From 06bea1ca89a18c602e5043f9ef62c3d67d47b8fb Mon Sep 17 00:00:00 2001
From: Anna Rosenthal <annarosenthal@github.com>
Date: Thu, 23 Sep 2021 20:08:14 -0400
Subject: [PATCH] Add go.sum to Supported Package Ecosystems (#10138)

Co-authored-by: Lucas Costi <lucascosti@users.noreply.github.com>
---
 .../about-the-dependency-graph.md                         | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
index fdf7b735f5..dbefc9a770 100644
--- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
+++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
@@ -72,8 +72,12 @@ The recommended formats explicitly define which versions are used for all direct
 | Package manager | Languages | Recommended formats | All supported formats |
 | --- | --- | --- | ---|
 | Composer             | PHP           | `composer.lock` | `composer.json`, `composer.lock` |
-| `dotnet` CLI | .NET languages (C#, C++, F#, VB)  |   `.csproj`, `.vbproj`, `.nuspec`, `.vcxproj`, `.fsproj` |  `.csproj`, `.vbproj`, `.nuspec`, `.vcxproj`, `.fsproj`, `packages.config` |{% ifversion fpt or ghes > 3.1 %}
-| Go modules | Go | `go.mod` | `go.mod` |{% endif %}
+| `dotnet` CLI | .NET languages (C#, C++, F#, VB)  |   `.csproj`, `.vbproj`, `.nuspec`, `.vcxproj`, `.fsproj` |  `.csproj`, `.vbproj`, `.nuspec`, `.vcxproj`, `.fsproj`, `packages.config` |
+{%- ifversion fpt or ghes > 3.2 %}
+| Go modules | Go | `go.sum` | `go.mod`, `go.sum` |
+{%- elsif ghes = 3.2 %}
+| Go modules | Go | `go.mod` | `go.mod` |
+{%- endif %}
 | Maven | Java, Scala |  `pom.xml`  | `pom.xml`  |
 | npm | JavaScript |            `package-lock.json` | `package-lock.json`, `package.json`|
 | Python PIP      | Python                    | `requirements.txt`, `pipfile.lock` | `requirements.txt`, `pipfile`, `pipfile.lock`, `setup.py`* |