Lock and unlock draft repository security advisories

Published: 1 day ago (March 4, 2026 at 04:45 PM EST)

1 min read

Source: GitHub Changelog

Locking and unlocking draft repository security advisories

Repository administrators can now lock draft repository security advisories and private vulnerability reports to prevent collaborators from editing advisory content or metadata. When locked, only administrators can make changes; collaborators can still participate through comments.

This gives you greater control over the triage and publication process for private vulnerability reports. Once you’ve reviewed a report and made decisions on severity or other fields, you can lock the advisory to preserve the integrity of the record and ensure no unintended changes are made while discussions continue.

Lock and unlock draft and timeline

How to lock or unlock a draft advisory

Navigate to the advisory.
Select Lock advisory from the advisory actions menu on the right side.

Only repository administrators can lock or unlock advisories.

Learn more about repository security advisories and managing privately reported security vulnerabilities.

Join the discussion within the GitHub Community.

Lock and unlock draft repository security advisories

Locking and unlocking draft repository security advisories

How to lock or unlock a draft advisory

Related posts

Grok Code Fast 1 is now available in Copilot Free auto model selection

Dependabot alert assignees are now generally available

How we rebuilt the search architecture for high availability in GitHub Enterprise Server

Why Running Multiple AI Coding Agents Creates Chaos (And How We're Fixing It)