From 5ef9e0334a9b8bcfe6bab2d1c15d6f2ebd5a5c8c Mon Sep 17 00:00:00 2001
From: Ryan Zidago <46972947+ryanzidago@users.noreply.github.com>
Date: Tue, 23 Jun 2020 12:56:50 +0200
Subject: [PATCH] updated README.md to including further instructions regarding
 where to add deploy key (#34)

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index bf9fb13..cac624b 100644
--- a/README.md
+++ b/README.md
@@ -109,7 +109,7 @@ specify a passphrase: The key must be usable without reading the passphrase from
 
 To actually grant the SSH key access, you can – on GitHub – use at least two ways:
 
-* [Deploy keys](https://developer.github.com/v3/guides/managing-deploy-keys/#deploy-keys) can be added to individual GitHub repositories. They can give read and/or write access to the particular repository. When pulling a lot of dependencies, however, you'll end up adding the key in many places. Rotating the key probably becomes difficult.
+* [Deploy keys](https://developer.github.com/v3/guides/managing-deploy-keys/#deploy-keys) can be added to individual GitHub repositories. They can give read and/or write access to the particular repository. When pulling a lot of dependencies, however, you'll end up adding the key in many places. Rotating the key probably becomes difficult. The deploy key needs to be added to the private repository that is being fetched as a private dependency.
 
 * A [machine user](https://developer.github.com/v3/guides/managing-deploy-keys/#machine-users) can be used for more fine-grained permissions management and have access to multiple repositories with just one instance of the key being registered. It will, however, count against your number of users on paid GitHub plans.