People with admin permissions to a security advisory can remove collaborators from the security advisory.
Note: This article applies to editing repository-level advisories as an owner of a public repository.
Users who are not repository owners can contribute to global security advisories in the GitHub Advisory Database at github.com/advisories. Edits to global advisories will not change or affect how the advisory appears on the repository. For more information, see "Editing security advisories in the GitHub Advisory Database."
Removing a collaborator from a security advisory
If you remove a user from a repository or organization, and the user is also a collaborator on a security advisory, GitHub will automatically remove the user as a collaborator for the security advisory. This prevents any unauthorized access from ex-collaborators.
-
On GitHub, navigate to the main page of the repository.
-
Under the repository name, click Security. If you cannot see the "Security" tab, select the dropdown menu, and then click Security.
-
In the left sidebar, under "Reporting", click Advisories.
-
In the "Security Advisories" list, click the name of the security advisory you'd like to remove a collaborator from.
-
On the right side of the page, under "Collaborators", find the name of the user or team you'd like to remove from the security advisory.
-
Next to the collaborator you want to remove, click Remove.