From 8831bf3a10cb071cf770b884535d53e9eea1cdc1 Mon Sep 17 00:00:00 2001
From: TobbeCarlsson <76130967+TobbeCarlsson@users.noreply.github.com>
Date: Mon, 23 Sep 2024 18:09:08 +0200
Subject: [PATCH] Week 6 demo (#2513)

* PR for scientific paper

* added title

* week 6 demo pull request

* Removed scientific paper
---
 .../demo/week6/tocarls-shahoud/README.md      | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 contributions/demo/week6/tocarls-shahoud/README.md

diff --git a/contributions/demo/week6/tocarls-shahoud/README.md b/contributions/demo/week6/tocarls-shahoud/README.md
new file mode 100644
index 0000000000..3bc7bfa5b7
--- /dev/null
+++ b/contributions/demo/week6/tocarls-shahoud/README.md
@@ -0,0 +1,26 @@
+# Assignment Proposal
+
+## Title
+
+Using dependabot to automatically detect vulnerabilities in imported packages
+
+## Names and KTH ID
+
+- Tobias Carlsson (tocarls@kth.se)
+- Siham Shahoud (shahoud@kth.se)
+
+## Deadline
+
+- Week 6
+
+## Category
+
+- Demo
+
+## Description
+
+We want to demo dependabot, it is a tool that scans imported libraries for vulnerabilities, we want to demo how dependabot will automatically create pull requests when an imported library shows a vulnerability. This is very beneficial with keeping your applications more secure from vulnerable code that is not directly under your control.
+
+**Relevance**
+
+This let's organisations automatically check their applications for security vulnerabilities and therefore is a valuable tool for DevSecOps.
\ No newline at end of file