From cf18297c420c73e52a35bf15e8892adf5d249c35 Mon Sep 17 00:00:00 2001
From: Christine <shecoder30@gmail.com>
Date: Tue, 21 Nov 2023 22:25:35 +0000
Subject: [PATCH 01/16] fix: updating introduction and links

---
 .../about-dependabot-version-updates.md                         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
index df4de5c66687..c8952a3ccb7a 100644
--- a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
+++ b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
@@ -31,7 +31,7 @@ shortTitle: Dependabot version updates
 
 {% data variables.product.prodname_dependabot %} takes the effort out of maintaining your dependencies. You can use it to ensure that your repository automatically keeps up with the latest releases of the packages and applications it depends on.
 
-You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a `dependabot.yml` configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. Vendored (or cached) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary.
+You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a `dependabot.yml` configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. ([Vendored or cached](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#vendor)) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary. Dependencies in private ([registries](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#registries)) are also supported.
 
 When {% data variables.product.prodname_dependabot %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. For vendored dependencies, {% data variables.product.prodname_dependabot %} raises a pull request to replace the outdated dependency with the new version directly. You check that your tests pass, review the changelog and release notes included in the pull request summary, and then merge it. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)."
 

From ec6e5c6830cf1cce52ef3ce11507a575776756cb Mon Sep 17 00:00:00 2001
From: Christine <shecoder30@gmail.com>
Date: Wed, 22 Nov 2023 02:21:26 +0000
Subject: [PATCH 02/16] fix: revise formatting issues in line 34

---
 .../about-dependabot-version-updates.md                         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
index c8952a3ccb7a..bdf52a9cb181 100644
--- a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
+++ b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
@@ -31,7 +31,7 @@ shortTitle: Dependabot version updates
 
 {% data variables.product.prodname_dependabot %} takes the effort out of maintaining your dependencies. You can use it to ensure that your repository automatically keeps up with the latest releases of the packages and applications it depends on.
 
-You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a `dependabot.yml` configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. ([Vendored or cached](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#vendor)) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary. Dependencies in private ([registries](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#registries)) are also supported.
+You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a `dependabot.yml` configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. [Vendored or cached](/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md#vendor) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary. Dependencies in private [registries](/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md#registries)  are also supported.
 
 When {% data variables.product.prodname_dependabot %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. For vendored dependencies, {% data variables.product.prodname_dependabot %} raises a pull request to replace the outdated dependency with the new version directly. You check that your tests pass, review the changelog and release notes included in the pull request summary, and then merge it. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)."
 

From 685c7d2263ec7b70cecfb67fac82e01b840396e9 Mon Sep 17 00:00:00 2001
From: Christine Belzie <105683440+CBID2@users.noreply.github.com>
Date: Fri, 24 Nov 2023 10:27:27 -0500
Subject: [PATCH 03/16] fix: turn the sentence into active tense

Co-authored-by: Anne-Marie  <102995847+am-stead@users.noreply.github.com>
---
 .../about-dependabot-version-updates.md                         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
index bdf52a9cb181..22ff9fb7f9c3 100644
--- a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
+++ b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
@@ -31,7 +31,7 @@ shortTitle: Dependabot version updates
 
 {% data variables.product.prodname_dependabot %} takes the effort out of maintaining your dependencies. You can use it to ensure that your repository automatically keeps up with the latest releases of the packages and applications it depends on.
 
-You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a `dependabot.yml` configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. [Vendored or cached](/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md#vendor) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary. Dependencies in private [registries](/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md#registries)  are also supported.
+You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a `dependabot.yml` configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. [Vendored or cached](/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md#vendor) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary. {% data variables.product.prodname_dependabot %} also supports dependencies in private registries. For more information, see [`registries`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#registries).
 
 When {% data variables.product.prodname_dependabot %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. For vendored dependencies, {% data variables.product.prodname_dependabot %} raises a pull request to replace the outdated dependency with the new version directly. You check that your tests pass, review the changelog and release notes included in the pull request summary, and then merge it. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)."
 

From e2932e6351aa7108a8de841ccaf9c0303c24648c Mon Sep 17 00:00:00 2001
From: Christine Belzie <105683440+CBID2@users.noreply.github.com>
Date: Fri, 24 Nov 2023 10:57:26 -0500
Subject: [PATCH 04/16] fix: fix broken link

Co-authored-by: Anne-Marie  <102995847+am-stead@users.noreply.github.com>
---
 .../about-dependabot-version-updates.md                         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
index 22ff9fb7f9c3..412fdf7d5c72 100644
--- a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
+++ b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
@@ -31,7 +31,7 @@ shortTitle: Dependabot version updates
 
 {% data variables.product.prodname_dependabot %} takes the effort out of maintaining your dependencies. You can use it to ensure that your repository automatically keeps up with the latest releases of the packages and applications it depends on.
 
-You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a `dependabot.yml` configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. [Vendored or cached](/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md#vendor) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary. {% data variables.product.prodname_dependabot %} also supports dependencies in private registries. For more information, see [`registries`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#registries).
+You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a `dependabot.yml` configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. [Vendored or cached](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#vendor) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary. {% data variables.product.prodname_dependabot %} also supports dependencies in private registries. For more information, see [`registries`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#registries).
 
 When {% data variables.product.prodname_dependabot %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. For vendored dependencies, {% data variables.product.prodname_dependabot %} raises a pull request to replace the outdated dependency with the new version directly. You check that your tests pass, review the changelog and release notes included in the pull request summary, and then merge it. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)."
 

From 95497ba11a1a784bc74b55635b12e5edaa4281ff Mon Sep 17 00:00:00 2001
From: Christine <shecoder30@gmail.com>
Date: Wed, 29 Nov 2023 20:18:04 +0000
Subject: [PATCH 05/16] feat: add a sentence about registries

---
 .../configuration-options-for-the-dependabot.yml-file.md         | 1 +
 1 file changed, 1 insertion(+)

diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
index 9cabf7adeaee..11d9284775e6 100644
--- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
+++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
@@ -71,6 +71,7 @@ In general, security updates use any configuration options that affect pull requ
 ### `package-ecosystem`
 
 **Required**. You add one `package-ecosystem` element for each package manager that you want {% data variables.product.prodname_dependabot %} to monitor for new versions. The repository must also contain a dependency manifest or lock file for each of these package managers. If you want to enable vendoring for a package manager that supports it, the vendored dependencies must be located in the required directory. For more information, see [`vendor`](#vendor) below.{% ifversion ghes %}
+If you want to allow {% data variables.product.prodname_dependabot %} to access a private package registry when performing a version update, you can include a registries setting in the configuration file. For more information, see [registries](#registries) below.
 
 {% note %}
 

From 69d3b1075b2ace16a0120e55e64747a92757750d Mon Sep 17 00:00:00 2001
From: Christine <shecoder30@gmail.com>
Date: Wed, 29 Nov 2023 20:38:40 +0000
Subject: [PATCH 06/16] fix: revise sentence

---
 .../configuration-options-for-the-dependabot.yml-file.md       | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
index 11d9284775e6..81a20be3b116 100644
--- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
+++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
@@ -70,8 +70,7 @@ In general, security updates use any configuration options that affect pull requ
 
 ### `package-ecosystem`
 
-**Required**. You add one `package-ecosystem` element for each package manager that you want {% data variables.product.prodname_dependabot %} to monitor for new versions. The repository must also contain a dependency manifest or lock file for each of these package managers. If you want to enable vendoring for a package manager that supports it, the vendored dependencies must be located in the required directory. For more information, see [`vendor`](#vendor) below.{% ifversion ghes %}
-If you want to allow {% data variables.product.prodname_dependabot %} to access a private package registry when performing a version update, you can include a registries setting in the configuration file. For more information, see [registries](#registries) below.
+**Required**. You add one `package-ecosystem` element for each package manager that you want {% data variables.product.prodname_dependabot %} to monitor for new versions. If you want to allow {% data variables.product.prodname_dependabot %} to access a private package registry when performing a version update, you can include a registries setting in the configuration file. For more information, see [registries](#registries) below. The repository must also contain a dependency manifest or lock file for each of these package managers. If you want to enable vendoring for a package manager that supports it, the vendored dependencies must be located in the required directory.  For more information, see [`vendor`](#vendor) below.{% ifversion ghes %}
 
 {% note %}
 

From c48f0d07d25750c0edec6ff26e04200f36b112e2 Mon Sep 17 00:00:00 2001
From: Christine <shecoder30@gmail.com>
Date: Wed, 29 Nov 2023 20:47:57 +0000
Subject: [PATCH 07/16] feat: add a statement on granting Dependabot access

---
 .../configuration-options-for-the-dependabot.yml-file.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
index 81a20be3b116..f8356f4ac666 100644
--- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
+++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
@@ -870,7 +870,7 @@ updates:
 
 ## Configuration options for private registries
 
-The top-level `registries` key is optional. It allows you to specify authentication details that {% data variables.product.prodname_dependabot %} can use to access private package registries.
+The top-level `registries` key is optional. It allows you to specify authentication details that {% data variables.product.prodname_dependabot %} can use to access private package registries. You can give Dependabot access to private package registries hosted by GitLab or Bitbucket by specifying a type of Git and linking to Git.
 {% ifversion ghes > 3.7 %}
 {% note %}
 

From 66971baf043f9123d4b43702e577c4a4979636a7 Mon Sep 17 00:00:00 2001
From: Christine Belzie <105683440+CBID2@users.noreply.github.com>
Date: Thu, 30 Nov 2023 10:30:02 -0500
Subject: [PATCH 08/16] fix: break up content

Co-authored-by: Anne-Marie  <102995847+am-stead@users.noreply.github.com>
---
 .../configuration-options-for-the-dependabot.yml-file.md    | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
index f8356f4ac666..6cf1e4e71b92 100644
--- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
+++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
@@ -70,7 +70,11 @@ In general, security updates use any configuration options that affect pull requ
 
 ### `package-ecosystem`
 
-**Required**. You add one `package-ecosystem` element for each package manager that you want {% data variables.product.prodname_dependabot %} to monitor for new versions. If you want to allow {% data variables.product.prodname_dependabot %} to access a private package registry when performing a version update, you can include a registries setting in the configuration file. For more information, see [registries](#registries) below. The repository must also contain a dependency manifest or lock file for each of these package managers. If you want to enable vendoring for a package manager that supports it, the vendored dependencies must be located in the required directory.  For more information, see [`vendor`](#vendor) below.{% ifversion ghes %}
+**Required**. You add one `package-ecosystem` element for each package manager that you want {% data variables.product.prodname_dependabot %} to monitor for new versions. The repository must also contain a dependency manifest or lock file for each of these package managers. 
+
+If you want to enable vendoring for a package manager that supports it, the vendored dependencies must be located in the required directory. For more information, see [`vendor`](#vendor) below. 
+
+If you want to allow {% data variables.product.prodname_dependabot %} to access a private package registry when performing a version update, you can include a `registries` setting in the configuration file. For more information, see [`registries`](#registries) below.{% ifversion ghes %}
 
 {% note %}
 

From f66b28c1cef64f1845dac5a9bc8476ba6a185060 Mon Sep 17 00:00:00 2001
From: Christine Belzie <105683440+CBID2@users.noreply.github.com>
Date: Thu, 30 Nov 2023 10:31:01 -0500
Subject: [PATCH 09/16] fix: revise sentence

Co-authored-by: Anne-Marie  <102995847+am-stead@users.noreply.github.com>
---
 .../configuration-options-for-the-dependabot.yml-file.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
index 6cf1e4e71b92..3b7c5b234da5 100644
--- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
+++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
@@ -874,7 +874,7 @@ updates:
 
 ## Configuration options for private registries
 
-The top-level `registries` key is optional. It allows you to specify authentication details that {% data variables.product.prodname_dependabot %} can use to access private package registries. You can give Dependabot access to private package registries hosted by GitLab or Bitbucket by specifying a type of Git and linking to Git.
+The top-level `registries` key is optional. It allows you to specify authentication details that {% data variables.product.prodname_dependabot %} can use to access private package registries. You can give {% data variables.product.prodname_dependabot %} access to private package registries hosted by GitLab or Bitbucket by specifying a `type` of `git`. For more information, see [`git`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#git).
 {% ifversion ghes > 3.7 %}
 {% note %}
 

From 37cd4e3893d1389a7686b466bd47fe7ed46051bd Mon Sep 17 00:00:00 2001
From: Christine <shecoder30@gmail.com>
Date: Thu, 30 Nov 2023 21:25:27 +0000
Subject: [PATCH 10/16] fix: revise formatting

---
 .../configuration-options-for-the-dependabot.yml-file.md      | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
index 3b7c5b234da5..c91dd900630e 100644
--- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
+++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
@@ -70,9 +70,9 @@ In general, security updates use any configuration options that affect pull requ
 
 ### `package-ecosystem`
 
-**Required**. You add one `package-ecosystem` element for each package manager that you want {% data variables.product.prodname_dependabot %} to monitor for new versions. The repository must also contain a dependency manifest or lock file for each of these package managers. 
+**Required**. You add one `package-ecosystem` element for each package manager that you want {% data variables.product.prodname_dependabot %} to monitor for new versions. The repository must also contain a dependency manifest or lock file for each of these package managers.
 
-If you want to enable vendoring for a package manager that supports it, the vendored dependencies must be located in the required directory. For more information, see [`vendor`](#vendor) below. 
+If you want to enable vendoring for a package manager that supports it, the vendored dependencies must be located in the required directory. For more information, see [`vendor`](#vendor) below.
 
 If you want to allow {% data variables.product.prodname_dependabot %} to access a private package registry when performing a version update, you can include a `registries` setting in the configuration file. For more information, see [`registries`](#registries) below.{% ifversion ghes %}
 

From 3f13bea7bc5ee3ecade787d17e1dcd7c1214e2a1 Mon Sep 17 00:00:00 2001
From: Christine <shecoder30@gmail.com>
Date: Thu, 30 Nov 2023 21:49:46 +0000
Subject: [PATCH 11/16] fix: sentence goes to a different line

---
 .../about-dependabot-version-updates.md                       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
index 412fdf7d5c72..74600a844b3f 100644
--- a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
+++ b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
@@ -31,7 +31,7 @@ shortTitle: Dependabot version updates
 
 {% data variables.product.prodname_dependabot %} takes the effort out of maintaining your dependencies. You can use it to ensure that your repository automatically keeps up with the latest releases of the packages and applications it depends on.
 
-You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a `dependabot.yml` configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. [Vendored or cached](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#vendor) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary. {% data variables.product.prodname_dependabot %} also supports dependencies in private registries. For more information, see [`registries`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#registries).
+You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a `dependabot.yml` configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. [Vendored or cached](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#vendor) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary.
 
 When {% data variables.product.prodname_dependabot %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. For vendored dependencies, {% data variables.product.prodname_dependabot %} raises a pull request to replace the outdated dependency with the new version directly. You check that your tests pass, review the changelog and release notes included in the pull request summary, and then merge it. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)."
 
@@ -57,7 +57,7 @@ If you've enabled security updates, you'll sometimes see extra pull requests for
 <!-- If you make changes to this feature, check whether any of the changes affect languages listed in /get-started/learning-about-github/github-language-support. If so, please update the language support article accordingly. -->
 
 You can configure version updates for repositories that contain a dependency manifest or lock file for one of the supported package managers. For some package managers, you can also configure vendoring for dependencies. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#vendor)."
-
+{% data variables.product.prodname_dependabot %} also supports dependencies in private registries. For more information, see [`registries`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#registries).
 {% ifversion ghes %}
 
 {% note %}

From 3efdf0005b5ddec95f9aece3af5fcac738884163 Mon Sep 17 00:00:00 2001
From: Anne-Marie <102995847+am-stead@users.noreply.github.com>
Date: Fri, 1 Dec 2023 09:23:55 +0100
Subject: [PATCH 12/16] Update
 content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md

---
 .../about-dependabot-version-updates.md                         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
index 74600a844b3f..46368957e9f2 100644
--- a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
+++ b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
@@ -56,7 +56,7 @@ If you've enabled security updates, you'll sometimes see extra pull requests for
 ## Supported repositories and ecosystems
 <!-- If you make changes to this feature, check whether any of the changes affect languages listed in /get-started/learning-about-github/github-language-support. If so, please update the language support article accordingly. -->
 
-You can configure version updates for repositories that contain a dependency manifest or lock file for one of the supported package managers. For some package managers, you can also configure vendoring for dependencies. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#vendor)."
+You can configure version updates for repositories that contain a dependency manifest or lock file for one of the supported package managers. For some package managers, you can also configure vendoring for dependencies. For more information, see "[`vendor`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#vendor)."
 {% data variables.product.prodname_dependabot %} also supports dependencies in private registries. For more information, see [`registries`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#registries).
 {% ifversion ghes %}
 

From 56564aadceec5fe415ad3e368e12672b3a68bb4c Mon Sep 17 00:00:00 2001
From: Anne-Marie <102995847+am-stead@users.noreply.github.com>
Date: Fri, 1 Dec 2023 09:25:16 +0100
Subject: [PATCH 13/16] Update
 content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md

---
 .../about-dependabot-version-updates.md                         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
index 46368957e9f2..5e9c483b7120 100644
--- a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
+++ b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
@@ -31,7 +31,7 @@ shortTitle: Dependabot version updates
 
 {% data variables.product.prodname_dependabot %} takes the effort out of maintaining your dependencies. You can use it to ensure that your repository automatically keeps up with the latest releases of the packages and applications it depends on.
 
-You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a `dependabot.yml` configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. [Vendored or cached](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#vendor) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary.
+You enable {% data variables.product.prodname_dependabot_version_updates %} by checking a `dependabot.yml` configuration file into your repository. The configuration file specifies the location of the manifest, or of other package definition files, stored in your repository. {% data variables.product.prodname_dependabot %} uses this information to check for outdated packages and applications. {% data variables.product.prodname_dependabot %} determines if there is a new version of a dependency by looking at the semantic versioning ([semver](https://semver.org/)) of the dependency to decide whether it should update to that version. For certain package managers, {% data variables.product.prodname_dependabot_version_updates %} also supports vendoring. Vendored (or cached) dependencies are dependencies that are checked in to a specific directory in a repository rather than referenced in a manifest. Vendored dependencies are available at build time even if package servers are unavailable. {% data variables.product.prodname_dependabot_version_updates %} can be configured to check vendored dependencies for new versions and update them if necessary.
 
 When {% data variables.product.prodname_dependabot %} identifies an outdated dependency, it raises a pull request to update the manifest to the latest version of the dependency. For vendored dependencies, {% data variables.product.prodname_dependabot %} raises a pull request to replace the outdated dependency with the new version directly. You check that your tests pass, review the changelog and release notes included in the pull request summary, and then merge it. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates)."
 

From 768a5875a38477b70a67c16a0d19c9112922d330 Mon Sep 17 00:00:00 2001
From: Anne-Marie <102995847+am-stead@users.noreply.github.com>
Date: Fri, 1 Dec 2023 09:30:14 +0100
Subject: [PATCH 14/16] Update
 content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md

---
 .../configuration-options-for-the-dependabot.yml-file.md      | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
index c91dd900630e..7926db14ebb1 100644
--- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
+++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
@@ -874,7 +874,9 @@ updates:
 
 ## Configuration options for private registries
 
-The top-level `registries` key is optional. It allows you to specify authentication details that {% data variables.product.prodname_dependabot %} can use to access private package registries. You can give {% data variables.product.prodname_dependabot %} access to private package registries hosted by GitLab or Bitbucket by specifying a `type` of `git`. For more information, see [`git`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#git).
+The top-level `registries` key is optional. It allows you to specify authentication details that {% data variables.product.prodname_dependabot %} can use to access private package registries. 
+
+You can give {% data variables.product.prodname_dependabot %} access to private package registries hosted by GitLab or Bitbucket by specifying a `type` of `git`. For more information, see [`git`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#git).
 {% ifversion ghes > 3.7 %}
 {% note %}
 

From be814728a7e93369f58a449e486aa08ab3f2e4a3 Mon Sep 17 00:00:00 2001
From: Anne-Marie <102995847+am-stead@users.noreply.github.com>
Date: Fri, 1 Dec 2023 13:11:17 +0100
Subject: [PATCH 15/16] Update
 content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md

---
 .../configuration-options-for-the-dependabot.yml-file.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
index 7926db14ebb1..01b856170964 100644
--- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
+++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md
@@ -874,7 +874,7 @@ updates:
 
 ## Configuration options for private registries
 
-The top-level `registries` key is optional. It allows you to specify authentication details that {% data variables.product.prodname_dependabot %} can use to access private package registries. 
+The top-level `registries` key is optional. It allows you to specify authentication details that {% data variables.product.prodname_dependabot %} can use to access private package registries.
 
 You can give {% data variables.product.prodname_dependabot %} access to private package registries hosted by GitLab or Bitbucket by specifying a `type` of `git`. For more information, see [`git`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#git).
 {% ifversion ghes > 3.7 %}

From 5b66ff55045956faca09e316f50387d4b7a18e01 Mon Sep 17 00:00:00 2001
From: Anne-Marie <102995847+am-stead@users.noreply.github.com>
Date: Fri, 1 Dec 2023 15:34:22 +0100
Subject: [PATCH 16/16] Update
 content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md

---
 .../about-dependabot-version-updates.md                         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
index 5e9c483b7120..a5baa0000c5b 100644
--- a/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
+++ b/content/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates.md
@@ -56,7 +56,7 @@ If you've enabled security updates, you'll sometimes see extra pull requests for
 ## Supported repositories and ecosystems
 <!-- If you make changes to this feature, check whether any of the changes affect languages listed in /get-started/learning-about-github/github-language-support. If so, please update the language support article accordingly. -->
 
-You can configure version updates for repositories that contain a dependency manifest or lock file for one of the supported package managers. For some package managers, you can also configure vendoring for dependencies. For more information, see "[`vendor`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#vendor)."
+You can configure version updates for repositories that contain a dependency manifest or lock file for one of the supported package managers. For some package managers, you can also configure vendoring for dependencies. For more information, see [`vendor`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#vendor).
 {% data variables.product.prodname_dependabot %} also supports dependencies in private registries. For more information, see [`registries`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#registries).
 {% ifversion ghes %}