зеркало из https://github.com/github/docs.git
docs-bot
GitHub
Коммит
e48ad35369
|
|
@ -21,11 +21,8 @@ shortTitle: Access organization settings
|
|||
---
|
||||
{% ifversion fpt or ghec %}
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** Only organization owners and billing managers can see and change the billing information and the full set of account settings for an organization. Organization moderators only see moderation settings. {% data reusables.organizations.new-org-permissions-more-info %}
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> Only organization owners and billing managers can see and change the billing information and the full set of account settings for an organization. Organization moderators only see moderation settings. {% data reusables.organizations.new-org-permissions-more-info %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -14,21 +14,15 @@ shortTitle: Dependency insights
|
|||
permissions: '{% data reusables.permissions.dependency-graph-view-org-insights %}'
|
||||
---
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** To view organization dependency insights, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> To view organization dependency insights, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
|
||||
## Viewing organization dependency insights
|
||||
|
||||
Dependency insights can help you track, report, and act on your organization's open source usage.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** Please make sure you have enabled the [Dependency Graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-the-dependency-graph).
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> Please make sure you have enabled the [Dependency Graph](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-the-dependency-graph).
|
||||
|
||||
With dependency insights you can view vulnerabilities, licenses, and other important information for the open source projects your organization depends on.
|
||||
|
||||
|
|
|
|||
|
|
@ -26,11 +26,8 @@ You can link to any team discussion to reference it elsewhere. You can pin impor
|
|||
|
||||
When someone posts or replies to a public discussion on a team's page, members of the team and members of any child teams receive email or web notifications. When someone posts or replies to a private discussion on a team's page, only members of the team receive notifications.
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** Depending on your notification settings, you'll receive updates by email, the web notifications page on {% data variables.product.product_name %}, or both. For more information, see "[AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications)."
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> Depending on your notification settings, you'll receive updates by email, the web notifications page on {% data variables.product.product_name %}, or both. For more information, see "[AUTOTITLE](/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications)."
|
||||
|
||||
By default, if your username is mentioned in a team discussion, you'll receive notifications for the post mentioning your username and any replies to that post. Also, by default, if you reply to a post, you will receive notifications for other replies to the post.
|
||||
|
||||
|
|
|
|||
|
|
@ -14,11 +14,8 @@ shortTitle: Manage bots & service accounts
|
|||
|
||||
To retain access for bots and service accounts, organization administrators can [enable](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization), but **not** [enforce](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization) SAML single sign-on for their organization. If you need to enforce SAML single sign-on for your organization, you can create an external identity for the bot or service account with your identity provider (IdP).
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Note:** If you enforce SAML single sign-on for your organization and **do not** have external identities set up for bots and service accounts with your IdP, they will be removed from your organization.
|
||||
|
||||
{% endwarning %}
|
||||
> [!NOTE]
|
||||
> If you enforce SAML single sign-on for your organization and **do not** have external identities set up for bots and service accounts with your IdP, they will be removed from your organization.
|
||||
|
||||
## Further reading
|
||||
|
||||
|
|
|
|||
|
|
@ -26,14 +26,11 @@ You can view and revoke each member's linked identity, active sessions, and auth
|
|||
|
||||
When available, the entry will include SCIM data. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)."
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning:** For organizations using SCIM:
|
||||
* Revoking a linked user identity on {% data variables.product.product_name %} will also remove the SAML and SCIM metadata. As a result, the identity provider will not be able to synchronize or deprovision the linked user identity.
|
||||
* An admin must revoke a linked identity through the identity provider.
|
||||
* To revoke a linked identity and link a different account through the identity provider, an admin can remove and re-assign the user to the {% data variables.product.product_name %} application. For more information, see your identity provider's documentation.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> For organizations using SCIM:
|
||||
> * Revoking a linked user identity on {% data variables.product.product_name %} will also remove the SAML and SCIM metadata. As a result, the identity provider will not be able to synchronize or deprovision the linked user identity.
|
||||
> * An admin must revoke a linked identity through the identity provider.
|
||||
> * To revoke a linked identity and link a different account through the identity provider, an admin can remove and re-assign the user to the {% data variables.product.product_name %} application. For more information, see your identity provider's documentation.
|
||||
|
||||
{% data reusables.identity-and-permissions.revoking-identity-team-sync %}
|
||||
|
||||
|
|
|
|||
|
|
@ -12,15 +12,12 @@ shortTitle: Audit log events
|
|||
autogenerated: audit-logs
|
||||
---
|
||||
|
||||
{% note %}
|
||||
|
||||
**Notes**:
|
||||
> [!NOTE]
|
||||
{% ifversion ghes %}
|
||||
* This article contains the events available in the latest version of {% data variables.product.prodname_ghe_server %}. Some of the events may not be available in previous versions.{% endif %}
|
||||
* This article contains the events that may appear in your organization's audit log. For the events that can appear in a user account's security log{% ifversion ghec or ghes %} or the audit log for an enterprise{% endif %}, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/security-log-events){% ifversion ghec or ghes %}" and "[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise)."{% else %}."{% endif %}
|
||||
* {% data reusables.webhooks.webhooks-as-audit-log-alternative %}
|
||||
|
||||
{% endnote %}
|
||||
> * This article contains the events available in the latest version of {% data variables.product.prodname_ghe_server %}. Some of the events may not be available in previous versions.
|
||||
{% endif %}
|
||||
> * This article contains the events that may appear in your organization's audit log. For the events that can appear in a user account's security log{% ifversion ghec or ghes %} or the audit log for an enterprise{% endif %}, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/security-log-events){% ifversion ghec or ghes %}" and "[AUTOTITLE](/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise)."{% else %}."{% endif %}
|
||||
> * {% data reusables.webhooks.webhooks-as-audit-log-alternative %}
|
||||
|
||||
## About audit log events for your organization
|
||||
|
||||
|
|
|
|||
|
|
@ -13,11 +13,8 @@ topics:
|
|||
- Security
|
||||
---
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** Displaying IP addresses in the audit log for an organization is in {% data variables.release-phases.public_preview %} and subject to change.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> Displaying IP addresses in the audit log for an organization is in {% data variables.release-phases.public_preview %} and subject to change.
|
||||
|
||||
## About display of IP addresses in the audit log
|
||||
|
||||
|
|
|
|||
|
|
@ -20,14 +20,11 @@ By default, authorized users can access your organization's resources from any I
|
|||
{% data reusables.identity-and-permissions.ip-allow-lists-cidr-notation %}
|
||||
|
||||
{% ifversion ghec %}
|
||||
{% note %}
|
||||
|
||||
**Notes:**
|
||||
> [!NOTE]
|
||||
> * Only organizations that use {% data variables.product.prodname_ghe_cloud %} can use IP allow lists. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
> * If you configure an IP allow list for your organization you won't be able to use {% data variables.product.prodname_github_codespaces %} for repositories owned by the organization.
|
||||
|
||||
* Only organizations that use {% data variables.product.prodname_ghe_cloud %} can use IP allow lists. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
* If you configure an IP allow list for your organization you won't be able to use {% data variables.product.prodname_github_codespaces %} for repositories owned by the organization.
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
{% data reusables.identity-and-permissions.ip-allow-lists-which-resources-are-protected %}
|
||||
|
|
@ -40,11 +37,8 @@ If you set up an allow list you can also choose to automatically add to your all
|
|||
|
||||
You can also configure allowed IP addresses at the enterprise account level, and the entries in the enterprise account's allow list are inherited by all the organizations owned by the enterprise. {% data reusables.identity-and-permissions.org-enterprise-allow-list-interaction %} For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-allowed-ip-addresses-for-organizations-in-your-enterprise)."
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning:** Losing access to the IP addresses in your IP allow list could result in unintended consequences, such as getting locked out of your enterprise or organization.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> Losing access to the IP addresses in your IP allow list could result in unintended consequences, such as getting locked out of your enterprise or organization.
|
||||
|
||||
As a best practice, to ensure both secure and reliable access to your enterprise and organization resources when creating an IP allow list, consider the following:
|
||||
|
||||
|
|
|
|||
|
|
@ -51,19 +51,13 @@ You can use security overview to find a set of repositories and enable or disabl
|
|||
|
||||
{% data reusables.advanced-security.note-org-enable-uses-seats %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If you encounter an error that reads "GitHub Advanced Security cannot be enabled because of a policy setting for the organization," contact your enterprise admin and ask them to change the GitHub Advanced Security policy for your enterprise. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If you encounter an error that reads "GitHub Advanced Security cannot be enabled because of a policy setting for the organization," contact your enterprise admin and ask them to change the GitHub Advanced Security policy for your enterprise. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise)."
|
||||
|
||||
{% ifversion dependabot-alerts-enterprise-enablement %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** When {% data variables.product.prodname_dependabot_alerts %} are enabled or disabled at the enterprise level, it overrides the organization level settings for {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts#managing-dependabot-alerts-for-your-enterprise)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> When {% data variables.product.prodname_dependabot_alerts %} are enabled or disabled at the enterprise level, it overrides the organization level settings for {% data variables.product.prodname_dependabot_alerts %}. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts#managing-dependabot-alerts-for-your-enterprise)."
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
@ -79,13 +73,9 @@ You can use security overview to find a set of repositories and enable or disabl
|
|||
* Automatic enablement for a specific type of repository
|
||||
* Feature-specific settings, such as recommending the extended query suite for {% data variables.product.prodname_code_scanning %} default setup throughout your organization, or automatic secret validation for {% data variables.product.prodname_secret_scanning %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Notes:**
|
||||
* {% data reusables.code-scanning.limitation-org-enable-all %}{% ifversion bulk-code-scanning-query-suite %}
|
||||
* Enabling {% data variables.product.prodname_code_scanning %} for all eligible repositories in an organization will not override existing {% data variables.product.prodname_code_scanning %} configurations. For information on configuring default setup with different settings for specific repositories, see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning){% ifversion code-security-multi-repo-enablement %}" and "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale#configuring-default-setup-for-a-subset-of-repositories-in-an-organization){% endif %}."{% endif %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> * {% data reusables.code-scanning.limitation-org-enable-all %}{% ifversion bulk-code-scanning-query-suite %}
|
||||
> * Enabling {% data variables.product.prodname_code_scanning %} for all eligible repositories in an organization will not override existing {% data variables.product.prodname_code_scanning %} configurations. For information on configuring default setup with different settings for specific repositories, see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning){% ifversion code-security-multi-repo-enablement %}" and "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale#configuring-default-setup-for-a-subset-of-repositories-in-an-organization){% endif %}."{% endif %}
|
||||
|
||||
{% data reusables.security.displayed-information %}
|
||||
|
||||
|
|
@ -105,11 +95,10 @@ By default, {% data variables.product.prodname_dependabot %} can't update depend
|
|||
If your code depends on packages in a private{% ifversion ghec or ghes %} or internal{% endif %} registry, you can allow {% data variables.product.prodname_dependabot %} to update the versions of these dependencies by configuring this at the repository level. You do this by adding authentication details to the `dependabot.yml` file for the repository. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#configuration-options-for-private-registries)."
|
||||
|
||||
{% ifversion ghec %}
|
||||
{% note %}
|
||||
|
||||
**Note:** For the option to grant {% data variables.product.prodname_dependabot %} access to private or internal repositories to be available, you need {% data variables.product.prodname_dependabot_version_updates %} or {% data variables.product.prodname_dependabot_security_updates %} to be enabled on at least one repository within the organization.
|
||||
> [!NOTE]
|
||||
> For the option to grant {% data variables.product.prodname_dependabot %} access to private or internal repositories to be available, you need {% data variables.product.prodname_dependabot_version_updates %} or {% data variables.product.prodname_dependabot_security_updates %} to be enabled on at least one repository within the organization.
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
{% ifversion security-configurations %}
|
||||
|
|
@ -148,11 +137,8 @@ You can manage access to {% data variables.product.prodname_GH_advanced_security
|
|||
1. To remove access to {% data variables.product.prodname_GH_advanced_security %} from a repository and free up {% ifversion ghas-billing-UI-update %}licenses{% else %}seats{% endif %} used by any active committers that are unique to the repository, click the adjacent {% octicon "x" aria-label="X symbol" %}.
|
||||
1. In the confirmation dialog, click **Remove repository** to remove access to the features of {% data variables.product.prodname_GH_advanced_security %}.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If you remove access to {% data variables.product.prodname_GH_advanced_security %} for a repository, you should communicate with the affected development team so that they know that the change was intended. This ensures that they don't waste time debugging failed runs of code scanning.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If you remove access to {% data variables.product.prodname_GH_advanced_security %} for a repository, you should communicate with the affected development team so that they know that the change was intended. This ensures that they don't waste time debugging failed runs of code scanning.
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -25,11 +25,10 @@ shortTitle: Restrict email notifications
|
|||
When restricted email notifications are enabled in an organization, members can only use an email address associated with a verified or approved domain to receive email notifications about organization activity. For more information, see "[AUTOTITLE](/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization)."
|
||||
|
||||
{% ifversion ghec %}
|
||||
{% note %}
|
||||
|
||||
**Note:** To restrict email notifications, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
> [!NOTE]
|
||||
> To restrict email notifications, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
{% data reusables.notifications.email-restrictions-verification %}
|
||||
|
|
|
|||
|
|
@ -17,11 +17,8 @@ shortTitle: Review audit log
|
|||
|
||||
## Accessing the audit log
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** {% data reusables.webhooks.webhooks-as-audit-log-alternative %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> {% data reusables.webhooks.webhooks-as-audit-log-alternative %}
|
||||
|
||||
The audit log lists events triggered by activities that affect your organization within the last 180 days. Only owners can access an organization's audit log.
|
||||
|
||||
|
|
@ -161,11 +158,8 @@ For example:
|
|||
* `created:<=2014-07-08` finds all events that occurred on or before July 8th, 2014.
|
||||
* `created:2014-07-01..2014-07-31` finds all events that occurred in the month of July 2014.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: The audit log contains data for the last 180 days.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> The audit log contains data for the last 180 days.
|
||||
|
||||
### Search based on location
|
||||
|
||||
|
|
@ -206,11 +200,8 @@ You can interact with the audit log using the GraphQL API{% ifversion fpt or ghe
|
|||
|
||||
{% ifversion ghec %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** To use the audit log API, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> To use the audit log API, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
|
||||
### Using the GraphQL API
|
||||
|
||||
|
|
|
|||
|
|
@ -14,11 +14,8 @@ shortTitle: Manage bots & service accounts
|
|||
|
||||
You should ensure that 2FA is enabled for unattended or shared access accounts in your organization, such as bots and service accounts, so that these accounts stay protected. Enabling 2FA for a bot or service account ensures that users must authenticate with 2FA to sign in to the account on {% data variables.location.product_location %}. It does not affect the account's ability to authenticate with its existing tokens in automations.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** When you require use of two-factor authentication for your organization, unattended accounts that do not use 2FA will be removed from the organization and will lose access to its repositories.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> When you require use of two-factor authentication for your organization, unattended accounts that do not use 2FA will be removed from the organization and will lose access to its repositories.
|
||||
|
||||
## Managing shared access to bots or service accounts with 2FA
|
||||
|
||||
|
|
@ -28,11 +25,9 @@ You should ensure that 2FA is enabled for unattended or shared access accounts i
|
|||
1. Add the new mailing list address as a verified email address in the settings of the shared account. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account)."
|
||||
1. If you haven't already done so, configure 2FA for the bot or service account using an authenticator app (TOTP). For more information, see "[AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa)."
|
||||
1. Store the TOTP secret that's offered during 2FA setup in the password manager used by your organization.
|
||||
{% note %}
|
||||
|
||||
**Note:** Don't store the password for the shared account in the password manager. You will use the password reset functionality every time you need to sign in to the shared account.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> Don't store the password for the shared account in the password manager. You will use the password reset functionality every time you need to sign in to the shared account.
|
||||
|
||||
If you have already configured 2FA using TOTP and you need to locate the TOTP secret, use the following steps:
|
||||
|
||||
|
|
|
|||
|
|
@ -28,25 +28,17 @@ product: 'Requiring two-factor authentication is available to organizations on a
|
|||
|
||||
You can also require two-factor authentication for organizations in an enterprise. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise)."
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: Some of the users in your organization may have been selected for mandatory two-factor authentication enrollment by {% data variables.product.prodname_dotcom %}, but it has no impact on how you enable the 2FA requirement for your organization. If you enable the 2FA requirement in your organization, all users without 2FA currently enabled will be removed from your organization, including those that are required to enable it by {% data variables.product.prodname_dotcom %}.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> Some of the users in your organization may have been selected for mandatory two-factor authentication enrollment by {% data variables.product.prodname_dotcom %}, but it has no impact on how you enable the 2FA requirement for your organization. If you enable the 2FA requirement in your organization, all users without 2FA currently enabled will be removed from your organization, including those that are required to enable it by {% data variables.product.prodname_dotcom %}.
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warnings:**
|
||||
|
||||
* When you require use of two-factor authentication for your organization, {% ifversion fpt or ghec %}members and billing managers{% else %}members{% endif %} who do not use 2FA will not be able to access your organization's resources until they enable 2FA on their account. They will retain membership even without 2FA, including occupying seats in your organization.
|
||||
* When you require use of two-factor authentication for your organization, outside collaborators who do not use 2FA will be removed from the organization and lose access to its repositories. They will also lose access to their forks of the organization's private repositories. You can reinstate their access privileges and settings if they enable 2FA for their personal account within three months of their removal from your organization. For more information, see "[AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization)."
|
||||
* You will also need to enable two-factor authentication for unattended or shared access accounts that are outside collaborators, such as bots and service accounts. If you do not configure 2FA for these unattended outside collaborator accounts after you've enabled required 2FA, the accounts will be removed from the organization and lose access to their repositories. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/managing-bots-and-service-accounts-with-two-factor-authentication)."
|
||||
* If an outside collaborator disables two-factor authentication for their personal account after you've enabled required 2FA, they will automatically be removed from the organization.
|
||||
* If you're the sole owner of an organization that requires two-factor authentication, you won't be able to disable 2FA for your personal account without disabling required 2FA for the organization.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> * When you require use of two-factor authentication for your organization, {% ifversion fpt or ghec %}members and billing managers{% else %}members{% endif %} who do not use 2FA will not be able to access your organization's resources until they enable 2FA on their account. They will retain membership even without 2FA, including occupying seats in your organization.
|
||||
> * When you require use of two-factor authentication for your organization, outside collaborators who do not use 2FA will be removed from the organization and lose access to its repositories. They will also lose access to their forks of the organization's private repositories. You can reinstate their access privileges and settings if they enable 2FA for their personal account within three months of their removal from your organization. For more information, see "[AUTOTITLE](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization)."
|
||||
> * You will also need to enable two-factor authentication for unattended or shared access accounts that are outside collaborators, such as bots and service accounts. If you do not configure 2FA for these unattended outside collaborator accounts after you've enabled required 2FA, the accounts will be removed from the organization and lose access to their repositories. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/managing-bots-and-service-accounts-with-two-factor-authentication)."
|
||||
> * If an outside collaborator disables two-factor authentication for their personal account after you've enabled required 2FA, they will automatically be removed from the organization.
|
||||
> * If you're the sole owner of an organization that requires two-factor authentication, you won't be able to disable 2FA for your personal account without disabling required 2FA for the organization.
|
||||
|
||||
{% data reusables.two_fa.auth_methods_2fa %}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,11 +15,8 @@ topics:
|
|||
shortTitle: View 2FA usage
|
||||
---
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** You can require that all members{% ifversion fpt or ghec %}, including, owners, billing managers and{% else %} and{% endif %} outside collaborators in your organization have two-factor authentication enabled. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> You can require that all members{% ifversion fpt or ghec %}, including, owners, billing managers and{% else %} and{% endif %} outside collaborators in your organization have two-factor authentication enabled. For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization)."
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.user-settings.access_org %}
|
||||
|
|
|
|||
|
|
@ -19,11 +19,8 @@ By default, organization members have write access to their organization's {% da
|
|||
|
||||
## Setting a baseline permission level for all organization members
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** You can give an organization member higher permissions to {% data variables.projects.projects_v1_board %}. For more information, see "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)."
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> You can give an organization member higher permissions to {% data variables.projects.projects_v1_board %}. For more information, see "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)."
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.user-settings.access_org %}
|
||||
|
|
|
|||
|
|
@ -16,11 +16,8 @@ allowTitleToDifferFromFilename: true
|
|||
|
||||
{% data reusables.projects.project_boards_old %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** {% data reusables.project-management.cascading-permissions %} For more information, see "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> {% data reusables.project-management.cascading-permissions %} For more information, see "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)."
|
||||
|
||||
## Giving an organization member access to a {% data variables.projects.projects_v1_board %}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,23 +15,16 @@ allowTitleToDifferFromFilename: true
|
|||
|
||||
{% data reusables.projects.project_boards_old %}
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warnings:**
|
||||
* You can change a team's permission level if the team has direct access to a {% data variables.projects.projects_v1_board %}. If the team's access to the {% data variables.projects.projects_v1_board %} is inherited from a parent team, you must change the parent team's access to the {% data variables.projects.projects_v1_board %}.
|
||||
* If you add or remove {% data variables.projects.projects_v1_board %} access for a parent team, each of that parent's child teams will also receive or lose access to the {% data variables.projects.projects_v1_board %}. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)."
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> * You can change a team's permission level if the team has direct access to a {% data variables.projects.projects_v1_board %}. If the team's access to the {% data variables.projects.projects_v1_board %} is inherited from a parent team, you must change the parent team's access to the {% data variables.projects.projects_v1_board %}.
|
||||
> * If you add or remove {% data variables.projects.projects_v1_board %} access for a parent team, each of that parent's child teams will also receive or lose access to the {% data variables.projects.projects_v1_board %}. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)."
|
||||
|
||||
## Giving a team access to a {% data variables.projects.projects_v1_board %}
|
||||
|
||||
You can give an entire team the same permission level to a {% data variables.projects.projects_v1_board %}.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** {% data reusables.project-management.cascading-permissions %} For example, if an organization owner has given a team read permissions to a {% data variables.projects.projects_v1_board %}, and a {% data variables.projects.projects_v1_board %} admin gives one of the team members admin permissions to that board as an individual collaborator, that person would have admin permissions to the {% data variables.projects.projects_v1_board %}. For more information see, "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> {% data reusables.project-management.cascading-permissions %} For example, if an organization owner has given a team read permissions to a {% data variables.projects.projects_v1_board %}, and a {% data variables.projects.projects_v1_board %} admin gives one of the team members admin permissions to that board as an individual collaborator, that person would have admin permissions to the {% data variables.projects.projects_v1_board %}. For more information see, "[AUTOTITLE](/organizations/managing-access-to-your-organizations-project-boards/project-board-permissions-for-an-organization)."
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.user-settings.access_org %}
|
||||
|
|
|
|||
|
|
@ -49,11 +49,8 @@ If your organization doesn't require SSH certificates, contributors can continue
|
|||
|
||||
When you issue each certificate, you must include an extension that specifies which {% data variables.product.product_name %} user the certificate is for. You can reference the user using their login handle{% ifversion ssh-ca-expires %} or their user ID{% endif %}. For example, you can use OpenSSH's `ssh-keygen` command, replacing KEY-IDENTITY with your key identity and USERNAME with a {% data variables.product.product_name %} username{% ifversion ssh-ca-expires %} or user ID{% endif %}. The certificate you generate will be authorized to act on behalf of that user for any of your organization's resources. Make sure you validate the user's identity before you issue the certificate.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** You must update to OpenSSH 7.6 or later to use these commands.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> You must update to OpenSSH 7.6 or later to use these commands.
|
||||
|
||||
To use the `login` to identify the user, use `extension:login`:
|
||||
|
||||
|
|
@ -69,11 +66,9 @@ ssh-keygen -s ./ca-key -V '+1d' -I KEY-IDENTITY -O extension:id@{% data variable
|
|||
```
|
||||
|
||||
{% endif %}
|
||||
{% warning %}
|
||||
|
||||
**Warning**: After a certificate has been signed and issued, the certificate cannot be revoked.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> After a certificate has been signed and issued, the certificate cannot be revoked.
|
||||
|
||||
For CAs uploaded {% ifversion ghec %}after March 27th, 2024{% elsif ghes %}to {% data variables.product.prodname_ghe_server %} version 3.13 or later{% endif %}, you {% ifversion ghes < 3.13 %}will need to{% else %}must{% endif %} use the `-V` flag to configure a lifetime less than 366 days for the certificate. For CAs uploaded {% ifversion ghec %}before this date{% elsif ghes %}before version 3.13{% endif %}, the `-V` flag is optional, and you can create certificates that are irrevocable and live forever.
|
||||
|
||||
|
|
|
|||
|
|
@ -23,13 +23,10 @@ shortTitle: Invite users to join
|
|||
|
||||
You can use a person's {% data variables.product.company_short %} username or email address for the invitation.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If you use an email address for the invitation, the invitee will only be able to accept the invitation if the email address matches with a verified email address associated with the invitee's personal account on {% data variables.product.prodname_dotcom %}. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address)."
|
||||
|
||||
If an invitee's personal account has been flagged, the invitee won't be able to accept any new or pending invitations to join organizations.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If you use an email address for the invitation, the invitee will only be able to accept the invitation if the email address matches with a verified email address associated with the invitee's personal account on {% data variables.product.prodname_dotcom %}. For more information, see "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address)."
|
||||
>
|
||||
> If an invitee's personal account has been flagged, the invitee won't be able to accept any new or pending invitations to join organizations.
|
||||
|
||||
If your organization has a paid per-user subscription, an unused license must be available before you can invite a new member to join the organization or reinstate a former organization member. For more information, see "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/about-per-user-pricing)."
|
||||
|
||||
|
|
|
|||
|
|
@ -20,29 +20,23 @@ permissions: Organization owners can remove members from an organization.
|
|||
|
||||
{% ifversion fpt or ghec %}
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning:** When you remove members from an organization:
|
||||
* The paid license count does not automatically downgrade. To pay for fewer licenses after removing users from your organization, follow the steps in "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/downgrading-your-accounts-plan)."
|
||||
* Removed members will lose access to private forks of your organization's private repositories, but they may still have local copies. However, they cannot sync local copies with your organization's repositories. Their private forks can be restored if the user is [reinstated as an organization member](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization) within three months of being removed from the organization. Ultimately, you are responsible for ensuring that people who have lost access to a repository delete any confidential information or intellectual property.
|
||||
* When private repositories are forked to other organizations, those organizations are able to control access to the fork network. This means users may retain access to the forks even after losing access to the original organization because they will still have explicit access via a fork.
|
||||
> [!WARNING]
|
||||
> When you remove members from an organization:
|
||||
> * The paid license count does not automatically downgrade. To pay for fewer licenses after removing users from your organization, follow the steps in "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/downgrading-your-accounts-plan)."
|
||||
> * Removed members will lose access to private forks of your organization's private repositories, but they may still have local copies. However, they cannot sync local copies with your organization's repositories. Their private forks can be restored if the user is [reinstated as an organization member](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization) within three months of being removed from the organization. Ultimately, you are responsible for ensuring that people who have lost access to a repository delete any confidential information or intellectual property.
|
||||
> * When private repositories are forked to other organizations, those organizations are able to control access to the fork network. This means users may retain access to the forks even after losing access to the original organization because they will still have explicit access via a fork.
|
||||
{%- ifversion ghec %}
|
||||
* Removed members will also lose access to private forks of your organization's internal repositories, if the removed member is not a member of any other organization owned by the same enterprise account. For more information, see "[AUTOTITLE](/admin/overview/about-enterprise-accounts)."
|
||||
> * Removed members will also lose access to private forks of your organization's internal repositories, if the removed member is not a member of any other organization owned by the same enterprise account. For more information, see "[AUTOTITLE](/admin/overview/about-enterprise-accounts)."
|
||||
{%- endif %}
|
||||
* Any organization invitations sent by a removed member, that have not been accepted, are canceled and will not be accessible.
|
||||
|
||||
{% endwarning %}
|
||||
> * Any organization invitations sent by a removed member, that have not been accepted, are canceled and will not be accessible.
|
||||
|
||||
{% else %}
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning:** When you remove members from an organization:
|
||||
* Removed members will lose access to private forks of your organization's private repositories, but may still have local copies. However, they cannot sync local copies with your organization's repositories. Their private forks can be restored if the user is [reinstated as an organization member](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization) within three months of being removed from the organization. Ultimately, you are responsible for ensuring that people who have lost access to a repository delete any confidential information or intellectual property.
|
||||
* Removed members will also lose access to private forks of your organization's internal repositories, if the removed member is not a member of any other organization in your enterprise.
|
||||
* Any organization invitations sent by the removed user, that have not been accepted, are canceled and will not be accessible.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> When you remove members from an organization:
|
||||
> * Removed members will lose access to private forks of your organization's private repositories, but may still have local copies. However, they cannot sync local copies with your organization's repositories. Their private forks can be restored if the user is [reinstated as an organization member](/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization) within three months of being removed from the organization. Ultimately, you are responsible for ensuring that people who have lost access to a repository delete any confidential information or intellectual property.
|
||||
> * Removed members will also lose access to private forks of your organization's internal repositories, if the removed member is not a member of any other organization in your enterprise.
|
||||
> * Any organization invitations sent by the removed user, that have not been accepted, are canceled and will not be accessible.
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -26,11 +26,8 @@ Even if you restrict {% data variables.product.prodname_oauth_apps %} access in
|
|||
|
||||
{% data reusables.organizations.oauth_app_restrictions_default %}
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip**: When an organization has not set up {% data variables.product.prodname_oauth_app %} access restrictions, any {% data variables.product.prodname_oauth_app %} authorized by an organization member can also access the organization's private resources.
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> When an organization has not set up {% data variables.product.prodname_oauth_app %} access restrictions, any {% data variables.product.prodname_oauth_app %} authorized by an organization member can also access the organization's private resources.
|
||||
|
||||
{% ifversion fpt %}
|
||||
To further protect your organization's resources, you can upgrade to {% data variables.product.prodname_ghe_cloud %}, which includes security features like SAML single sign-on. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
|
|
|
|||
|
|
@ -15,11 +15,8 @@ topics:
|
|||
shortTitle: Unrestrict {% data variables.product.prodname_oauth_apps %}
|
||||
---
|
||||
|
||||
{% danger %}
|
||||
|
||||
**Warning**: When you disable {% data variables.product.prodname_oauth_app %} access restrictions for your organization, any organization member will automatically authorize {% data variables.product.prodname_oauth_app %} access to the organization's private resources when they approve an application for use in their personal account settings.
|
||||
|
||||
{% enddanger %}
|
||||
> [!WARNING]
|
||||
> When you disable {% data variables.product.prodname_oauth_app %} access restrictions for your organization, any organization member will automatically authorize {% data variables.product.prodname_oauth_app %} access to the organization's private resources when they approve an application for use in their personal account settings.
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.profile.org_settings %}
|
||||
|
|
|
|||
|
|
@ -19,14 +19,10 @@ shortTitle: Restrict {% data variables.product.prodname_oauth_apps %}
|
|||
|
||||
Even if you restrict {% data variables.product.prodname_oauth_apps %} access in your organization, users can still authorize internal {% data variables.product.prodname_oauth_apps %} and use them to access data from the organization. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/internal-oauth-apps)."
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warnings**:
|
||||
* Enabling {% data variables.product.prodname_oauth_app %} access restrictions will revoke organization access for all previously authorized {% data variables.product.prodname_oauth_apps %} and SSH keys. For more information, see "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions)."
|
||||
* Once you've set up {% data variables.product.prodname_oauth_app %} access restrictions, make sure to reauthorize any {% data variables.product.prodname_oauth_app %} that require access to the organization's private data on an ongoing basis. All organization members will need to create new SSH keys, and the organization will need to create new deploy keys as needed.
|
||||
* When {% data variables.product.prodname_oauth_app %} access restrictions are enabled, applications can use an OAuth token to access information about {% data variables.product.prodname_marketplace %} transactions.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> * Enabling {% data variables.product.prodname_oauth_app %} access restrictions will revoke organization access for all previously authorized {% data variables.product.prodname_oauth_apps %} and SSH keys. For more information, see "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions)."
|
||||
> * Once you've set up {% data variables.product.prodname_oauth_app %} access restrictions, make sure to reauthorize any {% data variables.product.prodname_oauth_app %} that require access to the organization's private data on an ongoing basis. All organization members will need to create new SSH keys, and the organization will need to create new deploy keys as needed.
|
||||
> * When {% data variables.product.prodname_oauth_app %} access restrictions are enabled, applications can use an OAuth token to access information about {% data variables.product.prodname_marketplace %} transactions.
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.profile.org_settings %}
|
||||
|
|
|
|||
|
|
@ -11,11 +11,8 @@ topics:
|
|||
|
||||
{% ifversion fpt or ghec %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** You can only archive an organization if it's using {% data variables.product.prodname_free_team %} or if the organization is part of an enterprise. If you want to archive an individually-billed organization, you must downgrade your organization to {% data variables.product.prodname_free_team %} first. For more information, see "[AUTOTITLE](/billing/managing-billing-for-your-github-account/downgrading-your-github-subscription)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> You can only archive an organization if it's using {% data variables.product.prodname_free_team %} or if the organization is part of an enterprise. If you want to archive an individually-billed organization, you must downgrade your organization to {% data variables.product.prodname_free_team %} first. For more information, see "[AUTOTITLE](/billing/managing-billing-for-your-github-account/downgrading-your-github-subscription)."
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -88,11 +88,8 @@ https://api.github.com/graphql
|
|||
|
||||
### 2. Create a runner group for your organization
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** For the runner group to be accessible by repositories within your organizations, those repositories must have access to that runner group at the organization level. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/controlling-access-to-larger-runners#changing-which-repositories-can-access-a-runner-group)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> For the runner group to be accessible by repositories within your organizations, those repositories must have access to that runner group at the organization level. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/controlling-access-to-larger-runners#changing-which-repositories-can-access-a-runner-group)."
|
||||
|
||||
1. Create a new runner group for your organization. For more information about how to create a runner group, see "[AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/controlling-access-to-larger-runners#creating-a-runner-group-for-an-organization)."
|
||||
1. To choose a policy for repository access, select the **Repository access** dropdown menu and click a policy. You can configure a runner group to be accessible to a specific list of repositories, or all repositories in the organization.
|
||||
|
|
@ -101,11 +98,8 @@ https://api.github.com/graphql
|
|||
|
||||
### 3. Add the {% data variables.product.company_short %}-hosted runner to the organization runner group
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** When adding your {% data variables.product.company_short %}-hosted runner to a runner group, select the runner group you created in the previous procedures.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> When adding your {% data variables.product.company_short %}-hosted runner to a runner group, select the runner group you created in the previous procedures.
|
||||
|
||||
1. Add the {% data variables.product.company_short %}-hosted runner to the runner group. For more information, see "[AUTOTITLE](/actions/using-github-hosted-runners/about-larger-runners/managing-larger-runners#adding-a-larger-runner-to-an-organization)."
|
||||
|
||||
|
|
|
|||
|
|
@ -16,11 +16,8 @@ shortTitle: Convert organization to user
|
|||
|
||||
{% ifversion fpt or ghec %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: After an account is deleted, the username at the time of deletion becomes unavailable for reuse for 90 days. To reuse an organization's username immediately, you must change the username before you delete the organization.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> After an account is deleted, the username at the time of deletion becomes unavailable for reuse for 90 days. To reuse an organization's username immediately, you must change the username before you delete the organization.
|
||||
|
||||
1. [Sign up](/get-started/start-your-journey/creating-an-account-on-github) for a new account on GitHub.
|
||||
1. [Have the user's role changed to an owner](/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization).
|
||||
|
|
|
|||
|
|
@ -10,11 +10,10 @@ topics:
|
|||
---
|
||||
|
||||
{% ifversion ghec %}
|
||||
{% note %}
|
||||
|
||||
**Note:** To create an announcement banner, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
> [!NOTE]
|
||||
> To create an announcement banner, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
You can create an announcement banner that will be displayed to all organization members at the top of every page in the organization.
|
||||
|
|
@ -29,10 +28,8 @@ You can also set announcement banners at the enterprise level. For more informat
|
|||
1. Under "Announcement", in the text field, type the announcement you want displayed in a banner.
|
||||
1. Optionally, under "Expires on", select the calendar drop-down menu and click an expiration date.
|
||||
|
||||
{% note %}
|
||||
> [!NOTE]
|
||||
> Announcements must either have an expiration date, be user dismissible, or both.
|
||||
|
||||
**Note:** Announcements must either have an expiration date, be user dismissible, or both.
|
||||
|
||||
{% endnote %}
|
||||
1. Optionally, to allow each user to dismiss the announcement, select **Allow users to dismiss the announcement**.
|
||||
{% data reusables.enterprise_site_admin_settings.message-preview-save %}
|
||||
|
|
|
|||
|
|
@ -18,11 +18,9 @@ shortTitle: Delete organization
|
|||
## About deletion of your organization account
|
||||
|
||||
{% ifversion fpt or ghec %}
|
||||
{% tip %}
|
||||
|
||||
**Tip**: If you want to cancel your paid subscription, you can [downgrade your organization to {% data variables.product.prodname_free_team %}](/billing/managing-the-plan-for-your-github-account/downgrading-your-accounts-plan) instead of deleting the organization and its content.
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> If you want to cancel your paid subscription, you can [downgrade your organization to {% data variables.product.prodname_free_team %}](/billing/managing-the-plan-for-your-github-account/downgrading-your-accounts-plan) instead of deleting the organization and its content.
|
||||
|
||||
{% endif %}
|
||||
Deleting your organization account removes all repositories, forks of private repositories, wikis, issues, pull requests, and project or organization pages. {% ifversion fpt or ghec %}Your billing will end and, after 90 days, the organization name becomes available for use on a new user or organization account.
|
||||
|
|
@ -46,11 +44,10 @@ You can also archive an organization, instead of deleting it. Archiving an organ
|
|||
{% ifversion not ghes %} After you delete an organization, {% data variables.product.company_short %} **cannot restore your content**. Therefore, before{% else %}Before{% endif %} you delete your organization, make sure you have a copy of all repositories, wikis, issues, and projects from the account.
|
||||
|
||||
{% ifversion ghes %}
|
||||
{% note %}
|
||||
|
||||
**Note:** If necessary, a site administrator for {% data variables.location.product_location %} may be able to partially restore a deleted organization. For more information, see "[AUTOTITLE](/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/restoring-a-deleted-organization)."
|
||||
> [!NOTE]
|
||||
> If necessary, a site administrator for {% data variables.location.product_location %} may be able to partially restore a deleted organization. For more information, see "[AUTOTITLE](/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/restoring-a-deleted-organization)."
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
## Deleting your organization account
|
||||
|
|
|
|||
|
|
@ -28,11 +28,8 @@ Alternatively, you can enable {% data variables.product.prodname_actions %} for
|
|||
|
||||
You can choose to disable {% data variables.product.prodname_actions %} for all repositories in your organization, or only allow specific repositories. You can also limit the use of public actions{% ifversion actions-workflow-policy %} and reusable workflows{% endif %}, so that people can only use local actions {% ifversion actions-workflow-policy %}and reusable workflows{% endif %} that exist in your {% ifversion ghec or ghes %}enterprise{% else %}organization{% endif %}.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** You might not be able to manage these settings if your organization is managed by an enterprise that has overriding policy. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> You might not be able to manage these settings if your organization is managed by an enterprise that has overriding policy. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise)."
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.profile.org_settings %}
|
||||
|
|
@ -56,11 +53,8 @@ You can choose to disable {% data variables.product.prodname_actions %} for all
|
|||
|
||||
{% ifversion ghec or ghes %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: If your organization belongs to an enterprise, creation of self-hosted runners at the repository level may have been disabled as an enterprise-wide setting. If this has been done, you cannot enable repository-level self-hosted runners in your organization settings. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If your organization belongs to an enterprise, creation of self-hosted runners at the repository level may have been disabled as an enterprise-wide setting. If this has been done, you cannot enable repository-level self-hosted runners in your organization settings. For more information, see "[AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise)."
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,11 +15,8 @@ You can set a project's base permission to control the level of access for all m
|
|||
|
||||
When you set the base permission for projects in your organization's settings, the base permission will apply to any new projects created by organization members and existing projects that do not currently have a base permission configured in the project's settings.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** {% data reusables.projects.migration-permissions-warning %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> {% data reusables.projects.migration-permissions-warning %}
|
||||
|
||||
## Setting a base permission for {% data variables.projects.projects_v2 %} in your organization
|
||||
|
||||
|
|
|
|||
|
|
@ -14,11 +14,8 @@ topics:
|
|||
- Teams
|
||||
---
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** Only organization owners can rename an organization. {% data reusables.organizations.new-org-permissions-more-info %}
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> Only organization owners can rename an organization. {% data reusables.organizations.new-org-permissions-more-info %}
|
||||
|
||||
## What happens when I change my organization's name?
|
||||
|
||||
|
|
|
|||
|
|
@ -26,11 +26,8 @@ Enterprise owners can restrict the options you have available for your organizat
|
|||
|
||||
Organization owners can restrict the type of repositories members can create to private {% ifversion ghec or ghes %}or internal{% endif %} to help prevent sensitive information from being exposed. For more information, see "[AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization)."
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning**: This setting restricts the visibility options available when repositories are _created_, but does not prevent changing the visibility of _existing_ repositories. For more information about restricting changes to existing repositories' visibilities, see "[AUTOTITLE](/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization)."
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> This setting restricts the visibility options available when repositories are _created_, but does not prevent changing the visibility of _existing_ repositories. For more information about restricting changes to existing repositories' visibilities, see "[AUTOTITLE](/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization)."
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.profile.org_settings %}
|
||||
|
|
@ -38,11 +35,10 @@ Organization owners can restrict the type of repositories members can create to
|
|||
1. Under "Repository creation", select one or more options. <br><br>
|
||||
|
||||
{% ifversion fpt or ghec %}
|
||||
{% note %}
|
||||
|
||||
**Note:** To restrict members to creating private repositories only, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
> [!NOTE]
|
||||
> To restrict members to creating private repositories only, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
|
||||
{% endnote %}
|
||||
{%- endif %}
|
||||
|
||||
1. Click **Save**.
|
||||
|
|
|
|||
|
|
@ -21,11 +21,8 @@ You can restrict the ability to change repository visibility to organization own
|
|||
|
||||
Restricting who has the ability to change the visibility of repositories in your organization helps prevent sensitive information from being exposed. For more information, see "[AUTOTITLE](/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization)."
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning**: If this setting is enabled, individuals or {% data variables.product.prodname_github_apps %} with admin access can _modify_ the visibility of an existing repository even if the ability to _create_ a repository with that specific visibility has been disabled. For more information about restricting the visibility of repositories during creation, see "[AUTOTITLE](/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization)."
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> If this setting is enabled, individuals or {% data variables.product.prodname_github_apps %} with admin access can _modify_ the visibility of an existing repository even if the ability to _create_ a repository with that specific visibility has been disabled. For more information about restricting the visibility of repositories during creation, see "[AUTOTITLE](/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization)."
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.profile.org_settings %}
|
||||
|
|
|
|||
|
|
@ -21,11 +21,10 @@ shortTitle: Set collaborator policy
|
|||
By default, anyone with admin access to a repository can invite outside collaborators to work on the repository. You can choose to restrict the ability to add outside collaborators to organization owners only.
|
||||
|
||||
{% ifversion ghec %}
|
||||
{% note %}
|
||||
|
||||
**Note:** Only organizations that use {% data variables.product.prodname_ghe_cloud %} can restrict the ability to invite outside collaborators to organization owners. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
> [!NOTE]
|
||||
> Only organizations that use {% data variables.product.prodname_ghe_cloud %} can restrict the ability to invite outside collaborators to organization owners. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
{% ifversion ghec %}If your organization is owned by an enterprise account, you{% else %}You{% endif %} may not be able to configure this setting for your organization, if an enterprise owner has set a policy at the enterprise level. For more information, see "[Enforcing repository management policies in your enterprise]{% ifversion ghec %}(/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-collaborators-to-repositories)"{% else %}(/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories){% endif %}."
|
||||
|
|
|
|||
|
|
@ -15,22 +15,19 @@ topics:
|
|||
shortTitle: Transfer ownership
|
||||
---
|
||||
{% ifversion ghec %}
|
||||
{% note %}
|
||||
|
||||
**Note:** {% data reusables.enterprise-accounts.invite-organization %}
|
||||
> [!NOTE]
|
||||
> {% data reusables.enterprise-accounts.invite-organization %}
|
||||
|
||||
{% endnote %}{% endif %}
|
||||
{% endif %}
|
||||
|
||||
1. If you're the only member with _owner_ privileges, give another organization member the owner role. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/maintaining-ownership-continuity-for-your-organization#appointing-an-organization-owner)."
|
||||
1. Contact the new owner and make sure they are able to [access the organization's settings](/organizations/collaborating-with-groups-in-organizations/accessing-your-organizations-settings).
|
||||
{% ifversion fpt or ghec %}
|
||||
1. If you are currently responsible for paying for GitHub in your organization, you'll also need to have the new owner or a [billing manager](/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization) update the organization's payment information. For more information, see "[AUTOTITLE](/billing/managing-your-github-billing-settings/adding-or-editing-a-payment-method)."
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning**: Removing yourself from the organization **does not** update the billing information on file for the organization account. The new owner or a billing manager must update the billing information on file to remove your credit card or PayPal information.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> Removing yourself from the organization **does not** update the billing information on file for the organization account. The new owner or a billing manager must update the billing information on file to remove your credit card or PayPal information.
|
||||
|
||||
{% endif %}
|
||||
1. [Remove yourself](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/removing-yourself-from-an-organization) from the organization.
|
||||
|
|
|
|||
|
|
@ -35,11 +35,10 @@ After verifying ownership of your organization's domain, you can restrict email
|
|||
{% endif %}
|
||||
|
||||
{% ifversion ghec %}
|
||||
{% note %}
|
||||
|
||||
**Note:** To restrict email notifications to a verified domain, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
> [!NOTE]
|
||||
> To restrict email notifications to a verified domain, your organization must use {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
{% ifversion ghec %}You can also verify custom domains used for {% data variables.product.prodname_pages %} to prevent domain takeovers when a custom domain remains configured but your {% data variables.product.prodname_pages %} site is either disabled or no longer uses the domain. For more information, see "[AUTOTITLE](/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages)."{% endif %}
|
||||
|
|
|
|||
|
|
@ -16,11 +16,8 @@ shortTitle: Add a billing manager
|
|||
|
||||
Members of your organization's Owners team can give _billing manager_ permissions to people. Once a person accepts their invitation to become a billing manager for your organization, they can invite additional people to be billing managers.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** Billing managers do not use paid licenses in your organization's subscription.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> Billing managers do not use paid licenses in your organization's subscription.
|
||||
|
||||
## Permissions for billing managers
|
||||
|
||||
|
|
@ -44,20 +41,16 @@ Billing managers **are not** able to:
|
|||
* Purchase, edit, or cancel subscriptions for {% data variables.product.prodname_marketplace %} apps
|
||||
* Purchase, edit, or cancel subscriptions for {% data variables.product.prodname_copilot_for_business %} or {% data variables.product.prodname_copilot_enterprise %}
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** If your organization [requires members, billing managers, and outside collaborators to use two-factor authentication](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization), the user must enable two-factor authentication before they can accept your invitation to become a billing manager for the organization.
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> If your organization [requires members, billing managers, and outside collaborators to use two-factor authentication](/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization), the user must enable two-factor authentication before they can accept your invitation to become a billing manager for the organization.
|
||||
|
||||
## Inviting a billing manager
|
||||
|
||||
{% ifversion ghec %}
|
||||
{% note %}
|
||||
|
||||
**Note:** If your organization is owned by an enterprise account, you cannot invite billing managers at the organization level. For more information, see "[AUTOTITLE](/admin/overview/about-enterprise-accounts)."
|
||||
> [!NOTE]
|
||||
> If your organization is owned by an enterprise account, you cannot invite billing managers at the organization level. For more information, see "[AUTOTITLE](/admin/overview/about-enterprise-accounts)."
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
The invited person will receive an invitation email asking them to become a billing manager for your organization. Once the invited person clicks the accept link in their invitation email, they will automatically be added to the organization as a billing manager. If they don't already have a GitHub account, they will be directed to sign up for one, and they will be automatically added to the organization as a billing manager after they create an account.
|
||||
|
|
|
|||
|
|
@ -24,11 +24,8 @@ shortTitle: Maintain ownership continuity
|
|||
|
||||
Organization owners have full administrative access to the organization. {% data reusables.organizations.new-org-permissions-more-info %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: As an organization owner, you can change the role of other organization members and owners. You can't change your own role.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> As an organization owner, you can change the role of other organization members and owners. You can't change your own role.
|
||||
|
||||
{% ifversion enterprise-owner-join-org %}
|
||||
If your organization is owned by an enterprise account, any enterprise owner can make themselves an owner of your organization. For more information, see "[AUTOTITLE](/admin/user-management/managing-organizations-in-your-enterprise/managing-your-role-in-an-organization-owned-by-your-enterprise)."
|
||||
|
|
|
|||
|
|
@ -14,11 +14,8 @@ topics:
|
|||
shortTitle: Remove billing manager
|
||||
---
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Note:** {% data reusables.dotcom_billing.org-billing-perms %}
|
||||
|
||||
{% endwarning %}
|
||||
> [!NOTE]
|
||||
> {% data reusables.dotcom_billing.org-billing-perms %}
|
||||
|
||||
{% data reusables.organizations.billing-settings %}
|
||||
1. Under "Billing management", in the "Billing managers" list, next to the name of the person you want to remove, click **Remove**.
|
||||
|
|
|
|||
|
|
@ -16,11 +16,8 @@ When organization members create a {% data variables.product.pat_v2 %} to access
|
|||
|
||||
{% data variables.product.company_short %} will notify organization owners with a daily email about all {% data variables.product.pat_v2 %}s that are awaiting approval. When a token is denied or approved, the user who created the token will receive an email notification.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: Only {% data variables.product.pat_v2 %}s, not {% data variables.product.pat_v1_plural %}, are subject to approval. Unless the organization has restricted access by {% data variables.product.pat_v1_plural %}, any {% data variables.product.pat_v1 %} can access organization resources without prior approval. For more information, see "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> Only {% data variables.product.pat_v2 %}s, not {% data variables.product.pat_v1_plural %}, are subject to approval. Unless the organization has restricted access by {% data variables.product.pat_v1_plural %}, any {% data variables.product.pat_v1 %} can access organization resources without prior approval. For more information, see "[AUTOTITLE](/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization)."
|
||||
|
||||
{% ifversion pat-v2-org-admin-api %}
|
||||
|
||||
|
|
|
|||
|
|
@ -56,11 +56,8 @@ After you enable SAML SSO, there are multiple ways you can add new members to yo
|
|||
|
||||
To provision new users without an invitation from an organization owner, you can use the URL `https://github.com/orgs/ORGANIZATION/sso/sign_up`, replacing ORGANIZATION with the name of your organization. For example, you can configure your IdP so that anyone with access to the IdP can click a link on the IdP's dashboard to join your {% data variables.product.prodname_dotcom %} organization.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** Provisioning new users via `https://github.com/orgs/ORGANIZATION/sso/sign_up` is only supported when SAML SSO is configured at the organization level, not when SAML SSO is configured at the enterprise account level. For more information about SAML SSO for enterprise accounts, see "[AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/about-saml-for-enterprise-iam)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> Provisioning new users via `https://github.com/orgs/ORGANIZATION/sso/sign_up` is only supported when SAML SSO is configured at the organization level, not when SAML SSO is configured at the enterprise account level. For more information about SAML SSO for enterprise accounts, see "[AUTOTITLE](/admin/identity-and-access-management/using-saml-for-enterprise-iam/about-saml-for-enterprise-iam)."
|
||||
|
||||
If your IdP supports SCIM, {% data variables.product.prodname_dotcom %} can automatically invite members to join your organization when you grant access on your IdP. If you remove a member's access to your {% data variables.product.prodname_dotcom %} organization on your SAML IdP, the member will be automatically removed from the {% data variables.product.prodname_dotcom %} organization. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)."
|
||||
|
||||
|
|
|
|||
|
|
@ -37,11 +37,8 @@ These identity providers (IdPs) are compatible with the {% data variables.produc
|
|||
|
||||
Before you authorize the {% data variables.product.prodname_oauth_app %}, you must have an active SAML session. For more information, see "[AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on/about-authentication-with-saml-single-sign-on#about-oauth-apps-github-apps-and-saml-sso)."
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** {% data reusables.scim.nameid-and-username-must-match %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> {% data reusables.scim.nameid-and-username-must-match %}
|
||||
|
||||
## Further reading
|
||||
|
||||
|
|
|
|||
|
|
@ -57,11 +57,8 @@ Alternatively, you can configure SAML SSO for an enterprise using Okta. SCIM for
|
|||
1. Click **Authenticate with {% data variables.product.prodname_ghe_cloud %} - Organization**.
|
||||
1. To the right of your organization's name, click **Grant**.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If you cannot see your organization, this may be because {% data variables.product.prodname_oauth_app %} access restrictions are enabled for the organization. To continue, you will need to approve the "OKTA SCIM Integration" app for the organization. For more information, see "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If you cannot see your organization, this may be because {% data variables.product.prodname_oauth_app %} access restrictions are enabled for the organization. To continue, you will need to approve the "OKTA SCIM Integration" app for the organization. For more information, see "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization)."
|
||||
|
||||
1. Click **Authorize OktaOAN**.
|
||||
{% data reusables.saml.okta-save-provisioning %}
|
||||
|
|
|
|||
|
|
@ -27,13 +27,10 @@ You can find the SAML and SCIM implementation details for your IdP in the IdP's
|
|||
* PingOne [SAML](https://support.pingidentity.com/s/marketplace-integration/a7i1W0000004ID3QAM/github-connector)
|
||||
* Shibboleth [SAML](https://shibboleth.atlassian.net/wiki/spaces/IDP4/overview)
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** {% data variables.product.product_name %} supported identity providers for SCIM are Entra ID, Okta, and OneLogin. For more information about SCIM, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)."
|
||||
|
||||
{% data reusables.scim.enterprise-account-scim %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> {% data variables.product.product_name %} supported identity providers for SCIM are Entra ID, Okta, and OneLogin. For more information about SCIM, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim-for-organizations)."
|
||||
>
|
||||
> {% data reusables.scim.enterprise-account-scim %}
|
||||
|
||||
## SAML metadata
|
||||
|
||||
|
|
|
|||
|
|
@ -15,11 +15,9 @@ After you disable SAML SSO for your organization, all external identities for yo
|
|||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.profile.org_settings %}
|
||||
|
||||
{% note %}
|
||||
> [!NOTE]
|
||||
> If you're unable to access the organization because your identity provider (IdP) is unavailable, you can use a recovery code to bypass SSO. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable)."
|
||||
|
||||
**Note:** If you're unable to access the organization because your identity provider (IdP) is unavailable, you can use a recovery code to bypass SSO. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable)."
|
||||
|
||||
{% endnote %}
|
||||
{% data reusables.organizations.security %}
|
||||
1. Under "SAML single sign-on", deselect **Enable SAML authentication**.
|
||||
1. Click **Save**.
|
||||
|
|
|
|||
|
|
@ -22,11 +22,8 @@ Recovery codes should not be shared or distributed. We recommend saving them wit
|
|||
|
||||
1. To save your recovery codes, click **Download**, **Print**, or **Copy**.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** Your recovery codes will help get you back into {% data variables.product.product_name %} if your IdP is unavailable. If you generate new recovery codes the recovery codes displayed on the "Single sign-on recovery codes" page are automatically updated.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> Your recovery codes will help get you back into {% data variables.product.product_name %} if your IdP is unavailable. If you generate new recovery codes the recovery codes displayed on the "Single sign-on recovery codes" page are automatically updated.
|
||||
|
||||
1. Once you use a recovery code to regain access to {% data variables.product.product_name %}, it cannot be reused. Access to {% data variables.product.product_name %} will only be available for 24 hours before you'll be asked to sign in using single sign-on.
|
||||
|
||||
|
|
|
|||
|
|
@ -37,29 +37,22 @@ For more information about the identity providers (IdPs) that {% data variables.
|
|||
{% data reusables.organizations.security %}
|
||||
1. Under "SAML single sign-on", select **Enable SAML authentication**.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** After enabling SAML SSO, you can download your single sign-on recovery codes so that you can access your organization even if your IdP is unavailable. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> After enabling SAML SSO, you can download your single sign-on recovery codes so that you can access your organization even if your IdP is unavailable. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes)."
|
||||
|
||||
1. In the "Sign on URL" field, type the HTTPS endpoint of your IdP for single sign-on requests. This value is available in your IdP configuration.
|
||||
1. Optionally, in the "Issuer" field, type your SAML issuer's name. This verifies the authenticity of sent messages.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If you want to enable team synchronization for your organization, the "Issuer" field is a required. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If you want to enable team synchronization for your organization, the "Issuer" field is a required. For more information, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization)."
|
||||
|
||||
1. Under "Public Certificate," paste a certificate to verify SAML responses.
|
||||
{% data reusables.saml.edit-signature-and-digest-methods %}
|
||||
1. Before enabling SAML SSO for your organization, to ensure that the information you've entered is correct, click **Test SAML configuration**. {% data reusables.saml.test-must-succeed %}
|
||||
{% tip %}
|
||||
|
||||
**Tip:** {% data reusables.saml.testing-saml-sso %}
|
||||
> [!TIP]
|
||||
> {% data reusables.saml.testing-saml-sso %}
|
||||
|
||||
{% endtip %}
|
||||
1. To enforce SAML SSO and remove all organization members who haven't authenticated via your IdP, select **Require SAML SSO authentication for all members of the _organization name_ organization**. For more information on enforcing SAML SSO, see "[AUTOTITLE](/organizations/managing-saml-single-sign-on-for-your-organization/enforcing-saml-single-sign-on-for-your-organization)."
|
||||
1. Click **Save**.
|
||||
|
||||
|
|
|
|||
|
|
@ -26,11 +26,8 @@ Bots and service accounts that do not have external identities set up in your or
|
|||
|
||||
If your organization is owned by an enterprise account, requiring SAML for the enterprise account will override your organization-level SAML configuration and enforce SAML SSO for every organization in the enterprise. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/admin/identity-and-access-management/using-saml-for-enterprise-iam/configuring-saml-single-sign-on-for-your-enterprise)."
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** {% data reusables.saml.testing-saml-sso %}
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> {% data reusables.saml.testing-saml-sso %}
|
||||
|
||||
## Enforcing SAML SSO for your organization
|
||||
|
||||
|
|
|
|||
|
|
@ -53,11 +53,8 @@ You must enable SAML single sign-on for your organization and your supported IdP
|
|||
|
||||
You must have a linked SAML identity. To create a linked identity, you must authenticate to your organization using SAML SSO and the supported IdP at least once. For more information, see "[AUTOTITLE](/authentication/authenticating-with-saml-single-sign-on)."
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: For team synchronization to work, your SAML settings must contain a valid IdP URL for the "Issuer" field. For more information, see "[Enabling and testing SAML single sign-on for your organization](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization#enabling-and-testing-saml-single-sign-on-for-your-organization)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> For team synchronization to work, your SAML settings must contain a valid IdP URL for the "Issuer" field. For more information, see "[Enabling and testing SAML single sign-on for your organization](/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization#enabling-and-testing-saml-single-sign-on-for-your-organization)."
|
||||
|
||||
### Enabling team synchronization for Entra ID
|
||||
|
||||
|
|
|
|||
|
|
@ -42,11 +42,8 @@ When you convert an organization member to an outside collaborator, their privil
|
|||
|
||||
## Converting an organization member to an outside collaborator
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** You may not be able to convert an organization member to an outside collaborator, if an organization owner{% ifversion not fpt %} or enterprise owner{% endif %} has restricted your ability to add outside collaborators.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> You may not be able to convert an organization member to an outside collaborator, if an organization owner{% ifversion not fpt %} or enterprise owner{% endif %} has restricted your ability to add outside collaborators.
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.user-settings.access_org %}
|
||||
|
|
|
|||
|
|
@ -32,15 +32,10 @@ When you reinstate a former outside collaborator, you can restore:
|
|||
* Issue assignments in the organization
|
||||
* Repository subscriptions (notification settings for watching, not watching, or ignoring a repository's activity)
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tips**:
|
||||
|
||||
* Only organization owners can reinstate outside collaborators' access to an organization.{% ifversion prevent-org-admin-add-outside-collaborator %} Enterprise owners may further restrict the ability to reinstate outside collaborators' access to enterprise owners only.{% endif %} For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)."
|
||||
* The reinstating a member flow on {% data variables.location.product_location %} may use the term "member" to describe reinstating an outside collaborator but if you reinstate this person and keep their previous privileges, they will only have their previous [outside collaborator permissions](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#outside-collaborators).{% ifversion fpt or ghec %}
|
||||
* If your organization has a paid per-user subscription, an unused license must be available before you can invite a new member to join the organization or reinstate a former organization member. For more information, see "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/about-per-user-pricing)."{% endif %}
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> * Only organization owners can reinstate outside collaborators' access to an organization.{% ifversion prevent-org-admin-add-outside-collaborator %} Enterprise owners may further restrict the ability to reinstate outside collaborators' access to enterprise owners only.{% endif %} For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)."
|
||||
> * The reinstating a member flow on {% data variables.location.product_location %} may use the term "member" to describe reinstating an outside collaborator but if you reinstate this person and keep their previous privileges, they will only have their previous [outside collaborator permissions](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#outside-collaborators).{% ifversion fpt or ghec %}
|
||||
> * If your organization has a paid per-user subscription, an unused license must be available before you can invite a new member to join the organization or reinstate a former organization member. For more information, see "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/about-per-user-pricing)."{% endif %}
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.user-settings.access_org %}
|
||||
|
|
@ -50,19 +45,15 @@ When you reinstate a former outside collaborator, you can restore:
|
|||
{% ifversion fpt or ghec %}
|
||||
1. Select whether to restore the outside collaborator's previous privileges in the organization by clicking **Invite and reinstate** or choose to clear their previous privileges and set new access permissions by clicking **Invite and start fresh**.
|
||||
|
||||
{% warning %}
|
||||
> [!WARNING]
|
||||
> If you want to upgrade the outside collaborator to a member of your organization, then choose **Invite and start fresh** and choose a new role for this person. Note, however, that this person's private forks of your organization's repositories will be lost if you choose to start fresh. To make the former outside collaborator a member of your organization _and_ keep their private forks, choose **Invite and reinstate** instead. Once this person accepts the invitation, you can convert them to an organization member by [inviting them to join the organization as a member](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-outside-collaborator-to-an-organization-member).
|
||||
|
||||
**Warning:** If you want to upgrade the outside collaborator to a member of your organization, then choose **Invite and start fresh** and choose a new role for this person. Note, however, that this person's private forks of your organization's repositories will be lost if you choose to start fresh. To make the former outside collaborator a member of your organization _and_ keep their private forks, choose **Invite and reinstate** instead. Once this person accepts the invitation, you can convert them to an organization member by [inviting them to join the organization as a member](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-outside-collaborator-to-an-organization-member).
|
||||
|
||||
{% endwarning %}
|
||||
{% else %}
|
||||
1. Select whether to restore the outside collaborator's previous privileges in the organization by clicking **Add and reinstate** or choose to clear their previous privileges and set new access permissions by clicking **Add and start fresh**.
|
||||
|
||||
{% warning %}
|
||||
> [!WARNING]
|
||||
> If you want to upgrade the outside collaborator to a member of your organization, then choose **Add and start fresh** and choose a new role for this person. Note, however, that this person's private forks of your organization's repositories will be lost if you choose to start fresh. To make the former outside collaborator a member of your organization _and_ keep their private forks, choose **Add and reinstate** instead. Then, you can convert them to an organization member by [adding them to the organization as a member](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-outside-collaborator-to-an-organization-member).
|
||||
|
||||
**Warning:** If you want to upgrade the outside collaborator to a member of your organization, then choose **Add and start fresh** and choose a new role for this person. Note, however, that this person's private forks of your organization's repositories will be lost if you choose to start fresh. To make the former outside collaborator a member of your organization _and_ keep their private forks, choose **Add and reinstate** instead. Then, you can convert them to an organization member by [adding them to the organization as a member](/organizations/managing-user-access-to-your-organizations-repositories/managing-outside-collaborators/converting-an-outside-collaborator-to-an-organization-member).
|
||||
|
||||
{% endwarning %}
|
||||
{% endif %}
|
||||
{% ifversion fpt or ghec %}
|
||||
1. If you cleared the previous privileges for a former outside collaborator, choose a role for the user and optionally add them to some teams, then click **Send invitation**.
|
||||
|
|
|
|||
|
|
@ -20,14 +20,9 @@ shortTitle: Remove collaborator
|
|||
|
||||
{% ifversion fpt or ghec %}
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning:**
|
||||
* When removing an outside collaborator from a private repository, the paid license count does not automatically downgrade. To pay for fewer licenses after removing users from your organization, follow the steps in "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/downgrading-your-accounts-plan)."
|
||||
|
||||
* You are responsible for ensuring that people who have lost access to a repository delete any confidential information or intellectual property.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> * When removing an outside collaborator from a private repository, the paid license count does not automatically downgrade. To pay for fewer licenses after removing users from your organization, follow the steps in "[AUTOTITLE](/billing/managing-the-plan-for-your-github-account/downgrading-your-accounts-plan)."
|
||||
> * You are responsible for ensuring that people who have lost access to a repository delete any confidential information or intellectual property.
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -19,13 +19,9 @@ shortTitle: Manage team access
|
|||
|
||||
People with admin access to a repository can manage team access to the repository. Team maintainers can remove a team's access to a repository if the team has direct access to it. If the team's access to the repository is inherited from a parent team, maintainers can choose to reset the current permission to match the parent team's permission.
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warnings:**
|
||||
* You can change a team's permission level if the team has direct access to a repository. If the team's access to the repository is inherited from a parent team, you must change the parent team's access to the repository.
|
||||
* If you add or remove repository access for a parent team, each of that parent's child teams will also receive or lose access to the repository. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)."
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> * You can change a team's permission level if the team has direct access to a repository. If the team's access to the repository is inherited from a parent team, you must change the parent team's access to the repository.
|
||||
> * If you add or remove repository access for a parent team, each of that parent's child teams will also receive or lose access to the repository. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)."
|
||||
|
||||
## Giving a team access to a repository
|
||||
|
||||
|
|
|
|||
|
|
@ -41,11 +41,8 @@ Organization owners can also choose to further limit access to certain settings
|
|||
|
||||
In addition to managing organization-level settings, organization owners have admin access to every repository owned by the organization. For more information, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization)."
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning:** When someone adds a deploy key to a repository, any user who has the private key can read from or write to the repository (depending on the key settings), even if they're later removed from the organization.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> When someone adds a deploy key to a repository, any user who has the private key can read from or write to the repository (depending on the key settings), even if they're later removed from the organization.
|
||||
|
||||
## Permissions for each role
|
||||
|
||||
|
|
@ -53,11 +50,8 @@ In addition to managing organization-level settings, organization owners have ad
|
|||
Some of the features listed below are limited to organizations using {% data variables.product.prodname_ghe_cloud %}. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
{% endif %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** The roles required to use security features are listed in "[Access requirements for security features](#access-requirements-for-security-features)" below.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> The roles required to use security features are listed in "[Access requirements for security features](#access-requirements-for-security-features)" below.
|
||||
|
||||
{% rowheaders %}
|
||||
|
||||
|
|
@ -177,11 +171,8 @@ Some of the features listed below are limited to organizations using {% data var
|
|||
|
||||
In this section, you can find the access required for security features, such as {% data variables.product.prodname_advanced_security %} features.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** Repository writers and maintainers can only see secret scanning alert information for their own commits.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> Repository writers and maintainers can only see secret scanning alert information for their own commits.
|
||||
|
||||
{% rowheaders %}
|
||||
|
||||
|
|
|
|||
|
|
@ -28,14 +28,9 @@ If someone with admin access to an organization's repository grants a member a h
|
|||
If you've created a custom repository role with an inherited role that is lower access than your organization's base permissions, any members assigned to that role will default to the organization's base permissions rather than the inherited role. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization)."
|
||||
{% endif %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Notes:**
|
||||
|
||||
* All changes to base permissions will affect both new and existing members.
|
||||
* {% data reusables.repositories.org-base-permissions-private-forks %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> * All changes to base permissions will affect both new and existing members.
|
||||
> * {% data reusables.repositories.org-base-permissions-private-forks %}
|
||||
|
||||
## Setting base permissions
|
||||
|
||||
|
|
|
|||
|
|
@ -34,11 +34,10 @@ You can see a combined overview of teams and people with access to your reposito
|
|||
## Exporting a list of people with access to your repository
|
||||
|
||||
{% ifversion ghec %}
|
||||
{% note %}
|
||||
|
||||
**Note:** Only organizations that use {% data variables.product.prodname_ghe_cloud %} can export a list of people with access to a repository. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
> [!NOTE]
|
||||
> Only organizations that use {% data variables.product.prodname_ghe_cloud %} can export a list of people with access to a repository. {% data reusables.enterprise.link-to-ghec-trial %}
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
{% data reusables.repositories.navigate-to-repo %}
|
||||
|
|
|
|||
|
|
@ -19,14 +19,10 @@ You can remove the ability for members of legacy admin teams to create repositor
|
|||
|
||||
For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)."
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warnings:**
|
||||
* If there are members of your legacy Admin team who are not members of other teams, deleting the team will remove those members from the organization. Before deleting the team, ensure members are already direct members of the organization, or have collaborator access to necessary repositories.
|
||||
* To prevent the loss of private forks made by members of the legacy Admin team, you must follow steps 1-3 below before deleting the legacy Admin team.
|
||||
* Because "admin" is a term for organization members with specific [access to certain repositories](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization) in the organization, we recommend you avoid that term in any team name you decide on.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> * If there are members of your legacy Admin team who are not members of other teams, deleting the team will remove those members from the organization. Before deleting the team, ensure members are already direct members of the organization, or have collaborator access to necessary repositories.
|
||||
> * To prevent the loss of private forks made by members of the legacy Admin team, you must follow steps 1-3 below before deleting the legacy Admin team.
|
||||
> * Because "admin" is a term for organization members with specific [access to certain repositories](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization) in the organization, we recommend you avoid that term in any team name you decide on.
|
||||
|
||||
1. [Create a new team](/organizations/organizing-members-into-teams/creating-a-team).
|
||||
1. [Add each of the members](/organizations/organizing-members-into-teams/adding-organization-members-to-a-team) of your legacy admin team to the new team.
|
||||
|
|
|
|||
|
|
@ -23,11 +23,8 @@ You have a few options to convert your legacy Owners team:
|
|||
|
||||
## Give the Owners team a new name
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Note:** Because "admin" is a term for organization members with specific access to certain repositories in the organization, we recommend you avoid that term in any team name you decide on. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)."
|
||||
|
||||
{% endtip %}
|
||||
> [!NOTE]
|
||||
> Because "admin" is a term for organization members with specific access to certain repositories in the organization, we recommend you avoid that term in any team name you decide on. For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)."
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.user-settings.access_org %}
|
||||
|
|
@ -41,11 +38,8 @@ You have a few options to convert your legacy Owners team:
|
|||
|
||||
## Delete the legacy Owners team
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning:** If there are members of your Owners team who are not members of other teams, deleting the team will remove those members from the organization. Before deleting the team, ensure members are already direct members of the organization, or have collaborator access to necessary repositories.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> If there are members of your Owners team who are not members of other teams, deleting the team will remove those members from the organization. Before deleting the team, ensure members are already direct members of the organization, or have collaborator access to necessary repositories.
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.user-settings.access_org %}
|
||||
|
|
|
|||
|
|
@ -25,11 +25,8 @@ You can remove this ability by migrating your legacy admin teams to the improved
|
|||
|
||||
For more information, see "[AUTOTITLE](/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization)."
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning:** If your organization has disabled [repository creation permissions](/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization) for all members, some members of legacy admin teams may lose repository creation permissions. If your organization has enabled member repository creation, migrating legacy admin teams to improved organization permissions will not affect team members' ability to create repositories.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> If your organization has disabled [repository creation permissions](/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization) for all members, some members of legacy admin teams may lose repository creation permissions. If your organization has enabled member repository creation, migrating legacy admin teams to improved organization permissions will not affect team members' ability to create repositories.
|
||||
|
||||
## Migrating all of your organization's legacy admin teams
|
||||
|
||||
|
|
|
|||
|
|
@ -36,11 +36,8 @@ People with the team maintainer role can manage team membership and settings.
|
|||
|
||||
{% ifversion ghec %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note** If your enterprise uses {% data variables.enterprise.prodname_managed_users %} and manages a team's membership with an identity provider (IdP) group, you cannot assign the team maintainer role manually for that team. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If your enterprise uses {% data variables.enterprise.prodname_managed_users %} and manages a team's membership with an identity provider (IdP) group, you cannot assign the team maintainer role manually for that team. For more information, see "[AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups)."
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,11 +15,8 @@ topics:
|
|||
|
||||
{% data reusables.organizations.types-of-team-visibility %}
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** If a team has [child or parent teams](/organizations/organizing-members-into-teams/about-teams), you cannot make it a secret team.
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> If a team has [child or parent teams](/organizations/organizing-members-into-teams/about-teams), you cannot make it a secret team.
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.user-settings.access_org %}
|
||||
|
|
|
|||
|
|
@ -12,11 +12,8 @@ Team maintainers and organization owners can enable or disable notifications for
|
|||
|
||||
Disabling team notifications won't unsubscribe people that are already subscribed to threads.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** This setting does not affect notifications for reviews requested from the team.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> This setting does not affect notifications for reviews requested from the team.
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.user-settings.access_org %}
|
||||
|
|
|
|||
|
|
@ -52,14 +52,10 @@ You must be a site admin and an organization owner to create a team with LDAP sy
|
|||
|
||||
{% data reusables.enterprise_user_management.ldap-sync-nested-teams %}
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Notes:**
|
||||
* LDAP Sync only manages the team's member list. You must manage the team's repositories and permissions from within {% data variables.product.prodname_ghe_server %}.
|
||||
* If an LDAP group mapping to a DN is removed, such as if the LDAP group is deleted, then every member is removed from the synced {% data variables.product.prodname_ghe_server %} team. To fix this, map the team to a new DN, add the team members back, and [manually sync the mapping](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap#manually-syncing-ldap-accounts).
|
||||
* When LDAP Sync is enabled, if a person is removed from a repository, they will lose access but their forks will not be deleted. If the person is added to a team with access to the original organization repository within three months, their access to the forks will be automatically restored on the next sync.
|
||||
|
||||
{% endwarning %}
|
||||
> [!NOTE]
|
||||
> * LDAP Sync only manages the team's member list. You must manage the team's repositories and permissions from within {% data variables.product.prodname_ghe_server %}.
|
||||
> * If an LDAP group mapping to a DN is removed, such as if the LDAP group is deleted, then every member is removed from the synced {% data variables.product.prodname_ghe_server %} team. To fix this, map the team to a new DN, add the team members back, and [manually sync the mapping](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap#manually-syncing-ldap-accounts).
|
||||
> * When LDAP Sync is enabled, if a person is removed from a repository, they will lose access but their forks will not be deleted. If the person is added to a team with access to the original organization repository within three months, their access to the forks will be automatically restored on the next sync.
|
||||
|
||||
1. Ensure that [LDAP Sync is enabled](/admin/identity-and-access-management/using-ldap-for-enterprise-iam/using-ldap#enabling-ldap-sync).
|
||||
{% data reusables.profile.access_org %}
|
||||
|
|
|
|||
|
|
@ -13,11 +13,8 @@ topics:
|
|||
- Teams
|
||||
---
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** Only organization owners can delete parent teams. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)."
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> Only organization owners can delete parent teams. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)."
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.user-settings.access_org %}
|
||||
|
|
|
|||
|
|
@ -20,13 +20,9 @@ Organization owners can change the parent of any team. Team maintainers can chan
|
|||
|
||||
{% data reusables.organizations.child-team-inherits-permissions %}
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tips:**
|
||||
* You cannot change a team's parent to a secret team. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)."
|
||||
* You cannot nest a parent team beneath one of its child teams.
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> * You cannot change a team's parent to a secret team. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/about-teams)."
|
||||
> * You cannot nest a parent team beneath one of its child teams.
|
||||
|
||||
{% data reusables.profile.access_org %}
|
||||
{% data reusables.user-settings.access_org %}
|
||||
|
|
|
|||
|
|
@ -66,11 +66,8 @@ When a package inherits permissions from a repository, to grant or remove access
|
|||
|
||||
{% ifversion packages-inherit-permissions %}If you want to configure a package's access settings on a granular level, separately from the linked repository, you must remove the inherited permissions from the package.{% endif %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If you change how a package gets its access permissions, any existing permissions for the package are overwritten.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If you change how a package gets its access permissions, any existing permissions for the package are overwritten.
|
||||
|
||||
### Selecting the inheritance setting for packages scoped to your personal account
|
||||
|
||||
|
|
@ -81,11 +78,10 @@ When a package inherits permissions from a repository, to grant or remove access
|
|||
### Selecting the inheritance setting for packages scoped to an organization
|
||||
|
||||
{% ifversion packages-inherit-permissions %}
|
||||
{% tip %}
|
||||
|
||||
**Tip:** If you're the owner of an organization, you can prevent all new packages scoped to your organization from automatically inheriting permissions from a linked repository. For more information, see "[Disabling automatic inheritance of access permissions in an organization](#disabling-automatic-inheritance-of-access-permissions-in-an-organization)" below.
|
||||
> [!TIP]
|
||||
> If you're the owner of an organization, you can prevent all new packages scoped to your organization from automatically inheriting permissions from a linked repository. For more information, see "[Disabling automatic inheritance of access permissions in an organization](#disabling-automatic-inheritance-of-access-permissions-in-an-organization)" below.
|
||||
|
||||
{% endtip %}
|
||||
{% endif %}
|
||||
|
||||
{% data reusables.package_registry.package-settings-from-org-level %}
|
||||
|
|
@ -118,14 +114,10 @@ The specified repository does not need to be the repository where the source cod
|
|||
If you publish a package that is linked to a repository, {% data variables.product.prodname_actions %} workflows in the linked repository automatically get access to the package, unless your organization has disabled the automatic inheritance of access permissions. For more information, see "[About inheritance of access permissions](#about-inheritance-of-access-permissions)" above.
|
||||
{% endif %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Notes:**
|
||||
* Syncing your package with a repository {% data variables.package_registry.package-settings-actions-access-menu %} is different than connecting your package to a repository. For more information about linking a repository to your package, see "[AUTOTITLE](/packages/learn-github-packages/connecting-a-repository-to-a-package)."
|
||||
* You can choose to limit permissions to workflow jobs usings the `permissions` key and `packages` scope. For more information, see "[AUTOTITLE](/actions/using-jobs/assigning-permissions-to-jobs)."
|
||||
* {% data reusables.package_registry.public-forks-private-packages %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> * Syncing your package with a repository {% data variables.package_registry.package-settings-actions-access-menu %} is different than connecting your package to a repository. For more information about linking a repository to your package, see "[AUTOTITLE](/packages/learn-github-packages/connecting-a-repository-to-a-package)."
|
||||
> * You can choose to limit permissions to workflow jobs usings the `permissions` key and `packages` scope. For more information, see "[AUTOTITLE](/actions/using-jobs/assigning-permissions-to-jobs)."
|
||||
> * {% data reusables.package_registry.public-forks-private-packages %}
|
||||
|
||||
### {% data variables.product.prodname_actions %} access for packages scoped to personal accounts
|
||||
|
||||
|
|
@ -182,11 +174,10 @@ When you first publish a package that is scoped to your personal account, the de
|
|||
1. At the bottom of the page, under "Danger Zone", click **Change visibility**.
|
||||
1. Select a visibility setting:
|
||||
* To make the package visible to anyone, select **Public**.
|
||||
{% warning %}
|
||||
|
||||
**Warning:** Once you make a package public, you cannot make it private again.
|
||||
> [!WARNING]
|
||||
> Once you make a package public, you cannot make it private again.
|
||||
|
||||
{% endwarning %}
|
||||
* To make the package visible to a custom selection of people, select **Private**.
|
||||
1. To confirm, type the name of the package, then click **I understand the consequences, change package visibility**.
|
||||
|
||||
|
|
@ -211,11 +202,8 @@ When you first publish a package, the default visibility is private and only you
|
|||
1. At the bottom of the page, under "Danger Zone", click **Change visibility** and choose a visibility setting:
|
||||
* To make the package visible to anyone, click **Public**.
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning:** Once you make a package public, you cannot make it private again.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> Once you make a package public, you cannot make it private again.
|
||||
|
||||
* To make the package visible to a custom selection of people in your organization, click **Private**.{% ifversion not fpt %}
|
||||
* To make the package visible to all organization members, click **Internal**. If the organization belongs to an enterprise, the packages will be visible to all enterprise members.{% endif %}
|
||||
|
|
|
|||
|
|
@ -24,13 +24,9 @@ On {% data variables.product.prodname_dotcom %} if you have the required access,
|
|||
* a specific version of a private package
|
||||
* a specific version of a public package, if the package version doesn't have more than 5,000 downloads
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:**
|
||||
* You cannot delete a public package if any version of the package has more than 5,000 downloads. In this scenario, contact us through the {% data variables.contact.contact_support_portal %} for further assistance.
|
||||
* When deleting public packages, be aware that you may break projects that depend on your package.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> * You cannot delete a public package if any version of the package has more than 5,000 downloads. In this scenario, contact us through the {% data variables.contact.contact_support_portal %} for further assistance.
|
||||
> * When deleting public packages, be aware that you may break projects that depend on your package.
|
||||
|
||||
On {% data variables.product.prodname_dotcom %}, you can also restore an entire package or package version, if:
|
||||
* You restore the package within 30 days of its deletion.
|
||||
|
|
|
|||
|
|
@ -68,17 +68,16 @@ The permissions for a package are either inherited from the repository where the
|
|||
| N/A | Docker container management | `Dockerfile` | `Docker` |
|
||||
|
||||
{% ifversion ghes %}
|
||||
{% note %}
|
||||
|
||||
**Note:** When enabling the Docker registry, we highly recommend also enabling subdomain isolation. For more information, see "[AUTOTITLE](/admin/configuration/configuring-network-settings/enabling-subdomain-isolation)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> When enabling the Docker registry, we highly recommend also enabling subdomain isolation. For more information, see "[AUTOTITLE](/admin/configuration/configuring-network-settings/enabling-subdomain-isolation)."
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% ifversion ghec %}
|
||||
|
||||
> [!NOTE] The Apache Maven and Gradle registries are not available for {% data variables.enterprise.data_residency %}.
|
||||
> [!NOTE]
|
||||
> The Apache Maven and Gradle registries are not available for {% data variables.enterprise.data_residency %}.
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -95,14 +95,9 @@ Create a new workflow file in your repository (such as `.github/workflows/deploy
|
|||
|
||||
{% else %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Notes:**
|
||||
|
||||
* {% data reusables.actions.actions-not-certified-by-github %}
|
||||
* {% data reusables.actions.actions-use-sha-pinning %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> * {% data reusables.actions.actions-not-certified-by-github %}
|
||||
> * {% data reusables.actions.actions-use-sha-pinning %}
|
||||
|
||||
```yaml annotate copy
|
||||
#
|
||||
|
|
@ -210,11 +205,10 @@ Using the `GITHUB_TOKEN`, instead of a {% data variables.product.pat_v1 %} with
|
|||
1. Navigate to your package landing page.
|
||||
{% data reusables.package_registry.package-settings-actions-access %}
|
||||
1. To ensure your package has access to your workflow, you must add the repository where the workflow is stored to your package. {% data reusables.package_registry.package-settings-add-repo %}
|
||||
{% note %}
|
||||
|
||||
**Note:** Adding a repository to your package {% data variables.package_registry.package-settings-actions-access-menu %} is different than connecting your package to a repository. For more information, see "[AUTOTITLE](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-workflow-access-to-your-package)" and "[AUTOTITLE](/packages/learn-github-packages/connecting-a-repository-to-a-package)."
|
||||
> [!NOTE]
|
||||
> Adding a repository to your package {% data variables.package_registry.package-settings-actions-access-menu %} is different than connecting your package to a repository. For more information, see "[AUTOTITLE](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-workflow-access-to-your-package)" and "[AUTOTITLE](/packages/learn-github-packages/connecting-a-repository-to-a-package)."
|
||||
|
||||
{% endnote %}
|
||||
1. Optionally, use {% data variables.package_registry.package-settings-actions-access-role-dropdown %}
|
||||
1. Open your workflow file. On the line where you log in to the registry, replace your {% data variables.product.pat_generic %} with {% raw %}`${{ secrets.GITHUB_TOKEN }}`{% endraw %}.
|
||||
|
||||
|
|
|
|||
|
|
@ -29,11 +29,8 @@ topics:
|
|||
|
||||
{% ifversion docker-ghcr-enterprise-migration %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note**: {% data reusables.package_registry.container-registry-ghes-migration-availability %} For more information about finding the version of {% data variables.product.product_name %} that you use, see "[AUTOTITLE](/get-started/learning-about-github/about-versions-of-github-docs#github-enterprise-server)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> {% data reusables.package_registry.container-registry-ghes-migration-availability %} For more information about finding the version of {% data variables.product.product_name %} that you use, see "[AUTOTITLE](/get-started/learning-about-github/about-versions-of-github-docs#github-enterprise-server)."
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -93,11 +93,8 @@ For more information, see "[Docker login](https://docs.docker.com/engine/referen
|
|||
|
||||
{% data reusables.package_registry.docker_registry_deprecation_status %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** Image names must only use lowercase letters.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> Image names must only use lowercase letters.
|
||||
|
||||
{% data variables.product.prodname_registry %} supports multiple top-level Docker images per repository. A repository can have any number of image tags. You may experience degraded service publishing or installing Docker images larger than 10GB, layers are capped at 5GB each. For more information, see "[Docker tag](https://docs.docker.com/engine/reference/commandline/tag/)" in the Docker documentation.
|
||||
|
||||
|
|
@ -187,11 +184,9 @@ For more information, see "[Docker login](https://docs.docker.com/engine/referen
|
|||
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% note %}
|
||||
|
||||
**Note:** You must push your image using `IMAGE_NAME:VERSION` and not using `IMAGE_NAME:SHA`.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> You must push your image using `IMAGE_NAME:VERSION` and not using `IMAGE_NAME:SHA`.
|
||||
|
||||
### Example publishing a Docker image
|
||||
|
||||
|
|
@ -291,11 +286,8 @@ docker pull HOSTNAME/OWNER/REPOSITORY/IMAGE_NAME:TAG_NAME
|
|||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** You must pull the image using `IMAGE_NAME:VERSION` and not using `IMAGE_NAME:SHA`.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> You must pull the image using `IMAGE_NAME:VERSION` and not using `IMAGE_NAME:SHA`.
|
||||
|
||||
## Further reading
|
||||
|
||||
|
|
|
|||
|
|
@ -43,11 +43,8 @@ Replace REGISTRY_URL with the URL for your instance's Maven registry. If your in
|
|||
|
||||
Replace USERNAME with your {% data variables.product.prodname_dotcom %} username, TOKEN with your {% data variables.product.pat_v1 %}, REPOSITORY with the name of the repository containing the package you want to publish, and OWNER with the name of the personal account or organization on {% data variables.product.prodname_dotcom %} that owns the repository. Because uppercase letters aren't supported, you must use lowercase letters for the repository owner even if the {% data variables.product.prodname_dotcom %} user or organization name contains uppercase letters.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** {% data reusables.package_registry.apache-maven-snapshot-versions-supported %} For an example, see "[AUTOTITLE](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> {% data reusables.package_registry.apache-maven-snapshot-versions-supported %} For an example, see "[AUTOTITLE](/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry)."
|
||||
|
||||
#### Example using Gradle Groovy for a single package in a repository
|
||||
|
||||
|
|
|
|||
|
|
@ -109,21 +109,15 @@ $ npm login --scope=@NAMESPACE --auth-type=legacy --registry=https://HOSTNAME/_r
|
|||
|
||||
## Publishing a package
|
||||
|
||||
> [!NOTE]
|
||||
{% ifversion packages-npm-v2 %}
|
||||
{% note %}
|
||||
|
||||
**Note:**
|
||||
> * Package names and scopes must only use lowercase letters.
|
||||
> * The tarball for an npm version must be smaller than 256MB in size.
|
||||
|
||||
* Package names and scopes must only use lowercase letters.
|
||||
* The tarball for an npm version must be smaller than 256MB in size.
|
||||
|
||||
{% endnote %}
|
||||
{% else %}
|
||||
{% note %}
|
||||
|
||||
**Note:** Package names and scopes must only use lowercase letters.
|
||||
|
||||
{% endnote %}
|
||||
> Package names and scopes must only use lowercase letters.
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
|
|
|||
|
|
@ -108,11 +108,8 @@ bundle config https://{% ifversion fpt or ghec %}rubygems.pkg.github.com{% else
|
|||
|
||||
1. Publish a package to {% data variables.product.prodname_registry %}, replacing `NAMESPACE` with the name of the personal account or organization {% ifversion packages-rubygems-v2 %}to which the package will be scoped{% else %}that owns the repository containing your project{% endif %} and `GEM_NAME` with the name of your gem package.{% ifversion ghes %} Replace `REGISTRY_URL` with the URL for your instance's Rubygems registry. If your instance has subdomain isolation enabled, use `rubygems.HOSTNAME`. If your instance has subdomain isolation disabled, use `HOSTNAME/_registry/rubygems`. In either case, replace `HOSTNAME` with the host name of your {% data variables.product.prodname_ghe_server %} instance.{% endif %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** The maximum uncompressed size of a gem's `metadata.gz` file must be less than {% data variables.package_registry.limit_rubygems_max_metadata_size %}. Requests to push gems that exceed that limit will fail.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> The maximum uncompressed size of a gem's `metadata.gz` file must be less than {% data variables.package_registry.limit_rubygems_max_metadata_size %}. Requests to push gems that exceed that limit will fail.
|
||||
|
||||
```shell
|
||||
$ gem push --key github \
|
||||
|
|
|
|||
|
|
@ -40,11 +40,8 @@ For example, if the custom domain for your user site is `www.octocat.com`, and y
|
|||
|
||||
You can override the default custom domain by adding a custom domain to the individual repository.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** The URLs for project sites that are privately published are not affected by the custom domain for your user or organization site. For more information about privately published sites, see "[AUTOTITLE](/enterprise-cloud@latest/pages/getting-started-with-github-pages/changing-the-visibility-of-your-github-pages-site){% ifversion not ghec %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> The URLs for project sites that are privately published are not affected by the custom domain for your user or organization site. For more information about privately published sites, see "[AUTOTITLE](/enterprise-cloud@latest/pages/getting-started-with-github-pages/changing-the-visibility-of-your-github-pages-site){% ifversion not ghec %}" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% else %}."{% endif %}
|
||||
|
||||
To remove the default custom domain, you must remove the custom domain from your user or organization site.
|
||||
|
||||
|
|
|
|||
|
|
@ -34,11 +34,8 @@ The `dig` command, which can be used to verify correct configuration of DNS reco
|
|||
|
||||
{% endwindows %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** DNS changes can take up to 24 hours to propagate.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> DNS changes can take up to 24 hours to propagate.
|
||||
|
||||
## Configuring an apex domain
|
||||
|
||||
|
|
@ -97,11 +94,8 @@ To set up an apex domain, such as `example.com`, you must configure a custom dom
|
|||
|
||||
### Configuring an apex domain and the `www` subdomain variant
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** Setting up a `www` subdomain alongside an apex domain is recommended for HTTPS secured websites.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> Setting up a `www` subdomain alongside an apex domain is recommended for HTTPS secured websites.
|
||||
|
||||
{% data reusables.pages.www-and-apex-domain-recommendation %} For more information, see "[Configuring a subdomain](#configuring-a-subdomain)."
|
||||
|
||||
|
|
@ -118,13 +112,10 @@ To set up a `www` or custom subdomain, such as `www.example.com` or `blog.exampl
|
|||
{% data reusables.pages.sidebar-pages %}
|
||||
1. Under "Custom domain", type your custom domain, then click **Save**. If you are publishing your site from a branch, this will create a commit that adds a `CNAME` file directly to the root of your source branch. If you are publishing your site with a custom {% data variables.product.prodname_actions %} workflow, no `CNAME` file is created, so you need to create one manually (containing only a line of text with your custom domain). For more information about your publishing source, see "[AUTOTITLE](/pages/getting-started-with-github-pages/configuring-a-publishing-source-for-your-github-pages-site)."
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If your custom domain is an internationalized domain name, you must enter the Punycode encoded version.
|
||||
|
||||
For more information on Punycodes, see [Internationalized domain name](https://en.wikipedia.org/wiki/Internationalized_domain_name).
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If your custom domain is an internationalized domain name, you must enter the Punycode encoded version.
|
||||
>
|
||||
> For more information on Punycodes, see [Internationalized domain name](https://en.wikipedia.org/wiki/Internationalized_domain_name).
|
||||
|
||||
1. Navigate to your DNS provider and create a `CNAME` record that points your subdomain to the default domain for your site. For example, if you want to use the subdomain `www.example.com` for your user site, create a `CNAME` record that points `www.example.com` to `<user>.github.io`. If you want to use the subdomain `another.example.com` for your organization site, create a `CNAME` record that points `another.example.com` to `<organization>.github.io`. The `CNAME` record should always point to `<user>.github.io` or `<organization>.github.io`, excluding the repository name. {% data reusables.pages.contact-dns-provider %} {% data reusables.pages.default-domain-information %}
|
||||
|
||||
|
|
@ -143,11 +134,8 @@ To set up a `www` or custom subdomain, such as `www.example.com` or `blog.exampl
|
|||
{% data reusables.pages.build-locally-download-cname %}
|
||||
{% data reusables.pages.enforce-https-custom-domain %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If you point your custom subdomain to your apex domain, you will encounter issues with enforcing HTTPS to your website, and you may encounter issues where your subdomain does not reach your {% data variables.product.prodname_pages %} site at all.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If you point your custom subdomain to your apex domain, you will encounter issues with enforcing HTTPS to your website, and you may encounter issues where your subdomain does not reach your {% data variables.product.prodname_pages %} site at all.
|
||||
|
||||
## DNS records for your custom domain
|
||||
|
||||
|
|
|
|||
|
|
@ -78,11 +78,10 @@ When you configure your site to publish with {% data variables.product.prodname_
|
|||
The workflow templates use a deployment environment called `github-pages`. If your repository does not already include an environment called `github-pages`, the environment will be created automatically. We recommend that you add a deployment protection rule so that only the default branch can deploy to this environment. For more information, see "[AUTOTITLE](/actions/deployment/targeting-different-environments/using-environments-for-deployment)."
|
||||
|
||||
{% ifversion fpt or ghec %}
|
||||
{% note %}
|
||||
|
||||
**Note**: A `CNAME` file in your repository file does not automatically add or remove a custom domain. Instead, you must configure the custom domain through your repository settings or through the API. For more information, see "[AUTOTITLE](/pages/configuring-a-custom-domain-for-your-github-pages-site/managing-a-custom-domain-for-your-github-pages-site#configuring-a-subdomain)" and "[AUTOTITLE](/rest/pages#update-information-about-a-github-pages-site)."
|
||||
> [!NOTE]
|
||||
> A `CNAME` file in your repository file does not automatically add or remove a custom domain. Instead, you must configure the custom domain through your repository settings or through the API. For more information, see "[AUTOTITLE](/pages/configuring-a-custom-domain-for-your-github-pages-site/managing-a-custom-domain-for-your-github-pages-site#configuring-a-subdomain)" and "[AUTOTITLE](/rest/pages#update-information-about-a-github-pages-site)."
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
|
||||
### Troubleshooting publishing with a custom {% data variables.product.prodname_actions %} workflow
|
||||
|
|
|
|||
|
|
@ -23,11 +23,8 @@ All {% data variables.product.prodname_pages %} sites, including sites that are
|
|||
|
||||
{% data reusables.pages.private_pages_are_public_warning %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** RFC3280 states that the maximum length of the common name should be 64 characters. Therefore, the entire domain name of your {% data variables.product.prodname_pages %} site must be less than 64 characters long for a certificate to be successfully created.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> RFC3280 states that the maximum length of the common name should be 64 characters. Therefore, the entire domain name of your {% data variables.product.prodname_pages %} site must be less than 64 characters long for a certificate to be successfully created.
|
||||
|
||||
## Enforcing HTTPS for your {% data variables.product.prodname_pages %} site
|
||||
|
||||
|
|
@ -54,11 +51,8 @@ Assets are commonly found in the following locations:
|
|||
* JavaScript is usually found in the `<head>` section or just before the closing `</body>` tag.
|
||||
* Images are often found in the `<body>` section.
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** If you can't find your assets in your site's source files, try searching your site's source files for `http` in your text editor or on {% data variables.product.product_name %}.
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> If you can't find your assets in your site's source files, try searching your site's source files for `http` in your text editor or on {% data variables.product.product_name %}.
|
||||
|
||||
### Examples of assets referenced in an HTML file
|
||||
|
||||
|
|
|
|||
|
|
@ -99,11 +99,8 @@ You can enable additional plugins by adding the plugin's gem to the `plugins` se
|
|||
|
||||
For a list of supported plugins, see "[Dependency versions](https://pages.github.com/versions/)" on the {% data variables.product.prodname_pages %} site. For usage information for a specific plugin, see the plugin's documentation.
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** You can make sure you're using the latest version of all plugins by keeping the {% data variables.product.prodname_pages %} gem updated. For more information, see "[AUTOTITLE](/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll#updating-the-github-pages-gem)" and "[Dependency versions](https://pages.github.com/versions/)" on the {% data variables.product.prodname_pages %} site.
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> You can make sure you're using the latest version of all plugins by keeping the {% data variables.product.prodname_pages %} gem updated. For more information, see "[AUTOTITLE](/pages/setting-up-a-github-pages-site-with-jekyll/testing-your-github-pages-site-locally-with-jekyll#updating-the-github-pages-gem)" and "[Dependency versions](https://pages.github.com/versions/)" on the {% data variables.product.prodname_pages %} site.
|
||||
|
||||
{% data variables.product.prodname_pages %} cannot build sites using unsupported plugins. If you want to use unsupported plugins, generate your site locally and then push your site's static files to {% data variables.product.product_name %}.
|
||||
|
||||
|
|
|
|||
|
|
@ -23,11 +23,8 @@ If you are publishing from a branch, sometimes {% data variables.product.prodnam
|
|||
* You're pushing with a deploy key. If you want to automate pushes to your site's repository, you can set up a machine user instead. For more information, see "[AUTOTITLE](/authentication/connecting-to-github-with-ssh/managing-deploy-keys#machine-users)."
|
||||
* You're using a CI service that isn't configured to build your publishing source. For example, Travis CI won't build the `gh-pages` branch unless you add the branch to a safe list. For more information, see "[Customizing the build](https://docs.travis-ci.com/user/customizing-the-build/#safelisting-or-blocklisting-branches)" on Travis CI, or your CI service's documentation.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** It can take up to 10 minutes for changes to your site to publish after you push the changes to {% data variables.product.product_name %}.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> It can take up to 10 minutes for changes to your site to publish after you push the changes to {% data variables.product.product_name %}.
|
||||
|
||||
{% ifversion build-pages-with-actions %}
|
||||
If Jekyll does attempt to build your site and encounters an error, you will receive a build error message.
|
||||
|
|
|
|||
|
|
@ -49,20 +49,16 @@ Before you can use Jekyll to test a site, you must:
|
|||
> Server running... press ctrl-c to stop.
|
||||
```
|
||||
|
||||
{% note %}
|
||||
|
||||
**Notes:**
|
||||
* If you've installed Ruby 3.0 or later (which you may have if you installed the default version via Homebrew), you might get an error at this step. That's because these versions of Ruby no longer come with `webrick` installed.
|
||||
|
||||
To fix the error, try running `bundle add webrick`, then re-running `bundle exec jekyll serve`.
|
||||
|
||||
* If your `_config.yml` file's `baseurl` field contains your GitHub repository's link, you can use the following command when building locally to ignore that value and serve the site on `localhost:4000/`:
|
||||
|
||||
```shell
|
||||
bundle exec jekyll serve --baseurl=""
|
||||
```
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> * If you've installed Ruby 3.0 or later (which you may have if you installed the default version via Homebrew), you might get an error at this step. That's because these versions of Ruby no longer come with `webrick` installed.
|
||||
>
|
||||
> To fix the error, try running `bundle add webrick`, then re-running `bundle exec jekyll serve`.
|
||||
>
|
||||
> * If your `_config.yml` file's `baseurl` field contains your GitHub repository's link, you can use the following command when building locally to ignore that value and serve the site on `localhost:4000/`:
|
||||
>
|
||||
> ```shell
|
||||
> bundle exec jekyll serve --baseurl=""
|
||||
> ```
|
||||
|
||||
1. To preview your site, in your web browser, navigate to `http://localhost:4000`.
|
||||
|
||||
|
|
|
|||
|
|
@ -21,11 +21,8 @@ You can only resolve merge conflicts on {% data variables.product.product_name %
|
|||
If a site administrator disables the merge conflict editor for pull requests between repositories, you cannot use the conflict editor on {% data variables.product.product_name %} and must resolve merge conflicts on the command line. For example, if the merge conflict editor is disabled, you cannot use it on a pull request between a fork and upstream repository.
|
||||
{% endif %}
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning:** When you resolve a merge conflict on {% data variables.product.product_name %}, the entire [base branch](/get-started/learning-about-github/github-glossary#base-branch) of your pull request is merged into the [head branch](/get-started/learning-about-github/github-glossary#head-branch). Make sure you really want to commit to this branch. If the head branch is the default branch of your repository, you'll be given the option of creating a new branch to serve as the head branch for your pull request. If the head branch is protected you won't be able to merge your conflict resolution into it, so you'll be prompted to create a new head branch. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches)."
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> When you resolve a merge conflict on {% data variables.product.product_name %}, the entire [base branch](/get-started/learning-about-github/github-glossary#base-branch) of your pull request is merged into the [head branch](/get-started/learning-about-github/github-glossary#head-branch). Make sure you really want to commit to this branch. If the head branch is the default branch of your repository, you'll be given the option of creating a new branch to serve as the head branch for your pull request. If the head branch is protected you won't be able to merge your conflict resolution into it, so you'll be prompted to create a new head branch. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches)."
|
||||
|
||||
{% data reusables.repositories.sidebar-pr %}
|
||||
1. In the "Pull Requests" list, click the pull request with a merge conflict that you'd like to resolve.
|
||||
|
|
@ -33,11 +30,8 @@ If a site administrator disables the merge conflict editor for pull requests bet
|
|||
|
||||
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If the **Resolve conflicts** button is deactivated, your pull request's merge conflict is too complex to resolve on {% data variables.product.product_name %}{% ifversion ghes %} or the site administrator has disabled the conflict editor for pull requests between repositories{% endif %}. You must resolve the merge conflict using an alternative Git client, or by using Git on the command line. For more information see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/addressing-merge-conflicts/resolving-a-merge-conflict-using-the-command-line)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If the **Resolve conflicts** button is deactivated, your pull request's merge conflict is too complex to resolve on {% data variables.product.product_name %}{% ifversion ghes %} or the site administrator has disabled the conflict editor for pull requests between repositories{% endif %}. You must resolve the merge conflict using an alternative Git client, or by using Git on the command line. For more information see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/addressing-merge-conflicts/resolving-a-merge-conflict-using-the-command-line)."
|
||||
|
||||
{% data reusables.pull_requests.decide-how-to-resolve-competing-line-change-merge-conflict %}
|
||||
1. If you have more than one merge conflict in your file, scroll down to the next set of conflict markers and repeat steps four and five to resolve your merge conflict.
|
||||
|
|
|
|||
|
|
@ -17,11 +17,8 @@ shortTitle: Resolve merge conflicts in Git
|
|||
---
|
||||
Merge conflicts occur when competing changes are made to the same line of a file, or when one person edits a file and another person deletes the same file. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/addressing-merge-conflicts/about-merge-conflicts)."
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** You can use the conflict editor on {% data variables.product.product_name %} to resolve competing line change merge conflicts between branches that are part of a pull request. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/addressing-merge-conflicts/resolving-a-merge-conflict-on-github)."
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> You can use the conflict editor on {% data variables.product.product_name %} to resolve competing line change merge conflicts between branches that are part of a pull request. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/addressing-merge-conflicts/resolving-a-merge-conflict-on-github)."
|
||||
|
||||
## Competing line change merge conflicts
|
||||
|
||||
|
|
|
|||
|
|
@ -35,11 +35,8 @@ There are two types of status checks on {% data variables.product.product_name %
|
|||
|
||||
_Checks_ are different from _commit statuses_ in that they provide line annotations, more detailed messaging, and are only available for use with {% data variables.product.prodname_github_apps %}.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** {% data variables.product.prodname_actions %} generates checks, not commit statuses, when workflows are run.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> {% data variables.product.prodname_actions %} generates checks, not commit statuses, when workflows are run.
|
||||
|
||||
Organization owners and users with push access to a repository can create checks and commit statuses with {% data variables.product.product_name %}'s API. For more information, see "[AUTOTITLE](/rest/checks)" and "[AUTOTITLE](/rest/commits/statuses)."
|
||||
|
||||
|
|
@ -47,11 +44,8 @@ Organization owners and users with push access to a repository can create checks
|
|||
|
||||
When _checks_ are set up in a repository, pull requests have a **Checks** tab where you can view detailed build output from checks and rerun failed checks.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** The **Checks** tab only gets populated for pull requests if you set up _checks_, not _commit statuses_, for the repository.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> The **Checks** tab only gets populated for pull requests if you set up _checks_, not _commit statuses_, for the repository.
|
||||
|
||||
When a specific line in a commit causes a check to fail, you will see details about the failure, warning, or notice next to the relevant code in the **Files** tab of the pull request.
|
||||
|
||||
|
|
|
|||
|
|
@ -16,19 +16,13 @@ shortTitle: Required status checks
|
|||
---
|
||||
If you have a check and a status with the same name, and you select that name as a required status check, both the check and the status are required. For more information, see "[AUTOTITLE](/rest/checks)."
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** To be required, status checks must have completed successfully within the chosen repository during the past seven days.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> To be required, status checks must have completed successfully within the chosen repository during the past seven days.
|
||||
|
||||
After you enable required status checks, your branch may need to be up-to-date with the base branch before merging. This ensures that your branch has been tested with the latest code from the base branch. If your branch is out of date, you'll need to merge the base branch into your branch. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging)."
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** You can also bring your branch up to date with the base branch using Git rebase. For more information, see "[AUTOTITLE](/get-started/using-git/about-git-rebase)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> You can also bring your branch up to date with the base branch using Git rebase. For more information, see "[AUTOTITLE](/get-started/using-git/about-git-rebase)."
|
||||
|
||||
You won't be able to push local changes to a protected branch until all required status checks pass. Instead, you'll receive an error message similar to the following.
|
||||
|
||||
|
|
@ -37,11 +31,8 @@ remote: error: GH006: Protected branch update failed for refs/heads/main.
|
|||
remote: error: Required status check "ci-build" is failing
|
||||
```
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** Pull requests that are up-to-date and pass required status checks can be merged locally and pushed to the protected branch. This can be done without status checks running on the merge commit itself.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> Pull requests that are up-to-date and pass required status checks can be merged locally and pushed to the protected branch. This can be done without status checks running on the merge commit itself.
|
||||
|
||||
## Required check needs to succeed against the latest commit SHA
|
||||
|
||||
|
|
@ -55,16 +46,14 @@ If there is a conflict between the test merge commit and head commit, the checks
|
|||
|
||||
## Handling skipped but required checks
|
||||
|
||||
{% warning %}
|
||||
|
||||
**Warning:** If a workflow is skipped due to [path filtering](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore), [branch filtering](/actions/using-workflows/workflow-syntax-for-github-actions#onpull_requestpull_request_targetbranchesbranches-ignore) or a [commit message](/actions/managing-workflow-runs/skipping-workflow-runs), then checks associated with that workflow will remain in a "Pending" state. A pull request that requires those checks to be successful will be blocked from merging.
|
||||
|
||||
{% data reusables.pull_requests.path-filtering-required-workflows %}
|
||||
|
||||
If, however, a job within a workflow is skipped due to a conditional, it will report its status as "Success". For more information, see "[AUTOTITLE](/actions/using-jobs/using-conditions-to-control-job-execution)."
|
||||
|
||||
When a job fails, any jobs that depend on the failed job are skipped and do not report a failure. A pull request that requires the check may not be blocked. To use a required check on a job that depends on other jobs, use the `always()` conditional expression in addition to `needs`, see "[AUTOTITLE](/actions/using-jobs/using-jobs-in-a-workflow#defining-prerequisite-jobs)."
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> If a workflow is skipped due to [path filtering](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore), [branch filtering](/actions/using-workflows/workflow-syntax-for-github-actions#onpull_requestpull_request_targetbranchesbranches-ignore) or a [commit message](/actions/managing-workflow-runs/skipping-workflow-runs), then checks associated with that workflow will remain in a "Pending" state. A pull request that requires those checks to be successful will be blocked from merging.
|
||||
>
|
||||
> {% data reusables.pull_requests.path-filtering-required-workflows %}
|
||||
>
|
||||
> If, however, a job within a workflow is skipped due to a conditional, it will report its status as "Success". For more information, see "[AUTOTITLE](/actions/using-jobs/using-conditions-to-control-job-execution)."
|
||||
>
|
||||
> When a job fails, any jobs that depend on the failed job are skipped and do not report a failure. A pull request that requires the check may not be blocked. To use a required check on a job that depends on other jobs, use the `always()` conditional expression in addition to `needs`, see "[AUTOTITLE](/actions/using-jobs/using-jobs-in-a-workflow#defining-prerequisite-jobs)."
|
||||
|
||||
### Example
|
||||
|
||||
|
|
@ -104,11 +93,8 @@ Due to [path filtering](/actions/using-workflows/workflow-syntax-for-github-acti
|
|||
|
||||
You **must** use the `merge_group` event to trigger your {% data variables.product.prodname_actions %} workflow when a pull request is added to a merge queue.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** {% data reusables.actions.merge-group-event-with-required-checks %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> {% data reusables.actions.merge-group-event-with-required-checks %}
|
||||
|
||||
A workflow that reports a check which is required by the target branch's protections would look like this:
|
||||
|
||||
|
|
|
|||
|
|
@ -19,11 +19,8 @@ shortTitle: Collaborative development
|
|||
|
||||
In the fork and pull model, anyone can fork an existing ("upstream") repository to which they have read access and the owner of the upstream repository allows it. Be aware that a fork and its upstream share the same git data. This means that all content uploaded to a fork is accessible from the upstream and all other forks of that upstream. You do not need permission from the upstream repository to push to a fork of it you created. You can optionally allow anyone with push access to the upstream repository to make changes to your pull request branch. This model is popular with open-source projects as it reduces the amount of friction for new contributors and allows people to work independently without upfront coordination.
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** {% data reusables.open-source.open-source-guide-general %} {% data reusables.open-source.open-source-learning %}
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> {% data reusables.open-source.open-source-guide-general %} {% data reusables.open-source.open-source-learning %}
|
||||
|
||||
## Shared repository model
|
||||
|
||||
|
|
|
|||
|
|
@ -41,13 +41,11 @@ People with write permissions to a repository can enable auto-merge for a pull r
|
|||
{% ifversion fpt %}
|
||||
1. If you chose the merge or squash and merge methods, type a commit message and description and choose the email address you want to author the merge commit.
|
||||
|
||||
{% note %}
|
||||
> [!NOTE]
|
||||
> The email dropdown menu is not available if you have email privacy enabled or if you only have one verified and visible email associated with your {% data variables.product.company_short %} account.
|
||||
|
||||
**Note:** The email dropdown menu is not available if you have email privacy enabled or if you only have one verified and visible email associated with your {% data variables.product.company_short %} account.
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
{% ifversion ghes or ghec %}
|
||||
{% endif %}
|
||||
{% ifversion ghes or ghec %}
|
||||
1. If you chose the merge or squash and merge methods, type a commit message and description.
|
||||
{% endif %}
|
||||
1. Click **Confirm auto-merge**.
|
||||
|
|
|
|||
|
|
@ -13,11 +13,9 @@ versions:
|
|||
topics:
|
||||
- Pull requests
|
||||
---
|
||||
{% tip %}
|
||||
|
||||
**Tip**: If you opened a pull request with the wrong base branch, rather than closing it out and opening a new one, you can instead change the base branch. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-base-branch-of-a-pull-request)."
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> If you opened a pull request with the wrong base branch, rather than closing it out and opening a new one, you can instead change the base branch. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-base-branch-of-a-pull-request)."
|
||||
|
||||
{% data reusables.repositories.sidebar-pr %}
|
||||
1. In the "Pull Requests" list, click the pull request you'd like to close.
|
||||
|
|
|
|||
|
|
@ -22,11 +22,8 @@ product: '{% data reusables.gated-features.merge-queue %}'
|
|||
|
||||
{% webui %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** You can use {% data variables.product.prodname_cli %} to add a pull request to a merge queue. For more information, click the "{% data variables.product.prodname_cli %}" tab at the top of this article.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> You can use {% data variables.product.prodname_cli %} to add a pull request to a merge queue. For more information, click the "{% data variables.product.prodname_cli %}" tab at the top of this article.
|
||||
|
||||
{% data reusables.repositories.navigate-to-repo %}
|
||||
{% data reusables.repositories.sidebar-pr %}
|
||||
|
|
@ -39,11 +36,8 @@ product: '{% data reusables.gated-features.merge-queue %}'
|
|||
|
||||
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** You can click **Merge when ready** whenever you're ready to merge your proposed changes. {% data variables.product.product_name %} will automatically add the pull request to the merge queue once required approval and status checks conditions are met.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> You can click **Merge when ready** whenever you're ready to merge your proposed changes. {% data variables.product.product_name %} will automatically add the pull request to the merge queue once required approval and status checks conditions are met.
|
||||
|
||||
1. Confirm you want to add the pull request to the merge queue by clicking **Confirm merge when ready**.
|
||||
|
||||
|
|
|
|||
|
|
@ -31,12 +31,9 @@ You can't merge a draft pull request. For more information about draft pull requ
|
|||
|
||||
The repository may be configured so that the head branch for a pull request is automatically deleted when you merge a pull request. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-the-automatic-deletion-of-branches)."
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** {% data reusables.pull_requests.retargeted-on-branch-deletion %}
|
||||
For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#working-with-branches)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> {% data reusables.pull_requests.retargeted-on-branch-deletion %}
|
||||
> For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#working-with-branches)."
|
||||
|
||||
Pull requests are merged using [the `--no-ff` option](https://git-scm.com/docs/git-merge#_fast_forward_merge), except for [pull requests with squashed or rebased commits](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges), which are merged using the fast-forward option.
|
||||
|
||||
|
|
@ -60,21 +57,17 @@ If you decide you don't want the changes in a topic branch to be merged to the u
|
|||
|
||||
* [Rebase the commits individually onto the base branch](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges#rebase-and-merge-your-pull-request-commits) by clicking the merge dropdown menu, selecting **Rebase and merge** and then clicking **Rebase and merge**.
|
||||
|
||||
{% note %}
|
||||
> [!NOTE]
|
||||
> Rebase and merge will always update the committer information and create new commit SHAs. For more information, see "[About pull request merges](/articles/about-pull-request-merges#rebase-and-merge-your-pull-request-commits)."
|
||||
|
||||
**Note:** Rebase and merge will always update the committer information and create new commit SHAs. For more information, see "[About pull request merges](/articles/about-pull-request-merges#rebase-and-merge-your-pull-request-commits)."
|
||||
|
||||
{% endnote %}
|
||||
1. If prompted, type a commit message, or accept the default message.
|
||||
|
||||
{% data reusables.pull_requests.default-commit-message-squash-merge %}
|
||||
{% data reusables.files.choose-commit-email %}
|
||||
|
||||
{% note %}
|
||||
> [!NOTE]
|
||||
> The email selector is not available for rebase merges, which do not create a merge commit{% ifversion squash-merge-email %}. For squash merges, the email selector is only shown if you are the pull request author and you have more than one email address associated with your account.{% else %}, or for squash merges, which credit the user who created the pull request as the author of the squashed commit.{% endif %}
|
||||
|
||||
**Note:** The email selector is not available for rebase merges, which do not create a merge commit{% ifversion squash-merge-email %}. For squash merges, the email selector is only shown if you are the pull request author and you have more than one email address associated with your account.{% else %}, or for squash merges, which credit the user who created the pull request as the author of the squashed commit.{% endif %}
|
||||
|
||||
{% endnote %}
|
||||
1. Click **Confirm merge**, **Confirm squash and merge**, or **Confirm rebase and merge**.
|
||||
1. Optionally, [delete the branch](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/deleting-and-restoring-branches-in-a-pull-request). This keeps the list of branches in your repository tidy.
|
||||
|
||||
|
|
|
|||
|
|
@ -19,16 +19,13 @@ Reverting a pull request on {% data variables.product.product_name %} creates a
|
|||
|
||||
## Reverting a pull request
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** You may need to revert the individual commits in your pull request if either of the following is true.
|
||||
|
||||
* Reverting the pull request causes merge conflicts
|
||||
* The original pull request was not originally merged on {% data variables.product.product_name %}. For example, someone could have merged the pull request using a fast-forward merge on the command line.
|
||||
|
||||
For more information about using Git to manually revert individual commits, see [Git revert](https://git-scm.com/docs/git-revert.html) in the Git documentation.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> You may need to revert the individual commits in your pull request if either of the following is true.
|
||||
>
|
||||
> * Reverting the pull request causes merge conflicts
|
||||
> * The original pull request was not originally merged on {% data variables.product.product_name %}. For example, someone could have merged the pull request using a fast-forward merge on the command line.
|
||||
>
|
||||
> For more information about using Git to manually revert individual commits, see [Git revert](https://git-scm.com/docs/git-revert.html) in the Git documentation.
|
||||
|
||||
{% data reusables.repositories.sidebar-pr %}
|
||||
1. In the "Pull Requests" list, click the pull request you'd like to revert.
|
||||
|
|
|
|||
|
|
@ -57,11 +57,8 @@ Now when you merge the `feature2` pull request, it'll be merged into the `main`
|
|||
|
||||
Repository administrators {% ifversion edit-repository-rules %}or custom roles with the "edit repository rules" permission {% endif %}can enable protections on a branch. If you're working on a branch that's protected, you won't be able to delete or force push to the branch. Repository administrators can additionally enable several other protected branch settings to enforce various workflows before a branch can be merged.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If you're a repository administrator, you can merge pull requests on branches with branch protections enabled even if the pull request does not meet the requirements, unless branch protections have been set to "Include administrators."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If you're a repository administrator, you can merge pull requests on branches with branch protections enabled even if the pull request does not meet the requirements, unless branch protections have been set to "Include administrators."
|
||||
|
||||
To see if your pull request can be merged, look in the merge box at the bottom of the pull request's **Conversation** tab. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches)."
|
||||
|
||||
|
|
|
|||
|
|
@ -14,11 +14,9 @@ topics:
|
|||
- Pull requests
|
||||
shortTitle: Compare branches
|
||||
---
|
||||
{% note %}
|
||||
|
||||
**Note:** When creating your pull request, you can change the base branch that you're comparing your changes against. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request#changing-the-branch-range-and-destination-repository)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> When creating your pull request, you can change the base branch that you're comparing your changes against. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request#changing-the-branch-range-and-destination-repository)."
|
||||
|
||||
You can view proposed changes in a pull request in the Files changed tab.
|
||||
|
||||
|
|
@ -27,11 +25,8 @@ Rather than viewing the commits themselves, you can view the proposed changes as
|
|||
|
||||
## Diff view options
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** If you're having a hard time understanding the context of a change, you can click **View** in the Files changed tab to view the whole file with the proposed changes.
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> If you're having a hard time understanding the context of a change, you can click **View** in the Files changed tab to view the whole file with the proposed changes.
|
||||
|
||||
You have several options for viewing a diff:
|
||||
* The unified view shows updated and existing content together in a linear view.
|
||||
|
|
|
|||
|
|
@ -19,13 +19,10 @@ topics:
|
|||
|
||||
A pull request is a proposal to merge a set of changes from one branch into another. In a pull request, collaborators can review and discuss the proposed set of changes before they integrate the changes into the main codebase. Pull requests display the differences, or diffs, between the content in the source branch and the content in the target branch.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** When working with pull requests, keep the following in mind:
|
||||
* If you're working in the [shared repository model](/pull-requests/collaborating-with-pull-requests/getting-started/about-collaborative-development-models), we recommend that you use a topic branch for your pull request. While you can send pull requests from any branch or commit, with a topic branch you can push follow-up commits if you need to update your proposed changes.
|
||||
* Be very careful when force pushing commits to a pull request. Force pushing changes the repository history and can corrupt your pull request. If other collaborators branch the project before a force push, the force push may overwrite commits that collaborators based their work on.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> When working with pull requests, keep the following in mind:
|
||||
> * If you're working in the [shared repository model](/pull-requests/collaborating-with-pull-requests/getting-started/about-collaborative-development-models), we recommend that you use a topic branch for your pull request. While you can send pull requests from any branch or commit, with a topic branch you can push follow-up commits if you need to update your proposed changes.
|
||||
> * Be very careful when force pushing commits to a pull request. Force pushing changes the repository history and can corrupt your pull request. If other collaborators branch the project before a force push, the force push may overwrite commits that collaborators based their work on.
|
||||
|
||||
You can create pull requests on {% data variables.product.prodname_dotcom_the_website %}, with {% data variables.product.prodname_desktop %}{% ifversion fpt or ghec %}, in {% data variables.product.prodname_github_codespaces %}{% endif %}, on {% data variables.product.prodname_mobile %}, and when using GitHub CLI.
|
||||
|
||||
|
|
@ -45,13 +42,9 @@ After you're happy with the proposed changes, you can merge the pull request. If
|
|||
|
||||
{% data reusables.pull_requests.close-issues-using-keywords %}
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tips:**
|
||||
* To toggle between collapsing and expanding all outdated review comments in a pull request, hold down <span class="platform-mac"><kbd>Option</kbd></span><span class="platform-linux"><kbd>Alt</kbd></span><span class="platform-windows"><kbd>Alt</kbd></span> and click **Show outdated** or **Hide outdated**. For more shortcuts, see "[AUTOTITLE](/get-started/accessibility/keyboard-shortcuts)."
|
||||
* You can squash commits when merging a pull request to gain a more streamlined view of changes. See "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges)."
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> * To toggle between collapsing and expanding all outdated review comments in a pull request, hold down <span class="platform-mac"><kbd>Option</kbd></span><span class="platform-linux"><kbd>Alt</kbd></span><span class="platform-windows"><kbd>Alt</kbd></span> and click **Show outdated** or **Hide outdated**. For more shortcuts, see "[AUTOTITLE](/get-started/accessibility/keyboard-shortcuts)."
|
||||
> * You can squash commits when merging a pull request to gain a more streamlined view of changes. See "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges)."
|
||||
|
||||
You can visit your dashboard to quickly find links to recently updated pull requests you're working on or subscribed to. See "[AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/about-your-personal-dashboard)."
|
||||
|
||||
|
|
|
|||
|
|
@ -14,11 +14,9 @@ topics:
|
|||
- Pull requests
|
||||
shortTitle: Change the base branch
|
||||
---
|
||||
{% warning %}
|
||||
|
||||
**Warning**: When you change the base branch of your pull request, some commits may be removed from the timeline. Review comments may also become outdated, as the line of code that the comment referenced may no longer be part of the changes in the pull request.
|
||||
|
||||
{% endwarning %}
|
||||
> [!WARNING]
|
||||
> When you change the base branch of your pull request, some commits may be removed from the timeline. Review comments may also become outdated, as the line of code that the comment referenced may no longer be part of the changes in the pull request.
|
||||
|
||||
{% data reusables.repositories.sidebar-pr %}
|
||||
1. In the "Pull Requests" list, click the pull request you'd like to modify.
|
||||
|
|
@ -32,11 +30,8 @@ shortTitle: Change the base branch
|
|||
|
||||
1. Read the information about changing the base branch and click **Change base**.
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip:** When you open a pull request, {% data variables.product.product_name %} will set the base to the commit that branch references. If the branch is updated in the future, {% data variables.product.product_name %} will not update the base branch's commit.
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> When you open a pull request, {% data variables.product.product_name %} will set the base to the commit that branch references. If the branch is updated in the future, {% data variables.product.product_name %} will not update the base branch's commit.
|
||||
|
||||
## Further reading
|
||||
|
||||
|
|
|
|||
|
|
@ -20,11 +20,8 @@ shortTitle: Change the state
|
|||
|
||||
{% data reusables.pull_requests.mark-ready-review %}
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tip**: You can also mark a pull request as ready for review using the {% data variables.product.prodname_cli %}. For more information, see "[`gh pr ready`](https://cli.github.com/manual/gh_pr_ready)" in the {% data variables.product.prodname_cli %} documentation.
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> You can also mark a pull request as ready for review using the {% data variables.product.prodname_cli %}. For more information, see "[`gh pr ready`](https://cli.github.com/manual/gh_pr_ready)" in the {% data variables.product.prodname_cli %} documentation.
|
||||
|
||||
{% data reusables.repositories.sidebar-pr %}
|
||||
1. In the "Pull requests" list, click the pull request you'd like to mark as ready for review.
|
||||
|
|
|
|||
|
|
@ -22,20 +22,16 @@ You can only make commits on pull request branches that:
|
|||
|
||||
Only the user who created the pull request can give you permission to push commits to the user-owned fork. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)."
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** You can also make commits to a pull request branch from a fork of your repository through {% data variables.location.product_location %} by creating your own copy (or fork) of the fork of your repository and committing changes to the same head branch that the original pull request changes were created on. For some general guidelines, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request-from-a-fork)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> You can also make commits to a pull request branch from a fork of your repository through {% data variables.location.product_location %} by creating your own copy (or fork) of the fork of your repository and committing changes to the same head branch that the original pull request changes were created on. For some general guidelines, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request-from-a-fork)."
|
||||
|
||||
1. On {% data variables.product.product_name %}, navigate to the main page of the fork (or copy of your repository) where the pull request branch was created.
|
||||
{% data reusables.repositories.copy-clone-url %}
|
||||
{% data reusables.command_line.open_the_multi_os_terminal %}
|
||||
{% tip %}
|
||||
|
||||
**Tip:** If you prefer to clone the fork using {% data variables.product.prodname_desktop %}, then see "[AUTOTITLE](/repositories/creating-and-managing-repositories/cloning-a-repository#cloning-a-repository-to-github-desktop)."
|
||||
> [!TIP]
|
||||
> If you prefer to clone the fork using {% data variables.product.prodname_desktop %}, then see "[AUTOTITLE](/repositories/creating-and-managing-repositories/cloning-a-repository#cloning-a-repository-to-github-desktop)."
|
||||
|
||||
{% endtip %}
|
||||
1. Change the current working directory to the location where you want to download the cloned directory.
|
||||
|
||||
```shell
|
||||
|
|
@ -59,11 +55,9 @@ Only the user who created the pull request can give you permission to push commi
|
|||
> Unpacking objects: 100% (10/10), done.
|
||||
```
|
||||
|
||||
{% tip %}
|
||||
> [!TIP]
|
||||
> The error message "fatal: destination path 'REPOSITORY-NAME' already exists and is not an empty directory" means that your current working directory already contains a repository with the same name. To resolve the error, you must clone the fork in a different directory.
|
||||
|
||||
**Tip:** The error message "fatal: destination path 'REPOSITORY-NAME' already exists and is not an empty directory" means that your current working directory already contains a repository with the same name. To resolve the error, you must clone the fork in a different directory.
|
||||
|
||||
{% endtip %}
|
||||
1. Navigate into your new cloned repository.
|
||||
|
||||
```shell
|
||||
|
|
@ -78,11 +72,9 @@ Only the user who created the pull request can give you permission to push commi
|
|||
git checkout TEST-BRANCH
|
||||
```
|
||||
|
||||
{% tip %}
|
||||
> [!TIP]
|
||||
> For more information about pull request branches, including examples, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request#changing-the-branch-range-and-destination-repository)."
|
||||
|
||||
**Tip:** For more information about pull request branches, including examples, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request#changing-the-branch-range-and-destination-repository)."
|
||||
|
||||
{% endtip %}
|
||||
1. At this point, you can do anything you want with this branch. You can push new commits to it, run some local tests, or merge other branches into the branch. Make modifications as you like.
|
||||
1. After you commit your changes to the head branch of the pull request you can push your changes up to the original pull request directly. In this example, the head branch is `test-branch`:
|
||||
|
||||
|
|
|
|||
|
|
@ -36,13 +36,9 @@ When you change the base repository, you also change notifications for the pull
|
|||
|
||||
When you change any of the information in the branch range, the Commit and Files changed preview areas will update to show your new range.
|
||||
|
||||
{% tip %}
|
||||
|
||||
**Tips**:
|
||||
* Using the compare view, you can set up comparisons across any timeframe. For more information, see "[AUTOTITLE](/pull-requests/committing-changes-to-your-project/viewing-and-comparing-commits/comparing-commits)."
|
||||
* Project maintainers can add a pull request template for a repository. Templates include prompts for information in the body of a pull request. For more information, see "[AUTOTITLE](/communities/using-templates-to-encourage-useful-issues-and-pull-requests/about-issue-and-pull-request-templates)."
|
||||
|
||||
{% endtip %}
|
||||
> [!TIP]
|
||||
> * Using the compare view, you can set up comparisons across any timeframe. For more information, see "[AUTOTITLE](/pull-requests/committing-changes-to-your-project/viewing-and-comparing-commits/comparing-commits)."
|
||||
> * Project maintainers can add a pull request template for a repository. Templates include prompts for information in the body of a pull request. For more information, see "[AUTOTITLE](/communities/using-templates-to-encourage-useful-issues-and-pull-requests/about-issue-and-pull-request-templates)."
|
||||
|
||||
## Creating the pull request
|
||||
|
||||
|
|
|
|||
|
|
@ -19,11 +19,8 @@ shortTitle: Create & delete branches
|
|||
|
||||
You can create a branch in different ways on {% data variables.product.product_name %}.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** You can only create a branch in a repository to which you have push access.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> You can only create a branch in a repository to which you have push access.
|
||||
|
||||
### Creating a branch via the branches overview
|
||||
|
||||
|
|
@ -71,11 +68,8 @@ You can create a branch to work on an issue directly from the issue page and get
|
|||
|
||||
{% data reusables.pull_requests.automatically-delete-branches %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If the branch you want to delete is the repository's default branch, you must choose a new default branch before deleting the branch. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/changing-the-default-branch)."
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If the branch you want to delete is the repository's default branch, you must choose a new default branch before deleting the branch. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/changing-the-default-branch)."
|
||||
|
||||
If the branch you want to delete is associated with an open pull request, you must merge or close the pull request before deleting the branch. For more information, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request)" or "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/closing-a-pull-request)."
|
||||
|
||||
|
|
|
|||
|
|
@ -22,11 +22,8 @@ To assign a reviewer to a pull request, you will need write access to the reposi
|
|||
|
||||
Organization members with write access can also assign a pull request review to any person or team with read access to a repository. The requested reviewer or team will receive a notification that you asked them to review the pull request. If you request a review from a team and code review assignment is enabled, specific members will be requested and the team will be removed as a reviewer. For more information, see "[AUTOTITLE](/organizations/organizing-members-into-teams/managing-code-review-settings-for-your-team)."
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** Pull request authors can't request reviews unless they are either a repository owner or collaborator with write access to the repository.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> Pull request authors can't request reviews unless they are either a repository owner or collaborator with write access to the repository.
|
||||
|
||||
{% ifversion copilot-hadron %}
|
||||
|
||||
|
|
|
|||
Некоторые файлы не были показаны из-за слишком большого количества измененных файлов Показать больше
Загрузка…
Ссылка в новой задаче