Removing references to shutdown, will add back in when announcing the…

… shutdown
github · Octomerger · Apr 22, 2021 · Apr 2, 2021 · Apr 2, 2021 · Apr 2, 2021
commit 6557a305038743babfd93fdb324298d2139b71e9
diff --git a/...pply-chain-security/upgrading-from-dependabotcom-to-github-native-dependabot.md b/...pply-chain-security/upgrading-from-dependabotcom-to-github-native-dependabot.md
@@ -1,6 +1,6 @@
 ---
 title: Upgrading from Dependabot.com to GitHub-native Dependabot
-intro: 'Dependabot.com and Dependabot Preview will shut down on July 7th, 2021. You can upgrade to GitHub-native Dependabot by merging a pull request that will allow your dependencies to keep being updated.'
+intro: 'You can upgrade to GitHub-native Dependabot by merging a pull request that will allow your dependencies to continue being updated.'
 versions:
   free-pro-team: '*'
 topics:
@@ -9,20 +9,14 @@ topics:
 
 ### About upgrading from Dependabot Preview to {% data variables.product.prodname_dotcom %}-native {% data variables.product.prodname_dependabot %}
 
-The majority of Dependabot Preview features have now been built directly into {% data variables.product.prodname_dotcom %}, so you can use {% data variables.product.prodname_dependabot %} alongside all the other functionality in {% data variables.product.prodname_dotcom %} without having to go to a separate application. By migrating to {% data variables.product.prodname_dotcom %}-native {% data variables.product.prodname_dependabot %} and shutting down Dependabot Preview, we can also focus on bringing lots of exciting new features to {% data variables.product.prodname_dependabot %}, including more [ecosystem updates](https://github.com/github/roadmap/issues/150), [improved notifications](https://github.com/github/roadmap/issues/133), and {% data variables.product.prodname_dependabot %} support for [{% data variables.product.prodname_ghe_server %}](https://github.com/github/roadmap/issues/86) and [{% data variables.product.prodname_ghe_managed %}](https://github.com/github/roadmap/issues/135).
-
-### Shutdown timeline for Dependabot.com and Dependabot Preview
-
-**The Dependabot Preview app and Dependabot.com will shut down on July 7th, 2021**. Any open pull requests from the Dependabot Preview bot will remain open, but the bot itself will no longer work on your {% data variables.product.prodname_dotcom %} accounts and organizations. You’ll need to upgrade to {% data variables.product.prodname_dotcom %}-native {% data variables.product.prodname_dependabot %} by July 7th to keep using {% data variables.product.prodname_dependabot %} functionality.
-
-Beginning April 7, 2021, the Dependabot Preview app and Dependabot.com will no longer accept new customers. 
+Dependabot Preview has been built directly into {% data variables.product.prodname_dotcom %}, so you can use {% data variables.product.prodname_dependabot %} alongside all the other functionality in {% data variables.product.prodname_dotcom %} without having to install and use a separate application. By migrating to {% data variables.product.prodname_dotcom %}-native {% data variables.product.prodname_dependabot %}, we can also focus on bringing lots of exciting new features to {% data variables.product.prodname_dependabot %}, including more [ecosystem updates](https://github.com/github/roadmap/issues/150), [improved notifications](https://github.com/github/roadmap/issues/133), and {% data variables.product.prodname_dependabot %} support for [{% data variables.product.prodname_ghe_server %}](https://github.com/github/roadmap/issues/86) and [{% data variables.product.prodname_ghe_managed %}](https://github.com/github/roadmap/issues/135).
 
 ### Differences between Dependabot Preview and {% data variables.product.prodname_dotcom %}-native {% data variables.product.prodname_dependabot %}
 
-While we built most of the Dependabot Preview features into {% data variables.product.prodname_dotcom %}-native {% data variables.product.prodname_dependabot %}, a few remain unavailable: 
+While most of the Dependabot Preview features exist in {% data variables.product.prodname_dotcom %}-native {% data variables.product.prodname_dependabot %}, a few remain unavailable: 
 - **Live updates:** We hope to bring these back in the future. For now, you can run {% data variables.product.prodname_dotcom %} {% data variables.product.prodname_dependabot %} daily to catch new packages within one day of release.
-- **PHP environment variable and Elixir organization registries:** These features have not been added due to low usage in Dependabot Preview, but we are investigating if there are other solutions. For now, you can use {% data variables.product.prodname_actions %} to fetch dependencies from these registries.
-- **Auto-merge:** Auto-merge will not be supported for the foreseeable future. We know some of you have built great workflows that rely on auto-merge, but we’re concerned about auto-merge being used to quickly propagate a malicious package across millions of developers. For those of you who have vetted your dependencies, or are only using internal dependencies, you can install third party auto-merge apps, or set up {% data variables.product.prodname_actions %} to merge. We recommend always verifying your dependencies before merging them.
+- **PHP environment variable registries:** For now, you can use {% data variables.product.prodname_actions %} to fetch dependencies from these registries.
+- **Auto-merge:** We always recommend verifying your dependencies before merging them; therefore, auto-merge will not be supported for the foreseeable future. For those of you who have vetted your dependencies, or are only using internal dependencies, we recommend adding third-party auto-merge apps, or setting up GitHub Actions to merge..
 
 In {% data variables.product.prodname_dotcom %}-native {% data variables.product.prodname_dependabot %}, you can configure all version updates using the configuration file. This file is similar to the Dependabot Preview configuration file with a few changes and improvements that will be automatically included in your upgrade pull request. For more information about the upgrade pull request, see "[Upgrading to GitHub-native Dependabot](/code-security/supply-chain-security/upgrading-from-dependabotcom-to-github-native-dependabot#upgrading-to-github-native-dependabot)".
 
@@ -36,9 +30,7 @@ For more information about version updates with {% data variables.product.prodna
 
 ### Upgrading to {% data variables.product.prodname_dotcom %}-native {% data variables.product.prodname_dependabot %}
 
-Upgrading from Dependabot Preview to {% data variables.product.prodname_dotcom %}-native {% data variables.product.prodname_dependabot %} requires only one step: enabling version updates by merging a pull request. 
-
-To enable {% data variables.product.prodname_dependabot %} version updates, merge the pull request you will find in your repository called *Upgrade to GitHub-native Dependabot*. This pull request includes the updated configuration file needed for {% data variables.product.prodname_dotcom %}-native {% data variables.product.prodname_dependabot %}.
+Upgrading from Dependabot Preview to {% data variables.product.prodname_dotcom %}-native {% data variables.product.prodname_dependabot %} requires only one step: merge the *Upgrade to GitHub-native Dependabot* pull request in your repository. This pull request includes the updated configuration file needed for {% data variables.product.prodname_dotcom %}-native {% data variables.product.prodname_dependabot %}.
 
-If you have any questions or need help migrating, you can view or open issues in the [Dependabot repository](https://github.com/dependabot/dependabot-core/issues). 
+If you have any questions or need help migrating, you can view or open issues in the [dependabot/dependabot-core](https://github.com/dependabot/dependabot-core/issues) repository.