From e32a2201d74f5af5d6d5e07eb46084f0efb027c5 Mon Sep 17 00:00:00 2001 From: Sarita Iyer Date: Wed, 23 Mar 2022 17:00:37 -0400 Subject: [PATCH] fix typo --- .../about-dependency-review.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md index bf8e96ef62..97609ea39d 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md @@ -54,7 +54,7 @@ The dependency review feature becomes available when you enable the dependency g {% ifversion fpt or ghec or ghes>3.5 or ghae-issue-6396 %} ## Dependency review enforcement -You can use the Dependency Review GitHub Action in your repository to enforce dependency reviews on your pull requests. The action scans for vulnerable versions of dependencies introduced by package version changes in pull requests, and warns you about the associated security vulnerabilities. This gives you better visibility into what is changing in a pull request and prevents vulnerabilities from being introduced to your repository. The Dependency Review GitHub Action check will fail if it discovers any vulnerable package, but will only block a pull request from being merged if the repository owner has required the check to pass before merging. For more information, see "[About protected branches](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-status-checks-before-merging)."