GitHub now allows repository administrators to lock draft security advisories and private vulnerability reports, preventing collaborators from editing advisory content or metadata. When locked, only admins can make changes while collaborators can still comment. This feature gives teams greater control over the triage and publication process, preserving record integrity after severity decisions have been made. Locking and unlocking is accessible via the advisory actions menu.
Sort: