github · docs-bot · Mar 19, 2025 · Mar 19, 2025 · Mar 19, 2025 · Mar 19, 2025
diff --git a/...ut-vulnerabilities/best-practices-for-writing-repository-security-advisories.md b/...ut-vulnerabilities/best-practices-for-writing-repository-security-advisories.md
@@ -4,6 +4,7 @@ intro: 'When you create or edit security advisories, the information you provide
 versions:
   fpt: '*'
   ghec: '*'
+permissions: '{% data reusables.permissions.security-repo-enable %}'
 type: how_to
 topics:
   - Security advisories
@@ -14,8 +15,6 @@ redirect_from:
   - /code-security/security-advisories/guidance-on-reporting-and-writing/best-practices-for-writing-repository-security-advisories
 ---
 
-Anyone with admin permissions to a public repository can create and edit a security advisory.
-
 {% data reusables.security-advisory.security-researcher-cannot-create-advisory %}
 
 ## About security advisories for repositories

diff --git a/...n-about-vulnerabilities/managing-privately-reported-security-vulnerabilities.md b/...n-about-vulnerabilities/managing-privately-reported-security-vulnerabilities.md
@@ -1,7 +1,7 @@
 ---
 title: Managing privately reported security vulnerabilities
 intro: Repository maintainers can manage security vulnerabilities that have been privately reported to them by security researchers for repositories where private vulnerability reporting is enabled.
-permissions: 'Anyone with admin permissions to a repository can see, review, and manage privately-reported vulnerabilities for the repository.'
+permissions: '{% data reusables.permissions.security-repo-enable %}'
 versions:
   fpt: '*'
   ghec: '*'

diff --git a/...formation-about-vulnerabilities/privately-reporting-a-security-vulnerability.md b/...formation-about-vulnerabilities/privately-reporting-a-security-vulnerability.md
@@ -8,6 +8,7 @@ type: how_to
 topics:
   - Security advisories
   - Vulnerabilities
+permissions: '**Anyone** can privately report a security vulnerability to repository maintainers.'
 shortTitle: Privately reporting
 redirect_from:
   - /code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability

diff --git a/...visory-database/browsing-security-advisories-in-the-github-advisory-database.md b/...visory-database/browsing-security-advisories-in-the-github-advisory-database.md
@@ -2,6 +2,7 @@
 title: Browsing security advisories in the GitHub Advisory Database
 intro: 'You can browse the {% data variables.product.prodname_advisory_database %} to find CVEs and {% data variables.product.prodname_dotcom %}-originated advisories affecting the open source world.'
 shortTitle: Browse Advisory Database
+permissions: '{% data reusables.permissions.global-security-advisories-browse %}'
 redirect_from:
   - /github/managing-security-vulnerabilities/browsing-security-vulnerabilities-in-the-github-advisory-database
   - /code-security/supply-chain-security/browsing-security-vulnerabilities-in-the-github-advisory-database

diff --git a/...dvisory-database/editing-security-advisories-in-the-github-advisory-database.md b/...dvisory-database/editing-security-advisories-in-the-github-advisory-database.md
@@ -1,6 +1,7 @@
 ---
 title: Editing security advisories in the GitHub Advisory Database
 intro: 'You can submit improvements to any advisory published in the {% data variables.product.prodname_advisory_database %} by making a community contribution.'
+permissions: '{% data reusables.permissions.global-security-advisories-edit %}'
 redirect_from:
   - /code-security/security-advisories/editing-security-advisories-in-the-github-advisory-database
   - /code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/editing-security-advisories-in-the-github-advisory-database

diff --git a/...ing-with-repository-security-advisories/about-repository-security-advisories.md b/...ing-with-repository-security-advisories/about-repository-security-advisories.md
@@ -13,16 +13,13 @@ versions:
   fpt: '*'
   ghec: '*'
 type: overview
+product: '{% data reusables.gated-features.private-vulnerability-reporting %}'
 topics:
   - Security advisories
   - Vulnerabilities
   - CVEs
 ---
 
-{% data reusables.repositories.security-advisory-admin-permissions %}
-
-{% data reusables.security-advisory.security-researcher-cannot-create-advisory %}
-
 ## About repository security advisories
 
 {% data reusables.security-advisory.disclosing-vulnerabilities %} For more information, see [AUTOTITLE](/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/about-coordinated-disclosure-of-security-vulnerabilities).

diff --git a/...-security-advisories/adding-a-collaborator-to-a-repository-security-advisory.md b/...-security-advisories/adding-a-collaborator-to-a-repository-security-advisory.md
@@ -1,6 +1,7 @@
 ---
 title: Adding a collaborator to a repository security advisory
 intro: You can add other users or teams to collaborate on a security advisory with you.
+permissions: '{% data reusables.permissions.security-repo-enable %}'
 redirect_from:
   - /articles/adding-a-collaborator-to-a-maintainer-security-advisory
   - /github/managing-security-vulnerabilities/adding-a-collaborator-to-a-maintainer-security-advisory
@@ -19,8 +20,6 @@ topics:
 shortTitle: Add collaborators
 ---
 
-People with admin permissions to a security advisory can add collaborators to the security advisory.
-
 {% data reusables.security-advisory.repository-level-advisory-note %}
 
 ## Adding a collaborator to a security advisory

diff --git a/...g-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability.md b/...g-in-a-temporary-private-fork-to-resolve-a-repository-security-vulnerability.md
@@ -1,6 +1,7 @@
 ---
 title: Collaborating in a temporary private fork to resolve a repository security vulnerability
 intro: You can create a temporary private fork to privately collaborate on fixing a security vulnerability in your public repository.
+permissions: '{% data reusables.permissions.security-repo-enable %}'
 redirect_from:
   - /articles/collaborating-in-a-temporary-private-fork-to-resolve-a-security-vulnerability
   - /github/managing-security-vulnerabilities/collaborating-in-a-temporary-private-fork-to-resolve-a-security-vulnerability
@@ -27,8 +28,6 @@ Before you can collaborate in a temporary private fork, you must create a draft
 
 ## Creating a temporary private fork
 
-Anyone with admin permissions to a security advisory can create a temporary private fork.
-
 To keep information about vulnerabilities secure, integrations, including CI, cannot access temporary private forks.
 
 {% data reusables.repositories.navigate-to-repo %}

diff --git a/...rity-advisories/configuring-private-vulnerability-reporting-for-a-repository.md b/...rity-advisories/configuring-private-vulnerability-reporting-for-a-repository.md
@@ -1,7 +1,7 @@
 ---
 title: Configuring private vulnerability reporting for a repository
 intro: Owners and administrators of public repositories can allow security researchers to report vulnerabilities securely in the repository by enabling private vulnerability reporting.
-permissions: Anyone with admin permissions to a public repository can enable and disable private vulnerability reporting for the repository.
+permissions: '{% data reusables.permissions.security-repo-enable %}'
 versions:
   fpt: '*'
   ghec: '*'

diff --git a/...y-advisories/configuring-private-vulnerability-reporting-for-an-organization.md b/...y-advisories/configuring-private-vulnerability-reporting-for-an-organization.md
@@ -1,7 +1,7 @@
 ---
 title: Configuring private vulnerability reporting for an organization
 intro: Organization owners and security managers can allow security researchers to report vulnerabilities securely in repositories within the organization by enabling private vulnerability reporting for all its public repositories.
-permissions: 'Anyone with admin permissions to an organization, or with a security manager role within the organization, can enable and disable private vulnerability reporting for that organization.'
+permissions: '{% data reusables.permissions.security-org-enable %}'
 versions:
   fpt: '*'
   ghec: '*'

diff --git a/...-with-repository-security-advisories/creating-a-repository-security-advisory.md b/...-with-repository-security-advisories/creating-a-repository-security-advisory.md
@@ -1,7 +1,7 @@
 ---
 title: Creating a repository security advisory
 intro: You can create a draft security advisory to privately discuss and fix a security vulnerability in your open source project.
-permissions: Anyone with admin permissions to a public repository, or with a security manager role within the repository, can create a security advisory.
+permissions: '{% data reusables.permissions.security-repo-enable %}'
 redirect_from:
   - /articles/creating-a-maintainer-security-advisory
   - /github/managing-security-vulnerabilities/creating-a-maintainer-security-advisory

diff --git a/...-with-repository-security-advisories/deleting-a-repository-security-advisory.md b/...-with-repository-security-advisories/deleting-a-repository-security-advisory.md
@@ -1,6 +1,7 @@
 ---
 title: Deleting a repository security advisory
 intro: You can delete a repository security advisory that you've published by contacting Support.
+permissions: 'Repository owners, organization owners, security managers, and users with the **admin** role can contact {% data variables.contact.github_support %} to delete a published security advisory.'
 redirect_from:
   - /github/managing-security-vulnerabilities/withdrawing-a-security-advisory
   - /code-security/security-advisories/withdrawing-a-security-advisory

diff --git a/...g-with-repository-security-advisories/editing-a-repository-security-advisory.md b/...g-with-repository-security-advisories/editing-a-repository-security-advisory.md
@@ -1,7 +1,7 @@
 ---
 title: Editing a repository security advisory
 intro: You can edit the metadata and description for a repository security advisory if you need to update details or correct errors.
-permissions: Anyone with admin permissions to a repository security advisory, or with a security manager role within the repository, can edit the security advisory.
+permissions: '{% data reusables.permissions.security-repo-enable %}'
 redirect_from:
   - /github/managing-security-vulnerabilities/editing-a-security-advisory
   - /code-security/security-advisories/editing-a-security-advisory

diff --git a/...ository-security-advisories/evaluating-the-security-settings-of-a-repository.md b/...ository-security-advisories/evaluating-the-security-settings-of-a-repository.md
@@ -1,7 +1,7 @@
 ---
 title: Evaluating the security settings of a repository
 intro: Security researchers can assess the security settings of a public repository, suggest a security policy and report a vulnerability.
-permissions: Anyone can view a public repository's security settings, and contact the repository maintainers regarding security issues.
+permissions: '{% data reusables.permissions.repository-security-advisory-evaluate %}'
 versions:
   fpt: '*'
   ghec: '*'

diff --git a/...ory-security-advisories/permission-levels-for-repository-security-advisories.md b/...ory-security-advisories/permission-levels-for-repository-security-advisories.md
@@ -18,11 +18,10 @@ topics:
   - Permissions
 shortTitle: Permission levels
 ---
-This article applies only to repository-level security advisories. Anyone can contribute to global security advisories in the {% data variables.product.prodname_advisory_database %} at [github.com/advisories](https://github.com/advisories). Edits to global advisories will not change or affect how the advisory appears on the repository. For more information, see [AUTOTITLE](/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/editing-security-advisories-in-the-github-advisory-database).
 
 ## Permissions overview
 
-{% data reusables.repositories.security-advisory-admin-permissions %} For more information about adding a collaborator to a security advisory, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory).
+{% data reusables.repositories.security-advisory-admin-permissions %}
 
 Action | Write permissions | Admin permissions |
 ------ | ----------------- | ----------------- |
@@ -38,6 +37,10 @@ Add and remove credits for a security advisory (see [AUTOTITLE](/code-security/s
 Close the draft security advisory | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %}  |
 Publish the security advisory (see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/publishing-a-repository-security-advisory)) | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %}  |
 
+### Permission differences for global security advisories
+
+Unlike repository security advisories, anyone can contribute to **global security advisories** in the {% data variables.product.prodname_advisory_database %} at [github.com/advisories](https://github.com/advisories). Edits to global advisories will not change or affect how the advisory appears on the repository. See [AUTOTITLE](/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/editing-security-advisories-in-the-github-advisory-database).
+
 ## Further reading
 
 * [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/adding-a-collaborator-to-a-repository-security-advisory)

diff --git a/...ith-repository-security-advisories/publishing-a-repository-security-advisory.md b/...ith-repository-security-advisories/publishing-a-repository-security-advisory.md
@@ -1,6 +1,7 @@
 ---
 title: Publishing a repository security advisory
 intro: You can publish a security advisory to alert your community about a security vulnerability in your project.
+permissions: '{% data reusables.permissions.security-repo-enable %}'
 redirect_from:
   - /articles/publishing-a-maintainer-security-advisory
   - /github/managing-security-vulnerabilities/publishing-a-maintainer-security-advisory
@@ -21,8 +22,6 @@ shortTitle: Publish repository advisories
 ---
 <!--Marketing-LINK: From /features/security/software-supply-chain page "Publishing a security advisory".-->
 
-Anyone with admin permissions to a security advisory can publish the security advisory.
-
 {% data reusables.security-advisory.repository-level-advisory-note %}
 
 ## Prerequisites

diff --git a/...urity-advisories/removing-a-collaborator-from-a-repository-security-advisory.md b/...urity-advisories/removing-a-collaborator-from-a-repository-security-advisory.md
@@ -1,6 +1,7 @@
 ---
 title: Removing a collaborator from a repository security advisory
 intro: 'When you remove a collaborator from a repository security advisory, they lose read and write access to the security advisory''s discussion and metadata.'
+permissions: '{% data reusables.permissions.security-repo-enable %}'
 redirect_from:
   - /github/managing-security-vulnerabilities/removing-a-collaborator-from-a-security-advisory
   - /code-security/security-advisories/removing-a-collaborator-from-a-security-advisory
@@ -17,8 +18,6 @@ topics:
 shortTitle: Remove collaborators
 ---
 
-People with admin permissions to a security advisory can remove collaborators from the security advisory.
-
 {% data reusables.security-advisory.repository-level-advisory-note %}
 
 ## Removing a collaborator from a security advisory

diff --git a/data/reusables/gated-features/private-vulnerability-reporting.md b/data/reusables/gated-features/private-vulnerability-reporting.md
@@ -0,0 +1 @@
+Repository security advisories and private vulnerability reporting are available for public repositories on {% data variables.product.prodname_dotcom_the_website %}
diff --git a/data/reusables/permissions/global-security-advisories-browse.md b/data/reusables/permissions/global-security-advisories-browse.md
@@ -0,0 +1 @@
+**Anyone** can browse the {% data variables.product.prodname_advisory_database %}.
diff --git a/data/reusables/permissions/global-security-advisories-edit.md b/data/reusables/permissions/global-security-advisories-edit.md
@@ -0,0 +1 @@
+**Anyone** can suggest improvements to the {% data variables.product.prodname_advisory_database %}.
diff --git a/data/reusables/permissions/repository-security-advisory-evaluate.md b/data/reusables/permissions/repository-security-advisory-evaluate.md
@@ -0,0 +1,3 @@
+**Anyone** can:
+   * View a public repository's security settings.
+   * Contact the repository maintainers regarding a security issue.
diff --git a/data/reusables/repositories/security-advisory-admin-permissions.md b/data/reusables/repositories/security-advisory-admin-permissions.md
@@ -1,3 +1,6 @@
-Anyone with admin permissions to a public repository can create a security advisory.
+Repository owners, organization owners, security managers, and users with the **admin** role can:
+   * Create a security advisory for the repository.
+   * Access all security advisories for the repository.
+   * Add collaborators to the security advisory.
 
-Anyone with admin permissions to a public repository also has admin permissions to all security advisories in that repository. People with admin permissions to a security advisory can add collaborators, and collaborators have write permissions to the security advisory.
+Collaborators have **write** permissions to the security advisory.
diff --git a/src/audit-logs/data/ghec/enterprise.json b/src/audit-logs/data/ghec/enterprise.json
@@ -4254,21 +4254,6 @@
     "description": "N/A",
     "docs_reference_links": "An enterprise managed user unclaimed an email address."
   },
-  {
-    "action": "user_license.create",
-    "description": "A seat license for a user in an enterprise was created.",
-    "docs_reference_links": "N/A"
-  },
-  {
-    "action": "user_license.destroy",
-    "description": "A seat license for a user in an enterprise was deleted.",
-    "docs_reference_links": "N/A"
-  },
-  {
-    "action": "user_license.update",
-    "description": "A seat license type for a user in an enterprise was changed.",
-    "docs_reference_links": "N/A"
-  },
   {
     "action": "vulnerability_alert_rule.create",
     "description": "A Dependabot rule was created.",
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Repository security advisories and private vulnerability reporting are available for public repositories on {% data variables.product.prodname_dotcom_the_website %}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Anyone can browse the {% data variables.product.prodname_advisory_database %}.
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Anyone can suggest improvements to the {% data variables.product.prodname_advisory_database %}.