Add latest changes from gitlab-org/gitlab@15-2-stable-eev15.2.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-07-20 15:40:28 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-07-20 15:40:28 +0000
commit: b595cb0c1dec83de5bdee18284abe86614bed33b (patch)
tree: 8c3d4540f193c5ff98019352f554e921b3a41a72 /doc/user
parent: 2f9104a328fc8a4bddeaa4627b595166d24671d0 (diff)
download: gitlab-ce-b595cb0c1dec83de5bdee18284abe86614bed33b.tar.gz
322 files changed, 5390 insertions, 2874 deletions
diff --git a/doc/user/admin_area/analytics/dev_ops_report.md b/doc/user/admin_area/analytics/dev_ops_report.md
deleted file mode 100644
index 077718863e7..00000000000
--- a/doc/user/admin_area/analytics/dev_ops_report.md
+++ /dev/null
@@ -1,9 +0,0 @@
----
-redirect_to: 'dev_ops_reports.md'
-remove_date: '2022-06-16'
----
-
-This document was moved to [another location](dev_ops_reports.md).
-
-<!-- This redirect file can be deleted after <2022-06-16>. -->
-<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page -->
diff --git a/doc/user/admin_area/broadcast_messages.md b/doc/user/admin_area/broadcast_messages.md
index 9d4c1ffe375..959331c16de 100644
--- a/doc/user/admin_area/broadcast_messages.md
+++ b/doc/user/admin_area/broadcast_messages.md
@@ -1,6 +1,6 @@
 ---
 stage: Growth
-group: Activation
+group: Acquisition
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
 type: reference, howto
 ---
diff --git a/doc/user/admin_area/geo_nodes.md b/doc/user/admin_area/geo_nodes.md
index 3c33578b88f..710f37bb344 100644
--- a/doc/user/admin_area/geo_nodes.md
+++ b/doc/user/admin_area/geo_nodes.md
@@ -1,117 +1,11 @@
 ---
-stage: Systems
-group: Geo
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+redirect_to: 'geo_sites.md'
+remove_date: '2022-10-05'
 ---
 
-# Geo sites Admin Area **(PREMIUM SELF)**
+This document was moved to [another location](geo_sites.md).
 
-You can configure various settings for GitLab Geo sites. For more information, see
-[Geo documentation](../../administration/geo/index.md).
-
-On either the primary or secondary site:
-
-1. On the top bar, select **Menu > Admin**.
-1. On the left sidebar, select **Geo > Sites**.
-
-## Common settings
-
-All Geo sites have the following settings:
-
-| Setting | Description |
-| --------| ----------- |
-| Primary | This marks a Geo site as **primary** site. There can be only one **primary** site. |
-| Name    | The unique identifier for the Geo site. It's highly recommended to use a physical location as a name. Good examples are "London Office" or "us-east-1". Avoid words like "primary", "secondary", "Geo", or "DR". This makes the failover process easier because the physical location does not change, but the Geo site role can. All nodes in a single Geo site use the same site name. Nodes use the `gitlab_rails['geo_node_name']` setting in `/etc/gitlab/gitlab.rb` to lookup their Geo site record in the PostgreSQL database. If `gitlab_rails['geo_node_name']` is not set, the node's `external_url` with trailing slash is used as fallback. The value of `Name` is case-sensitive, and most characters are allowed. |
-| URL     | The instance's user-facing URL. |
-
-The site you're currently browsing is indicated with a blue `Current` label, and
-the **primary** node is listed first as `Primary site`.
-
-## Secondary site settings
-
-**Secondary** sites have a number of additional settings available:
-
-| Setting                   | Description |
-|---------------------------|-------------|
-| Selective synchronization | Enable Geo [selective sync](../../administration/geo/replication/configuration.md#selective-synchronization) for this **secondary** site. |
-| Repository sync capacity  | Number of concurrent requests this **secondary** site makes to the **primary** site when backfilling repositories. |
-| File sync capacity        | Number of concurrent requests this **secondary** site makes to the **primary** site when backfilling files. |
-
-## Geo backfill
-
-**Secondary** sites are notified of changes to repositories and files by the **primary** site,
-and always attempt to synchronize those changes as quickly as possible.
-
-Backfill is the act of populating the **secondary** site with repositories and files that
-existed *before* the **secondary** site was added to the database. Because there may be
-extremely large numbers of repositories and files, it's not feasible to attempt to
-download them all at once; so, GitLab places an upper limit on the concurrency of
-these operations.
-
-How long the backfill takes is dependent on the maximum concurrency, but higher
-values place more strain on the **primary** site. The limits are configurable.
-If your **primary** site has lots of surplus capacity,
-you can increase the values to complete backfill in a shorter time. If it's
-under heavy load and backfill reduces its availability for normal requests,
-you can decrease them.
-
-## Set up the internal URLs
-
-> Setting up internal URLs in secondary sites was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77179) in GitLab 14.7.
-
-You can set up a different URL for synchronization between the primary and secondary site.
-
-The **primary** site's Internal URL is used by **secondary** sites to contact it
-(to sync repositories, for example). The name Internal URL distinguishes it from
-[External URL](https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab),
-which is used by users. Internal URL does not need to be a private address.
-
-When [Geo secondary proxying](../../administration/geo/secondary_proxy/index.md) is enabled,
-the primary uses the secondary's internal URL to contact it directly.
-
-The internal URL defaults to external URL. To change it:
-
-1. On the top bar, select **Menu > Admin**.
-1. On the left sidebar, select **Geo > Nodes**.
-1. Select **Edit** on the site you want to customize.
-1. Edit the internal URL.
-1. Select **Save changes**.
-
-When enabled, the Admin Area for Geo shows replication details for each site directly
-from the primary site's UI, and through the Geo secondary proxy, if enabled.
-
-WARNING:
-We recommend using an HTTPS connection while configuring the Geo sites. To avoid
-breaking communication between **primary** and **secondary** sites when using
-HTTPS, customize your Internal URL to point to a load balancer with TLS
-terminated at the load balancer.
-
-WARNING:
-Starting with GitLab 13.3 and [until 13.11](https://gitlab.com/gitlab-org/gitlab/-/issues/325522),
-if you use an internal URL that is not accessible to the users, the
-OAuth authorization flow does not work properly, because users are redirected
-to the internal URL instead of the external one.
-
-## Multiple secondary sites behind a load balancer
-
-**Secondary** sites can use identical external URLs if
-a unique `name` is set for each Geo site. The `gitlab.rb` setting
-`gitlab_rails['geo_node_name']` must:
-
-- Be set for each GitLab instance that runs `puma`, `sidekiq`, or `geo_logcursor`.
-- Match a Geo site name.
-
-The load balancer must use sticky sessions to avoid authentication
-failures and cross-site request errors.
-
-<!-- ## Troubleshooting
-
-Include any troubleshooting steps that you can foresee. If you know beforehand what issues
-one might have when setting this up, or when something is changed, or on upgrading, it's
-important to describe those, too. Think of things that may go wrong and include them here.
-This is important to minimize requests for support, and to avoid doc comments with
-questions that you know someone might ask.
-
-Each scenario can be a third-level heading, e.g. `### Getting error message X`.
-If you have none to add when creating a doc, leave this section in place
-but commented out to help encourage others to add to it in the future. -->
+<!-- This redirect file can be deleted after <2022-10-05>. -->
+<!-- Redirects that point to other docs in the same project expire in three months. -->
+<!-- Redirects that point to docs in a different project or site (link is not relative and starts with `https:`) expire in one year. -->
+<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/redirects.html -->
diff --git a/doc/user/admin_area/geo_sites.md b/doc/user/admin_area/geo_sites.md
new file mode 100644
index 00000000000..e577fdf60f1
--- /dev/null
+++ b/doc/user/admin_area/geo_sites.md
@@ -0,0 +1,117 @@
+---
+stage: Systems
+group: Geo
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Geo sites Admin Area **(PREMIUM SELF)**
+
+You can configure various settings for GitLab Geo sites. For more information, see
+[Geo documentation](../../administration/geo/index.md).
+
+On either the primary or secondary site:
+
+1. On the top bar, select **Menu > Admin**.
+1. On the left sidebar, select **Geo > Sites**.
+
+## Common settings
+
+All Geo sites have the following settings:
+
+| Setting | Description |
+| --------| ----------- |
+| Primary | This marks a Geo site as **primary** site. There can be only one **primary** site. |
+| Name    | The unique identifier for the Geo site. It's highly recommended to use a physical location as a name. Good examples are "London Office" or "us-east-1". Avoid words like "primary", "secondary", "Geo", or "DR". This makes the failover process easier because the physical location does not change, but the Geo site role can. All nodes in a single Geo site use the same site name. Nodes use the `gitlab_rails['geo_node_name']` setting in `/etc/gitlab/gitlab.rb` to lookup their Geo site record in the PostgreSQL database. If `gitlab_rails['geo_node_name']` is not set, the node's `external_url` with trailing slash is used as fallback. The value of `Name` is case-sensitive, and most characters are allowed. |
+| URL     | The instance's user-facing URL. |
+
+The site you're currently browsing is indicated with a blue `Current` label, and
+the **primary** node is listed first as `Primary site`.
+
+## Secondary site settings
+
+**Secondary** sites have a number of additional settings available:
+
+| Setting                   | Description |
+|---------------------------|-------------|
+| Selective synchronization | Enable Geo [selective sync](../../administration/geo/replication/configuration.md#selective-synchronization) for this **secondary** site. |
+| Repository sync capacity  | Number of concurrent requests this **secondary** site makes to the **primary** site when backfilling repositories. |
+| File sync capacity        | Number of concurrent requests this **secondary** site makes to the **primary** site when backfilling files. |
+
+## Geo backfill
+
+**Secondary** sites are notified of changes to repositories and files by the **primary** site,
+and always attempt to synchronize those changes as quickly as possible.
+
+Backfill is the act of populating the **secondary** site with repositories and files that
+existed *before* the **secondary** site was added to the database. Because there may be
+extremely large numbers of repositories and files, it's not feasible to attempt to
+download them all at once; so, GitLab places an upper limit on the concurrency of
+these operations.
+
+How long the backfill takes is dependent on the maximum concurrency, but higher
+values place more strain on the **primary** site. The limits are configurable.
+If your **primary** site has lots of surplus capacity,
+you can increase the values to complete backfill in a shorter time. If it's
+under heavy load and backfill reduces its availability for normal requests,
+you can decrease them.
+
+## Set up the internal URLs
+
+> Setting up internal URLs in secondary sites was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77179) in GitLab 14.7.
+
+You can set up a different URL for synchronization between the primary and secondary site.
+
+The **primary** site's Internal URL is used by **secondary** sites to contact it
+(to sync repositories, for example). The name Internal URL distinguishes it from
+[External URL](https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab),
+which is used by users. Internal URL does not need to be a private address.
+
+When [Geo secondary proxying](../../administration/geo/secondary_proxy/index.md) is enabled,
+the primary uses the secondary's internal URL to contact it directly.
+
+The internal URL defaults to external URL. To change it:
+
+1. On the top bar, select **Menu > Admin**.
+1. On the left sidebar, select **Geo > Sites**.
+1. Select **Edit** on the site you want to customize.
+1. Edit the internal URL.
+1. Select **Save changes**.
+
+When enabled, the Admin Area for Geo shows replication details for each site directly
+from the primary site's UI, and through the Geo secondary proxy, if enabled.
+
+WARNING:
+We recommend using an HTTPS connection while configuring the Geo sites. To avoid
+breaking communication between **primary** and **secondary** sites when using
+HTTPS, customize your Internal URL to point to a load balancer with TLS
+terminated at the load balancer.
+
+WARNING:
+Starting with GitLab 13.3 and [until 13.11](https://gitlab.com/gitlab-org/gitlab/-/issues/325522),
+if you use an internal URL that is not accessible to the users, the
+OAuth authorization flow does not work properly, because users are redirected
+to the internal URL instead of the external one.
+
+## Multiple secondary sites behind a load balancer
+
+**Secondary** sites can use identical external URLs if
+a unique `name` is set for each Geo site. The `gitlab.rb` setting
+`gitlab_rails['geo_node_name']` must:
+
+- Be set for each GitLab instance that runs `puma`, `sidekiq`, or `geo_logcursor`.
+- Match a Geo site name.
+
+The load balancer must use sticky sessions to avoid authentication
+failures and cross-site request errors.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/admin_area/index.md b/doc/user/admin_area/index.md
index 8f36021084e..5fd44cf8697 100644
--- a/doc/user/admin_area/index.md
+++ b/doc/user/admin_area/index.md
@@ -33,7 +33,7 @@ The Admin Area is made up of the following sections:
 | **{license}** License                          | Add, display, and remove [licenses](license.md). |
 | **{cloud-gear}** Kubernetes                    | Create and manage instance-level [Kubernetes clusters](../instance/clusters/index.md). |
 | **{push-rules}** Push rules | Configure pre-defined Git [push rules](../project/repository/push_rules.md) for projects. Also, configure [merge requests approvers rules](merge_requests_approvals.md). |
-| **{location-dot}** Geo                         | Configure and maintain [Geo nodes](geo_nodes.md). |
+| **{location-dot}** Geo                         | Configure and maintain [Geo sites](geo_sites.md). |
 | **{key}** Deploy keys                          | Create instance-wide [SSH deploy keys](../project/deploy_keys/index.md). |
 | **{lock}** Credentials                         | View [credentials](credentials_inventory.md) that can be used to access your instance. |
 | **{template}** Integrations                    | Manage [instance-level default settings](settings/project_integration_management.md) for a project integration. |
@@ -184,7 +184,7 @@ The following data is included in the export:
 - Type
 - Path
 - Access level ([Project](../permissions.md#project-members-permissions) and [Group](../permissions.md#group-members-permissions))
-- Date of last activity ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/345388) in GitLab 14.6). For a list of activities that populate this column, see the [Users API documentation](../../api/users.md#get-user-activities-administrator-only).
+- Date of last activity ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/345388) in GitLab 14.6). For a list of activities that populate this column, see the [Users API documentation](../../api/users.md#get-user-activities).
 
 Only the first 100,000 user accounts are exported.
 
@@ -270,6 +270,8 @@ To create a new topic, select **New topic**.
 
 To edit a topic, select **Edit** in that topic's row.
 
+To remove a topic, select **Remove** in that topic's row.
+
 To search for topics by name, enter your criteria in the search box. The topic search is case
 insensitive and applies partial matching.
 
@@ -370,14 +372,16 @@ The following topics document the **Monitoring** section of the Admin Area.
 
 ### System Information
 
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/341248) in GitLab 15.2, support for relative time. "Uptime" statistic was renamed to "System started".
+
 The **System Info** page provides the following statistics:
 
-| Field        | Description |
-|:-------------|:------------|
-| CPU          | Number of CPU cores available |
-| Memory Usage | Memory in use, and total memory available |
-| Disk Usage   | Disk space in use, and total disk space available |
-| Uptime       | Approximate uptime of the GitLab instance |
+| Field          | Description                                       |
+|:---------------|:--------------------------------------------------|
+| CPU            | Number of CPU cores available                     |
+| Memory Usage   | Memory in use, and total memory available         |
+| Disk Usage     | Disk space in use, and total disk space available |
+| System started | When the system hosting GitLab was started. In GitLab 15.1 and earlier, this was an uptime statistic. |
 
 These statistics are updated only when you navigate to the **System Info** page, or you refresh the page in your browser.
 
diff --git a/doc/user/admin_area/license_file.md b/doc/user/admin_area/license_file.md
index be1b1a16e29..99669b2a4d3 100644
--- a/doc/user/admin_area/license_file.md
+++ b/doc/user/admin_area/license_file.md
@@ -56,9 +56,10 @@ usage data monthly.
 To submit the data, [export your license usage](../../subscriptions/self_managed/index.md#export-your-license-usage)
 and send it by email to the renewals service, `renewals-service@customers.gitlab.com`.
 
-If you don't submit your data each month after your subscription start date, a banner displays to remind you to
-submit your data. The banner displays in the **Admin Area** on the **Dashboard** and on the **Subscription**
-pages. You can only dismiss it until the following month after you submit your license usage data.
+If you don't submit your data each month after your subscription start date, an email is sent to the address
+associated with your subscription and a banner displays to remind you to submit your data. The banner displays
+in the **Admin Area** on the **Dashboard** and on the **Subscription** pages. You can only dismiss it until the
+following month after you submit your license usage data.
 
 ## What happens when your license expires
 
diff --git a/doc/user/admin_area/moderate_users.md b/doc/user/admin_area/moderate_users.md
index dc6ff96c31f..ab581cd3aa8 100644
--- a/doc/user/admin_area/moderate_users.md
+++ b/doc/user/admin_area/moderate_users.md
@@ -265,7 +265,7 @@ Use the Admin Area to delete users.
 1. Select **Delete user**.
 
 NOTE:
-You can only delete a user if there are inherited or direct owners of a group. You cannot delete a user if they are the only group owner.  
+You can only delete a user if there are inherited or direct owners of a group. You cannot delete a user if they are the only group owner.
 
 You can also delete a user and their contributions, such as merge requests, issues, and groups of which they are the only group owner.
 
diff --git a/doc/user/admin_area/monitoring/background_migrations.md b/doc/user/admin_area/monitoring/background_migrations.md
index 53d5056bb65..02d32099c63 100644
--- a/doc/user/admin_area/monitoring/background_migrations.md
+++ b/doc/user/admin_area/monitoring/background_migrations.md
@@ -28,6 +28,9 @@ You can [check the status of existing migrations](../../../update/index.md#batch
 
 ## Enable or disable batched background migrations
 
+WARNING:
+If you disable this feature flag, GitLab upgrades may fail.
+
 Batched background migrations are under development but ready for production use.
 It is deployed behind a feature flag that is **enabled by default**.
 [GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md)
diff --git a/doc/user/admin_area/reporting/git_abuse_rate_limit.md b/doc/user/admin_area/reporting/git_abuse_rate_limit.md
new file mode 100644
index 00000000000..ad3ecfa3a5a
--- /dev/null
+++ b/doc/user/admin_area/reporting/git_abuse_rate_limit.md
@@ -0,0 +1,29 @@
+---
+stage: Anti-Abuse
+group: Anti-Abuse
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Git abuse rate limit **(ULTIMATE SELF)**
+
+> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/8066) in GitLab 15.2 [with flags](../../../administration/feature_flags.md) named `git_abuse_rate_limit_feature_flag` and `auto_ban_user_on_excessive_projects_download`. Both flags are disabled by default.
+
+FLAG:
+On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to [enable the feature flags](../../../administration/feature_flags.md) named `git_abuse_rate_limit_feature_flag` and `auto_ban_user_on_excessive_projects_download`.
+
+Git abuse rate limiting is a feature to automatically [ban users](../moderate_users.md#ban-and-unban-users) who download more than a specified number of repositories in a given time. When the `git_abuse_rate_limit_feature_flag` feature flag is enabled, the administrator receives an email when a user is about to be banned.
+
+When the `auto_ban_user_on_excessive_projects_download` is not enabled, the user is not banned automatically. You can use this setup to determine the correct values of the rate limit settings.
+
+When both flags are enabled, the administrator receives an email when a user is about to be banned, and the user is automatically banned from the GitLab instance.
+
+## Configure Git abuse rate limiting
+
+1. On the top bar, select **Menu > Admin**.
+1. On the left sidebar, select **Settings > Reporting**.
+1. Expand **Git abuse rate limit**.
+1. Update the Git abuse rate limit settings:
+   1. Enter a number in the **Number of repositories** field, greater than or equal to `0` and less than or equal to `10,000`. This number specifies the maximum amount of unique repositories a user can download in the specified time period before they're banned. When set to `0`, Git abuse rate limiting is disabled.
+   1. Enter a number in the **Reporting time period (seconds)** field, greater than or equal to `0` and less than or equal to `86,400`. This number specifies the time in seconds a user can download the maximum amount of repositories before they're banned. When set to `0`, Git abuse rate limiting is disabled.
+   1. Optional. Exclude users by adding them to the **Excluded users** field. Excluded users are not automatically banned.
+1. Select **Save changes**.
diff --git a/doc/user/admin_area/settings/continuous_integration.md b/doc/user/admin_area/settings/continuous_integration.md
index 7f37c99259a..638b61f6197 100644
--- a/doc/user/admin_area/settings/continuous_integration.md
+++ b/doc/user/admin_area/settings/continuous_integration.md
@@ -91,20 +91,20 @@ The value is in MB and the default is 100MB per job. To change it at the:
 - Instance level:
 
   1. On the top bar, select **Menu > Admin**.
-  1. On the left sidebar, select **Settings > CI/CD**.
-  1. Change the value of maximum artifacts size (in MB).
+  1. On the left sidebar, select **Settings > CI/CD > Continuous Integration and Deployment**.
+  1. Change the value of **Maximum artifacts size (MB)**.
   1. Select **Save changes** for the changes to take effect.
 
 - Group level (this overrides the instance setting):
 
   1. Go to the group's **Settings > CI/CD > General Pipelines**.
-  1. Change the value of **maximum artifacts size (in MB)**.
+  1. Change the value of **Maximum artifacts size** (in MB).
   1. Select **Save changes** for the changes to take effect.
 
 - Project level (this overrides the instance and group settings):
 
   1. Go to the project's **Settings > CI/CD > General Pipelines**.
-  1. Change the value of **maximum artifacts size (in MB)**.
+  1. Change the value of **maximum artifacts size** (in MB).
   1. Select **Save changes** for the changes to take effect.
 
 NOTE:
diff --git a/doc/user/admin_area/settings/external_authorization.md b/doc/user/admin_area/settings/external_authorization.md
index ef980981fec..d6e6deb0274 100644
--- a/doc/user/admin_area/settings/external_authorization.md
+++ b/doc/user/admin_area/settings/external_authorization.md
@@ -6,7 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # External authorization control **(FREE SELF)**
 
-> - [Moved](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/27056) from GitLab Premium to GitLab Free in 11.10.
+> [Moved](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/27056) from GitLab Premium to GitLab Free in 11.10.
 
 In highly controlled environments, it may be necessary for access policy to be
 controlled by an external service that permits access based on project
diff --git a/doc/user/admin_area/settings/gitaly_timeouts.md b/doc/user/admin_area/settings/gitaly_timeouts.md
index 42e0c9faf9f..8866a044241 100644
--- a/doc/user/admin_area/settings/gitaly_timeouts.md
+++ b/doc/user/admin_area/settings/gitaly_timeouts.md
@@ -1,8 +1,7 @@
 ---
-stage: Create
+stage: Systems
 group: Gitaly
-info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments"
-type: reference
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
 ---
 
 # Gitaly timeouts **(FREE SELF)**
diff --git a/doc/user/admin_area/settings/incident_management_rate_limits.md b/doc/user/admin_area/settings/incident_management_rate_limits.md
new file mode 100644
index 00000000000..ed2d707af0a
--- /dev/null
+++ b/doc/user/admin_area/settings/incident_management_rate_limits.md
@@ -0,0 +1,38 @@
+---
+type: reference
+stage: Monitor
+group: Respond
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Incident management rate limits **(ULTIMATE SELF)**
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/17859) in GitLab 12.5.
+
+You can limit the number of inbound alerts for [incidents](../../../operations/incident_management/incidents.md)
+that can be created in a period of time. The inbound [incident management](../../../operations/incident_management/index.md)
+alert limit can help prevent overloading your incident responders by reducing the
+number of alerts or duplicate issues.
+
+As an example, if you set a limit of `10` requests every `60` seconds,
+and `11` requests are sent to an [alert integration endpoint](../../../operations/incident_management/integrations.md) within one minute,
+the eleventh request is blocked. Access to the endpoint is allowed again after one minute.
+
+This limit is:
+
+- Applied independently per project.
+- Not applied per IP address.
+- Disabled by default.
+
+Requests that exceed the limit are logged into `auth.log`.
+
+## Set a limit on inbound alerts
+
+To set inbound incident management alert limits:
+
+1. On the top bar, select **Menu > Admin**.
+1. On the left sidebar, select **Settings > Network**.
+1. Expand **Incident Management Limits**.
+1. Select the **Enable Incident Management inbound alert limit** checkbox.
+1. Optional. Input a custom value for **Maximum requests per project per rate limit period**. Default is 3600.
+1. Optional. Input a custom value for **Rate limit period**. Default is 3600 seconds.
diff --git a/doc/user/admin_area/settings/index.md b/doc/user/admin_area/settings/index.md
index 034a432c570..2e27b213f16 100644
--- a/doc/user/admin_area/settings/index.md
+++ b/doc/user/admin_area/settings/index.md
@@ -162,6 +162,7 @@ The **Reporting** settings contain:
 - [Spam and Anti-bot Protection](../../../integration/recaptcha.md) -
   Enable anti-spam services, like reCAPTCHA, Akismet, or [Spamcheck](../reporting/spamcheck.md), and set IP limits.
 - [Abuse reports](../review_abuse_reports.md) - Set notification email for abuse reports.
+- [Git abuse rate limit](../reporting/git_abuse_rate_limit.md) - Configure Git abuse rate limit settings. **(ULTIMATE SELF)**
 
 ### Repository
 
diff --git a/doc/user/admin_area/settings/usage_statistics.md b/doc/user/admin_area/settings/usage_statistics.md
index c74906c2762..65712a9a85c 100644
--- a/doc/user/admin_area/settings/usage_statistics.md
+++ b/doc/user/admin_area/settings/usage_statistics.md
@@ -1,5 +1,5 @@
 ---
-stage: Growth
+stage: Analytics
 group: Product Intelligence
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
 ---
diff --git a/doc/user/analytics/ci_cd_analytics.md b/doc/user/analytics/ci_cd_analytics.md
index 920b651c094..f4075c3420b 100644
--- a/doc/user/analytics/ci_cd_analytics.md
+++ b/doc/user/analytics/ci_cd_analytics.md
@@ -78,7 +78,7 @@ To view the lead time for changes chart:
 
 ![Lead time](img/lead_time_chart_v13_11.png)
 
-## View time to restore service chart **(PREMIUM)**
+## View time to restore service chart **(ULTIMATE)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/356959) in GitLab 15.1
 
@@ -93,3 +93,17 @@ To view the time to restore service chart:
 1. Select the **Time to restore service** tab.
 
 ![Lead time](img/time_to_restore_service_charts_v15_1.png)
+
+## View change failure rate chart **(ULTIMATE)**
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/357072) in GitLab 15.2
+
+The change failure rate chart shows information about the percentage of deployments that cause an incident in a production environment. This chart is available for groups and projects.
+
+Change failure rate is one of the four [DORA metrics](index.md#devops-research-and-assessment-dora-key-metrics) that DevOps teams use for measuring excellence in software delivery.
+
+To view the change failure rate chart:
+
+1. On the top bar, select **Menu > Projects** and find your project.
+1. On the left sidebar, select **Analytics > CI/CD Analytics**.
+1. Select the **Change failure rate** tab.
diff --git a/doc/user/analytics/img/time_to_restore_service_charts_v15_1.png b/doc/user/analytics/img/time_to_restore_service_charts_v15_1.png
index 25aac385750..fbc59f72e72 100644
--- a/doc/user/analytics/img/time_to_restore_service_charts_v15_1.png
+++ b/doc/user/analytics/img/time_to_restore_service_charts_v15_1.png
diff --git a/doc/user/analytics/index.md b/doc/user/analytics/index.md
index 91d9bd918b6..f699fa6d0fb 100644
--- a/doc/user/analytics/index.md
+++ b/doc/user/analytics/index.md
@@ -76,6 +76,8 @@ Deployment frequency displays in several charts:
 - [Project-level value stream analytics](value_stream_analytics.md)
 - [CI/CD analytics](ci_cd_analytics.md)
 
+To retrieve metrics for deployment frequency, use the [GraphQL](../../api/graphql/reference/index.md) or the [REST](../../api/dora/metrics.md) APIs.
+
 ### Lead time for changes
 
 Lead time for changes measures the time to deliver a feature once it has been developed,
@@ -87,6 +89,8 @@ Lead time for changes displays in several charts:
 - [Project-level value stream analytics](value_stream_analytics.md)
 - [CI/CD analytics](ci_cd_analytics.md)
 
+To retrieve metrics for lead time for changes, use the [GraphQL](../../api/graphql/reference/index.md) or the [REST](../../api/dora/metrics.md) APIs.
+
 ### Time to restore service
 
 Time to restore service measures how long it takes an organization to recover from a failure in production.
@@ -122,12 +126,12 @@ To retrieve metrics for change failure rate, use the [GraphQL](../../api/graphql
 
 | Metric                    | Level                   | API                                 | UI chart                              | Comments                      |
 |---------------------------|-------------------------|-------------------------------------|---------------------------------------|-------------------------------|
-| `deployment_frequency`    | Project           | [GitLab 13.7 and later](../../api/dora/metrics.md)  | GitLab 14.8 and later                                 | The [previous API endpoint](../../api/dora4_project_analytics.md) was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/323713) in 13.10.                                                                                                                                               |
+| `deployment_frequency`    | Project           | [GitLab 13.7 and later](../../api/dora/metrics.md)  | GitLab 14.8 and later                                 | The previous API endpoint was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/323713) in 13.10.                                                                                                                                               |
 | `deployment_frequency`    | Group             | [GitLab 13.10 and later](../../api/dora/metrics.md) | GitLab 13.12 and later                                |                                                |
 | `lead_time_for_changes`   | Project           | [GitLab 13.10 and later](../../api/dora/metrics.md) | GitLab 13.11 and later                                | Unit in seconds. Aggregation method is median. |
 | `lead_time_for_changes`   | Group             | [GitLab 13.10 and later](../../api/dora/metrics.md) | GitLab 14.0 and later                                 | Unit in seconds. Aggregation method is median. |
-| `time_to_restore_service` | Project and group | [GitLab 14.9 and later](../../api/dora/metrics.md)  | Not supported                                         |                                                |
-| `change_failure_rate`     | Project and group | [GitLab 14.10 and later](../../api/dora/metrics.md) | Not supported                                         |                                                |
+| `time_to_restore_service` | Project and group | [GitLab 14.9 and later](../../api/dora/metrics.md)  | GitLab 15.1 and later                                 | Unit in days. Aggregation method is median.    |
+| `change_failure_rate`     | Project and group | [GitLab 14.10 and later](../../api/dora/metrics.md) | GitLab 15.2 and later                                 | Percentage of deployments.                     |                 |
 
 ## Definitions
 
diff --git a/doc/user/analytics/value_stream_analytics.md b/doc/user/analytics/value_stream_analytics.md
index c0f97369740..a71136628cf 100644
--- a/doc/user/analytics/value_stream_analytics.md
+++ b/doc/user/analytics/value_stream_analytics.md
@@ -34,7 +34,7 @@ To view value stream analytics for your project:
 
 1. On the top bar, select **Menu > Projects** and find your project.
 1. On the left sidebar, select **Analytics > Value stream**.
-1. To view metrics for each stage, above the **Filter results** text box, select a stage.
+1. To view metrics for a particular stage, select a stage below the **Filter results** text box.
 1. Optional. Filter the results:
    1. Select the **Filter results** text box.
    1. Select a parameter.
diff --git a/doc/user/application_security/api_fuzzing/index.md b/doc/user/application_security/api_fuzzing/index.md
index cbe20ecde30..96236f60417 100644
--- a/doc/user/application_security/api_fuzzing/index.md
+++ b/doc/user/application_security/api_fuzzing/index.md
@@ -407,6 +407,11 @@ The API fuzzing behavior can be changed through CI/CD variables.
 From GitLab 13.12 and later, the default API fuzzing configuration file is `.gitlab/gitlab-api-fuzzing-config.yml`. In GitLab 14.0 and later, API fuzzing configuration files must be in your repository's
 `.gitlab` directory instead of your repository's root.
 
+WARNING:
+All customization of GitLab security scanning tools should be tested in a merge request before
+merging these changes to the default branch. Failure to do so can give unexpected results,
+including a large number of false positives.
+
 ### Authentication
 
 Authentication is handled by providing the authentication token as a header or cookie. You can
@@ -854,6 +859,9 @@ Optionally:
 
 - `FUZZAPI_PRE_SCRIPT`: Script to install runtimes or dependencies before the analyzer starts.
 
+WARNING:
+To execute scripts in Alpine Linux you must first use the command [`chmod`](https://www.gnu.org/software/coreutils/manual/html_node/chmod-invocation.html) to set the [execution permission](https://www.gnu.org/software/coreutils/manual/html_node/Setting-Permissions.html). For example, to set the execution permission of `script.py` for everyone, use the command: `chmod a+x script.py`. If needed, you can version your `script.py` with the execution permission already set.
+
 ```yaml
 stages:
      - fuzz
@@ -902,7 +910,9 @@ import requests
 import backoff
 
 # [1] Store log file in directory indicated by env var CI_PROJECT_DIR
-working_directory = os.environ['CI_PROJECT_DIR']
+working_directory = os.environ.get( 'CI_PROJECT_DIR')
+overrides_file_name = os.environ.get('FUZZAPI_OVERRIDES_FILE', 'api-fuzzing-overrides.json')
+overrides_file_path = os.path.join(working_directory, overrides_file_name)
 
 # [2] File name should match the pattern: gl-*.log
 log_file_path = os.path.join(working_directory, 'gl-user-overrides.log')
@@ -916,8 +926,11 @@ logging.basicConfig(filename=log_file_path, level=logging.DEBUG)
                        requests.exceptions.ConnectionError),
                        max_time=30)
 def get_auth_response():
-    return requests.get('https://authorization.service/api/get_api_token', auth=(os.environ['AUTH_USER'], os.environ['AUTH_PWD']))
-
+    authorization_url = 'https://authorization.service/api/get_api_token'
+    return requests.get(
+        f'{authorization_url}',
+        auth=(os.environ.get('AUTH_USER'), os.environ.get('AUTH_PWD'))
+    )
 
 # In our example, access token is retrieved from a given endpoint
 try:
@@ -939,14 +952,14 @@ try:
 # requests.ReadTimeout                      : The server did not send any data in the allotted amount of time.
 # requests.TooManyRedirects                 : The request exceeds the configured number of maximum redirections
 # requests.exceptions.RequestException      : All exceptions that related to Requests
+except json.JSONDecodeError as json_decode_error:
+    # logs errors related decoding JSON response
+    logging.error(f'Error, failed while decoding JSON response. Error message: {json_decode_error}')
+    raise
 except requests.exceptions.RequestException as requests_error:
     # logs  exceptions  related to `Requests`
     logging.error(f'Error, failed while performing HTTP request. Error message: {requests_error}')
     raise
-except requests.exceptions.JSONDecodeError as json_decode_error:
-    # logs errors related decoding JSON response
-    logging.error(f'Error, failed while decoding JSON response. Error message: {json_decode_error}')
-    raise
 except Exception as e:
     # logs any other error
     logging.error(f'Error, unknown error while retrieving access token. Error message: {e}')
@@ -961,8 +974,6 @@ overrides_data = {
 }
 
 # log entry informing about the file override computation
-overrides_file_path = os.path.join(
-    working_directory, "api-fuzzing-overrides.json")
 logging.info("Creating overrides file: %s" % overrides_file_path)
 
 # attempts to overwrite the file
@@ -975,7 +986,7 @@ try:
         fd.write(json.dumps(overrides_data).encode('utf-8'))
 except Exception as e:
     # logs any other error
-    logging.error(f'Error, unkown error when overwritng file {overrides_file_path}. Error message: {e}')
+    logging.error(f'Error, unknown error when overwriting file {overrides_file_path}. Error message: {e}')
     raise
 
 # logs informing override has finished successfully
@@ -998,6 +1009,7 @@ echo "**** install python dependencies ****"
 python3 -m ensurepip
 pip3 install --no-cache --upgrade \
     pip \
+    requests \
     backoff
 
 echo "**** python dependencies installed ****"
@@ -1028,7 +1040,7 @@ In the previous sample, you could use the script `user-pre-scan-set-up.sh` to al
 
 ### Exclude Paths
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211892) in GitLab 14.0.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211892) in GitLab 14.0.
 
 When testing an API it can be useful to exclude certain paths. For example, you might exclude testing of an authentication service or an older version of the API. To exclude paths, use the `FUZZAPI_EXCLUDE_PATHS` CI/CD variable . This variable is specified in your `.gitlab-ci.yml` file. To exclude multiple paths, separate entries using the `;` character. In the provided paths you can use a single character wildcard `?` and `*` for a multiple character wildcard.
 
diff --git a/doc/user/application_security/configuration/index.md b/doc/user/application_security/configuration/index.md
index 09292dcb92b..9ca1a6f125f 100644
--- a/doc/user/application_security/configuration/index.md
+++ b/doc/user/application_security/configuration/index.md
@@ -53,7 +53,7 @@ You can configure the following security controls:
     enable Container Scanning. For more details, see
     [Enable Container Scanning through an automatic merge request](../container_scanning/index.md#enable-container-scanning-through-an-automatic-merge-request).
 - [Operational Container Scanning](../../clusters/agent/vulnerabilities.md)
-  - Can be configured by adding a configuration block to your agent configuration. For more details, read [Operational Container Scanning](../../clusters/agent/vulnerabilities.md#enable-cluster-vulnerability-scanning).
+  - Can be configured by adding a configuration block to your agent configuration. For more details, read [Operational Container Scanning](../../clusters/agent/vulnerabilities.md#enable-operational-container-scanning).
 - [Secret Detection](../secret_detection/index.md)
   - Select **Configure with a merge request** to create a merge request with the changes required to
     enable Secret Detection. For more details, read [Enable Secret Detection via an automatic merge request](../secret_detection/index.md#enable-secret-detection-via-an-automatic-merge-request).
diff --git a/doc/user/application_security/container_scanning/index.md b/doc/user/application_security/container_scanning/index.md
index c41385a3569..cf864068e44 100644
--- a/doc/user/application_security/container_scanning/index.md
+++ b/doc/user/application_security/container_scanning/index.md
@@ -178,6 +178,8 @@ include:
     DOCKER_PASSWORD: "$AWS_ECR_PASSWORD"
 ```
 
+Authenticating to a remote registry is not supported when [FIPS mode](../../../development/fips_compliance.md#enable-fips-mode) is enabled.
+
 #### Dependency list
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/345434) in GitLab 14.6.
@@ -231,7 +233,12 @@ between GitLab Dependency Scanning and Container Scanning for more details on wh
 
 #### Available CI/CD variables
 
-You can [configure](#customizing-the-container-scanning-settings) analyzers by using the following CI/CD variables:
+You can [configure](#customizing-the-container-scanning-settings) analyzers by using the following CI/CD variables.
+
+WARNING:
+All customization of GitLab security scanning tools should be tested in a merge request before
+merging these changes to the default branch. Failure to do so can give unexpected results,
+including a large number of false positives.
 
 | CI/CD Variable                 | Default       | Description | Scanner |
 | ------------------------------ | ------------- | ----------- | ------------ |
@@ -248,8 +255,8 @@ You can [configure](#customizing-the-container-scanning-settings) analyzers by u
 | `CS_REGISTRY_INSECURE`         | `"false"`     | Allow access to insecure registries (HTTP only). Should only be set to `true` when testing the image locally. Works with all scanners, but the registry must listen on port `80/tcp` for Trivy to work. | All |
 | `CS_SEVERITY_THRESHOLD`        | `UNKNOWN`     | Severity level threshold. The scanner outputs vulnerabilities with severity level higher than or equal to this threshold. Supported levels are Unknown, Low, Medium, High, and Critical. | Trivy |
 | `DOCKER_IMAGE`                 | `$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG` | The Docker image to be scanned. If set, this variable overrides the `$CI_APPLICATION_REPOSITORY` and `$CI_APPLICATION_TAG` variables. | All |
-| `DOCKER_PASSWORD`              | `$CI_REGISTRY_PASSWORD` | Password for accessing a Docker registry requiring authentication. The default is only set if `$DOCKER_IMAGE` resides at [`$CI_REGISTRY`](../../../ci/variables/predefined_variables.md). | All |
-| `DOCKER_USER`                  | `$CI_REGISTRY_USER` | Username for accessing a Docker registry requiring authentication. The default is only set if `$DOCKER_IMAGE` resides at [`$CI_REGISTRY`](../../../ci/variables/predefined_variables.md). | All |
+| `DOCKER_PASSWORD`              | `$CI_REGISTRY_PASSWORD` | Password for accessing a Docker registry requiring authentication. The default is only set if `$DOCKER_IMAGE` resides at [`$CI_REGISTRY`](../../../ci/variables/predefined_variables.md). Not supported when [FIPS mode](../../../development/fips_compliance.md#enable-fips-mode) is enabled. | All |
+| `DOCKER_USER`                  | `$CI_REGISTRY_USER` | Username for accessing a Docker registry requiring authentication. The default is only set if `$DOCKER_IMAGE` resides at [`$CI_REGISTRY`](../../../ci/variables/predefined_variables.md). Not supported when [FIPS mode](../../../development/fips_compliance.md#enable-fips-mode) is enabled. | All |
 | `DOCKERFILE_PATH`              | `Dockerfile`  | The path to the `Dockerfile` to use for generating remediations. By default, the scanner looks for a file named `Dockerfile` in the root directory of the project. You should configure this variable only if your `Dockerfile` is in a non-standard location, such as a subdirectory. See [Solutions for vulnerabilities](#solutions-for-vulnerabilities-auto-remediation) for more details. | All |
 | `SECURE_LOG_LEVEL`             | `info`        | Set the minimum logging level. Messages of this logging level or higher are output. From highest to lowest severity, the logging levels are: `fatal`, `error`, `warn`, `info`, `debug`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10880) in GitLab 13.1. | All |
 
@@ -296,6 +303,10 @@ support `-fips`.
 Starting with GitLab 14.10, `-fips` is automatically added to `CS_ANALYZER_IMAGE` when FIPS mode is
 enabled in the GitLab instance.
 
+Container scanning of images in authenticated registries is not supported when [FIPS mode](../../../development/fips_compliance.md#enable-fips-mode)
+is enabled. When `CI_GITLAB_FIPS_MODE` is `"true"`, and `DOCKER_USER` or `DOCKER_PASSWORD` is set,
+the analyzer exits with an error and does not perform the scan.
+
 ### Enable Container Scanning through an automatic merge request
 
 > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/6334) in GitLab 14.9.
@@ -661,6 +672,8 @@ Also:
 - Consider creating credentials with read-only permissions and rotating them regularly if the
   options aren't selected.
 
+Scanning images in external private registries is not supported when [FIPS mode](../../../development/fips_compliance.md#enable-fips-mode) is enabled.
+
 ## Running the standalone container scanning tool
 
 It's possible to run the [GitLab container scanning tool](https://gitlab.com/gitlab-org/security-products/analyzers/container-scanning)
diff --git a/doc/user/application_security/coverage_fuzzing/index.md b/doc/user/application_security/coverage_fuzzing/index.md
index b2b7dd85468..ac3b266ad48 100644
--- a/doc/user/application_security/coverage_fuzzing/index.md
+++ b/doc/user/application_security/coverage_fuzzing/index.md
@@ -113,6 +113,11 @@ job. If you include these keys in your own job, you must copy their original con
 
 Use the following variables to configure coverage-guided fuzz testing in your CI/CD pipeline.
 
+WARNING:
+All customization of GitLab security scanning tools should be tested in a merge request before
+merging these changes to the default branch. Failure to do so can give unexpected results, including
+a large number of false positives.
+
 | CI/CD variable            | Description                                                                     |
 |---------------------------|---------------------------------------------------------------------------------|
 | `COVFUZZ_ADDITIONAL_ARGS` | Arguments passed to `gitlab-cov-fuzz`. Used to customize the behavior of the underlying fuzzing engine. Read the fuzzing engine's documentation for a complete list of arguments. |
diff --git a/doc/user/application_security/dast/checks/1004.1.md b/doc/user/application_security/dast/checks/1004.1.md
index 72af1156b95..40139f2aa8a 100644
--- a/doc/user/application_security/dast/checks/1004.1.md
+++ b/doc/user/application_security/dast/checks/1004.1.md
@@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 ## Description
 
-The {cookie_name} cookie was transmitted in a `Set-Cookie` header without the `HttpOnly` attribute set.
+The cookie was transmitted in a `Set-Cookie` header without the `HttpOnly` attribute set.
 To prevent JavaScript being able to access the cookie value - usually via `document.cookies` - all
 cookies that are used for authorization should have the `HttpOnly` attribute
 set.
diff --git a/doc/user/application_security/dast/checks/16.10.md b/doc/user/application_security/dast/checks/16.10.md
new file mode 100644
index 00000000000..67368d80022
--- /dev/null
+++ b/doc/user/application_security/dast/checks/16.10.md
@@ -0,0 +1,30 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Content-Security-Policy violations
+
+## Description
+
+A `Content-Security-Policy` (CSP) was identified on the target site that is reporting violations when
+attempting to load the page in a browser. This may cause disruption to your users when attempting to visit the page.
+
+## Remediation
+
+Review the violations to determine if any action is necessary.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 16.10 | true | 16 | Passive | Info |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/16.html)
+- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)
+- [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)
+- [Content Security Policy Level 3](https://www.w3.org/TR/CSP3/)
+- [CSP Evaluator](https://csp-evaluator.withgoogle.com/)
diff --git a/doc/user/application_security/dast/checks/16.3.md b/doc/user/application_security/dast/checks/16.3.md
index 6f80a2a32c6..e4fc2468dae 100644
--- a/doc/user/application_security/dast/checks/16.3.md
+++ b/doc/user/application_security/dast/checks/16.3.md
@@ -32,4 +32,4 @@ information from the `X-Powered-By` header.
 ## Links
 
 - [CWE](https://cwe.mitre.org/data/definitions/16.html)
-- [PHP `expose_php`](https://www.php.net/manual/en/ini.core.php#ini.expose-php)
+- [PHP expose_php](https://www.php.net/manual/en/ini.core.php#ini.expose-php)
diff --git a/doc/user/application_security/dast/checks/16.5.md b/doc/user/application_security/dast/checks/16.5.md
index e03da3043ef..28bb9f7ee4b 100644
--- a/doc/user/application_security/dast/checks/16.5.md
+++ b/doc/user/application_security/dast/checks/16.5.md
@@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 ## Description
 
-The target website returns AspNet headers and version information of this website. By
+The target website returns AspNet header(s) and version information of this website. By
 exposing these values attackers may attempt to identify if the target software is vulnerable to known
 vulnerabilities, or catalog known sites running particular versions to exploit in the future when a
 vulnerability is identified in the particular version.
diff --git a/doc/user/application_security/dast/checks/16.6.md b/doc/user/application_security/dast/checks/16.6.md
index 9cbcde669a0..ddd3a10c5f8 100644
--- a/doc/user/application_security/dast/checks/16.6.md
+++ b/doc/user/application_security/dast/checks/16.6.md
@@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 ## Description
 
-The target website returns AspNet headers along with version information of this website. By
+The target website returns AspNet header(s) along with version information of this website. By
 exposing these values attackers may attempt to identify if the target software is vulnerable to known
 vulnerabilities. Or catalog known sites running particular versions to exploit in the future when a
 vulnerability is identified in the particular version.
diff --git a/doc/user/application_security/dast/checks/16.8.md b/doc/user/application_security/dast/checks/16.8.md
new file mode 100644
index 00000000000..c9beba4544e
--- /dev/null
+++ b/doc/user/application_security/dast/checks/16.8.md
@@ -0,0 +1,30 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Content-Security-Policy analysis
+
+## Description
+
+A `Content-Security-Policy` (CSP) was identified on the target site. CSP can aid in hardening
+a website against various client side attacks such as Cross-Site Scripting (XSS).
+
+## Remediation
+
+Follow the recommendations to determine if any actions are necessary to harden this `Content-Security-Policy`.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 16.8 | true | 16 | Passive | Info |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/16.html)
+- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)
+- [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)
+- [Content Security Policy Level 3](https://www.w3.org/TR/CSP3/)
+- [CSP Evaluator](https://csp-evaluator.withgoogle.com/)
diff --git a/doc/user/application_security/dast/checks/16.9.md b/doc/user/application_security/dast/checks/16.9.md
new file mode 100644
index 00000000000..c3e4431e415
--- /dev/null
+++ b/doc/user/application_security/dast/checks/16.9.md
@@ -0,0 +1,32 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Content-Security-Policy-Report-Only analysis
+
+## Description
+
+A `Content-Security-Policy-Report-Only` (CSPRO) was identified on the target site. CSP-Report-Only headers
+aid in determining how to implement a `Content-Security-Policy` that does not disrupt normal use of the target
+site.
+
+## Remediation
+
+Follow the recommendations to determine if any actions are necessary to harden this `Content-Security-Policy-Report-Only`.
+After all alerts have been resolved, we recommend that this header be changed to `Content-Security-Policy`.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 16.9 | true | 16 | Passive | Info |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/16.html)
+- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)
+- [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)
+- [Content Security Policy Level 3](https://www.w3.org/TR/CSP3/)
+- [CSP Evaluator](https://csp-evaluator.withgoogle.com/)
diff --git a/doc/user/application_security/dast/checks/209.2.md b/doc/user/application_security/dast/checks/209.2.md
new file mode 100644
index 00000000000..2060bb1802b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/209.2.md
@@ -0,0 +1,43 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Generation of database error message containing sensitive information
+
+## Description
+
+The application was found to return database error messages. Determining the type of database may assist attackers in exploiting
+SQL Injection attacks against the system. While debug messages are helpful during development and debugging, they should not be
+presented to users when an error occurs.
+
+## Remediation
+
+Applications should handle database error conditions internally and map known failure types to error codes that can be displayed
+to a user. These error codes should be customized to the application and returned along with the relevant HTTP error code.
+
+When an error occurs, the application identifies the error type or class, and displays a numerical value to the
+user. Requests should also be tracked so when a user is presented with an error code, it has a corresponding request ID.
+Support teams can then correlate the HTTP error, the customized error code, and the request ID in the log files to
+determine the root cause of the error without leaking details to the end user.
+
+Example of returning customized errors:
+
+```plaintext
+HTTP/1.1 500 Internal Server Error
+...
+Error [0004] Occurred, please contact support or re-try your request again shortly.
+Request ID [a4bc91def12]
+...
+```
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 209.2 | false | 209 | Passive | Low |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/209.html)
diff --git a/doc/user/application_security/dast/checks/287.1.md b/doc/user/application_security/dast/checks/287.1.md
new file mode 100644
index 00000000000..06b7e7b4b2e
--- /dev/null
+++ b/doc/user/application_security/dast/checks/287.1.md
@@ -0,0 +1,33 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Insecure authentication over HTTP (Basic Authentication)
+
+## Description
+
+The target application was found to authenticate users using the Basic Authentication scheme over HTTP.
+Basic Authentication base64 encodes the username and password and sends it in the `Authentication` header.
+Attackers who are in between the communication path (or on the same local network) of the client and server
+could use packet sniffers to read and decode the username and password.
+
+## Remediation
+
+If possible, switch to a more robust method to authenticate users such as OAuth 2.0, or storing usernames
+and passwords in a data store protected by the Argon2id algorithm. If Basic Authentication must be used,
+ensure credentials are only transmitted over secure channels such as HTTPS/TLS.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 287.1 | false | 287 | Passive | Medium |
+
+## Links
+
+- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)
+- [OAuth 2.0](https://oauth.net/2/)
+- [CWE-287](https://cwe.mitre.org/data/definitions/287.html)
+- [RFC](https://datatracker.ietf.org/doc/html/rfc7617)
diff --git a/doc/user/application_security/dast/checks/287.2.md b/doc/user/application_security/dast/checks/287.2.md
new file mode 100644
index 00000000000..2215b72f47a
--- /dev/null
+++ b/doc/user/application_security/dast/checks/287.2.md
@@ -0,0 +1,35 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Insecure authentication over HTTP (Digest Authentication)
+
+## Description
+
+The target application was found to authenticate users using the Digest Authentication scheme over HTTP.
+Digest Authentication uses an insecure hashing algorithm (MD5) to hash the username and password and sends
+it in the `Authentication` header. Attackers who are in between the communication path (or on the same
+local network) of the client and server could use packet sniffers to modify the server's response parameters
+to downgrade the security of the digest access authentication mode. Additionally, the server stores the
+hashed credentials, usually in a file called `.htpasswd`. Tools are readily available to crack these passwords.
+
+## Remediation
+
+If possible, switch to a more robust method to authenticate users such as OAuth 2.0, or storing usernames
+and passwords in a data store protected by the Argon2id algorithm. If Digest Authentication must be used,
+ensure credentials are only transmitted over secure channels such as HTTPS/TLS.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 287.2 | false | 287 | Passive | Low |
+
+## Links
+
+- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html)
+- [OAuth 2.0](https://oauth.net/2/)
+- [CWE-287](https://cwe.mitre.org/data/definitions/287.html)
+- [RFC](https://datatracker.ietf.org/doc/html/rfc2069)
diff --git a/doc/user/application_security/dast/checks/601.1.md b/doc/user/application_security/dast/checks/601.1.md
index 26ccd877104..60249c2562d 100644
--- a/doc/user/application_security/dast/checks/601.1.md
+++ b/doc/user/application_security/dast/checks/601.1.md
@@ -8,17 +8,17 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 ## Description
 
-This site was found to allow open redirects from user supplied input. Open redirects are commonly 
-abused in phishing attacks where the original domain or URL looks like a legitimate link, but then 
-redirects a user to a malicious site. An example would be 
-`https://example.com/redirect?url=https://%62%61%64%2e%63%6f%6d%2f%66%61%6b%65%6c%6f%67%69%6e` which, 
+This site was found to allow open redirects from user supplied input. Open redirects are commonly
+abused in phishing attacks where the original domain or URL looks like a legitimate link, but then
+redirects a user to a malicious site. An example would be
+`https://example.com/redirect?url=https://%62%61%64%2e%63%6f%6d%2f%66%61%6b%65%6c%6f%67%69%6e` which,
 when decoded turns into `bad.com/fakelogin`.
 
 ## Remediation
 
-Never redirect a client based on user input found in a `GET` request. It is recommended that the list 
-of target links to redirect a user to are contained server side, and retrieved using a numerical value 
-as an index to return the link to be redirected to. For example, `/redirect?id=1` would cause the 
+Never redirect a client based on user input found in a `GET` request. It is recommended that the list
+of target links to redirect a user to are contained server side, and retrieved using a numerical value
+as an index to return the link to be redirected to. For example, `/redirect?id=1` would cause the
 application to look up the `1` index and return a URL such as `https://example.com`. This URL would
 then be used to redirect the user, using the 301 response code and `Location` header.
 
diff --git a/doc/user/application_security/dast/checks/614.1.md b/doc/user/application_security/dast/checks/614.1.md
index ec68ce33529..d5c7476716f 100644
--- a/doc/user/application_security/dast/checks/614.1.md
+++ b/doc/user/application_security/dast/checks/614.1.md
@@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 ## Description
 
-The {cookie_name} cookie was transmitted in a `Set-Cookie` response without the `Secure` attribute set.
+The cookie was transmitted in a `Set-Cookie` response without the `Secure` attribute set.
 To prevent sensitive cookie values being accidentally transmitted over clear-text HTTP we
 recommended that cookies are declared with the `Secure` attribute.
 
diff --git a/doc/user/application_security/dast/checks/798.1.md b/doc/user/application_security/dast/checks/798.1.md
new file mode 100644
index 00000000000..819ae92cfdc
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.1.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Adafruit API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Adafruit API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.1 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.10.md b/doc/user/application_security/dast/checks/798.10.md
new file mode 100644
index 00000000000..14723c81f17
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.10.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Asana Client Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Asana Client Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.10 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.100.md b/doc/user/application_security/dast/checks/798.100.md
new file mode 100644
index 00000000000..07bd24211c7
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.100.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Sendbird Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Sendbird Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.100 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.101.md b/doc/user/application_security/dast/checks/798.101.md
new file mode 100644
index 00000000000..ea102147100
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.101.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token SendGrid API token
+
+## Description
+
+The response body contains content that matches the pattern of a SendGrid API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.101 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.102.md b/doc/user/application_security/dast/checks/798.102.md
new file mode 100644
index 00000000000..8a40475190a
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.102.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Sendinblue API token
+
+## Description
+
+The response body contains content that matches the pattern of a Sendinblue API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.102 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.103.md b/doc/user/application_security/dast/checks/798.103.md
new file mode 100644
index 00000000000..3d91f7f3b80
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.103.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Sentry Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Sentry Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.103 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.104.md b/doc/user/application_security/dast/checks/798.104.md
new file mode 100644
index 00000000000..316998615ff
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.104.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Shippo API token
+
+## Description
+
+The response body contains content that matches the pattern of a Shippo API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.104 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.105.md b/doc/user/application_security/dast/checks/798.105.md
new file mode 100644
index 00000000000..20618a9d555
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.105.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Shopify access token
+
+## Description
+
+The response body contains content that matches the pattern of a Shopify access token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.105 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.106.md b/doc/user/application_security/dast/checks/798.106.md
new file mode 100644
index 00000000000..4f552302e85
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.106.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Shopify custom access token
+
+## Description
+
+The response body contains content that matches the pattern of a Shopify custom access token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.106 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.107.md b/doc/user/application_security/dast/checks/798.107.md
new file mode 100644
index 00000000000..2a5961b3905
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.107.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Shopify private app access token
+
+## Description
+
+The response body contains content that matches the pattern of a Shopify private app access token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.107 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.108.md b/doc/user/application_security/dast/checks/798.108.md
new file mode 100644
index 00000000000..23968bcf660
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.108.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Shopify shared secret
+
+## Description
+
+The response body contains content that matches the pattern of a Shopify shared secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.108 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.109.md b/doc/user/application_security/dast/checks/798.109.md
new file mode 100644
index 00000000000..57d6823d8a9
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.109.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Slack token
+
+## Description
+
+The response body contains content that matches the pattern of a Slack token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.109 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.11.md b/doc/user/application_security/dast/checks/798.11.md
new file mode 100644
index 00000000000..b12f86ba800
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.11.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Atlassian API token
+
+## Description
+
+The response body contains content that matches the pattern of a Atlassian API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.11 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.110.md b/doc/user/application_security/dast/checks/798.110.md
new file mode 100644
index 00000000000..8ac7a8a4be2
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.110.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Slack Webhook
+
+## Description
+
+The response body contains content that matches the pattern of a Slack Webhook.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.110 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.111.md b/doc/user/application_security/dast/checks/798.111.md
new file mode 100644
index 00000000000..ff05dcfe55b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.111.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Stripe
+
+## Description
+
+The response body contains content that matches the pattern of a Stripe.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.111 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.112.md b/doc/user/application_security/dast/checks/798.112.md
new file mode 100644
index 00000000000..4f5f89dab9c
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.112.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Square Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Square Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.112 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.113.md b/doc/user/application_security/dast/checks/798.113.md
new file mode 100644
index 00000000000..3f8d1a88ec0
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.113.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Squarespace Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Squarespace Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.113 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.114.md b/doc/user/application_security/dast/checks/798.114.md
new file mode 100644
index 00000000000..0b8235af8c7
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.114.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token SumoLogic Access ID
+
+## Description
+
+The response body contains content that matches the pattern of a SumoLogic Access ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.114 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.115.md b/doc/user/application_security/dast/checks/798.115.md
new file mode 100644
index 00000000000..052502ea962
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.115.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token SumoLogic Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a SumoLogic Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.115 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.116.md b/doc/user/application_security/dast/checks/798.116.md
new file mode 100644
index 00000000000..7b1f0eb907d
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.116.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Travis CI Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Travis CI Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.116 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.117.md b/doc/user/application_security/dast/checks/798.117.md
new file mode 100644
index 00000000000..5cd9817795a
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.117.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twilio API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Twilio API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.117 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.118.md b/doc/user/application_security/dast/checks/798.118.md
new file mode 100644
index 00000000000..a74233429df
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.118.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twitch API token
+
+## Description
+
+The response body contains content that matches the pattern of a Twitch API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.118 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.119.md b/doc/user/application_security/dast/checks/798.119.md
new file mode 100644
index 00000000000..80fada87b1c
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.119.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twitter API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Twitter API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.119 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.12.md b/doc/user/application_security/dast/checks/798.12.md
new file mode 100644
index 00000000000..6f8d0c83a94
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.12.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token AWS
+
+## Description
+
+The response body contains content that matches the pattern of a AWS.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.12 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.120.md b/doc/user/application_security/dast/checks/798.120.md
new file mode 100644
index 00000000000..639b5c6ffc2
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.120.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twitter API Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Twitter API Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.120 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.121.md b/doc/user/application_security/dast/checks/798.121.md
new file mode 100644
index 00000000000..e574760baa2
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.121.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twitter Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Twitter Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.121 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.122.md b/doc/user/application_security/dast/checks/798.122.md
new file mode 100644
index 00000000000..9acb82a6062
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.122.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twitter Access Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Twitter Access Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.122 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.123.md b/doc/user/application_security/dast/checks/798.123.md
new file mode 100644
index 00000000000..5d5c9df5f40
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.123.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twitter Bearer Token
+
+## Description
+
+The response body contains content that matches the pattern of a Twitter Bearer Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.123 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.124.md b/doc/user/application_security/dast/checks/798.124.md
new file mode 100644
index 00000000000..4900ca44ba4
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.124.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Typeform API token
+
+## Description
+
+The response body contains content that matches the pattern of a Typeform API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.124 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.125.md b/doc/user/application_security/dast/checks/798.125.md
new file mode 100644
index 00000000000..1111ef91491
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.125.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Yandex API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Yandex API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.125 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.126.md b/doc/user/application_security/dast/checks/798.126.md
new file mode 100644
index 00000000000..6253f9a4a92
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.126.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Yandex AWS Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Yandex AWS Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.126 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.127.md b/doc/user/application_security/dast/checks/798.127.md
new file mode 100644
index 00000000000..86bb9613f16
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.127.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Yandex Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Yandex Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.127 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.128.md b/doc/user/application_security/dast/checks/798.128.md
new file mode 100644
index 00000000000..0db8cdd8005
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.128.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Zendesk Secret Key
+
+## Description
+
+The response body contains content that matches the pattern of a Zendesk Secret Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.128 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.13.md b/doc/user/application_security/dast/checks/798.13.md
new file mode 100644
index 00000000000..8cf2f7c2895
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.13.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Bitbucket Client ID
+
+## Description
+
+The response body contains content that matches the pattern of a Bitbucket Client ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.13 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.14.md b/doc/user/application_security/dast/checks/798.14.md
new file mode 100644
index 00000000000..85b88660b5a
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.14.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Bitbucket Client Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Bitbucket Client Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.14 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.15.md b/doc/user/application_security/dast/checks/798.15.md
new file mode 100644
index 00000000000..51f2fae0021
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.15.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Bittrex Access Key
+
+## Description
+
+The response body contains content that matches the pattern of a Bittrex Access Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.15 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.16.md b/doc/user/application_security/dast/checks/798.16.md
new file mode 100644
index 00000000000..872a97e70ea
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.16.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Bittrex Secret Key
+
+## Description
+
+The response body contains content that matches the pattern of a Bittrex Secret Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.16 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.17.md b/doc/user/application_security/dast/checks/798.17.md
new file mode 100644
index 00000000000..9e11af3bfe8
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.17.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Beamer API token
+
+## Description
+
+The response body contains content that matches the pattern of a Beamer API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.17 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.18.md b/doc/user/application_security/dast/checks/798.18.md
new file mode 100644
index 00000000000..71caa0a53ba
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.18.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Codecov Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Codecov Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.18 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.19.md b/doc/user/application_security/dast/checks/798.19.md
new file mode 100644
index 00000000000..6cfbab0e9d1
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.19.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Coinbase Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Coinbase Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.19 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.2.md b/doc/user/application_security/dast/checks/798.2.md
new file mode 100644
index 00000000000..766f4c75973
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.2.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Adobe Client ID (OAuth Web)
+
+## Description
+
+The response body contains content that matches the pattern of a Adobe Client ID (OAuth Web).
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.2 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.20.md b/doc/user/application_security/dast/checks/798.20.md
new file mode 100644
index 00000000000..83651142912
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.20.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Clojars API token
+
+## Description
+
+The response body contains content that matches the pattern of a Clojars API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.20 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.21.md b/doc/user/application_security/dast/checks/798.21.md
new file mode 100644
index 00000000000..93bf588c84b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.21.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Confluent Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Confluent Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.21 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.22.md b/doc/user/application_security/dast/checks/798.22.md
new file mode 100644
index 00000000000..7a8abbce7ba
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.22.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Confluent Secret Key
+
+## Description
+
+The response body contains content that matches the pattern of a Confluent Secret Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.22 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.23.md b/doc/user/application_security/dast/checks/798.23.md
new file mode 100644
index 00000000000..f5460e98079
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.23.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Contentful delivery API token
+
+## Description
+
+The response body contains content that matches the pattern of a Contentful delivery API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.23 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.24.md b/doc/user/application_security/dast/checks/798.24.md
new file mode 100644
index 00000000000..7a01197a6b8
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.24.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Databricks API token
+
+## Description
+
+The response body contains content that matches the pattern of a Databricks API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.24 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.25.md b/doc/user/application_security/dast/checks/798.25.md
new file mode 100644
index 00000000000..c5dcee20f61
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.25.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Datadog Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Datadog Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.25 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.26.md b/doc/user/application_security/dast/checks/798.26.md
new file mode 100644
index 00000000000..bfa5cb0588e
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.26.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Discord API key
+
+## Description
+
+The response body contains content that matches the pattern of a Discord API key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.26 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.27.md b/doc/user/application_security/dast/checks/798.27.md
new file mode 100644
index 00000000000..1210d91e741
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.27.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Discord client ID
+
+## Description
+
+The response body contains content that matches the pattern of a Discord client ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.27 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.28.md b/doc/user/application_security/dast/checks/798.28.md
new file mode 100644
index 00000000000..5f4718d8eb7
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.28.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Discord client secret
+
+## Description
+
+The response body contains content that matches the pattern of a Discord client secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.28 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.29.md b/doc/user/application_security/dast/checks/798.29.md
new file mode 100644
index 00000000000..90371a157a0
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.29.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Doppler API token
+
+## Description
+
+The response body contains content that matches the pattern of a Doppler API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.29 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.3.md b/doc/user/application_security/dast/checks/798.3.md
new file mode 100644
index 00000000000..43d69b77337
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.3.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Adobe Client Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Adobe Client Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.3 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.30.md b/doc/user/application_security/dast/checks/798.30.md
new file mode 100644
index 00000000000..db62b30b84b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.30.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Dropbox API secret
+
+## Description
+
+The response body contains content that matches the pattern of a Dropbox API secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.30 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.31.md b/doc/user/application_security/dast/checks/798.31.md
new file mode 100644
index 00000000000..8f03ba780e4
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.31.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Dropbox long lived API token
+
+## Description
+
+The response body contains content that matches the pattern of a Dropbox long lived API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.31 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.32.md b/doc/user/application_security/dast/checks/798.32.md
new file mode 100644
index 00000000000..d2ed4af9177
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.32.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Dropbox short lived API token
+
+## Description
+
+The response body contains content that matches the pattern of a Dropbox short lived API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.32 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.33.md b/doc/user/application_security/dast/checks/798.33.md
new file mode 100644
index 00000000000..5a264cf4286
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.33.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Droneci Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Droneci Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.33 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.34.md b/doc/user/application_security/dast/checks/798.34.md
new file mode 100644
index 00000000000..a9b02b75230
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.34.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Duffel API token
+
+## Description
+
+The response body contains content that matches the pattern of a Duffel API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.34 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.35.md b/doc/user/application_security/dast/checks/798.35.md
new file mode 100644
index 00000000000..5d35baec9bb
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.35.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Dynatrace API token
+
+## Description
+
+The response body contains content that matches the pattern of a Dynatrace API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.35 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.36.md b/doc/user/application_security/dast/checks/798.36.md
new file mode 100644
index 00000000000..e2e0f10f842
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.36.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token EasyPost API token
+
+## Description
+
+The response body contains content that matches the pattern of a EasyPost API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.36 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.37.md b/doc/user/application_security/dast/checks/798.37.md
new file mode 100644
index 00000000000..089dc8b3ecc
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.37.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token EasyPost test API token
+
+## Description
+
+The response body contains content that matches the pattern of a EasyPost test API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.37 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.38.md b/doc/user/application_security/dast/checks/798.38.md
new file mode 100644
index 00000000000..886cfcc701b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.38.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Etsy Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Etsy Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.38 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.39.md b/doc/user/application_security/dast/checks/798.39.md
new file mode 100644
index 00000000000..78a66d15b89
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.39.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Facebook
+
+## Description
+
+The response body contains content that matches the pattern of a Facebook.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.39 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.4.md b/doc/user/application_security/dast/checks/798.4.md
new file mode 100644
index 00000000000..2ff5db46d83
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.4.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Age secret key
+
+## Description
+
+The response body contains content that matches the pattern of a Age secret key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.4 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.40.md b/doc/user/application_security/dast/checks/798.40.md
new file mode 100644
index 00000000000..e6691bb7b3a
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.40.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Fastly API key
+
+## Description
+
+The response body contains content that matches the pattern of a Fastly API key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.40 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.41.md b/doc/user/application_security/dast/checks/798.41.md
new file mode 100644
index 00000000000..b4d097a9014
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.41.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Finicity Client Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Finicity Client Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.41 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.42.md b/doc/user/application_security/dast/checks/798.42.md
new file mode 100644
index 00000000000..30c380d13a5
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.42.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Finicity API token
+
+## Description
+
+The response body contains content that matches the pattern of a Finicity API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.42 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.43.md b/doc/user/application_security/dast/checks/798.43.md
new file mode 100644
index 00000000000..be984f7119a
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.43.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Flickr Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Flickr Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.43 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.44.md b/doc/user/application_security/dast/checks/798.44.md
new file mode 100644
index 00000000000..183cb49b2e7
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.44.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Finnhub Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Finnhub Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.44 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.45.md b/doc/user/application_security/dast/checks/798.45.md
new file mode 100644
index 00000000000..a800063f15d
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.45.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Finicity Public Key
+
+## Description
+
+The response body contains content that matches the pattern of a Finicity Public Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.45 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.46.md b/doc/user/application_security/dast/checks/798.46.md
new file mode 100644
index 00000000000..5bf658ff610
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.46.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Flutterwave Secret Key
+
+## Description
+
+The response body contains content that matches the pattern of a Flutterwave Secret Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.46 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.47.md b/doc/user/application_security/dast/checks/798.47.md
new file mode 100644
index 00000000000..a6c7b974b7f
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.47.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Flutterwave Encryption Key
+
+## Description
+
+The response body contains content that matches the pattern of a Flutterwave Encryption Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.47 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.48.md b/doc/user/application_security/dast/checks/798.48.md
new file mode 100644
index 00000000000..523232cb00c
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.48.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Frame.io API token
+
+## Description
+
+The response body contains content that matches the pattern of a Frame.io API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.48 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.49.md b/doc/user/application_security/dast/checks/798.49.md
new file mode 100644
index 00000000000..ab7f39c2376
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.49.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Freshbooks Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Freshbooks Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.49 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.5.md b/doc/user/application_security/dast/checks/798.5.md
new file mode 100644
index 00000000000..6d55dcf54df
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.5.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Airtable API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Airtable API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.5 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.50.md b/doc/user/application_security/dast/checks/798.50.md
new file mode 100644
index 00000000000..f0d864db119
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.50.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GoCardless API token
+
+## Description
+
+The response body contains content that matches the pattern of a GoCardless API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.50 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.51.md b/doc/user/application_security/dast/checks/798.51.md
new file mode 100644
index 00000000000..f131d31ae65
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.51.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GCP API key
+
+## Description
+
+The response body contains content that matches the pattern of a GCP API key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.51 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.52.md b/doc/user/application_security/dast/checks/798.52.md
new file mode 100644
index 00000000000..0c4ea4a540b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.52.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GitHub Personal Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a GitHub Personal Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.52 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.53.md b/doc/user/application_security/dast/checks/798.53.md
new file mode 100644
index 00000000000..62a548be627
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.53.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GitHub OAuth Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a GitHub OAuth Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.53 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.54.md b/doc/user/application_security/dast/checks/798.54.md
new file mode 100644
index 00000000000..d29677899a5
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.54.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GitHub App Token
+
+## Description
+
+The response body contains content that matches the pattern of a GitHub App Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.54 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.55.md b/doc/user/application_security/dast/checks/798.55.md
new file mode 100644
index 00000000000..4c3bd9147c0
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.55.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GitHub Refresh Token
+
+## Description
+
+The response body contains content that matches the pattern of a GitHub Refresh Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.55 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.56.md b/doc/user/application_security/dast/checks/798.56.md
new file mode 100644
index 00000000000..563ea1f91a8
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.56.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GitLab Personal Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a GitLab Personal Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.56 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.57.md b/doc/user/application_security/dast/checks/798.57.md
new file mode 100644
index 00000000000..25b32953ebd
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.57.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Gitter Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Gitter Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.57 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.58.md b/doc/user/application_security/dast/checks/798.58.md
new file mode 100644
index 00000000000..056bcb0820a
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.58.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token HashiCorp Terraform user/org API token
+
+## Description
+
+The response body contains content that matches the pattern of a HashiCorp Terraform user/org API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.58 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.59.md b/doc/user/application_security/dast/checks/798.59.md
new file mode 100644
index 00000000000..b7e6b4fa32b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.59.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Heroku API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Heroku API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.59 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.6.md b/doc/user/application_security/dast/checks/798.6.md
new file mode 100644
index 00000000000..ce6ee95bede
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.6.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Algolia API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Algolia API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.6 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.60.md b/doc/user/application_security/dast/checks/798.60.md
new file mode 100644
index 00000000000..f471411440b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.60.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token HubSpot API Token
+
+## Description
+
+The response body contains content that matches the pattern of a HubSpot API Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.60 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.61.md b/doc/user/application_security/dast/checks/798.61.md
new file mode 100644
index 00000000000..061bf8f7360
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.61.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Intercom API Token
+
+## Description
+
+The response body contains content that matches the pattern of a Intercom API Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.61 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.62.md b/doc/user/application_security/dast/checks/798.62.md
new file mode 100644
index 00000000000..9c0f312b161
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.62.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Kraken Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Kraken Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.62 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.63.md b/doc/user/application_security/dast/checks/798.63.md
new file mode 100644
index 00000000000..51668619025
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.63.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Kucoin Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Kucoin Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.63 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.64.md b/doc/user/application_security/dast/checks/798.64.md
new file mode 100644
index 00000000000..12d20f96a42
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.64.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Kucoin Secret Key
+
+## Description
+
+The response body contains content that matches the pattern of a Kucoin Secret Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.64 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.65.md b/doc/user/application_security/dast/checks/798.65.md
new file mode 100644
index 00000000000..eb1dac62037
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.65.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Launchdarkly Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Launchdarkly Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.65 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.66.md b/doc/user/application_security/dast/checks/798.66.md
new file mode 100644
index 00000000000..8f20f9fa339
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.66.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Linear API Token
+
+## Description
+
+The response body contains content that matches the pattern of a Linear API Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.66 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.67.md b/doc/user/application_security/dast/checks/798.67.md
new file mode 100644
index 00000000000..7554c077376
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.67.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Linear Client Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Linear Client Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.67 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.68.md b/doc/user/application_security/dast/checks/798.68.md
new file mode 100644
index 00000000000..c633b949185
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.68.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token LinkedIn Client ID
+
+## Description
+
+The response body contains content that matches the pattern of a LinkedIn Client ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.68 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.69.md b/doc/user/application_security/dast/checks/798.69.md
new file mode 100644
index 00000000000..b34c2f01be6
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.69.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token LinkedIn Client secret
+
+## Description
+
+The response body contains content that matches the pattern of a LinkedIn Client secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.69 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.7.md b/doc/user/application_security/dast/checks/798.7.md
new file mode 100644
index 00000000000..43aba566471
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.7.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Alibaba AccessKey ID
+
+## Description
+
+The response body contains content that matches the pattern of a Alibaba AccessKey ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.7 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.70.md b/doc/user/application_security/dast/checks/798.70.md
new file mode 100644
index 00000000000..b7c1816481b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.70.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Lob API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Lob API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.70 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.71.md b/doc/user/application_security/dast/checks/798.71.md
new file mode 100644
index 00000000000..f0bcc43940d
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.71.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Lob Publishable API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Lob Publishable API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.71 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.72.md b/doc/user/application_security/dast/checks/798.72.md
new file mode 100644
index 00000000000..48b2cffbbda
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.72.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Mailchimp API key
+
+## Description
+
+The response body contains content that matches the pattern of a Mailchimp API key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.72 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.73.md b/doc/user/application_security/dast/checks/798.73.md
new file mode 100644
index 00000000000..eae41a49782
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.73.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Mailgun public validation key
+
+## Description
+
+The response body contains content that matches the pattern of a Mailgun public validation key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.73 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.74.md b/doc/user/application_security/dast/checks/798.74.md
new file mode 100644
index 00000000000..9a4b909bf4b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.74.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Mailgun private API token
+
+## Description
+
+The response body contains content that matches the pattern of a Mailgun private API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.74 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.75.md b/doc/user/application_security/dast/checks/798.75.md
new file mode 100644
index 00000000000..4c1cfd78003
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.75.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Mailgun webhook signing key
+
+## Description
+
+The response body contains content that matches the pattern of a Mailgun webhook signing key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.75 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.76.md b/doc/user/application_security/dast/checks/798.76.md
new file mode 100644
index 00000000000..87e6364184f
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.76.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token MapBox API token
+
+## Description
+
+The response body contains content that matches the pattern of a MapBox API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.76 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.77.md b/doc/user/application_security/dast/checks/798.77.md
new file mode 100644
index 00000000000..7b1becf4c19
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.77.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Mattermost Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Mattermost Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.77 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.78.md b/doc/user/application_security/dast/checks/798.78.md
new file mode 100644
index 00000000000..8d366d44c9d
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.78.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token MessageBird API token
+
+## Description
+
+The response body contains content that matches the pattern of a MessageBird API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.78 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.79.md b/doc/user/application_security/dast/checks/798.79.md
new file mode 100644
index 00000000000..9a580658a72
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.79.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token MessageBird client ID
+
+## Description
+
+The response body contains content that matches the pattern of a MessageBird client ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.79 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.8.md b/doc/user/application_security/dast/checks/798.8.md
new file mode 100644
index 00000000000..e6dfe1aa1cc
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.8.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Alibaba Secret Key
+
+## Description
+
+The response body contains content that matches the pattern of a Alibaba Secret Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.8 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.80.md b/doc/user/application_security/dast/checks/798.80.md
new file mode 100644
index 00000000000..c0a893264b0
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.80.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Netlify Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Netlify Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.80 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.81.md b/doc/user/application_security/dast/checks/798.81.md
new file mode 100644
index 00000000000..abf40705e7f
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.81.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token New Relic user API Key
+
+## Description
+
+The response body contains content that matches the pattern of a New Relic user API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.81 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.82.md b/doc/user/application_security/dast/checks/798.82.md
new file mode 100644
index 00000000000..519555546b6
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.82.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token New Relic user API ID
+
+## Description
+
+The response body contains content that matches the pattern of a New Relic user API ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.82 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.83.md b/doc/user/application_security/dast/checks/798.83.md
new file mode 100644
index 00000000000..85bdd534390
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.83.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token New Relic ingest browser API token
+
+## Description
+
+The response body contains content that matches the pattern of a New Relic ingest browser API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.83 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.84.md b/doc/user/application_security/dast/checks/798.84.md
new file mode 100644
index 00000000000..74ebb4fcaf1
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.84.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token npm access token
+
+## Description
+
+The response body contains content that matches the pattern of a npm access token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.84 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.85.md b/doc/user/application_security/dast/checks/798.85.md
new file mode 100644
index 00000000000..0726bdc7fd8
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.85.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Nytimes Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Nytimes Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.85 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.86.md b/doc/user/application_security/dast/checks/798.86.md
new file mode 100644
index 00000000000..940a46b7658
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.86.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Okta Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Okta Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.86 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.87.md b/doc/user/application_security/dast/checks/798.87.md
new file mode 100644
index 00000000000..8246bafc993
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.87.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Plaid Client ID
+
+## Description
+
+The response body contains content that matches the pattern of a Plaid Client ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.87 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.88.md b/doc/user/application_security/dast/checks/798.88.md
new file mode 100644
index 00000000000..57b029857ba
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.88.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Plaid Secret key
+
+## Description
+
+The response body contains content that matches the pattern of a Plaid Secret key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.88 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.89.md b/doc/user/application_security/dast/checks/798.89.md
new file mode 100644
index 00000000000..466044834dd
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.89.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Plaid API Token
+
+## Description
+
+The response body contains content that matches the pattern of a Plaid API Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.89 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.9.md b/doc/user/application_security/dast/checks/798.9.md
new file mode 100644
index 00000000000..12c725cfd08
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.9.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Asana Client ID
+
+## Description
+
+The response body contains content that matches the pattern of a Asana Client ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.9 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.90.md b/doc/user/application_security/dast/checks/798.90.md
new file mode 100644
index 00000000000..e0008af4918
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.90.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token PlanetScale password
+
+## Description
+
+The response body contains content that matches the pattern of a PlanetScale password.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.90 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.91.md b/doc/user/application_security/dast/checks/798.91.md
new file mode 100644
index 00000000000..be54e99360f
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.91.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token PlanetScale API token
+
+## Description
+
+The response body contains content that matches the pattern of a PlanetScale API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.91 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.92.md b/doc/user/application_security/dast/checks/798.92.md
new file mode 100644
index 00000000000..07ae24151f5
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.92.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token PlanetScale OAuth token
+
+## Description
+
+The response body contains content that matches the pattern of a PlanetScale OAuth token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.92 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.93.md b/doc/user/application_security/dast/checks/798.93.md
new file mode 100644
index 00000000000..661f460bf27
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.93.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Postman API token
+
+## Description
+
+The response body contains content that matches the pattern of a Postman API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.93 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.94.md b/doc/user/application_security/dast/checks/798.94.md
new file mode 100644
index 00000000000..4aeb15fee23
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.94.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Private Key
+
+## Description
+
+The response body contains content that matches the pattern of a Private Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.94 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.95.md b/doc/user/application_security/dast/checks/798.95.md
new file mode 100644
index 00000000000..13374aa67e0
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.95.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Pulumi API token
+
+## Description
+
+The response body contains content that matches the pattern of a Pulumi API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.95 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.96.md b/doc/user/application_security/dast/checks/798.96.md
new file mode 100644
index 00000000000..cb61bd38950
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.96.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token PyPI upload token
+
+## Description
+
+The response body contains content that matches the pattern of a PyPI upload token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.96 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.97.md b/doc/user/application_security/dast/checks/798.97.md
new file mode 100644
index 00000000000..93f03a692d7
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.97.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Rubygem API token
+
+## Description
+
+The response body contains content that matches the pattern of a Rubygem API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.97 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.98.md b/doc/user/application_security/dast/checks/798.98.md
new file mode 100644
index 00000000000..aab4cb9c5ed
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.98.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token RapidAPI Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a RapidAPI Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.98 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.99.md b/doc/user/application_security/dast/checks/798.99.md
new file mode 100644
index 00000000000..90c8aeda7ab
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.99.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Sendbird Access ID
+
+## Description
+
+The response body contains content that matches the pattern of a Sendbird Access ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.99 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/index.md b/doc/user/application_security/dast/checks/index.md
index e2947d5b120..cdfebc07ef2 100644
--- a/doc/user/application_security/dast/checks/index.md
+++ b/doc/user/application_security/dast/checks/index.md
@@ -12,14 +12,20 @@ The [DAST browser-based crawler](../browser_based.md) provides a number of vulne
 |:---|:------|:---------|:-----|
 | [1004.1](1004.1.md) | Sensitive cookie without HttpOnly attribute | Low | Passive |
 | [16.1](16.1.md) | Missing Content-Type header | Low | Passive |
+| [16.10](16.10.md) | Content-Security-Policy violations | Info | Passive |
 | [16.2](16.2.md) | Server header exposes version information | Low | Passive |
 | [16.3](16.3.md) | X-Powered-By header exposes version information | Low | Passive |
 | [16.4](16.4.md) | X-Backend-Server header exposes server information | Info | Passive |
 | [16.5](16.5.md) | AspNet header exposes version information | Low | Passive |
 | [16.6](16.6.md) | AspNetMvc header exposes version information | Low | Passive |
 | [16.7](16.7.md) | Strict-Transport-Security header missing or invalid | Low | Passive |
+| [16.8](16.8.md) | Content-Security-Policy analysis | Info | Passive |
+| [16.9](16.9.md) | Content-Security-Policy-Report-Only analysis | Info | Passive |
 | [200.1](200.1.md) | Exposure of sensitive information to an unauthorized actor (private IP address) | Low | Passive |
 | [209.1](209.1.md) | Generation of error message containing sensitive information | Low | Passive |
+| [209.2](209.2.md) | Generation of database error message containing sensitive information | Low | Passive |
+| [287.1](287.1.md) | Insecure authentication over HTTP (Basic Authentication) | Medium | Passive |
+| [287.2](287.2.md) | Insecure authentication over HTTP (Digest Authentication) | Low | Passive |
 | [319.1](319.1.md) | Mixed Content | Info | Passive |
 | [352.1](352.1.md) | Absence of anti-CSRF tokens | Medium | Passive |
 | [359.1](359.1.md) | Exposure of Private Personal Information (PII) to an unauthorized actor (credit card) | Medium | Passive |
@@ -31,5 +37,133 @@ The [DAST browser-based crawler](../browser_based.md) provides a number of vulne
 | [601.1](601.1.md) | URL redirection to untrusted site ('open redirect') | Low | Passive |
 | [614.1](614.1.md) | Sensitive cookie without Secure attribute | Low | Passive |
 | [693.1](693.1.md) | Missing X-Content-Type-Options: nosniff | Low | Passive |
+| [798.1](798.1.md) | Exposure of confidential secret or token Adafruit API Key | High | Passive |
+| [798.2](798.2.md) | Exposure of confidential secret or token Adobe Client ID (OAuth Web) | High | Passive |
+| [798.3](798.3.md) | Exposure of confidential secret or token Adobe Client Secret | High | Passive |
+| [798.4](798.4.md) | Exposure of confidential secret or token Age secret key | High | Passive |
+| [798.5](798.5.md) | Exposure of confidential secret or token Airtable API Key | High | Passive |
+| [798.6](798.6.md) | Exposure of confidential secret or token Algolia API Key | High | Passive |
+| [798.7](798.7.md) | Exposure of confidential secret or token Alibaba AccessKey ID | High | Passive |
+| [798.8](798.8.md) | Exposure of confidential secret or token Alibaba Secret Key | High | Passive |
+| [798.9](798.9.md) | Exposure of confidential secret or token Asana Client ID | High | Passive |
+| [798.10](798.10.md) | Exposure of confidential secret or token Asana Client Secret | High | Passive |
+| [798.11](798.11.md) | Exposure of confidential secret or token Atlassian API token | High | Passive |
+| [798.12](798.12.md) | Exposure of confidential secret or token AWS | High | Passive |
+| [798.13](798.13.md) | Exposure of confidential secret or token Bitbucket Client ID | High | Passive |
+| [798.14](798.14.md) | Exposure of confidential secret or token Bitbucket Client Secret | High | Passive |
+| [798.15](798.15.md) | Exposure of confidential secret or token Bittrex Access Key | High | Passive |
+| [798.16](798.16.md) | Exposure of confidential secret or token Bittrex Secret Key | High | Passive |
+| [798.17](798.17.md) | Exposure of confidential secret or token Beamer API token | High | Passive |
+| [798.18](798.18.md) | Exposure of confidential secret or token Codecov Access Token | High | Passive |
+| [798.19](798.19.md) | Exposure of confidential secret or token Coinbase Access Token | High | Passive |
+| [798.20](798.20.md) | Exposure of confidential secret or token Clojars API token | High | Passive |
+| [798.21](798.21.md) | Exposure of confidential secret or token Confluent Access Token | High | Passive |
+| [798.22](798.22.md) | Exposure of confidential secret or token Confluent Secret Key | High | Passive |
+| [798.23](798.23.md) | Exposure of confidential secret or token Contentful delivery API token | High | Passive |
+| [798.24](798.24.md) | Exposure of confidential secret or token Databricks API token | High | Passive |
+| [798.25](798.25.md) | Exposure of confidential secret or token Datadog Access Token | High | Passive |
+| [798.26](798.26.md) | Exposure of confidential secret or token Discord API key | High | Passive |
+| [798.27](798.27.md) | Exposure of confidential secret or token Discord client ID | High | Passive |
+| [798.28](798.28.md) | Exposure of confidential secret or token Discord client secret | High | Passive |
+| [798.29](798.29.md) | Exposure of confidential secret or token Doppler API token | High | Passive |
+| [798.30](798.30.md) | Exposure of confidential secret or token Dropbox API secret | High | Passive |
+| [798.31](798.31.md) | Exposure of confidential secret or token Dropbox long lived API token | High | Passive |
+| [798.32](798.32.md) | Exposure of confidential secret or token Dropbox short lived API token | High | Passive |
+| [798.33](798.33.md) | Exposure of confidential secret or token Droneci Access Token | High | Passive |
+| [798.34](798.34.md) | Exposure of confidential secret or token Duffel API token | High | Passive |
+| [798.35](798.35.md) | Exposure of confidential secret or token Dynatrace API token | High | Passive |
+| [798.36](798.36.md) | Exposure of confidential secret or token EasyPost API token | High | Passive |
+| [798.37](798.37.md) | Exposure of confidential secret or token EasyPost test API token | High | Passive |
+| [798.38](798.38.md) | Exposure of confidential secret or token Etsy Access Token | High | Passive |
+| [798.39](798.39.md) | Exposure of confidential secret or token Facebook | High | Passive |
+| [798.40](798.40.md) | Exposure of confidential secret or token Fastly API key | High | Passive |
+| [798.41](798.41.md) | Exposure of confidential secret or token Finicity Client Secret | High | Passive |
+| [798.42](798.42.md) | Exposure of confidential secret or token Finicity API token | High | Passive |
+| [798.43](798.43.md) | Exposure of confidential secret or token Flickr Access Token | High | Passive |
+| [798.44](798.44.md) | Exposure of confidential secret or token Finnhub Access Token | High | Passive |
+| [798.45](798.45.md) | Exposure of confidential secret or token Finicity Public Key | High | Passive |
+| [798.46](798.46.md) | Exposure of confidential secret or token Flutterwave Secret Key | High | Passive |
+| [798.47](798.47.md) | Exposure of confidential secret or token Flutterwave Encryption Key | High | Passive |
+| [798.48](798.48.md) | Exposure of confidential secret or token Frame.io API token | High | Passive |
+| [798.49](798.49.md) | Exposure of confidential secret or token Freshbooks Access Token | High | Passive |
+| [798.50](798.50.md) | Exposure of confidential secret or token GoCardless API token | High | Passive |
+| [798.51](798.51.md) | Exposure of confidential secret or token GCP API key | High | Passive |
+| [798.52](798.52.md) | Exposure of confidential secret or token GitHub Personal Access Token | High | Passive |
+| [798.53](798.53.md) | Exposure of confidential secret or token GitHub OAuth Access Token | High | Passive |
+| [798.54](798.54.md) | Exposure of confidential secret or token GitHub App Token | High | Passive |
+| [798.55](798.55.md) | Exposure of confidential secret or token GitHub Refresh Token | High | Passive |
+| [798.56](798.56.md) | Exposure of confidential secret or token GitLab Personal Access Token | High | Passive |
+| [798.57](798.57.md) | Exposure of confidential secret or token Gitter Access Token | High | Passive |
+| [798.58](798.58.md) | Exposure of confidential secret or token HashiCorp Terraform user/org API token | High | Passive |
+| [798.59](798.59.md) | Exposure of confidential secret or token Heroku API Key | High | Passive |
+| [798.60](798.60.md) | Exposure of confidential secret or token HubSpot API Token | High | Passive |
+| [798.61](798.61.md) | Exposure of confidential secret or token Intercom API Token | High | Passive |
+| [798.62](798.62.md) | Exposure of confidential secret or token Kraken Access Token | High | Passive |
+| [798.63](798.63.md) | Exposure of confidential secret or token Kucoin Access Token | High | Passive |
+| [798.64](798.64.md) | Exposure of confidential secret or token Kucoin Secret Key | High | Passive |
+| [798.65](798.65.md) | Exposure of confidential secret or token Launchdarkly Access Token | High | Passive |
+| [798.66](798.66.md) | Exposure of confidential secret or token Linear API Token | High | Passive |
+| [798.67](798.67.md) | Exposure of confidential secret or token Linear Client Secret | High | Passive |
+| [798.68](798.68.md) | Exposure of confidential secret or token LinkedIn Client ID | High | Passive |
+| [798.69](798.69.md) | Exposure of confidential secret or token LinkedIn Client secret | High | Passive |
+| [798.70](798.70.md) | Exposure of confidential secret or token Lob API Key | High | Passive |
+| [798.71](798.71.md) | Exposure of confidential secret or token Lob Publishable API Key | High | Passive |
+| [798.72](798.72.md) | Exposure of confidential secret or token Mailchimp API key | High | Passive |
+| [798.73](798.73.md) | Exposure of confidential secret or token Mailgun public validation key | High | Passive |
+| [798.74](798.74.md) | Exposure of confidential secret or token Mailgun private API token | High | Passive |
+| [798.75](798.75.md) | Exposure of confidential secret or token Mailgun webhook signing key | High | Passive |
+| [798.76](798.76.md) | Exposure of confidential secret or token MapBox API token | High | Passive |
+| [798.77](798.77.md) | Exposure of confidential secret or token Mattermost Access Token | High | Passive |
+| [798.78](798.78.md) | Exposure of confidential secret or token MessageBird API token | High | Passive |
+| [798.79](798.79.md) | Exposure of confidential secret or token MessageBird client ID | High | Passive |
+| [798.80](798.80.md) | Exposure of confidential secret or token Netlify Access Token | High | Passive |
+| [798.81](798.81.md) | Exposure of confidential secret or token New Relic user API Key | High | Passive |
+| [798.82](798.82.md) | Exposure of confidential secret or token New Relic user API ID | High | Passive |
+| [798.83](798.83.md) | Exposure of confidential secret or token New Relic ingest browser API token | High | Passive |
+| [798.84](798.84.md) | Exposure of confidential secret or token npm access token | High | Passive |
+| [798.85](798.85.md) | Exposure of confidential secret or token Nytimes Access Token | High | Passive |
+| [798.86](798.86.md) | Exposure of confidential secret or token Okta Access Token | High | Passive |
+| [798.87](798.87.md) | Exposure of confidential secret or token Plaid Client ID | High | Passive |
+| [798.88](798.88.md) | Exposure of confidential secret or token Plaid Secret key | High | Passive |
+| [798.89](798.89.md) | Exposure of confidential secret or token Plaid API Token | High | Passive |
+| [798.90](798.90.md) | Exposure of confidential secret or token PlanetScale password | High | Passive |
+| [798.91](798.91.md) | Exposure of confidential secret or token PlanetScale API token | High | Passive |
+| [798.92](798.92.md) | Exposure of confidential secret or token PlanetScale OAuth token | High | Passive |
+| [798.93](798.93.md) | Exposure of confidential secret or token Postman API token | High | Passive |
+| [798.94](798.94.md) | Exposure of confidential secret or token Private Key | High | Passive |
+| [798.95](798.95.md) | Exposure of confidential secret or token Pulumi API token | High | Passive |
+| [798.96](798.96.md) | Exposure of confidential secret or token PyPI upload token | High | Passive |
+| [798.97](798.97.md) | Exposure of confidential secret or token Rubygem API token | High | Passive |
+| [798.98](798.98.md) | Exposure of confidential secret or token RapidAPI Access Token | High | Passive |
+| [798.99](798.99.md) | Exposure of confidential secret or token Sendbird Access ID | High | Passive |
+| [798.100](798.100.md) | Exposure of confidential secret or token Sendbird Access Token | High | Passive |
+| [798.101](798.101.md) | Exposure of confidential secret or token SendGrid API token | High | Passive |
+| [798.102](798.102.md) | Exposure of confidential secret or token Sendinblue API token | High | Passive |
+| [798.103](798.103.md) | Exposure of confidential secret or token Sentry Access Token | High | Passive |
+| [798.104](798.104.md) | Exposure of confidential secret or token Shippo API token | High | Passive |
+| [798.105](798.105.md) | Exposure of confidential secret or token Shopify access token | High | Passive |
+| [798.106](798.106.md) | Exposure of confidential secret or token Shopify custom access token | High | Passive |
+| [798.107](798.107.md) | Exposure of confidential secret or token Shopify private app access token | High | Passive |
+| [798.108](798.108.md) | Exposure of confidential secret or token Shopify shared secret | High | Passive |
+| [798.109](798.109.md) | Exposure of confidential secret or token Slack token | High | Passive |
+| [798.110](798.110.md) | Exposure of confidential secret or token Slack Webhook | High | Passive |
+| [798.111](798.111.md) | Exposure of confidential secret or token Stripe | High | Passive |
+| [798.112](798.112.md) | Exposure of confidential secret or token Square Access Token | High | Passive |
+| [798.113](798.113.md) | Exposure of confidential secret or token Squarespace Access Token | High | Passive |
+| [798.114](798.114.md) | Exposure of confidential secret or token SumoLogic Access ID | High | Passive |
+| [798.115](798.115.md) | Exposure of confidential secret or token SumoLogic Access Token | High | Passive |
+| [798.116](798.116.md) | Exposure of confidential secret or token Travis CI Access Token | High | Passive |
+| [798.117](798.117.md) | Exposure of confidential secret or token Twilio API Key | High | Passive |
+| [798.118](798.118.md) | Exposure of confidential secret or token Twitch API token | High | Passive |
+| [798.119](798.119.md) | Exposure of confidential secret or token Twitter API Key | High | Passive |
+| [798.120](798.120.md) | Exposure of confidential secret or token Twitter API Secret | High | Passive |
+| [798.121](798.121.md) | Exposure of confidential secret or token Twitter Access Token | High | Passive |
+| [798.122](798.122.md) | Exposure of confidential secret or token Twitter Access Secret | High | Passive |
+| [798.123](798.123.md) | Exposure of confidential secret or token Twitter Bearer Token | High | Passive |
+| [798.124](798.124.md) | Exposure of confidential secret or token Typeform API token | High | Passive |
+| [798.125](798.125.md) | Exposure of confidential secret or token Yandex API Key | High | Passive |
+| [798.126](798.126.md) | Exposure of confidential secret or token Yandex AWS Access Token | High | Passive |
+| [798.127](798.127.md) | Exposure of confidential secret or token Yandex Access Token | High | Passive |
+| [798.128](798.128.md) | Exposure of confidential secret or token Zendesk Secret Key | High | Passive |
 | [829.1](829.1.md) | Inclusion of Functionality from Untrusted Control Sphere | Low | Passive |
 | [829.2](829.2.md) | Invalid Sub-Resource Integrity values detected | Medium | Passive |
diff --git a/doc/user/application_security/dast/dast_troubleshooting.md b/doc/user/application_security/dast/dast_troubleshooting.md
index 50570b89920..0c7a9806c72 100644
--- a/doc/user/application_security/dast/dast_troubleshooting.md
+++ b/doc/user/application_security/dast/dast_troubleshooting.md
@@ -102,3 +102,8 @@ To avoid this error, make sure you are using the latest stable version of Docker
 ## Lack of IPv6 support
 
 Due to the underlying [ZAProxy engine not supporting IPv6](https://github.com/zaproxy/zaproxy/issues/3705), DAST is unable to scan or crawl IPv6-based applications.
+
+## Additional insight into DAST scan activity
+
+For additional insight into what a DAST scan is doing at a given time, you may find it helpful to review
+the web server access logs for a DAST target endpoint during or following a scan.
diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md
index 25b4b705025..f8aa2e3d1c6 100644
--- a/doc/user/application_security/dast/index.md
+++ b/doc/user/application_security/dast/index.md
@@ -90,7 +90,7 @@ deploy:
   services:
   - name: docker:dind
     alias: dind
-  image: docker:19.03.5
+  image: docker:20.10.16
   stage: build
   script:
     - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
@@ -99,9 +99,10 @@ deploy:
     - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
     - docker push $CI_REGISTRY_IMAGE:latest
 
-services: # use services to link your app container to the dast job
-  - name: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
-    alias: yourapp
+dast:
+  services: # use services to link your app container to the dast job
+    - name: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
+      alias: yourapp
 
 variables:
   DAST_FULL_SCAN_ENABLED: "true" # do a full scan
@@ -622,6 +623,11 @@ To enable Mutual TLS:
 
 These CI/CD variables are specific to DAST. They can be used to customize the behavior of DAST to your requirements.
 
+WARNING:
+All customization of GitLab security scanning tools should be tested in a merge request before
+merging these changes to the default branch. Failure to do so can give unexpected results,
+including a large number of false positives.
+
 | CI/CD variable                                   | Type          | Description                   |
 |:-------------------------------------------------|:--------------|:------------------------------|
 | `DAST_ADVERTISE_SCAN`                            | boolean       | Set to `true` to add a `Via` header to every request sent, advertising that the request was sent as part of a GitLab DAST scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/334947) in GitLab 14.1. |
diff --git a/doc/user/application_security/dast_api/index.md b/doc/user/application_security/dast_api/index.md
index 9128576bf29..fdca02267e4 100644
--- a/doc/user/application_security/dast_api/index.md
+++ b/doc/user/application_security/dast_api/index.md
@@ -808,6 +808,9 @@ Optionally:
 
 - `DAST_API_PRE_SCRIPT`: Script to install runtimes or dependencies before the scan starts.
 
+WARNING:
+To execute scripts in Alpine Linux you must first use the command [`chmod`](https://www.gnu.org/software/coreutils/manual/html_node/chmod-invocation.html) to set the [execution permission](https://www.gnu.org/software/coreutils/manual/html_node/Setting-Permissions.html). For example, to set the execution permission of `script.py` for everyone, use the command: `chmod a+x script.py`. If needed, you can version your `script.py` with the execution permission already set.
+
 ```yaml
 stages:
   - dast
@@ -856,7 +859,9 @@ import requests
 import backoff
 
 # [1] Store log file in directory indicated by env var CI_PROJECT_DIR
-working_directory = os.environ['CI_PROJECT_DIR']
+working_directory = os.environ.get( 'CI_PROJECT_DIR')
+overrides_file_name = os.environ.get('DAST_API_OVERRIDES_FILE', 'dast-api-overrides.json')
+overrides_file_path = os.path.join(working_directory, overrides_file_name)
 
 # [2] File name should match the pattern: gl-*.log
 log_file_path = os.path.join(working_directory, 'gl-user-overrides.log')
@@ -870,7 +875,11 @@ logging.basicConfig(filename=log_file_path, level=logging.DEBUG)
                        requests.exceptions.ConnectionError),
                        max_time=30)
 def get_auth_response():
-    return requests.get('https://authorization.service/api/get_api_token', auth=(os.environ['AUTH_USER'], os.environ['AUTH_PWD']))
+    authorization_url = 'https://authorization.service/api/get_api_token'
+    return requests.get(
+        f'{authorization_url}',
+        auth=(os.environ.get('AUTH_USER'), os.environ.get('AUTH_PWD'))
+    )
 
 # In our example, access token is retrieved from a given endpoint
 try:
@@ -892,14 +901,14 @@ try:
 # requests.ReadTimeout                      : The server did not send any data in the allotted amount of time.
 # requests.TooManyRedirects                 : The request exceeds the configured number of maximum redirections
 # requests.exceptions.RequestException      : All exceptions that related to Requests
+except json.JSONDecodeError as json_decode_error:
+    # logs errors related decoding JSON response
+    logging.error(f'Error, failed while decoding JSON response. Error message: {json_decode_error}')
+    raise
 except requests.exceptions.RequestException as requests_error:
     # logs  exceptions  related to `Requests`
     logging.error(f'Error, failed while performing HTTP request. Error message: {requests_error}')
     raise
-except requests.exceptions.JSONDecodeError as json_decode_error:
-    # logs errors related decoding JSON response
-    logging.error(f'Error, failed while decoding JSON response. Error message: {json_decode_error}')
-    raise
 except Exception as e:
     # logs any other error
     logging.error(f'Error, unknown error while retrieving access token. Error message: {e}')
@@ -914,9 +923,6 @@ overrides_data = {
 }
 
 # log entry informing about the file override computation
-# the location of the overrides json file is also CI_PROJECT_DIR
-overrides_file_path = os.path.join(
-    working_directory, "dast-api-overrides.json")
 logging.info("Creating overrides file: %s" % overrides_file_path)
 
 # attempts to overwrite the file
@@ -929,7 +935,7 @@ try:
         fd.write(json.dumps(overrides_data).encode('utf-8'))
 except Exception as e:
     # logs any other error
-    logging.error(f'Error, unkown error when overwritng file {overrides_file_path}. Error message: {e}')
+    logging.error(f'Error, unknown error when overwriting file {overrides_file_path}. Error message: {e}')
     raise
 
 # logs informing override has finished successfully
diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md
index 08e2dcd2e7e..d0a91ab664e 100644
--- a/doc/user/application_security/dependency_scanning/index.md
+++ b/doc/user/application_security/dependency_scanning/index.md
@@ -63,18 +63,19 @@ possible, we encourage you to use all of our security scanning tools:
 
 The following table summarizes which types of dependencies each scanning tool can detect:
 
-| Feature                                                                                      | Dependency Scanning | Container Scanning          |
-| -----------------------------------------------------------                                  | ------------------- | ------------------          |
-| Identify the manifest, lock file, or static file that introduced the dependency              | **{check-circle}**      | **{dotted-circle}**             |
-| Development dependencies                                                                     | **{check-circle}**      | **{dotted-circle}**             |
-| Dependencies in a lock file committed to your repository                                     | **{check-circle}**      | **{check-circle}** <sup>1</sup> |
-| Binaries built by Go                                                                         | **{dotted-circle}**     | **{check-circle}** <sup>2</sup> |
-| Dynamically-linked language-specific dependencies installed by the Operating System          | **{dotted-circle}**     | **{check-circle}**              |
-| Operating system dependencies                                                                | **{dotted-circle}**     | **{check-circle}**              |
-| Language-specific dependencies installed on the operating system (not built by your project) | **{dotted-circle}**     | **{check-circle}**              |
+| Feature                                                                                      | Dependency Scanning | Container Scanning  |
+| -----------------------------------------------------------                                  | ------------------- | ------------------- |
+| Identify the manifest, lock file, or static file that introduced the dependency              | **{check-circle}**  | **{dotted-circle}** |
+| Development dependencies                                                                     | **{check-circle}**  | **{dotted-circle}** |
+| Dependencies in a lock file committed to your repository                                     | **{check-circle}**  | **{check-circle}** <sup>1</sup> |
+| Binaries built by Go                                                                         | **{dotted-circle}** | **{check-circle}** <sup>2</sup> <sup>3</sup> |
+| Dynamically-linked language-specific dependencies installed by the Operating System          | **{dotted-circle}** | **{check-circle}** <sup>3</sup> |
+| Operating system dependencies                                                                | **{dotted-circle}** | **{check-circle}**  |
+| Language-specific dependencies installed on the operating system (not built by your project) | **{dotted-circle}** | **{check-circle}**  |
 
 1. Lock file must be present in the image to be detected.
 1. Binary file must be present in the image to be detected.
+1. Only when using Trivy
 
 ## Requirements
 
@@ -310,7 +311,7 @@ table.supported-languages ul {
     <p>
       Although Gradle with Java 8 is supported, there are other issues such that Android project builds are not supported at this time.
       Please see the backlog issue <a href="https://gitlab.com/gitlab-org/gitlab/-/issues/336866">Android support for Dependency
-      Scanning (gemnasium-maven)</a> for more details.
+      Scanning (gemnasium-maven)</a> for more details. Also, Gradle is not supported when [FIPS mode](../../../development/fips_compliance.md#enable-fips-mode) is enabled.
     </p>
   </li>
   <li>
@@ -396,11 +397,10 @@ To support the following package managers, the GitLab analyzers proceed in two s
           If your project <i>does not use</i> a <code>gradlew</code> file, then the analyzer automatically switches to one of the
           pre-installed Gradle versions, based on the version of Java specified by the
           <a href="#configuring-specific-analyzers-used-by-dependency-scanning"><code>DS_JAVA_VERSION</code></a> variable.
+          By default, the analyzer uses Java 17 and Gradle 7.3.3.
         </p>
-        <p>You can view the
-          <a href="https://docs.gradle.org/current/userguide/compatibility.html#java">Gradle Java compatibility matrix</a> to see which version
-          of Gradle is selected for each Java version. Note that we only support switching to one of these pre-installed Gradle versions
-          for Java versions 13 to 17.
+        <p>
+          For Java versions <code>8</code> and <code>11</code>, Gradle <code>6.7.1</code> is automatically selected, and for Java versions <code>13</code> to <code>17</code>, Gradle <code>7.3.3</code> is automatically selected.
         </p>
       </li>
       <li>
@@ -587,6 +587,11 @@ gemnasium-dependency_scanning:
 Dependency scanning can be [configured](#customizing-the-dependency-scanning-settings)
 using environment variables.
 
+WARNING:
+All customization of GitLab security scanning tools should be tested in a merge request before
+merging these changes to the default branch. Failure to do so can give unexpected results,
+including a large number of false positives.
+
 #### Configuring dependency scanning
 
 The following variables allow configuration of global dependency scanning settings.
@@ -611,7 +616,7 @@ The following variables are used for configuring specific analyzers (used for a
 | `GEMNASIUM_DB_UPDATE_DISABLED`       | `gemnasium`        | `"false"`                    | Disable automatic updates for the `gemnasium-db` advisory database (For usage see: [examples](#hosting-a-copy-of-the-gemnasium_db-advisory-database))|
 | `GEMNASIUM_DB_REMOTE_URL`            | `gemnasium`        | `https://gitlab.com/gitlab-org/security-products/gemnasium-db.git` | Repository URL for fetching the Gemnasium database. |
 | `GEMNASIUM_DB_REF_NAME`              | `gemnasium`        | `master`                     | Branch name for remote repository database. `GEMNASIUM_DB_REMOTE_URL` is required. |
-| `DS_REMEDIATE`                       | `gemnasium`        | `"true"`                     | Enable automatic remediation of vulnerable dependencies. |
+| `DS_REMEDIATE`                       | `gemnasium`        | `"true"`, `"false"` in FIPS mode | Enable automatic remediation of vulnerable dependencies. Not supported in FIPS mode. |
 | `GEMNASIUM_LIBRARY_SCAN_ENABLED`     | `gemnasium`        | `"true"`                     | Enable detecting vulnerabilities in vendored JavaScript libraries. For now, `gemnasium` leverages [`Retire.js`](https://github.com/RetireJS/retire.js) to do this job. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/350512) in GitLab 14.8. |
 | `DS_JAVA_VERSION`                    | `gemnasium-maven`  | `17`                         | Version of Java. Available versions: `8`, `11`, `13`, `14`, `15`, `16`, `17`. Available versions in FIPS-enabled image: `8`, `11`, `17`. |
 | `MAVEN_CLI_OPTS`                     | `gemnasium-maven`  | `"-DskipTests --batch-mode"` | List of command line arguments that are passed to `maven` by the analyzer. See an example for [using private repositories](../index.md#using-private-maven-repositories). |
@@ -622,7 +627,7 @@ The following variables are used for configuring specific analyzers (used for a
 | `PIP_REQUIREMENTS_FILE`              | `gemnasium-python` |                              | Pip requirements file to be scanned. |
 | `DS_PIP_VERSION`                     | `gemnasium-python` |                              | Force the install of a specific pip version (example: `"19.3"`), otherwise the pip installed in the Docker image is used. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12811) in GitLab 12.7) |
 | `DS_PIP_DEPENDENCY_PATH`             | `gemnasium-python` |                              | Path to load Python pip dependencies from. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12412) in GitLab 12.2) |
-| `DS_INCLUDE_DEV_DEPENDENCIES`        | `gemnasium`        | `"true"`                     | When set to `"false"`, development dependencies and their vulnerabilities are not reported. Only NPM projects are supported. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/227861) in GitLab 15.1. |
+| `DS_INCLUDE_DEV_DEPENDENCIES`        | `gemnasium`        | `"true"`                     | When set to `"false"`, development dependencies and their vulnerabilities are not reported. Only NPM and Poetry projects are supported. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/227861) in GitLab 15.1. |
 
 #### Other variables
 
@@ -688,6 +693,8 @@ To manually switch to FIPS-enabled images, set the variable `DS_IMAGE_SUFFIX` to
 To ensure compliance with FIPS, the FIPS-enabled image of `gemnasium-maven` uses the OpenJDK packages for RedHat UBI.
 As a result, it only supports Java 8, 11, and 17.
 
+Dependency scanning for Gradle projects and auto-remediation for Yarn projects are not supported in FIPS mode.
+
 ## Interacting with the vulnerabilities
 
 Once a vulnerability is found, you can interact with it. Read more on how to
@@ -834,10 +841,16 @@ Here's an example dependency scanning report:
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/350509) in GitLab 14.8 in [Beta](../../../policy/alpha-beta-support.md#beta-features).
 
+NOTE:
+CycloneDX SBOMs are a [Beta](../../../policy/alpha-beta-support.md#beta-features) feature,
+and the reports are subject to change during the beta period. Do not build integrations
+that rely on the format of these SBOMs staying consistent, as the format might change
+before the feature is made generally available.
+
 In addition to the [JSON report file](#reports-json-format), the [Gemnasium](https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium)
 Dependency Scanning tool outputs a [CycloneDX](https://cyclonedx.org/) Software Bill of Materials (SBOM) for
 each supported lock or build file it detects. These CycloneDX SBOMs are named
-`cyclonedx-<package-type>-<package-manager>.json`, and are saved in the same directory
+`gl-sbom-<package-type>-<package-manager>.cdx.json`, and are saved in the same directory
 as the detected lock or build files.
 
 For example, if your project has the following structure:
@@ -860,16 +873,16 @@ Then the Gemnasium scanner generates the following CycloneDX SBOMs:
 .
 ├── ruby-project/
 │   ├── Gemfile.lock
-│   └── cyclonedx-gem-bundler.json
+│   └── gl-sbom-gem-bundler.cdx.json
 ├── ruby-project-2/
 │   ├── Gemfile.lock
-│   └── cyclonedx-gem-bundler.json
+│   └── gl-sbom-gem-bundler.cdx.json
 ├── php-project/
 │   ├── composer.lock
-│   └── cyclonedx-packagist-composer.json
+│   └── gl-sbom-packagist-composer.cdx.json
 └── go-project/
     ├── go.sum
-    └── cyclonedx-go-go.json
+    └── gl-sbom-go-go.cdx.json
 ```
 
 The CycloneDX SBOMs can be downloaded [the same way as other job artifacts](../../../ci/pipelines/job_artifacts.md#download-job-artifacts).
@@ -894,10 +907,10 @@ merge cyclonedx sboms:
     - wget https://github.com/CycloneDX/cyclonedx-cli/releases/download/v0.22.0/cyclonedx-linux-musl-x64 -O /usr/local/bin/cyclonedx-cli
     - chmod 755 /usr/local/bin/cyclonedx-cli
     - apk --update add --no-cache icu-dev libstdc++
-    - find * -name "cyclonedx-*.json" -exec cyclonedx-cli merge --input-files {} --output-file cyclonedx-all.json +
+    - find * -name "gl-sbom-*.cdx.json" -exec cyclonedx-cli merge --input-files {} --output-file gl-sbom-all.cdx.json +
   artifacts:
     paths:
-      - cyclonedx-all.json
+      - gl-sbom-all.cdx.json
 ```
 
 GitLab uses [CycloneDX Properties](https://cyclonedx.org/use-cases/#properties--name-value-store)
@@ -905,12 +918,6 @@ to store implementation-specific details in the metadata of each CycloneDX SBOM,
 such as the location of build and lock files. If multiple CycloneDX SBOMs are merged together,
 this information is removed from the resulting merged file.
 
-NOTE:
-CycloneDX SBOMs are a [Beta](../../../policy/alpha-beta-support.md#beta-features) feature,
-and the reports are subject to change during the beta period. Do not build integrations
-that rely on the format of these SBOMs staying consistent, as the format might change
-before the feature is made generally available.
-
 ## Versioning and release process
 
 Please check the [Release Process documentation](https://gitlab.com/gitlab-org/security-products/release/blob/master/docs/release_process.md).
diff --git a/doc/user/application_security/generate_test_vulnerabilities/index.md b/doc/user/application_security/generate_test_vulnerabilities/index.md
new file mode 100644
index 00000000000..aafbebb91cd
--- /dev/null
+++ b/doc/user/application_security/generate_test_vulnerabilities/index.md
@@ -0,0 +1,28 @@
+---
+type: reference, howto
+stage: Secure
+group: Threat Insights
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Generate test vulnerabilities
+
+You can generate test vulnerabilities when you work on the [Vulnerability Report](../vulnerability_report/index.md).
+
+1. Go to `/-/profile/personal_access_tokens` and generate a personal access token with `api` permissions.
+1. Go to your project page and find the project ID. You can find the project ID below the project title.
+1. Open a terminal and go to the `gitlab/qa` directory.
+1. Run the following command:
+
+```shell
+GITLAB_QA_ACCESS_TOKEN=<your_personal_access_token> GITLAB_URL="http://localhost:3000" bundle exec rake vulnerabilities:setup\[<your_project_id>,<vulnerability_count>\] --trace
+```
+
+Make sure you do the following:
+
+- Replace `<your_personal_access_token>` with the token you generated in step one.
+- Double check the `GITLAB_URL`. It should point to the running local instance.
+- Replace `<your_project_id>` with the ID you obtained in step two.
+- Replace `<vulnerability_count>` with the number of vulnerabilities you'd like to generate.
+
+The script creates the specified amount of vulnerabilities in the project.
diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md
index d449fbb9a6c..e3a419ea771 100644
--- a/doc/user/application_security/index.md
+++ b/doc/user/application_security/index.md
@@ -114,6 +114,11 @@ While you cannot directly customize Auto DevOps, you can [include the Auto DevOp
 To enable all GitLab security scanning tools, with the option of customizing settings, add the
 GitLab CI/CD templates to your `.gitlab-ci.yml` file.
 
+WARNING:
+All customization of GitLab security scanning tools should be tested in a merge request before
+merging these changes to the default branch. Failure to do so can give unexpected results,
+including a large number of false positives.
+
 To enable Static Application Security Testing, Dependency Scanning, License Scanning, and Secret
 Detection, add:
 
@@ -217,9 +222,9 @@ From the merge request security widget, select **Expand** to unfold the widget,
 
 ## View security scan information in the pipeline Security tab
 
-A pipeline's security tab lists all findings in the current branch. It includes new findings introduced by this branch and existing vulnerabilities that were already present when the branch was created. These results likely do not match the findings displayed in the Merge Request security widget as those do not include the existing vulnerabilities (with the exception of showing any existing vulnerabilities that are no longer detected in the feature branch).
-
-For more details, see [security tab](security_dashboard/index.md#view-vulnerabilities-in-a-pipeline).
+A pipeline's security tab lists all findings in the current branch. It includes new findings introduced by this branch
+and existing vulnerabilities already present when you created the branch. These results likely do not match the findings
+displayed in the Merge Request security widget, as those do not include the existing vulnerabilities. Refer to [View vulnerabilities in a pipeline](vulnerability_report/pipeline.md) for more information.
 
 ## View security scan information in the Security Dashboard
 
@@ -247,15 +252,6 @@ security issues:
 - A software license compliance violation. For more details, read
   [Enabling license approvals within a project](../compliance/license_compliance/index.md#enabling-license-approvals-within-a-project).
 
-### Migration of existing Vulnerability-Check rules
-
-If your projects have rules that have a security orchestration project, a new MR with
-the existing rule's content is created automatically against the default branch belonging
-to the security orchestration project. To maintain the same security approval rules you
-had before GitLab 15.0, we recommend merging this new MR.
-
-If your projects have rules without a security orchestration project, a new security orchestration project is created automatically with the content of the existing rule. No additional action is required.
-
 ## Using private Maven repositories
 
 If you have a private Apache Maven repository that requires login credentials,
@@ -393,48 +389,31 @@ Self managed installations can also run the security scanners on a GitLab Runner
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321918) in GitLab 13.11.
 > - Schema validation message [added](https://gitlab.com/gitlab-org/gitlab/-/issues/321730) in GitLab 14.0.
 
-You can enforce validation of the security report artifacts before ingesting the vulnerabilities.
+GitLab 15.0 enforces validation of the security report artifacts before ingesting the vulnerabilities.
 This prevents ingestion of broken vulnerability data into the database. GitLab validates the
-artifacts based on the [report schemas](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/tree/master/dist).
-When artifact validation is enabled, the pipeline's **Security** tab lists
-any report artifacts that failed validation.
+artifacts against the [report schemas](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/tree/master/dist),
+according to the schema version declared in the report.
 
-Validation depends on the schema:
+The pipeline's **Security** tab lists any report artifacts that failed validation, and the
+validation error message.
 
-- If your security report does not specify which schema version it uses, GitLab attempts to verify it against the earliest supported schema version for that report type. Validation fails but it's attempted anyway because it may identify other problems present in the report.
-- If your security report uses a version that is not supported, GitLab attempts to validate it against the earliest supported schema version for that report type. Validation fails but will identify the differences between the schema version used and the earliest supported version.
-- If your security report uses a deprecated version, GitLab attempts validation against that version and adds a warning to the validation result.
+Validation depends on the schema version declared in the security report artifact:
 
-You can always find supported and deprecated schema versions in the [source code](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/parsers/security/validators/schema_validator.rb#L9).
+- If your security report specifies a supported schema version, GitLab uses this version to validate.
+- If your security report uses a deprecated version, GitLab attempts validation against that version and adds a deprecation warning to the validation result.
+- If your security report uses a version that is not supported, GitLab attempts to validate it against the latest schema version available in GitLab.
+- If your security report does not specify a schema version, GitLab attempts to validate it against the lastest schema version available in GitLab. Since the `version` property is required, validation always fails in this case, but other validation errors may also be present.
 
-### Enable security report validation
+You can always find supported and deprecated schema versions in the [source code](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/parsers/security/validators/schema_validator.rb).
 
-> [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/354928) in GitLab 14.9, and planned for removal in GitLab 15.0.
+<!--- start_remove The following content will be removed on remove_date: '2022-08-22' -->
 
-To enable report artifacts validation, set the `VALIDATE_SCHEMA` environment variable to `"true"`
-for the desired jobs in the `.gitlab-ci.yml` file.
+### Enable security report validation (removed)
 
-For example, to enable validation for only the `sast` job:
+   This feature was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/354928) in GitLab 14.9
+   and [removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85400) in GitLab 15.0.
 
-```yaml
-include:
-  - template: Security/Dependency-Scanning.gitlab-ci.yml
-  - template: Security/License-Scanning.gitlab-ci.yml
-  - template: Security/SAST.gitlab-ci.yml
-  - template: Security/Secret-Detection.gitlab-ci.yml
-stages:
-  - security-scan
-dependency_scanning:
-  stage: security-scan
-license_scanning:
-  stage: security-scan
-sast:
-  stage: security-scan
-  variables:
-    VALIDATE_SCHEMA: "true"
-.secret-analyzer:
-  stage: security-scan
-```
+   <!--- end_remove -->
 
 ## Interact with findings and vulnerabilities
 
@@ -488,17 +467,16 @@ GitLab provides two methods of accomplishing this, each with advantages and disa
 - [Compliance framework pipelines](../project/settings/#compliance-pipeline-configuration)
   are recommended when:
 
-  - Scan execution enforcement is required for SAST or Secret Detection scans that use custom rulesets.
-  - Scan execution enforcement is required for SAST IaC, Dependency Scanning,
+  - Scan execution enforcement is required for any scanner that uses a GitLab template, such as SAST IaC, DAST, Dependency Scanning,
     License Compliance, API Fuzzing, or Coverage-guided Fuzzing.
   - Scan execution enforcement is required for scanners external to GitLab.
-  - Enforced execution is required for custom jobs other than security scans.
+  - Scan execution enforcement is required for custom jobs other than security scans.
 
 - [Scan execution policies](policies/scan-execution-policies.md)
   are recommended when:
 
-  - Scan execution enforcement is required for DAST.
-  - Scan execution enforcement is required for Container Scanning with project-specific variable
+  - Scan execution enforcement is required for DAST which uses a DAST site or scan profile.
+  - Scan execution enforcement is required for SAST, Secret Detection, or Container Scanning with project-specific variable
     customizations. To accomplish this, users must create a separate security policy per project.
   - Scans are required to run on a regular, scheduled cadence.
 
@@ -524,6 +502,8 @@ Feedback is welcome on our vision for [unifying the user experience for these tw
 
 ## Troubleshooting
 
+<!-- NOTE: The below subsection(`### Secure job failing with exit code 1`) documentation URL is referred in the [/gitlab-org/security-products/analyzers/command](https://gitlab.com/gitlab-org/security-products/analyzers/command/-/blob/main/command.go#L19) repository. If this section/subsection changes, please ensure to update the corresponding URL in the mentioned repository.
+-->
 ### Secure job failing with exit code 1
 
 If a Secure job is failing and it's unclear why, add `SECURE_LOG_LEVEL: "debug"` as a global CI/CD variable for
diff --git a/doc/user/application_security/policies/img/policies_list_v15_0.png b/doc/user/application_security/policies/img/policies_list_v15_0.png
deleted file mode 100644
index 4089c311fe4..00000000000
--- a/doc/user/application_security/policies/img/policies_list_v15_0.png
+++ /dev/null
diff --git a/doc/user/application_security/policies/img/policies_list_v15_1.png b/doc/user/application_security/policies/img/policies_list_v15_1.png
new file mode 100644
index 00000000000..23c79a867ec
--- /dev/null
+++ b/doc/user/application_security/policies/img/policies_list_v15_1.png
diff --git a/doc/user/application_security/policies/index.md b/doc/user/application_security/policies/index.md
index 27a6f867ae2..81a9cef885d 100644
--- a/doc/user/application_security/policies/index.md
+++ b/doc/user/application_security/policies/index.md
@@ -81,7 +81,7 @@ status), and create and edit deployed policies:
 1. On the top bar, select **Menu > Projects** and find your project.
 1. On the left sidebar, select **Security & Compliance > Policies**.
 
-![Policies List Page](img/policies_list_v15_0.png)
+![Policies List Page](img/policies_list_v15_1.png)
 
 ## Policy editor
 
diff --git a/doc/user/application_security/policies/scan-execution-policies.md b/doc/user/application_security/policies/scan-execution-policies.md
index 5beb6912877..eb1f9a7c7b8 100644
--- a/doc/user/application_security/policies/scan-execution-policies.md
+++ b/doc/user/application_security/policies/scan-execution-policies.md
@@ -6,10 +6,13 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # Scan execution policies **(ULTIMATE)**
 
-Project owners can use scan execution policies to require that security scans run on a specified
-schedule or with the project pipeline. Required scans are injected into the CI pipeline as new jobs
+> Group-level security policies were [introduced](https://gitlab.com/groups/gitlab-org/-/epics/4425) in GitLab 15.2 [with a flag](../../../administration/feature_flags.md) named `group_level_security_policies`. Enabled by default.
+
+Group, sub-group, or project owners can use scan execution policies to require that security scans run on a specified
+schedule or with the project (or multiple projects if the policy is defined at a group or sub-group level) pipeline. Required scans are injected into the CI pipeline as new jobs
 with a long, random job name. In the unlikely event of a job name collision, the security policy job overwrites
-any pre-existing job in the pipeline.
+any pre-existing job in the pipeline. If a policy is created at the group-level, it will apply to every child
+project or sub-group. A group-level policy cannot be edited from a child project or sub-group.
 
 This feature has some overlap with [compliance framework pipelines](../../project/settings/#compliance-pipeline-configuration),
 as we have not [unified the user experience for these two features](https://gitlab.com/groups/gitlab-org/-/epics/7312).
@@ -25,7 +28,7 @@ an error appears that states `chosen stage does not exist`.
 ## Scan execution policy editor
 
 NOTE:
-Only project Owners have the [permissions](../../permissions.md#project-members-permissions)
+Only group, sub-group, or project Owners have the [permissions](../../permissions.md#project-members-permissions)
 to select Security Policy Project.
 
 Once your policy is complete, save it by selecting **Create via merge request**
@@ -62,7 +65,7 @@ the following sections and tables provide an alternative.
 
 | Field | Type | Possible values | Description |
 |-------|------|-----------------|-------------|
-| `name` | `string` |  | Name of the policy. |
+| `name` | `string` |  | Name of the policy. Maximum of 255 characters.|
 | `description` (optional) | `string` |  | Description of the policy. |
 | `enabled` | `boolean` | `true`, `false` | Flag to enable (`true`) or disable (`false`) the policy. |
 | `rules` | `array` of rules |  | List of rules that the policy applies. |
@@ -85,9 +88,8 @@ This rule enforces the defined actions and schedules a scan on the provided date
 |------------|------|-----------------|-------------|
 | `type`     | `string` | `schedule` | The rule's type. |
 | `branches` | `array` of `string` | `*` or the branch's name | The branch the given policy applies to (supports wildcard). |
-| `cadence`  | `string` | CRON expression (for example, `0 0 * * *`) | A whitespace-separated string containing five fields that represents the scheduled time. |
-| `agents`   | `object` | | The name of the [GitLab agents](../../clusters/agent/index.md) where [cluster image scanning](../../clusters/agent/vulnerabilities.md) will run. The key of the object is the name of the Kubernetes cluster configured for your project in GitLab. In the optionally provided value of the object, you can precisely select Kubernetes resources that are scanned. <!--- start_remove The following content will be removed on remove_date: '2022-08-22' --> |
-| `clusters` (removed) | `object` | | This field was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/356465) in 15.0. Use the `agents` field instead. The cluster where the given policy enforces running selected scans (only for `container_scanning`/`cluster_image_scanning` scans). The key of the object is the name of the Kubernetes cluster configured for your project in GitLab. In the optionally provided value of the object, you can precisely select Kubernetes resources that are scanned. <!--- end_remove --> |
+| `cadence`  | `string` | CRON expression (for example, `0 0 * * *`) | A whitespace-separated string containing five fields that represents the scheduled time. <!--- start_remove The following content will be removed on remove_date: '2022-08-22' --> |
+| `clusters` (removed) | `object` | | This field was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/356465) in 15.0. The cluster where the given policy enforces running selected scans (only for `container_scanning`/`cluster_image_scanning` scans). The key of the object is the name of the Kubernetes cluster configured for your project in GitLab. In the optionally provided value of the object, you can precisely select Kubernetes resources that are scanned. <!--- end_remove --> |
 
 GitLab supports the following types of CRON syntax for the `cadence` field:
 
@@ -96,20 +98,11 @@ GitLab supports the following types of CRON syntax for the `cadence` field:
 
 It is possible that other elements of the CRON syntax will work in the cadence field, however, GitLab does not officially test or support them.
 
-### `agent` schema
-
-Use this schema to define `agents` objects in the [`schedule` rule type](#schedule-rule-type).
-
-| Field        | Type                | Possible values          | Description |
-|--------------|---------------------|--------------------------|-------------|
-| `namespaces` | `array` of `string` | | The namespace that is scanned. If empty, all namespaces will be scanned. |
-
 <!--- start_remove The following content will be removed on remove_date: '2022-08-22' -->
 
 ### `cluster` schema (removed)
 
 This schema was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/356465) in 15.0.
-Use the [`agent` schema](#agent-schema) instead.
 
 Use this schema to define `clusters` objects in the [`schedule` rule type](#schedule-rule-type).
 
@@ -200,24 +193,6 @@ scan_execution_policy:
     variables:
       SAST_EXCLUDED_ANALYZERS: brakeman
   - scan: container_scanning
-- name: Enforce Cluster Image Scanning on production-cluster every 24h
-  description: This policy enforces Cluster Image Scanning scan to run every 24 hours
-  enabled: true
-  rules:
-  - type: schedule
-    cadence: "15 3 * * *"
-    clusters:
-      production-cluster:
-        containers:
-        - database
-        resources:
-        - production-application
-        namespaces:
-        - production-namespace
-        kinds:
-        - deployment
-  actions:
-  - scan: cluster_image_scanning
 ```
 
 In this example:
diff --git a/doc/user/application_security/policies/scan-result-policies.md b/doc/user/application_security/policies/scan-result-policies.md
index 3da884aca6a..3eee4957e2f 100644
--- a/doc/user/application_security/policies/scan-result-policies.md
+++ b/doc/user/application_security/policies/scan-result-policies.md
@@ -56,7 +56,7 @@ the following sections and tables provide an alternative.
 
 | Field | Type | Possible values | Description |
 |-------|------|-----------------|-------------|
-| `name` | `string` |  | Name of the policy. |
+| `name` | `string` |  | Name of the policy. Maximum of 255 characters.|
 | `description` (optional) | `string` |  | Description of the policy. |
 | `enabled` | `boolean` | `true`, `false` | Flag to enable (`true`) or disable (`false`) the policy. |
 | `rules` | `array` of rules |  | List of rules that the policy applies. |
@@ -69,7 +69,7 @@ This rule enforces the defined actions based on the information provided.
 | Field      | Type | Possible values | Description |
 |------------|------|-----------------|-------------|
 | `type`     | `string` | `scan_finding` | The rule's type. |
-| `branches` | `array` of `string` | `[]` or the branch's name | Protected branches for this rule to consider. |
+| `branches` | `array` of `string` | `[]` or the branch's name | Applicable only to protected target branches. An empty array, `[]`, applies the rule to all protected target branches. |
 | `scanners`  | `array` of `string` | `sast`, `secret_detection`, `dependency_scanning`, `container_scanning`, `dast`, `coverage_fuzzing`, `api_fuzzing` | The security scanners for this rule to consider. |
 | `vulnerabilities_allowed`  | `integer` | Greater than or equal to zero | Number of vulnerabilities allowed before this rule is considered. |
 | `severity_levels`  | `array` of `string` | `info`, `unknown`, `low`, `medium`, `high`, `critical`| The severity levels for this rule to consider. |
@@ -84,10 +84,10 @@ the defined policy.
 |-------|------|-----------------|-------------|
 | `type` | `string` | `require_approval` | The action's type. |
 | `approvals_required` | `integer` | Greater than or equal to zero | The number of MR approvals required. |
-| `user_approvers` | `array` of `string` | Username of one of more users | The users to consider as approvers. |
-| `user_approvers_ids` | `array` of `integer` | ID of one of more users | The IDs of users to consider as approvers. |
-| `group_approvers` | `array` of `string` | Path of one of more groups | The groups to consider as approvers. |
-| `group_approvers_ids` | `array` of `integer` | ID of one of more groups | The IDs of groups to consider as approvers. |
+| `user_approvers` | `array` of `string` | Username of one of more users | The users to consider as approvers. Users must have access to the project to be eligible to approve. |
+| `user_approvers_ids` | `array` of `integer` | ID of one of more users | The IDs of users to consider as approvers. Users must have access to the project to be eligible to approve. |
+| `group_approvers` | `array` of `string` | Path of one of more groups | The groups to consider as approvers. Users with [direct membership in the group](../../project/merge_requests/approvals/rules.md#group-approvers) are eligible to approve. |
+| `group_approvers_ids` | `array` of `integer` | ID of one of more groups | The IDs of groups to consider as approvers. Users with [direct membership in the group](../../project/merge_requests/approvals/rules.md#group-approvers) are eligible to approve. |
 
 Requirements and limitations:
 
diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md
index d4dd8059c6a..92dc795afe5 100644
--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@@ -74,41 +74,42 @@ GitLab SAST supports a variety of languages, package managers, and frameworks. O
 
 You can also [view our language roadmap](https://about.gitlab.com/direction/secure/static-analysis/sast/#language-support) and [request other language support by opening an issue](https://gitlab.com/groups/gitlab-org/-/epics/297).
 
-| Language (package managers) / framework                                                                                                           | Scan tool                                                                                                     | Introduced in GitLab Version                                                            |
-|---------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------|
-| .NET Core                                                                                                                                         | [Security Code Scan](https://security-code-scan.github.io)                                                    | 11.0                                                                                    |
-| .NET Framework                                                                                                                                    | [Security Code Scan](https://security-code-scan.github.io)                                                    | 13.0                                                                                    |
-| Apex (Salesforce)                                                                                                                                 | [PMD](https://pmd.github.io/pmd/index.html)                                                                   | 12.1                                                                                    |
-| C                                                                                                                                                 | [Semgrep](https://semgrep.dev)                                                                                | 14.2                                                                                    |
-| C/C++                                                                                                                                             | [Flawfinder](https://github.com/david-a-wheeler/flawfinder)                                                   | 10.7                                                                                    |
-| Elixir (Phoenix)                                                                                                                                  | [Sobelow](https://github.com/nccgroup/sobelow)                                                                | 11.1                                                                                    |
-| Go                                                                                                                                                | [Gosec](https://github.com/securego/gosec)                                                                    | 10.7                                                                                    |
-| Go                                                                                                                                                | [Semgrep](https://semgrep.dev)                                                                                | 14.4                                                                                    |
-| Groovy ([Ant](https://ant.apache.org/), [Gradle](https://gradle.org/), [Maven](https://maven.apache.org/), and [SBT](https://www.scala-sbt.org/)) | [SpotBugs](https://spotbugs.github.io/) with the     [find-sec-bugs](https://find-sec-bugs.github.io/) plugin | 11.3 (Gradle) & 11.9 (Ant, Maven, SBT)                                                  |
-| Helm Charts                                                                                                                                       | [Kubesec](https://github.com/controlplaneio/kubesec)                                                          | 13.1                                                                                    |
-| Java (any build system)                                                                                                                           | [Semgrep](https://semgrep.dev)                                                                                | 14.10                                                                                   |
-| Java ([Ant](https://ant.apache.org/), [Gradle](https://gradle.org/), [Maven](https://maven.apache.org/), and [SBT](https://www.scala-sbt.org/))   | [SpotBugs](https://spotbugs.github.io/) with the [find-sec-bugs](https://find-sec-bugs.github.io/) plugin     | 10.6 (Maven), 10.8 (Gradle) & 11.9 (Ant, SBT)                                           |
-| Java (Android)                                                                                                                                    | [MobSF (beta)](https://github.com/MobSF/Mobile-Security-Framework-MobSF)                                      | 13.5                                                                                    |
-| JavaScript                                                                                                                                        | [ESLint security plugin](https://github.com/nodesecurity/eslint-plugin-security)                              | 11.8                                                                                    |
-| JavaScript                                                                                                                                        | [Semgrep](https://semgrep.dev)                                                                                | 13.10                                                                                   |
-| Kotlin (Android)                                                                                                                                  | [MobSF (beta)](https://github.com/MobSF/Mobile-Security-Framework-MobSF)                                      | 13.5                                                                                    |
-| Kotlin (General)                                                                                                                                  | [SpotBugs](https://spotbugs.github.io/) with the [find-sec-bugs](https://find-sec-bugs.github.io/) plugin     | 13.11                                                                                   |
-| Kubernetes manifests                                                                                                                              | [Kubesec](https://github.com/controlplaneio/kubesec)                                                          | 12.6                                                                                    |
-| Node.js                                                                                                                                           | [NodeJsScan](https://github.com/ajinabraham/NodeJsScan)                                                       | 11.1                                                                                    |
-| Objective-C (iOS)                                                                                                                                 | [MobSF (beta)](https://github.com/MobSF/Mobile-Security-Framework-MobSF)                                      | 13.5                                                                                    |
-| PHP                                                                                                                                               | [phpcs-security-audit](https://github.com/FloeDesignTechnologies/phpcs-security-audit)                        | 10.8                                                                                    |
-| Python ([pip](https://pip.pypa.io/en/stable/))                                                                                                    | [bandit](https://github.com/PyCQA/bandit)                                                                     | 10.3                                                                                    |
-| Python                                                                                                                                            | [Semgrep](https://semgrep.dev)                                                                                | 13.9                                                                                    |
-| React                                                                                                                                             | [ESLint react plugin](https://github.com/yannickcr/eslint-plugin-react)                                       | 12.5                                                                                    |
-| React                                                                                                                                             | [Semgrep](https://semgrep.dev)                                                                                | 13.10                                                                                   |
-| Ruby                                                                                                                                              | [brakeman](https://brakemanscanner.org)                                                                       | 13.9                                                                                    |
-| Ruby on Rails                                                                                                                                     | [brakeman](https://brakemanscanner.org)                                                                       | 10.3                                                                                    |
-| Scala ([Ant](https://ant.apache.org/), [Gradle](https://gradle.org/), [Maven](https://maven.apache.org/), and [SBT](https://www.scala-sbt.org/))  | [SpotBugs](https://spotbugs.github.io/) with the [find-sec-bugs](https://find-sec-bugs.github.io/) plugin     | 11.0 (SBT) & 11.9 (Ant, Gradle, Maven)                                                  |
-| Swift (iOS)                                                                                                                                       | [MobSF (beta)](https://github.com/MobSF/Mobile-Security-Framework-MobSF)                                      | 13.5                                                                                    |
-| TypeScript                                                                                                                                        | [ESLint security plugin](https://github.com/nodesecurity/eslint-plugin-security)                              | 11.9, [merged](https://gitlab.com/gitlab-org/gitlab/-/issues/36059) with ESLint in 13.2 |
-| TypeScript                                                                                                                                        | [Semgrep](https://semgrep.dev)                                                                                | 13.10                                                                                   |
-
-Note that the Java analyzers can also be used for variants like the
+| Language (package managers) / framework        | Scan tool                                                                                                 | Introduced in GitLab Version                                                            |
+|------------------------------------------------|-----------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------|
+| .NET Core                                      | [Security Code Scan](https://security-code-scan.github.io)                                                | 11.0                                                                                    |
+| .NET Framework<sup>1</sup>                     | [Security Code Scan](https://security-code-scan.github.io)                                                | 13.0                                                                                    |
+| Apex (Salesforce)                              | [PMD](https://pmd.github.io/pmd/index.html)                                                               | 12.1                                                                                    |
+| C                                              | [Semgrep](https://semgrep.dev)                                                                            | 14.2                                                                                    |
+| C/C++                                          | [Flawfinder](https://github.com/david-a-wheeler/flawfinder)                                               | 10.7                                                                                    |
+| Elixir (Phoenix)                               | [Sobelow](https://github.com/nccgroup/sobelow)                                                            | 11.1                                                                                    |
+| Go                                             | [Gosec](https://github.com/securego/gosec)                                                                | 10.7                                                                                    |
+| Go                                             | [Semgrep](https://semgrep.dev)                                                                            | 14.4                                                                                    |
+| Groovy<sup>2</sup>                             | [SpotBugs](https://spotbugs.github.io/) with the [find-sec-bugs](https://find-sec-bugs.github.io/) plugin | 11.3 (Gradle) & 11.9 (Ant, Maven, SBT)                                                  |
+| Helm Charts                                    | [Kubesec](https://github.com/controlplaneio/kubesec)                                                      | 13.1                                                                                    |
+| Java (any build system)                        | [Semgrep](https://semgrep.dev)                                                                            | 14.10                                                                                   |
+| Java<sup>2</sup>                               | [SpotBugs](https://spotbugs.github.io/) with the [find-sec-bugs](https://find-sec-bugs.github.io/) plugin | 10.6 (Maven), 10.8 (Gradle) & 11.9 (Ant, SBT)                                           |
+| Java (Android)                                 | [MobSF (beta)](https://github.com/MobSF/Mobile-Security-Framework-MobSF)                                  | 13.5                                                                                    |
+| JavaScript                                     | [ESLint security plugin](https://github.com/nodesecurity/eslint-plugin-security)                          | 11.8                                                                                    |
+| JavaScript                                     | [Semgrep](https://semgrep.dev)                                                                            | 13.10                                                                                   |
+| Kotlin (Android)                               | [MobSF (beta)](https://github.com/MobSF/Mobile-Security-Framework-MobSF)                                  | 13.5                                                                                    |
+| Kotlin (General)<sup>2</sup>                   | [SpotBugs](https://spotbugs.github.io/) with the [find-sec-bugs](https://find-sec-bugs.github.io/) plugin | 13.11                                                                                   |
+| Kubernetes manifests                           | [Kubesec](https://github.com/controlplaneio/kubesec)                                                      | 12.6                                                                                    |
+| Node.js                                        | [NodeJsScan](https://github.com/ajinabraham/NodeJsScan)                                                   | 11.1                                                                                    |
+| Objective-C (iOS)                              | [MobSF (beta)](https://github.com/MobSF/Mobile-Security-Framework-MobSF)                                  | 13.5                                                                                    |
+| PHP                                            | [phpcs-security-audit](https://github.com/FloeDesignTechnologies/phpcs-security-audit)                    | 10.8                                                                                    |
+| Python ([pip](https://pip.pypa.io/en/stable/)) | [bandit](https://github.com/PyCQA/bandit)                                                                 | 10.3                                                                                    |
+| Python                                         | [Semgrep](https://semgrep.dev)                                                                            | 13.9                                                                                    |
+| React                                          | [ESLint react plugin](https://github.com/yannickcr/eslint-plugin-react)                                   | 12.5                                                                                    |
+| React                                          | [Semgrep](https://semgrep.dev)                                                                            | 13.10                                                                                   |
+| Ruby                                           | [brakeman](https://brakemanscanner.org)                                                                   | 13.9                                                                                    |
+| Ruby on Rails                                  | [brakeman](https://brakemanscanner.org)                                                                   | 10.3                                                                                    |
+| Scala<sup>2</sup>                              | [SpotBugs](https://spotbugs.github.io/) with the [find-sec-bugs](https://find-sec-bugs.github.io/) plugin | 11.0 (SBT) & 11.9 (Ant, Gradle, Maven)                                                  |
+| Swift (iOS)                                    | [MobSF (beta)](https://github.com/MobSF/Mobile-Security-Framework-MobSF)                                  | 13.5                                                                                    |
+| TypeScript                                     | [ESLint security plugin](https://github.com/nodesecurity/eslint-plugin-security)                          | 11.9, [merged](https://gitlab.com/gitlab-org/gitlab/-/issues/36059) with ESLint in 13.2 |
+| TypeScript                                     | [Semgrep](https://semgrep.dev)                                                                            | 13.10                                                                                   |
+
+1. .NET 4 support is limited. The analyzer runs in a Linux container and does not have access to Windows-specific libraries or features. We currently plan to [migrate C# coverage to Semgrep-based scanning](https://gitlab.com/gitlab-org/gitlab/-/issues/347258) to make it easier to scan C# projects.
+1. The SpotBugs-based analyzer supports [Ant](https://ant.apache.org/), [Gradle](https://gradle.org/), [Maven](https://maven.apache.org/), and [SBT](https://www.scala-sbt.org/). It can also be used with variants like the
 [Gradle wrapper](https://docs.gradle.org/current/userguide/gradle_wrapper.html),
 [Grails](https://grails.org/),
 and the [Maven wrapper](https://github.com/takari/maven-wrapper).
@@ -146,8 +147,8 @@ The default scanner images are build off a base Alpine image for size and mainta
 
 > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/6479) in GitLab 14.10.
 
-GitLab offers [Red Hat UBI](https://www.redhat.com/en/blog/introducing-red-hat-universal-base-image)
-versions of the images that are FIPS-enabled. To use the FIPS-enabled images, you can either:
+GitLab offers an image version, based on the [Red Hat UBI](https://www.redhat.com/en/blog/introducing-red-hat-universal-base-image) base image,
+that uses a FIPS 140-validated cryptographic module. To use the FIPS-enabled image, you can either:
 
 - Set the `SAST_IMAGE_SUFFIX` to `-fips`.
 - Add the `-fips` extension to the default image name.
@@ -162,6 +163,10 @@ include:
   - template: Security/SAST.gitlab-ci.yml
 ```
 
+A FIPS-compliant image is only available for the Semgrep-based analyzer.
+
+To use SAST in a FIPS-compliant manner, you must [exclude other analyzers from running](analyzers.md#customize-analyzers).
+
 ### Making SAST analyzers available to all GitLab tiers
 
 All open source (OSS) analyzers have been moved to the GitLab Free tier as of GitLab 13.3.
@@ -836,6 +841,11 @@ spotbugs-sast:
 SAST can be configured using the [`variables`](../../../ci/yaml/index.md#variables) parameter in
 `.gitlab-ci.yml`.
 
+WARNING:
+All customization of GitLab security scanning tools should be tested in a merge request before
+merging these changes to the default branch. Failure to do so can give unexpected results,
+including a large number of false positives.
+
 The following example includes the SAST template to override the `SAST_GOSEC_LEVEL`
 variable to `2`. The template is [evaluated before](../../../ci/yaml/index.md#include) the pipeline
 configuration, so the last mention of the variable takes precedence.
diff --git a/doc/user/application_security/secret_detection/index.md b/doc/user/application_security/secret_detection/index.md
index 9805fb3b67c..02d50b0a857 100644
--- a/doc/user/application_security/secret_detection/index.md
+++ b/doc/user/application_security/secret_detection/index.md
@@ -157,6 +157,11 @@ The Secret Detection scan settings can be changed through [CI/CD variables](#ava
 by using the
 [`variables`](../../../ci/yaml/index.md#variables) parameter in `.gitlab-ci.yml`.
 
+WARNING:
+All customization of GitLab security scanning tools should be tested in a merge request before
+merging these changes to the default branch. Failure to do so can give unexpected results,
+including a large number of false positives.
+
 To override a job definition, (for example, change properties like `variables` or `dependencies`),
 declare a job with the same name as the secret detection job to override. Place this new job after the template
 inclusion and specify any additional keys under it.
diff --git a/doc/user/application_security/security_dashboard/index.md b/doc/user/application_security/security_dashboard/index.md
index 3cb4bd4a02d..f3c834e06c7 100644
--- a/doc/user/application_security/security_dashboard/index.md
+++ b/doc/user/application_security/security_dashboard/index.md
@@ -42,57 +42,6 @@ To reduce false negatives in [dependency scans](../../../user/application_securi
   - Python projects can have lock files, but GitLab Secure tools don't support them.
 - Configure your project for [Continuous Delivery](../../../ci/introduction/index.md).
 
-## View vulnerabilities in a pipeline
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13496) in GitLab 12.3.
-
-To view vulnerabilities in a pipeline:
-
-1. On the top bar, select **Menu > Projects** and find your project.
-1. On the left sidebar, select **CI/CD > Pipelines**.
-1. From the list, select the pipeline you want to check for vulnerabilities.
-1. Select the **Security** tab.
-
-**Scan details** shows vulnerabilities introduced by the merge request, in addition to existing vulnerabilities
-from the latest successful pipeline in your project's default branch.
-
-A pipeline consists of multiple jobs, such as SAST and DAST scans. If a job fails to finish,
-the security dashboard doesn't show SAST scanner output. For example, if the SAST
-job finishes but the DAST job fails, the security dashboard doesn't show SAST results. On failure,
-the analyzer outputs an [exit code](../../../development/integrations/secure.md#exit-code).
-
-## View total number of vulnerabilities per scan
-
-To view the total number of vulnerabilities per scan:
-
-1. On the top bar, select **Menu > Projects** and find your project.
-1. On the left sidebar, select **CI/CD > Pipelines**.
-1. Select the **Status** of a branch.
-1. Select the **Security** tab.
-
-**Scan details** shows vulnerabilities introduced by the merge request, in addition to existing vulnerabilities
-from the latest successful pipeline in your project's default branch.
-
-### Download security scan outputs
-
-> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3728) in GitLab 13.10.
-> - [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/333660) in GitLab 14.2.
-
-Depending on the type of security scanner, you can download:
-
-- A JSON artifact that contains the security scanner [report](../../../development/integrations/secure.md#report).
-- A CSV file that contains URLs and endpoints scanned by the security scanner.
-
-To download a security scan output:
-
-1. On the top bar, select **Menu > Projects** and find your project.
-1. On the left sidebar, select **CI/CD > Pipelines**.
-1. Select the **Status** of a branch.
-1. Select the **Security** tab.
-1. In **Scan details**, select **Download results**:
-   - To download a JSON file, select the JSON artifact.
-   - To download a CSV file, select **Download scanned resources**.
-
 ## View vulnerabilities over time for a project
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/235558) in GitLab 13.6.
diff --git a/doc/user/application_security/terminology/index.md b/doc/user/application_security/terminology/index.md
index 392bfa1dde2..d50cce3b4e8 100644
--- a/doc/user/application_security/terminology/index.md
+++ b/doc/user/application_security/terminology/index.md
@@ -220,11 +220,12 @@ once it's imported into the database.
 
 The type of scan. This must be one of the following:
 
+- `cluster_image_scanning`
 - `container_scanning`
-- `dependency_scanning`
 - `dast`
+- `dependency_scanning`
 - `sast`
-- `cluster_image_scanning`
+- `secret_detection`
 
 ### Scanner
 
diff --git a/doc/user/application_security/vulnerabilities/index.md b/doc/user/application_security/vulnerabilities/index.md
index f5b1192269d..f0ac01000ef 100644
--- a/doc/user/application_security/vulnerabilities/index.md
+++ b/doc/user/application_security/vulnerabilities/index.md
@@ -153,7 +153,7 @@ The following scanners are supported by this feature:
 
 - [Dependency Scanning](../dependency_scanning/index.md).
   Automatic Patch creation is only available for Node.js projects managed with
-  `yarn`.
+  `yarn` when [FIPS mode](../../../development/fips_compliance.md#enable-fips-mode) is disabled.
 - [Container Scanning](../container_scanning/index.md).
 
 To resolve a vulnerability, you can either:
@@ -206,7 +206,12 @@ To enable security training for vulnerabilities in your project:
 
 > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/6176) in GitLab 14.9.
 
-If security training is enabled, the vulnerability page includes a training link relevant to the detected vulnerability.
+The vulnerability page may include a training link relevant to the detected vulnerability if security training is enabled.
+The availability of training depends on whether the enabled training vendor has content matching the particular vulnerability.
+Training content is requested based on the [vulnerability identifiers](../../../development/integrations/secure.md#identifiers).
+The identifier given to a vulnerability will vary from one vulnerability to the next. The available training
+content varies between vendors. This means some vulnerabilities will display no training content.
+Vulnerabilities with a CWE are most likely to return a training result.
 
 To view the security training for a vulnerability:
 
diff --git a/doc/user/application_security/vulnerability_report/pipeline.md b/doc/user/application_security/vulnerability_report/pipeline.md
new file mode 100644
index 00000000000..14c13f74a5e
--- /dev/null
+++ b/doc/user/application_security/vulnerability_report/pipeline.md
@@ -0,0 +1,141 @@
+---
+type: reference, howto
+stage: Secure
+group: Threat Insights
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# View vulnerabilities in a pipeline
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13496) in GitLab 12.3.
+
+To view vulnerabilities in a pipeline:
+
+1. On the top bar, select **Menu > Projects** and find your project.
+1. On the left sidebar, select **CI/CD > Pipelines**.
+1. From the list, select the pipeline you want to check for vulnerabilities.
+1. Select the **Security** tab.
+
+A pipeline consists of multiple jobs, which may include security scans. When a job declares and produces security scan
+reports using [`artifacts:reports`](../../../ci/yaml/artifacts_reports.md), GitLab parses and ingests the contents of
+these reports to create vulnerabilities associated with the project the pipeline belongs to.
+
+If a job fails to finish, the pipeline vulnerability report doesn't show vulnerability findings detected by this job.
+For example, if a pipeline contains DAST and SAST jobs, but the DAST job fails by returning a non-zero
+[exit code](../../../development/integrations/secure.md#exit-code), the report doesn't show DAST results.
+
+The pipeline vulnerability report only shows results contained in the security report artifacts. This report differs from
+the [Vulnerability Report](index.md), which contains cumulative results of all successful jobs, and from the merge request
+[security widget](../#view-security-scan-information-in-merge-requests), which combines the branch results with
+cumulative results.
+
+Before GitLab displays results, the vulnerability findings in all pipeline reports are [deduplicated](#deduplication-process).
+
+## Scan details
+
+**Scan details** shows a summary of vulnerability findings in the pipeline and the source reports.
+
+GitLab displays one row of information for each [scan type](../terminology/#scan-type-report-type) artifact present in
+the pipeline.
+
+Note that each scan type's total number of vulnerabilities includes dismissed findings. If the number of findings
+in the report doesn't match the number in **Scan details**, ensure that **Hide dismissed** is disabled.
+
+### Download security scan outputs
+
+> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3728) in GitLab 13.10.
+> - [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/333660) in GitLab 14.2.
+
+Depending on the type of security scanner, you can download:
+
+- A JSON artifact that contains the security scanner [report](../../../development/integrations/secure.md#report).
+- A CSV file that contains URLs and endpoints scanned by the security scanner.
+
+To download a security scan output:
+
+1. In **Scan details**, select **Download results**:
+    - To download a JSON file, select the JSON artifact.
+    - To download a CSV file, select **Download scanned resources**.
+
+## Scan results
+
+This shows a list of the combined results for all security report artifacts. The filters work like the
+[Vulnerability Report filters](index.md#vulnerability-report-filters), but they are limited to **Severity** and **Tool**, with 
+the addition of a **Hide dismissed** toggle.
+
+When you review the vulnerability findings reported in the pipeline, you can select one or more entries for dismissal, 
+similar to [Dismissing a vulnerability](index.md#dismissing-a-vulnerability) in the Vulnerability Report.
+
+When you merge the branch corresponding to the pipeline into the default branch, all reported findings are combined into
+the [Vulnerability Report](index.md). Scan results in pipelines executed on the default branch are 
+incorporated once the pipeline finishes.
+
+| Existing vulnerability status | Dismissed in pipeline? | New vulnerability status |
+|:------------------------------|:-----------------------|:-------------------------|
+| any                           | Yes                    | Dismissed                |
+| Dismissed                     | any                    | Dismissed                |
+| Confirmed                     | No                     | Confirmed                |
+| Needs triage (Detected)       | No                     | Needs triage (Detected)  |
+| Resolved                      | No                     | Needs triage (Detected)  |
+| N/A (i.e.: new vulnerability) | No                     | Needs triage (Detected)  |
+
+## Deduplication process
+
+When a pipeline contains jobs that produce multiple security reports of the same type, it is possible that the same
+vulnerability finding is present in multiple reports. This duplication is common when different scanners are used to
+increase coverage. The deduplication process allows you to maximize the vulnerability scanning coverage while reducing
+the number of findings you need to manage.
+
+A finding is considered a duplicate of another finding when their [scan type](../terminology/#scan-type-report-type),
+[location](../terminology/#location-fingerprint) and
+[identifiers](../../../development/integrations/secure.md#identifiers) are the same.
+
+The scan type must match because each can have its own definition for the location of a vulnerability. For example,
+static analyzers are able to locate a file path and line number, whereas a container scanning analyzer uses the image
+name instead.
+
+When comparing identifiers, GitLab does not compare `CWE` and `WASC` during deduplication because they are
+"type identifiers" and are used to classify groups of vulnerabilities. Including these identifiers results in
+many findings being incorrectly considered duplicates.
+
+In a set of duplicated findings, the first occurrence of a finding is kept and the remaining are skipped. Security
+reports are processed in alphabetical file path order, and findings are processed sequentially in the order they
+appear in a report.
+
+### Deduplication examples
+
+- Example 1: matching identifiers and location, mismatching scan type.
+  - Finding
+    - Scan type: `sast`
+    - Location fingerprint: `adc83b19e793491b1c6ea0fd8b46cd9f32e592fc`
+    - Identifiers: CVE-2022-25510
+  - Other Finding
+    - Scan type: `secret_detection`
+    - Location fingerprint: `adc83b19e793491b1c6ea0fd8b46cd9f32e592fc`
+    - Identifiers: CVE-2022-25510
+  - Deduplication result: not duplicates because the scan type is different.
+- Example 2: matching location and scan type, mismatching type identifiers.
+  - Finding
+    - Scan type: `sast`
+    - Location fingerprint: `adc83b19e793491b1c6ea0fd8b46cd9f32e592fc`
+    - Identifiers: CWE-259
+  - Other Finding
+    - Scan type: `sast`
+    - Location fingerprint: `adc83b19e793491b1c6ea0fd8b46cd9f32e592fc`
+    - Identifiers: CWE-798
+  - Deduplication result: duplicates because `CWE` identifiers are ignored.
+- Example 3: matching scan type, location and identifiers.
+  - Finding
+    - Scan type: `container_scanning`
+    - Location fingerprint: `adc83b19e793491b1c6ea0fd8b46cd9f32e592fc`
+    - Identifiers: CVE-2022-25510, CWE-259
+  - Other Finding
+    - Scan type: `container_scanning`
+    - Location fingerprint: `adc83b19e793491b1c6ea0fd8b46cd9f32e592fc`
+    - Identifiers: CVE-2022-25510, CWE-798
+  - Deduplication result: duplicates because all criteria match, and type identifiers are ignored.
+
+The examples above don't include the raw location values. Each scan type defines its own
+`fingerprint_data`, which is used to generate a `SHA1` hash that is used as the `location_fingerprint`.
+You can find definitions for each scan type [`gitlab/lib/gitlab/ci/reports/security/locations`](https://gitlab.com/gitlab-org/gitlab/-/tree/01c69e97340b7c1c7e30c0caec8506910b6503c8/lib/gitlab/ci/reports/security/locations)
+and [`gitlab/ee/lib/gitlab/ci/reports/security/locations`](https://gitlab.com/gitlab-org/gitlab/-/tree/01c69e97340b7c1c7e30c0caec8506910b6503c8/ee/lib/gitlab/ci/reports/security/locations).
diff --git a/doc/user/clusters/agent/ci_cd_workflow.md b/doc/user/clusters/agent/ci_cd_workflow.md
index c04c5a1f7ec..dce02a72300 100644
--- a/doc/user/clusters/agent/ci_cd_workflow.md
+++ b/doc/user/clusters/agent/ci_cd_workflow.md
@@ -42,17 +42,19 @@ If you have multiple GitLab projects that contain Kubernetes manifests:
 1. [Install the GitLab agent](install/index.md) in its own project, or in one of the
    GitLab projects where you keep Kubernetes manifests.
 1. [Authorize the agent](#authorize-the-agent) to access your GitLab projects.
-1. Optional. For added security, [use impersonation](#use-impersonation-to-restrict-project-and-group-access).
+1. Optional. For added security, [use impersonation](#restrict-project-and-group-access-by-using-impersonation).
 1. [Update your `.gitlab-ci.yml` file](#update-your-gitlab-ciyml-file-to-run-kubectl-commands) to
    select the agent's Kubernetes context and run the Kubernetes API commands.
 1. Run your pipeline to deploy to or update the cluster.
 
 ## Authorize the agent
 
-You must authorize the agent to access the project where you keep your Kubernetes manifests.
+If you have multiple GitLab projects, you must authorize the agent to access the project where you keep your Kubernetes manifests.
 You can authorize the agent to access individual projects, or authorize a group or subgroup,
 so all projects within have access. For added security, you can also
-[use impersonation](#use-impersonation-to-restrict-project-and-group-access).
+[use impersonation](#restrict-project-and-group-access-by-using-impersonation).
+
+Authorization configuration can take one or two minutes to propagate.
 
 ### Authorize the agent to access your projects
 
@@ -60,7 +62,7 @@ so all projects within have access. For added security, you can also
 
 To authorize the agent to access the GitLab project where you keep Kubernetes manifests:
 
-1. On the top bar, select **Menu > Projects** and find the project that contains the agent configuration file (`config.yaml`).
+1. On the top bar, select **Menu > Projects** and find the project that contains the [agent configuration file](install/index.md#create-an-agent-configuration-file) (`config.yaml`).
 1. Edit the `config.yaml` file. Under the `ci_access` keyword, add the `projects` attribute.
 1. For the `id`, add the path:
 
@@ -83,7 +85,7 @@ Choose the context to run `kubectl` commands from your CI/CD scripts.
 
 To authorize the agent to access all of the GitLab projects in a group or subgroup:
 
-1. On the top bar, select **Menu > Projects** and find the project that contains the agent configuration file (`config.yaml`).
+1. On the top bar, select **Menu > Projects** and find the project that contains the [agent configuration file](install/index.md#create-an-agent-configuration-file) (`config.yaml`).
 1. Edit the `config.yaml` file. Under the `ci_access` keyword, add the `groups` attribute.
 1. For the `id`, add the path:
 
@@ -154,7 +156,7 @@ deploy:
   # ... rest of your job configuration
 ```
 
-## Use impersonation to restrict project and group access **(PREMIUM)**
+## Restrict project and group access by using impersonation **(PREMIUM)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/345014) in GitLab 14.5.
 
@@ -170,6 +172,8 @@ You can impersonate:
 - The CI/CD job that accesses the cluster.
 - A specific user or system account defined within the cluster.
 
+Authorization configuration can take one or two minutes to propagate.
+
 ### Impersonate the agent
 
 The agent is impersonated by default. You don't need to do anything to impersonate it.
@@ -220,6 +224,24 @@ ci_access:
         ci_job: {}
 ```
 
+#### Example RBAC to restrict CI/CD jobs
+
+The following `RoleBinding` resource restricts all CI/CD jobs to view rights only.
+
+```yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: ci-job-view
+roleRef:
+  name: view
+  kind: ClusterRole
+  apiGroup: rbac.authorization.k8s.io
+subjects:
+  - name: gitlab:ci_job
+    kind: Group
+```
+
 ### Impersonate a static identity
 
 For a given connection, you can use a static identity for the impersonation.
diff --git a/doc/user/clusters/agent/gitops.md b/doc/user/clusters/agent/gitops.md
index 64eae308bec..73a35ffbc64 100644
--- a/doc/user/clusters/agent/gitops.md
+++ b/doc/user/clusters/agent/gitops.md
@@ -57,7 +57,7 @@ Any time you commit updates to your Kubernetes manifests, the agent updates the
 
 ## GitOps configuration reference
 
-The following snippet shows an example of the possible keys and values for the GitOps section of an agent configuration file.
+The following snippet shows an example of the possible keys and values for the GitOps section of an [agent configuration file](install/index.md#create-an-agent-configuration-file) (`config.yaml`).
 
 ```yaml
 gitops:
diff --git a/doc/user/clusters/agent/index.md b/doc/user/clusters/agent/index.md
index 5a69da28632..0d2b68e154d 100644
--- a/doc/user/clusters/agent/index.md
+++ b/doc/user/clusters/agent/index.md
@@ -43,21 +43,17 @@ This workflow is considered push-based, because GitLab is pushing requests from
 GitLab supports the following Kubernetes versions. You can upgrade your
 Kubernetes version to a supported version at any time:
 
-- 1.22 (support ends on March 22, 2023)
-- 1.21 (support ends on November 22, 2022)
-- 1.20 (support ends on July 22, 2022)
+- 1.24 (support ends on September 22, 2023 or when 1.27 becomes supported)
+- 1.23 (support ends on February 22, 2023 or when 1.26 becomes supported)
+- 1.22 (support ends on October 22, 2022)
+- 1.21 (support ends on August 22, 2022)
 
-GitLab supports at least two production-ready Kubernetes minor
-versions at any given time. GitLab regularly reviews the supported versions and
-provides a three-month deprecation period before removing support for a specific
-version. The list of supported versions is based on:
+GitLab aims to support a new minor Kubernetes version three months after its initial release. GitLab supports at least three production-ready Kubernetes minor
+versions at any given time.
 
-- The versions supported by major managed Kubernetes providers.
-- The versions [supported by the Kubernetes community](https://kubernetes.io/releases/version-skew-policy/#supported-versions).
+Support for deprecated APIs can be removed from the GitLab codebase when we drop support for the Kubernetes version that only supports the deprecated API.
 
-[This epic](https://gitlab.com/groups/gitlab-org/-/epics/4827) tracks support for other Kubernetes versions.
-
-Some GitLab features might work on versions not listed here.
+Some GitLab features might work on versions not listed here. [This epic](https://gitlab.com/groups/gitlab-org/-/epics/4827) tracks support for Kubernetes versions.
 
 ## Migrate to the agent from the legacy certificate-based integration
 
diff --git a/doc/user/clusters/agent/install/index.md b/doc/user/clusters/agent/install/index.md
index 6c839f5ffc6..9282ac7fb40 100644
--- a/doc/user/clusters/agent/install/index.md
+++ b/doc/user/clusters/agent/install/index.md
@@ -89,8 +89,12 @@ You must register an agent before you can install the agent in your cluster. To
    - If you want to create a configuration with CI/CD defaults, type a name.
    - If you already have an [agent configuration file](#create-an-agent-configuration-file), select it from the list.
 1. Select **Register an agent**.
-1. GitLab generates an access token for the agent. Securely store this token. You need it to install the agent
+1. GitLab generates an access token for the agent. You need this token to install the agent
    in your cluster and to [update the agent](#update-the-agent-version) to another version.
+
+   WARNING:
+   Securely store the agent access token. A bad actor can use this token to access source code in the agent's configuration project, access source code in any public project on the GitLab instance, or even, under very specific conditions, obtain a Kubernetes manifest.
+
 1. Copy the command under **Recommended installation method**. You need it when you use
    the one-liner installation method to install the agent in your cluster.
 
@@ -154,8 +158,9 @@ GitLab also provides a [KPT package for the agent](https://gitlab.com/gitlab-org
 
 To configure your agent, add content to the `config.yaml` file:
 
-- [View the configuration reference](../gitops.md#gitops-configuration-reference) for a GitOps workflow.
-- [View the configuration reference](../ci_cd_workflow.md) for a GitLab CI/CD workflow.
+- For a GitOps workflow, [view the configuration reference](../gitops.md#gitops-configuration-reference).
+- For a GitLab CI/CD workflow, [authorize the agent to access your projects](../ci_cd_workflow.md#authorize-the-agent). Then
+  [add `kubectl` commands to your `.gitlab-ci.yml` file](../ci_cd_workflow.md#update-your-gitlab-ciyml-file-to-run-kubectl-commands).
 
 ## Install multiple agents in your cluster
 
diff --git a/doc/user/clusters/agent/troubleshooting.md b/doc/user/clusters/agent/troubleshooting.md
index 0932e9179f9..0596755ec74 100644
--- a/doc/user/clusters/agent/troubleshooting.md
+++ b/doc/user/clusters/agent/troubleshooting.md
@@ -186,3 +186,25 @@ Alternatively, you can mount the certificate file at a different location and sp
 
 This error occurs when the project where you keep your manifests is not public. To fix it, make sure your project is public or your manifest files
 are stored in the repository where the agent is configured.
+
+## Failed to perform vulnerability scan on workload: jobs.batch already exists
+
+```json
+{
+  "level": "error",
+  "time": "2022-06-22T21:03:04.769Z",
+  "msg": "Failed to perform vulnerability scan on workload",
+  "mod_name": "starboard_vulnerability",
+  "error": "running scan job: creating job: jobs.batch \"scan-vulnerabilityreport-b8d497769\" already exists"
+}
+```
+
+The GitLab agent performs vulnerability scans by creating a job to scan each workload. If a scan
+is interrupted, these jobs may be left behind and will need to be cleaned up before more jobs can
+be run. You can clean up these jobs by running:
+
+```shell
+kubectl delete jobs -l app.kubernetes.io/managed-by=starboard -n gitlab-agent
+```
+
+[We're working on making the cleanup of these jobs more robust.](https://gitlab.com/gitlab-org/gitlab/-/issues/362016)
diff --git a/doc/user/clusters/agent/vulnerabilities.md b/doc/user/clusters/agent/vulnerabilities.md
index 706ed122f7b..3b80a7a0f81 100644
--- a/doc/user/clusters/agent/vulnerabilities.md
+++ b/doc/user/clusters/agent/vulnerabilities.md
@@ -11,26 +11,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 To view cluster vulnerabilities, you can view the [vulnerability report](../../application_security/vulnerabilities/index.md).
 You can also configure your agent so the vulnerabilities are displayed with other agent information in GitLab.
 
-## View cluster vulnerabilities
-
-Prerequisite:
-
-- You must have at least the Developer role.
-
-To view vulnerability information in GitLab:
-
-1. On the top bar, select **Menu > Projects** and find the project that contains the agent configuration file.
-1. On the left sidebar, select **Infrastructure > Kubernetes clusters**.
-1. Select the **Agent** tab.
-1. Select the agent you want to see the vulnerabilities for.
-
-![Cluster agent security tab UI](../img/cluster_agent_security_tab_v14_8.png)
-
-This information can also be found under [operational vulnerabilities](../../../user/application_security/vulnerability_report/index.md#operational-vulnerabilities).
-
-## Enable cluster vulnerability scanning **(ULTIMATE)**
+## Enable operational container scanning **(ULTIMATE)**
 
-You can use [cluster image scanning](../../application_security/cluster_image_scanning/index.md)
+You can use operational container scanning
 to scan container images in your cluster for security vulnerabilities.
 
 To begin scanning all resources in your cluster, add a `starboard`
@@ -49,7 +32,7 @@ The `cadence` field is required. GitLab supports the following types of CRON syn
 
 It is possible that other elements of the CRON syntax will work in the cadence field, however, GitLab does not officially test or support them.
 
-By default, cluster image scanning will attempt to scan the workloads in all
+By default, operational container scanning will attempt to scan the workloads in all
 namespaces for vulnerabilities. The `vulnerability_report` block has a `namespaces`
 field which can be used to restrict which namespaces are scanned. For example,
 if you would like to scan only the `development`, `staging`, and `production`
@@ -64,3 +47,20 @@ starboard:
       - staging
       - production
 ```
+
+## View cluster vulnerabilities
+
+Prerequisite:
+
+- You must have at least the Developer role.
+
+To view vulnerability information in GitLab:
+
+1. On the top bar, select **Menu > Projects** and find the project that contains the agent configuration file.
+1. On the left sidebar, select **Infrastructure > Kubernetes clusters**.
+1. Select the **Agent** tab.
+1. Select an agent to view the cluster vulnerabilities.
+
+![Cluster agent security tab UI](../img/cluster_agent_security_tab_v14_8.png)
+
+This information can also be found under [operational vulnerabilities](../../../user/application_security/vulnerability_report/index.md#operational-vulnerabilities).
diff --git a/doc/user/clusters/agent/work_with_agent.md b/doc/user/clusters/agent/work_with_agent.md
index 8872ecf7ce5..058243ec218 100644
--- a/doc/user/clusters/agent/work_with_agent.md
+++ b/doc/user/clusters/agent/work_with_agent.md
@@ -53,24 +53,40 @@ View and provide feedback about the UI in [this epic](https://gitlab.com/groups/
 
 ## Debug the agent
 
+> The `grpc_level` was [introduced](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/merge_requests/669) in GitLab 15.1.
+
 To debug the cluster-side component (`agentk`) of the agent, set the log
 level according to the available options:
 
-- `off`
-- `warning`
 - `error`
+- `warning`
 - `info`
 - `debug`
 
-The log level defaults to `info`. You can change it by using a top-level `observability`
-section in the configuration file, for example:
+The agent has two loggers:
+
+- A general purpose logger, which defaults to `info`.
+- A gRPC logger, which defaults to `error`.
+
+One can change their log levels by using a top-level `observability` section in the [agent configuration file](install/index.md#configure-your-agent), for example setting the levels to `debug` and `warning`:
 
 ```yaml
 observability:
   logging:
     level: debug
+    grpc_level: warning
 ```
 
+When `grpc_level` is set to `info` or below, there will be a lot of gRPC logs.
+
+Commit the configuration changes and inspect the agent service logs:
+
+```shell
+kubectl logs -f -l=app=gitlab-agent -n gitlab-agent
+```
+
+For more information about debugging, see [troubleshooting documentation](troubleshooting.md).
+
 ## Reset the agent token
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/327152) in GitLab 14.9.
diff --git a/doc/user/clusters/integrations.md b/doc/user/clusters/integrations.md
index 94fb443e0fb..c7597896575 100644
--- a/doc/user/clusters/integrations.md
+++ b/doc/user/clusters/integrations.md
@@ -28,13 +28,11 @@ You can install your applications manually as shown in the following sections, o
 installation.
 
 Although, the [Cluster management project template](management_project_template.md) still
-requires that you manually do the last steps of these sections,
-[Enable Prometheus integration for your cluster](#enable-prometheus-integration-for-your-cluster)
-or [Enable Elastic Stack integration for your cluster](#enable-elastic-stack-integration-for-your-cluster)
-depending on which application you are installing. [An issue exists](https://gitlab.com/gitlab-org/gitlab/-/issues/326565)
+requires that you manually do the last steps of this section,
+[Enable Prometheus integration for your cluster](#enable-prometheus-integration-for-your-cluster). [An issue exists](https://gitlab.com/gitlab-org/gitlab/-/issues/326565)
 to automate this step.
 
-Prometheus and Elastic Stack cluster integrations can only be enabled for clusters [connected through cluster certificates](../project/clusters/add_existing_cluster.md).
+Prometheus cluster integrations can only be enabled for clusters [connected through cluster certificates](../project/clusters/add_existing_cluster.md).
 
 To enable Prometheus for your cluster connected through the [GitLab agent](agent/index.md), you can [integrate it manually](../project/integrations/prometheus.md#manual-configuration-of-prometheus).
 
@@ -100,70 +98,3 @@ To enable the Prometheus integration for your cluster:
 1. Check the **Enable Prometheus integration** checkbox.
 1. Select **Save changes**.
 1. Go to the **Health** tab to see your cluster's metrics.
-
-## Elastic Stack cluster integration **(FREE SELF)**
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61077) in GitLab 13.12.
-> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/346485) in GitLab 14.7.
-> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/360182) behind a [feature flag](../../administration/feature_flags.md) named `monitor_logging` in GitLab 15.0. Disabled by default.
-
-WARNING:
-This feature is in its end-of-life process. It is [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/346485)
-in GitLab 14.7.
-It will be removed completely in GitLab 15.2.
-
-FLAG:
-On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to [enable the feature flag](../../administration/feature_flags.md) named `monitor_logging`.
-On GitLab.com, this feature is not available.
-This feature is not recommended for production use.
-
-You can integrate your cluster with [Elastic
-Stack](https://www.elastic.co/elastic-stack/) to index and [query your pod
-logs](../project/clusters/kubernetes_pod_logs.md).
-
-### Elastic Stack Prerequisites
-
-To use this integration:
-
-1. Elasticsearch 7.x or must be installed in your cluster in the
-   `gitlab-managed-apps` namespace.
-1. The `Service` resource must be called `elastic-stack-elasticsearch-master`
-   and expose the Elasticsearch API on port `9200`.
-1. The logs are expected to be [Filebeat container logs](https://www.elastic.co/guide/en/beats/filebeat/7.16/filebeat-input-container.html)
-   following the [7.x log structure](https://www.elastic.co/guide/en/beats/filebeat/7.16/exported-fields-log.html)
-   and include [Kubernetes metadata](https://www.elastic.co/guide/en/beats/filebeat/7.16/add-kubernetes-metadata.html).
-
-You can manage your Elastic Stack however you like, but as an example, you can
-use [this Elastic Stack chart](https://gitlab.com/gitlab-org/charts/elastic-stack) to get up and
-running:
-
-```shell
-# Create the required Kubernetes namespace
-kubectl create namespace gitlab-managed-apps
-
-# Download Helm chart values that is compatible with the requirements above.
-# These are included in the Cluster Management project template.
-wget https://gitlab.com/gitlab-org/project-templates/cluster-management/-/raw/master/applications/elastic-stack/values.yaml
-
-# Add the GitLab Helm chart repository
-helm repo add gitlab https://charts.gitlab.io
-
-# Install Elastic Stack
-helm install elastic-stack gitlab/elastic-stack -n gitlab-managed-apps --values values.yaml
-```
-
-### Enable Elastic Stack integration for your cluster
-
-To enable the Elastic Stack integration for your cluster:
-
-1. Go to the cluster's page:
-      - For a [project-level cluster](../project/clusters/index.md), navigate to your project's
-      **Infrastructure > Kubernetes clusters**.
-      - For a [group-level cluster](../group/clusters/index.md), navigate to your group's
-      **Kubernetes** page.
-      - For an [instance-level cluster](../instance/clusters/index.md), navigate to your instance's
-      **Kubernetes** page.
-1. Select the **Integrations** tab.
-1. Check the **Enable Elastic Stack integration** checkbox.
-1. Select **Save changes**.
-1. Go to the **Health** tab to see your cluster's metrics.
diff --git a/doc/user/compliance/compliance_report/index.md b/doc/user/compliance/compliance_report/index.md
index 0006ae02752..f547e5f146f 100644
--- a/doc/user/compliance/compliance_report/index.md
+++ b/doc/user/compliance/compliance_report/index.md
@@ -96,7 +96,7 @@ Our criteria for the separation of duties is as follows:
 
 The Chain of Custody report allows customers to export a list of merge commits within the group.
 The data provides a comprehensive view with respect to merge commits. It includes the merge commit SHA,
-merge request author, merge request ID, merge user, pipeline ID, group name, project name, and merge request approvers.
+merge request author, merge request ID, merge user, date merged, pipeline ID, group name, project name, and merge request approvers.
 Depending on the merge strategy, the merge commit SHA can be a merge commit, squash commit, or a diff head commit.
 
 To download the Chain of Custody report:
diff --git a/doc/user/compliance/license_compliance/index.md b/doc/user/compliance/license_compliance/index.md
index 659c0326728..8c57220068b 100644
--- a/doc/user/compliance/license_compliance/index.md
+++ b/doc/user/compliance/license_compliance/index.md
@@ -35,8 +35,7 @@ compliance report is shown properly.
 
 The results are saved as a
 [License Compliance report artifact](../../../ci/yaml/artifacts_reports.md#artifactsreportslicense_scanning)
-that you can later download and analyze. Due to implementation limitations, we
-always take the latest License Compliance artifact available.
+that you can later download and analyze.
 
 WARNING:
 License Compliance Scanning does not support run-time installation of compilers and interpreters.
@@ -72,11 +71,13 @@ Gradle 1.x projects are not supported. The minimum supported version of Maven is
 |------------|----------------------------------------------------------------------------------------------|-------|
 | JavaScript | [Bower](https://bower.io/), [npm](https://www.npmjs.com/) (7 and earlier)                    |       |
 | Go         | [Godep](https://github.com/tools/godep) ([deprecated](../../../update/deprecations.md#godep-support-in-license-compliance)), [go mod](https://github.com/golang/go/wiki/Modules) |       |
-| Java       | [Gradle](https://gradle.org/), [Maven](https://maven.apache.org/)                            |       |
+| Java       | [Gradle](https://gradle.org/) <sup>1</sup>, [Maven](https://maven.apache.org/)                            |       |
 | .NET       | [NuGet](https://www.nuget.org/)                                                              | The .NET Framework is supported via the [mono project](https://www.mono-project.com/). There are, however, some limitations. The scanner doesn't support Windows-specific dependencies and doesn't report dependencies of your project's listed dependencies. Also, the scanner always marks detected licenses for all dependencies as `unknown`. |
 | Python     | [pip](https://pip.pypa.io/en/stable/)                                                        | Python is supported through [requirements.txt](https://pip.pypa.io/en/stable/user_guide/#requirements-files) and [Pipfile.lock](https://github.com/pypa/pipfile#pipfilelock). |
 | Ruby       | [gem](https://rubygems.org/) |  |
 
+1. Gradle 7 and later is not supported as dependencies are not discovered when included with the `implementation` directive. Please see [GitLab#341222](https://gitlab.com/gitlab-org/gitlab/-/issues/341222) for more details.
+
 ### Experimental support
 
 The following languages and package managers are [supported experimentally](https://github.com/pivotal/LicenseFinder#experimental-project-types).
@@ -101,6 +102,8 @@ To enable License Compliance in your project's pipeline, either:
   (provided by [Auto DevOps](../../../topics/autodevops/index.md)).
 - Include the [`License-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/License-Scanning.gitlab-ci.yml) in your `.gitlab-ci.yml` file.
 
+Please note that License Compliance is not supported when GitLab is run with FIPS mode enabled.
+
 ### Include the License Scanning template
 
 Prerequisites:
@@ -110,6 +113,7 @@ Prerequisites:
   shared runners on GitLab.com, this is enabled by default.
 - License Scanning runs in the `test` stage, which is available by default. If you redefine the stages in the
   `.gitlab-ci.yml` file, the `test` stage is required.
+- [FIPS mode](../../../development/fips_compliance.md#enable-fips-mode) must be disabled.
 
 To [include](../../../ci/yaml/index.md#includetemplate) the
 [`License-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/License-Scanning.gitlab-ci.yml), add it to your `.gitlab-ci.yml` file:
diff --git a/doc/user/crm/index.md b/doc/user/crm/index.md
index b5287816052..a2cfdf61a8d 100644
--- a/doc/user/crm/index.md
+++ b/doc/user/crm/index.md
@@ -39,7 +39,7 @@ To enable customer relations management in a group or subgroup:
 1. On the top bar, select **Menu > Groups** and find your group or subgroup.
 1. On the left sidebar, select **Settings > General**.
 1. Expand the **Permissions and group features** section.
-1. Select **Enable customer relations**.
+1. Select **Customer relations is enabled**.
 1. Select **Save changes**.
 
 ## Contacts
@@ -118,6 +118,9 @@ organizations using the GraphQL API.
 
 ## Issues
 
+If you use [Service Desk](../project/service_desk.md) and create issues from emails,
+issues are linked to contacts matching the email addresses in the sender and CC of the email.
+
 ### View issues linked to a contact
 
 To view a contact's issues, select a contact from the issue sidebar, or:
@@ -170,10 +173,7 @@ API.
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/2256) in GitLab 14.8 [with a flag](../../administration/feature_flags.md) named `contacts_autocomplete`. Disabled by default.
 > - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/352123) in GitLab 15.0.
-
-FLAG:
-On self-managed GitLab, by default this feature is available. To hide the feature, ask an administrator to [disable the feature flag](../../administration/feature_flags.md) named `contacts_autocomplete`.
-On GitLab.com, this feature is available.
+> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/352123) in GitLab 15.2. [Feature flag `contacts_autocomplete`](https://gitlab.com/gitlab-org/gitlab/-/issues/352123) removed.
 
 When you use the `/add_contacts` or `/remove_contacts` quick actions, follow them with `[contact:` and an autocomplete list appears:
 
diff --git a/doc/user/discussions/img/start_image_discussion.gif b/doc/user/discussions/img/start_image_discussion.gif
deleted file mode 100644
index 18b2a4701cc..00000000000
--- a/doc/user/discussions/img/start_image_discussion.gif
+++ /dev/null
diff --git a/doc/user/discussions/index.md b/doc/user/discussions/index.md
index a0649a61905..1f34d182718 100644
--- a/doc/user/discussions/index.md
+++ b/doc/user/discussions/index.md
@@ -98,8 +98,6 @@ This comment can also be a thread.
 
 An icon is displayed on the image and a comment field is displayed.
 
-![Start image thread](img/start_image_discussion.gif)
-
 ## Reply to a comment by sending email
 
 If you have ["reply by email"](../../administration/reply_by_email.md) configured,
@@ -156,11 +154,7 @@ If an issue or merge request is locked and closed, you cannot reopen it.
 > - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/351143) in GitLab 14.10: you can only mark comments in issues and epics as confidential. Previously, it was also possible for comments in merge requests and snippets.
 > - [Renamed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87403) from "confidential comments" to "internal notes" in GitLab 15.0.
 > - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87383) in GitLab 15.0.
-
-FLAG:
-On self-managed GitLab, by default this feature is available. To hide the feature,
-ask an administrator to [disable the feature flag](../../administration/feature_flags.md) named `confidential_notes`.
-On GitLab.com, this feature is available.
+> - [Feature flag `confidential_notes`](https://gitlab.com/gitlab-org/gitlab/-/issues/362712) removed in GitLab 15.2.
 
 You can add an internal note **to an issue or an epic**. It's then visible only to the following people:
 
@@ -229,7 +223,7 @@ To change the activity sort order:
 
 ## Assign an issue to the commenting user
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/191455) in GitLab 13.1.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/191455) in GitLab 13.1.
 
 You can assign an issue to a user who made a comment.
 
diff --git a/doc/user/free_user_limit.md b/doc/user/free_user_limit.md
index 868e322cac9..b848128b160 100644
--- a/doc/user/free_user_limit.md
+++ b/doc/user/free_user_limit.md
@@ -1,6 +1,6 @@
 ---
 stage: Growth
-group: Conversion
+group: Acquisition
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
 ---
 
diff --git a/doc/user/gitlab_com/index.md b/doc/user/gitlab_com/index.md
index d515f9f4558..529b81e2645 100644
--- a/doc/user/gitlab_com/index.md
+++ b/doc/user/gitlab_com/index.md
@@ -230,11 +230,23 @@ also load certain page content directly from common public CDN hostnames.
 
 ## Webhooks
 
-The following limits apply for [webhooks](../project/integrations/webhooks.md):
+The following limits apply for [webhooks](../project/integrations/webhooks.md).
+
+### Rate limits
+
+The number of times a webhook can be called per minute, per top-level namespace.
+The limit varies depending on your plan and the number of seats in your subscription.
+
+| Plan              | Default for GitLab.com  |
+|----------------------|-------------------------|
+| Free    | `500` |
+| Premium | `99` seats or fewer: `1,600`<br>`100-399` seats: `2,800`<br>`400` seats or more: `4,000` |
+| Ultimate and open source |`999` seats or fewer: `6,000`<br>`1,000-4,999` seats: `9,000`<br>`5,000` seats or more: `13,000` |
+
+### Other limits
 
 | Setting              | Default for GitLab.com  |
 |----------------------|-------------------------|
-| Webhook rate limit   | `500` calls per minute for GitLab Free, unlimited for GitLab Premium and GitLab Ultimate. Webhook rate limits are applied per top-level namespace. |
 | Number of webhooks   | `100` per project, `50` per group |
 | Maximum payload size | 25 MB                   |
 
@@ -344,6 +356,7 @@ after the limits change in January, 2021:
 | **GitLab Pages** requests (for a given **IP address**)                     |                               | **1000** requests per **50 seconds**    |
 | **GitLab Pages** requests (for a given **GitLab Pages domain**)            |                               | **5000** requests per **10 seconds**    |
 | **Pipeline creation** requests (for a given **project, user, and commit**) |                               | **25** requests per minute              |
+| **Alert integration endpoint** requests (for a given **project**)          |                               | **3600** requests per hour |
 
 More details are available on the rate limits for [protected
 paths](#protected-paths-throttle) and [raw
@@ -407,12 +420,7 @@ No response headers are provided.
 
 ### Pagination response headers
 
-For performance reasons, if a query returns more than 10,000 records, GitLab
-doesn't return the following headers:
-
-- `x-total`.
-- `x-total-pages`.
-- `rel="last"` `link`.
+For performance reasons, if a query returns more than 10,000 records, [GitLab excludes some headers](../../api/index.md#pagination-response-headers).
 
 ### Visibility settings
 
diff --git a/doc/user/group/epics/manage_epics.md b/doc/user/group/epics/manage_epics.md
index e0334eda875..71d7b7fbb0c 100644
--- a/doc/user/group/epics/manage_epics.md
+++ b/doc/user/group/epics/manage_epics.md
@@ -34,6 +34,7 @@ To create an epic in the group you're in:
    - To [make the epic confidential](#make-an-epic-confidential), select the checkbox under **Confidentiality**.
    - Choose labels.
    - Select a start and due date, or [inherit](#start-and-due-date-inheritance) them.
+   - Select a [color](#epic-color).
 1. Select **Create epic**.
 
 The newly created epic opens.
@@ -62,6 +63,18 @@ Because the epic's dates can inherit dates from its children, the start date and
 If the start date of a child epic on the lowest level changes, that becomes the earliest possible start date for its parent epic.
 The parent epic's start date then reflects this change and propagates upwards to the top epic.
 
+### Epic color
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/79940) in GitLab 14.9 [with a flag](../../../administration/feature_flags.md) named `epic_color_highlight`. Disabled by default.
+
+FLAG:
+On self-managed GitLab, by default this feature is not available. To make it available per group, ask an administrator to [enable the feature flag](../../../administration/feature_flags.md) named `epic_color_highlight`.
+On GitLab.com, this feature is available but can be configured by GitLab.com administrators only.
+The feature is not ready for production use.
+
+When you create or edit an epic, you can select its color.
+An epic's color is shown in [roadmaps](../roadmap/index.md), and [epic boards](epic_boards.md).
+
 ## Edit an epic
 
 After you create an epic, you can edit the following details:
@@ -71,6 +84,7 @@ After you create an epic, you can edit the following details:
 - Start date
 - Due date
 - Labels
+- [Color](#epic-color)
 
 Prerequisites:
 
diff --git a/doc/user/group/import/index.md b/doc/user/group/import/index.md
index ae1465d0b1b..edf4d7677df 100644
--- a/doc/user/group/import/index.md
+++ b/doc/user/group/import/index.md
@@ -86,7 +86,7 @@ migrated:
 
 - Badges ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/292431) in 13.11)
 - Board Lists
-- Boards 
+- Boards
 - Epics ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/250281) in 13.7)
 - Finisher
 - Group Labels ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/292429) in 13.9)
diff --git a/doc/user/group/index.md b/doc/user/group/index.md
index 6ba8251ba05..56d1569c908 100644
--- a/doc/user/group/index.md
+++ b/doc/user/group/index.md
@@ -45,16 +45,19 @@ the immediate parent group.
 
 ### Namespaces
 
-In GitLab, a namespace is a unique name for a user, a group, or subgroup under
-which a project can be created.
+In GitLab, a *namespace* organizes related projects together.
+GitLab has two types of namespaces:
 
-For example, consider a user named Alex:
+- A *personal* namespace, which is based on your username. Projects under a personal namespace must be configured one at a time.
+- A *group* or *subgroup* namespace. In these namespaces, you can manage multiple projects at once.
 
-| GitLab URL | Namespace |
-| ---------- | --------- |
-| Alex creates an account with the username `alex`: `https://gitlab.example.com/alex`. | The namespace in this case is `alex`. |
-| Alex creates a group for their team with the group name `alex-team`. The group and its projects are available at: `https://gitlab.example.com/alex-team`. | The namespace in this case is `alex-team`. |
-| Alex creates a subgroup of `alex-team` with the subgroup name `marketing`. The subgroup and its projects are available at: `https://gitlab.example.com/alex-team/marketing`. | The namespace in this case is `alex-team/marketing`. |
+To determine whether you're viewing a group or personal namespace, you can view the URL. For example:
+
+| Namespace for | URL | Namespace |
+| ------------- | --- | --------- |
+| A user named `alex`. | `https://gitlab.example.com/alex` | `alex` |
+| A group named `alex-team`. | `https://gitlab.example.com/alex-team` | `alex-team` |
+| A group named `alex-team` with a subgroup named `marketing`. |  `https://gitlab.example.com/alex-team/marketing` | `alex-team/marketing` |
 
 ## Create a group
 
@@ -240,7 +243,7 @@ To change this setting for a specific group:
 1. Find the group and select it.
 1. From the left menu, select **Settings > General**.
 1. Expand the **Permissions and group features** section.
-1. Select the desired option in the **Allowed to create projects** dropdown list.
+1. Select the desired option in the **Roles allowed to create projects** dropdown list.
 1. Select **Save changes**.
 
 To change this setting globally, see [Default project creation protection](../admin_area/settings/visibility_and_access_controls.md#define-which-roles-can-create-projects).
@@ -478,7 +481,7 @@ To prevent sharing outside of the group's hierarchy:
 1. On the top bar, select **Menu > Groups** and find your group.
 1. On the left sidebar, select **Settings > General**.
 1. Expand **Permissions and group features**.
-1. Select **Prevent members from sending invitations to groups outside of `<group_name>` and its subgroups**.
+1. Select **Members cannot invite groups outside of `<group_name>` and its subgroups**.
 1. Select **Save changes**.
 
 ## Prevent a project from being shared with groups
@@ -490,7 +493,7 @@ To prevent a project from being shared with other groups:
 
 1. Go to the group's **Settings > General** page.
 1. Expand the **Permissions and group features** section.
-1. Select **Prevent sharing a project in `<group_name>` with other groups**.
+1. Select **Projects in `<group_name>` cannot be shared with other groups**.
 1. Select **Save changes**.
 
 This setting applies to all subgroups unless overridden by a group owner. Groups already
@@ -582,7 +585,7 @@ To prevent members from being added to projects in a group:
 
 1. Go to the group's **Settings > General** page.
 1. Expand the **Permissions and group features** section.
-1. Under **Membership**, select **Prevent adding new members to projects within this group**.
+1. Under **Membership**, select **Users cannot be added to projects in this group**.
 1. Select **Save changes**.
 
 All users who previously had permissions can no longer add members to a group.
@@ -608,15 +611,14 @@ To ensure only people from your organization can access particular
 resources, you can restrict access to groups by IP address. This group-level setting
 applies to:
 
-- The GitLab UI, including subgroups, projects, and issues.
+- The GitLab UI, including subgroups, projects, issues, and pages.
 - [In GitLab 12.3 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/12874), the API.
+- Using Git over SSH on GitLab.com.
 
 ### Security implications
 
 You should consider some security implications before configuring IP address restrictions.
 
-- Restricting HTTP traffic on GitLab.com with IP address restrictions causes SSH requests (including Git operations over
-  SSH) to fail. For more information, see [the relevant issue](https://gitlab.com/gitlab-org/gitlab/-/issues/271673).
 - Administrators and group owners can access group settings from any IP address, regardless of IP restriction. However:
   - Groups owners cannot access projects belonging to the group when accessing from a disallowed IP address.
   - Administrators can access projects belonging to the group when accessing from a disallowed IP address.
@@ -629,6 +631,8 @@ You should consider some security implications before configuring IP address res
   restricted IP address, the IP restriction prevents code from being cloned.
 - Users may still see some events from the IP restricted groups and projects on their dashboard. Activity may include
   push, merge, issue, or comment events.
+- IP access restrictions for Git operations via SSH are supported only on GitLab SaaS.
+  IP access restrictions applied to self-managed instances block SSH completely.
 
 ### Restrict group access by IP address
 
@@ -636,7 +640,7 @@ To restrict group access by IP address:
 
 1. Go to the group's **Settings > General** page.
 1. Expand the **Permissions and group features** section.
-1. In the **Allow access to the following IP addresses** field, enter IPv4 or IPv6 address ranges in CIDR notation.
+1. In the **Restrict access by IP address** field, enter IPv4 or IPv6 address ranges in CIDR notation.
 1. Select **Save changes**.
 
 In self-managed installations of GitLab 15.1 and later, you can also configure
@@ -671,6 +675,26 @@ The most popular public email domains cannot be restricted, such as:
 
 When you share a group, both the source and target namespaces must allow the domains of the members' email addresses.
 
+## Restrict Git access protocols
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/365601) in GitLab 15.1 [with a flag](../../administration/feature_flags.md) named `group_level_git_protocol_control`. Disabled by default.
+
+FLAG:
+On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to
+[enable the feature flag](../../administration/feature_flags.md) named `group_level_git_protocol_control`. On GitLab.com,
+this feature is available.
+
+You can set the permitted protocols used to access a group's repositories to either SSH, HTTPS, or both. This setting
+is disabled when the [instance setting](../admin_area/settings/visibility_and_access_controls.md#configure-enabled-git-access-protocols) is
+configured by an administrator.
+
+To change the permitted Git access protocols for a group:
+
+1. Go to the group's **Settings > General** page.
+1. Expand the **Permissions and group features** section.
+1. Choose the permitted protocols from **Enabled Git access protocols**.
+1. Select **Save changes**.
+
 ## Group file templates **(PREMIUM)**
 
 Use group file templates to share a set of templates for common file
@@ -712,7 +736,7 @@ To disable email notifications:
 
 1. Go to the group's **Settings > General** page.
 1. Expand the **Permissions and group features** section.
-1. Select **Disable email notifications**.
+1. Select **Email notifications are disabled**.
 1. Select **Save changes**.
 
 ## Disable group mentions
@@ -731,7 +755,7 @@ To disable group mentions:
 
 1. Go to the group's **Settings > General** page.
 1. Expand the **Permissions and group features** section.
-1. Select **Disable group mentions**.
+1. Select **Group mentions are disabled**.
 1. Select **Save changes**.
 
 ## Enable delayed project deletion **(PREMIUM)**
@@ -743,7 +767,7 @@ To disable group mentions:
 > - [User interface changed](https://gitlab.com/gitlab-org/gitlab/-/issues/352961) in GitLab 15.1.
 
 [Delayed project deletion](../project/settings/index.md#delayed-project-deletion) is locked and disabled unless the instance-level settings for
-[deletion protection](../admin_area/settings/visibility_and_access_controls.md#deletion-protection) is enabled for either groups only or groups and projects.
+[deletion protection](../admin_area/settings/visibility_and_access_controls.md#deletion-protection) are enabled for either groups only or groups and projects.
 When enabled on groups, projects in the group are deleted after a period of delay. During this period, projects are in a read-only state and can be restored.
 The default period is seven days but [is configurable at the instance level](../admin_area/settings/visibility_and_access_controls.md#retention-period).
 
@@ -848,12 +872,12 @@ Support for group-level settings for merge request approval rules is tracked in
 - [Audit Events](../../administration/audit_events.md#group-events).
 - [CI/CD minutes quota](../../ci/pipelines/cicd_minutes.md): Keep track of the CI/CD minute quota for the group.
 - [Integrations](../admin_area/settings/project_integration_management.md).
-- [Transfer a project into a group](../project/settings/index.md#transferring-an-existing-project-into-another-namespace).
+- [Transfer a project into a group](../project/settings/index.md#transfer-a-project-to-another-namespace).
 - [Share a project with a group](../project/members/share_project_with_groups.md): Give all group members access to the project at once.
 - [Lock the sharing with group feature](#prevent-a-project-from-being-shared-with-groups).
 - [Enforce two-factor authentication (2FA)](../../security/two_factor_authentication.md#enforce-2fa-for-all-users-in-a-group): Enforce 2FA
   for all group members.
-- Namespaces [API](../../api/namespaces.md) and [Rake tasks](../../raketasks/features.md).
+- Namespaces [API](../../api/namespaces.md) and [Rake tasks](../../raketasks/index.md).
 - [Control access and visibility](../admin_area/settings/visibility_and_access_controls.md).
 
 ## Troubleshooting
diff --git a/doc/user/group/saml_sso/group_managed_accounts.md b/doc/user/group/saml_sso/group_managed_accounts.md
deleted file mode 100644
index 0a00d0c1c1c..00000000000
--- a/doc/user/group/saml_sso/group_managed_accounts.md
+++ /dev/null
@@ -1,14 +0,0 @@
----
-type: reference, howto
-stage: Manage
-group: Authentication and Authorization
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
-remove_date: '2022-06-13'
-redirect_to: 'index.md'
----
-
-# Group Managed Accounts **(PREMIUM)**
-
-This [closed beta](https://about.gitlab.com/handbook/product/gitlab-the-product/#sts=Closed%20Beta) feature was never enabled globally. See
-[this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/296544) for progress on removing the feature.
-Use [SAML SSO](index.md) instead.
diff --git a/doc/user/group/saml_sso/group_sync.md b/doc/user/group/saml_sso/group_sync.md
index 2239562b831..b8b7a16b31b 100644
--- a/doc/user/group/saml_sso/group_sync.md
+++ b/doc/user/group/saml_sso/group_sync.md
@@ -23,10 +23,12 @@ For a demo of Group Sync using Azure, see [Demo: SAML Group Sync](https://youtu.
 
 To configure SAML Group Sync:
 
-1. Configure SAML authentication:
-   - For GitLab self-managed, see [SAML OmniAuth Provider](../../../integration/saml.md).
-   - For GitLab.com, see [SAML SSO for GitLab.com groups](index.md).
-1. Ensure your SAML identity provider sends an attribute statement named `Groups` or `groups`.
+- For GitLab self-managed:
+  1. Configure the [SAML OmniAuth Provider](../../../integration/saml.md).
+  1. Ensure your SAML identity provider sends an attribute statement with the same name as the value of the `groups_attribute` setting.
+- For GitLab.com:
+  1. See [SAML SSO for GitLab.com groups](index.md).
+  1. Ensure your SAML identity provider sends an attribute statement named `Groups` or `groups`. 
 
 NOTE:
 The value for `Groups` or `groups` in the SAML response can be either the group name or the group ID.
diff --git a/doc/user/group/saml_sso/img/unlink_group_saml.png b/doc/user/group/saml_sso/img/unlink_group_saml.png
deleted file mode 100644
index 9d53a9bf407..00000000000
--- a/doc/user/group/saml_sso/img/unlink_group_saml.png
+++ /dev/null
diff --git a/doc/user/group/saml_sso/index.md b/doc/user/group/saml_sso/index.md
index c05e847e2c9..80e7a5903fa 100644
--- a/doc/user/group/saml_sso/index.md
+++ b/doc/user/group/saml_sso/index.md
@@ -189,7 +189,9 @@ with the notes below for consideration.
 | GitLab single sign-on URL            | Start URL              |
 | Identity provider single sign-on URL | SSO URL                |
 
-You must download the certificate to get the SHA1 certificate fingerprint.
+NOTE:
+Google Workspace displays a SHA256 fingerprint. To retrieve the SHA1 fingerprint required by GitLab for [configuring SAML](#configure-gitlab), download the certificate and calculate
+the SHA1 certificate fingerprint.
 
 The recommended attributes and claims settings are:
 
@@ -396,9 +398,7 @@ For example, to unlink the `MyOrg` account:
 1. On the top bar, in the top right corner, select your avatar.
 1. Select **Edit profile**.
 1. On the left sidebar, select **Account**.
-1. In the **Social sign-in** section, select **Disconnect** next to the connected account.
-
-![Unlink Group SAML](img/unlink_group_saml.png)
+1. In the **Service sign-in** section, select **Disconnect** next to the connected account.
 
 ## Group Sync
 
@@ -511,7 +511,7 @@ Alternatively, the SAML response may be missing the `InResponseTo` attribute in
 The identity provider administrator should ensure that the login is
 initiated by the service provider and not the identity provider.
 
-### Message: "Login to a GitLab account to link with your SAML identity"
+### Message: "Sign in to GitLab to connect your organization's account"
 
 A user can see this message when they are trying to [manually link SAML to their existing GitLab.com account](#linking-saml-to-your-existing-gitlabcom-account).
 
diff --git a/doc/user/group/saml_sso/scim_setup.md b/doc/user/group/saml_sso/scim_setup.md
index cc154b96ed0..04aa99e08af 100644
--- a/doc/user/group/saml_sso/scim_setup.md
+++ b/doc/user/group/saml_sso/scim_setup.md
@@ -71,8 +71,10 @@ Follow [Azure documentation to configure the attribute mapping](https://docs.mic
 
 The following table below provides an attribute mapping known to work with GitLab. If
 your SAML configuration differs from [the recommended SAML settings](index.md#azure-setup-notes),
-modify the corresponding `customappsso` settings accordingly. If a mapping is not listed in the
-table, use the Azure defaults. For a list of required attributes, refer to the [SCIM API documentation](../../../api/scim.md).
+modify the corresponding `customappsso` settings accordingly. In particular, the `externalId` must
+match the [SAML NameID](index.md#nameid).
+If a mapping is not listed in the table, use the Azure defaults.
+For a list of required attributes, refer to the [SCIM API documentation](../../../api/scim.md).
 
 | Azure Active Directory Attribute | `customappsso` Attribute       | Matching precedence |
 | -------------------------------- | ------------------------------ | ------------------- |
@@ -169,7 +171,7 @@ If [Group SAML](index.md) has been configured and you have an existing GitLab.co
 
 We recommend users do this prior to turning on sync, because while synchronization is active, there may be provisioning errors for existing users.
 
-New users and existing users on subsequent visits can access the group through the identify provider's dashboard or by visiting links directly.
+New users and existing users on subsequent visits can access the group through the identity provider's dashboard or by visiting links directly.
 
 [In GitLab 14.0 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/325712), GitLab users created by [SAML SSO](index.md#user-access-and-management) or SCIM provisioning display with an **Enterprise** badge in the **Members** view.
 
@@ -257,7 +259,19 @@ Changing the SAML or SCIM configuration or provider can cause the following prob
 | Problem                                                                   | Solution                                                                                                                                                                                                                                                                                                                                                                                                                                                |
 | ------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | SAML and SCIM identity mismatch.                                          | First [verify that the user's SAML NameId matches the SCIM externalId](#how-do-i-verify-users-saml-nameid-matches-the-scim-externalid) and then [update or fix the mismatched SCIM externalId and SAML NameId](#update-or-fix-mismatched-scim-externalid-and-saml-nameid).                                                                                                                                                                              |
-| SCIM identity mismatch between GitLab and the Identify Provider SCIM app. | You can confirm whether you're hitting the error because of your SCIM identity mismatch between your SCIM app and GitLab.com by using [SCIM API](../../../api/scim.md#update-a-single-scim-provisioned-user) which shows up in the `id` key and compares it with the user `externalId` in the SCIM app. You can use the same [SCIM API](../../../api/scim.md#update-a-single-scim-provisioned-user) to update the SCIM `id` for the user on GitLab.com. |
+| SCIM identity mismatch between GitLab and the identity provider SCIM app. | You can confirm whether you're hitting the error because of your SCIM identity mismatch between your SCIM app and GitLab.com by using [SCIM API](../../../api/scim.md#update-a-single-scim-provisioned-user) which shows up in the `id` key and compares it with the user `externalId` in the SCIM app. You can use the same [SCIM API](../../../api/scim.md#update-a-single-scim-provisioned-user) to update the SCIM `id` for the user on GitLab.com. |
+
+### Search Rails logs for SCIM requests
+
+GitLab.com administrators can search for SCIM requests in the `api_json.log` using the `pubsub-rails-inf-gprd-*` index in [Kibana](https://about.gitlab.com/handbook/support/workflows/kibana.html#using-kibana). Use the following filters based on the [SCIM API](../../../api/scim.md):
+
+- `json.path`: `/scim/v2/groups/<group-path>`
+- `json.params.value`: `<externalId>`
+
+In a relevant log entry, the `json.params.value` shows the values of SCIM parameters GitLab receives. These values can be used to verify if SCIM parameters configured in an
+identity provider's SCIM app are communicated to GitLab as intended. For example, we can use these values as a definitive source on why an account was provisioned with a certain
+set of details. This information can help where an account was SCIM provisioned with details that appear to be incongruent with what might have been configured within an identity
+provider's SCIM app.
 
 ### Azure
 
diff --git a/doc/user/group/settings/group_access_tokens.md b/doc/user/group/settings/group_access_tokens.md
index 649e7f2c264..9e8fc120731 100644
--- a/doc/user/group/settings/group_access_tokens.md
+++ b/doc/user/group/settings/group_access_tokens.md
@@ -78,7 +78,7 @@ or API. However, administrators can use a workaround:
    bot.confirm
 
    # Add the bot to the group with the required role.
-   group.add_user(bot, :maintainer)
+   group.add_member(bot, :maintainer)
 
    # Give the bot a personal access token.
    token = bot.personal_access_tokens.create(scopes:[:api, :write_repository], name: 'group_token')
@@ -141,7 +141,7 @@ To enable or disable group access token creation for all sub-groups in a top-lev
 1. On the top bar, select **Menu > Groups** and find your group.
 1. On the left sidebar, select **Settings > General**.
 1. Expand **Permissions and group features**.
-1. Under **Permissions**, turn on or off **Allow project and group access token creation**.
+1. Under **Permissions**, turn on or off **Users can create project access tokens and group access tokens in this group**.
 
 Even when creation is disabled, you can still use and revoke existing group access tokens.
 
diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index 5f3c859d15a..bf4e13779fd 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -73,21 +73,20 @@ To create a subgroup:
 To create a subgroup, you must have at least the Maintainer role on the group, depending on the group's setting. By
 default:
 
-- In GitLab 12.2 or later, users with at least the Maintainer role can create subgroups.
-- In GitLab 12.1 or earlier, only users with the Owner role can create subgroups.
-
 To change who can create subgroups on a group:
 
 - As a user with the Owner role on the group:
-  1. On the top bar, select **Menu > Groups** and find the group.
+  1. On the top bar, select **Menu > Groups** and find your group.
   1. On the left sidebar, select **Settings > General**.
   1. Expand **Permissions and group features**.
-  1. Select a role from the **Allowed to create subgroups** dropdown.
+  1. Select a role from **Roles allowed to create subgroups**.
+  1. Select **Save changes**.
 - As an administrator:
   1. On the top bar, select **Menu > Admin**.
   1. On the left sidebar, select **Overview > Groups**.
-  1. Select the group, and select **Edit**.
-  1. Select a role from the **Allowed to create subgroups** dropdown.
+  1. In the group's row select **Edit**.
+  1. Select a role from **Allowed to create subgroups**.
+  1. Select **Save changes**.
 
 For more information, view the [permissions table](../../permissions.md#group-members-permissions).
 
diff --git a/doc/user/group/value_stream_analytics/index.md b/doc/user/group/value_stream_analytics/index.md
index 72d42a8081f..3e41b7b63cc 100644
--- a/doc/user/group/value_stream_analytics/index.md
+++ b/doc/user/group/value_stream_analytics/index.md
@@ -7,8 +7,6 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # Value stream analytics for groups **(PREMIUM)**
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/196455) in GitLab 12.9 for groups.
-
 Value stream analytics provides metrics about each stage of your software development process.
 
 A **value stream** is the entire work process that delivers value to customers. For example,
@@ -20,14 +18,13 @@ Use value stream analytics to identify:
 - The amount of time it takes to go from an idea to production.
 - The velocity of a given project.
 - Bottlenecks in the development process.
-- Detecting long-running issues or merge requests.
+- Long-running issues or merge requests.
 - Factors that cause your software development lifecycle to slow down.
 
 Value stream analytics is also available for [projects](../../analytics/value_stream_analytics.md).
 
 ## View value stream analytics
 
-> - Date range filter [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13216) in GitLab 12.4
 > - Filtering [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13216) in GitLab 13.3
 > - Horizontal stage path [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12196) in 13.0 and [feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/323982) in 13.12
 
@@ -40,7 +37,7 @@ To view value stream analytics for your group:
 
 1. On the top bar, select **Menu > Groups** and find your group.
 1. On the left sidebar, select **Analytics > Value stream**.
-1. To view metrics for each stage, above the **Filter results** text box, select a stage.
+1. To view metrics for a particular stage, select a stage below the **Filter results** text box.
 1. Optional. Filter the results:
    1. Select the **Filter results** text box.
    1. Select a parameter.
@@ -63,57 +60,18 @@ The table shows a list of related workflow items for the selected stage. Based o
 - Merge requests
 - Pipelines
 
-## View metrics for each development stage
+## View DORA metrics and key metrics for a group
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/210315) in GitLab 13.0.
 > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/323982) in GitLab 13.12.
 
-Value stream analytics shows the median time spent by issues or merge requests in each development stage.
-
-To view the median time spent in each stage by a group:
-
-1. On the top bar, select **Menu > Groups** and find your group.
-1. On the left sidebar, select **Analytics > Value stream**.
-1. Optional. Filter the results:
-   1. Select the **Filter results** text box.
-   1. Select a parameter.
-   1. Select a value or enter text to refine the results.
-   1. To adjust the date range:
-      - In the **From** field, select a start date.
-      - In the **To** field, select an end date.
-1. To view the metrics for each stage, above the **Filter results** text box, hover over a stage.
-
-## View the lead time and cycle time for issues
-
-Value stream analytics shows the lead time and cycle time for issues in your groups:
-
-- Lead time: Median time from when the issue was created to when it was closed.
-- Cycle time: Median time from first commit to issue closed. GitLab measures cycle time from the earliest
-commit of a [linked issue's merge request](../../project/issues/crosslinking_issues.md#from-commit-messages)
-to when that issue is closed. The cycle time approach underestimates the lead time because merge request creation
-is always later than commit time.
-
-To view the lead time and cycle time for issues:
-
-1. On the top bar, select **Menu > Groups** and find your group.
-1. On the left sidebar, select **Analytics > Value stream**.
-1. Optional. Filter the results:
-   1. Select the **Filter results** text box.
-   1. Select a parameter.
-   1. Select a value or enter text to refine the results.
-   1. To adjust the date range:
-      - In the **From** field, select a start date.
-      - In the **To** field, select an end date.
-
-The **Lead Time** and **Cycle Time** metrics display below the **Filter results** text box.
-
-## View lead time for changes for merge requests **(ULTIMATE)**
+The **Overview** dashboard in value stream analytics shows key metrics and DORA metrics of group performance. Based on the filter you select,
+the dashboard automatically aggregates DORA metrics and displays the current status of the value stream. Select a DORA metric to view its chart.
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/340150) in GitLab 14.5.
-
-Lead time for changes is the median duration between when a merge request is merged and when it's deployed to production.
+To view deployment metrics, you must have a
+[production environment configured](../../../ci/environments/index.md#deployment-tier-of-environments).
 
-To view the lead time for changes for merge requests in your group:
+To view the DORA metrics and key metrics:
 
 1. On the top bar, select **Menu > Groups** and find your group.
 1. On the left sidebar, select **Analytics > Value stream**.
@@ -124,45 +82,46 @@ To view the lead time for changes for merge requests in your group:
    1. To adjust the date range:
       - In the **From** field, select a start date.
       - In the **To** field, select an end date.
+Key metrics and DORA metrics display below the **Filter results** text box.
 
-The **Lead Time for Changes** metrics display below the **Filter results** text box.
-
-## View number of successful deployments **(PREMIUM)**
-
-> DORA API-based deployment metrics for value stream analytics for groups were [moved](https://gitlab.com/gitlab-org/gitlab/-/issues/337256) from GitLab Ultimate to GitLab Premium in 14.3.
+### Key metrics in the value stream
 
-To view deployment metrics, you must have a
-[production environment configured](../../../ci/environments/index.md#deployment-tier-of-environments).
+The **Overview** dashboard shows the following key metrics that measure team performance:
 
-Value stream analytics shows the following deployment metrics for your group:
-
-- Deploys: The number of successful deployments in the date range.
-- Deployment Frequency: The average number of successful deployments per day in the date range.
+- Lead time: Median time from when the issue was created to when it was closed.
+- Cycle time: Median time from first commit to issue closed. GitLab measures cycle time from the earliest commit of a
+  [linked issue's merge request](../../project/issues/crosslinking_issues.md#from-commit-messages) to when that issue is closed.
+  The cycle time approach underestimates the lead time because merge request creation is always later than commit time.
+- New issues: Number of new issues created.
+- Deploys: Total number of deployments to production.
 
-To view deployment metrics for your group:
+### DORA metrics **(ULTIMATE)**
 
-1. On the top bar, select **Menu > Groups** and find your group.
-1. On the left sidebar, select **Analytics > Value stream**.
-1. Optional. Filter the results:
-   1. Select the **Filter results** text box.
-   1. Select a parameter.
-   1. Select a value or enter text to refine the results.
-   1. To adjust the date range:
-      - In the **From** field, select a start date.
-      - In the **To** field, select an end date.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/340150) lead time for changes DORA metric in GitLab 14.5.
+> - DORA API-based deployment metrics for value stream analytics for groups were [moved](https://gitlab.com/gitlab-org/gitlab/-/issues/337256) from GitLab Ultimate to GitLab Premium in GitLab 14.3.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/355304) time to restore service tile in GitLab 15.0.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/357071) change failure rate tile in GitLab 15.0.
 
-NOTE:
-The date range selector filters items by the event time. This is the time when the currently
-selected stage finished for the given item.
+The value stream analytics **Overview** dashboard displays the following [DORA](../../../user/analytics/index.md) metrics:
 
-The **Deploys** and **Deployment Frequency** metrics display below the **Filter results** text box.
+- Deployment Frequency.
+- Lead time for changes.
+- Time to restore service.
+- Change failure rate.
 
-Deployment metrics are calculated based on data from the
+DORA metrics are calculated based on data from the
 [DORA API](../../../api/dora/metrics.md#devops-research-and-assessment-dora-key-metrics-api).
 
 NOTE:
-In GitLab 13.9 and later, metrics are calculated based on when the deployment was finished.
-In GitLab 13.8 and earlier, metrics are calculated based on when the deployment was created.
+In GitLab 13.9 and later, deployment frequency metrics are calculated based on when the deployment was finished.
+In GitLab 13.8 and earlier, deployment frequency metrics are calculated based on when the deployment was created.
+
+<div class="video-fallback">
+  See the video: <a href="https://www.youtube.com/embed/wQU-mWvNSiI">DORA metrics and value stream analytics</a>.
+</div>
+<figure class="video-container">
+  <iframe src="https://www.youtube.com/embed/wQU-mWvNSiI" frameborder="0" allowfullscreen="true"> </iframe>
+</figure>
 
 ### How value stream analytics aggregates data
 
@@ -186,6 +145,30 @@ longer than 10 minutes in the following cases:
 
 To view when the data was most recently updated, in the right corner next to **Edit**, hover over the **Last updated** badge.
 
+## View metrics for each development stage
+
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/210315) in GitLab 13.0.
+> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/323982) in GitLab 13.12.
+
+Value stream analytics shows the median time spent by issues or merge requests in each development stage.
+
+To view the median time spent in each stage by a group:
+
+1. On the top bar, select **Menu > Groups** and find your group.
+1. On the left sidebar, select **Analytics > Value stream**.
+1. Optional. Filter the results:
+   1. Select the **Filter results** text box.
+   1. Select a parameter.
+   1. Select a value or enter text to refine the results.
+   1. To adjust the date range:
+      - In the **From** field, select a start date.
+      - In the **To** field, select an end date.
+1. To view the metrics for each stage, above the **Filter results** text box, hover over a stage.
+
+NOTE:
+The date range selector filters items by the event time. The event time is when the
+selected stage finished for the given item.
+
 ## How value stream analytics measures stages
 
 Value stream analytics measures each stage from its start event to its end event.
@@ -207,6 +190,8 @@ Each pre-defined stages of value stream analytics is further described in the ta
 | Review    | The median time taken to review a merge request that has a closing issue pattern, between its creation and until it's merged. |
 | Staging   | The median time between merging a merge request that has a closing issue pattern until the very first deployment to a [production environment](#how-value-stream-analytics-identifies-the-production-environment). If there isn't a production environment, this is not tracked. |
 
+For information about how value stream analytics calculates each stage, see the [Value stream analytics development guide](../../../development/value_stream_analytics.md).
+
 ### Example workflow
 
 This example shows a workflow through all seven stages in one day.
@@ -345,7 +330,6 @@ To delete a custom value stream:
 
 ## View number of days for a cycle to complete
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/21631) in GitLab 12.6.
 > - Chart median line [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/235455) in GitLab 13.4.
 > - Totals [replaced](https://gitlab.com/gitlab-org/gitlab/-/issues/262070) with averages in GitLab 13.12.
 
@@ -367,8 +351,6 @@ The chart shows data for the last 500 workflow items.
 
 ## Tasks by type chart
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32421) in GitLab 12.10.
-
 This chart shows a cumulative count of issues and merge requests per day.
 
 This chart uses the global page filters for displaying data based on the selected
diff --git a/doc/user/infrastructure/clusters/connect/img/variables_civo.png b/doc/user/infrastructure/clusters/connect/img/variables_civo.png
index 5a20478b13c..a668c3dd53c 100644
--- a/doc/user/infrastructure/clusters/connect/img/variables_civo.png
+++ b/doc/user/infrastructure/clusters/connect/img/variables_civo.png
diff --git a/doc/user/infrastructure/clusters/connect/new_civo_cluster.md b/doc/user/infrastructure/clusters/connect/new_civo_cluster.md
index d8401d5a286..fad75ca6cab 100644
--- a/doc/user/infrastructure/clusters/connect/new_civo_cluster.md
+++ b/doc/user/infrastructure/clusters/connect/new_civo_cluster.md
@@ -64,7 +64,7 @@ Use CI/CD environment variables to configure your project.
 
 1. On the left sidebar, select **Settings > CI/CD**.
 1. Expand **Variables**.
-1. Set the variable `BASE64_CIVO_CREDENTIALS` to the [token](https://www.civo.com/account/security) from your Civo account.
+1. Set the variable `BASE64_CIVO_TOKEN` to the [token](https://www.civo.com/account/security) from your Civo account.
 1. Set the variable `TF_VAR_agent_token` to the agent token you received in the previous task.
 1. Set the variable `TF_VAR_kas_address` to the agent server address in the previous task.
 
@@ -78,8 +78,8 @@ contains other variables that you can override according to your needs:
 - `TF_VAR_civo_region`: Set your cluster's region.
 - `TF_VAR_cluster_name`: Set your cluster's name.
 - `TF_VAR_cluster_description`: Set a description for the cluster. To create a reference to your GitLab project on your Civo cluster detail page, set this value to `$CI_PROJECT_URL`. This value helps you determine which project was responsible for provisioning the cluster you see on the Civo dashboard.
-- `TF_VAR_machine_type`: Set the machine type for the Kubernetes nodes.
-- `TF_VAR_node_count`: Set the number of Kubernetes nodes.
+- `TF_VAR_target_nodes_size`: Set the size of the nodes to use for the cluster
+- `TF_VAR_num_target_nodes`: Set the number of Kubernetes nodes.
 - `TF_VAR_agent_version`: Set the version of the GitLab agent.
 - `TF_VAR_agent_namespace`: Set the Kubernetes namespace for the GitLab agent.
 
diff --git a/doc/user/infrastructure/clusters/index.md b/doc/user/infrastructure/clusters/index.md
index 933b310ff3f..9c8bcd9289c 100644
--- a/doc/user/infrastructure/clusters/index.md
+++ b/doc/user/infrastructure/clusters/index.md
@@ -13,7 +13,10 @@ To connect clusters to GitLab, use the [GitLab agent](../../clusters/agent/index
 WARNING:
 In GitLab 14.5, the certificate-based method to connect Kubernetes clusters
 to GitLab was [deprecated](https://gitlab.com/groups/gitlab-org/configure/-/epics/8),
-as well as its related [features](#deprecated-features).
+as well as its related [features](#deprecated-features). In self-managed GitLab 15.0 and later,
+this feature is disabled by default. For GitLab SaaS users, this feature is available until
+GitLab 15.6 for users who have at least one certificate-based cluster enabled in their namespace hierarchy.
+For GitLab SaaS users that never used this feature previously, it is no longer available.
 
 The certificate-based Kubernetes integration with GitLab is deprecated.
 It had the following issues:
@@ -40,6 +43,10 @@ for updates.
 You can find technical information about why we moved away from cluster certificates into
 the GitLab agent model on the [agent's blueprint documentation](../../../architecture/blueprints/gitlab_to_kubernetes_communication/index.md).
 
+If you need more time to migrate to GitLab agent, you can [enable the feature flag](../../../administration/feature_flags.md)
+named `certificate_based_clusters`, which was [introduced in GitLab 15.0](../../../update/deprecations.md#self-managed-certificate-based-integration-with-kubernetes).
+This feature flag re-enables the certificate-based Kubernetes integration.
+
 ## Deprecated features
 
 - [Connect an existing cluster through cluster certificates](../../project/clusters/add_existing_cluster.md)
@@ -52,7 +59,6 @@ the GitLab agent model on the [agent's blueprint documentation](../../../archite
 - [Cluster environments](../../clusters/environments.md)
 - [Show Canary Ingress deployments on deploy boards](../../project/canary_deployments.md#show-canary-ingress-deployments-on-deploy-boards-deprecated)
 - [Deploy Boards](../../project/deploy_boards.md)
-- [Pod logs](../../project/clusters/kubernetes_pod_logs.md)
 - [Clusters health](manage/clusters_health.md)
 - [Web terminals](../../../administration/integration/terminal.md)
 
diff --git a/doc/user/infrastructure/clusters/migrate_to_gitlab_agent.md b/doc/user/infrastructure/clusters/migrate_to_gitlab_agent.md
index aa07a23db18..abdb7c58d82 100644
--- a/doc/user/infrastructure/clusters/migrate_to_gitlab_agent.md
+++ b/doc/user/infrastructure/clusters/migrate_to_gitlab_agent.md
@@ -40,7 +40,7 @@ Some features are currently available only when using certificate-based integrat
 With GitLab-managed clusters, GitLab creates separate service accounts and namespaces
 for every branch and deploys by using these resources.
 
-The GitLab agent uses [impersonation](../../clusters/agent/ci_cd_workflow.md#use-impersonation-to-restrict-project-and-group-access)
+The GitLab agent uses [impersonation](../../clusters/agent/ci_cd_workflow.md#restrict-project-and-group-access-by-using-impersonation)
 strategies to deploy to your cluster with restricted account access. To do so:
 
 1. Choose the impersonation strategy that suits your needs.
diff --git a/doc/user/infrastructure/iac/terraform_state.md b/doc/user/infrastructure/iac/terraform_state.md
index e8637abce91..24203e8d922 100644
--- a/doc/user/infrastructure/iac/terraform_state.md
+++ b/doc/user/infrastructure/iac/terraform_state.md
@@ -22,6 +22,16 @@ In GitLab, you can:
 - Lock and unlock states.
 - Remotely execute `terraform plan` and `terraform apply` commands.
 
+WARNING:
+**Disaster recovery planning**
+Terraform state files are encrypted with the lockbox Ruby gem when they are at rest on disk and in object storage.
+[To decrypt a state file, GitLab must be available](https://gitlab.com/gitlab-org/gitlab/-/issues/335739).
+If it is offline, and you use GitLab to deploy infrastructure that GitLab requires (like virtual machines,
+Kubernetes clusters, or network components), you cannot access the state file easily or decrypt it.
+Additionally, if GitLab serves up Terraform modules or other dependencies that are required to bootstrap GitLab,
+these will be inaccessible. To work around this issue, make other arrangements to host or back up these dependencies,
+or consider using a separate GitLab instance with no shared points of failure.
+
 ## Prerequisites
 
 For self-managed GitLab, before you can use GitLab for your Terraform state files:
@@ -151,7 +161,8 @@ You can use a GitLab-managed Terraform state backend as a
      a [Personal Access Token](../../profile/personal_access_tokens.md) for
      authentication, this value is your GitLab username. If you are using GitLab CI/CD, this value is `'gitlab-ci-token'`.
    - **password**: The password to authenticate with the data source. If you are using a Personal Access Token for
-     authentication, this value is the token value. If you are using GitLab CI/CD, this value is the contents of the `${CI_JOB_TOKEN}` CI/CD variable.
+     authentication, this value is the token value (the token must have the **API** scope).
+     If you are using GitLab CI/CD, this value is the contents of the `${CI_JOB_TOKEN}` CI/CD variable.
 
 Outputs from the data source can now be referenced in your Terraform resources
 using `data.terraform_remote_state.example.outputs.<OUTPUT-NAME>`.
diff --git a/doc/user/infrastructure/iac/troubleshooting.md b/doc/user/infrastructure/iac/troubleshooting.md
index 881bcb32aed..5817337223f 100644
--- a/doc/user/infrastructure/iac/troubleshooting.md
+++ b/doc/user/infrastructure/iac/troubleshooting.md
@@ -112,3 +112,12 @@ job that returned the error:
 
 1. Configure the [CI/CD environment scope](../../../ci/variables/#add-a-cicd-variable-to-a-project) for the job.
 1. Set the job's [environment](../../../ci/yaml/#environment), matching the environment scope from the previous step.
+
+### Error refreshing state: HTTP remote state endpoint requires auth
+
+To resolve this, ensure that:
+
+- The access token you use has `api` scope.
+- If you have set the `TF_HTTP_PASSWORD` CI/CD variable, make sure that you either:
+  - Set the same value as `TF_PASSWORD`
+  - Remove `TF_HTTP_PASSWORD` variable if your CI/CD job does not explicitly use it.
diff --git a/doc/user/packages/conan_repository/index.md b/doc/user/packages/conan_repository/index.md
index b3eadc13772..7260dbb616c 100644
--- a/doc/user/packages/conan_repository/index.md
+++ b/doc/user/packages/conan_repository/index.md
@@ -14,6 +14,9 @@ The Conan package registry for GitLab is under development and isn't ready for p
 limited functionality. This [epic](https://gitlab.com/groups/gitlab-org/-/epics/6816) details the remaining
 work and timelines to make it production ready.
 
+NOTE:
+The Conan registry is not FIPS compliant and is disabled when [FIPS mode](../../../development/fips_compliance.md) is enabled.
+
 Publish Conan packages in your project's Package Registry. Then install the
 packages whenever you need to use them as a dependency.
 
@@ -105,7 +108,7 @@ For more details about creating and managing Conan packages, see the
 
 #### Package without a username and a channel
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/345055) in GitLab 14.6.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/345055) in GitLab 14.6.
 
 Even though they are [recommended](https://docs.conan.io/en/latest/reference/conanfile/attributes.html#user-channel)
 to distinguish your package from a similarly named existing package,
diff --git a/doc/user/packages/container_registry/index.md b/doc/user/packages/container_registry/index.md
index ae64c419632..d0c771ecc41 100644
--- a/doc/user/packages/container_registry/index.md
+++ b/doc/user/packages/container_registry/index.md
@@ -208,10 +208,10 @@ should look:
 
 ```yaml
 build:
-  image: docker:19.03.12
+  image: docker:20.10.16
   stage: build
   services:
-    - docker:19.03.12-dind
+    - docker:20.10.16-dind
   script:
     - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
     - docker build -t $CI_REGISTRY/group/project/image:latest .
@@ -222,10 +222,10 @@ You can also make use of [other CI/CD variables](../../../ci/variables/index.md)
 
 ```yaml
 build:
-  image: docker:19.03.12
+  image: docker:20.10.16
   stage: build
   services:
-    - docker:19.03.12-dind
+    - docker:20.10.16-dind
   variables:
     IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
   script:
@@ -248,9 +248,9 @@ when needed. Changes to `main` also get tagged as `latest` and deployed using
 an application-specific deploy script:
 
 ```yaml
-image: docker:19.03.12
+image: docker:20.10.16
 services:
-  - docker:19.03.12-dind
+  - docker:20.10.16-dind
 
 stages:
   - build
@@ -323,9 +323,9 @@ Below is an example of what your `.gitlab-ci.yml` should look like:
 
 ```yaml
 build:
-  image: $CI_REGISTRY/group/project/docker:19.03.12
+  image: $CI_REGISTRY/group/project/docker:20.10.16
   services:
-    - name: $CI_REGISTRY/group/project/docker:19.03.12-dind
+    - name: $CI_REGISTRY/group/project/docker:20.10.16-dind
       alias: docker
   stage: build
   script:
@@ -333,7 +333,7 @@ build:
     - docker run my-docker-image /script/to/run/tests
 ```
 
-If you forget to set the service alias, the `docker:19.03.12` image is unable to find the
+If you forget to set the service alias, the `docker:20.10.16` image is unable to find the
 `dind` service, and an error like the following is thrown:
 
 ```plaintext
@@ -353,7 +353,7 @@ Below is an example of what your `.gitlab-ci.yml` should look like:
 
 ```yaml
 build:
-  image: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/docker:19.03.12
+  image: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/docker:20.10.16
   services:
     - name: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/docker:18.09.7-dind
       alias: docker
@@ -363,7 +363,7 @@ build:
     - docker run my-docker-image /script/to/run/tests
 ```
 
-If you forget to set the service alias, the `docker:19.03.12` image is unable to find the
+If you forget to set the service alias, the `docker:20.10.16` image is unable to find the
 `dind` service, and an error like the following is thrown:
 
 ```plaintext
@@ -438,10 +438,10 @@ stages:
   - clean
 
 build_image:
-  image: docker:19.03.12
+  image: docker:20.10.16
   stage: build
   services:
-    - docker:19.03.12-dind
+    - docker:20.10.16-dind
   variables:
     IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
   script:
@@ -454,10 +454,10 @@ build_image:
     - main
 
 delete_image:
-  image: docker:19.03.12
+  image: docker:20.10.16
   stage: clean
   services:
-    - docker:19.03.12-dind
+    - docker:20.10.16-dind
   variables:
     IMAGE_TAG: $CI_PROJECT_PATH:$CI_COMMIT_REF_SLUG
     REG_SHA256: ade837fc5224acd8c34732bf54a94f579b47851cc6a7fd5899a98386b782e228
@@ -564,7 +564,7 @@ project or branch name. Special characters can include:
 - Trailing hyphen/dash
 
 To get around this, you can [change the group path](../../group/index.md#change-a-groups-path),
-[change the project path](../../project/settings/index.md#renaming-a-repository) or change the branch
+[change the project path](../../project/settings/index.md#rename-a-repository) or change the branch
 name.
 
 You may also get a `404 Not Found` or `Unknown Manifest` message if you are using
diff --git a/doc/user/packages/debian_repository/index.md b/doc/user/packages/debian_repository/index.md
index a8f0672e376..1d846a60281 100644
--- a/doc/user/packages/debian_repository/index.md
+++ b/doc/user/packages/debian_repository/index.md
@@ -15,6 +15,9 @@ The Debian package registry for GitLab is under development and isn't ready for
 limited functionality. This [epic](https://gitlab.com/groups/gitlab-org/-/epics/6057) details the remaining
 work and timelines to make it production ready.
 
+NOTE:
+The Debian registry is not FIPS compliant and is disabled when [FIPS mode](../../../development/fips_compliance.md) is enabled.
+
 Publish Debian packages in your project's Package Registry. Then install the
 packages whenever you need to use them as a dependency.
 
diff --git a/doc/user/packages/dependency_proxy/index.md b/doc/user/packages/dependency_proxy/index.md
index af54d928bec..4770057e4ea 100644
--- a/doc/user/packages/dependency_proxy/index.md
+++ b/doc/user/packages/dependency_proxy/index.md
@@ -152,17 +152,17 @@ FROM gitlab.example.com:443/my-group/dependency_proxy/containers/alpine:latest
 
 ```yaml
 # .gitlab-ci.yml
-image: docker:19.03.12
+image: docker:20.10.16
 
 variables:
   DOCKER_HOST: tcp://docker:2375
   DOCKER_TLS_CERTDIR: ""
 
 services:
-  - docker:19.03.12-dind
+  - docker:20.10.16-dind
 
 build:
-  image: docker:19.03.12
+  image: docker:20.10.16
   before_script:
     - docker login -u $CI_DEPENDENCY_PROXY_USER -p $CI_DEPENDENCY_PROXY_PASSWORD $CI_DEPENDENCY_PROXY_SERVER
   script:
@@ -301,7 +301,7 @@ hub_docker_quota_check:
 
 ### Dependency Proxy Connection Failure
 
-If a service alias is not set the `docker:19.03.12` image is unable to find the
+If a service alias is not set the `docker:20.10.16` image is unable to find the
 `dind` service, and an error like the following is thrown:
 
 ```plaintext
diff --git a/doc/user/packages/generic_packages/index.md b/doc/user/packages/generic_packages/index.md
index 22b792e443f..8d5fc73ad4e 100644
--- a/doc/user/packages/generic_packages/index.md
+++ b/doc/user/packages/generic_packages/index.md
@@ -209,3 +209,25 @@ upload:
 The [Write CI-CD Variables in Pipeline](https://gitlab.com/guided-explorations/cfg-data/write-ci-cd-variables-in-pipeline) project contains a working example you can use to create, upload, and download generic packages in GitLab CI/CD.
 
 It also demonstrates how to manage a semantic version for the generic package: storing it in a CI/CD variable, retrieving it, incrementing it, and writing it back to the CI/CD variable when tests for the download work correctly.
+
+## Troubleshooting
+
+### Internal Server error on large file uploads to S3
+
+S3-compatible object storage [limits the size of a single PUT request to 5GB](https://docs.aws.amazon.com/AmazonS3/latest/userguide/upload-objects.html). If the `aws_signature_version` is set to `2` in the [object storage connection settings](../../../administration/object_storage.md), attempting to publish a package file larger than the 5GB limit can result in a `HTTP 500: Internal Server Error` response. 
+
+If you are receiving `HTTP 500: Internal Server Error` responses when publishing large files to S3, set the `aws_signature_version` to `4`:
+
+```ruby
+# Consolidated Object Storage settings
+gitlab_rails['object_store']['connection'] = {
+  # Other connection settings
+  `aws_signature_version` => '4'
+}
+# OR 
+# Storage-specific form settings
+gitlab_rails['packages_object_store_connection'] = {
+  # Other connection settings
+  `aws_signature_version` => '4'
+}
+```
diff --git a/doc/user/packages/helm_repository/index.md b/doc/user/packages/helm_repository/index.md
index 88ea5afad3c..07e853fa18c 100644
--- a/doc/user/packages/helm_repository/index.md
+++ b/doc/user/packages/helm_repository/index.md
@@ -69,6 +69,11 @@ Once built, a chart can be uploaded to the desired channel with `curl` or `helm
   - `<project_id>`: the project ID (like `42`).
   - `<channel>`: the name of the channel (like `stable`).
 
+### Release channels
+
+You can publish Helm charts to channels in GitLab. Channels are a method you can use to differentiate Helm chart repositories. 
+For example, you can use `stable` and `devel` as channels to allow users to add the `stable` repo while `devel` charts are isolated.
+
 ## Use CI/CD to publish a Helm package
 
 To publish a Helm package automated through [GitLab CI/CD](../../../ci/index.md), you can use
diff --git a/doc/user/packages/infrastructure_registry/index.md b/doc/user/packages/infrastructure_registry/index.md
index 551289a575a..e6a179c9d12 100644
--- a/doc/user/packages/infrastructure_registry/index.md
+++ b/doc/user/packages/infrastructure_registry/index.md
@@ -85,3 +85,19 @@ You can also remove the Infrastructure Registry for a specific project:
 1. Select **Save changes**.
 
 To enable it back, follow the same steps above and toggle it on (in blue).
+
+## How module resolution works
+
+When you upload a new module, GitLab generates a path for the module, for example, `https://gitlab.example.com/parent-group/my-infra-package`.
+
+- This path conforms with [the Terraform spec](https://www.terraform.io/internals/module-registry-protocol).
+- The name of the path must be unique within the namespace.
+
+For projects in subgroups, GitLab checks that the module name does not already exist anywhere in the namespace, including all subgroups and the parent group.
+
+For example, if:
+
+- The project is `gitlab.example.com/parent-group/sub-group/my-project`.
+- The infrastructure package is `my-infra-package`.
+
+The project name must be unique in all projects in all groups under `parent-group`.
diff --git a/doc/user/packages/npm_registry/index.md b/doc/user/packages/npm_registry/index.md
index bdcbea68568..7ea3c1aa0c8 100644
--- a/doc/user/packages/npm_registry/index.md
+++ b/doc/user/packages/npm_registry/index.md
@@ -145,6 +145,9 @@ If you encounter an error with [Yarn](https://classic.yarnpkg.com/en/), view
 
 #### Instance-level npm endpoint
 
+NOTE:
+Note: Using `CI_JOB_TOKEN` to install npm packages with dependencies in another project will give you 404 errors. You can use a [personal access token](../../profile/personal_access_tokens.md) as a workaround. [GitLab-#352962](https://gitlab.com/gitlab-org/gitlab/-/issues/352962) proposes a fix to this bug.
+
 To use the [instance-level](#use-the-gitlab-endpoint-for-npm-packages) npm endpoint, set your npm configuration:
 
 ```shell
@@ -232,6 +235,12 @@ When you use the [instance-level endpoint](#use-the-gitlab-endpoint-for-npm-pack
   example, a package `@MyScope/package-name` in GitLab becomes `@myscope/package-name` for npm.
 - The `package-name` can be whatever you want.
 
+NOTE:
+The value used for the `@scope` is the root of the project that will end up hosting the packages and not the root
+of the project with the source code of the package itself. For example, assume your package source code is located
+at `source-code-group/package-code` and deployed to a package registry inside `registries-group/registry-project`.
+In this case, the `@scope` needs to be `@registries-group` and not `@source-code-group`.
+
 For example, if your project is `https://gitlab.example.com/my-org/engineering-group/team-amazing/analytics`,
 the root namespace is `my-org`. When you publish a package, it must have `my-org` as the scope.
 
diff --git a/doc/user/packages/package_registry/reduce_package_registry_storage.md b/doc/user/packages/package_registry/reduce_package_registry_storage.md
index ed4ef1665bc..4a03bd9e8a0 100644
--- a/doc/user/packages/package_registry/reduce_package_registry_storage.md
+++ b/doc/user/packages/package_registry/reduce_package_registry_storage.md
@@ -50,3 +50,39 @@ To delete package files in the UI, from your group or project:
 1. Expand the ellipsis and select **Delete file**.
 
 The package files are permanently deleted.
+
+## Cleanup policy
+
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/346153) in GitLab 15.2.
+
+Depending on the number of packages to remove, the process of manually deleting the packages can take a long time to finish.
+A cleanup policy defines a set of rules that, applied to a project, defines which package files you can automatically delete.
+
+### Enable the cleanup policy
+
+By default, the packages cleanup policy is disabled. To enable it:
+
+1. Go to your project **Settings > Packages & Registries**.
+1. Expand **Manage storage used by package assets**.
+1. Set the rules appropriately.
+
+NOTE:
+To access these project settings, you must be at least a maintainer on the related project.
+
+### Available rules
+
+- `Number of duplicated assets to keep`. The number of duplicated assets to keep. Some package formats allow you
+  to upload more than one copy of an asset. You can limit the number of duplicated assets to keep and automatically
+  delete the oldest files once the limit is reached.
+
+### Set cleanup limits to conserve resources
+
+A background process executes the package-cleanup policies. This process can take a long time to finish and consumes
+server resources while it is running.
+
+You can use the following setting to limit the number of cleanup workers:
+
+- `package_registry_cleanup_policies_worker_capacity`: the maximum number of cleanup workers running concurrently.
+  This number must be greater than or equal to `0`.
+  We recommend starting with a low number and increasing it after monitoring the resources used by the background workers.
+  To remove all workers and not execute the cleanup policies, set this to `0`. The default value is `2`.
diff --git a/doc/user/packages/pypi_repository/index.md b/doc/user/packages/pypi_repository/index.md
index eee6d55a3ce..b8996dc2963 100644
--- a/doc/user/packages/pypi_repository/index.md
+++ b/doc/user/packages/pypi_repository/index.md
@@ -99,45 +99,54 @@ Hello from MyPyPiPackage
 After you create a project, you can create a package.
 
 1. In your terminal, go to the `MyPyPiPackage` directory.
-1. Create a `setup.py` file:
+1. Create a `pyproject.toml` file:
 
    ```shell
-   touch setup.py
+   touch pyproject.toml
    ```
 
    This file contains all the information about the package. For more information
-   about this file, see [creating setup.py](https://packaging.python.org/tutorials/packaging-projects/#creating-setup-py).
+   about this file, see [creating `pyproject.toml`](https://packaging.python.org/en/latest/tutorials/packaging-projects/#creating-pyproject-toml).
    Because GitLab identifies packages based on
    [Python normalized names (PEP-503)](https://www.python.org/dev/peps/pep-0503/#normalized-names),
    ensure your package name meets these requirements. See the [installation section](#authenticate-with-a-ci-job-token)
    for details.
 
-1. Open the `setup.py` file, and then add basic information:
-
-   ```python
-   import setuptools
-
-   setuptools.setup(
-       name="mypypipackage",
-       version="0.0.1",
-       author="Example Author",
-       author_email="author@example.com",
-       description="A small example package",
-       packages=setuptools.find_packages(),
-       classifiers=[
-           "Programming Language :: Python :: 3",
-           "License :: OSI Approved :: MIT License",
-           "Operating System :: OS Independent",
-       ],
-       python_requires='>=3.6',
-   )
+1. Open the `pyproject.toml` file, and then add basic information:
+
+   ```toml
+   [build-system]
+   requires = ["setuptools>=61.0"]
+   build-backend = "setuptools.build_meta"
+
+   [project]
+   name = "mypypipackage"
+   version = "0.0.1"
+   authors = [
+       { name="Example Author", email="author@example.com" },
+   ]
+   description = "A small example package"
+   requires-python = ">=3.7"
+   classifiers = [
+      "Programming Language :: Python :: 3",
+      "Operating System :: OS Independent",
+   ]
+
+   [tool.setuptools.packages]
+   find = {}
    ```
 
 1. Save the file.
-1. Execute the setup:
+1. Install the package build library:
+
+   ```shell
+   pip install build
+   ```
+
+1. Build the package:
 
    ```shell
-   python3 setup.py sdist bdist_wheel
+   python -m build
    ```
 
 The output should be visible in a newly-created `dist` folder:
@@ -218,8 +227,8 @@ image: python:latest
 
 run:
   script:
-    - pip install twine
-    - python setup.py sdist bdist_wheel
+    - pip install build twine
+    - python -m build
     - TWINE_PASSWORD=${CI_JOB_TOKEN} TWINE_USERNAME=gitlab-ci-token python -m twine upload --repository-url ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/pypi dist/*
 ```
 
diff --git a/doc/user/packages/terraform_module_registry/index.md b/doc/user/packages/terraform_module_registry/index.md
index 42c85ae9d41..2668b8b35ac 100644
--- a/doc/user/packages/terraform_module_registry/index.md
+++ b/doc/user/packages/terraform_module_registry/index.md
@@ -108,7 +108,7 @@ Where `<namespace>` is the [namespace](../../../user/group/index.md#namespaces)
 To work with Terraform modules in [GitLab CI/CD](../../../ci/index.md), you can use
 `CI_JOB_TOKEN` in place of the personal access token in your commands.
 
-For example:
+For example, this job uploads a new module for the `local` [system provider](https://registry.terraform.io/browse/providers) and uses the module version from the Git commit tag:
 
 ```yaml
 stages:
@@ -121,15 +121,18 @@ upload:
     TERRAFORM_MODULE_DIR: ${CI_PROJECT_DIR} # The path to your Terraform module
     TERRAFORM_MODULE_NAME: ${CI_PROJECT_NAME} # The name of your Terraform module
     TERRAFORM_MODULE_SYSTEM: local # The system or provider your Terraform module targets (ex. local, aws, google)
-    TERRAFORM_MODULE_VERSION: ${CI_COMMIT_TAG} # The version of your Terraform module to be published to your project's registry
+    TERRAFORM_MODULE_VERSION: ${CI_COMMIT_TAG} # Tag commits with SemVer for the version of your Terraform module to be published
   script:
-    - tar -cvzf ${TERRAFORM_MODULE_NAME}-${TERRAFORM_MODULE_SYSTEM}-${TERRAFORM_MODULE_VERSION}.tgz -C ${TERRAFORM_MODULE_DIR} --exclude=./.git .
-    - 'curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file ${TERRAFORM_MODULE_NAME}-${TERRAFORM_MODULE_SYSTEM}-${TERRAFORM_MODULE_VERSION}.tgz ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/terraform/modules/${TERRAFORM_MODULE_NAME}/${TERRAFORM_MODULE_SYSTEM}/${TERRAFORM_MODULE_VERSION}/file'
+    - TERRAFORM_MODULE_NAME=$(echo "${TERRAFORM_MODULE_NAME}" | tr " _" -) # module-name must not have spaces or underscores, so translate them to hyphens
+    - tar -vczf ${TERRAFORM_MODULE_NAME}-${TERRAFORM_MODULE_SYSTEM}-${TERRAFORM_MODULE_VERSION}.tgz -C ${TERRAFORM_MODULE_DIR} --exclude=./.git .
+    - 'curl --location --header "JOB-TOKEN: ${CI_JOB_TOKEN}" 
+         --upload-file ${TERRAFORM_MODULE_NAME}-${TERRAFORM_MODULE_SYSTEM}-${TERRAFORM_MODULE_VERSION}.tgz
+         ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/terraform/modules/${TERRAFORM_MODULE_NAME}/${TERRAFORM_MODULE_SYSTEM}/${TERRAFORM_MODULE_VERSION}/file'
   rules:
     - if: $CI_COMMIT_TAG
 ```
 
-To trigger this upload job, add a Git tag to your commit. The `rules:if: $CI_COMMIT_TAG` defines this so that not every commit to your repo triggers the upload.
+To trigger this upload job, add a Git tag to your commit. Ensure the tag follows the [Semantic Versioning Specification](https://semver.org/) that Terraform requires. The `rules:if: $CI_COMMIT_TAG` ensures that only tagged commits to your repo trigger the module upload job.
 For other ways to control jobs in your CI/CD pipeline, refer to the [`.gitlab-ci.yml`](../../../ci/yaml/index.md) keyword reference.
 
 ## Example projects
diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 801c107e371..b01bfbef3aa 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -63,13 +63,12 @@ The following table lists project permissions available for each role:
 | [Analytics](analytics/index.md):<br>View [CI/CD analytics](analytics/ci_cd_analytics.md)                                                                                             |          | ✓        | ✓         | ✓          | ✓        |
 | [Analytics](analytics/index.md):<br>View [code review analytics](analytics/code_review_analytics.md)                                                                                 |          | ✓        | ✓         | ✓          | ✓        |
 | [Analytics](analytics/index.md):<br>View [repository analytics](analytics/repository_analytics.md)                                                                                   |          | ✓        | ✓         | ✓          | ✓        |
-| [Application security](application_security/index.md):<br>View licenses in [dependency list](application_security/dependency_list/index.md)                                          | ✓ (*1*)  | ✓        | ✓         | ✓          | ✓        |
+| [Application security](application_security/index.md):<br>View licenses in [dependency list](application_security/dependency_list/index.md)                                          |          |          | ✓         | ✓          | ✓        |
 | [Application security](application_security/index.md):<br>Create and run [on-demand DAST scans](application_security/dast/index.md#on-demand-scans)                                  |          |          | ✓         | ✓          | ✓        |
 | [Application security](application_security/index.md):<br>Manage [security policy](application_security/policies/index.md)                                                           |          |          | ✓         | ✓          | ✓        |
 | [Application security](application_security/index.md):<br>View [dependency list](application_security/dependency_list/index.md)                                                      |          |          | ✓         | ✓          | ✓        |
 | [Application security](application_security/index.md):<br>Create a [CVE ID Request](application_security/cve_id_request.md)                                                          |          |          |           | ✓          | ✓        |
 | [Application security](application_security/index.md):<br>Create or assign [security policy project](application_security/policies/index.md)                                         |          |          |           |            | ✓        |
-| [Clusters](infrastructure/clusters/index.md):<br>View [pod logs](project/clusters/kubernetes_pod_logs.md)                                                                            |          |          | ✓         | ✓          | ✓        |
 | [Clusters](infrastructure/clusters/index.md):<br>View clusters                                                                                                                       |          |          | ✓         | ✓          | ✓        |
 | [Clusters](infrastructure/clusters/index.md):<br>Manage clusters                                                                                                                     |          |          |           | ✓          | ✓        |
 | [Container Registry](packages/container_registry/index.md):<br>Create, edit, delete [cleanup policies](packages/container_registry/index.md#delete-images-by-using-a-cleanup-policy) |          |          |          | ✓          | ✓        |
@@ -265,7 +264,7 @@ More details about the permissions for some project-level features follow.
 | View pipeline details page                                                                                                | ✓ (*1*)    | ✓ (*2*) | ✓        | ✓         | ✓          | ✓     |
 | View pipelines page                                                                                                       | ✓ (*1*)    | ✓ (*2*) | ✓        | ✓         | ✓          | ✓     |
 | View pipelines tab in MR                                                                                                  | ✓ (*3*)    | ✓ (*3*) | ✓        | ✓         | ✓          | ✓     |
-| [View vulnerabilities in a pipeline](application_security/security_dashboard/index.md#view-vulnerabilities-in-a-pipeline) |            | ✓ (*2*) | ✓        | ✓         | ✓          | ✓     |
+| [View vulnerabilities in a pipeline](application_security/vulnerability_report/pipeline.md#view-vulnerabilities-in-a-pipeline) |            | ✓ (*2*) | ✓        | ✓         | ✓          | ✓     |
 | View and download project-level [Secure Files](../api/secure_files.md)                                                    |            |         |          | ✓         | ✓          | ✓     |
 | Cancel and retry jobs                                                                                                     |            |         |          | ✓         | ✓          | ✓     |
 | Create new [environments](../ci/environments/index.md)                                                                    |            |         |          | ✓         | ✓          | ✓     |
@@ -432,6 +431,7 @@ The following table lists group permissions available for each role:
 | View group [Usage Quotas](usage_quotas.md) page                                         |       |          |           |            | ✓ (4) |
 | Manage group runners                                                                    |       |          |           |            | ✓     |
 | [Migrate groups](group/import/index.md)                                                 |       |          |           |            | ✓     |
+| Manage [subscriptions, and purchase CI/CD minutes and storage](../subscriptions/gitlab_com/index.md)         |       |          |           |            | ✓     |
 
 <!-- markdownlint-disable MD029 -->
 
diff --git a/doc/user/profile/account/create_accounts.md b/doc/user/profile/account/create_accounts.md
index 7e1074aa50f..694ed02a694 100644
--- a/doc/user/profile/account/create_accounts.md
+++ b/doc/user/profile/account/create_accounts.md
@@ -9,32 +9,35 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 You can create users:
 
-- Manually through the sign in page or Administrator Area.
-- Automatically through user authentication integrations.
+- [Manually through the sign-in page](#create-users-on-sign-in-page).
+- [Manually in the Admin Area](#create-users-in-admin-area).
+- [Manually using the API](../../../api/users.md).
+- [Automatically through user authentication integrations](#create-users-through-authentication-integrations).
 
-## Create users on sign in page
+## Create users on sign-in page
 
-If you have [sign-up enabled](../../admin_area/settings/sign_up_restrictions.md), users can create
-their own accounts by either:
+Prerequisites:
 
-- Selecting the **Register now** link on the sign-in page.
-- Navigating to `https://gitlab.example.com/users/sign_up`.
+- [Sign-up enabled](../../admin_area/settings/sign_up_restrictions.md)
+
+Users can create their own accounts by either:
 
-![Register Tab](img/register_v13_6.png)
+- Selecting the **Register now** link on the sign-in page.
+- Navigating to your GitLab instance's sign-up link. For example: `https://gitlab.example.com/users/sign_up`.
 
 ## Create users in Admin Area
 
-As an Administrator user, you can manually create users:
+Prerequisites:
+
+- You must have administrator access for the instance.
+
+To create a user manually:
 
 1. On the top bar, select **Menu > Admin**.
 1. On the left sidebar, select **Overview > Users** (`/admin/users`).
 1. Select **New user**.
-
-You can also [create users through the API](../../../api/users.md) as an administrator.
-
-![Administrator User Button](img/admin_user_button.png)
-
-![Administrator User Form](img/admin_user_form.png)
+1. Complete the fields.
+1. Select **Create user**.
 
 ## Create users through authentication integrations
 
diff --git a/doc/user/profile/account/img/admin_user_button.png b/doc/user/profile/account/img/admin_user_button.png
deleted file mode 100644
index 506e16bb8ca..00000000000
--- a/doc/user/profile/account/img/admin_user_button.png
+++ /dev/null
diff --git a/doc/user/profile/account/img/admin_user_form.png b/doc/user/profile/account/img/admin_user_form.png
deleted file mode 100644
index aebc31ee3ff..00000000000
--- a/doc/user/profile/account/img/admin_user_form.png
+++ /dev/null
diff --git a/doc/user/profile/account/img/register_v13_6.png b/doc/user/profile/account/img/register_v13_6.png
deleted file mode 100644
index ce4adc0f55b..00000000000
--- a/doc/user/profile/account/img/register_v13_6.png
+++ /dev/null
diff --git a/doc/user/profile/account/two_factor_authentication.md b/doc/user/profile/account/two_factor_authentication.md
index 2dbeaae2267..4563cfe5648 100644
--- a/doc/user/profile/account/two_factor_authentication.md
+++ b/doc/user/profile/account/two_factor_authentication.md
@@ -59,11 +59,12 @@ To enable 2FA with a one-time password:
    1. Select **Enable Two-factor Authentication**.
 1. **On your device (usually your phone):**
    1. Install a compatible application. For example:
+      - [Aegis](https://getaegis.app/)
+      - [Raivo OTP](https://apps.apple.com/us/app/raivo-otp/id1459042137#platform=iphone)
       - [Authy](https://authy.com/)
       - [Duo Mobile](https://duo.com/product/multi-factor-authentication-mfa/duo-mobile-app)
       - [LastPass Authenticator](https://lastpass.com/auth/)
       - [Authenticator](https://mattrubin.me/authenticator/)
-      - [andOTP](https://github.com/andOTP/andOTP)
       - [Google Authenticator](https://support.google.com/accounts/answer/1066447?hl=en)
       - [Microsoft Authenticator](https://www.microsoft.com/en-us/security/mobile-authenticator-app)
       - [SailOTP](https://openrepos.net/content/seiichiro0185/sailotp)
diff --git a/doc/user/profile/index.md b/doc/user/profile/index.md
index 07f21da3099..bf696310158 100644
--- a/doc/user/profile/index.md
+++ b/doc/user/profile/index.md
@@ -130,7 +130,7 @@ GitLab displays the contents of your README below your contribution graph.
 ### From an existing project
 
 To add the README from an existing project to your profile,
-[update the path](../project/settings/index.md#renaming-a-repository) of the project
+[update the path](../project/settings/index.md#rename-a-repository) of the project
 to match your username.
 
 ## Add external accounts to your user profile page
diff --git a/doc/user/profile/personal_access_tokens.md b/doc/user/profile/personal_access_tokens.md
index af84b746280..427c412219a 100644
--- a/doc/user/profile/personal_access_tokens.md
+++ b/doc/user/profile/personal_access_tokens.md
@@ -145,7 +145,7 @@ To create a personal access token programmatically:
    ```
 
 This code can be shortened into a single-line shell command by using the
-[Rails runner](../../administration/troubleshooting/debug.md#using-the-rails-runner):
+[Rails runner](../../administration/operations/rails_console.md#using-the-rails-runner):
 
 ```shell
 sudo gitlab-rails runner "token = User.find_by_username('automation-bot').personal_access_tokens.create(scopes: [:read_user, :read_repository], name: 'Automation token'); token.set_token('token-string-here123'); token.save!"
@@ -177,7 +177,7 @@ To revoke a token programmatically:
    ```
 
 This code can be shortened into a single-line shell command using the
-[Rails runner](../../administration/troubleshooting/debug.md#using-the-rails-runner):
+[Rails runner](../../administration/operations/rails_console.md#using-the-rails-runner):
 
 ```shell
 sudo gitlab-rails runner "PersonalAccessToken.find_by_token('token-string-here123').revoke!"
diff --git a/doc/user/project/clusters/img/kubernetes_pod_logs_v12_10.png b/doc/user/project/clusters/img/kubernetes_pod_logs_v12_10.png
deleted file mode 100644
index abac22e3f1f..00000000000
--- a/doc/user/project/clusters/img/kubernetes_pod_logs_v12_10.png
+++ /dev/null
diff --git a/doc/user/project/clusters/img/pod_logs_deploy_board.png b/doc/user/project/clusters/img/pod_logs_deploy_board.png
deleted file mode 100644
index 7f83382968b..00000000000
--- a/doc/user/project/clusters/img/pod_logs_deploy_board.png
+++ /dev/null
diff --git a/doc/user/project/clusters/kubernetes_pod_logs.md b/doc/user/project/clusters/kubernetes_pod_logs.md
index 58006c29057..bd87ab1024d 100644
--- a/doc/user/project/clusters/kubernetes_pod_logs.md
+++ b/doc/user/project/clusters/kubernetes_pod_logs.md
@@ -2,120 +2,11 @@
 stage: Monitor
 group: Respond
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+remove_date: '2022-18-10'
+redirect_to: '../../clusters/agent/index.md'
 ---
 
-# Kubernetes Logs (DEPRECATED) **(FREE SELF)**
+# Kubernetes Logs (removed) **(FREE SELF)**
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/4752) in GitLab 11.0.
-> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/26383) from GitLab Ultimate to GitLab Free 12.9.
-> - [Deprecated](https://gitlab.com/groups/gitlab-org/configure/-/epics/8) in GitLab 14.5.
-> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/360182) behind a [feature flag](../../../administration/feature_flags.md) named `monitor_logging` in GitLab 15.0. Disabled by default.
-> - [Disabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/353410) in GitLab 15.0.
-
-WARNING:
-This feature is in its end-of-life process.
-This feature was [deprecated](https://gitlab.com/groups/gitlab-org/configure/-/epics/8) in GitLab 14.5.
-It will be [removed completely](https://gitlab.com/gitlab-org/gitlab/-/issues/346485) in GitLab 15.2.
-
-FLAG:
-On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to [enable the feature flag](../../../administration/feature_flags.md) named `monitor_logging` and the one named `certificate_based_clusters`.
-On GitLab.com, this feature is not available.
-This feature is not recommended for production use.
-
-GitLab makes it easy to view the logs of running pods in
-[connected Kubernetes clusters](index.md). By displaying the logs directly in GitLab
-in the **Log Explorer**, developers can avoid managing console tools or jumping
-to a different interface. The **Log Explorer** interface provides a set of filters
-above the log file data, depending on your configuration:
-
-![Pod logs](img/kubernetes_pod_logs_v12_10.png)
-
-- **Namespace** - Select the environment to display. Users with Maintainer or
-  greater [permissions](../../permissions.md) can also see pods in the
-  `gitlab-managed-apps` namespace.
-- **Search** - Only available if the [Elastic Stack integration](../../clusters/integrations.md#elastic-stack-cluster-integration) is enabled.
-- **Select time range** - Select the range of time to display.
-  Only available if the [Elastic Stack integration](../../clusters/integrations.md#elastic-stack-cluster-integration) is enabled.
-- **Scroll to bottom** **{scroll_down}** - Scroll to the end of the displayed logs.
-- **Refresh** **{retry}** - Reload the displayed logs.
-
-<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
-To learn more about the Log Explorer, see [APM - Log Explorer](https://www.youtube.com/watch?v=hWclZHA7Dgw).
-
-[Learn more about Kubernetes + GitLab](https://about.gitlab.com/solutions/kubernetes/).
-Everything you need to build, test, deploy, and run your application at scale.
-
-## Requirements
-
-[Deploying to a Kubernetes environment](../deploy_boards.md#enabling-deploy-boards)
-is required to use Logs.
-
-## Accessing the log explorer
-
-To access the **Log explorer**, select the **More actions** **{ellipsis_v}** menu on
-a [metrics dashboard](../../../operations/metrics/index.md) and select **View logs**, or:
-
-1. Sign in as a user with the _View pod logs_
-   [permissions](../../permissions.md#project-members-permissions) in the project.
-1. To navigate to the **Log Explorer** from the sidebar menu, go to **Monitor > Logs**
-   ([Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/22011) in GitLab 12.5.).
-1. To navigate to the **Log Explorer** from a specific pod on a [deploy board](../deploy_boards.md):
-
-   1. Go to **Deployments > Environments** and find the environment
-      which contains the desired pod, like `production`.
-   1. On the **Environments** page, you should see the status of the environment's
-      pods with [deploy boards](../deploy_boards.md).
-   1. When mousing over the list of pods, GitLab displays a tooltip with the exact pod name
-      and status.
-      ![deploy boards pod list](img/pod_logs_deploy_board.png)
-   1. Select the desired pod to display the **Log Explorer**.
-
-### Logs view
-
-The **Log Explorer** lets you filter the logs by:
-
-- Pods.
-- [From GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/-/issues/5769), environments.
-- [From GitLab 12.7](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/21656),
-  [full text search](#full-text-search).
-- [From GitLab 12.8](https://gitlab.com/gitlab-org/gitlab/-/issues/197879), dates.
-- [From GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/issues/208790), managed apps.
-
-Loading more than 500 log lines is possible from
-[GitLab 12.9](https://gitlab.com/gitlab-org/gitlab/-/issues/198050) onward.
-
-Support for pods with multiple containers is coming
-[in a future release](https://gitlab.com/gitlab-org/gitlab/-/issues/13404).
-
-Support for historical data is coming
-[in a future release](https://gitlab.com/gitlab-org/gitlab/-/issues/196191).
-
-### Filter by date
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/197879) in GitLab 12.8.
-
-When you enable [Elastic Stack](../../clusters/integrations.md#elastic-stack-cluster-integration)
-on your cluster, you can filter logs displayed in the **Log Explorer** by date.
-
-Select **Show last** in the **Log Explorer** to see the available options.
-
-### Full text search
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/21656) in GitLab 12.7.
-
-When you enable [Elastic Stack](../../clusters/integrations.md#elastic-stack-cluster-integration) on your cluster,
-you can search the content of your logs through a search bar. The search is passed
-to Elasticsearch using the
-[simple_query_string](https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-simple-query-string-query.html)
-Elasticsearch function, which supports the following operators:
-
-| Operator                   | Description                                                 |
-|----------------------------|-------------------------------------------------------------|
-|  `\|`                      | An `OR` operation.                                          |
-| `-`                        | Negates a single token.                                     |
-| `+`                        | An `AND` operation.                                         |
-| `"`                        | Wraps a number of tokens to signify a phrase for searching. |
-| `*` (at the end of a term) | A prefix query.                                             |
-| `(` and `)`                | Precedence.                                                 |
-| `~N` (after a word)        | Edit distance (fuzziness).                                  |
-| `~N` (after a phrase)      | Slop amount.                                                |
+This feature was [deprecated](https://gitlab.com/groups/gitlab-org/configure/-/epics/8) in GitLab 14.5
+and [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/360193) in GitLab 15.2.
diff --git a/doc/user/project/code_owners.md b/doc/user/project/code_owners.md
index 197a995952a..adea5dad7b8 100644
--- a/doc/user/project/code_owners.md
+++ b/doc/user/project/code_owners.md
@@ -85,6 +85,12 @@ Inviting **Subgroup Y** to a parent group of **Project A**
 [is not supported](https://gitlab.com/gitlab-org/gitlab/-/issues/288851). To set **Subgroup Y** as
 Code Owners, add this group directly to the project itself.
 
+NOTE:
+For approval to be required, groups as Code Owners must have a direct membership
+(not inherited membership) in the project. Approval can only be optional for groups
+that inherit membership. Members in the Code Owners group also must be direct members,
+and not inherit membership from any parent groups.
+
 ### Add a group as a Code Owner
 
 To set a group as a Code Owner:
diff --git a/doc/user/project/deploy_keys/index.md b/doc/user/project/deploy_keys/index.md
index 8f1da4b278a..c64afd95d8d 100644
--- a/doc/user/project/deploy_keys/index.md
+++ b/doc/user/project/deploy_keys/index.md
@@ -82,7 +82,7 @@ Prerequisites:
 A project deploy key is enabled when it is created. You can modify only a project deploy key's
 name and permissions.
 
-## Create a public deploy key
+## Create a public deploy key **(FREE SELF)**
 
 Prerequisites:
 
diff --git a/doc/user/project/highlighting.md b/doc/user/project/highlighting.md
index 37ec7c8e8d3..1d62cd00b31 100644
--- a/doc/user/project/highlighting.md
+++ b/doc/user/project/highlighting.md
@@ -7,7 +7,7 @@ type: reference
 
 # Syntax Highlighting **(FREE)**
 
-GitLab provides syntax highlighting on all files through the
+GitLab provides syntax highlighting on all files through [Highlight.js](https://github.com/highlightjs/highlight.js/) and the
 [Rouge](https://rubygems.org/gems/rouge) Ruby gem. It attempts to guess what language
 to use based on the file extension, which most of the time is sufficient.
 
diff --git a/doc/user/project/img/labels_drag_priority_v12_1.gif b/doc/user/project/img/labels_drag_priority_v12_1.gif
deleted file mode 100644
index a568490da5f..00000000000
--- a/doc/user/project/img/labels_drag_priority_v12_1.gif
+++ /dev/null
diff --git a/doc/user/project/img/time_tracking_report_v15_1.png b/doc/user/project/img/time_tracking_report_v15_1.png
index a9ddefebb2f..4eeccf8a684 100644
--- a/doc/user/project/img/time_tracking_report_v15_1.png
+++ b/doc/user/project/img/time_tracking_report_v15_1.png
diff --git a/doc/user/project/import/bitbucket.md b/doc/user/project/import/bitbucket.md
index b2425686024..dff5a602e8a 100644
--- a/doc/user/project/import/bitbucket.md
+++ b/doc/user/project/import/bitbucket.md
@@ -58,7 +58,7 @@ For user contributions to be mapped, each user must complete the following befor
    If they don't match, modify the public name in the Atlassian account settings to match the
    username in the Bitbucket account settings.
 
-1. Connect your Bitbucket account in [GitLab profile social sign-in](https://gitlab.com/-/profile/account).
+1. Connect your Bitbucket account in [GitLab profile service sign-in](https://gitlab.com/-/profile/account).
 
 1. [Set your public email](../../profile/index.md#set-your-public-email).
 
@@ -97,16 +97,16 @@ If you've accidentally started the import process with the wrong account, follow
 the username in the Bitbucket account settings must match the public name in the Atlassian account
 settings. If these names match but user mapping still fails, the user may have modified their
 Bitbucket username after connecting their Bitbucket account in the
-[GitLab profile social sign-in](https://gitlab.com/-/profile/account).
+[GitLab profile service sign-in](https://gitlab.com/-/profile/account).
 
 To fix this, the user must verify that their Bitbucket external UID in the GitLab database matches their
 current Bitbucket public name, and reconnect if there's a mismatch:
 
-1. [Use the API to get the currently authenticated user](../../../api/users.md#list-current-user-for-normal-users).
+1. [Use the API to get the currently authenticated user](../../../api/users.md#for-normal-users-1).
 
 1. In the API's response, the `identities` attribute contains the Bitbucket account that exists in
    the GitLab database. If the `extern_uid` doesn't match the current Bitbucket public name, the
-   user should reconnect their Bitbucket account in the [GitLab profile social sign-in](https://gitlab.com/-/profile/account).
+   user should reconnect their Bitbucket account in the [GitLab profile service sign-in](https://gitlab.com/-/profile/account).
 
 1. Following reconnection, the user should use the API again to verify that their `extern_uid` in
    the GitLab database now matches their current Bitbucket public name.
diff --git a/doc/user/project/index.md b/doc/user/project/index.md
index 60a4ca5c0ea..e4ae0c4b29b 100644
--- a/doc/user/project/index.md
+++ b/doc/user/project/index.md
@@ -150,7 +150,7 @@ There are numerous [APIs](../../api/index.md) to use with your projects:
 - [Traffic](../../api/project_statistics.md)
 - [Variables](../../api/project_level_variables.md)
 - [Aliases](../../api/project_aliases.md)
-- [DORA4 Analytics](../../api/dora4_project_analytics.md)
+- [DORA4 Analytics](../../api/dora/metrics.md)
 
 ## DORA4 analytics overview
 
@@ -158,4 +158,4 @@ Project details include the following analytics:
 
 - Deployment Frequency
 
-For more information, see [DORA4 Project Analytics API](../../api/dora4_project_analytics.md).
+For more information, see [DORA4 Project Analytics API](../../api/dora/metrics.md).
diff --git a/doc/user/project/integrations/bamboo.md b/doc/user/project/integrations/bamboo.md
index 22e6d45dd96..75f099268cb 100644
--- a/doc/user/project/integrations/bamboo.md
+++ b/doc/user/project/integrations/bamboo.md
@@ -9,11 +9,6 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 You can automatically trigger builds in Atlassian Bamboo when you push changes
 to your project in GitLab.
 
-When this integration is configured, merge requests also display the following information:
-
-- A CI/CD status that shows if the build is pending, failed, or has completed successfully.
-- A link to the Bamboo build page for more information.
-
 Bamboo doesn't provide the same features as a traditional build system when
 accepting webhooks and commit data. You must configure a Bamboo
 build plan before you configure the integration in GitLab.
@@ -66,6 +61,65 @@ for example `PROJ-PLAN`.
 The build key is included in the browser URL when you view a plan in
 Bamboo. For example, `https://bamboo.example.com/browse/PROJ-PLAN`.
 
+## Update Bamboo build status in GitLab
+
+You can use a script that uses the [commit status API](../../../api/commits.md#post-the-build-status-to-a-commit)
+and Bamboo build variables to:
+
+- Update the commit with the build status.
+- Add the Bamboo build plan URL as the commit's `target_url`.
+
+For example:
+
+1. Create an [access token](../../../api/index.md#personalprojectgroup-access-tokens) in GitLab with `:api` permissions.
+1. Save the token as a `$GITLAB_TOKEN` variable in Bamboo.
+1. Add the following script as a final task to the Bamboo plan's jobs:
+
+   ```shell
+   #!/bin/bash
+
+   # Script to update CI status on GitLab.
+   # Add this script as final inline script task in a Bamboo job.
+   #
+   # General documentation: https://docs.gitlab.com/ee/user/project/integrations/bamboo.html
+   # Fix inspired from https://gitlab.com/gitlab-org/gitlab/-/issues/34744
+
+   # Stop at first error
+   set -e
+
+   # Access token. Set this as a CI variable in Bamboo.
+   #GITLAB_TOKEN=
+
+   # Status
+   cistatus="failed"
+   if [ "${bamboo_buildFailed}" = "false" ]; then
+     cistatus="success"
+   fi
+
+   repo_url="${bamboo_planRepository_repositoryUrl}"
+
+   # Check if we use SSH or HTTPS
+   protocol=${repo_url::4}
+   if [ "$protocol" == "git@" ]; then
+     repo=${repo_url:${#protocol}};
+     gitlab_url=${repo%%:*};
+   else
+     protocol="https://"
+     repo=${repo_url:${#protocol}};
+     gitlab_url=${repo%%/*};
+   fi
+
+   start=$((${#gitlab_url} + 1)) # +1 for the / (https) or : (ssh)
+   end=$((${#repo} - $start -4)) # -4 for the .git
+   repo=${repo:$start:$end}
+   repo=$(echo "$repo" | sed "s/\//%2F/g")
+
+   # Send request
+   url="https://${gitlab_url}/api/v4/projects/${repo}/statuses/${bamboo_planRepository_revision}?state=${cistatus}&target_url=${bamboo_buildResultsUrl}"
+   echo "Sending request to $url"
+   curl --fail --request POST --header "PRIVATE-TOKEN: $GITLAB_TOKEN" "$url"
+   ```
+
 ## Troubleshooting
 
 ### Builds not triggered
diff --git a/doc/user/project/integrations/mock_ci.md b/doc/user/project/integrations/mock_ci.md
index 631c53dcc44..5cde17dbd83 100644
--- a/doc/user/project/integrations/mock_ci.md
+++ b/doc/user/project/integrations/mock_ci.md
@@ -6,7 +6,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # Mock CI Service **(FREE)**
 
-**NB: This service is only listed if you are in a development environment!**
+NOTE:
+This service is only listed if you are in a [development environment](https://gitlab.com/gitlab-org/gitlab-mock-ci-service#setup-mockci-integration)!
 
 To set up the mock CI service server, respond to the following endpoints
 
diff --git a/doc/user/project/integrations/webhook_events.md b/doc/user/project/integrations/webhook_events.md
index ed62a34f6a3..32e5f949c15 100644
--- a/doc/user/project/integrations/webhook_events.md
+++ b/doc/user/project/integrations/webhook_events.md
@@ -824,6 +824,11 @@ The available values for `object_attributes.action` in the payload are:
 - `unapproval`
 - `merge`
 
+The field `object_attributes.oldrev` is only available when there are actual code changes, like:
+
+- New code is pushed.
+- A [suggestion](../merge_requests/reviews/suggestions.md) is applied.
+
 Request header:
 
 ```plaintext
@@ -868,6 +873,7 @@ Payload example:
   },
   "object_attributes": {
     "id": 99,
+    "iid": 1,
     "target_branch": "master",
     "source_branch": "ms-viewport",
     "source_project_id": 14,
@@ -879,10 +885,12 @@ Payload example:
     "milestone_id": null,
     "state": "opened",
     "blocking_discussions_resolved": true,
+    "work_in_progress": false,
+    "first_contribution": true,
     "merge_status": "unchecked",
     "target_project_id": 14,
-    "iid": 1,
     "description": "",
+    "url": "http://example.com/diaspora/merge_requests/1",
     "source": {
       "name":"Awesome Project",
       "description":"Aut reprehenderit ut est.",
@@ -925,8 +933,18 @@ Payload example:
         "email": "gitlabdev@dv6700.(none)"
       }
     },
-    "work_in_progress": false,
-    "url": "http://example.com/diaspora/merge_requests/1",
+    "labels": [{
+      "id": 206,
+      "title": "API",
+      "color": "#ffffff",
+      "project_id": 14,
+      "created_at": "2013-12-03T17:15:43Z",
+      "updated_at": "2013-12-03T17:15:43Z",
+      "template": false,
+      "description": "API related issues",
+      "type": "ProjectLabel",
+      "group_id": 41
+    }],
     "action": "open",
     "assignee": {
       "name": "User1",
@@ -985,6 +1003,9 @@ Payload example:
 }
 ```
 
+NOTE:
+The fields `assignee_id`, and `state` are deprecated.
+
 ## Wiki page events
 
 Wiki page events are triggered when a wiki page is created, updated, or deleted.
@@ -1147,6 +1168,9 @@ Payload example:
          "created_at": "2016-08-12 15:23:28 UTC",
          "started_at": null,
          "finished_at": null,
+         "duration": null,
+         "queued_duration": null,
+         "failure_reason": null,
          "when": "manual",
          "manual": true,
          "allow_failure": false,
@@ -1175,7 +1199,10 @@ Payload example:
          "status": "success",
          "created_at": "2016-08-12 15:23:28 UTC",
          "started_at": "2016-08-12 15:26:12 UTC",
-         "finished_at": null,
+         "finished_at": "2016-08-12 15:26:29 UTC",
+         "duration": 17.0,
+         "queued_duration": 196.0,
+         "failure_reason": null,
          "when": "on_success",
          "manual": false,
          "allow_failure": false,
@@ -1208,10 +1235,13 @@ Payload example:
          "id": 378,
          "stage": "test",
          "name": "test-build",
-         "status": "success",
+         "status": "failed",
          "created_at": "2016-08-12 15:23:28 UTC",
          "started_at": "2016-08-12 15:26:12 UTC",
          "finished_at": "2016-08-12 15:26:29 UTC",
+         "duration": 17.0,
+         "queued_duration": 196.0,
+         "failure_reason": "script_failure",
          "when": "on_success",
          "manual": false,
          "allow_failure": false,
@@ -1247,6 +1277,9 @@ Payload example:
          "created_at": "2016-08-12 15:23:28 UTC",
          "started_at": "2016-08-12 15:24:56 UTC",
          "finished_at": "2016-08-12 15:25:26 UTC",
+         "duration": 17.0,
+         "queued_duration": 196.0,
+         "failure_reason": null,
          "when": "on_success",
          "manual": false,
          "allow_failure": false,
@@ -1282,6 +1315,9 @@ Payload example:
          "created_at": "2016-08-12 15:23:28 UTC",
          "started_at": null,
          "finished_at": null,
+         "duration": null,
+         "queued_duration": null,
+         "failure_reason": null,
          "when": "on_success",
          "manual": false,
          "allow_failure": false,
diff --git a/doc/user/project/issues/csv_import.md b/doc/user/project/issues/csv_import.md
index 2fe3d78194c..1ae57c9a883 100644
--- a/doc/user/project/issues/csv_import.md
+++ b/doc/user/project/issues/csv_import.md
@@ -6,9 +6,20 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # Importing issues from CSV **(FREE)**
 
-Issues can be imported to a project by uploading a CSV file with the columns
-`title` and `description`. Other columns are **not** imported. If you want to
-retain columns such as labels and milestones, consider the [Move Issue feature](managing_issues.md#move-an-issue).
+You can import issues to a project by uploading a CSV file with the following columns:
+
+| Name          | Required?              | Description                                      |
+|:--------------|:-----------------------|:-------------------------------------------------|
+| `title`       | **{check-circle}** Yes | Issue title.                                     |
+| `description` | **{check-circle}** Yes | Issue description.                               |
+| `due_date`    | **{dotted-circle}** No | Issue due date in `YYYY-MM-DD` format. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91317) in GitLab 15.2. |
+
+Data in other columns is not imported.
+
+You can use the `description` field to embed [quick actions](../quick_actions.md) to add other data to the issue.
+For example, labels, assignees, and milestones.
+
+Alternatively, you can [move an issue](managing_issues.md#move-an-issue). Moving issues preserves more data.
 
 The user uploading the CSV file is set as the author of the imported issues.
 
@@ -44,16 +55,22 @@ To import issues, GitLab requires CSV files have a specific format:
 | double-quote character | The double-quote (`"`) character is used to quote fields, enabling the use of the column separator in a field (see the third line in the sample CSV data below). To insert a double-quote (`"`) in a quoted field use two double-quote characters in succession (`""`). |
 | data rows              | After the header row, following rows must use the same column order. The issue title is required, but the description is optional. |
 
-If you have special characters in a field, (such as `\n` or `,`), surround the
-characters with double quotes (`"`).
+If you have special characters (for example, `,` or `\n`) or multiple lines in a field (for example,
+when using [quick actions](../quick_actions.md)), surround the characters with double quotes (`"`).
+
+When using [quick actions](../quick_actions.md), each action must be on a separate line.
 
 Sample CSV data:
 
 ```plaintext
-title,description
-My Issue Title,My Issue Description
-Another Title,"A description, with a comma"
-"One More Title","One More Description"
+title,description,due date
+My Issue Title,My Issue Description,2022-06-28
+Another Title,"A description, with a comma",
+"One More Title","One More Description",
+An Issue with Quick Actions,"Hey can we change the frontend?
+
+/assign @sjones
+/label ~frontend ~documentation",
 ```
 
 ### File size
diff --git a/doc/user/project/issues/img/close_issue_from_board.gif b/doc/user/project/issues/img/close_issue_from_board.gif
deleted file mode 100644
index 4814b42687b..00000000000
--- a/doc/user/project/issues/img/close_issue_from_board.gif
+++ /dev/null
diff --git a/doc/user/project/issues/img/multiple_assignees.gif b/doc/user/project/issues/img/multiple_assignees.gif
deleted file mode 100644
index 055a0efd9ae..00000000000
--- a/doc/user/project/issues/img/multiple_assignees.gif
+++ /dev/null
diff --git a/doc/user/project/issues/img/turn_off_confidentiality_v15_0.png b/doc/user/project/issues/img/turn_off_confidentiality_v15_0.png
deleted file mode 100644
index 37cbe0f4fd9..00000000000
--- a/doc/user/project/issues/img/turn_off_confidentiality_v15_0.png
+++ /dev/null
diff --git a/doc/user/project/issues/img/turn_on_confidentiality_v15_0.png b/doc/user/project/issues/img/turn_on_confidentiality_v15_0.png
deleted file mode 100644
index 498867d1933..00000000000
--- a/doc/user/project/issues/img/turn_on_confidentiality_v15_0.png
+++ /dev/null
diff --git a/doc/user/project/issues/img/turn_on_confidentiality_v15_1.png b/doc/user/project/issues/img/turn_on_confidentiality_v15_1.png
index 24a7ad554f8..c81ac85ab13 100644
--- a/doc/user/project/issues/img/turn_on_confidentiality_v15_1.png
+++ b/doc/user/project/issues/img/turn_on_confidentiality_v15_1.png
diff --git a/doc/user/project/issues/managing_issues.md b/doc/user/project/issues/managing_issues.md
index fbdce211295..15d8da7f544 100644
--- a/doc/user/project/issues/managing_issues.md
+++ b/doc/user/project/issues/managing_issues.md
@@ -385,8 +385,6 @@ To close an issue, you can do the following:
 - At the top of the issue, select **Close issue**.
 - In an [issue board](../issue_board.md), drag an issue card from its list into the **Closed** list.
 
-  ![close issue from the issue board](img/close_issue_from_board.gif)
-
 ### Reopen a closed issue
 
 Prerequisites:
diff --git a/doc/user/project/issues/multiple_assignees_for_issues.md b/doc/user/project/issues/multiple_assignees_for_issues.md
index 105dcd529c8..db160b6cfe8 100644
--- a/doc/user/project/issues/multiple_assignees_for_issues.md
+++ b/doc/user/project/issues/multiple_assignees_for_issues.md
@@ -4,39 +4,22 @@ group: Project Management
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
 ---
 
-# Multiple Assignees for Issues **(PREMIUM)**
+# Multiple assignees for issues **(PREMIUM)**
 
-> Moved to GitLab Premium in 13.9.
+> Moved from Starter to Premium in GitLab 13.9.
 
-In large teams, where there is shared ownership of an issue, it can be difficult
-to track who is working on it, who already completed their contributions, who
-didn't even start yet.
+In large teams with shared ownership, it can be difficult
+to track who is working on an issue, who's already done, or who hasn't started yet.
 
-You can also select multiple [assignees](managing_issues.md#assignee) for an issue, making it easier to
+You can add multiple [assignees](managing_issues.md#assignee) to an issue, making it easier to
 track, and making clearer who is accountable for it.
 
-![multiple assignees for issues](img/multiple_assignees_for_issues.png)
-
-## Use cases
-
-Consider a team formed by frontend developers, backend developers,
-UX designers, QA testers, and a product manager working together to bring an idea to
-market.
-
-Multiple Assignees for Issues makes collaboration smoother,
+Multiple assignees for issues makes collaboration smoother,
 and allows shared responsibilities to be clearly displayed.
 All assignees are shown across your team's workflows and receive notifications (as they
 would as single assignees), simplifying communication and ownership.
 
-Once an assignee had their work completed, they would remove themselves as assignees, making
-it clear that their role is complete.
+After an assignee completes their work, they remove themselves as an assignee, making
+it clear that their task is complete.
 
-## How it works
-
-From an opened issue, expand the right sidebar, locate the assignees entry,
-and select **Edit**. From the dropdown menu, select as many users as you want
-to assign the issue to.
-
-![adding multiple assignees](img/multiple_assignees.gif)
-
-To remove an assignee, clear them from the same dropdown menu.
+![multiple assignees for issues](img/multiple_assignees_for_issues.png)
diff --git a/doc/user/project/labels.md b/doc/user/project/labels.md
index 160dade87bb..333b073ee40 100644
--- a/doc/user/project/labels.md
+++ b/doc/user/project/labels.md
@@ -441,8 +441,6 @@ This label now appears at the top of the label list, under **Prioritized Labels*
 To change the relative priority of these labels, drag them up and down the list.
 The labels higher in the list get higher priority.
 
-![Drag to change label priority](img/labels_drag_priority_v12_1.gif)
-
 To learn what happens when you sort by priority or label priority, see
 [Sorting and ordering issue lists](issues/sorting_issue_lists.md).
 
diff --git a/doc/user/project/members/index.md b/doc/user/project/members/index.md
index 7bea57d180b..ff5f2ac8cb6 100644
--- a/doc/user/project/members/index.md
+++ b/doc/user/project/members/index.md
@@ -158,7 +158,7 @@ group itself.
 
 Prerequisites:
 
-- You must have the Owner role.
+- You must have the Maintainer or Owner role.
 - Optional. Unassign the member from all issues and merge requests that
   are assigned to them.
 
diff --git a/doc/user/project/members/share_project_with_groups.md b/doc/user/project/members/share_project_with_groups.md
index 02a9b76ce38..c4ae00f3c6c 100644
--- a/doc/user/project/members/share_project_with_groups.md
+++ b/doc/user/project/members/share_project_with_groups.md
@@ -24,6 +24,13 @@ members.
 > - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/352526) in GitLab 14.9.
     [Feature flag `invite_members_group_modal`](https://gitlab.com/gitlab-org/gitlab/-/issues/352526) removed.
 
+You can share a project only with:
+
+- Groups for which you have an explicitly defined [membership](index.md).
+- Groups that contain a nested subgroup or project for which you have an explicitly defined role.
+
+Administrators can share projects with any group in the namespace.
+
 The primary mechanism to give a group of users, say 'Engineering', access to a project,
 say 'Project Acme', in GitLab is to make the 'Engineering' group the owner of 'Project
 Acme'. But what if 'Project Acme' already belongs to another group, say 'Open Source'?
@@ -42,12 +49,11 @@ After sharing 'Project Acme' with 'Engineering':
 - The group is listed in the **Groups** tab.
 - The project is listed on the group dashboard.
 
-You can share a project only with:
-
-- Groups for which you have an explicitly defined membership.
-- Groups that contain a nested subgroup or project for which you have an explicitly defined role.
+When you share a project, be aware of the following restrictions and outcomes:
 
-Administrators can share projects with any group in the system.
+- [Maximum access level](#maximum-access-level)
+- [Sharing a public project with a private group](#share-a-public-project-with-private-group)
+- [Sharing project with group lock](#share-project-with-group-lock)
 
 ## Maximum access level
 
@@ -61,9 +67,13 @@ in. That means you can only share down the hierarchy. For example, `group/subgro
 - Can not be shared with `group`.
 - Can be shared with `group/subgroup02` or  `group/subgroup01/subgroup03`.
 
-## Share public project with private group
+## Share a public project with private group
+
+When you share a public project with a private group, be aware of the following outcomes:
 
-When sharing a public project with a private group, owners and maintainers of the project see the name of the group in the `members` page. Owners also have the possibility to see members of the private group they don't have access to when mentioning them in the issue or merge request.
+- The name of the group is no longer private and is visible to all users in the project members page.
+- Owners of the project have access to members of the private group when they mention them in issues or merge requests.
+- Project members who are direct or indirect members of the private group can see private group members listed in addition to members of the project.
 
 ## Share project with group lock
 
diff --git a/doc/user/project/merge_requests/accessibility_testing.md b/doc/user/project/merge_requests/accessibility_testing.md
index b8907532066..c1a87f7a5d4 100644
--- a/doc/user/project/merge_requests/accessibility_testing.md
+++ b/doc/user/project/merge_requests/accessibility_testing.md
@@ -1,76 +1,11 @@
 ---
-stage: Verify
-group: Pipeline Insights
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+redirect_to: '../../../ci/testing/accessibility_testing.md'
+remove_date: '2022-08-31'
 ---
 
-# Accessibility testing **(FREE)**
+This document was moved to [another location](../../../ci/testing/accessibility_testing.md).
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25144) in GitLab 12.8.
-
-If your application offers a web interface, you can use
-[GitLab CI/CD](../../../ci/index.md) to determine the accessibility
-impact of pending code changes.
-
-[Pa11y](https://pa11y.org/) is a free and open source tool for
-measuring the accessibility of web sites. GitLab integrates Pa11y into a
-[CI job template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Verify/Accessibility.gitlab-ci.yml).
-The `a11y` job analyzes a defined set of web pages and reports
-accessibility violations, warnings, and notices in a file named
-`accessibility`.
-
-As of [GitLab 14.5](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/73309), Pa11y uses
-[WCAG 2.1 rules](https://www.w3.org/TR/WCAG21/#new-features-in-wcag-2-1).
-
-## Accessibility merge request widget
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/39425) in GitLab 13.0 behind the disabled [feature flag](../../../administration/feature_flags.md) `:accessibility_report_view`.
-> - [Feature Flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/217372) in GitLab 13.1.
-
-GitLab displays an **Accessibility Report** in the merge request widget area:
-
-![Accessibility merge request widget](img/accessibility_mr_widget_v13_0.png)
-
-## Configure accessibility testing
-
-You can run Pa11y with GitLab CI/CD using the
-[GitLab Accessibility Docker image](https://gitlab.com/gitlab-org/ci-cd/accessibility).
-
-To define the `a11y` job for GitLab 12.9 and later:
-
-1. [Include](../../../ci/yaml/index.md#includetemplate) the
-   [`Accessibility.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Verify/Accessibility.gitlab-ci.yml)
-   from your GitLab installation.
-1. Add the following configuration to your `.gitlab-ci.yml` file.
-
-   ```yaml
-   stages:
-     - accessibility
-
-   variables:
-     a11y_urls: "https://about.gitlab.com https://gitlab.com/users/sign_in"
-
-   include:
-     - template: "Verify/Accessibility.gitlab-ci.yml"
-   ```
-
-1. Customize the `a11y_urls` variable to list the URLs of the web pages to test with Pa11y.
-
-The `a11y` job in your CI/CD pipeline generates these files:
-
-- One HTML report per URL listed in the `a11y_urls` variable.
-- One file containing the collected report data. In GitLab versions 12.11 and later, this
-  file is named `gl-accessibility.json`. In GitLab versions 12.10 and earlier, this file
-  is named [`accessibility.json`](https://gitlab.com/gitlab-org/ci-cd/accessibility/-/merge_requests/9).
-
-You can [view job artifacts in your browser](../../../ci/pipelines/job_artifacts.md#download-job-artifacts).
-
-NOTE:
-For GitLab versions earlier than 12.9, use `include:remote` and
-link to the [current template in the default branch](https://gitlab.com/gitlab-org/gitlab/-/raw/master/lib/gitlab/ci/templates/Verify/Accessibility.gitlab-ci.yml)
-
-NOTE:
-The job definition provided by the template does not support Kubernetes.
-
-You cannot pass configurations into Pa11y via CI configuration.
-To change the configuration, edit a copy of the template in your CI file.
+<!-- This redirect file can be deleted after <2022-09-22>. -->
+<!-- Redirects that point to other docs in the same project expire in three months. -->
+<!-- Redirects that point to docs in a different project or site (for example, link is not relative and starts with `https:`) expire in one year. -->
+<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/redirects.html -->
diff --git a/doc/user/project/merge_requests/approvals/img/mr_approvals_by_code_owners_v12_7.png b/doc/user/project/merge_requests/approvals/img/mr_approvals_by_code_owners_v12_7.png
deleted file mode 100644
index 669148a41d8..00000000000
--- a/doc/user/project/merge_requests/approvals/img/mr_approvals_by_code_owners_v12_7.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/approvals/img/mr_approvals_by_code_owners_v15_2.png b/doc/user/project/merge_requests/approvals/img/mr_approvals_by_code_owners_v15_2.png
new file mode 100644
index 00000000000..37dad4e5ae8
--- /dev/null
+++ b/doc/user/project/merge_requests/approvals/img/mr_approvals_by_code_owners_v15_2.png
diff --git a/doc/user/project/merge_requests/approvals/rules.md b/doc/user/project/merge_requests/approvals/rules.md
index 21cf5cca4d1..b79c8ee867f 100644
--- a/doc/user/project/merge_requests/approvals/rules.md
+++ b/doc/user/project/merge_requests/approvals/rules.md
@@ -152,9 +152,9 @@ become eligible approvers in the project. To enable this merge request approval
 
 1. Go to your project and select **Settings > General**.
 1. Expand **Merge request (MR) approvals**.
-1. Locate **Eligible users** and select the number of approvals required:
+1. Locate **All eligible users** and select the number of approvals required:
 
-   ![MR approvals by Code Owners](img/mr_approvals_by_code_owners_v12_7.png)
+![MR approvals by Code Owners](img/mr_approvals_by_code_owners_v15_2.png)
 
 You can also
 [require code owner approval](../../protected_branches.md#require-code-owner-approval-on-a-protected-branch)
diff --git a/doc/user/project/merge_requests/approvals/settings.md b/doc/user/project/merge_requests/approvals/settings.md
index 9295ea4c310..7b865a91106 100644
--- a/doc/user/project/merge_requests/approvals/settings.md
+++ b/doc/user/project/merge_requests/approvals/settings.md
@@ -55,7 +55,7 @@ this setting, unless you configure one of these options:
 > Moved to GitLab Premium in 13.9.
 
 By default, users who commit to a merge request can still approve it. At both
-the project level or [instance level](../../../admin_area/merge_requests_approvals.md)
+the project level or [instance level](../../../admin_area/merge_requests_approvals.md),
 you can prevent committers from approving merge requests that are partially
 their own. To do this:
 
@@ -82,7 +82,7 @@ read the official Git documentation for an explanation.
 ## Prevent editing approval rules in merge requests
 
 By default, users can override the approval rules you [create for a project](rules.md)
-on a per-merge request basis. If you don't want users to change approval rules
+on a per-merge-request basis. If you don't want users to change approval rules
 on merge requests, you can disable this setting:
 
 1. Go to your project and select **Settings > General**.
@@ -119,7 +119,7 @@ when more changes are added to it:
 1. Select the **Remove all approvals when commits are added to the source branch** checkbox.
 1. Select **Save changes**.
 
-Approvals aren't reset when a merge request is [rebased from the UI](../methods/index.md#rebasing-in-semi-linear-merge-methods)
+Approvals aren't reset when a merge request is [rebased from the UI](../methods/index.md#rebasing-in-semi-linear-merge-methods).
 However, approvals are reset if the target branch is changed.
 
 ## Code coverage check approvals
diff --git a/doc/user/project/merge_requests/browser_performance_testing.md b/doc/user/project/merge_requests/browser_performance_testing.md
index 9c7d9e2bf19..95f749210c4 100644
--- a/doc/user/project/merge_requests/browser_performance_testing.md
+++ b/doc/user/project/merge_requests/browser_performance_testing.md
@@ -1,242 +1,11 @@
 ---
-stage: Verify
-group: Pipeline Insights
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+redirect_to: '../../../ci/testing/browser_performance_testing.md'
+remove_date: '2022-08-31'
 ---
 
-# Browser Performance Testing **(PREMIUM)**
+This document was moved to [another location](../../../ci/testing/browser_performance_testing.md).
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/3507) in GitLab 10.3.
-
-If your application offers a web interface and you're using
-[GitLab CI/CD](../../../ci/index.md), you can quickly determine the rendering performance
-impact of pending code changes in the browser.
-
-NOTE:
-You can automate this feature in your applications by using [Auto DevOps](../../../topics/autodevops/index.md).
-
-## Overview
-
-GitLab uses [Sitespeed.io](https://www.sitespeed.io), a free and open source
-tool, for measuring the rendering performance of web sites. The
-[Sitespeed plugin](https://gitlab.com/gitlab-org/gl-performance) that GitLab built outputs
-the performance score for each page analyzed in a file called `browser-performance.json`
-this data can be shown on Merge Requests.
-
-## Use cases
-
-Consider the following workflow:
-
-1. A member of the marketing team is attempting to track engagement by adding a new tool.
-1. With browser performance metrics, they see how their changes are impacting the usability
-   of the page for end users.
-1. The metrics show that after their changes, the performance score of the page has gone down.
-1. When looking at the detailed report, they see the new JavaScript library was
-   included in `<head>`, which affects loading page speed.
-1. They ask for help from a front end developer, who sets the library to load asynchronously.
-1. The frontend developer approves the merge request, and authorizes its deployment to production.
-
-## How browser performance testing works
-
-First, define a job in your `.gitlab-ci.yml` file that generates the
-[Browser Performance report artifact](../../../ci/yaml/artifacts_reports.md#artifactsreportsbrowser_performance).
-GitLab then checks this report, compares key performance metrics for each page
-between the source and target branches, and shows the information in the merge request.
-
-For an example Browser Performance job, see
-[Configuring Browser Performance Testing](#configuring-browser-performance-testing).
-
-NOTE:
-If the Browser Performance report has no data to compare, such as when you add the
-Browser Performance job in your `.gitlab-ci.yml` for the very first time,
-the Browser Performance report widget doesn't display. It must have run at least
-once on the target branch (`main`, for example), before it displays in a
-merge request targeting that branch.
-
-![Browser Performance Widget](img/browser_performance_testing.png)
-
-## Configuring Browser Performance Testing
-
-This example shows how to run the [sitespeed.io container](https://hub.docker.com/r/sitespeedio/sitespeed.io/)
-on your code by using GitLab CI/CD and [sitespeed.io](https://www.sitespeed.io)
-using Docker-in-Docker.
-
-1. First, set up GitLab Runner with a
-   [Docker-in-Docker build](../../../ci/docker/using_docker_build.md#use-docker-in-docker).
-1. Configure the default Browser Performance Testing CI/CD job as follows in your `.gitlab-ci.yml` file:
-
-   ```yaml
-   include:
-     template: Verify/Browser-Performance.gitlab-ci.yml
-
-   browser_performance:
-     variables:
-       URL: https://example.com
-   ```
-
-WARNING:
-In GitLab 13.12 and earlier, the job [was named](https://gitlab.com/gitlab-org/gitlab/-/issues/225914) `performance`.
-
-The above example:
-
-- Creates a `browser_performance` job in your CI/CD pipeline and runs sitespeed.io against the webpage you
-  defined in `URL` to gather key metrics.
-- Uses a template that doesn't work with Kubernetes clusters. If you are using a Kubernetes cluster,
-  use [`template: Jobs/Browser-Performance-Testing.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Browser-Performance-Testing.gitlab-ci.yml)
-   instead.
-- Uses a CI/CD template that is included in all GitLab installations since 12.4. If you are using
-  GitLab 12.3 or earlier, you must [add the configuration manually](#gitlab-versions-132-and-earlier).
-
-The template uses the [GitLab plugin for sitespeed.io](https://gitlab.com/gitlab-org/gl-performance),
-and it saves the full HTML sitespeed.io report as a [Browser Performance report artifact](../../../ci/yaml/artifacts_reports.md#artifactsreportsbrowser_performance)
-that you can later download and analyze. This implementation always takes the latest
-Browser Performance artifact available. If [GitLab Pages](../pages/index.md) is enabled,
-you can view the report directly in your browser.
-
-You can also customize the jobs with CI/CD variables:
-
-- `SITESPEED_IMAGE`: Configure the Docker image to use for the job (default `sitespeedio/sitespeed.io`), but not the image version.
-- `SITESPEED_VERSION`: Configure the version of the Docker image to use for the job (default `14.1.0`).
-- `SITESPEED_OPTIONS`: Configure any additional sitespeed.io options as required (default `nil`). Refer to the [sitespeed.io documentation](https://www.sitespeed.io/documentation/sitespeed.io/configuration/) for more details.
-
-For example, you can override the number of runs sitespeed.io
-makes on the given URL, and change the version:
-
-```yaml
-include:
-  template: Verify/Browser-Performance.gitlab-ci.yml
-
-browser_performance:
-  variables:
-    URL: https://www.sitespeed.io/
-    SITESPEED_VERSION: 13.2.0
-    SITESPEED_OPTIONS: -n 5
-```
-
-### Configuring degradation threshold
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27599) in GitLab 13.0.
-
-You can configure the sensitivity of degradation alerts to avoid getting alerts for minor drops in metrics.
-This is done by setting the `DEGRADATION_THRESHOLD` CI/CD variable. In the example below, the alert only shows up
-if the `Total Score` metric degrades by 5 points or more:
-
-```yaml
-include:
-  template: Verify/Browser-Performance.gitlab-ci.yml
-
-browser_performance:
-  variables:
-    URL: https://example.com
-    DEGRADATION_THRESHOLD: 5
-```
-
-The `Total Score` metric is based on sitespeed.io's [coach performance score](https://www.sitespeed.io/documentation/sitespeed.io/metrics/#performance-score). There is more information in [the coach documentation](https://www.sitespeed.io/documentation/coach/how-to/#what-do-the-coach-do).
-
-### Performance testing on Review Apps
-
-The above CI YAML configuration is great for testing against static environments, and it can
-be extended for dynamic environments, but a few extra steps are required:
-
-1. The `browser_performance` job should run after the dynamic environment has started.
-1. In the `review` job:
-    1. Generate a URL list file with the dynamic URL.
-    1. Save the file as an artifact, for example with `echo $CI_ENVIRONMENT_URL > environment_url.txt`
-    in your job's `script`.
-    1. Pass the list as the URL environment variable (which can be a URL or a file containing URLs)
-    to the `browser_performance` job.
-1. You can now run the sitespeed.io container against the desired hostname and
-   paths.
-
-Your `.gitlab-ci.yml` file would look like:
-
-```yaml
-stages:
-  - deploy
-  - performance
-
-include:
-  template: Verify/Browser-Performance.gitlab-ci.yml
-
-review:
-  stage: deploy
-  environment:
-    name: review/$CI_COMMIT_REF_SLUG
-    url: http://$CI_COMMIT_REF_SLUG.$APPS_DOMAIN
-  script:
-    - run_deploy_script
-    - echo $CI_ENVIRONMENT_URL > environment_url.txt
-  artifacts:
-    paths:
-      - environment_url.txt
-  only:
-    - branches
-  except:
-    - master
-
-browser_performance:
-  dependencies:
-    - review
-  variables:
-    URL: environment_url.txt
-```
-
-### GitLab versions 13.2 and earlier
-
-Browser Performance Testing has gone through several changes since its introduction.
-In this section we detail these changes and how you can run the test based on your
-GitLab version:
-
-- In 13.2 the feature was renamed from `Performance` to `Browser Performance` with additional
-  template CI/CD variables.
-- In GitLab 12.4 [a job template was made available](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Verify/Browser-Performance.gitlab-ci.yml).
-- For 11.5 to 12.3 no template is available and the job has to be defined manually as follows:
-
-  ```yaml
-  performance:
-    stage: performance
-    image: docker:git
-    variables:
-      URL: https://example.com
-      SITESPEED_VERSION: 14.1.0
-      SITESPEED_OPTIONS: ''
-    services:
-      - docker:stable-dind
-    script:
-      - mkdir gitlab-exporter
-      - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/1.1.0/index.js
-      - mkdir sitespeed-results
-      - docker run --shm-size=1g --rm -v "$(pwd)":/sitespeed.io sitespeedio/sitespeed.io:$SITESPEED_VERSION --plugins.add ./gitlab-exporter --outputFolder sitespeed-results $URL $SITESPEED_OPTIONS
-      - mv sitespeed-results/data/performance.json performance.json
-    artifacts:
-      paths:
-        - performance.json
-        - sitespeed-results/
-      reports:
-        performance: performance.json
-  ```
-
-- For 11.4 and earlier the job should be defined as follows:
-
-  ```yaml
-  performance:
-    stage: performance
-    image: docker:git
-    variables:
-      URL: https://example.com
-    services:
-      - docker:stable-dind
-    script:
-      - mkdir gitlab-exporter
-      - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/1.1.0/index.js
-      - mkdir sitespeed-results
-      - docker run --shm-size=1g --rm -v "$(pwd)":/sitespeed.io sitespeedio/sitespeed.io:6.3.1 --plugins.add ./gitlab-exporter --outputFolder sitespeed-results $URL
-      - mv sitespeed-results/data/performance.json performance.json
-    artifacts:
-      paths:
-        - performance.json
-        - sitespeed-results/
-  ```
-
-Upgrading to the latest version and using the templates is recommended, to ensure
-you receive the latest updates, including updates to the sitespeed.io versions.
+<!-- This redirect file can be deleted after <2022-09-22>. -->
+<!-- Redirects that point to other docs in the same project expire in three months. -->
+<!-- Redirects that point to docs in a different project or site (for example, link is not relative and starts with `https:`) expire in one year. -->
+<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/redirects.html -->
diff --git a/doc/user/project/merge_requests/code_quality.md b/doc/user/project/merge_requests/code_quality.md
index 623af914692..79e590cb905 100644
--- a/doc/user/project/merge_requests/code_quality.md
+++ b/doc/user/project/merge_requests/code_quality.md
@@ -1,634 +1,11 @@
 ---
-stage: Secure
-group: Static Analysis
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+redirect_to: '../../../ci/testing/code_quality.md'
+remove_date: '2022-08-31'
 ---
 
-# Code Quality **(FREE)**
+This document was moved to [another location](../../../ci/testing/code_quality.md).
 
-> [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/212499) to GitLab Free in 13.2.
-
-To ensure your project's code stays simple, readable, and easy to contribute to,
-you can use [GitLab CI/CD](../../../ci/index.md) to analyze your source code quality.
-
-For example, while you're implementing a feature, you can run Code Quality reports
-to analyze how your improvements are impacting your code's quality. You can
-use this information to ensure that your changes are improving performance rather
-than degrading it.
-
-Code Quality:
-
-- Uses [plugins](https://docs.codeclimate.com/docs/list-of-engines) supported by Code Climate, which are
-  free and open source. Code Quality does not require a Code Climate
-  subscription.
-- Runs in [pipelines](../../../ci/pipelines/index.md) by using a Docker image built in the
-  [GitLab Code Quality](https://gitlab.com/gitlab-org/ci-cd/codequality) project.
-- Uses [default Code Climate configurations](https://gitlab.com/gitlab-org/ci-cd/codequality/-/tree/master/codeclimate_defaults).
-- Can make use of a [template](#example-configuration).
-- Is available by using [Auto Code Quality](../../../topics/autodevops/stages.md#auto-code-quality), provided by [Auto DevOps](../../../topics/autodevops/index.md).
-- Can be extended through [Analysis Plugins](https://docs.codeclimate.com/docs/list-of-engines) or a [custom tool](#implementing-a-custom-tool).
-
-## Summary of features per tier
-
-Different features are available in different [GitLab tiers](https://about.gitlab.com/pricing/),
-as shown in the following table:
-
-| Capability                                                            | In Free             | In Premium          | In Ultimate        |
-|:----------------------------------------------------------------------|:--------------------|:--------------------|:-------------------|
-| [Configure scanners](#configuring-jobs-using-variables)               | **{check-circle}**  | **{check-circle}**  | **{check-circle}** |
-| [Integrate custom scanners](#implementing-a-custom-tool)              | **{check-circle}**  | **{check-circle}**  | **{check-circle}** |
-| [Generate JSON or HTML report artifacts](#generate-an-html-report)    | **{check-circle}**  | **{check-circle}**  | **{check-circle}** |
-| [See findings in merge request widget](#code-quality-widget)          | **{check-circle}**  | **{check-circle}**  | **{check-circle}** |
-| [See reports in CI pipelines](#code-quality-reports)                  | **{dotted-circle}** | **{check-circle}**  | **{check-circle}** |
-| [See findings in merge request diff view](#code-quality-in-diff-view) | **{dotted-circle}** | **{dotted-circle}** | **{check-circle}** |
-
-## Code Quality Widget
-
-> [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/212499) to GitLab Free in 13.2.
-
-Going a step further, GitLab can show the Code Quality report right
-in the merge request widget area if a report from the target branch is available to compare to:
-
-![Code Quality Widget](img/code_quality_widget_13_11.png)
-
-Watch a quick walkthrough of Code Quality in action:
-
-<div class="video-fallback">
-  See the video: <a href="https://www.youtube.com/watch?v=B32LxtJKo9M">Code Quality: Speed Run</a>.
-</div>
-<figure class="video-container">
-  <iframe src="https://www.youtube.com/embed/B32LxtJKo9M" frameborder="0" allowfullscreen="true"> </iframe>
-</figure>
-
-NOTE:
-For one customer, the auditor found that having Code Quality, SAST, and Container Scanning all automated in GitLab CI/CD was almost better than a manual review! [Read more](https://about.gitlab.com/customers/bi_worldwide/).
-
-See also the Code Climate list of [Supported Languages for Maintainability](https://docs.codeclimate.com/docs/supported-languages-for-maintainability).
-
-## Code Quality in diff view **(ULTIMATE)**
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267612) in GitLab 13.11, disabled by default behind the `codequality_mr_diff` [feature flag](../../../administration/feature_flags.md).
-> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/284140) in GitLab 13.12.
-> - [Disabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/2526) in GitLab 14.0 due to [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/334116).
-> - [Inline annotation added](https://gitlab.com/gitlab-org/gitlab/-/issues/2526) and [feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/284140) in GitLab 14.1.
-
-Changes to files in merge requests can cause Code Quality to fall if merged. In these cases,
-the merge request's diff view displays an indicator next to lines with new Code Quality violations. For example:
-
-![Code Quality MR diff report](img/code_quality_mr_diff_report_v14_2.png)
-
-## Example configuration
-
-This example shows how to run Code Quality on your code by using GitLab CI/CD and Docker.
-
-- Using shared runners, the job should be configured For the [Docker-in-Docker workflow](../../../ci/docker/using_docker_build.md#use-docker-in-docker).
-- Using private runners, there is an [alternative configuration](#set-up-a-private-runner-for-code-quality-without-docker-in-docker) recommended for running Code Quality analysis more efficiently.
-
-In either configuration, the runner must have enough disk space to handle generated Code Quality files. For example on the [GitLab project](https://gitlab.com/gitlab-org/gitlab) the files are approximately 7 GB.
-
-Once you set up GitLab Runner, include the [Code Quality template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml) in your CI configuration:
-
-```yaml
-include:
-  - template: Code-Quality.gitlab-ci.yml
-```
-
-The above example creates a `code_quality` job in your CI/CD pipeline which
-scans your source code for code quality issues. The report is saved as a
-[Code Quality report artifact](../../../ci/yaml/artifacts_reports.md#artifactsreportscodequality)
-that you can later download and analyze.
-
-It's also possible to override the URL to the Code Quality image by
-setting the `CODE_QUALITY_IMAGE` CI/CD variable. This is particularly useful if you want
-to lock in a specific version of Code Quality, or use a fork of it:
-
-```yaml
-include:
-  - template: Code-Quality.gitlab-ci.yml
-
-code_quality:
-  variables:
-    CODE_QUALITY_IMAGE: "registry.example.com/codequality-fork:latest"
-```
-
-In [GitLab 13.4 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/11100), you can override the [Code Quality environment variables](https://gitlab.com/gitlab-org/ci-cd/codequality#environment-variables):
-
-```yaml
-variables:
-  TIMEOUT_SECONDS: 1
-
-include:
-  - template: Code-Quality.gitlab-ci.yml
-```
-
-By default, report artifacts are not downloadable. If you need them downloadable on the
-job details page, you can add `gl-code-quality-report.json` to the artifact paths like so:
-
-```yaml
-include:
-  - template: Code-Quality.gitlab-ci.yml
-
-code_quality:
-  artifacts:
-    paths: [gl-code-quality-report.json]
-```
-
-The included `code_quality` job is running in the `test` stage, so it needs to be included in your CI configuration, like so:
-
-```yaml
-stages:
-  - test
-```
-
-NOTE:
-This information is automatically extracted and shown right in the merge request widget.
-
-WARNING:
-On self-managed instances, if a malicious actor compromises the Code Quality job
-definition they could execute privileged Docker commands on the runner
-host. Having proper access control policies mitigates this attack vector by
-allowing access only to trusted actors.
-
-### Set up a private runner for code quality without Docker-in-Docker
-
-It's possible to configure your own runners and avoid Docker-in-Docker. You can use a
-configuration that may greatly speed up job execution without requiring your runners
-to operate in privileged mode.
-
-This alternative configuration uses socket binding to share the Runner's Docker daemon
-with the job environment. Be aware that this configuration [has significant considerations](../../../ci/docker/using_docker_build.md#use-docker-socket-binding)
-to be consider, but may be preferable depending on your use case.
-
-1. Register a new runner:
-
-   ```shell
-   $ gitlab-runner register --executor "docker" \
-     --docker-image="docker:stable" \
-     --url "https://gitlab.com/" \
-     --description "cq-sans-dind" \
-     --tag-list "cq-sans-dind" \
-     --locked="false" \
-     --access-level="not_protected" \
-     --docker-volumes "/cache"\
-     --docker-volumes "/builds:/builds"\
-     --docker-volumes "/var/run/docker.sock:/var/run/docker.sock" \
-     --registration-token="<project_token>" \
-     --non-interactive
-   ```
-
-1. **Optional, but recommended:** Set the builds directory to `/tmp/builds`,
-  so job artifacts are periodically purged from the runner host. If you skip
-  this step, you must clean up the default builds directory (`/builds`) yourself.
-  You can do this by adding the following two flags to `gitlab-runner register`
-  in the previous step.
-
-   ```shell
-   --builds-dir "/tmp/builds"
-   --docker-volumes "/tmp/builds:/tmp/builds" # Use this instead of --docker-volumes "/builds:/builds"
-   ```
-
-   The resulting configuration:
-
-   ```toml
-   [[runners]]
-     name = "cq-sans-dind"
-     url = "https://gitlab.com/"
-     token = "<project_token>"
-     executor = "docker"
-     builds_dir = "/tmp/builds"
-     [runners.docker]
-       tls_verify = false
-       image = "docker:stable"
-       privileged = false
-       disable_entrypoint_overwrite = false
-       oom_kill_disable = false
-       disable_cache = false
-       volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock", "/tmp/builds:/tmp/builds"]
-       shm_size = 0
-     [runners.cache]
-       [runners.cache.s3]
-       [runners.cache.gcs]
-   ```
-
-1. Apply two overrides to the `code_quality` job created by the template:
-
-   ```yaml
-   include:
-     - template: Code-Quality.gitlab-ci.yml
-
-   code_quality:
-     services:            # Shut off Docker-in-Docker
-     tags:
-       - cq-sans-dind     # Set this job to only run on our new specialized runner
-   ```
-
-The end result is that:
-
-- Privileged mode is not used.
-- Docker-in-Docker is not used.
-- Docker images, including all CodeClimate images, are cached, and not re-fetched for subsequent jobs.
-
-With this configuration, the run time for a second pipeline is much shorter. For example
-this [small change](https://gitlab.com/drew/test-code-quality-template/-/merge_requests/4/diffs?commit_id=1e705607aef7236c1b20bb6f637965f3f3e53a46)
-to an [open merge request](https://gitlab.com/drew/test-code-quality-template/-/merge_requests/4/pipelines)
-running Code Quality analysis ran significantly faster the second time:
-
-![Code Quality sequential runs without DinD](img/code_quality_host_bound_sequential.png)
-
-This configuration is not possible on `gitlab.com` shared runners. Shared runners
-are configured with `privileged=true`, and they do not expose `docker.sock` into
-the job container. As a result, socket binding cannot be used to make `docker` available
-in the context of the job script.
-
-[Docker-in-Docker](../../../ci/docker/using_docker_build.md#use-docker-in-docker)
-was chosen as an operational decision by the runner team, instead of exposing `docker.sock`.
-
-### Disabling the code quality job
-
-The `code_quality` job doesn't run if the `$CODE_QUALITY_DISABLED` CI/CD variable
-is present. Please refer to the CI/CD variables [documentation](../../../ci/variables/index.md)
-to learn more about how to define one.
-
-To disable the `code_quality` job, add `CODE_QUALITY_DISABLED` as a custom CI/CD variable.
-This can be done:
-
-- For [the whole project](../../../ci/variables/index.md#custom-cicd-variables).
-- For a single pipeline run:
-
-  1. Go to **CI/CD > Pipelines**
-  1. Select **Run pipeline**
-  1. Add `CODE_QUALITY_DISABLED` as the variable key, with any value.
-
-### Using with merge request pipelines
-
-The configuration provided by the Code Quality template does not let the `code_quality` job
-run on [merge request pipelines](../../../ci/pipelines/merge_request_pipelines.md).
-
-If merge request pipelines is enabled, the `code_quality:rules` must be redefined.
-
-The template has these [`rules`](../../../ci/yaml/index.md#rules) for the `code quality` job:
-
-```yaml
-code_quality:
-  rules:
-    - if: $CODE_QUALITY_DISABLED
-      when: never
-    - if: $CI_COMMIT_TAG || $CI_COMMIT_BRANCH
-```
-
-If you are using merge request pipelines, your `rules` (or [`workflow: rules`](../../../ci/yaml/index.md#workflow))
-might look like this example:
-
-```yaml
-job1:
-  rules:
-    - if: $CI_PIPELINE_SOURCE == "merge_request_event" # Run job1 in merge request pipelines
-    - if: $CI_COMMIT_BRANCH == "main"                  # Run job1 in pipelines on the main branch (but not in other branch pipelines)
-    - if: $CI_COMMIT_TAG                               # Run job1 in pipelines for tags
-```
-
-To make these work together, you need to overwrite the code quality `rules`
-so that they match your current `rules`. From the example above, it could look like:
-
-```yaml
-include:
-  - template: Code-Quality.gitlab-ci.yml
-
-code_quality:
-  rules:
-    - if: $CODE_QUALITY_DISABLED
-      when: never
-    - if: $CI_PIPELINE_SOURCE == "merge_request_event" # Run code quality job in merge request pipelines
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH      # Run code quality job in pipelines on the default branch (but not in other branch pipelines)
-    - if: $CI_COMMIT_TAG                               # Run code quality job in pipelines for tags
-```
-
-### Configure Code Quality to use a private container image registry
-
-> [Introduced](https://gitlab.com/gitlab-org/ci-cd/codequality/-/merge_requests/30) in 13.7.
-
-To reduce network time and external dependency, you can use your own
-container image registry to host the Code Quality Docker images. Because of
-the nested architecture of container execution, the registry prefix must
-be specifically configured to be passed down into CodeClimate's subsequent
-`docker pull` commands for individual engines.
-
-The following two variables can address all of the required image pulls:
-
-- `CODE_QUALITY_IMAGE`: A fully prefixed image name that can be located anywhere
-  accessible from your job environment. GitLab Container Registry can be used here
-  to host your own copy.
-- `CODECLIMATE_PREFIX`: The domain of your intended container image registry. This
-  is a configuration option supported by [CodeClimate CLI](https://github.com/codeclimate/codeclimate/pull/948). You must:
-  - Include a trailing slash (`/`).
-  - Not include a protocol prefix, such as `https://`.
-
-```yaml
-include:
-  - template: Jobs/Code-Quality.gitlab-ci.yml
-
-code_quality:
-  variables:
-    CODE_QUALITY_IMAGE: "my-private-registry.local:12345/codequality:0.85.24"
-    CODECLIMATE_PREFIX: "my-private-registry.local:12345/"
-```
-
-This example is specific to GitLab Code Quality. For more general
-instructions on how to configure DinD with a registry mirror, see the
-relevant [documentation](../../../ci/docker/using_docker_build.md#enable-registry-mirror-for-dockerdind-service).
-
-## Configuring jobs using variables
-
-The Code Quality job supports environment variables that users can set to
-configure job execution at runtime.
-
-For a list of available environment variables, see
-[Environment variables](https://gitlab.com/gitlab-org/ci-cd/codequality#environment-variables).
-
-## Implementing a custom tool
-
-It's possible to have a custom tool provide Code Quality reports in GitLab. To
-do this:
-
-1. Define a job in your `.gitlab-ci.yml` file that generates the
-   [Code Quality report artifact](../../../ci/yaml/artifacts_reports.md#artifactsreportscodequality).
-1. Configure your tool to generate the Code Quality report artifact as a JSON
-   file that implements a subset of the [Code Climate
-   spec](https://github.com/codeclimate/platform/blob/master/spec/analyzers/SPEC.md#data-types).
-
-The Code Quality report artifact JSON file must contain an array of objects
-with the following properties:
-
-| Name                   | Description                                                                               |
-| ---------------------- | ----------------------------------------------------------------------------------------- |
-| `description`          | A description of the code quality violation.                                              |
-| `fingerprint`          | A unique fingerprint to identify the code quality violation. For example, an MD5 hash.    |
-| `severity`             | A severity string (can be `info`, `minor`, `major`, `critical`, or `blocker`).            |
-| `location.path`        | The relative path to the file containing the code quality violation.                      |
-| `location.lines.begin` or `location.positions.begin.line` | The line on which the code quality violation occurred. |
-
-Example:
-
-```json
-[
-  {
-    "description": "'unused' is assigned a value but never used.",
-    "fingerprint": "7815696ecbf1c96e6894b779456d330e",
-    "severity": "minor",
-    "location": {
-      "path": "lib/index.js",
-      "lines": {
-        "begin": 42
-      }
-    }
-  }
-]
-```
-
-NOTE:
-Although the Code Climate spec supports more properties, those are ignored by
-GitLab.
-The GitLab parser does not allow a [byte order mark](https://en.wikipedia.org/wiki/Byte_order_mark)
-at the beginning of the file.
-
-## Code Quality reports **(PREMIUM)**
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/21527) in GitLab 12.9.
-
-![Code Quality Report](img/code_quality_report_13_11.png)
-
-After the Code Quality job completes:
-
-- Potential changes to code quality are shown directly in the merge request.
-  The Code Quality widget in the merge request compares the reports from the base and head of the branch,
-  then lists any violations that are resolved or created when the branch is merged.
-- The full JSON report is available as a
-  [downloadable artifact](../../../ci/pipelines/job_artifacts.md#download-job-artifacts)
-  for the `code_quality` job.
-- The full list of code quality violations generated by a pipeline is shown in the
-  Code Quality tab of the Pipeline Details page.
-
-## Generate an HTML report
-
-In [GitLab 13.6 and later](https://gitlab.com/gitlab-org/ci-cd/codequality/-/issues/10),
-it is possible to generate an HTML report file by setting the `REPORT_FORMAT`
-CI/CD variable to `html`. This is useful if you just want to view the report in a more
-human-readable format or to publish this artifact on GitLab Pages for even
-easier reviewing.
-
-To generate both JSON and HTML report files, add another job to your template by using `extends: code_quality`:
-
-```yaml
-include:
-  - template: Code-Quality.gitlab-ci.yml
-
-code_quality_html:
-  extends: code_quality
-  variables:
-    REPORT_FORMAT: html
-  artifacts:
-    paths: [gl-code-quality-report.html]
-```
-
-NOTE:
-Adding a job means your code is scanned twice: once to generate a JSON report and once to generate an HTML report.
-
-You can also generate _only_ an HTML report instead of the standard JSON report. To do so, set `REPORT_FORMAT` to `html` in the existing job:
-
-```yaml
-include:
-  - template: Code-Quality.gitlab-ci.yml
-
-code_quality:
-  variables:
-    REPORT_FORMAT: html
-  artifacts:
-    paths: [gl-code-quality-report.html]
-```
-
-WARNING:
-If you only generate an HTML report, you can't see your results in the [merge request widget](#code-quality-widget), [pipeline report](#code-quality-reports), or [diff view](#code-quality-in-diff-view).
-These features require a JSON report.
-
-## Extending functionality
-
-### Using Analysis Plugins
-
-Should there be a need to extend the default functionality provided by Code Quality, as stated in [Code Quality](#code-quality), [Analysis Plugins](https://docs.codeclimate.com/docs/list-of-engines) are available.
-
-For example, to use the [SonarJava analyzer](https://docs.codeclimate.com/docs/sonar-java),
-add a file named `.codeclimate.yml` containing the [enablement code](https://docs.codeclimate.com/docs/sonar-java#enable-the-plugin)
-for the plugin to the root of your repository:
-
-```yaml
-version: "2"
-plugins:
-  sonar-java:
-    enabled: true
-```
-
-This adds SonarJava to the `plugins:` section of the [default `.codeclimate.yml`](https://gitlab.com/gitlab-org/ci-cd/codequality/-/blob/master/codeclimate_defaults/.codeclimate.yml.template)
-included in your project.
-
-Changes to the `plugins:` section do not affect the `exclude_patterns` section of the
-default `.codeclimate.yml`. See the Code Climate documentation for
-[excluding files and folders](https://docs.codeclimate.com/docs/excluding-files-and-folders)
-for more details.
-
-Here's [an example project](https://gitlab.com/jheimbuck_gl/jh_java_example_project) that uses Code Quality with a `.codeclimate.yml` file.
-
-## Use a Code Quality image hosted in a registry with untrusted certificates
-
-If you set the `CODE_QUALITY_IMAGE` to an image that is hosted in a
-Docker registry which uses a TLS certificate that is not trusted, such as
-a self-signed certificate, you can see errors like the one below:
-
-```shell
-$ docker pull --quiet "$CODE_QUALITY_IMAGE"
-Error response from daemon: Get https://gitlab.example.com/v2/: x509: certificate signed by unknown authority
-```
-
-To fix this, configure the Docker daemon to [trust certificates](https://docs.docker.com/registry/insecure/#use-self-signed-certificates)
-by putting the certificate inside of the `/etc/docker/certs.d`
-directory.
-
-This Docker daemon is exposed to the subsequent Code Quality Docker container in the
-[GitLab Code Quality template](https://gitlab.com/gitlab-org/gitlab/-/blob/v13.8.3-ee/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml#L41)
-and should be to exposed any other containers in which you want to have
-your certificate configuration apply.
-
-### Docker
-
-If you have access to GitLab Runner configuration, add the directory as a
-[volume mount](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#volumes-in-the-runnersdocker-section). For example:
-
-```toml
-[[runners]]
-  ...
-  executor = "docker"
-  [runners.docker]
-    ...
-    privileged = true
-    volumes = ["/cache", "/etc/gitlab-runner/certs/gitlab.example.com.crt:/etc/docker/certs.d/gitlab.example.com/ca.crt:ro"]
-```
-
-Replace `gitlab.example.com` with the actual domain of the registry.
-
-### Kubernetes
-
-If you have access to GitLab Runner configuration and the Kubernetes cluster,
-you can [mount a ConfigMap](https://docs.gitlab.com/runner/executors/kubernetes.html#configmap-volumes):
-
-1. Create a ConfigMap with the certificate:
-
-   ```shell
-   kubectl create configmap registry-crt --namespace gitlab-runner --from-file /etc/gitlab-runner/certs/gitlab.example.com.crt
-   ```
-
-1. Update GitLab Runner `config.toml` to specify the ConfigMap:
-
-   ```toml
-   [[runners]]
-     ...
-     executor = "kubernetes"
-     [runners.kubernetes]
-       image = "alpine:3.12"
-       privileged = true
-       [[runners.kubernetes.volumes.config_map]]
-         name = "registry-crt"
-         mount_path = "/etc/docker/certs.d/gitlab.example.com/ca.crt"
-         sub_path = "gitlab.example.com.crt"
-   ```
-
-Replace `gitlab.example.com` with the actual domain of the registry.
-
-## Troubleshooting
-
-### Changing the default configuration has no effect
-
-A common issue is that the terms `Code Quality` (GitLab specific) and `Code Climate`
-(Engine used by GitLab) are very similar. You must add a **`.codeclimate.yml`** file
-to change the default configuration, **not** a `.codequality.yml` file. If you use
-the wrong filename, the [default `.codeclimate.yml`](https://gitlab.com/gitlab-org/ci-cd/codequality/-/blob/master/codeclimate_defaults/.codeclimate.yml.template)
-is still used.
-
-### No Code Quality report is displayed in a merge request
-
-This can be due to multiple reasons:
-
-- You just added the Code Quality job in your `.gitlab-ci.yml`. The report does not
-  have anything to compare to yet, so no information can be displayed. It only displays
-  after future merge requests have something to compare to.
-- Your pipeline is not set to run the code quality job on your target branch. If there is no report generated from the target branch, your MR branch reports have nothing to compare to. In this situation you will see an error stating `Base pipeline codequality artifact not found`.
-- If no [degradation or error is detected](https://docs.codeclimate.com/docs/maintainability#section-checks),
-  nothing is displayed.
-- The [`artifacts:expire_in`](../../../ci/yaml/index.md#artifactsexpire_in) CI/CD
-  setting can cause the Code Quality artifacts to expire faster than desired.
-- The widgets use the pipeline of the latest commit to the target branch. If commits are made to the default branch that do not run the code quality job, this may cause the merge request widget to have no base report for comparison.
-- If you use the [`REPORT_STDOUT` environment variable](https://gitlab.com/gitlab-org/ci-cd/codequality#environment-variables), no report file is generated and nothing displays in the merge request.
-- Large `gl-code-quality-report.json` files (esp. >10 MB) are [known to prevent the report from being displayed](https://gitlab.com/gitlab-org/gitlab/-/issues/2737).
-  As a work-around, try removing [properties](https://github.com/codeclimate/platform/blob/master/spec/analyzers/SPEC.md#data-types)
-  that are [ignored by GitLab](#implementing-a-custom-tool). You can:
-  - Configure the Code Quality tool to not output those types.
-  - Use `sed`, `awk` or similar commands in the `.gitlab-ci.yml` script to
-    edit the `gl-code-quality-report.json` before the job completes.
-
-### Only a single Code Quality report is displayed, but more are defined
-
-GitLab only uses the Code Quality artifact from the latest created job (with the largest job ID).
-If multiple jobs in a pipeline generate a code quality artifact, those of earlier jobs are ignored.
-To avoid confusion, configure only one job to generate a `gl-code-quality-report.json`.
-
-### RuboCop errors
-
-When using Code Quality jobs on a Ruby project, you can encounter problems running RuboCop.
-For example, the following error can appear when using either a very recent or very old version
-of Ruby:
-
-```plaintext
-/usr/local/bundle/gems/rubocop-0.52.1/lib/rubocop/config.rb:510:in `check_target_ruby':
-Unknown Ruby version 2.7 found in `.ruby-version`. (RuboCop::ValidationError)
-Supported versions: 2.1, 2.2, 2.3, 2.4, 2.5
-```
-
-This is caused by the default version of RuboCop used by the check engine not covering
-support for the Ruby version in use.
-
-To use a custom version of RuboCop that
-[supports the version of Ruby used by the project](https://docs.rubocop.org/rubocop/compatibility.html#support-matrix),
-you can [override the configuration through a `.codeclimate.yml` file](https://docs.codeclimate.com/docs/rubocop#using-rubocops-newer-versions)
-created in the project repository.
-
-For example, to specify using RuboCop release **0.67**:
-
-```yaml
-version: "2"
-plugins:
-  rubocop:
-    enabled: true
-    channel: rubocop-0-67
-```
-
-### No Code Quality appears on merge requests when using custom tool
-
-If your merge requests do not show any code quality changes when using a custom tool,
-ensure that the line property is an `integer`.
-
-### Code Quality CI job with Code Climate plugins enabled fails with error
-
-If you enabled any of the Code Climate plugins, and the Code Quality CI job fails with the error
-below, it's likely the job takes longer than the default timeout of 900 seconds:
-
-```shell
-error: (CC::CLI::Analyze::EngineFailure) engine pmd ran for 900 seconds and was killed
-Could not analyze code quality for the repository at /code
-```
-
-To work around this problem, set `TIMEOUT_SECONDS` to a higher value in your `.gitlab.-ci.yml` file.
-
-For example:
-
-```yaml
-variables:
-  TIMEOUT_SECONDS: 3600
-```
+<!-- This redirect file can be deleted after <2022-09-22>. -->
+<!-- Redirects that point to other docs in the same project expire in three months. -->
+<!-- Redirects that point to docs in a different project or site (for example, link is not relative and starts with `https:`) expire in one year. -->
+<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/redirects.html -->
diff --git a/doc/user/project/merge_requests/creating_merge_requests.md b/doc/user/project/merge_requests/creating_merge_requests.md
index 6ee02238a22..f30b20e9d34 100644
--- a/doc/user/project/merge_requests/creating_merge_requests.md
+++ b/doc/user/project/merge_requests/creating_merge_requests.md
@@ -104,7 +104,7 @@ You can create a merge request from your fork to contribute back to the main pro
 After your work is merged, if you don't intend to
 make any other contributions to the upstream project, you can unlink your
 fork from its upstream project. Go to **Settings > Advanced Settings** and
-[remove the forking relationship](../settings/index.md#removing-a-fork-relationship).
+[remove the forking relationship](../settings/index.md#remove-a-fork-relationship).
 
 For more information, [see the forking workflow documentation](../repository/forking_workflow.md).
 
diff --git a/doc/user/project/merge_requests/csv_export.md b/doc/user/project/merge_requests/csv_export.md
index aaa9bec945f..2adcc4d4575 100644
--- a/doc/user/project/merge_requests/csv_export.md
+++ b/doc/user/project/merge_requests/csv_export.md
@@ -10,7 +10,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 Exporting merge requests CSV enables you and your team to export all the data collected from merge requests into a comma-separated values (CSV) file, which stores tabular data in plain text.
 
-To export merge requests to CSV, navigate to your **Merge requests** from the sidebar of a project and select **Export to CSV**.
+To export merge requests to CSV, navigate to your **Merge requests** from the sidebar of a project and select **Export as CSV**.
 
 ## CSV Output
 
diff --git a/doc/user/project/merge_requests/drafts.md b/doc/user/project/merge_requests/drafts.md
index 13cc68f02dd..4bb6034c0bd 100644
--- a/doc/user/project/merge_requests/drafts.md
+++ b/doc/user/project/merge_requests/drafts.md
@@ -75,12 +75,10 @@ draft merge requests:
 
 ## Pipelines for drafts
 
-When the [merged results pipelines](../../../ci/pipelines/merged_results_pipelines.md)
-feature is enabled, draft merge requests run
-[merge request pipelines](../../../ci/pipelines/merge_request_pipelines.md) only.
+Draft merge requests run the same pipelines as merge request that are marked as ready.
 
-To run merged results pipelines, you must
-[mark the merge request as ready](#mark-merge-requests-as-ready).
+In GitLab 15.0 and older, you must [mark the merge request as ready](#mark-merge-requests-as-ready)
+if you want to run [merged results pipelines](../../../ci/pipelines/merged_results_pipelines.md).
 
 <!-- ## Troubleshooting
 
diff --git a/doc/user/project/merge_requests/fail_fast_testing.md b/doc/user/project/merge_requests/fail_fast_testing.md
index 355661516a7..c09a7c14c06 100644
--- a/doc/user/project/merge_requests/fail_fast_testing.md
+++ b/doc/user/project/merge_requests/fail_fast_testing.md
@@ -1,97 +1,11 @@
 ---
-stage: Verify
-group: Pipeline Insights
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+redirect_to: '../../../ci/testing/fail_fast_testing.md'
+remove_date: '2022-08-31'
 ---
 
-# Fail Fast Testing **(PREMIUM)**
+This document was moved to [another location](../../../ci/testing/fail_fast_testing.md).
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/198550) in GitLab 13.1.
-
-For applications that use RSpec for running tests, we've introduced the `Verify/Failfast`
-[template to run subsets of your test suite](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates/Verify/FailFast.gitlab-ci.yml),
-based on the changes in your merge request.
-
-The template uses the [test_file_finder (`tff`) gem](https://gitlab.com/gitlab-org/ci-cd/test_file_finder/)
-that accepts a list of files as input, and returns a list of spec (test) files
-that it believes to be relevant to the input files.
-
-`tff` is designed for Ruby on Rails projects, so the `Verify/FailFast` template is
-configured to run when changes to Ruby files are detected. By default, it runs in
-the [`.pre` stage](../../../ci/yaml/index.md#stage-pre) of a GitLab CI/CD pipeline,
-before all other stages.
-
-## Example use case
-
-Fail fast testing is useful when adding new functionality to a project and adding
-new automated tests.
-
-Your project could have hundreds of thousands of tests that take a long time to complete.
-You may be confident that a new test will pass, but you have to wait for all the tests
-to complete to verify it. This could take an hour or more, even when using parallelization.
-
-Fail fast testing gives you a faster feedback loop from the pipeline. It lets you
-know quickly that the new tests are passing and the new functionality did not break
-other tests.
-
-## Requirements
-
-This template requires:
-
-- A project built in Rails that uses RSpec for testing.
-- CI/CD configured to:
-  - Use a Docker image with Ruby available.
-  - Use [Merge request pipelines](../../../ci/pipelines/merge_request_pipelines.md#prerequisites)
-- [Merged results pipelines](../../../ci/pipelines/merged_results_pipelines.md#enable-merged-results-pipelines)
-  enabled in the project settings.
-- A Docker image with Ruby available. The template uses `image: ruby:2.6` by default, but you [can override](../../../ci/yaml/includes.md#override-included-configuration-values) this.
-
-## Configuring Fast RSpec Failure
-
-We use the following plain RSpec configuration as a starting point. It installs all the
-project gems and executes `rspec`, on merge request pipelines only.
-
-```yaml
-rspec-complete:
-  stage: test
-  rules:
-    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
-  script:
-    - bundle install
-    - bundle exec rspec
-```
-
-To run the most relevant specs first instead of the whole suite, [`include`](../../../ci/yaml/index.md#include)
-the template by adding the following to your CI/CD configuration:
-
-```yaml
-include:
-  - template: Verify/FailFast.gitlab-ci.yml
-```
-
-To customize the job, specific options may be set to override the template. For example, to override the default Docker image:
-
-```yaml
-include:
-  - template: Verify/FailFast.gitlab-ci.yml
-
-rspec-rails-modified-path-specs:
-  image: custom-docker-image-with-ruby
-```
-
-### Example test loads
-
-For illustrative purposes, let's say our Rails app spec suite consists of 100 specs per model for ten models.
-
-If no Ruby files are changed:
-
-- `rspec-rails-modified-paths-specs` does not run any tests.
-- `rspec-complete` runs the full suite of 1000 tests.
-
-If one Ruby model is changed, for example `app/models/example.rb`, then `rspec-rails-modified-paths-specs`
-runs the 100 tests for `example.rb`:
-
-- If all of these 100 tests pass, then the full `rspec-complete` suite of 1000 tests is allowed to run.
-- If any of these 100 tests fail, they fail quickly, and `rspec-complete` does not run any tests.
-
-The final case saves resources and time as the full 1000 test suite does not run.
+<!-- This redirect file can be deleted after <2022-09-22>. -->
+<!-- Redirects that point to other docs in the same project expire in three months. -->
+<!-- Redirects that point to docs in a different project or site (for example, link is not relative and starts with `https:`) expire in one year. -->
+<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/redirects.html -->
diff --git a/doc/user/project/merge_requests/img/accessibility_mr_widget_v13_0.png b/doc/user/project/merge_requests/img/accessibility_mr_widget_v13_0.png
deleted file mode 100644
index 4ada7e25b65..00000000000
--- a/doc/user/project/merge_requests/img/accessibility_mr_widget_v13_0.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/img/attention_request_list_v14_10.png b/doc/user/project/merge_requests/img/attention_request_list_v14_10.png
deleted file mode 100644
index 00427a0aa40..00000000000
--- a/doc/user/project/merge_requests/img/attention_request_list_v14_10.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/img/attention_request_sidebar_v14_10.png b/doc/user/project/merge_requests/img/attention_request_sidebar_v14_10.png
deleted file mode 100644
index 174cf01dbb0..00000000000
--- a/doc/user/project/merge_requests/img/attention_request_sidebar_v14_10.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/img/browser_performance_testing.png b/doc/user/project/merge_requests/img/browser_performance_testing.png
deleted file mode 100644
index a3d7022bcfc..00000000000
--- a/doc/user/project/merge_requests/img/browser_performance_testing.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/img/code_quality_host_bound_sequential.png b/doc/user/project/merge_requests/img/code_quality_host_bound_sequential.png
deleted file mode 100644
index 2b31f3b42ee..00000000000
--- a/doc/user/project/merge_requests/img/code_quality_host_bound_sequential.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/img/code_quality_mr_diff_report_v14_2.png b/doc/user/project/merge_requests/img/code_quality_mr_diff_report_v14_2.png
deleted file mode 100644
index c1e9aad24ac..00000000000
--- a/doc/user/project/merge_requests/img/code_quality_mr_diff_report_v14_2.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/img/code_quality_report_13_11.png b/doc/user/project/merge_requests/img/code_quality_report_13_11.png
deleted file mode 100644
index 36341548328..00000000000
--- a/doc/user/project/merge_requests/img/code_quality_report_13_11.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/img/code_quality_widget_13_11.png b/doc/user/project/merge_requests/img/code_quality_widget_13_11.png
deleted file mode 100644
index 57978a0ed96..00000000000
--- a/doc/user/project/merge_requests/img/code_quality_widget_13_11.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/img/load_performance_testing.png b/doc/user/project/merge_requests/img/load_performance_testing.png
deleted file mode 100644
index d5623867ee7..00000000000
--- a/doc/user/project/merge_requests/img/load_performance_testing.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/img/merge_method_ff_v15_0.png b/doc/user/project/merge_requests/img/merge_method_ff_v15_0.png
deleted file mode 100644
index 323fd03ffa2..00000000000
--- a/doc/user/project/merge_requests/img/merge_method_ff_v15_0.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/img/merge_method_merge_commit_v15_0.png b/doc/user/project/merge_requests/img/merge_method_merge_commit_v15_0.png
deleted file mode 100644
index b880c2c0e04..00000000000
--- a/doc/user/project/merge_requests/img/merge_method_merge_commit_v15_0.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/img/merge_method_merge_commit_with_semi_linear_history_v15_0.png b/doc/user/project/merge_requests/img/merge_method_merge_commit_with_semi_linear_history_v15_0.png
deleted file mode 100644
index 9eab71e9d3c..00000000000
--- a/doc/user/project/merge_requests/img/merge_method_merge_commit_with_semi_linear_history_v15_0.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/img/test_coverage_visualization_v12_9.png b/doc/user/project/merge_requests/img/test_coverage_visualization_v12_9.png
deleted file mode 100644
index 1922a566dd5..00000000000
--- a/doc/user/project/merge_requests/img/test_coverage_visualization_v12_9.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/index.md b/doc/user/project/merge_requests/index.md
index 30b69c2fff5..a7a669d3b75 100644
--- a/doc/user/project/merge_requests/index.md
+++ b/doc/user/project/merge_requests/index.md
@@ -251,60 +251,13 @@ This feature works only when a merge request is merged. Selecting **Remove sourc
 after merging does not retarget open merge requests. This improvement is
 [proposed as a follow-up](https://gitlab.com/gitlab-org/gitlab/-/issues/321559).
 
-## Request attention to a merge request
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/343528) in GitLab 14.10 [with a flag](../../../administration/feature_flags.md) named `mr_attention_requests`. Disabled by default.
-
-FLAG:
-On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to [enable the feature flag](../../../administration/feature_flags.md) named `mr_attention_requests`.
-On GitLab.com, this feature is dependent on the enablement status of the feature flag. Refer to the [enablement issue](https://gitlab.com/gitlab-org/gitlab/-/issues/343528) for details.
-
-To tell a merge request's assignee or reviewer that their attention is
-needed on a merge request, you can request their attention. If an assignee or a
-reviewer has their attention requested on a merge request, the **Attention request**
-icon (**{attention}**) is displayed as a solid icon (**{attention-solid}**) on
-the merge request list page:
-
-![Attention request icon](img/attention_request_list_v14_10.png)
-
-To view a list of merge requests that need your attention:
-
-1. On the top bar, select **Merge requests** (**{merge-request}**).
-1. Select **Attention requests**.
-
-To request attention from another user, use the `/attention @user`
-[quick action](../quick_actions.md) or:
-
-1. Go to the merge request.
-1. On the right sidebar, identify the user you want to request attention from.
-1. Next to the user's name, select **Request attention** (**{attention}**), and the appearance
-   of the icon changes:
-
-   ![Attention request toggle](img/attention_request_sidebar_v14_10.png)
-
-### Remove an attention request
-
-If your attention was requested as an assignee or reviewer, it's removed when you:
-
-- Manually remove the attention request by selecting **Remove attention request** (**{attention-solid}**).
-- Approve the merge request.
-- Add a new user as an assignee or reviewer.
-- Request the attention of a different assignee or reviewer.
-- Remove yourself (or are removed by someone else) as an assignee or reviewer.
-- Merge or close the merge request.
-
-If you are both the assignee and a reviewer on a merge request, you receive
-only one attention request, which is synced across both duties. If the
-attention request is removed from you, either as an assignee or a reviewer,
-it is removed from both your duties.
-
 ## Merge request workflows
 
 For a software developer working in a team:
 
 1. You checkout a new branch, and submit your changes through a merge request.
 1. You gather feedback from your team.
-1. You work on the implementation optimizing code with [Code Quality reports](code_quality.md).
+1. You work on the implementation optimizing code with [Code Quality reports](../../../ci/testing/code_quality.md).
 1. You verify your changes with [Unit test reports](../../../ci/testing/unit_test_reports.md) in GitLab CI/CD.
 1. You avoid using dependencies whose license is not compatible with your project with [License Compliance reports](../../compliance/license_compliance/index.md).
 1. You request the [approval](approvals/index.md) from your manager.
diff --git a/doc/user/project/merge_requests/load_performance_testing.md b/doc/user/project/merge_requests/load_performance_testing.md
index a5fff4a38be..04b62c5d8fe 100644
--- a/doc/user/project/merge_requests/load_performance_testing.md
+++ b/doc/user/project/merge_requests/load_performance_testing.md
@@ -1,201 +1,11 @@
 ---
-stage: Verify
-group: Pipeline Insights
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+redirect_to: '../../../ci/testing/load_performance_testing.md'
+remove_date: '2022-08-31'
 ---
 
-# Load Performance Testing **(PREMIUM)**
+This document was moved to [another location](../../../ci/testing/load_performance_testing.md).
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10683) in GitLab 13.2.
-
-With Load Performance Testing, you can test the impact of any pending code changes
-to your application's backend in [GitLab CI/CD](../../../ci/index.md).
-
-GitLab uses [k6](https://k6.io/), a free and open source
-tool, for measuring the system performance of applications under
-load.
-
-Unlike [Browser Performance Testing](browser_performance_testing.md), which is
-used to measure how web sites perform in client browsers, Load Performance Testing
-can be used to perform various types of [load tests](https://k6.io/docs/#use-cases)
-against application endpoints such as APIs, Web Controllers, and so on.
-This can be used to test how the backend or the server performs at scale.
-
-For example, you can use Load Performance Testing to perform many concurrent
-GET calls to a popular API endpoint in your application to see how it performs.
-
-## How Load Performance Testing works
-
-First, define a job in your `.gitlab-ci.yml` file that generates the
-[Load Performance report artifact](../../../ci/yaml/artifacts_reports.md#artifactsreportsload_performance).
-GitLab checks this report, compares key load performance metrics
-between the source and target branches, and then shows the information in a merge request widget:
-
-![Load Performance Widget](img/load_performance_testing.png)
-
-Next, you need to configure the test environment and write the k6 test.
-
-The key performance metrics that the merge request widget shows after the test completes are:
-
-- Checks: The percentage pass rate of the [checks](https://k6.io/docs/using-k6/checks) configured in the k6 test.
-- TTFB P90: The 90th percentile of how long it took to start receiving responses, aka the [Time to First Byte](https://en.wikipedia.org/wiki/Time_to_first_byte) (TTFB).
-- TTFB P95: The 95th percentile for TTFB.
-- RPS: The average requests per second (RPS) rate the test was able to achieve.
-
-NOTE:
-If the Load Performance report has no data to compare, such as when you add the
-Load Performance job in your `.gitlab-ci.yml` for the very first time,
-the Load Performance report widget doesn't display. It must have run at least
-once on the target branch (`main`, for example), before it displays in a
-merge request targeting that branch.
-
-## Configure the Load Performance Testing job
-
-Configuring your Load Performance Testing job can be broken down into several distinct parts:
-
-- Determine the test parameters such as throughput, and so on.
-- Set up the target test environment for load performance testing.
-- Design and write the k6 test.
-
-### Determine the test parameters
-
-The first thing you need to do is determine the [type of load test](https://k6.io/docs/test-types/introduction)
-you want to run, and how it will run (for example, the number of users, throughput, and so on).
-
-Refer to the [k6 docs](https://k6.io/docs/), especially the [k6 testing guides](https://k6.io/docs/testing-guides),
-for guidance on the above and more.
-
-### Test Environment setup
-
-A large part of the effort around load performance testing is to prepare the target test environment
-for high loads. You should ensure it's able to handle the
-[throughput](https://k6.io/blog/monthly-visits-concurrent-users) it will be tested with.
-
-It's also typically required to have representative test data in the target environment
-for the load performance test to use.
-
-We strongly recommend [not running these tests against a production environment](https://k6.io/our-beliefs#load-test-in-a-pre-production-environment).
-
-### Write the load performance test
-
-After the environment is prepared, you can write the k6 test itself. k6 is a flexible
-tool and can be used to run [many kinds of performance tests](https://k6.io/docs/test-types/introduction).
-Refer to the [k6 documentation](https://k6.io/docs/) for detailed information on how to write tests.
-
-### Configure the test in GitLab CI/CD
-
-When your k6 test is ready, the next step is to configure the load performance
-testing job in GitLab CI/CD. The easiest way to do this is to use the
-[`Verify/Load-Performance-Testing.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Verify/Load-Performance-Testing.gitlab-ci.yml)
-template that is included with GitLab.
-
-NOTE:
-For large scale k6 tests you need to ensure the GitLab Runner instance performing the actual
-test is able to handle running the test. Refer to [k6's guidance](https://k6.io/docs/testing-guides/running-large-tests#hardware-considerations)
-for spec details. The [default shared GitLab.com runners](../../../ci/runners/saas/linux_saas_runner.md)
-likely have insufficient specs to handle most large k6 tests.
-
-This template runs the
-[k6 Docker container](https://hub.docker.com/r/loadimpact/k6/) in the job and provides several ways to customize the
-job.
-
-An example configuration workflow:
-
-1. Set up GitLab Runner to run Docker containers, like the
-   [Docker-in-Docker workflow](../../../ci/docker/using_docker_build.md#use-docker-in-docker).
-1. Configure the default Load Performance Testing CI/CD job in your `.gitlab-ci.yml` file.
-   You need to include the template and configure it with CI/CD variables:
-
-   ```yaml
-   include:
-     template: Verify/Load-Performance-Testing.gitlab-ci.yml
-
-   load_performance:
-     variables:
-       K6_TEST_FILE: <PATH TO K6 TEST FILE IN PROJECT>
-   ```
-
-The above example creates a `load_performance` job in your CI/CD pipeline that runs
-the k6 test.
-
-NOTE:
-For Kubernetes setups a different template should be used: [`Jobs/Load-Performance-Testing.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Load-Performance-Testing.gitlab-ci.yml).
-
-k6 has [various options](https://k6.io/docs/using-k6/options) to configure how it will run tests, such as what throughput (RPS) to run with,
-how long the test should run, and so on. Almost all options can be configured in the test itself, but as
-you can also pass command line options via the `K6_OPTIONS` variable.
-
-For example, you can override the duration of the test with a CLI option:
-
-```yaml
-  include:
-    template: Verify/Load-Performance-Testing.gitlab-ci.yml
-
-  load_performance:
-    variables:
-      K6_TEST_FILE: <PATH TO K6 TEST FILE IN PROJECT>
-      K6_OPTIONS: '--duration 30s'
-```
-
-GitLab only displays the key performance metrics in the MR widget if k6's results are saved
-via [summary export](https://k6.io/docs/results-visualization/json#summary-export)
-as a [Load Performance report artifact](../../../ci/yaml/artifacts_reports.md#artifactsreportsload_performance).
-The latest Load Performance artifact available is always used, using the
-summary values from the test.
-
-If [GitLab Pages](../pages/index.md) is enabled, you can view the report directly in your browser.
-
-### Load Performance testing in Review Apps
-
-The CI/CD YAML configuration example above works for testing against static environments,
-but it can be extended to work with [review apps](../../../ci/review_apps) or
-[dynamic environments](../../../ci/environments) with a few extra steps.
-
-The best approach is to capture the dynamic URL in a [`.env` file](https://docs.docker.com/compose/env-file/)
-as a job artifact to be shared, then use a custom CI/CD variable we've provided named `K6_DOCKER_OPTIONS`
-to configure the k6 Docker container to use the file. With this, k6 can then use any
-environment variables from the `.env` file in scripts using standard JavaScript,
-such as: ``http.get(`${__ENV.ENVIRONMENT_URL}`)``.
-
-For example:
-
-1. In the `review` job:
-   1. Capture the dynamic URL and save it into a `.env` file, for example, `echo "ENVIRONMENT_URL=$CI_ENVIRONMENT_URL" >> review.env`.
-   1. Set the `.env` file to be a [job artifact](../../../ci/pipelines/job_artifacts.md#job-artifacts).
-1. In the `load_performance` job:
-   1. Set it to depend on the review job, so it inherits the environment file.
-   1. Set the `K6_DOCKER_OPTIONS` variable with the [Docker CLI option for environment files](https://docs.docker.com/engine/reference/commandline/run/#set-environment-variables--e---env---env-file), for example `--env-file review.env`.
-1. Configure the k6 test script to use the environment variable in it's steps.
-
-Your `.gitlab-ci.yml` file might be similar to:
-
-```yaml
-stages:
-  - deploy
-  - performance
-
-include:
-  template: Verify/Load-Performance-Testing.gitlab-ci.yml
-
-review:
-  stage: deploy
-  environment:
-    name: review/$CI_COMMIT_REF_SLUG
-    url: http://$CI_ENVIRONMENT_SLUG.example.com
-  script:
-    - run_deploy_script
-    - echo "ENVIRONMENT_URL=$CI_ENVIRONMENT_URL" >> review.env
-  artifacts:
-    paths:
-      - review.env
-  rules:
-    - if: $CI_COMMIT_BRANCH  # Modify to match your pipeline rules, or use `only/except` if needed.
-
-load_performance:
-  dependencies:
-    - review
-  variables:
-    K6_DOCKER_OPTIONS: '--env-file review.env'
-  rules:
-    - if: $CI_COMMIT_BRANCH  # Modify to match your pipeline rules, or use `only/except` if needed.
-```
+<!-- This redirect file can be deleted after <2022-09-22>. -->
+<!-- Redirects that point to other docs in the same project expire in three months. -->
+<!-- Redirects that point to docs in a different project or site (for example, link is not relative and starts with `https:`) expire in one year. -->
+<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/redirects.html -->
diff --git a/doc/user/project/merge_requests/methods/index.md b/doc/user/project/merge_requests/methods/index.md
index d3221162cfd..63b464e5ff4 100644
--- a/doc/user/project/merge_requests/methods/index.md
+++ b/doc/user/project/merge_requests/methods/index.md
@@ -23,7 +23,26 @@ merge requests are merged into an existing branch.
 This setting is the default. It always creates a separate merge commit,
 even when using [squash](../squash_and_merge.md). An example commit graph generated using this merge method:
 
-![Commit graph for merge commits](../img/merge_method_merge_commit_v15_0.png)
+```mermaid
+gitGraph
+  commit id: "Init"
+  branch mr-branch-1
+  commit
+  checkout main
+  commit
+  branch mr-branch-2
+  commit
+  checkout mr-branch-1
+  commit
+  checkout main
+  branch squash-mr
+  commit id: "Squashed commits"
+  checkout main
+  merge squash-mr
+  merge mr-branch-1
+  commit
+  merge mr-branch-2
+```
 
 - For regular merges, it is equivalent to the command `git merge --no-ff <source-branch>`.
 - For squash merges, it squashes all commits in the source branch before merging it normally. It performs actions similar to:
@@ -42,7 +61,25 @@ A merge commit is created for every merge, but the branch is only merged if
 a fast-forward merge is possible. This ensures that if the merge request build
 succeeded, the target branch build also succeeds after the merge. An example commit graph generated using this merge method:
 
-![Commit graph for merge commit with semi-linear history](../img/merge_method_merge_commit_with_semi_linear_history_v15_0.png)
+```mermaid
+gitGraph
+  commit id: "Init"
+  branch mr-branch-1
+  commit
+  commit
+  checkout main
+  merge mr-branch-1
+  branch mr-branch-2
+  commit
+  commit
+  checkout main
+  merge mr-branch-2
+  commit
+  branch squash-mr
+  commit id: "Squashed commits"
+  checkout main
+  merge squash-mr
+```
 
 When you visit the merge request page with `Merge commit with semi-linear history`
 method selected, you can accept it **only if a fast-forward merge is possible**.
@@ -63,7 +100,14 @@ fast-forward merge requests, you can retain a linear Git history and a way
 to accept merge requests without creating merge commits. An example commit graph
 generated using this merge method:
 
-![Commit graph for fast-forward merge](../img/merge_method_ff_v15_0.png)
+```mermaid
+gitGraph
+  commit id: "Init"
+  commit id: "Merge mr-branch-1"
+  commit id: "Merge mr-branch-2"
+  commit id: "Commit on main"
+  commit id: "Merge squash-mr"
+```
 
 This method is equivalent to `git merge --ff <source-branch>` for regular merges, and to
 `git merge -squash <source-branch>` for squash merges.
diff --git a/doc/user/project/merge_requests/reviews/index.md b/doc/user/project/merge_requests/reviews/index.md
index 8f77ce90436..a8f43dd9c02 100644
--- a/doc/user/project/merge_requests/reviews/index.md
+++ b/doc/user/project/merge_requests/reviews/index.md
@@ -112,13 +112,7 @@ This example shows reviewers and approval rules in a merge request sidebar:
 
 ### Request a new review
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/293933) in GitLab 13.9.
-> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/357271) in GitLab 14.10.
-
-WARNING:
-This feature is in its end-of-life process. It is [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/357271)
-in GitLab 14.10, and is planned for [removal](https://gitlab.com/gitlab-org/gitlab/-/issues/357271) in GitLab 15.0.
-Use [attention requests](../index.md#request-attention-to-a-merge-request) instead.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/293933) in GitLab 13.9.
 
 After a reviewer completes their [merge request reviews](../../../discussions/index.md),
 the author of the merge request can request a new review from the reviewer:
diff --git a/doc/user/project/merge_requests/reviews/suggestions.md b/doc/user/project/merge_requests/reviews/suggestions.md
index 7360b57103b..2ff65571c8b 100644
--- a/doc/user/project/merge_requests/reviews/suggestions.md
+++ b/doc/user/project/merge_requests/reviews/suggestions.md
@@ -77,7 +77,7 @@ in four backticks instead of three:
 
 ## Configure the commit message for applied suggestions
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13086) in GitLab 12.7.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13086) in GitLab 12.7.
 
 GitLab uses a default commit message
 when applying suggestions: `Apply %{suggestions_count} suggestion(s) to %{files_count} file(s)`
diff --git a/doc/user/project/merge_requests/status_checks.md b/doc/user/project/merge_requests/status_checks.md
index 76a67487881..423179325d3 100644
--- a/doc/user/project/merge_requests/status_checks.md
+++ b/doc/user/project/merge_requests/status_checks.md
@@ -138,7 +138,7 @@ the status check and it **will not** be recoverable.
 
 ## Status checks widget
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/327634) in GitLab 14.1.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/327634) in GitLab 14.1.
 
 The status checks widget displays in merge requests and shows the status of external
 status checks:
diff --git a/doc/user/project/merge_requests/test_coverage_visualization.md b/doc/user/project/merge_requests/test_coverage_visualization.md
index fcbd732f8ee..53d45e6940d 100644
--- a/doc/user/project/merge_requests/test_coverage_visualization.md
+++ b/doc/user/project/merge_requests/test_coverage_visualization.md
@@ -1,441 +1,11 @@
 ---
-stage: Verify
-group: Pipeline Insights
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+redirect_to: '../../../ci/testing/test_coverage_visualization.md'
+remove_date: '2022-08-31'
 ---
 
-# Test coverage visualization **(FREE)**
+This document was moved to [another location](../../../ci/testing/test_coverage_visualization.md).
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3708) in GitLab 12.9.
-> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/249811) in GitLab 13.5.
-
-With the help of [GitLab CI/CD](../../../ci/index.md), you can collect the test
-coverage information of your favorite testing or coverage-analysis tool, and visualize
-this information inside the file diff view of your merge requests (MRs). This will allow you
-to see which lines are covered by tests, and which lines still require coverage, before the
-MR is merged.
-
-![Test Coverage Visualization Diff View](img/test_coverage_visualization_v12_9.png)
-
-## How test coverage visualization works
-
-Collecting the coverage information is done via GitLab CI/CD's
-[artifacts reports feature](../../../ci/yaml/index.md#artifactsreports).
-You can specify one or more coverage reports to collect, including wildcard paths.
-GitLab then takes the coverage information in all the files and combines it
-together. Coverage files are parsed in a background job so there can be a delay
-between pipeline completion and the visualization loading on the page.
-
-For the coverage analysis to work, you have to provide a properly formatted
-[Cobertura XML](https://cobertura.github.io/cobertura/) report to
-[`artifacts:reports:coverage_report`](../../../ci/yaml/artifacts_reports.md#artifactsreportscoverage_report).
-This format was originally developed for Java, but most coverage analysis frameworks
-for other languages have plugins to add support for it, like:
-
-- [simplecov-cobertura](https://rubygems.org/gems/simplecov-cobertura) (Ruby)
-- [gocover-cobertura](https://github.com/boumenot/gocover-cobertura) (Golang)
-
-Other coverage analysis frameworks support the format out of the box, for example:
-
-- [Istanbul](https://istanbul.js.org/docs/advanced/alternative-reporters/#cobertura) (JavaScript)
-- [Coverage.py](https://coverage.readthedocs.io/en/coverage-5.0.4/cmd.html#xml-reporting) (Python)
-- [PHPUnit](https://github.com/sebastianbergmann/phpunit-documentation-english/blob/master/src/textui.rst#command-line-options) (PHP)
-
-Once configured, if you create a merge request that triggers a pipeline which collects
-coverage reports, the coverage is shown in the diff view. This includes reports
-from any job in any stage in the pipeline. The coverage displays for each line:
-
-- `covered` (green): lines which have been checked at least once by tests
-- `no test coverage` (orange): lines which are loaded but never executed
-- no coverage information: lines which are non-instrumented or not loaded
-
-Hovering over the coverage bar provides further information, such as the number
-of times the line was checked by tests.
-
-Uploading a test coverage report does not enable:
-
-- [Test coverage results in merge requests](../../../ci/pipelines/settings.md#merge-request-test-coverage-results).
-- [Code coverage history](../../../ci/pipelines/settings.md#view-code-coverage-history).
-
-You must configure these separately.
-
-### Limits
-
-A limit of 100 `<source>` nodes for Cobertura format XML files applies. If your Cobertura report exceeds
-100 nodes, there can be mismatches or no matches in the merge request diff view.
-
-A single Cobertura XML file can be no more than 10MiB. For large projects, split the Cobertura XML into
-smaller files. See [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/328772) for more details.
-When submitting many files, it can take a few minutes for coverage to show on a merge request.
-
-The visualization only displays after the pipeline is complete. If the pipeline has
-a [blocking manual job](../../../ci/jobs/job_control.md#types-of-manual-jobs), the
-pipeline waits for the manual job before continuing and is not considered complete.
-The visualization cannot be displayed if the blocking manual job did not run.
-
-### Artifact expiration
-
-By default, the [pipeline artifact](../../../ci/pipelines/pipeline_artifacts.md#storage) used
-to draw the visualization on the merge request expires **one week** after creation.
-
-### Coverage report from child pipeline
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/363301) in GitLab 15.1 [with a flag](../../../administration/feature_flags.md). Disabled by default.
-
-FLAG:
-On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to [enable the feature flag](../../../administration/feature_flags.md) named `ci_child_pipeline_coverage_reports`.
-On GitLab.com, this feature is not available.
-The feature is not ready for production use.
-
-If the test coverage is created in jobs that are in a child pipeline, the parent pipeline must use
-`strategy: depend`.
-
-```yaml
-child_test_pipeline:
-  trigger:
-    include:
-      - local: path/to/child_pipeline.yml
-      - template: Security/SAST.gitlab-ci.yml
-    strategy: depend
-```
-
-### Automatic class path correction
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/217664) in GitLab 13.8.
-> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/284822) in GitLab 13.9.
-
-The coverage report properly matches changed files only if the `filename` of a `class` element
-contains the full path relative to the project root. However, in some coverage analysis frameworks,
-the generated Cobertura XML has the `filename` path relative to the class package directory instead.
-
-To make an intelligent guess on the project root relative `class` path, the Cobertura XML parser
-attempts to build the full path by:
-
-- Extracting a portion of the `source` paths from the `sources` element and combining them with the
-  class `filename` path.
-- Checking if the candidate path exists in the project.
-- Using the first candidate that matches as the class full path.
-
-#### Path correction example
-
-As an example, a project with:
-
-- A full path of `test-org/test-project`.
-- The following files relative to the project root:
-
-  ```shell
-  Auth/User.cs
-  Lib/Utils/User.cs
-  src/main/java
-  ```
-
-In the:
-
-- Cobertura XML, the `filename` attribute in the `class` element assumes the value is a relative
-  path to the project's root:
-
-  ```xml
-  <class name="packet.name" filename="src/main/java" line-rate="0.0" branch-rate="0.0" complexity="5">
-  ```
-
-- `sources` from Cobertura XML, the following paths in the format
-  `<CI_BUILDS_DIR>/<PROJECT_FULL_PATH>/...`:
-
-  ```xml
-  <sources>
-    <source>/builds/test-org/test-project/Auth</source>
-    <source>/builds/test-org/test-project/Lib/Utils</source>
-  </sources>
-  ```
-
-The parser:
-
-- Extracts `Auth` and `Lib/Utils` from the `sources` and uses these to determine the `class` path
-  relative to the project root.
-- Combines these extracted `sources` and the class filename. For example, if there is a `class`
-  element with the `filename` value of `User.cs`, the parser takes the first candidate path that
-  matches, which is `Auth/User.cs`.
-- For each `class` element, attempts to look for a match for each extracted `source` path up to
-  100 iterations. If it reaches this limit without finding a matching path in the file tree, the
-  class is not included in the final coverage report.
-
-NOTE:
-Automatic class path correction only works on `source` paths in the format `<CI_BUILDS_DIR>/<PROJECT_FULL_PATH>/...`.
-The `source` is ignored if the path does not follow this pattern. The parser assumes that the
-`filename` of a `class` element contains the full path relative to the project root.
-
-## Example test coverage configurations
-
-This section provides test coverage configuration examples for different programming languages. You can also see a working example in
-the [`coverage-report`](https://gitlab.com/gitlab-org/ci-sample-projects/coverage-report/) demonstration project.
-
-### JavaScript example
-
-The following [`.gitlab-ci.yml`](../../../ci/yaml/index.md) example uses [Mocha](https://mochajs.org/)
-JavaScript testing and [nyc](https://github.com/istanbuljs/nyc) coverage-tooling to
-generate the coverage artifact:
-
-```yaml
-test:
-  script:
-    - npm install
-    - npx nyc --reporter cobertura mocha
-  artifacts:
-    reports:
-      coverage_report:
-        coverage_format: cobertura
-        path: coverage/cobertura-coverage.xml
-```
-
-### Java and Kotlin examples
-
-#### Maven example
-
-The following [`.gitlab-ci.yml`](../../../ci/yaml/index.md) example for Java or Kotlin uses [Maven](https://maven.apache.org/)
-to build the project and [JaCoCo](https://www.eclemma.org/jacoco/) coverage-tooling to
-generate the coverage artifact.
-You can check the [Docker image configuration and scripts](https://gitlab.com/haynes/jacoco2cobertura) if you want to build your own image.
-
-GitLab expects the artifact in the Cobertura format, so you have to execute a few
-scripts before uploading it. The `test-jdk11` job tests the code and generates an
-XML artifact. The `coverage-jdk-11` job converts the artifact into a Cobertura report:
-
-```yaml
-test-jdk11:
-  stage: test
-  image: maven:3.6.3-jdk-11
-  script:
-    - mvn $MAVEN_CLI_OPTS clean org.jacoco:jacoco-maven-plugin:prepare-agent test jacoco:report
-  artifacts:
-    paths:
-      - target/site/jacoco/jacoco.xml
-
-coverage-jdk11:
-  # Must be in a stage later than test-jdk11's stage.
-  # The `visualize` stage does not exist by default.
-  # Please define it first, or choose an existing stage like `deploy`.
-  stage: visualize
-  image: registry.gitlab.com/haynes/jacoco2cobertura:1.0.7
-  script:
-    # convert report from jacoco to cobertura, using relative project path
-    - python /opt/cover2cover.py target/site/jacoco/jacoco.xml $CI_PROJECT_DIR/src/main/java/ > target/site/cobertura.xml
-  needs: ["test-jdk11"]
-  artifacts:
-    reports:
-      coverage_report:
-        coverage_format: cobertura
-        path: target/site/cobertura.xml
-```
-
-#### Gradle example
-
-The following [`.gitlab-ci.yml`](../../../ci/yaml/index.md) example for Java or Kotlin uses [Gradle](https://gradle.org/)
-to build the project and [JaCoCo](https://www.eclemma.org/jacoco/) coverage-tooling to
-generate the coverage artifact.
-You can check the [Docker image configuration and scripts](https://gitlab.com/haynes/jacoco2cobertura) if you want to build your own image.
-
-GitLab expects the artifact in the Cobertura format, so you have to execute a few
-scripts before uploading it. The `test-jdk11` job tests the code and generates an
-XML artifact. The `coverage-jdk-11` job converts the artifact into a Cobertura report:
-
-```yaml
-test-jdk11:
-  stage: test
-  image: gradle:6.6.1-jdk11
-  script:
-    - 'gradle test jacocoTestReport' # jacoco must be configured to create an xml report
-  artifacts:
-    paths:
-      - build/jacoco/jacoco.xml
-
-coverage-jdk11:
-  # Must be in a stage later than test-jdk11's stage.
-  # The `visualize` stage does not exist by default.
-  # Please define it first, or chose an existing stage like `deploy`.
-  stage: visualize
-  image: registry.gitlab.com/haynes/jacoco2cobertura:1.0.7
-  script:
-    # convert report from jacoco to cobertura, using relative project path
-    - python /opt/cover2cover.py build/jacoco/jacoco.xml $CI_PROJECT_DIR/src/main/java/ > build/cobertura.xml
-  needs: ["test-jdk11"]
-  artifacts:
-    reports:
-      coverage_report:
-        coverage_format: cobertura
-        path: build/cobertura.xml
-```
-
-### Python example
-
-The following [`.gitlab-ci.yml`](../../../ci/yaml/index.md) example for Python uses [pytest-cov](https://pytest-cov.readthedocs.io/) to collect test coverage data and [coverage.py](https://coverage.readthedocs.io/) to convert the report to use full relative paths.
-The information isn't displayed without the conversion.
-
-This example assumes that the code for your package is in `src/` and your tests are in `tests.py`:
-
-```yaml
-run tests:
-  stage: test
-  image: python:3
-  script:
-    - pip install pytest pytest-cov
-    - coverage run -m pytest
-    - coverage report
-    - coverage xml
-  coverage: '/(?i)total.*? (100(?:\.0+)?\%|[1-9]?\d(?:\.\d+)?\%)$/'
-  artifacts:
-    reports:
-      coverage_report:
-        coverage_format: cobertura
-        path: coverage.xml
-```
-
-### PHP example
-
-The following [`.gitlab-ci.yml`](../../../ci/yaml/index.md) example for PHP uses [PHPUnit](https://phpunit.readthedocs.io/)
-to collect test coverage data and generate the report.
-
-With a minimal [`phpunit.xml`](https://phpunit.readthedocs.io/en/9.5/configuration.html) file (you may reference
-[this example repository](https://gitlab.com/yookoala/code-coverage-visualization-with-php/)), you can run the test and
-generate the `coverage.xml`:
-
-```yaml
-run tests:
-  stage: test
-  image: php:latest
-  variables:
-    XDEBUG_MODE: coverage
-  before_script:
-    - apt-get update && apt-get -yq install git unzip zip libzip-dev zlib1g-dev
-    - docker-php-ext-install zip
-    - pecl install xdebug && docker-php-ext-enable xdebug
-    - php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
-    - php composer-setup.php --install-dir=/usr/local/bin --filename=composer
-    - composer install
-    - composer require --dev phpunit/phpunit phpunit/php-code-coverage
-  script:
-    - php ./vendor/bin/phpunit --coverage-text --coverage-cobertura=coverage.cobertura.xml
-  artifacts:
-    reports:
-      coverage_report:
-        coverage_format: cobertura
-        path: coverage.cobertura.xml
-```
-
-[Codeception](https://codeception.com/), through PHPUnit, also supports generating Cobertura report with
-[`run`](https://codeception.com/docs/reference/Commands#run). The path for the generated file
-depends on the `--coverage-cobertura` option and [`paths`](https://codeception.com/docs/reference/Configuration#paths)
-configuration for the [unit test suite](https://codeception.com/docs/05-UnitTests). Configure `.gitlab-ci.yml`
-to find Cobertura in the appropriate path.
-
-### C/C++ example
-
-The following [`.gitlab-ci.yml`](../../../ci/yaml/index.md) example for C/C++ with
-`gcc` or `g++` as the compiler uses [`gcovr`](https://gcovr.com/en/stable/) to generate the coverage
-output file in Cobertura XML format.
-
-This example assumes:
-
-- That the `Makefile` is created by `cmake` in the `build` directory,
-  within another job in a previous stage.
-  (If you use `automake` to generate the `Makefile`,
-  then you need to call `make check` instead of `make test`.)
-- `cmake` (or `automake`) has set the compiler option `--coverage`.
-
-```yaml
-run tests:
-  stage: test
-  script:
-    - cd build
-    - make test
-    - gcovr --xml-pretty --exclude-unreachable-branches --print-summary -o coverage.xml --root ${CI_PROJECT_DIR}
-  coverage: /^\s*lines:\s*\d+.\d+\%/
-  artifacts:
-    name: ${CI_JOB_NAME}-${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHA}
-    expire_in: 2 days
-    reports:
-      coverage_report:
-        coverage_format: cobertura
-        path: build/coverage.xml
-```
-
-### Go example
-
-The following [`.gitlab-ci.yml`](../../../ci/yaml/index.md) example for Go uses:
-
-- [`go test`](https://go.dev/doc/tutorial/add-a-test) to run tests.
-- [`gocover-cobertura`](https://github.com/boumenot/gocover-cobertura) to convert Go's coverage profile into the Cobertura XML format.
-
-This example assumes that [Go modules](https://go.dev/ref/mod)
-are being used. Please note that the `-covermode count` option does not work with the `-race` flag.
-If you want to generate code coverage while also using the `-race` flag, you must switch to
-`-covermode atomic` which is slower than `-covermode count`. See [this blog post](https://go.dev/blog/cover)
-for more details.
-
-```yaml
-run tests:
-  stage: test
-  image: golang:1.17
-  script:
-    - go install
-    - go test ./... -coverprofile=coverage.txt -covermode count
-    - go get github.com/boumenot/gocover-cobertura
-    - go run github.com/boumenot/gocover-cobertura < coverage.txt > coverage.xml
-  artifacts:
-    reports:
-      coverage_report:
-        coverage_format: cobertura
-        path: coverage.xml
-```
-
-### Ruby example
-
-The following [`.gitlab-ci.yml`](../../../ci/yaml/index.md) example for Ruby uses
-
-- [`rspec`](https://rspec.info/) to run tests.
-- [`simplecov`](https://github.com/simplecov-ruby/simplecov) and [`simplecov-cobertura`](https://github.com/dashingrocket/simplecov-cobertura)
-  to record the coverage profile and create a report in the Cobertura XML format.
-
-This example assumes:
-
-- That [`bundler`](https://bundler.io/) is being used for dependency management.
-  The `rspec`, `simplecov` and `simplecov-cobertura` gems have been added to your `Gemfile`.
-- The `CoberturaFormatter` has been added to your `SimpleCov.formatters`
-  configuration within the `spec_helper.rb` file.
-
-```yaml
-run tests:
-  stage: test
-  image: ruby:3.1
-  script:
-    - bundle install
-    - bundle exec rspec
-  artifacts:
-    reports:
-      coverage_report:
-        coverage_format: cobertura
-        path: coverage/coverage.xml
-```
-
-## Troubleshooting
-
-### Test coverage visualization not displayed
-
-If the test coverage visualization is not displayed in the diff view, you can check
-the coverage report itself and verify that:
-
-- The file you are viewing in the diff view is mentioned in the coverage report.
-- The `source` and `filename` nodes in the report follows the [expected structure](#automatic-class-path-correction)
-  to match the files in your repository.
-
-Report artifacts are not downloadable by default. If you want the report to be downloadable
-from the job details page, add your coverage report to the artifact `paths`:
-
-```yaml
-artifacts:
-  paths:
-    - coverage/cobertura-coverage.xml
-  reports:
-    coverage_report:
-      coverage_format: cobertura
-      path: coverage/cobertura-coverage.xml
-```
+<!-- This redirect file can be deleted after <2022-09-22>. -->
+<!-- Redirects that point to other docs in the same project expire in three months. -->
+<!-- Redirects that point to docs in a different project or site (for example, link is not relative and starts with `https:`) expire in one year. -->
+<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/redirects.html -->
diff --git a/doc/user/project/milestones/burndown_and_burnup_charts.md b/doc/user/project/milestones/burndown_and_burnup_charts.md
index d6fcd9fbb16..0f36747a547 100644
--- a/doc/user/project/milestones/burndown_and_burnup_charts.md
+++ b/doc/user/project/milestones/burndown_and_burnup_charts.md
@@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 [Burndown](#burndown-charts) and [burnup](#burnup-charts) charts show the progress of completing a milestone.
 
-![burndown and burnup chart](img/burndown_and_burnup_charts_v15_1.png)
+![burndown and burnup chart](img/burndown_and_burnup_charts_v15_3.png)
 
 ## Burndown charts
 
@@ -19,7 +19,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 Burndown charts show the number of issues over the course of a milestone.
 
-![burndown chart](img/burndown_chart_v15_1.png)
+![burndown chart](img/burndown_chart_v15_3.png)
 
 At a glance, you see the current state for the completion a given milestone.
 Without them, you would have to organize the data from the milestone and plot it
@@ -66,7 +66,7 @@ A burndown chart is available for every project or group milestone that has been
 date** and a **due date**.
 
 NOTE:
-You're able to [promote project](index.md#promoting-project-milestones-to-group-milestones) to group milestones and still see the **burndown chart** for them, respecting license limitations.
+You're able to [promote project](index.md#promote-a-project-milestone-to-a-group-milestone) to group milestones and still see the **burndown chart** for them, respecting license limitations.
 
 The chart indicates the project's progress throughout that milestone (for issues assigned to it).
 
@@ -106,7 +106,7 @@ Reopened issues are considered as having been opened on the day after they were
 
 Burnup charts show the assigned and completed work for a milestone.
 
-![burnup chart](img/burnup_chart_v15_1.png)
+![burnup chart](img/burnup_chart_v15_3.png)
 
 To view a project's burnup chart:
 
diff --git a/doc/user/project/milestones/img/burndown_and_burnup_charts_v15_1.png b/doc/user/project/milestones/img/burndown_and_burnup_charts_v15_1.png
deleted file mode 100644
index 58c0ddf892f..00000000000
--- a/doc/user/project/milestones/img/burndown_and_burnup_charts_v15_1.png
+++ /dev/null
diff --git a/doc/user/project/milestones/img/burndown_and_burnup_charts_v15_3.png b/doc/user/project/milestones/img/burndown_and_burnup_charts_v15_3.png
new file mode 100644
index 00000000000..1420123500c
--- /dev/null
+++ b/doc/user/project/milestones/img/burndown_and_burnup_charts_v15_3.png
diff --git a/doc/user/project/milestones/img/burndown_chart_v15_1.png b/doc/user/project/milestones/img/burndown_chart_v15_1.png
deleted file mode 100644
index 2953380292d..00000000000
--- a/doc/user/project/milestones/img/burndown_chart_v15_1.png
+++ /dev/null
diff --git a/doc/user/project/milestones/img/burndown_chart_v15_3.png b/doc/user/project/milestones/img/burndown_chart_v15_3.png
new file mode 100644
index 00000000000..9e1c7ccd4dd
--- /dev/null
+++ b/doc/user/project/milestones/img/burndown_chart_v15_3.png
diff --git a/doc/user/project/milestones/img/burnup_chart_v15_1.png b/doc/user/project/milestones/img/burnup_chart_v15_1.png
deleted file mode 100644
index e89b76344ed..00000000000
--- a/doc/user/project/milestones/img/burnup_chart_v15_1.png
+++ /dev/null
diff --git a/doc/user/project/milestones/img/burnup_chart_v15_3.png b/doc/user/project/milestones/img/burnup_chart_v15_3.png
new file mode 100644
index 00000000000..2e85c0abe87
--- /dev/null
+++ b/doc/user/project/milestones/img/burnup_chart_v15_3.png
diff --git a/doc/user/project/milestones/img/milestones_promote_milestone.png b/doc/user/project/milestones/img/milestones_promote_milestone.png
deleted file mode 100644
index 2ef85c5951d..00000000000
--- a/doc/user/project/milestones/img/milestones_promote_milestone.png
+++ /dev/null
diff --git a/doc/user/project/milestones/index.md b/doc/user/project/milestones/index.md
index b0f3179961d..ba48876d4fd 100644
--- a/doc/user/project/milestones/index.md
+++ b/doc/user/project/milestones/index.md
@@ -23,87 +23,127 @@ Additionally, you can integrate milestones with the [Releases feature](../releas
 
 ## Project milestones and group milestones
 
-You can assign **project milestones** to issues or merge requests in that project only.
-To view the project milestone list, in a project, go to **{issues}** **Issues > Milestones**.
+A milestone can belong to [project](../index.md) or [group](../../group/index.md).
 
+You can assign **project milestones** to issues or merge requests in that project only.
 You can assign **group milestones** to any issue or merge request of any project in that group.
-To view the group milestone list, in a group, go to **{issues}** **Issues > Milestones**.
-
-You can also view all milestones you have access to in the dashboard milestones list.
-To view both project milestones and group milestones you have access to, select **Menu > Milestones**
-on the top bar.
 
 For information about project and group milestones API, see:
 
 - [Project Milestones API](../../../api/milestones.md)
 - [Group Milestones API](../../../api/group_milestones.md)
 
-NOTE:
-If you're in a group and select **Issues > Milestones**, GitLab displays group milestones
-and the milestones of projects in this group.
-If you're in a project and select **Issues > Milestones**, GitLab displays only this project's milestones.
+### View project or group milestones
+
+To view the milestone list:
+
+1. On the top bar, select **Menu > Projects** and find your project or
+   **Menu > Groups** and find your group.
+1. Select **Issues > Milestones**.
+
+In a project, GitLab displays milestones that belong to the project.
+In a group, GitLab displays milestones that belong to the group and all projects in the group.
+
+### View all milestones
 
-## Creating milestones
+You can view all the milestones you have access to in the entire GitLab namespace.
+You might not see some milestones because they're in projects or groups you're not a member of.
+
+To do so, on the top bar select **Menu > Milestones**.
+
+## Create a milestone
 
 > [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
 
-Milestones can be created either at project or group level.
+You can create a milestone either in a project or a group.
 
 Prerequisites:
 
-- You must have at least the Reporter role for a group.
+- You must have at least the Reporter role for the project or group the milestone belongs to.
 
 To create a milestone:
 
 1. On the top bar, select **Menu > Projects** and find your project or **Menu > Groups** and find your group.
 1. On the left sidebar, select **Issues > Milestones**.
 1. Select **New milestone**.
-1. Enter the title, an optional description, an optional start date, and an optional due date.
+1. Enter the title.
+1. Optional. Enter description, start date, and due date.
 1. Select **New milestone**.
 
 ![New milestone](img/milestones_new_project_milestone.png)
 
-## Editing milestones
+## Edit a milestone
 
 > [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
 
-Users with at least the Reporter role can edit milestones.
-
 Prerequisites:
 
-- You must have at least the Reporter role for a group.
+- You must have at least the Reporter role for the project or group the milestone belongs to.
 
 To edit a milestone:
 
-1. In a project or group, go to **{issues}** **Issues > Milestones**.
+1. On the top bar, select **Menu > Projects** and find your project or **Menu > Groups** and find your group.
 1. Select a milestone's title.
 1. Select **Edit**.
+1. Edit the title, start date, due date, or description.
+1. Select **Save changes**.
+
+## Delete a milestone
+
+> [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
 
-You can delete a milestone by selecting the **Delete** button.
+Prerequisites:
+
+- You must have at least the Reporter role for the project or group the milestone belongs to.
+
+To edit a milestone:
+
+1. On the top bar, select **Menu > Projects** and find your project or **Menu > Groups** and find your group.
+1. Select a milestone's title.
+1. Select **Delete**.
+1. Select **Delete milestone**.
 
-### Promoting project milestones to group milestones
+## Promote a project milestone to a group milestone
 
 If you are expanding the number of projects in a group, you might want to share the same milestones
-among this group's projects. You can also promote project milestones to group milestones in order to
+among this group's projects. You can also promote project milestones to group milestones to
 make them available to other projects in the same group.
 
-From the project milestone list page, you can promote a project milestone to a group milestone.
-This merges all project milestones across all projects in this group with the same name into a single
-group milestones. All issues and merge requests that were previously assigned to one of these project
-milestones is assigned the new group milestones. This action cannot be reversed and the changes are
-permanent.
+Promoting a milestone merges all project milestones across all projects in this group with the same
+name into a single group milestone.
+All issues and merge requests that were previously assigned to one of these project
+milestones become assigned to the new group milestone.
 
 WARNING:
-From GitLab 12.4 and earlier, some information is lost when you promote a project milestone to a
-group milestone. Not all features on the project milestone view are available on the group milestone
-view. If you promote a project milestone to a group milestone, you lose these features. Visit
-[Milestone view](#milestone-view) to learn which features are missing from the group milestone view.
+This action cannot be reversed and the changes are permanent.
+
+Prerequisites:
+
+- You must have at least the Reporter role for the group.
+
+To promote a project milestone:
+
+1. On the top bar, select **Menu > Projects** and find your project.
+1. Either:
+   - Select **Promote to Group Milestone** (**{level-up}**).
+   - Select the milestone title, and then select **Promote**.
+1. Select **Promote Milestone**.
+
+## Assign a milestone to an issue or merge request
+
+Every issue and merge request can be assigned one milestone.
+The milestones are visible on every issue and merge request page, on the right sidebar.
+They are also visible in the issue board.
 
-![Promote milestone](img/milestones_promote_milestone.png)
+To assign or unassign a milestone:
 
-## Assigning milestones from the sidebar
+1. View an issue or a merge request.
+1. On the right sidebar, next to **Milestones**, select **Edit**.
+1. In the **Assign milestone** list, search for a milestone by typing its name.
+   You can select from both project and group milestones.
+1. Select the milestone you want to assign.
 
-Every issue and merge request can be assigned a milestone. The milestones are visible on every issue and merge request page, in the sidebar. They are also visible in the issue board. From the sidebar, you can assign or unassign a milestones to the object. You can also perform this as a [quick action](../quick_actions.md) in a comment. [As mentioned](#project-milestones-and-group-milestones), for a given issue or merge request, both project milestones and group milestones can be selected and assigned to the object.
+You can also use the `/assign` [quick action](../quick_actions.md) in a comment.
 
 ## Filtering issues and merge requests by milestone
 
@@ -156,7 +196,7 @@ There are also tabs below these that show the following:
 The milestone view contains a [burndown and burnup chart](burndown_and_burnup_charts.md),
 showing the progress of completing a milestone.
 
-![burndown chart](img/burndown_and_burnup_charts_v15_1.png)
+![burndown chart](img/burndown_and_burnup_charts_v15_3.png)
 
 ### Milestone sidebar
 
diff --git a/doc/user/project/pages/redirects.md b/doc/user/project/pages/redirects.md
index 791b6a1550a..5d03db4bf00 100644
--- a/doc/user/project/pages/redirects.md
+++ b/doc/user/project/pages/redirects.md
@@ -45,8 +45,9 @@ Note that:
 
 - All paths must start with a forward slash `/`.
 - A default status code of `301` is applied if no [status code](#http-status-codes) is provided.
-- The `_redirects` file has a file size limit of 64KB and a maximum of 1,000 rules per project.
-  Only the first 1,000 rules are processed.
+- The `_redirects` file has a file size limit and a maximum number of rules per project,
+  configured at the instance level. Only the first matching rules within the configured maximum are processed.
+  The default file size limit is 64KB, and the default maximum number of rules is 1,000.
 - If your GitLab Pages site uses the default domain name (such as
   `namespace.gitlab.io/projectname`) you must prefix every rule with the project name:
 
diff --git a/doc/user/project/quick_actions.md b/doc/user/project/quick_actions.md
index d5a7058d3d2..96e51b061ee 100644
--- a/doc/user/project/quick_actions.md
+++ b/doc/user/project/quick_actions.md
@@ -55,7 +55,6 @@ threads. Some quick actions might not be available to all subscription tiers.
 | `/assign me`                                                                                     | **{check-circle}** Yes | **{check-circle}** Yes | **{dotted-circle}** No | Assign yourself.                                                                                                                                                                                                                                                                                                                                                                                                                                          |
 | `/assign_reviewer @user1 @user2` or `/reviewer @user1 @user2` or `/request_review @user1 @user2` | **{dotted-circle}** No | **{check-circle}** Yes | **{dotted-circle}** No | Assign one or more users as reviewers.                                                                                                                                                                                                                                                                                                                                                                                                                    |
 | `/assign_reviewer me` or `/reviewer me` or `/request_review me`                                  | **{dotted-circle}** No | **{check-circle}** Yes | **{dotted-circle}** No | Assign yourself as a reviewer.                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `/attention @user1`                                                                                 | **{dotted-circle}** No | **{check-circle}** Yes | **{dotted-circle}** No | [Request attention](merge_requests/index.md#request-attention-to-a-merge-request) to a merge request from a user. |
 | `/award :emoji:`                                                                                 | **{check-circle}** Yes | **{check-circle}** Yes | **{check-circle}** Yes | Toggle emoji award.                                                                                                                                                                                                                                                                                                                                                                                                                                       |
 | `/child_epic <epic>`                                                                             | **{dotted-circle}** No | **{dotted-circle}** No | **{check-circle}** Yes | Add child epic to `<epic>`. The `<epic>` value should be in the format of `&epic`, `group&epic`, or a URL to an epic ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7330) in GitLab 12.0).                                                                                                                                                                                                                                                   |
 | `/clear_health_status`                                                                           | **{check-circle}** Yes | **{dotted-circle}** No | **{dotted-circle}** No | Clear [health status](issues/managing_issues.md#health-status) ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/213814) in GitLab 14.7).                                                                                                                                                                                                                                                                                                       |
diff --git a/doc/user/project/releases/index.md b/doc/user/project/releases/index.md
index d5ddc0468e1..1d448ca5c94 100644
--- a/doc/user/project/releases/index.md
+++ b/doc/user/project/releases/index.md
@@ -210,7 +210,7 @@ In the second workflow, the `release` job runs in multiple pipelines. To prevent
 ```yaml
 release_job:
   rules:
-    - if: $CI_COMMIT_TAG  
+    - if: $CI_COMMIT_TAG
       when: never                                  # Do not run this job in a tag pipeline
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH  # Run this job when commits are pushed or merged to the default branch
   script:
@@ -317,6 +317,25 @@ You can edit the release title, notes, associated milestones, and asset links.
 To change the release date use the
 [Releases API](../../../api/releases/index.md#update-a-release).
 
+## Delete a release
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/213862) in GitLab 15.2
+
+When you delete a release, its assets are also deleted. However, the associated
+Git tag is not deleted.
+
+Prerequisites:
+
+- You must have at least the Developer role. Read more about [Release permissions](#release-permissions).
+
+To delete a release in the UI:
+
+1. On the top bar, select **Menu > Projects** and find your project.
+1. On the left sidebar, select **Deployments > Releases**.
+1. In the top-right corner of the release you want to delete, select **Edit this release** (**{pencil}**).
+1. On the **Edit Release** page, select **Delete**.
+1. Select **Delete release**.
+
 ## Associate milestones with a release
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/29020) in GitLab 12.5.
diff --git a/doc/user/project/repository/branches/default.md b/doc/user/project/repository/branches/default.md
index e087ed6c439..747da817195 100644
--- a/doc/user/project/repository/branches/default.md
+++ b/doc/user/project/repository/branches/default.md
@@ -76,7 +76,7 @@ overrides it.
 
 ### Group-level custom initial branch name
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/221014) in GitLab 13.6.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/221014) in GitLab 13.6.
 
 Users with at least the Owner role of groups and subgroups can configure the default branch name for a group:
 
diff --git a/doc/user/project/repository/forking_workflow.md b/doc/user/project/repository/forking_workflow.md
index 0e6c98457c7..85bea80f777 100644
--- a/doc/user/project/repository/forking_workflow.md
+++ b/doc/user/project/repository/forking_workflow.md
@@ -68,4 +68,4 @@ changes are added to the repository and branch you're merging into.
 
 ## Removing a fork relationship
 
-You can unlink your fork from its upstream project in the [advanced settings](../settings/index.md#removing-a-fork-relationship).
+You can unlink your fork from its upstream project in the [advanced settings](../settings/index.md#remove-a-fork-relationship).
diff --git a/doc/user/project/repository/img/repository_languages_v12_2.gif b/doc/user/project/repository/img/repository_languages_v12_2.gif
deleted file mode 100644
index d0a0e57c919..00000000000
--- a/doc/user/project/repository/img/repository_languages_v12_2.gif
+++ /dev/null
diff --git a/doc/user/project/repository/img/repository_languages_v15_2.png b/doc/user/project/repository/img/repository_languages_v15_2.png
new file mode 100644
index 00000000000..94cfa1cc161
--- /dev/null
+++ b/doc/user/project/repository/img/repository_languages_v15_2.png
diff --git a/doc/user/project/repository/index.md b/doc/user/project/repository/index.md
index 02b5639cae8..a8937d4f705 100644
--- a/doc/user/project/repository/index.md
+++ b/doc/user/project/repository/index.md
@@ -116,7 +116,7 @@ You can download the source code that's stored in a repository.
 For the default branch of each repository, GitLab determines which programming languages
 are used. This information is displayed on the **Project information** page.
 
-![Repository Languages bar](img/repository_languages_v12_2.gif)
+![Repository Languages bar](img/repository_languages_v15_2.png)
 
 When new files are added, this information can take up to five minutes to update.
 
@@ -232,7 +232,7 @@ When a repository path changes, GitLab handles the transition from the
 old location to the new one with a redirect.
 
 When you [rename a user](../../profile/index.md#change-your-username),
-[change a group path](../../group/index.md#change-a-groups-path), or [rename a repository](../settings/index.md#renaming-a-repository):
+[change a group path](../../group/index.md#change-a-groups-path), or [rename a repository](../settings/index.md#rename-a-repository):
 
 - URLs for the namespace and everything under it, like projects, are
   redirected to the new URLs.
diff --git a/doc/user/project/repository/managing_large_repositories.md b/doc/user/project/repository/managing_large_repositories.md
index 76f66f41297..93b94ac0641 100644
--- a/doc/user/project/repository/managing_large_repositories.md
+++ b/doc/user/project/repository/managing_large_repositories.md
@@ -16,7 +16,7 @@ On this page we detail several best practices to improve performance with these
 
 It's *strongly* recommended in any Git system that binary or blob files (for example, packages, audio, video, graphics, etc.) are stored as Large File Storage (LFS) objects. In such setup, the Objects are stored elsewhere, such as in Object Storage, and this can reduce the repository size significantly, thus improving performance.
 
-Refer to the [Git LFS docs for more information](../../../topics/git/lfs/index.md).
+Refer to the [Git LFS documentation for more information](../../../topics/git/lfs/index.md).
 
 ## Gitaly Pack Objects Cache
 
@@ -34,7 +34,7 @@ In these types of setups it's recommended that the GitLab environment used match
 
 Gitaly Cluster can notably improve large repository performance as it holds multiple replicas of the repository across several nodes. As a result, Gitaly Cluster can load balance read requests against those repositories and is also fault tolerant.
 
-It's recommended for large repositories, however, Gitaly Cluster is a large solution with additional complexity of setup and management. Refer to the [Gitaly Cluster docs for more information](../../../administration/gitaly/index.md), specifically the [Before deploying Gitaly Cluster](../../../administration/gitaly/index.md#before-deploying-gitaly-cluster) section.
+It's recommended for large repositories, however, Gitaly Cluster is a large solution with additional complexity of setup, and management. Refer to the [Gitaly Cluster documentation for more information](../../../administration/gitaly/index.md), specifically the [Before deploying Gitaly Cluster](../../../administration/gitaly/index.md#before-deploying-gitaly-cluster) section.
 
 ## Keep GitLab up to date
 
@@ -46,6 +46,6 @@ Large repositories tend to be monorepos. This in turn typically means that these
 
 CI/CD loads tend to be concurrent as pipelines are scheduled during set times. As a result, the Git requests against the repositories can spike notably during these times and lead to reduced performance for both CI and users alike.
 
-When designing CI/CD pipelines, it's advisable to reduce their concurrency by staggering them to run at different times, for example, a set running at one time and then another set running several minutes later.
+When designing CI/CD pipelines, it's advisable to reduce their concurrency by staggering them to run at different times, for example, a set running at one time, and another set running several minutes later.
 
-There's several other actions that can be explored to improve CI/CD performance with large repositories. Refer to the [Runner docs for more information](../../../ci/large_repositories/index.md).
+There's several other actions that can be explored to improve CI/CD performance with large repositories. Refer to the [Runner documentation for more information](../../../ci/large_repositories/index.md).
diff --git a/doc/user/project/repository/mirror/index.md b/doc/user/project/repository/mirror/index.md
index fe1c9653cfe..4537f8520cd 100644
--- a/doc/user/project/repository/mirror/index.md
+++ b/doc/user/project/repository/mirror/index.md
@@ -8,7 +8,7 @@ disqus_identifier: 'https://docs.gitlab.com/ee/workflow/repository_mirroring.htm
 # Repository mirroring **(FREE)**
 
 You can _mirror_ a repository to and from external sources. You can select which repository
-serves as the source. Branches, tags, and commits can be mirrored.
+serves as the source. Branches, tags, and commits are synced automatically.
 
 NOTE:
 SCP-style URLs are **not** supported. However, the work for implementing SCP-style URLs is tracked
@@ -302,3 +302,12 @@ fail nor succeed. They also do not leave a clear log. To check for this problem:
 1. After you run the command, the [background jobs page](../../../admin_area/index.md#background-jobs)
    should show new mirroring jobs being scheduled, especially when
    [triggered manually](#update-a-mirror).
+
+### Invalid URL
+
+If you receive this error while setting up mirroring over [SSH](#ssh-authentication), make sure the URL is in a valid format.
+
+Mirroring does not support the short version of SSH clone URLs (`git@gitlab.com:gitlab-org/gitlab.git`)
+and requires the full version including the protocol (`ssh://git@gitlab.com/gitlab-org/gitlab.git`).
+
+Make sure that host and project path are separated using `/` instead of `:`.
diff --git a/doc/user/project/repository/mirror/pull.md b/doc/user/project/repository/mirror/pull.md
index 3599faf4de6..88104e34eb4 100644
--- a/doc/user/project/repository/mirror/pull.md
+++ b/doc/user/project/repository/mirror/pull.md
@@ -97,7 +97,7 @@ assigned when you set up pull mirroring.
 
 Pull mirroring uses polling to detect new branches and commits added upstream,
 often minutes afterwards. You can notify GitLab using an
-[API call](../../../../api/projects.md#start-the-pull-mirroring-process-for-a-project), 
+[API call](../../../../api/projects.md#start-the-pull-mirroring-process-for-a-project),
 but the [minimum interval for pull mirroring limits](index.md#force-an-update) is still enforced.
 
 For more information, read
diff --git a/doc/user/project/repository/reducing_the_repo_size_using_git.md b/doc/user/project/repository/reducing_the_repo_size_using_git.md
index 83fafd409e8..b0ae1b7d1e0 100644
--- a/doc/user/project/repository/reducing_the_repo_size_using_git.md
+++ b/doc/user/project/repository/reducing_the_repo_size_using_git.md
@@ -1,8 +1,7 @@
 ---
-stage: Create
+stage: Systems
 group: Gitaly
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
-type: howto
 ---
 
 # Reduce repository size **(FREE)**
@@ -20,7 +19,7 @@ over [`git filter-branch`](https://git-scm.com/docs/git-filter-branch) and
 
 WARNING:
 Rewriting repository history is a destructive operation. Make sure to back up your repository before
-you begin. The best way back up a repository is to
+you begin. The best way to back up a repository is to
 [export the project](../settings/import_export.md#export-a-project-and-its-data).
 
 ## Purge files from repository history
@@ -36,6 +35,11 @@ other internal references (refs) that are automatically created by GitLab. These
 
 These refs are not automatically downloaded and hidden refs are not advertised, but we can remove these refs using a project export.
 
+WARNING:
+This process is not suitable for removing sensitive data like password or keys from your repository.
+Information about commits, including file content, is cached in the database, and remain
+visible even after they have been removed from the repository.
+
 To purge files from a GitLab repository:
 
 1. Install either [`git filter-repo`](https://github.com/newren/git-filter-repo/blob/main/INSTALL.md) or
@@ -248,11 +252,6 @@ increased, your only option is to:
 1. Prune all the unneeded stuff locally.
 1. Create a new project on GitLab and start using that instead.
 
-WARNING:
-This process is not suitable for removing sensitive data like password or keys from your repository.
-Information about commits, including file content, is cached in the database, and remain
-visible even after they have been removed from the repository.
-
 ## Troubleshooting
 
 ### Incorrect repository statistics shown in the GUI
diff --git a/doc/user/project/repository/web_editor.md b/doc/user/project/repository/web_editor.md
index 370a349b982..4ca341f0535 100644
--- a/doc/user/project/repository/web_editor.md
+++ b/doc/user/project/repository/web_editor.md
@@ -137,7 +137,7 @@ The **Create merge request** button doesn't display if:
 - Your project has an active fork relationship.
 
 To make this button appear, one possible workaround is to
-[remove your project's fork relationship](../settings/index.md#removing-a-fork-relationship).
+[remove your project's fork relationship](../settings/index.md#remove-a-fork-relationship).
 After removal, the fork relationship cannot be restored. This project can no longer
 be able to receive or send merge requests to the source project, or other forks.
 
diff --git a/doc/user/project/settings/img/cve_id_request_toggle.png b/doc/user/project/settings/img/cve_id_request_toggle.png
deleted file mode 100644
index 53ec804922c..00000000000
--- a/doc/user/project/settings/img/cve_id_request_toggle.png
+++ /dev/null
diff --git a/doc/user/project/settings/index.md b/doc/user/project/settings/index.md
index 46a6c1a049e..7d1bfcaab59 100644
--- a/doc/user/project/settings/index.md
+++ b/doc/user/project/settings/index.md
@@ -278,24 +278,34 @@ When you disable a feature, the following additional features are also disabled:
 - Metrics dashboard access requires reading project environments and deployments.
   Users with access to the metrics dashboard can also access environments and deployments.
 
-## Disabling the CVE ID request button **(FREE SAAS)**
+## Disable CVE identifier request in issues **(FREE SAAS)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/41203) in GitLab 13.4, only for public projects on GitLab.com.
 
-In applicable environments, a [**Create CVE ID Request** button](../../application_security/cve_id_request.md)
-is present in the issue sidebar. The button may be disabled on a per-project basis by toggling the
-setting **Enable CVE ID requests in the issue sidebar**.
+In some environments, users can submit a [CVE identifier request](../../application_security/cve_id_request.md) in an issue.
 
-![CVE ID Request toggle](img/cve_id_request_toggle.png)
+To disable the CVE identifier request option in issues in your project:
 
-## Disabling email notifications
+1. On the top bar, select **Menu > Projects** and find your project.
+1. On the left sidebar, select **Settings > General**.
+1. Expand the **Visibility, project features, permissions** section.
+1. Under **Issues**, turn off the **CVE ID requests in the issue sidebar** toggle.
+1. Select **Save changes**.
+
+## Disable project email notifications
 
-Project owners can disable all [email notifications](../../profile/notifications.md)
-related to the project by selecting the **Disable email notifications** checkbox.
+Prerequisites:
+
+- You must be an Owner of the project to disable email notifications related to the project.
+
+1. On the top bar, select **Menu > Projects** and find your project.
+1. On the left sidebar, select **Settings > General**.
+1. Expand the **Visibility, project features, permissions** section.
+1. Clear the **Disable email notifications** checkbox.
 
 ## Configure merge request settings for a project
 
-Set up your project's merge request settings:
+Configure your project's merge request settings:
 
 - Set up the [merge request method](../merge_requests/methods/index.md) (merge commit, fast-forward merge).
 - Add merge request [description templates](../description_templates.md#description-templates).
@@ -317,91 +327,74 @@ Enable [Service Desk](../service_desk.md) for your project to offer customer sup
 
 Learn how to [export a project](import_export.md#import-a-project-and-its-data) in GitLab.
 
-## Advanced settings
+## Advanced project settings
 
-Here you can run housekeeping, archive, rename, transfer,
-[remove a fork relationship](#removing-a-fork-relationship), or delete a project.
+Use the advanced settings to archive, rename, transfer,
+remove a fork relationship, or delete a project.
 
-## Archiving a project
+### Archive a project
 
-Archiving a project makes it read-only for all users and indicates that it's
-no longer actively maintained. Projects that have been archived can also be
-unarchived. Only project owners and administrators have the
-[permissions](../../permissions.md#project-members-permissions) to archive a project.
-
-When a project is archived, the repository, packages, issues, merge requests, and all
-other features are read-only. Archived projects are also hidden
-in project listings.
+When you archive a project, the repository, packages, issues, merge requests, and all
+other features are read-only. Archived projects are also hidden from project listings.
 
 To archive a project:
 
-1. Navigate to your project's **Settings > General**.
-1. Under **Advanced**, select **Expand**.
+1. On the top bar, select **Menu > Projects** and find your project.
+1. On the left sidebar, select **Settings > General**.
+1. Expand **Advanced**.
 1. In the **Archive project** section, select **Archive project**.
-1. Confirm the action when asked to.
-
-## Unarchiving a project
+1. To confirm, select **OK**.
 
-Unarchiving a project removes the read-only restriction on a project, and makes it
-available in project listings. Only project owners and administrators have the
-[permissions](../../permissions.md#project-members-permissions) to unarchive a project.
+### Unarchive a project
 
-To find an archived project:
+When you unarchive a project, you remove the read-only restriction and make it
+available in project lists.
 
-1. Sign in to GitLab as the project owner or a user with administrator access.
-1. If you:
-   - Have the project's URL, open the project's page in your browser.
-   - Don't have the project's URL:
-     1. On the top bar, select **Menu > Project**.
-     1. Select **Explore projects**.
-     1. In the **Sort projects** dropdown box, select **Show archived projects**.
-     1. In the **Filter by name** field, provide the project's name.
-     1. Select the link to the project to open its **Details** page.
+Prerequisites:
 
-Next, to unarchive the project:
+- To unarchive a project, you must be an administrator or a project Owner.
 
-1. Navigate to your project's **Settings > General**.
+1. Find the archived project.
+   1. On the top bar, select **Menu > Project**.
+   1. Select **Explore projects**.
+   1. In the **Sort projects** dropdown list, select **Show archived projects**.
+   1. In the **Filter by name** field, enter the project name.
+   1. Select the project link.
+1. On the left sidebar, select **Settings > General**.
 1. Under **Advanced**, select **Expand**.
 1. In the **Unarchive project** section, select **Unarchive project**.
-1. Confirm the action when asked to.
+1. To confirm, select **OK**.
 
-## Renaming a repository
+### Rename a repository
 
-NOTE:
-Only project maintainers and administrators have the [permissions](../../permissions.md#project-members-permissions) to rename a
-repository. Not to be confused with a project's name where it can also be
-changed from the [general project settings](#edit-project-name-and-description).
-
-A project's repository name defines its URL (the one you use to access the
-project via a browser) and its place on the file disk where GitLab is installed.
+A project's repository name defines its URL and its place on the file disk
+where GitLab is installed.
 
-To rename a repository:
+Prerequisites:
 
-1. Navigate to your project's **Settings > General**.
-1. Under **Advanced**, select **Expand**.
-1. Under **Change path**, update the repository's path.
-1. Select **Change path**.
+You must be a project maintainer or administrator to rename a repository.
 
-Remember that this can have unintended side effects since everyone with the
-old URL can't push or pull. Read more about what happens with the
+NOTE:
+When you change the repository path, users may experience issues if they push to, or pull from, the old URL. For more information, see
 [redirects when renaming repositories](../repository/index.md#what-happens-when-a-repository-path-changes).
 
-## Transferring an existing project into another namespace
+To rename a repository:
 
-NOTE:
-Only project owners and administrators have the [permissions](../../permissions.md#project-members-permissions)
-to transfer a project.
+1. On the top bar, select **Menu > Projects** and find your project.
+1. On the left sidebar, select **Settings > General**.
+1. Expand the **Advanced** section.
+1. In the **Change path** text box, edit the path.
+1. Select **Change path**.
+
+## Transfer a project to another namespace
 
-You can transfer an existing project to another [group](../../group/index.md),
-or you can transfer a [personal project](../working_with_projects.md#view-personal-projects) to a group.
+When you transfer a project to another namespace, you move the project to a different group.
 
 Prerequisites:
 
-- A group for your project. You can [view your existing groups](../../group/index.md#view-groups)
-  to find a suitable group. If you don't have a group, [create one](../../group/index.md#create-a-group).
-- You must have at least the Maintainer role in that group.
-- You must be the Owner of that project.
-- The group to which the project is being transferred to must allow creation of new projects.
+- You must have at least the Maintainer role for the [group](../../group/index.md#create-a-group) to which you are transferring.
+- You must be the Owner of the project you transfer.
+- The group must allow creation of new projects.
 - The project must not contain any [container images](../../packages/container_registry/index.md#limitations).
   - If you transfer a project to a different root namespace,
     the project must not contain any
@@ -416,19 +409,18 @@ To transfer a project:
 1. Select **Transfer project**.
 1. Enter the project's name and select **Confirm**.
 
-You are redirected to the project's new URL. Read what happens with the
-[redirects from the old URL to the new one](../repository/index.md#what-happens-when-a-repository-path-changes).
+You are redirected to the project's new page and GitLab applies a redirect. For more information about repository redirects, see [What happens when a repository path changes](../repository/index.md#what-happens-when-a-repository-path-changes).
 
 NOTE:
-GitLab administrators can use the [administration interface](../../admin_area/index.md#administering-projects)
-to move any project to any namespace if needed.
+If you are an administrator, you can also use the [administration interface](../../admin_area/index.md#administering-projects)
+to move any project to any namespace.
 
-## Transferring a GitLab.com project to a different subscription tier
+### Transferring a GitLab SaaS project to a different subscription tier
 
-When you transfer a project from a namespace that's licensed for GitLab SaaS Premium or Ultimate to Free, some data related to the paid features is deleted.
+When you transfer a project from a namespace licensed for GitLab SaaS Premium or Ultimate to GitLab Free, the following paid feature data is deleted:
 
-For example, [project access tokens](../../../user/project/settings/project_access_tokens.md) are revoked, and
-[pipeline subscriptions](../../../ci/pipelines/multi_project_pipelines.md#trigger-a-pipeline-when-an-upstream-project-is-rebuilt)
+- [Project access tokens](../../../user/project/settings/project_access_tokens.md) are revoked
+- [Pipeline subscriptions](../../../ci/pipelines/multi_project_pipelines.md#trigger-a-pipeline-when-an-upstream-project-is-rebuilt)
 and [test cases](../../../ci/test_cases/index.md) are deleted.
 
 ## Delete a project
@@ -460,7 +452,7 @@ in GitLab 12.6, and then to [immediate deletion](https://gitlab.com/gitlab-org/g
 Projects can be deleted after a delay period. Multiple settings can affect whether
 delayed project deletion is enabled for a particular project:
 
-- Self-managed instance [settings](../../admin_area/settings/visibility_and_access_controls.md#deletion-protection).
+- Self-managed instance [settings](../../admin_area/settings/visibility_and_access_controls.md#delayed-project-deletion).
   You can enable delayed project deletion as the default setting for new groups, and configure the number of days for the
   delay. For GitLab.com, see the [GitLab.com settings](../../gitlab_com/index.md#delayed-project-deletion).
 - Group [settings](../../group/index.md#enable-delayed-project-deletion) to enabled delayed project deletion for all
@@ -499,27 +491,23 @@ To restore a project marked for deletion:
 1. Navigate to your project, and select **Settings > General > Advanced**.
 1. In the Restore project section, select **Restore project**.
 
-## Removing a fork relationship
+## Remove a fork relationship
+
+Prerequisites:
 
-Forking is a great way to [contribute to a project](../repository/forking_workflow.md)
-of which you're not a member.
-If you want to use the fork for yourself and don't need to send
-[merge requests](../merge_requests/index.md) to the upstream project,
-you can safely remove the fork relationship.
+- You must be a project owner to remove a fork relationship.
 
 WARNING:
-Once removed, you can't send merge requests to the source, and if anyone has forked your project, their fork also loses the relationship.
+If you remove a fork relationship, you can't send merge requests to the source. If anyone has forked your project, their fork also loses the relationship.
 To restore the fork relationship, [use the API](../../../api/projects.md#create-a-forked-fromto-relation-between-existing-projects).
 
-To do so:
+To remove a fork relationship:
 
-1. Navigate to your project's **Settings > General > Advanced**.
-1. Under **Remove fork relationship**, select the likewise-labeled button.
-1. Confirm the action by typing the project's path as instructed.
-
-NOTE:
-Only project owners have the [permissions](../../permissions.md#project-members-permissions)
-to remove a fork relationship.
+1. On the top bar, select **Menu > Projects** and find your project.
+1. On the left sidebar, select **Settings > General**.
+1. Expand **Advanced**.
+1. In the **Remove fork relationship** section, select **Remove fork relationship**.
+1. To confirm, enter the project path and select **Confirm**.
 
 ## Monitor settings
 
diff --git a/doc/user/project/wiki/img/content_editor_v14.6.png b/doc/user/project/wiki/img/content_editor_v14.6.png
deleted file mode 100644
index 55fca0ace1e..00000000000
--- a/doc/user/project/wiki/img/content_editor_v14.6.png
+++ /dev/null
diff --git a/doc/user/project/wiki/img/use_new_editor_button_v14.6.png b/doc/user/project/wiki/img/use_new_editor_button_v14.6.png
deleted file mode 100644
index 078fed8a1e9..00000000000
--- a/doc/user/project/wiki/img/use_new_editor_button_v14.6.png
+++ /dev/null
diff --git a/doc/user/project/wiki/index.md b/doc/user/project/wiki/index.md
index 5ae0cf46d9b..6e320923496 100644
--- a/doc/user/project/wiki/index.md
+++ b/doc/user/project/wiki/index.md
@@ -329,16 +329,15 @@ to disable the wiki but toggle it on (in blue).
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/345398) switching between editing experiences in GitLab 14.7 [with a flag](../../../administration/feature_flags.md) named `wiki_switch_between_content_editor_raw_markdown`. Enabled by default.
 > - Switching between editing experiences generally available in GitLab 14.10. [Feature flag `wiki_switch_between_content_editor_raw_markdown`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/83760) removed.
 
-GitLab version 14.0 introduces a WYSIWYG editing experience for GitLab Flavored Markdown
-in Wikis through the [Content Editor](../../../development/fe_guide/content_editor.md).
-The Content Editor is under active development, and is not yet the default editing
-experience in the Wiki. To opt in for the new editor:
+GitLab provides a WYSIWYG editing experience for GitLab Flavored Markdown in wikis.
 
-1. Create a new wiki page, or edit an existing one.
-1. Ensure the wiki page uses the Markdown format. Other formats are not yet supported.
-1. Above the content field, select **Edit rich text**:
+Support includes:
 
-   ![Use new editor button image](img/use_new_editor_button_v14.6.png)
+- Text formatting options, including bold, italics, block quotes, headings, and inline code.
+- List formatting for unordered, numbered, and checklists.
+- Creating and editing the structure of tables.
+- Inserting and formatting code blocks with syntax highlighting.
+- Live preview of Mermaid, PlantUML, and Kroki diagrams ([Introduced]<https://gitlab.com/gitlab-org/gitlab/-/merge_requests/86701> in GitLab 15.2).
 
 ### Use the Content Editor
 
@@ -346,9 +345,10 @@ experience in the Wiki. To opt in for the new editor:
 1. Select **Markdown** as your format.
 1. Above **Content**, select **Edit rich text**.
 1. Customize your page's content using the various formatting options available in the content editor.
-1. Select **Create page** for a new page, or **Save changes** for an existing page:
+1. Select **Create page** for a new page, or **Save changes** for an existing page.
 
-   ![Content Editor in Wikis image](img/content_editor_v14.6.png)
+The rich text editing mode remains the default until you switch back to
+[edit the raw source](#switch-back-to-the-old-editor).
 
 ### Switch back to the old editor
 
diff --git a/doc/user/project/working_with_projects.md b/doc/user/project/working_with_projects.md
index 83cab819f54..9572bc241fc 100644
--- a/doc/user/project/working_with_projects.md
+++ b/doc/user/project/working_with_projects.md
@@ -198,7 +198,7 @@ GitLab creates your project in your chosen namespace.
 You cannot use `git push` to create projects with project paths that:
 
 - Have previously been used.
-- Have been [renamed](settings/index.md#renaming-a-repository).
+- Have been [renamed](settings/index.md#rename-a-repository).
 
 Previously used project paths have a redirect. The redirect causes push attempts to redirect requests
 to the renamed project location, instead of creating a new project. To create a new project for a previously
@@ -391,7 +391,7 @@ To use a project as a Go package, use the `go get` and `godoc.org` discovery req
 Prerequisites:
 
 - Your GitLab instance must be accessible with HTTPS.
-- You must have a [personal access token](../profile/personal_access_tokens.md).
+- You must have a [personal access token](../profile/personal_access_tokens.md) with `read_api` scope.
 
 To authenticate Go requests, create a [`.netrc`](https://everything.curl.dev/usingcurl/netrc) file with the following information:
 
@@ -423,7 +423,7 @@ Configure Git to either:
 - Use SSH instead of HTTPS:
 
     ```shell
-    git config --global url."git@gitlab.example.com".insteadOf "https://gitlab.example.com"
+    git config --global url."git@gitlab.example.com:".insteadOf "https://gitlab.example.com/"
     ```
 
 ### Disable Go module fetching for private projects
diff --git a/doc/user/public_access.md b/doc/user/public_access.md
index cca753a2830..d821c1abe47 100644
--- a/doc/user/public_access.md
+++ b/doc/user/public_access.md
@@ -70,6 +70,8 @@ Prerequisite:
 Prerequisite:
 
 - You must have the Owner role for a group.
+- Subgroups and projects must already have visibility settings that are at least as
+  restrictive as the new setting for the group.
 
 1. On the top bar, select **Menu > Groups** and find your project.
 1. On the left sidebar, select **Settings > General**.
diff --git a/doc/user/search/advanced_search.md b/doc/user/search/advanced_search.md
index 075c9b6154b..90d6a15901a 100644
--- a/doc/user/search/advanced_search.md
+++ b/doc/user/search/advanced_search.md
@@ -84,15 +84,8 @@ its performance:
 
 ## Global Search validation
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/346263) in GitLab 14.6 [with a flag](../../administration/feature_flags.md) named `prevent_abusive_searches`. Disabled by default.
-
-FLAG:
-On self-managed GitLab, by default this feature is not available. To make it available,
-ask an administrator to [enable the feature flag](../../administration/feature_flags.md) named `prevent_abusive_searches`.
-The feature is not ready for production use.
-
 To prevent abusive searches, such as searches that may result in a Distributed Denial of Service (DDoS), Global Search ignores, logs, and
-doesn't return any results for searches considered abusive according to the following criteria, if `prevent_abusive_searches` feature flag is enabled:
+doesn't return any results for searches considered abusive according to the following criteria:
 
 - Searches with less than 2 characters.
 - Searches with any term greater than 100 characters. URL search terms have a maximum of 200 characters.
@@ -101,8 +94,7 @@ doesn't return any results for searches considered abusive according to the foll
 - Searches with a `repository_ref` or `project_ref` parameter that has special characters not allowed by [Git refname](https://git-scm.com/docs/git-check-ref-format).
 - Searches with a `scope` that is unknown.
 
-Regardless of the status of the `prevent_abusive_searches` feature flag, searches that don't
-comply with the criteria described below aren't logged as abusive but are flagged with an error:
+Searches that don't comply with the criteria described below aren't logged as abusive but are flagged with an error:
 
 - Searches with more than 4096 characters.
 - Searches with more than 64 terms.
diff --git a/doc/user/search/img/basic_search_results_v15_1.png b/doc/user/search/img/basic_search_results_v15_1.png
index b85627c9b95..0de0b976d7d 100644
--- a/doc/user/search/img/basic_search_results_v15_1.png
+++ b/doc/user/search/img/basic_search_results_v15_1.png
diff --git a/doc/user/search/img/code_search_git_blame_v15_1.png b/doc/user/search/img/code_search_git_blame_v15_1.png
index e61ee5993c2..426f829b186 100644
--- a/doc/user/search/img/code_search_git_blame_v15_1.png
+++ b/doc/user/search/img/code_search_git_blame_v15_1.png
diff --git a/doc/user/ssh.md b/doc/user/ssh.md
index 27bb7124afe..e884d762379 100644
--- a/doc/user/ssh.md
+++ b/doc/user/ssh.md
@@ -354,7 +354,7 @@ can do this by using the command in the [previous topic](#use-different-keys-for
 However, even if you set `IdentitiesOnly` to `yes`, you cannot sign in if an
 `IdentityFile` exists outside of a `Host` block.
 
-Instead, you can assign aliases to hosts in the `~.ssh/config` file.
+Instead, you can assign aliases to hosts in the `~/.ssh/config` file.
 
 - For the `Host`, use an alias like `user_1.gitlab.com` and
   `user_2.gitlab.com`. Advanced configurations
diff --git a/doc/user/tasks.md b/doc/user/tasks.md
index fc49661c61c..36236f2969e 100644
--- a/doc/user/tasks.md
+++ b/doc/user/tasks.md
@@ -6,7 +6,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # Tasks **(FREE)**
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/334812) in GitLab 14.5 [with a flag](../administration/feature_flags.md) named `work_items`. Disabled by default.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/334812) in GitLab 14.5 [with a flag](../administration/feature_flags.md) named `work_items`. Disabled by default.
+> - [Creating, editing, and deleting tasks](https://gitlab.com/groups/gitlab-org/-/epics/7169) introduced in GitLab 15.0.
 
 FLAG:
 On self-managed GitLab, by default this feature is not available. To make it available,
@@ -32,8 +33,7 @@ to work items and adding custom work item types, visit
 To create a task:
 
 1. In an issue description, create a [task list](markdown.md#task-lists).
-1. Hover over a task item and select **Convert to work item** (**{doc-new}**).
-1. Confirm or edit the title, and select **Create work item**.
+1. Hover over a task item and select **Create task** (**{doc-new}**).
 
 ## Edit a task
 
@@ -42,11 +42,11 @@ To edit a task:
 1. In the issue description, view the task links.
 1. Select a link. The task is displayed.
    - To edit the description, select **Edit**, then select **Save**.
-   - To edit the title or state, make your changes, then click outside the field. The changes are saved automatically.
+   - To edit the title or state, make your changes, then select any area outside the field. The changes are saved automatically.
 
 ## Delete a task
 
 To delete a task:
 
 1. In the issue description, select the task.
-1. From the options menu (**{ellipsis_v}**), select **Delete work item**.
+1. From the options menu (**{ellipsis_v}**), select **Delete task**.
diff --git a/doc/user/usage_quotas.md b/doc/user/usage_quotas.md
index 84c98a60917..c863a9d8270 100644
--- a/doc/user/usage_quotas.md
+++ b/doc/user/usage_quotas.md
@@ -10,11 +10,57 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/13294) in GitLab 12.0.
 > - Moved to GitLab Free.
 
-NOTE:
-Free tier namespaces on GitLab SaaS have a 5GB storage limit. This limit is not visible on the storage quota page nor currently enforced for users who exceed the limit. To learn more, visit our [pricing page](https://about.gitlab.com/pricing/).
+## Namespace storage limit
 
-A project's repository has a free storage quota of 10 GB. When a project's repository reaches
-the quota it is locked. You cannot push changes to a locked project. To monitor the size of each
+Namespaces on a GitLab SaaS Free tier have a 5 GB storage limit. For more information, see our [pricing page](https://about.gitlab.com/pricing/).
+This limit is not visible on the storage quota page, but we plan to make it visible and enforced starting October 19, 2022.
+
+Storage types that add to the total namespace storage are:
+
+- Git repository
+- Git LFS
+- Artifacts
+- Container registry
+- Package registry
+- Dependecy proxy
+- Wiki
+- Snippets
+
+If your total namespace storage exceeds the available namespace storage quota, all projects under the namespace are locked. A locked project will not be able to push to the repository, run pipelines and jobs, or build and push packages.
+
+To prevent exceeding the namespace storage quota, you can:
+
+1. [Purchase more storage](../subscriptions/gitlab_com/index.md#purchase-more-storage-and-transfer).
+1. [Upgrade to a paid tier](../subscriptions/gitlab_com/#upgrade-your-gitlab-saas-subscription-tier).
+1. [Reduce storage usage](#manage-your-storage-usage).
+
+### Namespace storage limit enforcement schedule
+
+Starting October 19, 2022, a storage limit will be enforced on all GitLab Free namespaces.
+We will start with a large limit enforcement and eventually reduce it to 5 GB.
+
+The following table describes the enforcement schedule, which is subject to change.
+
+| Target enforcement date | Limit | Expected Impact | Status |
+| ------ | ------ | ------ | ------ |
+| October 19, 2022 | 45,000 GB | LOW | Pending (**{hourglass}**)|
+| October 20, 2022 | 7,500 GB | LOW | Pending (**{hourglass}**)|
+| October 24, 2022 | 500 GB | MEDIUM | Pending (**{hourglass}**)|
+| October 27, 2022 | 75 GB | MEDIUM HIGH | Pending (**{hourglass}**)|
+| November 2, 2022 | 10 GB | HIGH | Pending (**{hourglass}**)|
+| November 9, 2022 | 5 GB | VERY HIGH | Pending (**{hourglass}**)|
+
+Namespaces that reach the enforced limit will have their projects locked. To unlock your project, you will have to [manage its storage](#manage-your-storage-usage).
+
+### Project storage limit
+
+Namespaces on a GitLab SaaS **paid** tier (Premium and Ultimate) have a storage limit on their project repositories.
+A project's repository has a storage quota of 10 GB. A namespace has either a namespace-level storage limit or a project-level storage limit, but not both.
+
+- Paid tier namespaces have project-level storage limits enforced.
+- Free tier namespaces have namespace-level storage limits.
+
+When a project's repository reaches the quota, the project is locked. You cannot push changes to a locked project. To monitor the size of each
 repository in a namespace, including a breakdown for each project, you can
 [view storage usage](#view-storage-usage). To allow a project's repository to exceed the free quota
 you must purchase additional storage. For more details, see [Excess storage usage](#excess-storage-usage).
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-07-20 15:40:28 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-07-20 15:40:28 +0000
commit	b595cb0c1dec83de5bdee18284abe86614bed33b (patch)
tree	8c3d4540f193c5ff98019352f554e921b3a41a72 /doc/user
parent	2f9104a328fc8a4bddeaa4627b595166d24671d0 (diff)
download	gitlab-ce-b595cb0c1dec83de5bdee18284abe86614bed33b.tar.gz