From d35808e60eb080e4c5c87f490427c700fdf54834 Mon Sep 17 00:00:00 2001
From: Jeff Widman <jeff@jeffwidman.com>
Date: Fri, 12 May 2023 12:27:02 -0700
Subject: [PATCH 1/4] Switch Dependabot to checking weekly (#63)

We now use "weekly" throughout our docs and examples, as most users seem to prefer slightly less package churn than daily.
---
 .github/dependabot.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 19585d75a..ec0ed0318 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,12 +4,12 @@ updates:
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
-      interval: "daily"
+      interval: "weekly"
   - package-ecosystem: npm
     directory: "/javascript"
     schedule:
-      interval: daily
+      interval: "weekly"
   - package-ecosystem: bundler
     directory: "/ruby"
     schedule:
-      interval: weekly
+      interval: "weekly"

From 62f4b157263c8c399493f58f9afbb8b92bea3b16 Mon Sep 17 00:00:00 2001
From: Jeff Widman <jeff@jeffwidman.com>
Date: Fri, 12 May 2023 12:27:14 -0700
Subject: [PATCH 2/4] Add the logo (#64)

My inner marketer prefers having a logo here...
---
 README.md | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index f98593c37..e92ea6cb9 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,12 @@
+<h1 align="center">
+    <picture>
+        <source media="(prefers-color-scheme: light)" srcset="https://user-images.githubusercontent.com/7659/174594540-5e29e523-396a-465b-9a6e-6cab5b15a568.svg">
+        <source media="(prefers-color-scheme: dark)" srcset="https://user-images.githubusercontent.com/7659/174594559-0b3ddaa7-e75b-4f10-9dee-b51431a9fd4c.svg">
+        <img src="https://user-images.githubusercontent.com/7659/174594540-5e29e523-396a-465b-9a6e-6cab5b15a568.svg" alt="Dependabot" width="336">
+    </picture>
+</h1>
+
 # Dependabot Demo Repository
 
 This repo contains some projects with outdated dependencies. Fork it to try out
-Dependabot!
+Dependabot :dependabot:!

From fb43a2a49993ad0c168edfb23c356c4280d12254 Mon Sep 17 00:00:00 2001
From: paumr <53442728+paumr@users.noreply.github.com>
Date: Tue, 7 May 2024 17:35:28 +0200
Subject: [PATCH 3/4] trigger action on `main` branch (#71)

The android workflow was configured to trigger on changes on the `master` branch.
This branch doesn't exist anymore, `main` is used instead.
---
 .github/workflows/android.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/android.yml b/.github/workflows/android.yml
index 52a74fe5d..7817b026a 100644
--- a/.github/workflows/android.yml
+++ b/.github/workflows/android.yml
@@ -2,9 +2,9 @@ name: Android CI
 
 on:
   push:
-    branches: [ master ]
+    branches: [ main ]
   pull_request:
-    branches: [ master ]
+    branches: [ main ]
 
 jobs:
   build:

From 33b8fa8ecccde335e0c8344cf34d87f4114fb743 Mon Sep 17 00:00:00 2001
From: Jake Coffman <jakecoffman@github.com>
Date: Wed, 8 May 2024 10:52:39 -0500
Subject: [PATCH 4/4] Update README.md (#102)

---
 README.md | 33 ++++++++++++++++++++++++++++++---
 1 file changed, 30 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index e92ea6cb9..ddee1745d 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,39 @@
-<h1 align="center">
+<div align="center">
     <picture>
         <source media="(prefers-color-scheme: light)" srcset="https://user-images.githubusercontent.com/7659/174594540-5e29e523-396a-465b-9a6e-6cab5b15a568.svg">
         <source media="(prefers-color-scheme: dark)" srcset="https://user-images.githubusercontent.com/7659/174594559-0b3ddaa7-e75b-4f10-9dee-b51431a9fd4c.svg">
         <img src="https://user-images.githubusercontent.com/7659/174594540-5e29e523-396a-465b-9a6e-6cab5b15a568.svg" alt="Dependabot" width="336">
     </picture>
-</h1>
+</div>
 
-# Dependabot Demo Repository
+## Dependabot Demo Repository
 
 This repo contains some projects with outdated dependencies. Fork it to try out
 Dependabot :dependabot:!
+
+### Enabling Security Updates
+
+- In your fork, click the **Settings** tab
+- In the left hand side navigation, click **Code security and analysis**
+- Enable **Dependabot security updates** or **Grouped security updates**
+- Dependabot will now start creating PRs for detected security vulnerabilities
+- Go into the **Security** tab and click **Dependabot** in the left hand side navigation to see what Dependabot is working on
+
+<img width="929" alt="screenshot showing Dependabot working on Security Updates" src="https://github.com/dependabot/demo/assets/886768/9295c61a-631b-4c56-9c00-ff078874f362">
+
+After about 5 minutes you should see some PRs open. Merge them and the Securty Alerts will close 🎉
+
+### Enabling Version Updates
+
+This demo includes a `dependabot.yml` which configures [Version Updates](https://docs.github.com/github/administering-a-repository/keeping-your-dependencies-updated-automatically), but forks don't automatically start with Dependabot enabled.
+
+The enable Dependabot on your fork:
+- Click the **Insights** tab
+- In the left hand side navigation, click **Dependency Graph**
+- Click on the **Dependabot** tab
+- Click on the **Enable Dependabot** button
+- After a moment, refresh the page and you should see Dependabot hard at work
+
+<img width="917" alt="screenshot showing Dependabot working on Version Updates" src="https://github.com/dependabot/demo/assets/886768/4adf5727-255a-4ae1-97f7-70e94dc1134b">
+
+After a few minutes, you should get some more PRs!