Adding a security policy to your repositoryโ
You can give instructions for how to responsibly report a security vulnerability in your project by adding a security policy to your repository.
About GitHub Security Advisoriesโ
You can use GitHub Security Advisories to privately discuss, fix, and publish information about security vulnerabilities in your repository.
Permission levels for security advisoriesโ
The actions you can take in a security advisory depend on whether you have admin or write permissions to the security advisory.
Creating a security advisoryโ
You can create a draft security advisory to privately discuss and fix a security vulnerability in your open source project.
Adding a collaborator to a security advisoryโ
You can add other users or teams to collaborate on a security advisory with you.
Removing a collaborator from a security advisoryโ
When you remove a collaborator from a security advisory, they lose read and write access to the security advisory's discussion and metadata.
Collaborating in a temporary private fork to resolve a security vulnerabilityโ
You can create a temporary private fork to privately collaborate on fixing a security vulnerability in your repository.
Publishing a security advisoryโ
You can publish a security advisory to alert your community about a security vulnerability in your project.
Editing a security advisoryโ
You can edit the metadata and description for a security advisory if you need to update details or correct errors.
Withdrawing a security advisoryโ
You can withdraw a security advisory that you've published.