Apply suggestions from code review

saritai · felicitymay · courtneycl · web-flow · commit 723444d452e0 · 2022-06-15T09:23:10.000-04:00
Co-authored-by: Felicity Chapman &lt;felicitymay@github.com&gt;
Co-authored-by: Courtney Claessens &lt;courtneycl@github.com&gt;
diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api.md
@@ -2,6 +2,11 @@
 title: Using the Dependency submission API
 intro: 'You can use the Dependency submission API to submit dependencies for projects that resolve dependencies when the project is built or compiled.'
 shortTitle: Dependency submission API
+topics:
+  - API
+  - Dependency graph
+  - Dependencies
+  - REST
 versions:
   feature: dependency-submission-api
 ---
@@ -26,9 +31,9 @@ Actions that perform these steps for various ecosystems are available on {% data
 
 Ecosystem | Action |
 --- | --- |
-TBD | TBD |
+Go | [Go Dependency Submission](https://github.com/actions/go-dependency-submission)
 
-For example, the following [Go Dependency Submission](https://github.com/dsp-testing/go-dependency-submission) workflow calculates the dependencies for a Go build-target (a Go file with a `main` function) and submits the list to the Dependency Submission API. 
+For example, the following [Go Dependency Submission](https://github.com/actions/go-dependency-submission) workflow calculates the dependencies for a Go build-target (a Go file with a `main` function) and submits the list to the Dependency Submission API. 
 
 ```yaml
 
@@ -57,12 +62,13 @@ jobs:
             # build target
             go-mod-path: go-example/go.mod
             #
-            # Define the repo path of a build target (a file with a
-            # `main()` function) If not defined, this Action will collect all
-            # dependencies used by all build targets for the module, which may
+            # Optional. Define the repo path of a build target,
+            # a file with a `main()` function.
+            # If undefined, this action will collect all dependencies
+            # used by all build targets for the module. This may
             # include Go dependencies used by tests and tooling.
             go-build-target: go-example/cmd/octocat.go
 
 ```
 
-Alternatively, you can write your own action to perform these steps. {% data variables.product.product_name %} maintains the [Dependency Submission Toolkit](https://github.com/github/dependency-submission-toolkit), a TypeScript library to help you build your own GitHub Action for submitting dependencies to the Dependency Submission API. For more information about writing an action, see "[Creating actions](/actions/creating-actions)".
+Alternatively, you can write your own action to perform these steps. {% data variables.product.product_name %} maintains the [Dependency Submission Toolkit](https://github.com/github/dependency-submission-toolkit), a TypeScript library to help you build your own GitHub Action for submitting dependencies to the Dependency submission API. For more information about writing an action, see "[Creating actions](/actions/creating-actions)".
diff --git a/data/reusables/dependency-submission/about-dependency-submission.md b/data/reusables/dependency-submission/about-dependency-submission.md
@@ -1,3 +1,3 @@
 The Dependency submission API lets you submit dependencies for a project to generate a dependency graph. This enables you to integrate dependencies that are resolved when software is compiled or built with {% data variables.product.prodname_dotcom %}'s dependency graph feature. For more information about viewing the dependency graph, see "[Exploring the dependencies of a repository](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#viewing-the-dependency-graph)." Submitted dependencies will receive {% data variables.product.prodname_dependabot_alerts %} and {% data variables.product.prodname_dependabot_security_updates %} for any known vulnerabilities.
 
-Manifest or lock files in a repository that declare dependencies (for example, a `package-lock.json` file in a JavaScript project) will still be detected and parsed to populate the repository's dependency graph.
+The dependency graph shows any dependencies you submit using the API in addition to any dependencies that are identified from manifest or lock files in the repository (for example, a `package-lock.json` file in a JavaScript project).

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`	`1`	The Dependency submission API lets you submit dependencies for a project to generate a dependency graph. This enables you to integrate dependencies that are resolved when software is compiled or built with {% data variables.product.prodname_dotcom %}'s dependency graph feature. For more information about viewing the dependency graph, see "[Exploring the dependencies of a repository](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#viewing-the-dependency-graph)." Submitted dependencies will receive {% data variables.product.prodname_dependabot_alerts %} and {% data variables.product.prodname_dependabot_security_updates %} for any known vulnerabilities.
`2`	`2`
`3`		-Manifest or lock files in a repository that declare dependencies (for example, a `package-lock.json` file in a JavaScript project) will still be detected and parsed to populate the repository's dependency graph.
	`3`	+The dependency graph shows any dependencies you submit using the API in addition to any dependencies that are identified from manifest or lock files in the repository (for example, a `package-lock.json` file in a JavaScript project).