People with admin permissions to a security advisory can add collaborators to the security advisory.
Note
: This article applies to editing repository-level advisories as an owner of a public repository.
Users who are not repository owners can contribute to global security advisories in the GitHub Advisory Database at
github.com/advisories
. Edits to global advisories will not change or affect how the advisory appears on the repository. For more information, see "
Editing security advisories in the GitHub Advisory Database
."
Collaborators have write permissions to the security advisory. For more information, see "
Permission levels for repository security advisories
."
If you remove a user from a repository or organization, and the user is also a collaborator on a security advisory, GitHub will automatically remove the user as a collaborator for the security advisory. This prevents any unauthorized access from ex-collaborators. For more information about removing a collaborator on a security advisory, see "
Removing a collaborator from a repository security advisory
."
- On GitHub.com, navigate to the main page of the repository.
- Under the repository name, click
Security
. If you cannot see the "Security" tab, select the
dropdown menu, and then click
Security
.
- In the left sidebar, under "Reporting", click
Advisories
.
- In the "Security Advisories" list, click the security advisory you'd like to add a collaborator to.
- On the right side of the page, under "Collaborators", type the name of the user or team you'd like to add to the security advisory.
- Click
to add the selected user or team as a collaborator.