Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-07-13 06:08:10 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-07-13 06:08:10 +0300
commit: 58f103ba8fa4a64ca54c80713123dbf87e41459f (patch)
tree: 707b0443b4ecc0895511b8394c843af4f8355ba3
parent: f7ccc56576ffd6bfdefddf2f50fed1d0aa419a3d (diff)
154 files changed, 3561 insertions, 208 deletions
diff --git a/app/assets/javascripts/projects/pipelines/charts/components/app.vue b/app/assets/javascripts/projects/pipelines/charts/components/app.vue
index 016301368af..186fcf70838 100644
--- a/app/assets/javascripts/projects/pipelines/charts/components/app.vue
+++ b/app/assets/javascripts/projects/pipelines/charts/components/app.vue
@@ -22,6 +22,7 @@ export default {
   deploymentFrequencyTabEvent: 'p_analytics_ci_cd_deployment_frequency',
   leadTimeTabEvent: 'p_analytics_ci_cd_lead_time',
   timeToRestoreServiceTabEvent: 'p_analytics_ci_cd_time_to_restore_service',
+  changeFailureRateTabEvent: 'p_analytics_ci_cd_change_failure_rate',
   inject: {
     shouldRenderDoraCharts: {
       type: Boolean,
@@ -115,6 +116,7 @@ export default {
         <gl-tab
           :title="s__('DORA4Metrics|Change failure rate')"
           data-testid="change-failure-rate-tab"
+          @click="trackTabClick($options.changeFailureRateTabEvent)"
         >
           <change-failure-rate-charts />
         </gl-tab>
diff --git a/app/assets/javascripts/sidebar/mount_sidebar.js b/app/assets/javascripts/sidebar/mount_sidebar.js
index bb40ac14438..3f82fe5ce87 100644
--- a/app/assets/javascripts/sidebar/mount_sidebar.js
+++ b/app/assets/javascripts/sidebar/mount_sidebar.js
@@ -73,12 +73,14 @@ function mountSidebarToDoWidget() {
         props: {
           fullPath: projectPath,
           issuableId:
-            isInIssuePage() || isInDesignPage()
+            isInIssuePage() || isInIncidentPage() || isInDesignPage()
               ? convertToGraphQLId(TYPE_ISSUE, id)
               : convertToGraphQLId(TYPE_MERGE_REQUEST, id),
           issuableIid: iid,
           issuableType:
-            isInIssuePage() || isInDesignPage() ? IssuableType.Issue : IssuableType.MergeRequest,
+            isInIssuePage() || isInIncidentPage() || isInDesignPage()
+              ? IssuableType.Issue
+              : IssuableType.MergeRequest,
         },
       }),
   });
diff --git a/app/controllers/projects/pipelines_controller.rb b/app/controllers/projects/pipelines_controller.rb
index 5fbd6c6a482..b2aa1d9f4ca 100644
--- a/app/controllers/projects/pipelines_controller.rb
+++ b/app/controllers/projects/pipelines_controller.rb
@@ -39,6 +39,7 @@ class Projects::PipelinesController < Projects::ApplicationController
   track_redis_hll_event :charts, name: 'p_analytics_ci_cd_deployment_frequency', if: -> { should_track_ci_cd_deployment_frequency? }
   track_redis_hll_event :charts, name: 'p_analytics_ci_cd_lead_time', if: -> { should_track_ci_cd_lead_time? }
   track_redis_hll_event :charts, name: 'p_analytics_ci_cd_time_to_restore_service', if: -> { should_track_ci_cd_time_to_restore_service? }
+  track_redis_hll_event :charts, name: 'p_analytics_ci_cd_change_failure_rate', if: -> { should_track_ci_cd_change_failure_rate? }
 
   wrap_parameters Ci::Pipeline
 
@@ -366,6 +367,10 @@ class Projects::PipelinesController < Projects::ApplicationController
   def should_track_ci_cd_time_to_restore_service?
     params[:chart] == 'time-to-restore-service'
   end
+
+  def should_track_ci_cd_change_failure_rate?
+    params[:chart] == 'change-failure-rate'
+  end
 end
 
 Projects::PipelinesController.prepend_mod_with('Projects::PipelinesController')
diff --git a/app/views/groups/_import_group_from_file_panel.html.haml b/app/views/groups/_import_group_from_file_panel.html.haml
index 2e524e65679..022777eea27 100644
--- a/app/views/groups/_import_group_from_file_panel.html.haml
+++ b/app/views/groups/_import_group_from_file_panel.html.haml
@@ -2,7 +2,7 @@
 - group_path = root_url
 - group_path << parent.full_path + '/' if parent
 
-= form_for '', url: import_gitlab_group_path, namespace: ('import_group' if Feature::enabled?(:group_name_path_vue, current_user)), class: 'group-form gl-show-field-errors', multipart: true do |f|
+= form_for '', url: import_gitlab_group_path, namespace: 'import_group', class: 'group-form gl-show-field-errors', multipart: true do |f|
   .gl-border-l-solid.gl-border-r-solid.gl-border-gray-100.gl-border-1.gl-p-5
     %h4
       = _('Import group from file')
@@ -13,38 +13,7 @@
         - docs_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: help_page_path('user/group/import/index.md') }
         - link_end = '</a>'.html_safe
         = s_('GroupsNew|This feature is deprecated and replaced by %{docs_link_start}group migration%{docs_link_end}.').html_safe % { docs_link_start: docs_link_start, docs_link_end: link_end }
-    - if Feature::enabled?(:group_name_path_vue, current_user)
-      = render 'shared/groups/group_name_and_path_fields', f: f
-    - else
-      .form-group.gl-display-flex.gl-flex-direction-column.gl-mt-5
-        = f.label :name, _('New group name'), for: 'import_group_name'
-        = f.text_field :name, placeholder: s_('GroupsNew|My Awesome Group'), class: 'js-autofill-group-name gl-form-input col-xs-12 col-sm-8',
-          required: true,
-          title: _('Please fill in a descriptive name for your group.'),
-          autofocus: true,
-          id: 'import_group_name'
-
-      .form-group.gl-display-flex.gl-flex-direction-column
-        = f.label :import_group_path, _('New group URL'), for: 'import_group_path'
-        .input-group.gl-field-error-anchor.col-xs-12.col-sm-8.gl-p-0
-          .group-root-path.input-group-prepend.has-tooltip{ title: group_path, :'data-placement' => 'bottom' }
-            .input-group-text
-              %span
-                = root_url
-              - if parent
-                %strong= parent.full_path + '/'
-          = f.hidden_field :parent_id, value: parent&.id
-          = f.text_field :path, placeholder: 'my-awesome-group', class: 'form-control js-validate-group-path js-autofill-group-path',
-            id: 'import_group_path',
-            required: true,
-            pattern: Gitlab::PathRegex::NAMESPACE_FORMAT_REGEX_JS,
-            title: group_url_error_message,
-            maxlength: ::Namespace::URL_MAX_LENGTH,
-            "data-bind-in" => "#{'create_chat_team' if Gitlab.config.mattermost.enabled}"
-        %p.validation-error.gl-field-error.field-validation.hide
-          = _("Group path is already taken. We've suggested one that is available.")
-        %p.validation-success.gl-field-success.field-validation.hide= _('Group path is available.')
-        %p.validation-pending.gl-field-error-ignore.field-validation.hide= _('Checking group path availability...')
+    = render 'shared/groups/group_name_and_path_fields', f: f
     .form-group
       = f.label :file, s_('GroupsNew|Upload file')
       .gl-font-weight-normal
diff --git a/app/views/shared/_group_form.html.haml b/app/views/shared/_group_form.html.haml
index 5ae99474c70..db5e055a1c4 100644
--- a/app/views/shared/_group_form.html.haml
+++ b/app/views/shared/_group_form.html.haml
@@ -3,53 +3,4 @@
 - group_path << parent.full_path + '/' if parent
 
 
-- if Feature::enabled?(:group_name_path_vue, current_user)
-  = render 'shared/groups/group_name_and_path_fields', f: f
-- else
-  .row
-    .form-group.group-name-holder.col-sm-12
-      = f.label :name, class: 'label-bold' do
-        = s_('Groups|Group name')
-      = f.text_field :name, placeholder: _('My awesome group'), class: 'js-autofill-group-name form-control input-lg', data: { qa_selector: 'group_name_field' },
-        required: true,
-        title: s_('Groups|Enter a descriptive name for your group.'),
-        autofocus: true
-      .text-muted
-        = s_('Groups|Must start with letter, digit, emoji, or underscore. Can also contain periods, dashes, spaces, and parentheses.')
-
-  .row
-    .form-group.col-xs-12.col-sm-8
-      = f.label :path, class: 'label-bold' do
-        = s_('Groups|Group URL')
-      .input-group.gl-field-error-anchor
-        .group-root-path.input-group-prepend.has-tooltip{ title: group_path, :'data-placement' => 'bottom' }
-          .input-group-text
-            %span>= root_url
-            - if parent
-              %strong= parent.full_path + '/'
-        = f.hidden_field :parent_id
-        = f.text_field :path, placeholder: _('my-awesome-group'), class: 'form-control js-validate-group-path js-autofill-group-path', data: { qa_selector: 'group_path_field' },
-          autofocus: local_assigns[:autofocus] || false, required: true,
-          pattern: Gitlab::PathRegex::NAMESPACE_FORMAT_REGEX_JS,
-          title: group_url_error_message,
-          maxlength: ::Namespace::URL_MAX_LENGTH,
-          "data-bind-in" => "#{'create_chat_team' if Gitlab.config.mattermost.enabled}"
-      %p.validation-error.gl-field-error.field-validation.hide
-        = s_('Groups|Group path is unavailable. Path has been replaced with a suggested available path.')
-      %p.validation-success.gl-field-success.field-validation.hide= s_('Groups|Group path is available.')
-      %p.validation-pending.gl-field-error-ignore.field-validation.hide= s_('Groups|Checking group URL availability...')
-
-    - if @group.persisted?
-      .gl-alert.gl-alert-warning.gl-mt-3.gl-mb-3
-        = sprite_icon('warning', size: 16, css_class: 'gl-icon gl-alert-icon gl-alert-icon-no-title')
-        .gl-alert-body
-          = s_('Groups|Changing group URL can have unintended side effects.')
-          = succeed '.' do
-            = link_to s_('Groups|Learn more'), help_page_path('user/group/index', anchor: 'change-a-groups-path'), target: '_blank', class: 'gl-link'
-
-  - if @group.persisted?
-    .row
-      .form-group.group-name-holder.col-sm-8
-        = f.label :id, class: 'label-bold' do
-          = s_('Groups|Group ID')
-        = f.text_field :id, class: 'form-control', readonly: true
+= render 'shared/groups/group_name_and_path_fields', f: f
diff --git a/config/feature_flags/development/group_name_path_vue.yml b/config/feature_flags/development/group_name_path_vue.yml
deleted file mode 100644
index 71adb199b77..00000000000
--- a/config/feature_flags/development/group_name_path_vue.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-name: group_name_path_vue
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/88085
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/363623
-milestone: '15.1'
-type: development
-group: group::workspace
-default_enabled: true
diff --git a/config/metrics/counts_28d/20210216174910_analytics_unique_visits_for_any_target_monthly.yml b/config/metrics/counts_28d/20210216174910_analytics_unique_visits_for_any_target_monthly.yml
index c8cb9693a7f..e766c555d3a 100644
--- a/config/metrics/counts_28d/20210216174910_analytics_unique_visits_for_any_target_monthly.yml
+++ b/config/metrics/counts_28d/20210216174910_analytics_unique_visits_for_any_target_monthly.yml
@@ -34,10 +34,12 @@ options:
   - p_analytics_ci_cd_deployment_frequency
   - p_analytics_ci_cd_lead_time
   - p_analytics_ci_cd_time_to_restore_service
+  - p_analytics_ci_cd_change_failure_rate
   - g_analytics_ci_cd_release_statistics
   - g_analytics_ci_cd_deployment_frequency
   - g_analytics_ci_cd_lead_time
   - g_analytics_ci_cd_time_to_restore_service
+  - g_analytics_ci_cd_change_failure_rate
 distribution:
 - ce
 - ee
diff --git a/config/metrics/counts_28d/20220707054530_p_analytics_ci_cd_change_failure_rate_monthly.yml b/config/metrics/counts_28d/20220707054530_p_analytics_ci_cd_change_failure_rate_monthly.yml
new file mode 100644
index 00000000000..186011b35af
--- /dev/null
+++ b/config/metrics/counts_28d/20220707054530_p_analytics_ci_cd_change_failure_rate_monthly.yml
@@ -0,0 +1,26 @@
+---
+key_path: redis_hll_counters.analytics.p_analytics_ci_cd_change_failure_rate_monthly
+name: p_analytics_ci_cd_change_failure_rate_monthly
+description: Count of unique visits to the project level CI/CD Analytics Change failure rate tab
+product_section: dev
+product_stage: manage
+product_group: optimize
+product_category:
+value_type: number
+status: active
+milestone: "15.2"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91726
+time_frame: 28d
+data_source: redis_hll
+data_category: operational
+instrumentation_class: RedisHLLMetric
+performance_indicator_type: []
+distribution:
+- ce
+- ee
+tier:
+- premium
+- ultimate
+options:
+  events:
+    - p_analytics_ci_cd_change_failure_rate
diff --git a/config/metrics/counts_7d/20220707054526_p_analytics_ci_cd_change_failure_rate_weekly.yml b/config/metrics/counts_7d/20220707054526_p_analytics_ci_cd_change_failure_rate_weekly.yml
new file mode 100644
index 00000000000..2a4889cc3ac
--- /dev/null
+++ b/config/metrics/counts_7d/20220707054526_p_analytics_ci_cd_change_failure_rate_weekly.yml
@@ -0,0 +1,26 @@
+---
+key_path: redis_hll_counters.analytics.p_analytics_ci_cd_change_failure_rate_weekly
+name: p_analytics_ci_cd_change_failure_rate_weekly
+description: Count of unique visits to the project level CI/CD Analytics Change failure rate tab
+product_section: dev
+product_stage: manage
+product_group: optimize
+product_category:
+value_type: number
+status: active
+milestone: "15.2"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91726
+time_frame: 7d
+data_source: redis_hll
+data_category: operational
+instrumentation_class: RedisHLLMetric
+performance_indicator_type: []
+distribution:
+- ce
+- ee
+tier:
+- premium
+- ultimate
+options:
+  events:
+    - p_analytics_ci_cd_change_failure_rate
diff --git a/doc/update/index.md b/doc/update/index.md
index 50bb6631e0e..61efc1ac32d 100644
--- a/doc/update/index.md
+++ b/doc/update/index.md
@@ -387,8 +387,8 @@ Additional steps between the mentioned versions are possible. We list the minima
 
 | Target version | Your version | Supported upgrade path                                                                               | Note                                                                                                                              |
 | -------------- | ------------ | ---------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- |
-| `15.1.0`       | `14.6.2`     | `14.6.2` -> `14.9.5` -> `14.10.4` -> `15.0.2` -> `15.1.0`                                            | Three intermediate versions are required: `14.9` and `14.10`, `15.0`, then `15.1.0`.                                              |
-| `15.0.0`       | `14.6.2`     | `14.6.2` -> `14.9.5` -> `14.10.4` -> `15.0.2`                                                        | Two intermediate versions are required: `14.9` and `14.10`, then `15.0.0`.                                                        |
+| `15.1.0`       | `14.6.2`     | `14.6.2` -> `14.9.5` -> `14.10.5` -> `15.0.2` -> `15.1.0`                                            | Three intermediate versions are required: `14.9` and `14.10`, `15.0`, then `15.1.0`.                                              |
+| `15.0.0`       | `14.6.2`     | `14.6.2` -> `14.9.5` -> `14.10.5` -> `15.0.2`                                                        | Two intermediate versions are required: `14.9` and `14.10`, then `15.0.0`.                                                        |
 | `14.6.2`       | `13.10.2`    | `13.10.2` -> `13.12.15` -> `14.0.12` -> `14.3.6` => `14.6.2`                                         | Three intermediate versions are required: `13.12` and `14.0`, `14.3`, then `14.6.2`.                                                        |
 | `14.1.8`       | `13.9.2`     | `13.9.2` -> `13.12.15` -> `14.0.12` -> `14.1.8`                                                      | Two intermediate versions are required: `13.12` and `14.0`, then `14.1.8`.                                                        |
 | `13.12.15`     | `12.9.2`     | `12.9.2` -> `12.10.14` -> `13.0.14`  -> `13.1.11` -> `13.8.8` -> `13.12.15`                          | Four intermediate versions are required: `12.10`, `13.0`, `13.1` and `13.8.8`, then `13.12.15`.                                   |
diff --git a/doc/user/application_security/dast/checks/1004.1.md b/doc/user/application_security/dast/checks/1004.1.md
index 72af1156b95..40139f2aa8a 100644
--- a/doc/user/application_security/dast/checks/1004.1.md
+++ b/doc/user/application_security/dast/checks/1004.1.md
@@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 ## Description
 
-The {cookie_name} cookie was transmitted in a `Set-Cookie` header without the `HttpOnly` attribute set.
+The cookie was transmitted in a `Set-Cookie` header without the `HttpOnly` attribute set.
 To prevent JavaScript being able to access the cookie value - usually via `document.cookies` - all
 cookies that are used for authorization should have the `HttpOnly` attribute
 set.
diff --git a/doc/user/application_security/dast/checks/16.3.md b/doc/user/application_security/dast/checks/16.3.md
index 6f80a2a32c6..e4fc2468dae 100644
--- a/doc/user/application_security/dast/checks/16.3.md
+++ b/doc/user/application_security/dast/checks/16.3.md
@@ -32,4 +32,4 @@ information from the `X-Powered-By` header.
 ## Links
 
 - [CWE](https://cwe.mitre.org/data/definitions/16.html)
-- [PHP `expose_php`](https://www.php.net/manual/en/ini.core.php#ini.expose-php)
+- [PHP expose_php](https://www.php.net/manual/en/ini.core.php#ini.expose-php)
diff --git a/doc/user/application_security/dast/checks/16.5.md b/doc/user/application_security/dast/checks/16.5.md
index e03da3043ef..28bb9f7ee4b 100644
--- a/doc/user/application_security/dast/checks/16.5.md
+++ b/doc/user/application_security/dast/checks/16.5.md
@@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 ## Description
 
-The target website returns AspNet headers and version information of this website. By
+The target website returns AspNet header(s) and version information of this website. By
 exposing these values attackers may attempt to identify if the target software is vulnerable to known
 vulnerabilities, or catalog known sites running particular versions to exploit in the future when a
 vulnerability is identified in the particular version.
diff --git a/doc/user/application_security/dast/checks/16.6.md b/doc/user/application_security/dast/checks/16.6.md
index 9cbcde669a0..ddd3a10c5f8 100644
--- a/doc/user/application_security/dast/checks/16.6.md
+++ b/doc/user/application_security/dast/checks/16.6.md
@@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 ## Description
 
-The target website returns AspNet headers along with version information of this website. By
+The target website returns AspNet header(s) along with version information of this website. By
 exposing these values attackers may attempt to identify if the target software is vulnerable to known
 vulnerabilities. Or catalog known sites running particular versions to exploit in the future when a
 vulnerability is identified in the particular version.
diff --git a/doc/user/application_security/dast/checks/16.9.md b/doc/user/application_security/dast/checks/16.9.md
index 0260beaf434..c3e4431e415 100644
--- a/doc/user/application_security/dast/checks/16.9.md
+++ b/doc/user/application_security/dast/checks/16.9.md
@@ -15,7 +15,7 @@ site.
 ## Remediation
 
 Follow the recommendations to determine if any actions are necessary to harden this `Content-Security-Policy-Report-Only`.
-After all alerts have been resolved, we recommended that this header be changed to `Content-Security-Policy`.
+After all alerts have been resolved, we recommend that this header be changed to `Content-Security-Policy`.
 
 ## Details
 
diff --git a/doc/user/application_security/dast/checks/209.1.md b/doc/user/application_security/dast/checks/209.1.md
index f2713a70afd..2e4163bdec0 100644
--- a/doc/user/application_security/dast/checks/209.1.md
+++ b/doc/user/application_security/dast/checks/209.1.md
@@ -9,17 +9,17 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 ## Description
 
 The application was found to return error data such as stack traces. Depending on the data contained within the error message,
-this information could be used by an attacker to conduct further attacks. While stack traces are helpful during development
-and debugging, they should not be presented to users when an error occurs.
+this information could be used by an attacker to conduct further attacks. While stack traces are helpful during development 
+and debugging, they should not be presented to users when an error occurs. 
 
 ## Remediation
 
 Applications should handle exception conditions internally and map known failure types to error codes that can be displayed
 to a user. These error codes should be customized to the application and returned along with the relevant HTTP error code.
 
-When an error occurs, the application identifies the error type or class, and displays a numerical value to the
-user. Requests should also be tracked so when a user is presented with an error code, it has a corresponding request ID.
-Support teams can then correlate the HTTP error, the customized error code, and the request ID in the log files to
+When an error occurs, the application identifies the error type or class, and displays a numerical value to the 
+user. Requests should also be tracked so when a user is presented with an error code, it has a corresponding request ID. 
+Support teams can then correlate the HTTP error, the customized error code, and the request ID in the log files to 
 determine the root cause of the error without leaking details to the end user.
 
 Example of returning customized errors:
diff --git a/doc/user/application_security/dast/checks/614.1.md b/doc/user/application_security/dast/checks/614.1.md
index ec68ce33529..d5c7476716f 100644
--- a/doc/user/application_security/dast/checks/614.1.md
+++ b/doc/user/application_security/dast/checks/614.1.md
@@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 ## Description
 
-The {cookie_name} cookie was transmitted in a `Set-Cookie` response without the `Secure` attribute set.
+The cookie was transmitted in a `Set-Cookie` response without the `Secure` attribute set.
 To prevent sensitive cookie values being accidentally transmitted over clear-text HTTP we
 recommended that cookies are declared with the `Secure` attribute.
 
diff --git a/doc/user/application_security/dast/checks/798.1.md b/doc/user/application_security/dast/checks/798.1.md
new file mode 100644
index 00000000000..819ae92cfdc
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.1.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Adafruit API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Adafruit API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.1 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.10.md b/doc/user/application_security/dast/checks/798.10.md
new file mode 100644
index 00000000000..14723c81f17
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.10.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Asana Client Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Asana Client Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.10 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.100.md b/doc/user/application_security/dast/checks/798.100.md
new file mode 100644
index 00000000000..07bd24211c7
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.100.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Sendbird Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Sendbird Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.100 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.101.md b/doc/user/application_security/dast/checks/798.101.md
new file mode 100644
index 00000000000..ea102147100
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.101.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token SendGrid API token
+
+## Description
+
+The response body contains content that matches the pattern of a SendGrid API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.101 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.102.md b/doc/user/application_security/dast/checks/798.102.md
new file mode 100644
index 00000000000..8a40475190a
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.102.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Sendinblue API token
+
+## Description
+
+The response body contains content that matches the pattern of a Sendinblue API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.102 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.103.md b/doc/user/application_security/dast/checks/798.103.md
new file mode 100644
index 00000000000..3d91f7f3b80
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.103.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Sentry Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Sentry Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.103 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.104.md b/doc/user/application_security/dast/checks/798.104.md
new file mode 100644
index 00000000000..316998615ff
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.104.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Shippo API token
+
+## Description
+
+The response body contains content that matches the pattern of a Shippo API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.104 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.105.md b/doc/user/application_security/dast/checks/798.105.md
new file mode 100644
index 00000000000..20618a9d555
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.105.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Shopify access token
+
+## Description
+
+The response body contains content that matches the pattern of a Shopify access token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.105 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.106.md b/doc/user/application_security/dast/checks/798.106.md
new file mode 100644
index 00000000000..4f552302e85
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.106.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Shopify custom access token
+
+## Description
+
+The response body contains content that matches the pattern of a Shopify custom access token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.106 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.107.md b/doc/user/application_security/dast/checks/798.107.md
new file mode 100644
index 00000000000..2a5961b3905
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.107.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Shopify private app access token
+
+## Description
+
+The response body contains content that matches the pattern of a Shopify private app access token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.107 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.108.md b/doc/user/application_security/dast/checks/798.108.md
new file mode 100644
index 00000000000..23968bcf660
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.108.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Shopify shared secret
+
+## Description
+
+The response body contains content that matches the pattern of a Shopify shared secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.108 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.109.md b/doc/user/application_security/dast/checks/798.109.md
new file mode 100644
index 00000000000..57d6823d8a9
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.109.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Slack token
+
+## Description
+
+The response body contains content that matches the pattern of a Slack token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.109 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.11.md b/doc/user/application_security/dast/checks/798.11.md
new file mode 100644
index 00000000000..b12f86ba800
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.11.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Atlassian API token
+
+## Description
+
+The response body contains content that matches the pattern of a Atlassian API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.11 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.110.md b/doc/user/application_security/dast/checks/798.110.md
new file mode 100644
index 00000000000..8ac7a8a4be2
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.110.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Slack Webhook
+
+## Description
+
+The response body contains content that matches the pattern of a Slack Webhook.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.110 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.111.md b/doc/user/application_security/dast/checks/798.111.md
new file mode 100644
index 00000000000..ff05dcfe55b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.111.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Stripe
+
+## Description
+
+The response body contains content that matches the pattern of a Stripe.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.111 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.112.md b/doc/user/application_security/dast/checks/798.112.md
new file mode 100644
index 00000000000..4f5f89dab9c
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.112.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Square Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Square Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.112 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.113.md b/doc/user/application_security/dast/checks/798.113.md
new file mode 100644
index 00000000000..3f8d1a88ec0
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.113.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Squarespace Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Squarespace Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.113 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.114.md b/doc/user/application_security/dast/checks/798.114.md
new file mode 100644
index 00000000000..0b8235af8c7
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.114.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token SumoLogic Access ID
+
+## Description
+
+The response body contains content that matches the pattern of a SumoLogic Access ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.114 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.115.md b/doc/user/application_security/dast/checks/798.115.md
new file mode 100644
index 00000000000..052502ea962
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.115.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token SumoLogic Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a SumoLogic Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.115 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.116.md b/doc/user/application_security/dast/checks/798.116.md
new file mode 100644
index 00000000000..7b1f0eb907d
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.116.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Travis CI Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Travis CI Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.116 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.117.md b/doc/user/application_security/dast/checks/798.117.md
new file mode 100644
index 00000000000..5cd9817795a
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.117.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twilio API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Twilio API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.117 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.118.md b/doc/user/application_security/dast/checks/798.118.md
new file mode 100644
index 00000000000..a74233429df
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.118.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twitch API token
+
+## Description
+
+The response body contains content that matches the pattern of a Twitch API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.118 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.119.md b/doc/user/application_security/dast/checks/798.119.md
new file mode 100644
index 00000000000..80fada87b1c
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.119.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twitter API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Twitter API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.119 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.12.md b/doc/user/application_security/dast/checks/798.12.md
new file mode 100644
index 00000000000..6f8d0c83a94
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.12.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token AWS
+
+## Description
+
+The response body contains content that matches the pattern of a AWS.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.12 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.120.md b/doc/user/application_security/dast/checks/798.120.md
new file mode 100644
index 00000000000..639b5c6ffc2
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.120.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twitter API Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Twitter API Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.120 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.121.md b/doc/user/application_security/dast/checks/798.121.md
new file mode 100644
index 00000000000..e574760baa2
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.121.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twitter Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Twitter Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.121 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.122.md b/doc/user/application_security/dast/checks/798.122.md
new file mode 100644
index 00000000000..9acb82a6062
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.122.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twitter Access Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Twitter Access Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.122 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.123.md b/doc/user/application_security/dast/checks/798.123.md
new file mode 100644
index 00000000000..5d5c9df5f40
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.123.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Twitter Bearer Token
+
+## Description
+
+The response body contains content that matches the pattern of a Twitter Bearer Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.123 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.124.md b/doc/user/application_security/dast/checks/798.124.md
new file mode 100644
index 00000000000..4900ca44ba4
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.124.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Typeform API token
+
+## Description
+
+The response body contains content that matches the pattern of a Typeform API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.124 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.125.md b/doc/user/application_security/dast/checks/798.125.md
new file mode 100644
index 00000000000..1111ef91491
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.125.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Yandex API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Yandex API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.125 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.126.md b/doc/user/application_security/dast/checks/798.126.md
new file mode 100644
index 00000000000..6253f9a4a92
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.126.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Yandex AWS Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Yandex AWS Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.126 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.127.md b/doc/user/application_security/dast/checks/798.127.md
new file mode 100644
index 00000000000..86bb9613f16
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.127.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Yandex Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Yandex Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.127 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.128.md b/doc/user/application_security/dast/checks/798.128.md
new file mode 100644
index 00000000000..0db8cdd8005
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.128.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Zendesk Secret Key
+
+## Description
+
+The response body contains content that matches the pattern of a Zendesk Secret Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.128 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.13.md b/doc/user/application_security/dast/checks/798.13.md
new file mode 100644
index 00000000000..8cf2f7c2895
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.13.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Bitbucket Client ID
+
+## Description
+
+The response body contains content that matches the pattern of a Bitbucket Client ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.13 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.14.md b/doc/user/application_security/dast/checks/798.14.md
new file mode 100644
index 00000000000..85b88660b5a
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.14.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Bitbucket Client Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Bitbucket Client Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.14 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.15.md b/doc/user/application_security/dast/checks/798.15.md
new file mode 100644
index 00000000000..51f2fae0021
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.15.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Bittrex Access Key
+
+## Description
+
+The response body contains content that matches the pattern of a Bittrex Access Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.15 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.16.md b/doc/user/application_security/dast/checks/798.16.md
new file mode 100644
index 00000000000..872a97e70ea
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.16.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Bittrex Secret Key
+
+## Description
+
+The response body contains content that matches the pattern of a Bittrex Secret Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.16 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.17.md b/doc/user/application_security/dast/checks/798.17.md
new file mode 100644
index 00000000000..9e11af3bfe8
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.17.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Beamer API token
+
+## Description
+
+The response body contains content that matches the pattern of a Beamer API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.17 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.18.md b/doc/user/application_security/dast/checks/798.18.md
new file mode 100644
index 00000000000..71caa0a53ba
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.18.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Codecov Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Codecov Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.18 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.19.md b/doc/user/application_security/dast/checks/798.19.md
new file mode 100644
index 00000000000..6cfbab0e9d1
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.19.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Coinbase Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Coinbase Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.19 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.2.md b/doc/user/application_security/dast/checks/798.2.md
new file mode 100644
index 00000000000..766f4c75973
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.2.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Adobe Client ID (OAuth Web)
+
+## Description
+
+The response body contains content that matches the pattern of a Adobe Client ID (OAuth Web).
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.2 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.20.md b/doc/user/application_security/dast/checks/798.20.md
new file mode 100644
index 00000000000..83651142912
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.20.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Clojars API token
+
+## Description
+
+The response body contains content that matches the pattern of a Clojars API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.20 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.21.md b/doc/user/application_security/dast/checks/798.21.md
new file mode 100644
index 00000000000..93bf588c84b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.21.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Confluent Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Confluent Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.21 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.22.md b/doc/user/application_security/dast/checks/798.22.md
new file mode 100644
index 00000000000..7a8abbce7ba
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.22.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Confluent Secret Key
+
+## Description
+
+The response body contains content that matches the pattern of a Confluent Secret Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.22 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.23.md b/doc/user/application_security/dast/checks/798.23.md
new file mode 100644
index 00000000000..f5460e98079
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.23.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Contentful delivery API token
+
+## Description
+
+The response body contains content that matches the pattern of a Contentful delivery API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.23 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.24.md b/doc/user/application_security/dast/checks/798.24.md
new file mode 100644
index 00000000000..7a01197a6b8
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.24.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Databricks API token
+
+## Description
+
+The response body contains content that matches the pattern of a Databricks API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.24 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.25.md b/doc/user/application_security/dast/checks/798.25.md
new file mode 100644
index 00000000000..c5dcee20f61
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.25.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Datadog Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Datadog Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.25 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.26.md b/doc/user/application_security/dast/checks/798.26.md
new file mode 100644
index 00000000000..bfa5cb0588e
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.26.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Discord API key
+
+## Description
+
+The response body contains content that matches the pattern of a Discord API key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.26 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.27.md b/doc/user/application_security/dast/checks/798.27.md
new file mode 100644
index 00000000000..1210d91e741
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.27.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Discord client ID
+
+## Description
+
+The response body contains content that matches the pattern of a Discord client ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.27 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.28.md b/doc/user/application_security/dast/checks/798.28.md
new file mode 100644
index 00000000000..5f4718d8eb7
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.28.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Discord client secret
+
+## Description
+
+The response body contains content that matches the pattern of a Discord client secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.28 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.29.md b/doc/user/application_security/dast/checks/798.29.md
new file mode 100644
index 00000000000..90371a157a0
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.29.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Doppler API token
+
+## Description
+
+The response body contains content that matches the pattern of a Doppler API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.29 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.3.md b/doc/user/application_security/dast/checks/798.3.md
new file mode 100644
index 00000000000..43d69b77337
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.3.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Adobe Client Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Adobe Client Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.3 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.30.md b/doc/user/application_security/dast/checks/798.30.md
new file mode 100644
index 00000000000..db62b30b84b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.30.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Dropbox API secret
+
+## Description
+
+The response body contains content that matches the pattern of a Dropbox API secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.30 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.31.md b/doc/user/application_security/dast/checks/798.31.md
new file mode 100644
index 00000000000..8f03ba780e4
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.31.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Dropbox long lived API token
+
+## Description
+
+The response body contains content that matches the pattern of a Dropbox long lived API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.31 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.32.md b/doc/user/application_security/dast/checks/798.32.md
new file mode 100644
index 00000000000..d2ed4af9177
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.32.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Dropbox short lived API token
+
+## Description
+
+The response body contains content that matches the pattern of a Dropbox short lived API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.32 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.33.md b/doc/user/application_security/dast/checks/798.33.md
new file mode 100644
index 00000000000..5a264cf4286
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.33.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Droneci Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Droneci Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.33 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.34.md b/doc/user/application_security/dast/checks/798.34.md
new file mode 100644
index 00000000000..a9b02b75230
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.34.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Duffel API token
+
+## Description
+
+The response body contains content that matches the pattern of a Duffel API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.34 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.35.md b/doc/user/application_security/dast/checks/798.35.md
new file mode 100644
index 00000000000..5d35baec9bb
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.35.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Dynatrace API token
+
+## Description
+
+The response body contains content that matches the pattern of a Dynatrace API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.35 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.36.md b/doc/user/application_security/dast/checks/798.36.md
new file mode 100644
index 00000000000..e2e0f10f842
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.36.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token EasyPost API token
+
+## Description
+
+The response body contains content that matches the pattern of a EasyPost API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.36 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.37.md b/doc/user/application_security/dast/checks/798.37.md
new file mode 100644
index 00000000000..089dc8b3ecc
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.37.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token EasyPost test API token
+
+## Description
+
+The response body contains content that matches the pattern of a EasyPost test API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.37 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.38.md b/doc/user/application_security/dast/checks/798.38.md
new file mode 100644
index 00000000000..886cfcc701b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.38.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Etsy Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Etsy Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.38 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.39.md b/doc/user/application_security/dast/checks/798.39.md
new file mode 100644
index 00000000000..78a66d15b89
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.39.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Facebook
+
+## Description
+
+The response body contains content that matches the pattern of a Facebook.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.39 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.4.md b/doc/user/application_security/dast/checks/798.4.md
new file mode 100644
index 00000000000..2ff5db46d83
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.4.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Age secret key
+
+## Description
+
+The response body contains content that matches the pattern of a Age secret key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.4 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.40.md b/doc/user/application_security/dast/checks/798.40.md
new file mode 100644
index 00000000000..e6691bb7b3a
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.40.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Fastly API key
+
+## Description
+
+The response body contains content that matches the pattern of a Fastly API key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.40 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.41.md b/doc/user/application_security/dast/checks/798.41.md
new file mode 100644
index 00000000000..b4d097a9014
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.41.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Finicity Client Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Finicity Client Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.41 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.42.md b/doc/user/application_security/dast/checks/798.42.md
new file mode 100644
index 00000000000..30c380d13a5
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.42.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Finicity API token
+
+## Description
+
+The response body contains content that matches the pattern of a Finicity API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.42 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.43.md b/doc/user/application_security/dast/checks/798.43.md
new file mode 100644
index 00000000000..be984f7119a
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.43.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Flickr Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Flickr Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.43 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.44.md b/doc/user/application_security/dast/checks/798.44.md
new file mode 100644
index 00000000000..183cb49b2e7
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.44.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Finnhub Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Finnhub Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.44 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.45.md b/doc/user/application_security/dast/checks/798.45.md
new file mode 100644
index 00000000000..a800063f15d
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.45.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Finicity Public Key
+
+## Description
+
+The response body contains content that matches the pattern of a Finicity Public Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.45 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.46.md b/doc/user/application_security/dast/checks/798.46.md
new file mode 100644
index 00000000000..5bf658ff610
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.46.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Flutterwave Secret Key
+
+## Description
+
+The response body contains content that matches the pattern of a Flutterwave Secret Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.46 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.47.md b/doc/user/application_security/dast/checks/798.47.md
new file mode 100644
index 00000000000..a6c7b974b7f
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.47.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Flutterwave Encryption Key
+
+## Description
+
+The response body contains content that matches the pattern of a Flutterwave Encryption Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.47 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.48.md b/doc/user/application_security/dast/checks/798.48.md
new file mode 100644
index 00000000000..523232cb00c
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.48.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Frame.io API token
+
+## Description
+
+The response body contains content that matches the pattern of a Frame.io API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.48 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.49.md b/doc/user/application_security/dast/checks/798.49.md
new file mode 100644
index 00000000000..ab7f39c2376
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.49.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Freshbooks Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Freshbooks Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.49 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.5.md b/doc/user/application_security/dast/checks/798.5.md
new file mode 100644
index 00000000000..6d55dcf54df
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.5.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Airtable API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Airtable API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.5 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.50.md b/doc/user/application_security/dast/checks/798.50.md
new file mode 100644
index 00000000000..f0d864db119
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.50.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GoCardless API token
+
+## Description
+
+The response body contains content that matches the pattern of a GoCardless API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.50 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.51.md b/doc/user/application_security/dast/checks/798.51.md
new file mode 100644
index 00000000000..f131d31ae65
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.51.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GCP API key
+
+## Description
+
+The response body contains content that matches the pattern of a GCP API key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.51 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.52.md b/doc/user/application_security/dast/checks/798.52.md
new file mode 100644
index 00000000000..0c4ea4a540b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.52.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GitHub Personal Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a GitHub Personal Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.52 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.53.md b/doc/user/application_security/dast/checks/798.53.md
new file mode 100644
index 00000000000..62a548be627
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.53.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GitHub OAuth Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a GitHub OAuth Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.53 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.54.md b/doc/user/application_security/dast/checks/798.54.md
new file mode 100644
index 00000000000..d29677899a5
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.54.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GitHub App Token
+
+## Description
+
+The response body contains content that matches the pattern of a GitHub App Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.54 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.55.md b/doc/user/application_security/dast/checks/798.55.md
new file mode 100644
index 00000000000..4c3bd9147c0
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.55.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GitHub Refresh Token
+
+## Description
+
+The response body contains content that matches the pattern of a GitHub Refresh Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.55 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.56.md b/doc/user/application_security/dast/checks/798.56.md
new file mode 100644
index 00000000000..563ea1f91a8
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.56.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token GitLab Personal Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a GitLab Personal Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.56 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.57.md b/doc/user/application_security/dast/checks/798.57.md
new file mode 100644
index 00000000000..25b32953ebd
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.57.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Gitter Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Gitter Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.57 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.58.md b/doc/user/application_security/dast/checks/798.58.md
new file mode 100644
index 00000000000..056bcb0820a
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.58.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token HashiCorp Terraform user/org API token
+
+## Description
+
+The response body contains content that matches the pattern of a HashiCorp Terraform user/org API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.58 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.59.md b/doc/user/application_security/dast/checks/798.59.md
new file mode 100644
index 00000000000..b7e6b4fa32b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.59.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Heroku API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Heroku API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.59 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.6.md b/doc/user/application_security/dast/checks/798.6.md
new file mode 100644
index 00000000000..ce6ee95bede
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.6.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Algolia API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Algolia API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.6 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.60.md b/doc/user/application_security/dast/checks/798.60.md
new file mode 100644
index 00000000000..f471411440b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.60.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token HubSpot API Token
+
+## Description
+
+The response body contains content that matches the pattern of a HubSpot API Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.60 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.61.md b/doc/user/application_security/dast/checks/798.61.md
new file mode 100644
index 00000000000..061bf8f7360
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.61.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Intercom API Token
+
+## Description
+
+The response body contains content that matches the pattern of a Intercom API Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.61 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.62.md b/doc/user/application_security/dast/checks/798.62.md
new file mode 100644
index 00000000000..9c0f312b161
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.62.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Kraken Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Kraken Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.62 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.63.md b/doc/user/application_security/dast/checks/798.63.md
new file mode 100644
index 00000000000..51668619025
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.63.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Kucoin Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Kucoin Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.63 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.64.md b/doc/user/application_security/dast/checks/798.64.md
new file mode 100644
index 00000000000..12d20f96a42
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.64.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Kucoin Secret Key
+
+## Description
+
+The response body contains content that matches the pattern of a Kucoin Secret Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.64 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.65.md b/doc/user/application_security/dast/checks/798.65.md
new file mode 100644
index 00000000000..eb1dac62037
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.65.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Launchdarkly Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Launchdarkly Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.65 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.66.md b/doc/user/application_security/dast/checks/798.66.md
new file mode 100644
index 00000000000..8f20f9fa339
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.66.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Linear API Token
+
+## Description
+
+The response body contains content that matches the pattern of a Linear API Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.66 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.67.md b/doc/user/application_security/dast/checks/798.67.md
new file mode 100644
index 00000000000..7554c077376
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.67.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Linear Client Secret
+
+## Description
+
+The response body contains content that matches the pattern of a Linear Client Secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.67 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.68.md b/doc/user/application_security/dast/checks/798.68.md
new file mode 100644
index 00000000000..c633b949185
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.68.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token LinkedIn Client ID
+
+## Description
+
+The response body contains content that matches the pattern of a LinkedIn Client ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.68 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.69.md b/doc/user/application_security/dast/checks/798.69.md
new file mode 100644
index 00000000000..b34c2f01be6
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.69.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token LinkedIn Client secret
+
+## Description
+
+The response body contains content that matches the pattern of a LinkedIn Client secret.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.69 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.7.md b/doc/user/application_security/dast/checks/798.7.md
new file mode 100644
index 00000000000..43aba566471
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.7.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Alibaba AccessKey ID
+
+## Description
+
+The response body contains content that matches the pattern of a Alibaba AccessKey ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.7 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.70.md b/doc/user/application_security/dast/checks/798.70.md
new file mode 100644
index 00000000000..b7c1816481b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.70.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Lob API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Lob API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.70 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.71.md b/doc/user/application_security/dast/checks/798.71.md
new file mode 100644
index 00000000000..f0bcc43940d
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.71.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Lob Publishable API Key
+
+## Description
+
+The response body contains content that matches the pattern of a Lob Publishable API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.71 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.72.md b/doc/user/application_security/dast/checks/798.72.md
new file mode 100644
index 00000000000..48b2cffbbda
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.72.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Mailchimp API key
+
+## Description
+
+The response body contains content that matches the pattern of a Mailchimp API key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.72 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.73.md b/doc/user/application_security/dast/checks/798.73.md
new file mode 100644
index 00000000000..eae41a49782
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.73.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Mailgun public validation key
+
+## Description
+
+The response body contains content that matches the pattern of a Mailgun public validation key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.73 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.74.md b/doc/user/application_security/dast/checks/798.74.md
new file mode 100644
index 00000000000..9a4b909bf4b
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.74.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Mailgun private API token
+
+## Description
+
+The response body contains content that matches the pattern of a Mailgun private API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.74 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.75.md b/doc/user/application_security/dast/checks/798.75.md
new file mode 100644
index 00000000000..4c1cfd78003
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.75.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Mailgun webhook signing key
+
+## Description
+
+The response body contains content that matches the pattern of a Mailgun webhook signing key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.75 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.76.md b/doc/user/application_security/dast/checks/798.76.md
new file mode 100644
index 00000000000..87e6364184f
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.76.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token MapBox API token
+
+## Description
+
+The response body contains content that matches the pattern of a MapBox API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.76 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.77.md b/doc/user/application_security/dast/checks/798.77.md
new file mode 100644
index 00000000000..7b1becf4c19
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.77.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Mattermost Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Mattermost Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.77 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.78.md b/doc/user/application_security/dast/checks/798.78.md
new file mode 100644
index 00000000000..8d366d44c9d
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.78.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token MessageBird API token
+
+## Description
+
+The response body contains content that matches the pattern of a MessageBird API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.78 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.79.md b/doc/user/application_security/dast/checks/798.79.md
new file mode 100644
index 00000000000..9a580658a72
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.79.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token MessageBird client ID
+
+## Description
+
+The response body contains content that matches the pattern of a MessageBird client ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.79 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.8.md b/doc/user/application_security/dast/checks/798.8.md
new file mode 100644
index 00000000000..e6dfe1aa1cc
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.8.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Alibaba Secret Key
+
+## Description
+
+The response body contains content that matches the pattern of a Alibaba Secret Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.8 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.80.md b/doc/user/application_security/dast/checks/798.80.md
new file mode 100644
index 00000000000..c0a893264b0
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.80.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Netlify Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Netlify Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.80 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.81.md b/doc/user/application_security/dast/checks/798.81.md
new file mode 100644
index 00000000000..abf40705e7f
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.81.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token New Relic user API Key
+
+## Description
+
+The response body contains content that matches the pattern of a New Relic user API Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.81 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.82.md b/doc/user/application_security/dast/checks/798.82.md
new file mode 100644
index 00000000000..519555546b6
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.82.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token New Relic user API ID
+
+## Description
+
+The response body contains content that matches the pattern of a New Relic user API ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.82 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.83.md b/doc/user/application_security/dast/checks/798.83.md
new file mode 100644
index 00000000000..85bdd534390
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.83.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token New Relic ingest browser API token
+
+## Description
+
+The response body contains content that matches the pattern of a New Relic ingest browser API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.83 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.84.md b/doc/user/application_security/dast/checks/798.84.md
new file mode 100644
index 00000000000..74ebb4fcaf1
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.84.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token npm access token
+
+## Description
+
+The response body contains content that matches the pattern of a npm access token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.84 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.85.md b/doc/user/application_security/dast/checks/798.85.md
new file mode 100644
index 00000000000..0726bdc7fd8
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.85.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Nytimes Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Nytimes Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.85 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.86.md b/doc/user/application_security/dast/checks/798.86.md
new file mode 100644
index 00000000000..940a46b7658
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.86.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Okta Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a Okta Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.86 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.87.md b/doc/user/application_security/dast/checks/798.87.md
new file mode 100644
index 00000000000..8246bafc993
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.87.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Plaid Client ID
+
+## Description
+
+The response body contains content that matches the pattern of a Plaid Client ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.87 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.88.md b/doc/user/application_security/dast/checks/798.88.md
new file mode 100644
index 00000000000..57b029857ba
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.88.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Plaid Secret key
+
+## Description
+
+The response body contains content that matches the pattern of a Plaid Secret key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.88 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.89.md b/doc/user/application_security/dast/checks/798.89.md
new file mode 100644
index 00000000000..466044834dd
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.89.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Plaid API Token
+
+## Description
+
+The response body contains content that matches the pattern of a Plaid API Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.89 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.9.md b/doc/user/application_security/dast/checks/798.9.md
new file mode 100644
index 00000000000..12c725cfd08
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.9.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Asana Client ID
+
+## Description
+
+The response body contains content that matches the pattern of a Asana Client ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.9 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.90.md b/doc/user/application_security/dast/checks/798.90.md
new file mode 100644
index 00000000000..e0008af4918
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.90.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token PlanetScale password
+
+## Description
+
+The response body contains content that matches the pattern of a PlanetScale password.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.90 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.91.md b/doc/user/application_security/dast/checks/798.91.md
new file mode 100644
index 00000000000..be54e99360f
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.91.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token PlanetScale API token
+
+## Description
+
+The response body contains content that matches the pattern of a PlanetScale API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.91 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.92.md b/doc/user/application_security/dast/checks/798.92.md
new file mode 100644
index 00000000000..07ae24151f5
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.92.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token PlanetScale OAuth token
+
+## Description
+
+The response body contains content that matches the pattern of a PlanetScale OAuth token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.92 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.93.md b/doc/user/application_security/dast/checks/798.93.md
new file mode 100644
index 00000000000..661f460bf27
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.93.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Postman API token
+
+## Description
+
+The response body contains content that matches the pattern of a Postman API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.93 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.94.md b/doc/user/application_security/dast/checks/798.94.md
new file mode 100644
index 00000000000..4aeb15fee23
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.94.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Private Key
+
+## Description
+
+The response body contains content that matches the pattern of a Private Key.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.94 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.95.md b/doc/user/application_security/dast/checks/798.95.md
new file mode 100644
index 00000000000..13374aa67e0
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.95.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Pulumi API token
+
+## Description
+
+The response body contains content that matches the pattern of a Pulumi API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.95 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.96.md b/doc/user/application_security/dast/checks/798.96.md
new file mode 100644
index 00000000000..cb61bd38950
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.96.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token PyPI upload token
+
+## Description
+
+The response body contains content that matches the pattern of a PyPI upload token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.96 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.97.md b/doc/user/application_security/dast/checks/798.97.md
new file mode 100644
index 00000000000..93f03a692d7
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.97.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Rubygem API token
+
+## Description
+
+The response body contains content that matches the pattern of a Rubygem API token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.97 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.98.md b/doc/user/application_security/dast/checks/798.98.md
new file mode 100644
index 00000000000..aab4cb9c5ed
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.98.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token RapidAPI Access Token
+
+## Description
+
+The response body contains content that matches the pattern of a RapidAPI Access Token.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.98 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/798.99.md b/doc/user/application_security/dast/checks/798.99.md
new file mode 100644
index 00000000000..90c8aeda7ab
--- /dev/null
+++ b/doc/user/application_security/dast/checks/798.99.md
@@ -0,0 +1,26 @@
+---
+stage: Secure
+group: Dynamic Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Exposure of confidential secret or token Sendbird Access ID
+
+## Description
+
+The response body contains content that matches the pattern of a Sendbird Access ID.
+Exposing this value could allow attackers to gain access to all resources granted by this token.
+
+## Remediation
+
+Review the response body content and remove any exposed values.
+
+## Details
+
+| ID | Aggregated | CWE | Type | Risk |
+|:---|:--------|:--------|:--------|:--------|
+| 798.99 | false | 798 | Passive | High |
+
+## Links
+
+- [CWE](https://cwe.mitre.org/data/definitions/798.html)
diff --git a/doc/user/application_security/dast/checks/index.md b/doc/user/application_security/dast/checks/index.md
index a90c85abb4a..ff4e24f5fcd 100644
--- a/doc/user/application_security/dast/checks/index.md
+++ b/doc/user/application_security/dast/checks/index.md
@@ -35,5 +35,133 @@ The [DAST browser-based crawler](../browser_based.md) provides a number of vulne
 | [601.1](601.1.md) | URL redirection to untrusted site ('open redirect') | Low | Passive |
 | [614.1](614.1.md) | Sensitive cookie without Secure attribute | Low | Passive |
 | [693.1](693.1.md) | Missing X-Content-Type-Options: nosniff | Low | Passive |
+| [798.1](798.1.md) | Exposure of confidential secret or token Adafruit API Key | High | Passive |
+| [798.2](798.2.md) | Exposure of confidential secret or token Adobe Client ID (OAuth Web) | High | Passive |
+| [798.3](798.3.md) | Exposure of confidential secret or token Adobe Client Secret | High | Passive |
+| [798.4](798.4.md) | Exposure of confidential secret or token Age secret key | High | Passive |
+| [798.5](798.5.md) | Exposure of confidential secret or token Airtable API Key | High | Passive |
+| [798.6](798.6.md) | Exposure of confidential secret or token Algolia API Key | High | Passive |
+| [798.7](798.7.md) | Exposure of confidential secret or token Alibaba AccessKey ID | High | Passive |
+| [798.8](798.8.md) | Exposure of confidential secret or token Alibaba Secret Key | High | Passive |
+| [798.9](798.9.md) | Exposure of confidential secret or token Asana Client ID | High | Passive |
+| [798.10](798.10.md) | Exposure of confidential secret or token Asana Client Secret | High | Passive |
+| [798.11](798.11.md) | Exposure of confidential secret or token Atlassian API token | High | Passive |
+| [798.12](798.12.md) | Exposure of confidential secret or token AWS | High | Passive |
+| [798.13](798.13.md) | Exposure of confidential secret or token Bitbucket Client ID | High | Passive |
+| [798.14](798.14.md) | Exposure of confidential secret or token Bitbucket Client Secret | High | Passive |
+| [798.15](798.15.md) | Exposure of confidential secret or token Bittrex Access Key | High | Passive |
+| [798.16](798.16.md) | Exposure of confidential secret or token Bittrex Secret Key | High | Passive |
+| [798.17](798.17.md) | Exposure of confidential secret or token Beamer API token | High | Passive |
+| [798.18](798.18.md) | Exposure of confidential secret or token Codecov Access Token | High | Passive |
+| [798.19](798.19.md) | Exposure of confidential secret or token Coinbase Access Token | High | Passive |
+| [798.20](798.20.md) | Exposure of confidential secret or token Clojars API token | High | Passive |
+| [798.21](798.21.md) | Exposure of confidential secret or token Confluent Access Token | High | Passive |
+| [798.22](798.22.md) | Exposure of confidential secret or token Confluent Secret Key | High | Passive |
+| [798.23](798.23.md) | Exposure of confidential secret or token Contentful delivery API token | High | Passive |
+| [798.24](798.24.md) | Exposure of confidential secret or token Databricks API token | High | Passive |
+| [798.25](798.25.md) | Exposure of confidential secret or token Datadog Access Token | High | Passive |
+| [798.26](798.26.md) | Exposure of confidential secret or token Discord API key | High | Passive |
+| [798.27](798.27.md) | Exposure of confidential secret or token Discord client ID | High | Passive |
+| [798.28](798.28.md) | Exposure of confidential secret or token Discord client secret | High | Passive |
+| [798.29](798.29.md) | Exposure of confidential secret or token Doppler API token | High | Passive |
+| [798.30](798.30.md) | Exposure of confidential secret or token Dropbox API secret | High | Passive |
+| [798.31](798.31.md) | Exposure of confidential secret or token Dropbox long lived API token | High | Passive |
+| [798.32](798.32.md) | Exposure of confidential secret or token Dropbox short lived API token | High | Passive |
+| [798.33](798.33.md) | Exposure of confidential secret or token Droneci Access Token | High | Passive |
+| [798.34](798.34.md) | Exposure of confidential secret or token Duffel API token | High | Passive |
+| [798.35](798.35.md) | Exposure of confidential secret or token Dynatrace API token | High | Passive |
+| [798.36](798.36.md) | Exposure of confidential secret or token EasyPost API token | High | Passive |
+| [798.37](798.37.md) | Exposure of confidential secret or token EasyPost test API token | High | Passive |
+| [798.38](798.38.md) | Exposure of confidential secret or token Etsy Access Token | High | Passive |
+| [798.39](798.39.md) | Exposure of confidential secret or token Facebook | High | Passive |
+| [798.40](798.40.md) | Exposure of confidential secret or token Fastly API key | High | Passive |
+| [798.41](798.41.md) | Exposure of confidential secret or token Finicity Client Secret | High | Passive |
+| [798.42](798.42.md) | Exposure of confidential secret or token Finicity API token | High | Passive |
+| [798.43](798.43.md) | Exposure of confidential secret or token Flickr Access Token | High | Passive |
+| [798.44](798.44.md) | Exposure of confidential secret or token Finnhub Access Token | High | Passive |
+| [798.45](798.45.md) | Exposure of confidential secret or token Finicity Public Key | High | Passive |
+| [798.46](798.46.md) | Exposure of confidential secret or token Flutterwave Secret Key | High | Passive |
+| [798.47](798.47.md) | Exposure of confidential secret or token Flutterwave Encryption Key | High | Passive |
+| [798.48](798.48.md) | Exposure of confidential secret or token Frame.io API token | High | Passive |
+| [798.49](798.49.md) | Exposure of confidential secret or token Freshbooks Access Token | High | Passive |
+| [798.50](798.50.md) | Exposure of confidential secret or token GoCardless API token | High | Passive |
+| [798.51](798.51.md) | Exposure of confidential secret or token GCP API key | High | Passive |
+| [798.52](798.52.md) | Exposure of confidential secret or token GitHub Personal Access Token | High | Passive |
+| [798.53](798.53.md) | Exposure of confidential secret or token GitHub OAuth Access Token | High | Passive |
+| [798.54](798.54.md) | Exposure of confidential secret or token GitHub App Token | High | Passive |
+| [798.55](798.55.md) | Exposure of confidential secret or token GitHub Refresh Token | High | Passive |
+| [798.56](798.56.md) | Exposure of confidential secret or token GitLab Personal Access Token | High | Passive |
+| [798.57](798.57.md) | Exposure of confidential secret or token Gitter Access Token | High | Passive |
+| [798.58](798.58.md) | Exposure of confidential secret or token HashiCorp Terraform user/org API token | High | Passive |
+| [798.59](798.59.md) | Exposure of confidential secret or token Heroku API Key | High | Passive |
+| [798.60](798.60.md) | Exposure of confidential secret or token HubSpot API Token | High | Passive |
+| [798.61](798.61.md) | Exposure of confidential secret or token Intercom API Token | High | Passive |
+| [798.62](798.62.md) | Exposure of confidential secret or token Kraken Access Token | High | Passive |
+| [798.63](798.63.md) | Exposure of confidential secret or token Kucoin Access Token | High | Passive |
+| [798.64](798.64.md) | Exposure of confidential secret or token Kucoin Secret Key | High | Passive |
+| [798.65](798.65.md) | Exposure of confidential secret or token Launchdarkly Access Token | High | Passive |
+| [798.66](798.66.md) | Exposure of confidential secret or token Linear API Token | High | Passive |
+| [798.67](798.67.md) | Exposure of confidential secret or token Linear Client Secret | High | Passive |
+| [798.68](798.68.md) | Exposure of confidential secret or token LinkedIn Client ID | High | Passive |
+| [798.69](798.69.md) | Exposure of confidential secret or token LinkedIn Client secret | High | Passive |
+| [798.70](798.70.md) | Exposure of confidential secret or token Lob API Key | High | Passive |
+| [798.71](798.71.md) | Exposure of confidential secret or token Lob Publishable API Key | High | Passive |
+| [798.72](798.72.md) | Exposure of confidential secret or token Mailchimp API key | High | Passive |
+| [798.73](798.73.md) | Exposure of confidential secret or token Mailgun public validation key | High | Passive |
+| [798.74](798.74.md) | Exposure of confidential secret or token Mailgun private API token | High | Passive |
+| [798.75](798.75.md) | Exposure of confidential secret or token Mailgun webhook signing key | High | Passive |
+| [798.76](798.76.md) | Exposure of confidential secret or token MapBox API token | High | Passive |
+| [798.77](798.77.md) | Exposure of confidential secret or token Mattermost Access Token | High | Passive |
+| [798.78](798.78.md) | Exposure of confidential secret or token MessageBird API token | High | Passive |
+| [798.79](798.79.md) | Exposure of confidential secret or token MessageBird client ID | High | Passive |
+| [798.80](798.80.md) | Exposure of confidential secret or token Netlify Access Token | High | Passive |
+| [798.81](798.81.md) | Exposure of confidential secret or token New Relic user API Key | High | Passive |
+| [798.82](798.82.md) | Exposure of confidential secret or token New Relic user API ID | High | Passive |
+| [798.83](798.83.md) | Exposure of confidential secret or token New Relic ingest browser API token | High | Passive |
+| [798.84](798.84.md) | Exposure of confidential secret or token npm access token | High | Passive |
+| [798.85](798.85.md) | Exposure of confidential secret or token Nytimes Access Token | High | Passive |
+| [798.86](798.86.md) | Exposure of confidential secret or token Okta Access Token | High | Passive |
+| [798.87](798.87.md) | Exposure of confidential secret or token Plaid Client ID | High | Passive |
+| [798.88](798.88.md) | Exposure of confidential secret or token Plaid Secret key | High | Passive |
+| [798.89](798.89.md) | Exposure of confidential secret or token Plaid API Token | High | Passive |
+| [798.90](798.90.md) | Exposure of confidential secret or token PlanetScale password | High | Passive |
+| [798.91](798.91.md) | Exposure of confidential secret or token PlanetScale API token | High | Passive |
+| [798.92](798.92.md) | Exposure of confidential secret or token PlanetScale OAuth token | High | Passive |
+| [798.93](798.93.md) | Exposure of confidential secret or token Postman API token | High | Passive |
+| [798.94](798.94.md) | Exposure of confidential secret or token Private Key | High | Passive |
+| [798.95](798.95.md) | Exposure of confidential secret or token Pulumi API token | High | Passive |
+| [798.96](798.96.md) | Exposure of confidential secret or token PyPI upload token | High | Passive |
+| [798.97](798.97.md) | Exposure of confidential secret or token Rubygem API token | High | Passive |
+| [798.98](798.98.md) | Exposure of confidential secret or token RapidAPI Access Token | High | Passive |
+| [798.99](798.99.md) | Exposure of confidential secret or token Sendbird Access ID | High | Passive |
+| [798.100](798.100.md) | Exposure of confidential secret or token Sendbird Access Token | High | Passive |
+| [798.101](798.101.md) | Exposure of confidential secret or token SendGrid API token | High | Passive |
+| [798.102](798.102.md) | Exposure of confidential secret or token Sendinblue API token | High | Passive |
+| [798.103](798.103.md) | Exposure of confidential secret or token Sentry Access Token | High | Passive |
+| [798.104](798.104.md) | Exposure of confidential secret or token Shippo API token | High | Passive |
+| [798.105](798.105.md) | Exposure of confidential secret or token Shopify access token | High | Passive |
+| [798.106](798.106.md) | Exposure of confidential secret or token Shopify custom access token | High | Passive |
+| [798.107](798.107.md) | Exposure of confidential secret or token Shopify private app access token | High | Passive |
+| [798.108](798.108.md) | Exposure of confidential secret or token Shopify shared secret | High | Passive |
+| [798.109](798.109.md) | Exposure of confidential secret or token Slack token | High | Passive |
+| [798.110](798.110.md) | Exposure of confidential secret or token Slack Webhook | High | Passive |
+| [798.111](798.111.md) | Exposure of confidential secret or token Stripe | High | Passive |
+| [798.112](798.112.md) | Exposure of confidential secret or token Square Access Token | High | Passive |
+| [798.113](798.113.md) | Exposure of confidential secret or token Squarespace Access Token | High | Passive |
+| [798.114](798.114.md) | Exposure of confidential secret or token SumoLogic Access ID | High | Passive |
+| [798.115](798.115.md) | Exposure of confidential secret or token SumoLogic Access Token | High | Passive |
+| [798.116](798.116.md) | Exposure of confidential secret or token Travis CI Access Token | High | Passive |
+| [798.117](798.117.md) | Exposure of confidential secret or token Twilio API Key | High | Passive |
+| [798.118](798.118.md) | Exposure of confidential secret or token Twitch API token | High | Passive |
+| [798.119](798.119.md) | Exposure of confidential secret or token Twitter API Key | High | Passive |
+| [798.120](798.120.md) | Exposure of confidential secret or token Twitter API Secret | High | Passive |
+| [798.121](798.121.md) | Exposure of confidential secret or token Twitter Access Token | High | Passive |
+| [798.122](798.122.md) | Exposure of confidential secret or token Twitter Access Secret | High | Passive |
+| [798.123](798.123.md) | Exposure of confidential secret or token Twitter Bearer Token | High | Passive |
+| [798.124](798.124.md) | Exposure of confidential secret or token Typeform API token | High | Passive |
+| [798.125](798.125.md) | Exposure of confidential secret or token Yandex API Key | High | Passive |
+| [798.126](798.126.md) | Exposure of confidential secret or token Yandex AWS Access Token | High | Passive |
+| [798.127](798.127.md) | Exposure of confidential secret or token Yandex Access Token | High | Passive |
+| [798.128](798.128.md) | Exposure of confidential secret or token Zendesk Secret Key | High | Passive |
 | [829.1](829.1.md) | Inclusion of Functionality from Untrusted Control Sphere | Low | Passive |
 | [829.2](829.2.md) | Invalid Sub-Resource Integrity values detected | Medium | Passive |
diff --git a/lib/gitlab/usage_data_counters/known_events/analytics.yml b/lib/gitlab/usage_data_counters/known_events/analytics.yml
index 733f570d2e8..76c97a974d7 100644
--- a/lib/gitlab/usage_data_counters/known_events/analytics.yml
+++ b/lib/gitlab/usage_data_counters/known_events/analytics.yml
@@ -82,6 +82,10 @@
   category: analytics
   redis_slot: analytics
   aggregation: weekly
+- name: p_analytics_ci_cd_change_failure_rate
+  category: analytics
+  redis_slot: analytics
+  aggregation: weekly
 - name: g_analytics_ci_cd_release_statistics
   category: analytics
   redis_slot: analytics
@@ -98,3 +102,7 @@
   category: analytics
   redis_slot: analytics
   aggregation: weekly
+- name: g_analytics_ci_cd_change_failure_rate
+  category: analytics
+  redis_slot: analytics
+  aggregation: weekly
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 69c5ee7999e..e1f6838fc1d 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -18751,9 +18751,6 @@ msgstr ""
 msgid "GroupsNew|Import groups from another instance of GitLab"
 msgstr ""
 
-msgid "GroupsNew|My Awesome Group"
-msgstr ""
-
 msgid "GroupsNew|No import options available"
 msgstr ""
 
@@ -25731,12 +25728,6 @@ msgstr ""
 msgid "New group"
 msgstr ""
 
-msgid "New group URL"
-msgstr ""
-
-msgid "New group name"
-msgstr ""
-
 msgid "New health check access token has been generated!"
 msgstr ""
 
diff --git a/qa/qa/page/group/new.rb b/qa/qa/page/group/new.rb
index c24712b9418..09a9af7aaf7 100644
--- a/qa/qa/page/group/new.rb
+++ b/qa/qa/page/group/new.rb
@@ -6,7 +6,7 @@ module QA
       class New < Page::Base
         include Page::Component::VisibilitySetting
 
-        view 'app/views/shared/_group_form.html.haml' do
+        view 'app/assets/javascripts/groups/components/group_name_and_path.vue' do
           element :group_path_field
           element :group_name_field
         end
diff --git a/qa/qa/page/merge_request/show.rb b/qa/qa/page/merge_request/show.rb
index 98e22890cc5..27c12a4e21f 100644
--- a/qa/qa/page/merge_request/show.rb
+++ b/qa/qa/page/merge_request/show.rb
@@ -222,7 +222,7 @@ module QA
         def has_pipeline_status?(text)
           # Pipelines can be slow, so we wait a bit longer than the usual 10 seconds
           wait_until(max_duration: 120, sleep_interval: 5, reload: true) do
-            has_element?(:merge_request_pipeline_info_content, text: text, wait: 15 )
+            has_element?(:merge_request_pipeline_info_content, text: text, wait: 15)
           end
         end
 
@@ -277,6 +277,11 @@ module QA
           has_element?(:merge_button, disabled: false)
         end
 
+        # Waits up 10 seconds and returns false if the Revert button is not enabled
+        def revertible?
+          has_element?(:revert_button, disabled: false, wait: 10)
+        end
+
         # Waits up 60 seconds and raises an error if unable to merge.
         #
         # If a state is encountered in which a user would typically refresh the page, this will refresh the page and
diff --git a/qa/qa/specs/features/browser_ui/3_create/merge_request/revert/reverting_merge_request_spec.rb b/qa/qa/specs/features/browser_ui/3_create/merge_request/revert/reverting_merge_request_spec.rb
index d66895de9c1..948aedf5aae 100644
--- a/qa/qa/specs/features/browser_ui/3_create/merge_request/revert/reverting_merge_request_spec.rb
+++ b/qa/qa/specs/features/browser_ui/3_create/merge_request/revert/reverting_merge_request_spec.rb
@@ -9,7 +9,7 @@ module QA
         end
       end
 
-      let(:revertable_merge_request) do
+      let(:revertible_merge_request) do
         Resource::MergeRequest.fabricate_via_api! do |merge_request|
           merge_request.project = project
         end
@@ -20,10 +20,11 @@ module QA
       end
 
       it 'can be reverted', :can_use_large_setup, testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347709' do
-        revertable_merge_request.visit!
+        revertible_merge_request.visit!
 
         Page::MergeRequest::Show.perform do |merge_request|
           merge_request.merge!
+          expect(merge_request).to be_revertible, 'Expected merge request to be in a state to be reverted.'
           merge_request.revert_change!
         end
 
@@ -31,7 +32,7 @@ module QA
 
         Page::MergeRequest::Show.perform do |merge_request|
           merge_request.click_diffs_tab
-          expect(merge_request).to have_file(revertable_merge_request.file_name)
+          expect(merge_request).to have_file(revertible_merge_request.file_name)
         end
       end
     end
diff --git a/spec/controllers/projects/pipelines_controller_spec.rb b/spec/controllers/projects/pipelines_controller_spec.rb
index 92fa5d4f51e..06930d8727b 100644
--- a/spec/controllers/projects/pipelines_controller_spec.rb
+++ b/spec/controllers/projects/pipelines_controller_spec.rb
@@ -831,6 +831,10 @@ RSpec.describe Projects::PipelinesController do
       {
         chart_param: 'time-to-restore-service',
         event: 'p_analytics_ci_cd_time_to_restore_service'
+      },
+      {
+        chart_param: 'change-failure-rate',
+        event: 'p_analytics_ci_cd_change_failure_rate'
       }
     ].each do |tab|
       it_behaves_like 'tracking unique visits', :charts do
diff --git a/spec/features/groups/import_export/import_file_spec.rb b/spec/features/groups/import_export/import_file_spec.rb
index 4147b4982df..b69b8bf2c19 100644
--- a/spec/features/groups/import_export/import_file_spec.rb
+++ b/spec/features/groups/import_export/import_file_spec.rb
@@ -20,94 +20,6 @@ RSpec.describe 'Import/Export - Group Import', :js do
     FileUtils.rm_rf(import_path, secure: true)
   end
 
-  context 'when `group_name_path_vue` feature flag is disabled' do
-    before do
-      stub_feature_flags(group_name_path_vue: false)
-    end
-
-    context 'when the user uploads a valid export file' do
-      let(:file) { File.join(Rails.root, 'spec', %w[fixtures group_export.tar.gz]) }
-
-      context 'when using the pre-filled path', :sidekiq_inline do
-        it 'successfully imports the group' do
-          group_name = 'Test Group Import'
-
-          visit new_group_path
-          click_link 'Import group'
-
-          fill_in :import_group_name, with: group_name
-
-          expect(page).to have_content 'Import group from file'
-          attach_file(file) do
-            find('.js-filepicker-button').click
-          end
-
-          expect { click_on 'Import' }.to change { Group.count }.by 1
-
-          group = Group.find_by(name: group_name)
-
-          expect(group).not_to be_nil
-          expect(group.description).to eq 'A voluptate non sequi temporibus quam at.'
-          expect(group.path).to eq 'test-group-import'
-          expect(group.import_state.status).to eq GroupImportState.state_machine.states[:finished].value
-        end
-      end
-
-      context 'when modifying the pre-filled path' do
-        it 'successfully imports the group' do
-          visit new_group_path
-          click_link 'Import group'
-
-          fill_in :import_group_name, with: 'Test Group Import'
-
-          fill_in :import_group_path, with: 'custom-path'
-          attach_file(file) do
-            find('.js-filepicker-button').click
-          end
-
-          expect { click_on 'Import' }.to change { Group.count }.by 1
-
-          group = Group.find_by(name: 'Test Group Import')
-          expect(group.path).to eq 'custom-path'
-        end
-      end
-
-      context 'when the path is already taken' do
-        before do
-          create(:group, path: 'test-group-import')
-        end
-
-        it 'suggests a unique path' do
-          visit new_group_path
-          click_link 'Import group'
-
-          fill_in :import_group_path, with: 'test-group-import'
-          expect(page).to have_content "Group path is already taken. We've suggested one that is available."
-        end
-      end
-    end
-
-    context 'when the user uploads an invalid export file' do
-      let(:file) { File.join(Rails.root, 'spec', %w[fixtures big-image.png]) }
-
-      it 'displays an error', quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/343995' do
-        visit new_group_path
-        click_link 'Import group'
-
-        fill_in :import_group_name, with: 'Test Group Import'
-        attach_file(file) do
-          find('.js-filepicker-button').click
-        end
-
-        expect { click_on 'Import' }.not_to change { Group.count }
-
-        page.within('.flash-container') do
-          expect(page).to have_content('Unable to process group import file')
-        end
-      end
-    end
-  end
-
   context 'when the user uploads a valid export file' do
     let(:file) { File.join(Rails.root, 'spec', %w[fixtures group_export.tar.gz]) }
 
diff --git a/spec/frontend/projects/pipelines/charts/components/app_spec.js b/spec/frontend/projects/pipelines/charts/components/app_spec.js
index df8455531b3..7b9011fa3d9 100644
--- a/spec/frontend/projects/pipelines/charts/components/app_spec.js
+++ b/spec/frontend/projects/pipelines/charts/components/app_spec.js
@@ -130,6 +130,7 @@ describe('ProjectsPipelinesChartsApp', () => {
         ${'deployment-frequency-tab'}    | ${'p_analytics_ci_cd_deployment_frequency'}
         ${'lead-time-tab'}               | ${'p_analytics_ci_cd_lead_time'}
         ${'time-to-restore-service-tab'} | ${'p_analytics_ci_cd_time_to_restore_service'}
+        ${'change-failure-rate-tab'}     | ${'p_analytics_ci_cd_change_failure_rate'}
       `('tracks the $event event when clicked', ({ testId, event }) => {
         jest.spyOn(API, 'trackRedisHllUserEvent');
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-07-13 06:08:10 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-07-13 06:08:10 +0300
commit	58f103ba8fa4a64ca54c80713123dbf87e41459f (patch)
tree	707b0443b4ecc0895511b8394c843af4f8355ba3
parent	f7ccc56576ffd6bfdefddf2f50fed1d0aa419a3d (diff)