Permission levels for security advisories

The actions you can take in a security advisory depend on whether you have admin or write permissions to the security advisory.

In this article

Permissions overview

Anyone with admin permissions to a repository can create a security advisory.

Anyone with admin permissions to a repository also has admin permissions to all security advisories in that repository. People with admin permissions to a security advisory can add collaborators, and collaborators have write permissions to the security advisory. For more information about adding a collaborator to a security advisory, see "Adding a collaborator to a security advisory."

Action Write permissions Admin permissions
See a draft security advisory X X
Add collaborators to the security advisory (see "Adding a collaborator to a security advisory") X
Edit and delete any comments in the security advisory X X
Create a temporary private fork in the security advisory (see "Collaborating in a temporary private fork to resolve a security vulnerability") X
Add changes to a temporary private fork in the security advisory (see "Collaborating in a temporary private fork to resolve a security vulnerability") X X
Create pull requests in a temporary private fork (see "Collaborating in a temporary private fork to resolve a security vulnerability") X X
Merge changes in the security advisory (see "Collaborating in a temporary private fork to resolve a security vulnerability") X
Add and edit metadata in the security advisory (see "Publishing a security advisory") X X
Close the draft security advisory X
Publish the security advisory (see "Publishing a security advisory") X

Further reading

Ask a human

Can't find what you're looking for?

Contact us