Hi @hksanduo! Thanks for reaching out. Can you say more about that?

Are you asking about multiple packages/languages affected on a specific vulnerability? Or are you asking about localization and translating the repository into multiple non-English languages?

Thanks for replying me.I asking about translating the repository into multiple non-English languages.

@hksanduo got it, thank you. That is not something we've considered, but I'll leave this issue open so if others want to chime in about it they have a place to do so!

ok.

Hi! I'm a native English speaker, and I'm not GitHub staff; popping in to comment!

This feels like a no-brainer; details about a vulnerability shouldn't just be limited to our language. However, I definitely won't say that it's not complicated, because it is. Expanding a bit:

• How would translations be published from the get-go? Would a maintainer put in the translations or GitHub?
  • If it is done by a team at GitHub, wouldn't this delay the publishing of a CVE/GHSA?
  • If it is done by a maintainer, that would definitely cause people to cling to machine-translations
• Will these translations be modifiable by contributors, as the original English one is? The GitHub team would need to review these modified translations, right?
  • If so, wouldn't this limit the scope of possible languages to translate to?
  • If not, wouldn't this cause the possibility of abuse and fake translations?
• Will this be a backwards-incompatible change?

There's definitely a lot to consider here. I am in support of localization as long as a) the advisory database isn't gonna suffer because of it, b) the added delay to an already delayed publishing for something as urgent as a CVE is negligible