
- To allow your codespaces to access other repositories, see "[Managing repository access for your organization's codespaces](/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces)."
- To set your editor, see "[Setting your default editor for {% data variables.product.prodname_github_codespaces %}](/codespaces/customizing-your-codespace/setting-your-default-editor-for-github-codespaces)."
- To set how long a codespace can remain unused before it is automatically stopped, see "[Setting your timeout period for GitHub Codespaces](/codespaces/customizing-your-codespace/setting-your-timeout-period-for-github-codespaces)."
- To set the period for which your unused codespaces are retained, see "[Configuring automatic deletion of your codespaces](/codespaces/customizing-your-codespace/configuring-automatic-deletion-of-your-codespaces)."
- To set your default region, see "[Setting your default region for {% data variables.product.prodname_github_codespaces %}](/codespaces/customizing-your-codespace/setting-your-default-region-for-github-codespaces)."
## Further reading

21
translations/ja-JP/content/codespaces/developing-in-codespaces/creating-a-codespace.md
Просмотреть файл

@ -46,23 +46,20 @@ If you want to use Git hooks for your codespace, then you should set up hooks us
When you have access to {% data variables.product.prodname_github_codespaces %}, you'll see a "Codespaces" tab within the **{% octicon "code" aria-label="The code icon" %} Code** drop-down menu when you view a repository.
You'll have access to codespaces under the following conditions:
You'll have access to {% data variables.product.prodname_github_codespaces %} under the following conditions:
* You are a member of an organization that has enabled {% data variables.product.prodname_codespaces %} and set a spending limit.
* An organization owner has granted you access to {% data variables.product.prodname_codespaces %}.
* The repository is owned by the organization that has enabled {% data variables.product.prodname_codespaces %}.
Either all of these are true:
* You are a member, or outside collaborator, of an organization that has enabled {% data variables.product.prodname_codespaces %} and set a spending limit.
* The organization owner has allowed you to create codespaces at the organization's expense.
* The repository for which you want to create a codespace is owned by this organization.
{% note %}
**Note:** Individuals who have already joined the beta with their personal {% data variables.product.prodname_dotcom %} account will not lose access to {% data variables.product.prodname_codespaces %}, however {% data variables.product.prodname_codespaces %} for individuals will continue to remain in beta.
{% endnote %}
Organization owners can allow all members of the organization to create codespaces, limit codespace creation to selected organization members, or disable codespace creation. For more information about managing access to codespaces within your organization, see "[Enable Codespaces for users in your organization](/codespaces/managing-codespaces-for-your-organization/enabling-codespaces-for-your-organization#enable-codespaces-for-users-in-your-organization)."
Or both of these are true:
* You are participating in the beta of {% data variables.product.prodname_codespaces %} for individual users.
* Either you own the repository for which you want to create a codespace, or it is owned by an organization of which you are either a member or an outside collaborator.
Before {% data variables.product.prodname_codespaces %} can be used in an organization, an owner or billing manager must have set a spending limit. For more information, see "[About spending limits for Codespaces](/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-codespaces#about-spending-limits-for-codespaces)."
If you would like to create a codespace for a repository owned by your personal account or another user, and you have permission to create repositories in an organization that has enabled {% data variables.product.prodname_github_codespaces %}, you can fork user-owned repositories to that organization and then create a codespace for the fork.
Organization owners can specify who can create and use codespaces at the organization's expense. Organization owners can also prevent any codespace usage being charged to the organization. For more information, see "[Enabling {% data variables.product.prodname_github_codespaces %} for your organization](/codespaces/managing-codespaces-for-your-organization/enabling-github-codespaces-for-your-organization#choose-who-can-create-codespaces-that-are-billed-to-your-organization)."
## codespace を作成する

2
translations/ja-JP/content/codespaces/developing-in-codespaces/renaming-a-codespace.md
Просмотреть файл

@ -27,7 +27,9 @@ To find the display name of a codespace:
![Screenshot of the Remote Explorer in VS Code](/assets/images/help/codespaces/codespaces-remote-explorer.png)
{% indented_data_reference reusables.codespaces.remote-explorer spaces=2 %}
- In a terminal window on your local machine, use this {% data variables.product.prodname_cli %} command: `gh codespace list`.
### Permanent codespace names
In addition to the display name, when you create a codespace, a permanent name is also assigned to the codespace. The name is a combination of your {% data variables.product.company_short %} handle, the repository name, and some random characters. For example: `octocat-myrepo-gmc7`. You can't change this name.

1
translations/ja-JP/content/codespaces/guides.md
Просмотреть файл

@ -40,7 +40,6 @@ includeGuides:
- /codespaces/managing-codespaces-for-your-organization/enabling-codespaces-for-your-organization
- /codespaces/managing-codespaces-for-your-organization/managing-billing-for-codespaces-in-your-organization
- /codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-codespaces
- /codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces
- /codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types
- /codespaces/managing-codespaces-for-your-organization/retricting-the-idle-timeout-period
- /codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces

6
translations/ja-JP/content/codespaces/index.md
Просмотреть файл

@ -7,11 +7,11 @@ introLinks:
quickstart: /codespaces/getting-started/quickstart
featuredLinks:
guides:
- /billing/managing-billing-for-github-codespaces/about-billing-for-codespaces
- /codespaces/managing-codespaces-for-your-organization/enabling-codespaces-for-your-organization
- /codespaces/setting-up-your-codespace/configuring-codespaces-for-your-project
- /codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces
- /codespaces/developing-in-codespaces/codespaces-lifecycle
- /codespaces/setting-up-your-codespace/configuring-codespaces-for-your-project
- /codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces
- /billing/managing-billing-for-github-codespaces/about-billing-for-codespaces
popular:
- /codespaces/getting-started-with-codespaces/getting-started-with-your-nodejs-project-in-codespaces
- /codespaces/getting-started-with-codespaces/getting-started-with-your-python-project-in-codespaces

53
translations/ja-JP/content/codespaces/managing-codespaces-for-your-organization/enabling-github-codespaces-for-your-organization.md
Просмотреть файл

@ -1,9 +1,9 @@
---
title: Enabling GitHub Codespaces for your organization
shortTitle: Enable Codespaces
intro: 'Organization 内のどのユーザが {% data variables.product.prodname_github_codespaces %} を使用できるかを制御できます。'
shortTitle: 'Enable {% data variables.product.prodname_codespaces %}'
intro: 'You can control which users in your organization can use {% data variables.product.prodname_github_codespaces %} at the organization''s expense.'
product: '{% data reusables.gated-features.codespaces %}'
permissions: 'To manage user permissions for {% data variables.product.prodname_github_codespaces %} for an organization, you must be an organization owner.'
permissions: 'To alter an organization''s billing settings, you must be an organization owner.'
redirect_from:
- /codespaces/managing-codespaces-for-your-organization/managing-user-permissions-for-your-organization
- /codespaces/managing-codespaces-for-your-organization/enabling-codespaces-for-your-organization
@ -13,25 +13,23 @@ versions:
type: how_to
topics:
- Codespaces
- Permissions
- Billing
- Administrator
---
## About enabling {% data variables.product.prodname_github_codespaces %} for your organization
Organization のオーナーは、Organization 内のどのユーザが Codespaces を作成および使用できるかを制御できます。
Organization owners can control which users in your organization can create and use codespaces at the organization's expense.
To use codespaces in your organization, you must do the following:
Only people who can clone a repository can create a codespace for that repository. To allow people to create codespaces for repositories owned by your organization, you must:
- Ensure that users have at least write access to the repositories where they want to use a codespace. 詳しい情報については「[リポジトリへのアクセスを持つTeamや人の管理](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository)」を参照してください。
- Ensure that your organization does not have an IP address allow list enabled. For more information, see "[Managing allowed IP addresses for your organization](/{% ifversion fpt %}enterprise-cloud@latest/{% endif %}organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %}
To allow people to create codespaces for which your organization will be billed, you must:
- Ensure that users have [at least write access](/organizations/managing-access-to-your-organizations-repositories/repository-permission-levels-for-an-organization) to the repositories where they want to use a codespace.
- [Enable {% data variables.product.prodname_github_codespaces %} for users in your organization](#enable-codespaces-for-users-in-your-organization). You can choose to allow {% data variables.product.prodname_codespaces %} for selected users or only for specific users.
- [Set a spending limit](/billing/managing-billing-for-github-codespaces/managing-spending-limits-for-codespaces)
- Ensure that your organization does not have an IP address allow list enabled. For more information, see "[Managing allowed IP addresses for your organization](/{% ifversion fpt %}enterprise-cloud@latest/{% endif %}organizations/keeping-your-organization-secure/managing-allowed-ip-addresses-for-your-organization#using-github-actions-with-an-ip-allow-list){% ifversion fpt %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %}
By default, a codespace can only access the repository from which it was created. Organization 内の Codespaces で、codespace の作者がアクセスできる他の Organization リポジトリにアクセスできるようにする場合は、「[{% data variables.product.prodname_codespaces %} のアクセスとセキュリティを管理する](/codespaces/managing-codespaces-for-your-organization/managing-access-and-security-for-your-organizations-codespaces)」を参照してください。
## Enable {% data variables.product.prodname_codespaces %} for users in your organization
- [Choose who can create codespaces that are billed to your organization](#choose-who-can-create-codespaces-that-are-billed-to-your-organization)
{% ifversion fpt %}
{% note %}
@ -40,31 +38,44 @@ By default, a codespace can only access the repository from which it was created
{% endnote %}
{% endif %}
By default, a codespace can only access the repository from which it was created. If you want codespaces in your organization to be able to access other organization repositories that the codespace creator can access, see "[Managing repository access for your organization's codespaces](/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces)."
## Choose who can create codespaces that are billed to your organization
{% data reusables.profile.access_org %}
{% data reusables.profile.org_settings %}
{% data reusables.organizations.click-codespaces %}
1. [User permissions] で、次のいずれかのオプションを選択します。
1. Under "Billing," select one of the following options:
* [**Selected users**] にすると、{% data variables.product.prodname_codespaces %} を使用する特定の Organization メンバーを選択できます。
* **Allow for all members** to allow all your organization members to use {% data variables.product.prodname_codespaces %}.
* **Allow for all members and outside collaborators** to allow all your organization members as well as outside collaborators to use {% data variables.product.prodname_codespaces %}.
* **Disabled** - Your organization will not be charged for codespace usage. {% data variables.product.prodname_codespaces %} created for your organization's repositories will be billed to the individual users who create them.
* **Selected members** - {% data variables.product.prodname_codespaces %} created for your organization's repositories by selected members will be billed to the organization.
* **All members** - {% data variables.product.prodname_codespaces %} created for your organization's repositories by members of your organization will be billed to the organization.
* **All members and outside collaborators** - {% data variables.product.prodname_codespaces %} created for your organization's repositories by organization members and outside collaborators will be billed to the organization.
!["User permissions" のラジオボタン](/assets/images/help/codespaces/org-user-permission-settings-outside-collaborators.png)
![Radio buttons for "Billing"](/assets/images/help/codespaces/codespaces-org-billing-settings.png)
{% note %}
**Note:** When you select **Allow for all members and outside collaborators**, all outside collaborators who have been added to specific repositories can create and use {% data variables.product.prodname_codespaces %}. Your organization will be billed for all usage incurred by outside collaborators. For more information on managing outside collaborators, see "[About outside collaborators](/organizations/managing-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization#about-outside-collaborators)."
**Note:** When you select **All members and outside collaborators**, all outside collaborators who have been added to specific repositories can create and use {% data variables.product.prodname_codespaces %} for those repositories, and your organization will be billed for this usage. For more information on managing outside collaborators, see "[About outside collaborators](/organizations/managing-access-to-your-organizations-repositories/adding-outside-collaborators-to-repositories-in-your-organization#about-outside-collaborators)."
{% endnote %}
1. [**Save**] をクリックします。
1. If you chose **Selected members**, an input box is displayed for you to enter the names of users you want to select.
![Input box for selecting users](/assets/images/help/codespaces/codespaces-org-billing-add-users.png)
## Disabling {% data variables.product.prodname_codespaces %} for your organization
You can prevent the creation and use of codespaces billable to your organization.
{% data reusables.codespaces.codespaces-disabling-org-billing %}
{% data reusables.profile.access_org %}
{% data reusables.profile.org_settings %}
{% data reusables.organizations.click-codespaces %}
1. Under "User permissions", select **Disabled**.
1. Under "Billing," select **Disabled**.
## 利用限度の設定

12
translations/ja-JP/content/codespaces/managing-codespaces-for-your-organization/managing-billing-for-github-codespaces-in-your-organization.md
Просмотреть файл

@ -35,11 +35,15 @@ You can set a usage limit for the codespaces in your organization or repository.
## Disabling or limiting {% data variables.product.prodname_codespaces %}
You can disable the use of {% data variables.product.prodname_codespaces %} in your organization or repository. For more information, see "[Managing repository access for your organization's codespaces](/codespaces/managing-codespaces-for-your-organization/managing-access-and-security-for-your-organizations-codespaces)."
You can disable all use of {% data variables.product.prodname_github_codespaces %} that would be billed to your organization. Alternatively, you can specify which organization members or collaborators can use {% data variables.product.prodname_codespaces %} at your organization's expense. For more information, see "[Enabling {% data variables.product.prodname_github_codespaces %} for your organization](/codespaces/managing-codespaces-for-your-organization/enabling-github-codespaces-for-your-organization)."
You can also limit the individual users who can use {% data variables.product.prodname_codespaces %}. For more information, see "[Managing user permissions for your organization](/codespaces/managing-codespaces-for-your-organization/managing-user-permissions-for-your-organization)."
{% data reusables.codespaces.codespaces-disabling-org-billing %}
You can limit the choice of machine types that are available for repositories owned by your organization. This allows you to prevent people using overly resourced machines for their codespaces. 詳しい情報については「[マシンタイプへのアクセス制限](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)」を参照してください。
You can configure which repositories can be accessed from codespaces created for a particular repository. For more information, see "[Managing access to other repositories within your codespace](/codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces)."
You can limit the choice of types of machine that are available for codespaces created from repositories owned by your organization. This allows you to prevent people using overly resourced machines for their codespaces, and incurring unnecessary charges. 詳しい情報については「[マシンタイプへのアクセス制限](/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types)」を参照してください。
You can also restrict how long a codespace can remain unused before it is automatically deleted. This can help to reduce storage costs for {% data variables.product.prodname_codespaces %}. For more information, see "[Restricting the retention period for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces)."
## Deleting unused codespaces
@ -47,6 +51,6 @@ Your users can delete their codespaces in https://github.com/codespaces and from
{% note %}
**注釈:** codespace を作成したユーザだけが削除できます。 現在、Organization のオーナーが Organization 内で作成された Codespaces を削除する方法はありません。
**Note:** Codespaces are automatically deleted after they have been stopped and have remained inactive for a defined number of days. For more information, see "[Restricting the retention period for codespaces](/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces)." A codespace can only be manually deleted by the person who created the codespace.
{% endnote %}

2
translations/ja-JP/content/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces.md
Просмотреть файл

@ -20,7 +20,7 @@ redirect_from:
{% warning %}
**Deprecation note**: The access and security setting described below is now deprecated and is documented here for reference only. To enable expanded access to other repositories, add the requested permissions to your dev container definition. For more information, see "[Managing access to other repositories within your codespace](/codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces)."
**Deprecation note**: The access and security setting described below is now deprecated and is documented here for reference only. To enable expanded access to other repositories, add the requested permissions to your `devcontainer.json` configuration file. For more information, see "[Managing access to other repositories within your codespace](/codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces)."
{% endwarning %}

2
translations/ja-JP/content/codespaces/managing-codespaces-for-your-organization/restricting-access-to-machine-types.md
Просмотреть файл

@ -43,6 +43,8 @@ For example, you could create an organization-wide policy that restricts the mac
If you add an organization-wide policy, you should set it to the largest choice of machine types that will be available for any repository in your organization. You can then add repository-specific policies to further restrict the choice.
{% data reusables.codespaces.codespaces-org-policies-note %}
## Adding a policy to limit the available machine types
{% data reusables.profile.access_org %}

2
translations/ja-JP/content/codespaces/managing-codespaces-for-your-organization/restricting-the-idle-timeout-period.md
Просмотреть файл

@ -40,6 +40,8 @@ When you create a policy, you choose whether it applies to all repositories in y
If you add an organization-wide policy with a timeout constraint, you should set the timeout to the longest acceptable period. You can then add separate policies that set the maximum timeout to a shorter period for specific repositories in your organization.
{% data reusables.codespaces.codespaces-org-policies-note %}
## Adding a policy to set a maximum idle timeout period
{% data reusables.profile.access_org %}

2
translations/ja-JP/content/codespaces/managing-codespaces-for-your-organization/restricting-the-retention-period-for-codespaces.md
Просмотреть файл

@ -26,6 +26,8 @@ When you create a policy, you choose whether it applies to all repositories in y
If you add an organization-wide policy with a retention constraint, you should set the retention period to the longest acceptable period. You can then add separate policies that set the maximum retention to a shorter period for specific repositories in your organization.
{% data reusables.codespaces.codespaces-org-policies-note %}
## Adding a policy to set a maximum codespace retention period
{% data reusables.profile.access_org %}

2
translations/ja-JP/content/codespaces/managing-codespaces-for-your-organization/restricting-the-visibility-of-forwarded-ports.md
Просмотреть файл

@ -36,6 +36,8 @@ For example, you could create an organization-wide policy that restricts the vis
If you add an organization-wide policy, you should set it to the most lenient visibility option that will be available for any repository in your organization. You can then add repository-specific policies to further restrict the choice.
{% data reusables.codespaces.codespaces-org-policies-note %}
## Adding a policy to limit the port visibility options
{% data reusables.profile.access_org %}

4
translations/ja-JP/content/codespaces/managing-your-codespaces/managing-repository-access-for-your-codespaces.md
Просмотреть файл

@ -132,7 +132,3 @@ When you enable access and security for a repository owned by your personal acco
1. [Selected repositories] を選択した場合、ドロップダウンメニューを選択してから、あなたの所有するその他のリポジトリにアクセスを許可する、リポジトリのコードスペースをクリックします。 所有するその他のリポジトリにコードスペースによるアクセスを許可したい、すべてのリポジトリについて同じ手順を繰り返します。
![[Selected repositories]ドロップダウンメニュー](/assets/images/help/settings/codespaces-access-and-security-repository-drop-down.png)
## 参考リンク
- "[Managing repository access for your organization's codespaces](/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces)"

7
translations/ja-JP/content/codespaces/troubleshooting/working-with-support-for-github-codespaces.md
Просмотреть файл

@ -31,6 +31,7 @@ The name the codespace is also included in many of the log files. For example, i
Every codespace also has an ID (identifier). This is not shown by default in {% data variables.product.prodname_vscode %} so you may need to update the settings for the {% data variables.product.prodname_github_codespaces %} extension before you can access the ID.
1. In {% data variables.product.prodname_vscode %}, browser or desktop, in the Activity Bar on the left, click **Remote Explorer** to show details for the codespace.
2. If the sidebar includes a "Codespace Performance" section, hover over the "Codespace ID" and click the clipboard icon to copy the ID.
3. If the information is not shown, click {% octicon "gear" aria-label="The gear icon" %}, in the bottom-left corner of the Activity Bar, to display the "Settings" tab.
4. Expand **Extensions** and click **{% data variables.product.prodname_github_codespaces %}** to display the settings for the extension. Then enable **Show Performance Explorer** to display the "Codespace Performance" section in the sidebar. ![Codespace ID and settings required to display performance information](/assets/images/help/codespaces/find-codespace-id.png)
{% indented_data_reference reusables.codespaces.remote-explorer spaces=3 %}
1. If the sidebar includes a "Codespace Performance" section, hover over the "Codespace ID" and click the clipboard icon to copy the ID.
1. If the information is not shown, click {% octicon "gear" aria-label="The gear icon" %}, in the bottom-left corner of the Activity Bar, to display the "Settings" tab.
1. Expand **Extensions** and click **{% data variables.product.prodname_github_codespaces %}** to display the settings for the extension. Then enable **Show Performance Explorer** to display the "Codespace Performance" section in the sidebar. ![Codespace ID and settings required to display performance information](/assets/images/help/codespaces/find-codespace-id.png)

42
translations/ja-JP/content/communities/using-templates-to-encourage-useful-issues-and-pull-requests/common-validation-errors-when-creating-issue-forms.md
Просмотреть файл

@ -539,7 +539,7 @@ Errors with `body` will be prefixed with `body[i]` where `i` represents the inde
### サンプル
```
```yaml
body:
- type: dropdown
attributes:
@ -552,7 +552,7 @@ body:
The error can be fixed by ensuring that no duplicate choices exist in the `options` array.
```
```yaml
body:
- type: dropdown
attributes:
@ -570,7 +570,7 @@ Errors with `body` will be prefixed with `body[i]` where `i` represents the inde
### サンプル
```
```yaml
body:
- type: dropdown
attributes:
@ -585,7 +585,7 @@ body:
The error can be fixed by removing "None" as an option. If you want a contributor to be able to indicate that they like none of those types of pies, you can additionally remove the `required` validation.
```
```yaml
body:
- type: dropdown
attributes:
@ -605,7 +605,7 @@ Errors with `body` will be prefixed with `body[i]` where `i` represents the inde
### サンプル
```
```yaml
body:
- type: dropdown
attributes:
@ -618,7 +618,7 @@ body:
The error can be fixed by wrapping each offending option in quotes, to prevent them from being processed as Boolean values.
```
```yaml
body:
- type: dropdown
attributes:
@ -629,6 +629,36 @@ body:
- Maybe
```
## Body cannot be empty
The template body `key:value` pair can not be empty. For more information about which top-level keys are required, see "[Syntax for issue forms](/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-issue-forms#top-level-syntax)."
The error can be fixed by adding the `body:` section.
### サンプル
```yaml
name: Support Request
description: Something went wrong and you need help?
---
body:
- type: textarea
attributes:
label: "What's wrong?"
```
In this example, the error can be fixed by deleting the `---` (document separator) between the headers and the `body` section.
```yaml
name: Support Request
description: Something went wrong and you need help?
body:
- type: textarea
attributes:
label: "What's wrong?"
```
## 参考リンク
- [YAML](https://yaml.org/)

14
translations/ja-JP/content/developers/overview/about-githubs-apis.md
Просмотреть файл

@ -15,17 +15,3 @@ topics:
---
GitHub APIには、[REST API](/rest)と[GraphQL API](/graphql)という2つの安定バージョンがあります。
## 非推奨のバージョン
### ベータ
ベータAPIは2014年4月22日に非推奨となりました。
### v2
API v2のサポートは2012年6月12日に廃止されました。
### v1
API v1のサポートは2012年6月12日に廃止されました。

2
translations/ja-JP/content/education/explore-the-benefits-of-teaching-and-learning-with-github-education/index.md
Просмотреть файл

@ -9,8 +9,8 @@ redirect_from:
versions:
fpt: '*'
children:
- /use-github-at-your-educational-institution
- /github-global-campus-for-students
- /github-global-campus-for-teachers
- /use-github-at-your-educational-institution
---

2
translations/ja-JP/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/create-a-group-assignment.md
Просмотреть файл

@ -55,7 +55,7 @@ redirect_from:
### 課題のタイプを選択する
[Individual or group assignment] の下で、ドロップダウンメニューを選択し、[**Group assignment**] をクリックします。 課題の作成後は、課題タイプを変更できません。 個人課題を作成する場合は、「[個人課題の作成](/education/manage-coursework-with-github-classroom/create-an-individual-assignment)」を参照してください。
[Individual or group assignment] の下で、ドロップダウンメニューを選択し、[**Group assignment**] をクリックします。 課題の作成後は、課題タイプを変更できません。 If you'd rather create an individual assignment, see "[Create an individual assignment](/education/manage-coursework-with-github-classroom/create-an-individual-assignment)."
### 課題のTeamを定義する

19
translations/ja-JP/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-allowed-ip-addresses-for-your-organization.md
Просмотреть файл

@ -36,15 +36,20 @@ Enterprise アカウントで Organization に対して許可される IP アド
## 許可 IP アドレスを追加する
{% data reusables.identity-and-permissions.about-adding-ip-allow-list-entries %}
{% data reusables.profile.access_org %}
{% data reusables.profile.org_settings %}
{% data reusables.organizations.security %}
{% data reusables.identity-and-permissions.ip-allow-lists-add-ip %}
{% data reusables.identity-and-permissions.ip-allow-lists-add-description %}
{% data reusables.identity-and-permissions.ip-allow-lists-add-entry %}
{% data reusables.identity-and-permissions.check-ip-address %}
## 許可 IP アドレスを有効化する
{% data reusables.identity-and-permissions.about-enabling-allowed-ip-addresses %}
{% data reusables.profile.access_org %}
{% data reusables.profile.org_settings %}
{% data reusables.organizations.security %}
@ -69,6 +74,8 @@ Enterprise アカウントで Organization に対して許可される IP アド
## 許可 IP アドレスを編集する
{% data reusables.identity-and-permissions.about-editing-ip-allow-list-entries %}
{% data reusables.profile.access_org %}
{% data reusables.profile.org_settings %}
{% data reusables.organizations.security %}
@ -76,6 +83,18 @@ Enterprise アカウントで Organization に対して許可される IP アド
{% data reusables.identity-and-permissions.ip-allow-lists-edit-ip %}
{% data reusables.identity-and-permissions.ip-allow-lists-edit-description %}
1. [**Update**] をクリックします。
{% data reusables.identity-and-permissions.check-ip-address %}
{% ifversion ip-allow-list-address-check %}
## Checking if an IP address is permitted
{% data reusables.identity-and-permissions.about-checking-ip-address %}
{% data reusables.profile.access_org %}
{% data reusables.profile.org_settings %}
{% data reusables.organizations.security %}
{% data reusables.identity-and-permissions.check-ip-address-step %}
{% endif %}
## 許可 IP アドレスを削除する

2
translations/ja-JP/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md
Просмотреть файл

@ -740,7 +740,7 @@ For more information, see "[Managing the publication of {% data variables.produc
| Action | Description
|------------------|-------------------
|`create` | Triggered when an organization owner creates a new custom repository role. For more information, see "[Managing custom repository roles for an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)."
|`destroy` | Triggered when a organization owner deletes a custom repository role. For more information, see "[Managing custom repository roles for an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)."
|`destroy` | Triggered when an organization owner deletes a custom repository role. For more information, see "[Managing custom repository roles for an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)."
|`update` | Triggered when an organization owner edits an existing custom repository role. For more information, see "[Managing custom repository roles for an organization](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization)."
{% endif %}

2
translations/ja-JP/content/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities.md
Просмотреть файл

@ -23,7 +23,7 @@ SSH CAをOrganizationに追加すると、メンバーはあなたが提供し
## SSH 認証局を追加する
If you require SSH certificates for your enterprise, enterprise members should use a special URL for Git operations over SSH. 詳しい情報については、「[SSH 認証局について](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#about-ssh-urls-with-ssh-certificates)」を参照してください。
EnterpriseでSSH証明書が必要な場合、EnterpriseのメンバーはSSH経由のGitの操作に特別なURLを使わなければなりません。 詳しい情報については、「[SSH 認証局について](/organizations/managing-git-access-to-your-organizations-repositories/about-ssh-certificate-authorities#about-ssh-urls-with-ssh-certificates)」を参照してください。
{% data reusables.profile.access_org %}
{% data reusables.profile.org_settings %}

2
translations/ja-JP/content/packages/working-with-a-github-packages-registry/working-with-the-npm-registry.md
Просмотреть файл

@ -94,7 +94,7 @@ $ npm login --scope=@<em>OWNER</em> --registry=https://<em>HOSTNAME</em>/_regist
{% endnote %}
By default, {% data variables.product.prodname_registry %} publishes a package in the {% data variables.product.prodname_dotcom %} repository you specify in the name field of the *package.json* file. For example, you would publish a package named `@my-org/test` to the `my-org/test` {% data variables.product.prodname_dotcom %} repository. You can add a summary for the package listing page by including a *README.md* file in your package directory. For more information, see "[Working with package.json](https://docs.npmjs.com/getting-started/using-a-package.json)" and "[How to create Node.js Modules](https://docs.npmjs.com/getting-started/creating-node-modules)" in the npm documentation.
By default, {% data variables.product.prodname_registry %} publishes a package in the {% data variables.product.prodname_dotcom %} repository you specify in the name field of the *package.json* file. For example, you would publish a package named `@my-org/test` to the `my-org/test` {% data variables.product.prodname_dotcom %} repository. If you're running [npm v8.5.3](https://github.com/npm/cli/releases/tag/v8.5.3) or later, you can add a summary for the package listing page by including a *README.md* file in your package directory. For more information, see "[Working with package.json](https://docs.npmjs.com/getting-started/using-a-package.json)" and "[How to create Node.js Modules](https://docs.npmjs.com/getting-started/creating-node-modules)" in the npm documentation.
You can publish multiple packages to the same {% data variables.product.prodname_dotcom %} repository by including a `URL` field in the *package.json* file. For more information, see "[Publishing multiple packages to the same repository](#publishing-multiple-packages-to-the-same-repository)."

60
translations/ja-JP/content/pages/getting-started-with-github-pages/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser.md
Просмотреть файл

@ -1,60 +0,0 @@
---
title: Adding a theme to your GitHub Pages site with the theme chooser
intro: 'You can add a theme to your {% data variables.product.prodname_pages %} site to customize your sites look and feel.'
redirect_from:
- /articles/creating-a-github-pages-site-with-the-jekyll-theme-chooser
- /articles/adding-a-jekyll-theme-to-your-github-pages-site-with-the-jekyll-theme-chooser
- /articles/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser
- /github/working-with-github-pages/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser
product: '{% data reusables.gated-features.pages %}'
versions:
fpt: '*'
ghec: '*'
topics:
- Pages
shortTitle: Add theme to a Pages site
permissions: People with admin permissions for a repository can use the theme chooser to add a theme to a {% data variables.product.prodname_pages %} site.
---
## About the theme chooser
{% ifversion pages-custom-workflow %}
{% note %}
**Note**: The Jekyll theme chooser is not supported for {% data variables.product.prodname_pages %} sites that are published with a custom {% data variables.product.prodname_actions %} workflow. If you build your site with Jekyll and publish your site with a custom {% data variables.product.prodname_actions %} workflow, you can add a theme by editing the `_config.yml` file. For more information, see "[Adding a theme to your GitHub Pages site using Jekyll](/pages/setting-up-a-github-pages-site-with-jekyll/adding-a-theme-to-your-github-pages-site-using-jekyll)."
{% endnote %}
{% endif %}
The theme chooser adds a Jekyll theme to your repository. For more information about Jekyll, see "[About {% data variables.product.prodname_pages %} and Jekyll](/articles/about-github-pages-and-jekyll)."
How the theme chooser works depends on whether your repository is public or private.
- If {% data variables.product.prodname_pages %} is already enabled for your repository, the theme chooser will add your theme to the current publishing source.
- If your repository is public and {% data variables.product.prodname_pages %} is disabled for your repository, using the theme chooser will enable {% data variables.product.prodname_pages %} and configure the default branch as your publishing source.
- If your repository is private and {% data variables.product.prodname_pages %} is disabled for your repository, you must enable {% data variables.product.prodname_pages %} by configuring a publishing source before you can use the theme chooser.
For more information about publishing sources, see "[About {% data variables.product.prodname_pages %}](/articles/about-github-pages#publishing-sources-for-github-pages-sites)."
If you manually added a Jekyll theme to your repository in the past, those files may be applied even after you use the theme chooser. To avoid conflicts, remove all manually added theme folders and files before using the theme chooser. For more information, see "[Adding a theme to your {% data variables.product.prodname_pages %} site using Jekyll](/articles/adding-a-theme-to-your-github-pages-site-using-jekyll)."
## Adding a theme with the theme chooser
{% data reusables.pages.navigate-site-repo %}
{% data reusables.repositories.sidebar-settings %}
{% data reusables.pages.sidebar-pages %}
3. Under "{% data variables.product.prodname_pages %}," click **Choose a theme** or **Change theme**.
![Choose a theme button](/assets/images/help/pages/choose-a-theme.png)
4. On the top of the page, click the theme you want, then click **Select theme**.
![Theme options and Select theme button](/assets/images/help/pages/select-theme.png)
5. You may be prompted to edit your site's *README.md* file.
- To edit the file later, click **Cancel**.
![Cancel link when editing a file](/assets/images/help/pages/cancel-edit.png)
- To edit the file now, see "[Editing files](/repositories/working-with-files/managing-files/editing-files)."
Your chosen theme will automatically apply to markdown files in your repository. To apply your theme to HTML files in your repository, you need to add YAML front matter that specifies a layout to each file. For more information, see "[Front Matter](https://jekyllrb.com/docs/front-matter/)" on the Jekyll site.
## Further reading
- [Themes](https://jekyllrb.com/docs/themes/) on the Jekyll site

4
translations/ja-JP/content/pages/getting-started-with-github-pages/creating-a-github-pages-site.md
Просмотреть файл

@ -59,9 +59,9 @@ shortTitle: GitHub Pagesのサイトの作成
新しいファイルを追加で作成することにより、ページを追加できます。 各ファイルは、公開元と同じディレクトリ構造で、サイト上に表示されます。 たとえば、プロジェクトサイトの公開元が `gh-pages` ブランチで、新しいファイル `/about/contact-us.md``gh-pages` ブランチに作成した場合、ファイルは {% ifversion fpt or ghec %}`https://<user>.github.io/<repository>/{% else %}`http(s)://<hostname>/pages/<username>/<repository>/{% endif %}about/contact-us.html` で表示されます。
また、サイトの見た目をカスタマイズするため、テーマを追加できます。 詳しい情報については、{% ifversion fpt or ghec %}「[テーマ選択画面で {% data variables.product.prodname_pages %} サイトにテーマを追加する](/articles/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser){% else %}「[Jekyll テーマ選択画面で {% data variables.product.prodname_pages %} サイトにテーマを追加する](/articles/adding-a-theme-to-your-github-pages-site-using-jekyll){% endif %}」を参照してください。
また、サイトの見た目をカスタマイズするため、テーマを追加できます。 詳しい情報については、「[Jekyll を使用して {% data variables.product.prodname_pages %} サイトにテーマを追加する](/articles/adding-a-theme-to-your-github-pages-site-using-jekyll)」を参照してください。
サイトを更にカスタマイズするには、Jekyll を使用できます。Jekyll は、{% data variables.product.prodname_pages %} に組み込まれている静的サイトジェネレータです。 詳しい情報については、「[{% data variables.product.prodname_pages %} と Jekyll](/articles/about-github-pages-and-jekyll)」を参照してください。
サイトを更にカスタマイズするには、Jekyll を使用できます。Jekyll は、{% data variables.product.prodname_pages %} に組み込まれている静的サイトジェネレータです。 詳しい情報については、「[{% data variables.product.prodname_pages %} と Jekyllについて](/articles/about-github-pages-and-jekyll)」を参照してください。
## 参考リンク

1
translations/ja-JP/content/pages/getting-started-with-github-pages/index.md
Просмотреть файл

@ -17,7 +17,6 @@ topics:
children:
- /about-github-pages
- /creating-a-github-pages-site
- /adding-a-theme-to-your-github-pages-site-with-the-theme-chooser
- /configuring-a-publishing-source-for-your-github-pages-site
- /changing-the-visibility-of-your-github-pages-site
- /creating-a-custom-404-page-for-your-github-pages-site

1
translations/ja-JP/content/pages/index.md
Просмотреть файл

@ -12,7 +12,6 @@ featuredLinks:
- '{% ifversion fpt or ghec %}/pages/configuring-a-custom-domain-for-your-github-pages-site/managing-a-custom-domain-for-your-github-pages-site{% endif %}'
- '{% ifversion ghes or ghae %}/pages/setting-up-a-github-pages-site-with-jekyll/creating-a-github-pages-site-with-jekyll{% endif %}'
- '{% ifversion ghec %}/pages/getting-started-with-github-pages/changing-the-visibility-of-your-github-pages-site{% endif %}'
- '{% ifversion fpt %}/pages/getting-started-with-github-pages/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser{% endif %}'
- '{% ifversion ghes or ghae %}/pages/setting-up-a-github-pages-site-with-jekyll/adding-content-to-your-github-pages-site-using-jekyll{% endif %}'
popular:
- '{% ifversion fpt or ghec %}/pages/configuring-a-custom-domain-for-your-github-pages-site/about-custom-domains-and-github-pages{% endif %}'

11
translations/ja-JP/content/pages/quickstart.md
Просмотреть файл

@ -26,11 +26,12 @@ product: '{% data reusables.gated-features.pages %}'
1. リポジトリ名として`username.github.io`を入力してください。 `username`を自分の{% data variables.product.prodname_dotcom %}ユーザ名で置き換えてください。 たとえば、ユーザ名が`octocat`なら、リポジトリ名は`octocat.github.io`となります。 ![リポジトリ名フィールド](/assets/images/help/pages/create-repository-name-pages.png)
{% data reusables.repositories.sidebar-settings %}
{% data reusables.pages.sidebar-pages %}
1. **Choose a themeテーマの選択**をクリックしてください。 ![[Choose a theme] ボタン](/assets/images/help/pages/choose-theme.png)
2. テーマ選択画面が開きます。 利用可能なテーマをブラウズし、**Select themeテーマの選択**をクリックしてテーマを選択してください。 後でテーマを変更することも容易なので、はっきりしない場合はとりあえずどれか1つを選択しておいてください。 ![テーマのオプションおよび [Select theme] ボタン](/assets/images/help/pages/select-theme.png)
3. テーマとを選択すると、ファイルエディタで`README.md`ファイルが開かれます。 `README.md`ファイルは、サイトの内容を書くところです。 このファイルを編集することも、あるいはとりあえずデフォルトの内容をそのままにしておくこともできます。
4. ファイルの編集が終わったら、**Commit changes変更をコミット**をクリックしてください。
5. `username.github.io`にアクセスして、新しいWebサイトを見てみてください。 **メモ:** サイトに対する変更は、その変更を{% data variables.product.product_name %}にプッシュしてから公開されるまでに、最大20分かかることがあります。
1. "Build and deploymentビルドとデプロイ"の下の"Sourceソース"の下で、**Deploy from a branchブランチからデプロイ**を選択してください。
1. "Build and deploymentビルドとデプロイ"の下の"Branchブランチ"の下で、**None無し**もしくは**Branchブランチ**ドロップダウンメニューを使って公開ソースを選択してください。
![公開元を選択するドロップダウンメニュー](/assets/images/help/pages/publishing-source-drop-down.png)
1. あるいは、リポジトリの`README.md`ファイルを開いてください。 `README.md`ファイルは、サイトの内容を書くところです。 このファイルを編集することも、あるいはとりあえずデフォルトの内容をそのままにしておくこともできます。
1. `username.github.io`にアクセスして、新しいWebサイトを見てみてください。 **メモ:** サイトに対する変更は、その変更を{% data variables.product.product_name %}にプッシュしてから公開されるまでに、最大10分かかることがあります。
## タイトルと説明の変更

6
translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/about-github-pages-and-jekyll.md
Просмотреть файл

@ -75,9 +75,9 @@ You can add `site.github` to a post or page to add any repository references met
{% data reusables.pages.add-jekyll-theme %} For more information, see "[Themes](https://jekyllrb.com/docs/themes/)" in the Jekyll documentation.
{% ifversion fpt or ghec %}
You can add a supported theme to your site on {% data variables.product.prodname_dotcom %}. For more information, see "[Supported themes](https://pages.github.com/themes/)" on the {% data variables.product.prodname_pages %} site and "[Adding a theme to your {% data variables.product.prodname_pages %} site with the theme chooser](/articles/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser)."
You can add a supported theme to your site on {% data variables.product.prodname_dotcom %}. For more information, see "[Supported themes](https://pages.github.com/themes/)" on the {% data variables.product.prodname_pages %} site and [Adding a theme to your {% data variables.product.prodname_pages %} site using Jekyll"](/articles/adding-a-theme-to-your-github-pages-site-using-jekyll).
To use any other open source Jekyll theme hosted on {% data variables.product.prodname_dotcom %}, you can add the theme manually.{% else %} You can add a theme to your site manually.{% endif %} For more information, see{% ifversion fpt or ghec %} [themes hosted on {% data variables.product.prodname_dotcom %}](https://github.com/topics/jekyll-theme) and{% else %} "[Supported themes](https://pages.github.com/themes/)" on the {% data variables.product.prodname_pages %} site and{% endif %} "[Adding a theme to your {% data variables.product.prodname_pages %} site using Jekyll](/articles/adding-a-theme-to-your-github-pages-site-using-jekyll)."
To use any other open source Jekyll theme hosted on {% data variables.product.prodname_dotcom %}, you can add the theme manually.{% else %} You can add a theme to your site manually.{% endif %} For more information, see{% ifversion fpt or ghec %} [themes hosted on {% data variables.product.prodname_dotcom %}](https://github.com/topics/jekyll-theme) and{% else %} "[Supported themes](https://pages.github.com/themes/)" on the {% data variables.product.prodname_pages %} site and{% endif %} "[Adding a theme to your {% data variables.product.prodname_pages %} site using Jekyll](/articles/adding-a-theme-to-your-github-pages-site-using-jekyll)".
You can override any of your theme's defaults by editing the theme's files. For more information, see your theme's documentation and "[Overriding your theme's defaults](https://jekyllrb.com/docs/themes/#overriding-theme-defaults)" in the Jekyll documentation.
@ -96,7 +96,7 @@ You can download or create Jekyll plugins to extend the functionality of Jekyll
- [`jekyll-titles-from-headings`](https://github.com/benbalter/jekyll-titles-from-headings)
- [`jekyll-relative-links`](https://github.com/benbalter/jekyll-relative-links)
You can enable additional plugins by adding the plugin's gem to the `plugins` setting in your *_config.yml* file. For more information, see "[Configuration](https://jekyllrb.com/docs/configuration/)" in the Jekyll documentation.
You can enable additional plugins by adding the plugin's gem to the `plugins` setting in your *_config.yml* file. For more information, see "[Configuration](https://jekyllrb.com/docs/configuration/)" in the Jekyll documentation.
For a list of supported plugins, see "[Dependency versions](https://pages.github.com/versions/)" on the {% data variables.product.prodname_pages %} site. For usage information for a specific plugin, see the plugin's documentation.

2
translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/about-jekyll-build-errors-for-github-pages-sites.md
Просмотреть файл

@ -26,7 +26,7 @@ shortTitle: Jekyll build errors for Pages
{% note %}
**Note:** It can take up to 20 minutes for changes to your site to publish after you push the changes to {% data variables.product.product_name %}.
**Note:** It can take up to 10 minutes for changes to your site to publish after you push the changes to {% data variables.product.product_name %}.
{% endnote %}

1
translations/ja-JP/content/pages/setting-up-a-github-pages-site-with-jekyll/adding-a-theme-to-your-github-pages-site-using-jekyll.md
Просмотреть файл

@ -6,6 +6,7 @@ redirect_from:
- /articles/adding-a-jekyll-theme-to-your-github-pages-site
- /articles/adding-a-theme-to-your-github-pages-site-using-jekyll
- /github/working-with-github-pages/adding-a-theme-to-your-github-pages-site-using-jekyll
- /pages/getting-started-with-github-pages/adding-a-theme-to-your-github-pages-site-with-the-theme-chooser
product: '{% data reusables.gated-features.pages %}'
versions:
fpt: '*'

2
translations/ja-JP/content/rest/deployments/deployments.md
Просмотреть файл

@ -19,7 +19,7 @@ miniTocMaxHeadingLevel: 3
デプロイメントのステータスには、オプションとして `description``log_url` を含めることもできます。これによりデプロイメントのステータスがより有用なものになるので、非常におすすめです。 `log_url` はデプロイメントの出力の完全な URL で、`description` はデプロイメントで発生したことの概要を示すものです。
GitHub は、新しいデプロイメント、デプロイメントのステータスが作成されたときに、`deployment` イベント、`deployment_status` イベントをディスパッチします。 これらのイベントにより、サードパーティのインテグレーションがデプロイメントのリクエストに対する応答を受けとり、進展があるたびにステータスを更新できます。
GitHub は、新しいデプロイメント、デプロイメントのステータスが作成されたときに、`deployment` イベント、`deployment_status` イベントをディスパッチします。 These events allow third-party integrations to receive and respond to deployment requests, and update the status of a deployment as progress is made.
以下は、これらの相互作用がどのように機能するかを示す簡単なシーケンス図です。

1004
translations/ja-JP/content/rest/guides/getting-started-with-the-rest-api.md
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

4
translations/ja-JP/content/rest/index.md
Просмотреть файл

@ -3,7 +3,8 @@ title: GitHubのREST API
shortTitle: REST API
intro: 'インテグレーションを作成し、データを取り出し、ワークフローを自動化するために、{% data variables.product.prodname_dotcom %}のREST APIで構築してください。'
introLinks:
quickstart: /rest/guides/getting-started-with-the-rest-api
quickstart: /rest/quickstart
overview: /rest/guides/getting-started-with-the-rest-api
featuredLinks:
guides:
- /rest/guides/getting-started-with-the-rest-api
@ -31,6 +32,7 @@ versions:
ghae: '*'
ghec: '*'
children:
- /quickstart
- /overview
- /guides
- /actions

351
translations/ja-JP/content/rest/quickstart.md Normal file
Просмотреть файл

@ -0,0 +1,351 @@
---
title: Quickstart for GitHub REST API
intro: 'Learn how to get started with the {% data variables.product.prodname_dotcom %} REST API.'
allowTitleToDifferFromFilename: true
versions:
fpt: '*'
ghes: '*'
ghae: '*'
ghec: '*'
shortTitle: クイックスタート
topics:
- API
redirect_from:
- /guides/getting-started
- /v3/guides/getting-started
miniTocMaxHeadingLevel: 3
---
This article describes how to quickly get started with the {% data variables.product.prodname_dotcom %} REST API using {% data variables.product.prodname_cli %}, JavaScript, or cURL. For a more detailed guide, see "[Getting started with the REST API](/rest/guides/getting-started-with-the-rest-api)."
{% cli %}
## Getting started using {% data variables.product.prodname_cli %}
### Using {% data variables.product.prodname_cli %} in the command line
{% data variables.product.prodname_cli %} is the easiest way to use the {% data variables.product.prodname_dotcom %} REST API from the command line.
1. Install {% data variables.product.prodname_cli %} if you haven't installed it yet. For installation instructions, see the [{% data variables.product.prodname_cli %} repository](https://github.com/cli/cli#installation).
1. Use the `auth login` subcommand to authenticate to {% data variables.product.prodname_cli %}. For more information, see the [{% data variables.product.prodname_cli %} `auth login` documentation](https://cli.github.com/manual/gh_auth_login).
```shell
gh auth login
```
1. Use the `api` subcommand to make your API request. For more information, see the [{% data variables.product.prodname_cli %} `api` documentation](https://cli.github.com/manual/gh_api).
```shell
gh api repos/octocat/Spoon-Knife/issues
```
### Using {% data variables.product.prodname_cli %} in {% data variables.product.prodname_actions %}
You can also use {% data variables.product.prodname_cli %} in your {% data variables.product.prodname_actions %} workflows. For more information, see "[Using GitHub CLI in workflows](/actions/using-workflows/using-github-cli-in-workflows)."
Instead of using the `gh auth login` command, pass an access token as an environment variable called `GH_TOKEN`. {% data variables.product.prodname_dotcom %} recommends that you use the built-in `GITHUB_TOKEN` instead of creating a token. If this is not possible, store your token as a secret and replace `GITHUB_TOKEN` in the example below with the name of your secret. For more information about `GITHUB_TOKEN`, see "[Automatic token authentication](/actions/security-guides/automatic-token-authentication)." For more information about secrets, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)."
```yaml
on:
workflow_dispatch:
jobs:
use_api:
runs-on: ubuntu-latest
permissions:
issues: read
steps:
- env:
GH_TOKEN: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %}
run: |
gh api repos/octocat/Spoon-Knife/issues
```
If you are authenticating with a {% data variables.product.prodname_github_app %}, you can create an installation access token within your workflow:
1. Store your {% data variables.product.prodname_github_app %}'s ID as a secret. In the following example, replace `APP_ID` with the name of the secret. アプリケーションIDは、アプリケーションの設定ページで、あるいはアプリケーションのAPIを通じて確認できます。 詳しい情報については「[アプリケーション](/rest/apps/apps#get-an-app)」を参照してください。 For more information about secrets, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)."
1. アプリケーションの秘密鍵を生成してください。 Store the contents of the resulting file as a secret. (ファイルの内容は、`-----BEGIN RSA PRIVATE KEY-----` and `-----END RSA PRIVATE KEY-----`という部分も含めて全体をほぞんしてください。) In the following example, replace `APP_PEM` with the name of the secret. 詳しい情報については「[{% data variables.product.prodname_github_apps %}での認証](/developers/apps/building-github-apps/authenticating-with-github-apps#generating-a-private-key)」を参照してください。
1. Add a step to generate a token, and use that token instead of `GITHUB_TOKEN`. Note that this token will expire after 60 minutes. 例:
```yaml
{% data reusables.actions.actions-not-certified-by-github-comment %}
on:
workflow_dispatch:
jobs:
track_pr:
runs-on: ubuntu-latest
steps:
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@36464acb844fc53b9b8b2401da68844f6b05ebb0
with:
app_id: {% raw %}${{ secrets.APP_ID }}{% endraw %}
private_key: {% raw %}${{ secrets.APP_PEM }}{% endraw %}
- name: Use API
env:
GH_TOKEN: {% raw %}${{ steps.generate_token.outputs.token }}{% endraw %}
run: |
gh api repos/octocat/Spoon-Knife/issues
```
{% endcli %}
{% javascript %}
## Getting started using JavaScript
You can use Octokit.js to interact with the {% data variables.product.prodname_dotcom %} REST API in your JavaScript scripts. For more information, see [the Octokit.js README](https://github.com/octokit/octokit.js/#readme).
### Using Octokit.js
1. Create an access token. For example, create a personal access token (PAT) or a {% data variables.product.prodname_github_app %} user-to-server access token. For more information, see "[Creating a personal access token](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)" or "[Identifying and authorizing users for GitHub Apps](/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps)."
{% warning %}
**Warning**: Treat your access token like a password.
To keep your token secure, you can store your token as a secret and run your script through {% data variables.product.prodname_actions %}. For more information, see the "[Using Octokit.js in {% data variables.product.prodname_actions %}](#using-octokitjs-in-github-actions)" section.
{%- ifversion fpt or ghec %}
You can also store your token as a {% data variables.product.prodname_codespaces %} secret and run your script in {% data variables.product.prodname_codespaces %}. For more information, see "[Managing encrypted secrets for your codespaces](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)."{% endif %}
If these options are not possible, consider using another service such as [the 1Password CLI](https://developer.1password.com/docs/cli/secret-references/) to store your token securely.
{% endwarning %}
1. Install `octokit`. For example, `npm install octokit`. For other ways to install or load `octokit`, see [the Octokit.js README](https://github.com/octokit/octokit.js/#readme).
1. Import `octokit` in your script. For example, `import { Octokit } from "octokit";`. For other ways to import `octokit`, see [the Octokit.js README](https://github.com/octokit/octokit.js/#readme).
1. Create an instance of `Octokit` with your token. Replace `YOUR-TOKEN` with your token.
```javascript
const octokit = new Octokit({
auth: 'YOUR-TOKEN'
});
```
1. Use `octokit.request` to execute your request. Send the HTTP method and path as the first argument. Specify any path, query, and body parameters in an object as the second argument. For example, in the following request the HTTP method is `GET`, the path is `/repos/{owner}/{repo}/issues`, and the parameters are `owner: "octocat"` and `repo: "Spoon-Knife"`.
```javascript
await octokit.request("GET /repos/{owner}/{repo}/issues", {
owner: "octocat",
repo: "Spoon-Knife",
});
```
### Using Octokit.js in {% data variables.product.prodname_actions %}
You can also execute your JavaScript scripts in your {% data variables.product.prodname_actions %} workflows. For more information, see "[Workflow syntax for GitHub Actions](/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun)."
{% data variables.product.prodname_dotcom %} recommends that you use the built-in `GITHUB_TOKEN` instead of creating a token. If this is not possible, store your token as a secret and replace `GITHUB_TOKEN` in the example below with the name of your secret. For more information about `GITHUB_TOKEN`, see "[Automatic token authentication](/actions/security-guides/automatic-token-authentication)." For more information about secrets, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)."
The following example workflow:
1. Checks out the repository content
1. Sets up Node.js
1. Installs `octokit`
1. Stores the value of `GITHUB_TOKEN` as an environment variable called `TOKEN` and runs `.github/actions-scripts/use-the-api.mjs`, which can access that environment variable as `process.env.TOKEN`
Example workflow:
```yaml
on:
workflow_dispatch:
jobs:
use_api_via_script:
runs-on: ubuntu-latest
permissions:
issues: read
steps:
- name: Check out repo content
uses: {% data reusables.actions.action-checkout %}
- name: Setup Node
uses: {% data reusables.actions.action-setup-node %}
with:
node-version: '16.15.0'
cache: npm
- name: Install dependencies
run: npm install octokit
- name: Run script
run: |
node .github/actions-scripts/use-the-api.mjs
env:
TOKEN: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %}
```
Example JavaScript script, with the file path `.github/actions-scripts/use-the-api.mjs`:
```javascript
import { Octokit } from "octokit"
const octokit = new Octokit({
auth: process.env.TOKEN
});
try {
const result = await octokit.request("GET /repos/{owner}/{repo}/issues", {
owner: "octocat",
repo: "Spoon-Knife",
});
const titleAndAuthor = result.data.map(issue => {title: issue.title, authorID: issue.user.id})
console.log(titleAndAuthor)
} catch (error) {
console.log(`Error! Status: ${error.status}. Message: ${error.response.data.message}`)
}
```
If you are authenticating with a {% data variables.product.prodname_github_app %}, you can create an installation access token within your workflow:
1. Store your {% data variables.product.prodname_github_app %}'s ID as a secret. In the following example, replace `APP_ID` with the name of the secret. アプリケーションIDは、アプリケーションの設定ページで、あるいはアプリケーションのAPIを通じて確認できます。 詳しい情報については「[アプリケーション](/rest/apps/apps#get-an-app)」を参照してください。 For more information about secrets, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)."
1. アプリケーションの秘密鍵を生成してください。 Store the contents of the resulting file as a secret. (ファイルの内容は、`-----BEGIN RSA PRIVATE KEY-----` and `-----END RSA PRIVATE KEY-----`という部分も含めて全体をほぞんしてください。) In the following example, replace `APP_PEM` with the name of the secret. 詳しい情報については「[{% data variables.product.prodname_github_apps %}での認証](/developers/apps/building-github-apps/authenticating-with-github-apps#generating-a-private-key)」を参照してください。
1. Add a step to generate a token, and use that token instead of `GITHUB_TOKEN`. Note that this token will expire after 60 minutes. 例:
```yaml
{% data reusables.actions.actions-not-certified-by-github-comment %}
on:
workflow_dispatch:
jobs:
use_api_via_script:
runs-on: ubuntu-latest
steps:
- name: Check out repo content
uses: {% data reusables.actions.action-checkout %}
- name: Setup Node
uses: {% data reusables.actions.action-setup-node %}
with:
node-version: '16.15.0'
cache: npm
- name: Install dependencies
run: npm install octokit
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@36464acb844fc53b9b8b2401da68844f6b05ebb0
with:
app_id: {% raw %}${{ secrets.APP_ID }}{% endraw %}
private_key: {% raw %}${{ secrets.APP_PEM }}{% endraw %}
- name: Run script
run: |
node .github/actions-scripts/use-the-api.mjs
env:
TOKEN: {% raw %}${{ steps.generate_token.outputs.token }}{% endraw %}
```
{% endjavascript %}
{% curl %}
## Getting started using cURL
### Using cURL in the command line
{% note %}
**Note:** If you want to make API requests from the command line, {% data variables.product.prodname_dotcom %} recommends that you use {% data variables.product.prodname_cli %}, which simplifies authentication and requests. For more information about getting started with the REST API using {% data variables.product.prodname_cli %}, see the {% data variables.product.prodname_cli %} version of this article.
{% endnote %}
1. Install cURL if cURL isn't already installed on your machine. To check if cURL is installed, execute `curl --version` in the command line. If the output is information about the cURL version, cURL is installed. If you get a message similar to `command not found: curl`, you need to download and install cURL. For more information, see [the cURL project download page](https://curl.se/download.html).
1. Create an access token. For example, create a personal access token (PAT) or a {% data variables.product.prodname_github_app %} user-to-server access token. For more information, see "[Creating a personal access token](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)" or "[Identifying and authorizing users for GitHub Apps](/developers/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps)."
{% warning %}
**Warning**: Treat your access token like a password.
{%- ifversion fpt or ghec %}
To keep your token secure, you can store your token as a {% data variables.product.prodname_codespaces %} secret and use the command line through {% data variables.product.prodname_codespaces %}. For more information, see "[Managing encrypted secrets for your codespaces](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces)."{% endif %}
You can also use {% data variables.product.prodname_cli %} instead of cURL. {% data variables.product.prodname_cli %} will take care of authentication for you. For more information, see the {% data variables.product.prodname_cli %} version of this page.
If these options are not possible, consider using another service such as [the 1Password CLI](https://developer.1password.com/docs/cli/secret-references/) to store your token securely.
{% endwarning %}
1. Use the `cURL` command to make your request. Pass your token in an `Authorization` header. Replace `YOUR-TOKEN` with your token.
```shell
curl --request GET \
--url "https://api.github.com/repos/octocat/Spoon-Knife/issues" \
--header "Accept: application/vnd.github.v3+json" \
--header "Authorization: Bearer <em>YOUR-TOKEN</em>"
```
{% note %}
**Note:** In most cases, you can use `Authorization: Bearer` or `Authorization: token`. JSON web tokens (JWTs) only work with `Authorization: Bearer`.
{% endnote %}
### Using cURL in {% data variables.product.prodname_actions %}
You can also use cURL in your {% data variables.product.prodname_actions %} workflows.
{% data variables.product.prodname_dotcom %} recommends that you use the built-in `GITHUB_TOKEN` instead of creating a token. If this is not possible, store your token as a secret and replace `GITHUB_TOKEN` in the example below with the name of your secret. For more information about `GITHUB_TOKEN`, see "[Automatic token authentication](/actions/security-guides/automatic-token-authentication)." For more information about secrets, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)."
```yaml
on:
workflow_dispatch:
jobs:
use_api:
runs-on: ubuntu-latest
permissions:
issues: read
steps:
- env:
GH_TOKEN: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %}
run: |
curl --request GET \
--url "https://api.github.com/repos/octocat/Spoon-Knife/issues" \
--header "Accept: application/vnd.github.v3+json" \
--header "Authorization: Bearer $GH_TOKEN"
```
If you are authenticating with a {% data variables.product.prodname_github_app %}, you can create an installation access token within your workflow:
1. Store your {% data variables.product.prodname_github_app %}'s ID as a secret. In the following example, replace `APP_ID` with the name of the secret. アプリケーションIDは、アプリケーションの設定ページで、あるいはアプリケーションのAPIを通じて確認できます。 詳しい情報については「[アプリケーション](/rest/apps/apps#get-an-app)」を参照してください。 For more information about secrets, see "[Encrypted secrets](/actions/security-guides/encrypted-secrets)."
1. アプリケーションの秘密鍵を生成してください。 Store the contents of the resulting file as a secret. (ファイルの内容は、`-----BEGIN RSA PRIVATE KEY-----` and `-----END RSA PRIVATE KEY-----`という部分も含めて全体をほぞんしてください。) In the following example, replace `APP_PEM` with the name of the secret. 詳しい情報については「[{% data variables.product.prodname_github_apps %}での認証](/developers/apps/building-github-apps/authenticating-with-github-apps#generating-a-private-key)」を参照してください。
1. Add a step to generate a token, and use that token instead of `GITHUB_TOKEN`. Note that this token will expire after 60 minutes. 例:
```yaml
{% data reusables.actions.actions-not-certified-by-github-comment %}
on:
workflow_dispatch:
jobs:
use_api:
runs-on: ubuntu-latest
steps:
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@36464acb844fc53b9b8b2401da68844f6b05ebb0
with:
app_id: {% raw %}${{ secrets.APP_ID }}{% endraw %}
private_key: {% raw %}${{ secrets.APP_PEM }}{% endraw %}
- name: Use API
env:
GH_TOKEN: {% raw %}${{ steps.generate_token.outputs.token }}{% endraw %}
run: |
curl --request GET \
--url "https://api.github.com/repos/octocat/Spoon-Knife/issues" \
--header "Accept: application/vnd.github.v3+json" \
--header "Authorization: Bearer $GH_TOKEN"
```
{% endcurl %}
## 次のステップ
For a more detailed guide, see "[Getting started with the REST API](/rest/guides/getting-started-with-the-rest-api)."

6
translations/ja-JP/data/features/actions-oidc-hardening-config.yml Normal file
Просмотреть файл

@ -0,0 +1,6 @@
#Reference: #7336
#General versioning for oidc hardening options
versions:
fpt: '*'
ghec: '*'
ghes: '>=3.7'

6
translations/ja-JP/data/features/dependabot-alerts-dismissal-comment.yml Normal file
Просмотреть файл

@ -0,0 +1,6 @@
#Reference: Issue #7673 - Dependabot alerts: optional comment with dismissal - [GA]
versions:
fpt: '*'
ghec: '*'
ghes: '>3.6'
ghae: 'issue-7673'

1
translations/ja-JP/data/features/dependabot-alerts-vulnerable-calls.yml
Просмотреть файл

@ -3,5 +3,4 @@
versions:
fpt: '*'
ghec: '*'
ghes: '>3.5'
ghae: 'issue-6076'

6
translations/ja-JP/data/features/enterprise-namespace-repo-setting.yml Normal file
Просмотреть файл

@ -0,0 +1,6 @@
#Reference: #7757
#Setting to disable personal namespace repo creation for EMUs, GHES 3.7+ and GHAE 3.7+ users
versions:
ghec: '*'
ghes: '>=3.7'
ghae: 'issue-7757'

3
translations/ja-JP/data/features/ip-allow-list-address-check.yml Normal file
Просмотреть файл

@ -0,0 +1,3 @@
versions:
ghec: '*'
ghae: 'issue-7818'

5
translations/ja-JP/data/features/multiple-accounts-one-workstation.yml Normal file
Просмотреть файл

@ -0,0 +1,5 @@
#Issue #7330
#Documentation for managing multiple GitHub accounts on one workstation
versions:
fpt: '*'
ghec: '*'

8
translations/ja-JP/data/features/push-protection-custom-link-orgs-beta.yml Normal file
Просмотреть файл

@ -0,0 +1,8 @@
#Issue 7299
#Push protection custom links beta flags
#See "push-protection-custom-link-orgs" for the feature
versions:
fpt: '*'
ghec: '*'
ghes: '>=3.7'
ghae: 'issue-7299'

8
translations/ja-JP/data/features/push-protection-custom-link-orgs.yml Normal file
Просмотреть файл

@ -0,0 +1,8 @@
#Issue 7299
#Push protection custom links
#See "push-protection-custom-link-orgs-beta" for the beta flags
versions:
fpt: '*'
ghec: '*'
ghes: '>=3.7'
ghae: 'issue-7299'

8
translations/ja-JP/data/features/ssh-commit-verification.yml Normal file
Просмотреть файл

@ -0,0 +1,8 @@
#Reference: github/docs-content#6709
#Initial docs for showing SSH signed commits as verified and
#uploading SSH signing keys
versions:
fpt: '*'
ghec: '*'
ghes: '>= 3.7'
ghae: '*'

2
translations/ja-JP/data/graphql/ghec/graphql_upcoming_changes.public.yml
Просмотреть файл

@ -996,7 +996,7 @@ upcoming_changes:
owner: lukewar
-
location: ProjectView.groupedItems
description: '`groupedItems` will be removed. Follow the ProjectV2 guide at https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/, to find a suitable replacement.'
description: '`groupedItems`は削除されます。適切な置き換えを見つけるには、https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/ にあるProjectV2ガイドに従ってください。'
reason: '`ProjectNext`は、より多機能な`ProjectV2`に置き換えられて非推奨になりました。'
date: '2022-10-01T00:00:00+00:00'
criticality: 破壊的

2
translations/ja-JP/data/graphql/graphql_upcoming_changes.public.yml
Просмотреть файл

@ -996,7 +996,7 @@ upcoming_changes:
owner: lukewar
-
location: ProjectView.groupedItems
description: '`groupedItems` will be removed. Follow the ProjectV2 guide at https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/, to find a suitable replacement.'
description: '`groupedItems`は削除されます。適切な置き換えを見つけるには、https://github.blog/changelog/2022-06-23-the-new-github-issues-june-23rd-update/ にあるProjectV2ガイドに従ってください。'
reason: '`ProjectNext`は、より多機能な`ProjectV2`に置き換えられて非推奨になりました。'
date: '2022-10-01T00:00:00+00:00'
criticality: 破壊的

10
translations/ja-JP/data/release-notes/enterprise-server/3-6/0.yml
Просмотреть файл

@ -61,10 +61,10 @@ sections:
-「[Secret scanningでのプッシュの保護](/code-security/secret-scanning/protecting-pushes-with-secret-scanning)」
-「[EnterpriseのAudit logイベント](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise#secret_scanning_push_protection-category-actions)」
-「[OrganizationのAudit logのレビュー]/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#secret_scanning_push_protection-category-actions)」
-「[OrganizationのAudit logのレビュー](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#secret_scanning_push_protection-category-actions)」
-REST APIドキュメンテーションの「[Secret scanning](/rest/secret-scanning#list-secret-scanning-alerts-for-an-enterprise)」
- |
GitHub Advanced Securityのライセンスがあるインスタンス上のEnterpriseのオーナーは、EntepriseのカスタムのSecret scanningパターンのdry runを実行でき、すべてのユーザはパターンを編集する際にdry runを実行できます。dry runを行うことによって、パターンがインスタンス全体に与える影響を理解し、公開してアラートを生成する前にパターンを磨き上げることができます。詳しい情報については「Secret scanningのカスタムパターンの定義](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)」を参照してください。
GitHub Advanced Securityのライセンスがあるインスタンス上のEnterpriseのオーナーは、EntepriseのカスタムのSecret scanningパターンのdry runを実行でき、すべてのユーザはパターンを編集する際にdry runを実行できます。dry runを行うことによって、パターンがインスタンス全体に与える影響を理解し、公開してアラートを生成する前にパターンを磨き上げることができます。詳しい情報については「[Secret scanningのカスタムパターンの定義](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)」を参照してください。
- |
GitHub Advanced Securityのライセンスがあるインスタンス上のユーザは、Secret scanningのアラートを取得する際にREST APIで`sort`及び`direction`パラメータを使い、アラートの`created`あるいは`updated`フィールドに基づいてソートすることができます。この新しいパラメータはインスタンス全体で、あるいは個々のOrganizationあるいはリポジトリで使用できます。詳しい情報については以下のドキュメンテーションを参照してください。
@ -94,7 +94,7 @@ sections:
インスタンスでGitHub Connectが有効化されているなら、ユーザは[GitHub Advisory Database](https://github.com/advisories)内のセキュリティアドバイザリの改善に貢献できます。貢献するには、アドバイザリの詳細を表示しているときに**Suggest improvements for this vulnerabilityこの脆弱性に改善を提案**をクリックしてください。詳しい情報については以下の記事を参照してください。
- 「[GitHub Connectの管理](/admin/configuration/configuring-github-connect/managing-github-connect)」
- GitHub Enterprise Cloudのドキュメンテーションの「GitHub Advisory Database内のセキュリティ脆弱性の閲覧](/enterprise-cloud@latest/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database)」
- GitHub Enterprise Cloudのドキュメンテーションの「[GitHub Advisory Database内のセキュリティ脆弱性の閲覧](/enterprise-cloud@latest/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/browsing-security-vulnerabilities-in-the-github-advisory-database)」
- GitHub Enterprise Cloudのドキュメンテーションの「[リポジトリのGitHub Security Advisoriesについて](/enterprise-cloud@latest/code-security/repository-security-advisories/about-github-security-advisories-for-repositories)」
- GitHub Enterprise Cloudのドキュメンテーションの「[GitHub Advisory Database中のセキュリティアドバイザリの編集](/enterprise-cloud@latest/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database)」
-
@ -150,7 +150,7 @@ sections:
- |
ユーザは、**Restrict pushes that create matching branchesマッチするブランチを作成するプッシュの制限**ブランチ保護ルールで、設定された名前のパターンにマッチするブランチの作成をブロックできます。たとえば、リポジトリのデフォルトブランチを`master`から`main`に変更した場合、リポジトリの管理者はそれ以降`master`ブランチの作成やプッシュを防ぐことができます。詳しい情報については「[保護されたブランチについて](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#restrict-who-can-push-to-matching-branches)」及び[ブランチの保護ルールの管理](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/managing-a-branch-protection-rule#creating-a-branch-protection-rule)」を参照してください。
- |
ユーザは、リポジトリの**Branchesブランチ**ページから、**New branch新規ブランチ**をクリックすることで直接ブランチを作成できます。詳しい情報については「[リポジトリ内でのブランチの作成と削除(/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository)」を参照してください。
ユーザは、リポジトリの**Branchesブランチ**ページから、**New branch新規ブランチ**をクリックすることで直接ブランチを作成できます。詳しい情報については「[リポジトリ内でのブランチの作成と削除](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository)」を参照してください。
- |
ユーザはオープンなPull Requestに関連づけられたブランチを削除できます。詳しい情報については「[リポジトリ内でのブランチの作成と削除](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-and-deleting-branches-within-your-repository)」を参照してください。
- |
@ -173,7 +173,7 @@ sections:
heading: プルリクエスト
notes:
- |
Pull Requestの**Files changed変更されたファイル**タブにあるファイルツリーを使って、ユーザは変更されたファイルに見ていき、変更のサイズとスコープを理解し、レビューに集中できます。このファイルツリーは、Pull Requestが少なくとも2つのファイルを変更しており、ブラウザのウィンドウが十分に広いときに表示されます。詳しい情報については「[Pull Requestで提案された変更のレビュー(/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request)」及び「[Pull Requestのファイルのフィルタリング](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/filtering-files-in-a-pull-request)」を参照してください。
Pull Requestの**Files changed変更されたファイル**タブにあるファイルツリーを使って、ユーザは変更されたファイルに見ていき、変更のサイズとスコープを理解し、レビューに集中できます。このファイルツリーは、Pull Requestが少なくとも2つのファイルを変更しており、ブラウザのウィンドウが十分に広いときに表示されます。詳しい情報については「[Pull Requestで提案された変更のレビュー](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request)」及び「[Pull Requestのファイルのフィルタリング](/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/filtering-files-in-a-pull-request)」を参照してください。
- |
ユーザは、すべてのsquashマージでPull Requestのタイトルをコミットメッセージとして使うことをデフォルトにできます。詳しい情報については「[Pull Requestのコミットsquashの設定](/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/configuring-commit-squashing-for-pull-requests)」を参照してください。
-

1
translations/ja-JP/data/reusables/accounts/create-personal-access-tokens.md Normal file
Просмотреть файл

@ -0,0 +1 @@
1. For each of your accounts, create a dedicated PAT with `repo` scope. 詳しい情報については、「[個人アクセストークンを作成する](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)」を参照してください。

2
translations/ja-JP/data/reusables/actions/contacting-support.md
Просмотреть файл

@ -5,5 +5,5 @@
あなたの利用方法、もしくは意図する利用方法が利用制限のカテゴリに当てはまるかどうかに関わらず、以下のいずれかの場合は{% data variables.contact.contact_support %}に連絡してください。
* アカウントに間違った制約が課されていると思われる場合
* たとえばユニークIDのような予想外のエラーに、アクションの実行時に遭遇した場合
* いずれかのアクションを実行した際に予想外のエラーが生じた場合
* 既存の動作が期待される、ただし必ずしもドキュメント化されてはいない動作と矛盾するような状況に遭遇した場合

1
translations/ja-JP/data/reusables/actions/use-request-body-api.md Normal file
Просмотреть файл

@ -0,0 +1 @@
To apply this configuration, submit a request to the API endpoint and include the required configuration in the request body. For more information, see "[Set the customization template for an OIDC subject claim for an organization](/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-an-organization)".

5
translations/ja-JP/data/reusables/advanced-security/custom-link-beta.md Normal file
Просмотреть файл

@ -0,0 +1,5 @@
{% note %}
**Note:** The ability to add resource links to blocked push messages is currently in public beta and subject to change.
{% endnote %}

6
translations/ja-JP/data/reusables/advanced-security/secret-scanning-push-protection-org.md
Просмотреть файл

@ -1,2 +1,6 @@
1. "{% data variables.product.prodname_secret_scanning_caps %}"の下の"Push protectionプッシュ保護"の下で、**Enable allすべて有効化**をクリックしてください。 ![任意のOrganizationで{% data variables.product.prodname_secret_scanning %}のプッシュ保護を有効化する方法を示しているスクリーンショット](/assets/images/help/organizations/secret-scanning-enable-push-protection.png)
1. あるいは、"Automatically enable for private repositories added to {% data variables.product.prodname_secret_scanning %}"をクリックしてください。
1. Optionally, click "Automatically enable for private repositories added to {% data variables.product.prodname_secret_scanning %}."{% ifversion push-protection-custom-link-orgs %}
1. Optionally, to include a custom link in the message that members will see when they attempt to push a secret, select **Add a resource link in the CLI and web UI when a commit is blocked**, then type a URL, and click **Save link**.
{% ifversion push-protection-custom-link-orgs-beta %}{% indented_data_reference reusables.advanced-security.custom-link-beta spaces=3 %}{% endif %}
![Screenshot showing checkbox and text field for enabling a custom link](/assets/images/help/organizations/secret-scanning-custom-link.png){% endif %}

12
translations/ja-JP/data/reusables/code-scanning/licensing-note.md
Просмотреть файл

@ -1,8 +1,12 @@
{% note %}
**ノート:** {% ifversion fpt %}
{% data variables.product.prodname_codeql_cli %}はパブリックリポジトリでは無料で使用できます。 {% data variables.product.prodname_codeql_cli %}は、{% data variables.product.prodname_ghe_cloud %}を使用し、{% data variables.product.prodname_GH_advanced_security %}のライセンスを持っているOrganizationが所有するプライベートリポジトリでも使用できます。 詳細については「[{% data variables.product.product_name %} {% data variables.product.prodname_codeql %}の利用規約](https://securitylab.github.com/tools/codeql/license)」及び「[{% data variables.product.prodname_codeql %} CLI](https://codeql.github.com/docs/codeql-cli/)」を参照してください。
{%- elsif ghec %}{% data variables.product.prodname_codeql_cli %}は{% data variables.product.prodname_dotcom_the_website %}でメンテナンスされているパブリックリポジトリでは無料で使用でき、{% data variables.product.prodname_advanced_security %}ライセンスを持っているお客様が所有するプライベートリポジトリでも使用できます。 詳細については「[{% data variables.product.product_name %} {% data variables.product.prodname_codeql %}の利用規約](https://securitylab.github.com/tools/codeql/license)」及び「[{% data variables.product.prodname_codeql %} CLI](https://codeql.github.com/docs/codeql-cli/)」を参照してください。
{%- elsif ghes or ghae %}{% data variables.product.prodname_codeql_cli %}は、{% data variables.product.prodname_advanced_security %}ライセンスを持つお客様にご利用いただけます。
**Notes:** {% ifversion fpt %}
- The {% data variables.product.prodname_codeql_cli %} is free to use on public repositories. {% data variables.product.prodname_codeql_cli %}は、{% data variables.product.prodname_ghe_cloud %}を使用し、{% data variables.product.prodname_GH_advanced_security %}のライセンスを持っているOrganizationが所有するプライベートリポジトリでも使用できます。 詳細については「[{% data variables.product.product_name %} {% data variables.product.prodname_codeql %}の利用規約](https://securitylab.github.com/tools/codeql/license)」及び「[{% data variables.product.prodname_codeql %} CLI](https://codeql.github.com/docs/codeql-cli/)」を参照してください。
{%- elsif ghec %}
- The {% data variables.product.prodname_codeql_cli %} is free to use on public repositories that are maintained on {% data variables.product.prodname_dotcom_the_website %}, and available to use on private repositories that are owned by customers with an {% data variables.product.prodname_advanced_security %} license. 詳細については「[{% data variables.product.product_name %} {% data variables.product.prodname_codeql %}の利用規約](https://securitylab.github.com/tools/codeql/license)」及び「[{% data variables.product.prodname_codeql %} CLI](https://codeql.github.com/docs/codeql-cli/)」を参照してください。
{%- elsif ghes or ghae %}
- {% data variables.product.prodname_codeql_cli %}は{% data variables.product.prodname_advanced_security %}ライセンスを持つお客様にご利用いただけます。
{% endif %}
- {% data reusables.code-scanning.non-glibc-linux-support %}
{% endnote %}

1
translations/ja-JP/data/reusables/code-scanning/non-glibc-linux-support.md Normal file
Просмотреть файл

@ -0,0 +1 @@
The {% data variables.product.prodname_codeql_cli %} is currently not compatible with non-glibc Linux distributions such as (musl-based) Alpine Linux.

6
translations/ja-JP/data/reusables/codespaces/click-remote-explorer-icon-vscode.md
Просмотреть файл

@ -1 +1,5 @@
1. {% data variables.product.prodname_vscode_shortname %}の左サイドバーで、 Remote Explorerのアイコンをクリックしてください。 ![{% data variables.product.prodname_vscode %}のRemote Explorerアイコン](/assets/images/help/codespaces/click-remote-explorer-icon-vscode.png)
1. {% data variables.product.prodname_vscode_shortname %}の左サイドバーで、 Remote Explorerのアイコンをクリックしてください。
![{% data variables.product.prodname_vscode %}のRemote Explorerアイコン](/assets/images/help/codespaces/click-remote-explorer-icon-vscode.png)
{% indented_data_reference reusables.codespaces.remote-explorer spaces=3 %}

5
translations/ja-JP/data/reusables/codespaces/codespaces-disabling-org-billing.md Normal file
Просмотреть файл

@ -0,0 +1,5 @@
{% note %}
**Note**: If you disable billable codespaces use for your organization, anyone who can create codespaces as an individual user, and can clone a repository in your organization, will still be able to create a codespace for that repository. However, this will not incur any charge for your organization. For information about restricting access to a repository, see "[Managing teams and people with access to your repository](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/managing-teams-and-people-with-access-to-your-repository)."
{% endnote %}

5
translations/ja-JP/data/reusables/codespaces/codespaces-org-policies-note.md Normal file
Просмотреть файл

@ -0,0 +1,5 @@
{% note %}
**Note**: Organization policies you define for {% data variables.product.prodname_codespaces %} only apply to codespaces for which your organization will be billed. If an individual user creates a codespace for a repository in your organization, and the organization is not billed, then the codespace will not be bound by these policies. For information on how to choose who can create codespaces that are billed to your organization, see "[Enabling {% data variables.product.prodname_github_codespaces %} for your organization](https://docs-internal-29134-ad7bd8.preview.ghdocs.com/en/codespaces/managing-codespaces-for-your-organization/enabling-github-codespaces-for-your-organization#choose-who-can-create-codespaces-that-are-billed-to-your-organization)."
{% endnote %}

4
translations/ja-JP/data/reusables/codespaces/codespaces-spending-limit-requirement.md
Просмотреть файл

@ -1,9 +1,9 @@
{% note %}
**ノート:** {% data variables.product.prodname_codespaces %}を利用するには、利用上限を設定しなければなりません。
**Note:** You must set a non-zero spending limit before you can use {% data variables.product.prodname_codespaces %}.
{% endnote %}
デフォルトでは、OrganizationもしくはEnterpriseは$0の{% data variables.product.prodname_github_codespaces %}の利用上限を持っており、これは新しいcodespaceの作成や、既存のcodespaceのオープンを禁止します。 Organiationでユーザがcodespaceを作成できるようにするには、この上限を$0よりも大きな値に設定してください。
By default, your organization or enterprise will have a {% data variables.product.prodname_github_codespaces %} spending limit of $0. This prevents new codespaces from being created, or existing codespaces from being opened, if this would incur a billable cost to your organization or enterprise. Organiationでユーザがcodespaceを作成できるようにするには、この上限を$0よりも大きな値に設定してください。
{% data reusables.billing.overages-billed-monthly %}

9
translations/ja-JP/data/reusables/codespaces/remote-explorer.md Normal file
Просмотреть файл

@ -0,0 +1,9 @@
{% note %}
**Note**: If the Remote Explorer is not displayed in the Activity Bar:
1. Access the command palette. For example, by pressing <kbd>Shift</kbd>+<kbd>Command</kbd>+<kbd>P</kbd> (Mac) / <kbd>Ctrl</kbd>+<kbd>Shift</kbd>+<kbd>P</kbd> (Windows/Linux).
1. Type: `codespaces`.
1. Click **Codespaces: Details**.
{% endnote %}

Некоторые файлы не были показаны из-за слишком большого количества измененных файлов Показать больше