spellcheck everything

packagist · Nov 6, 2023 · b09e0d5 · b09e0d5
1 parent d3c5bb1
commit b09e0d5
Showing 1 changed file with 12 additions and 12 deletions.
diff --git a/docs/dependabot-for-private-packagist.md b/docs/dependabot-for-private-packagist.md
@@ -1,21 +1,21 @@
 # Set up dependabot with Private Packagist
-## 
+##
 
-[Dependabot](https://dependabot.com) is a security feature from GitHub, that analyses security issues in one of your dependencies and may create Pull Requests to update those dependencies automatically.
+[Dependabot](https://dependabot.com) is a security feature from GitHub, that analyses security issues in one of your dependencies. The bot may create Pull Requests to update those dependencies automatically.
 
-Dependabot can update your composer.lock file in Pull Request and you can set it up to analyse packages on packagist.com. This guide explains how to do this step by step.
+You can use Dependabot to update your private packages hosted on packagist.com in your composer.lock file via Pull Requests as well. This guide explains how to configure and set up Dependabot if you want to use it with Private Packagist step by step.
 
 ## Enable Dependabot in GitHub
 
-Start in your GitHub repository and go to “Settings”. In the “Security” section of the sidebar go to “Code security and analysis”, where you can enable Dependabot. In the process you will create a dependabot.yaml that should look like below. [Refer to this guide on GitHub, for the complete steps](https://docs.github.com/en/code-security/getting-started/dependabot-quickstart-guide#enabling-dependabot-for-your-repository)
+Start in your GitHub repository and go to “Settings”. In the “Security” section of the sidebar go to “Code security and analysis”, where you can enable Dependabot. In the process, you will create a dependabot.yaml that should look like below. [Refer to this guide on GitHub, for the complete steps](https://docs.github.com/en/code-security/getting-started/dependabot-quickstart-guide#enabling-dependabot-for-your-repository)
 
 ![enable dependabot](/Resources/public/img/docs/articles/dependabot-secret.png)
 
 When you click on configure, the dependabot.yaml will be created for you (it will be placed in a folder .github).
 
 ## dependabot.yaml
 
-A minimal dependabot config file would look like this:
+A minimal Dependabot config file would look like this:
 
 ```yaml
 version: 2
@@ -34,24 +34,24 @@ registries:
     password: ${{secrets.PRIVATE_PACKAGIST_PASSWORD}}
 ```
 
-Replace the Composer url `https://repo.packagist.com/acme/` with your own organizations Composer url on packagist.com. In the example the repository url is for the organization on Private Packagist Cloud with the name `acme`.  
+Replace the Composer URL `https://repo.packagist.com/acme/` with your own organization's Composer URL on packagist.com. In the example, the repository URL is for the organization on Private Packagist Cloud with the name `acme`.
 
-To allow dependabot to analyse the packages on Private Packagist, we need to provide the secret `PRIVATE_PACKAGIST_PASSWORD` in your GitHub repository. In Settings under the section Security there is  Secrets and Variables for Dependabot.
+To grant Dependabot access to the packages on Private Packagist, we need to provide the secret `PRIVATE_PACKAGIST_PASSWORD` in your GitHub repository. In Settings under the section “Security,” there is “Secrets and Variables” for Dependabot.
 
 ![Dependabot Secrets](/Resources/public/img/docs/articles/dependabot-secret.png)
 
 Create a Team Authentication Token under “Settings” and “Authentication Tokens” on Private Packagist. Copy the secret into the GitHub form.
 
 ## Troubleshooting
 
-To check if Dependabot is able to access your packages, you need to navigate to “Insights”, then “Dependency Graph” and then activate the tab “Dependabot”. 
+To check if Dependabot is able to access your packages, you need to navigate to “Insights”, then “Dependency Graph” and then activate the tab “Dependabot”.
 
 ![Dependabot Insights](/Resources/public/img/docs/articles/dependabot-insights.png)
 
-There is a link “Recent update jobs”, that will show the last jobs from dependabot and some logs. The last job should be green now.
+There is a link “Recent update jobs”, that will show the last jobs from Dependabot and logs. The last job should be green now.
 
 ![Dependabot Jobs](/Resources/public/img/docs/articles/dependabot-jobs.png)
 
-- Make sure, that the secret name, matches the one that you put to the dependabot.yaml
-- Check if the token is still valid and has not expired.
-- the names under `updates[x].registries` must match a key for credentials in `registries` on the toplevel of the dependabot.yaml
+- Make sure, that the secret name, matches the one that you referenced in dependabot.yaml
+- Check if the token from Private Packagist is still valid and has not expired.
+- the names under `updates[x].registries` must match a key for credentials in `registries` on the top level of the dependabot.yaml