Late last year, we updated Security Advisories to enable you to edit published advisories with new or updated information (like a newly-fixed version or additional impact information). Now, you can see a history of the changes made to the advisory’s description and who made each change. We don’t yet capture changes to advisory fields (severity, affected versions, etc.) in the history.
Additionally, GitHub will no longer remove collaborators from Security Advisories during the publish process. With this change, your collaborators can continue to see the discussion and any private forks associated with the advisory after it’s published. You can still manually remove collaborators at any time.