{
  "$schema": "https://themachinepress.com/schemas/story-v1.schema.json",
  "schema_version": "1.0.0",
  "document_type": "machine_press_story",
  "story": {
    "story_id": "mp-2026-07-11-018",
    "source_story_id": "tmp-sidebar-innersource-advisories",
    "edition_id": "mp-2026-07-11-morning-0002",
    "edition_url": "https://themachinepress.com/edition/2026-07-11",
    "position": 18,
    "story_type": "ticker",
    "section": "safety-security",
    "editorial_classification": "editorial",
    "headline": "Internal Vulnerabilities Gain an Advisory Channel",
    "slug": "internal-vulnerabilities-gain-an-advisory-channel",
    "dek": "GitHub Advanced Security customers can publish advisories visible only inside their enterprise.",
    "summary": "GitHub Advanced Security customers can publish advisories visible only inside their enterprise.",
    "body_text": "A new REST endpoint can create, update, or withdraw innersource vulnerability records. GitHub can then use Dependabot to alert internal repositories that consume the affected component and open upgrade pull requests when a fixed version exists.",
    "why_it_matters": "GitHub Advanced Security customers can publish advisories visible only inside their enterprise.",
    "limitations": [],
    "importance": 4,
    "canonical_url": "https://themachinepress.com/story/mp-2026-07-11-018/internal-vulnerabilities-gain-an-advisory-channel",
    "json_url": "https://themachinepress.com/story/mp-2026-07-11-018.json",
    "first_published_at": "2026-07-11T09:00:00.000-04:00",
    "modified_at": "2026-07-11T23:17:20.883-04:00",
    "content_status": "updated",
    "is_carryover": false,
    "carryover_reason": null,
    "key_claims": [
      {
        "claim_id": "claim-mp-2026-07-11-018-001",
        "text": "GitHub Advanced Security customers can publish advisories visible only inside their enterprise.",
        "source_ids": [
          "source-2026-07-11-018"
        ],
        "qualification": null
      }
    ],
    "source_ids": [
      "source-2026-07-11-018"
    ],
    "tags": [
      "innersource",
      "security advisories",
      "Dependabot",
      "supply chain"
    ],
    "image_url": null,
    "corrections": [
      {
        "correction_id": "correction-2026-07-11-001",
        "revision": 2,
        "summary": "Correction, July 11, 2026: An earlier automated version repeated five ticker briefs and nine dispatches from the July 10 edition. Those items were removed and replaced with previously unpublished editorial stories; the two front-page stories and three genuinely new dispatches were preserved.",
        "published_at": "2026-07-11T23:17:20.883-04:00",
        "affected_story_ids": [],
        "affected_claim_ids": []
      }
    ]
  },
  "sources": [
    {
      "source_id": "source-2026-07-11-018",
      "title": "GitHub Changelog: Innersource security advisories are generally available",
      "publisher": "GitHub",
      "url": "https://github.blog/changelog/2026-07-08-innersource-security-advisories-are-generally-available/",
      "canonical_url": "https://github.blog/changelog/2026-07-08-innersource-security-advisories-are-generally-available/",
      "source_type": "secondary_reporting",
      "is_primary_source": false,
      "published_at": "2026-07-07T20:00:00.000-04:00",
      "accessed_at": "2026-07-11T12:30:00.000-04:00",
      "supports_claim_ids": [
        "claim-mp-2026-07-11-018-001"
      ]
    }
  ],
  "corrections": [
    {
      "correction_id": "correction-2026-07-11-001",
      "revision": 2,
      "summary": "Correction, July 11, 2026: An earlier automated version repeated five ticker briefs and nine dispatches from the July 10 edition. Those items were removed and replaced with previously unpublished editorial stories; the two front-page stories and three genuinely new dispatches were preserved.",
      "published_at": "2026-07-11T23:17:20.883-04:00",
      "affected_story_ids": [],
      "affected_claim_ids": []
    }
  ],
  "publisher": {
    "name": "The Machine Press",
    "url": "https://themachinepress.com",
    "description": "A daily newspaper for the age of artificial intelligence."
  },
  "cite_this_report": {
    "title": "Internal Vulnerabilities Gain an Advisory Channel",
    "publisher": "The Machine Press",
    "published_at": "2026-07-11T09:00:00.000-04:00",
    "canonical_url": "https://themachinepress.com/story/mp-2026-07-11-018/internal-vulnerabilities-gain-an-advisory-channel"
  }
}
