Permission levels for security advisories

The actions you can take in a security advisory depend on whether you have admin or write permissions to the security advisory.

In this article

Did this doc help you?

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.

Permissions overview

Anyone with admin permissions to a repository can create a security advisory.

Anyone with admin permissions to a repository also has admin permissions to all security advisories in that repository. People with admin permissions to a security advisory can add collaborators, and collaborators have write permissions to the security advisory. For more information about adding a collaborator to a security advisory, see "Adding a collaborator to a security advisory."

ActionWrite permissionsAdmin permissions
See a draft security advisoryXX
Add collaborators to the security advisory (see "Adding a collaborator to a security advisory")X
Edit and delete any comments in the security advisoryXX
Create a temporary private fork in the security advisory (see "Collaborating in a temporary private fork to resolve a security vulnerability")X
Add changes to a temporary private fork in the security advisory (see "Collaborating in a temporary private fork to resolve a security vulnerability")XX
Create pull requests in a temporary private fork (see "Collaborating in a temporary private fork to resolve a security vulnerability")XX
Merge changes in the security advisory (see "Collaborating in a temporary private fork to resolve a security vulnerability")X
Add and edit metadata in the security advisory (see "Publishing a security advisory")XX
Add and remove credits for a security advisory (see "Editing a security advisory")XX
Close the draft security advisoryX
Publish the security advisory (see "Publishing a security advisory")X

Further reading

Did this doc help you?

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.