From d088a540c7b239e4fe09ee8279b669e47dc66bf1 Mon Sep 17 00:00:00 2001
From: Sophie <29382425+sophietheking@users.noreply.github.com>
Date: Fri, 22 Apr 2022 17:04:24 +0200
Subject: [PATCH 1/5] Added links to new supply chain docs

---
 .../about-dependency-review.md                                | 2 ++
 .../about-supply-chain-security.md                            | 4 ++++
 .../about-the-dependency-graph.md                             | 4 ++++
 3 files changed, 10 insertions(+)

diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md
index 98a9baa2ee..3fb684d1e4 100644
--- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md
+++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md
@@ -37,6 +37,8 @@ For more information about configuring dependency review, see "[Configuring depe
 
 Dependency review supports the same languages and package management ecosystems as the dependency graph. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)."
 
+{% ifversion fpt or ghes or ghec %}For more information on supply chain features at {% data variables.product.product_name %}, see "[About supply chain security](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)."{% endif %}
+
 {% ifversion ghec or ghes %}
 ## Enabling dependency review
 
diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md
index 6ff3e6e9ed..1474e04ede 100644
--- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md
+++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md
@@ -54,6 +54,10 @@ Other supply chain features on {% data variables.product.prodname_dotcom %} rely
 {% data variables.product.prodname_dependabot %} cross-references dependency data provided by the dependency graph with the list of known vulnerabilities published in the {% data variables.product.prodname_advisory_database %}, scans your dependencies and generates {% data variables.product.prodname_dependabot_alerts %} when a potential vulnerability is detected.
  {% endif %}
 
+{% ifversion fpt or ghec or ghes %}
+For best practice guides on complete end-to-end supply chain security including personal accounts, code, and build processes, see "[Securing your end-to-end supply chain](en/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)."
+{% endif %}
+
 ## Feature overview
 
 ### What is the dependency graph
diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
index 6cbb18c5af..03e5fa6df5 100644
--- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
+++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
@@ -44,6 +44,10 @@ The dependency graph includes all the dependencies of a repository that are deta
 
 The dependency graph identifies indirect dependencies{% ifversion fpt or ghec %} either explicitly from a lock file or by checking the dependencies of your direct dependencies. For the most reliable graph, you should use lock files (or their equivalent) because they define exactly which versions of the direct and indirect dependencies you currently use. If you use lock files, you also ensure that all contributors to the repository are using the same versions, which will make it easier for you to test and debug code{% else %} from the lock files{% endif %}.
 
+{% ifversion fpt or ghes or ghec %}
+For more information on how {% data variables.product.product_name %} helps you understand the dependencies in your environment, see "[About supply chain security](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)."
+{% endif %}
+
 {% ifversion fpt or ghec %}
 
 ## Dependents included

From 68f1ebb51b53fa26de8109d7db84c1884775a756 Mon Sep 17 00:00:00 2001
From: Sophie <29382425+sophietheking@users.noreply.github.com>
Date: Tue, 26 Apr 2022 10:17:14 +0200
Subject: [PATCH 2/5] Fix link

---
 .../about-supply-chain-security.md                              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md
index 1474e04ede..31204273de 100644
--- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md
+++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md
@@ -55,7 +55,7 @@ Other supply chain features on {% data variables.product.prodname_dotcom %} rely
  {% endif %}
 
 {% ifversion fpt or ghec or ghes %}
-For best practice guides on complete end-to-end supply chain security including personal accounts, code, and build processes, see "[Securing your end-to-end supply chain](en/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)."
+For best practice guides on complete end-to-end supply chain security including personal accounts, code, and build processes, see "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)."
 {% endif %}
 
 ## Feature overview

From 7f2c1f5c7ff6e18ebd3c920f2c5b5b11d9811895 Mon Sep 17 00:00:00 2001
From: mchammer01 <42146119+mchammer01@users.noreply.github.com>
Date: Tue, 17 May 2022 13:43:57 +0100
Subject: [PATCH 3/5] add link

---
 .../end-to-end-supply-chain/end-to-end-supply-chain-overview.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md b/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md
index 21ac3542f2..376245ce87 100644
--- a/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md
+++ b/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md
@@ -19,6 +19,8 @@ topics:
 
 At its core, end-to-end software supply chain security is about making sure the code you distribute hasn't been tampered with. Previously, attackers focused on targeting dependencies you use, for example libraries and frameworks. Attackers have now expanded their focus to include targeting user accounts and build processes, and so those systems must be defended as well.
 
+For information about the {% data variables.product.prodname_dotcom %}'s supply chain features focused on securing dependencies, see "[About supply chain security](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)."
+
 ## About these guides
 
 This series of guides explains how to think about securing your end-to-end supply chain: personal account, code, and build processes. Each guide explains the risk to that area, and introduces the {% data variables.product.product_name %} features that can help you address that risk. 

From 411b27e3a3ee5bb1c089a312e22948507d4adf0d Mon Sep 17 00:00:00 2001
From: mc <42146119+mchammer01@users.noreply.github.com>
Date: Tue, 17 May 2022 13:49:06 +0100
Subject: [PATCH 4/5] Apply suggestions from code review

---
 .../about-dependency-review.md                                  | 2 +-
 .../about-supply-chain-security.md                              | 2 +-
 .../about-the-dependency-graph.md                               | 2 --
 3 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md
index 3fb684d1e4..309b68f0e7 100644
--- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md
+++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md
@@ -37,7 +37,7 @@ For more information about configuring dependency review, see "[Configuring depe
 
 Dependency review supports the same languages and package management ecosystems as the dependency graph. For more information, see "[About the dependency graph](/github/visualizing-repository-data-with-graphs/about-the-dependency-graph#supported-package-ecosystems)."
 
-{% ifversion fpt or ghes or ghec %}For more information on supply chain features at {% data variables.product.product_name %}, see "[About supply chain security](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)."{% endif %}
+For more information on supply chain features available on {% data variables.product.product_name %}, see "[About supply chain security](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)."
 
 {% ifversion ghec or ghes %}
 ## Enabling dependency review
diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md
index 80cb8a42f9..8debbfea99 100644
--- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md
+++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md
@@ -55,7 +55,7 @@ Other supply chain features on {% data variables.product.prodname_dotcom %} rely
  {% endif %}
 
 {% ifversion fpt or ghec or ghes %}
-For best practice guides on complete end-to-end supply chain security including personal accounts, code, and build processes, see "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)."
+For best practice guides on end-to-end supply chain security including the protection of personal accounts, code, and build processes, see "[Securing your end-to-end supply chain](/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview)."
 {% endif %}
 
 ## Feature overview
diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
index e5108c9590..a1219ea664 100644
--- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
+++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
@@ -44,9 +44,7 @@ The dependency graph includes all the dependencies of a repository that are deta
 
 The dependency graph identifies indirect dependencies{% ifversion fpt or ghec %} either explicitly from a lock file or by checking the dependencies of your direct dependencies. For the most reliable graph, you should use lock files (or their equivalent) because they define exactly which versions of the direct and indirect dependencies you currently use. If you use lock files, you also ensure that all contributors to the repository are using the same versions, which will make it easier for you to test and debug code{% else %} from the lock files{% endif %}.
 
-{% ifversion fpt or ghes or ghec %}
 For more information on how {% data variables.product.product_name %} helps you understand the dependencies in your environment, see "[About supply chain security](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)."
-{% endif %}
 
 {% ifversion fpt or ghec %}
 

From 6692de1bc8b0ba3726c958b495f6127682db1684 Mon Sep 17 00:00:00 2001
From: Sophie <29382425+sophietheking@users.noreply.github.com>
Date: Thu, 19 May 2022 08:45:31 +0200
Subject: [PATCH 5/5] Update
 content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md

Co-authored-by: Felicity Chapman <felicitymay@github.com>
---
 .../end-to-end-supply-chain/end-to-end-supply-chain-overview.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md b/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md
index 376245ce87..08102cf1d6 100644
--- a/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md
+++ b/content/code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview.md
@@ -19,7 +19,7 @@ topics:
 
 At its core, end-to-end software supply chain security is about making sure the code you distribute hasn't been tampered with. Previously, attackers focused on targeting dependencies you use, for example libraries and frameworks. Attackers have now expanded their focus to include targeting user accounts and build processes, and so those systems must be defended as well.
 
-For information about the {% data variables.product.prodname_dotcom %}'s supply chain features focused on securing dependencies, see "[About supply chain security](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)."
+For information about features in {% data variables.product.prodname_dotcom %} that can help you secure dependencies, see "[About supply chain security](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security)."
 
 ## About these guides