Add latest changes from gitlab-org/gitlab@16-1-stable-eev16.1.0-rc42

30 files changed, 479 insertions, 53 deletions

diff --git a/data/deprecations/15-1-pipelinesecurityreportfinding-projectfingerprint.yml b/data/deprecations/15-1-pipelinesecurityreportfinding-projectfingerprint.yml
index 576b8a195c5..6d6d2ec137a 100644
--- a/data/deprecations/15-1-pipelinesecurityreportfinding-projectfingerprint.yml
+++ b/data/deprecations/15-1-pipelinesecurityreportfinding-projectfingerprint.yml
@@ -6,7 +6,7 @@
   stage: Secure  # (required) String value of the stage that the feature was created in. e.g., Growth
   issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/343475  # (required) Link to the deprecation issue in GitLab
   body: |  # (required) Do not modify this line, instead modify the lines below.
-    The [`project_fingerprint`](https://gitlab.com/groups/gitlab-org/-/epics/2791) attribute of vulnerability findings is being deprecated in favor of a `uuid` attribute. By using UUIDv5 values to identify findings, we can easily associate any related entity with a finding. The `project_fingerprint` attribute is no longer being used to track findings, and will be removed in GitLab 17.0.
+    The [`project_fingerprint`](https://gitlab.com/groups/gitlab-org/-/epics/2791) attribute of vulnerability findings is being deprecated in favor of a `uuid` attribute. By using UUIDv5 values to identify findings, we can easily associate any related entity with a finding. The `project_fingerprint` attribute is no longer being used to track findings, and will be removed in GitLab 17.0.  Starting in 16.1, the output of `project_fingerprint` returns the same value as the `uuid` field.
 # The following items are not published on the docs page, but may be used in the future.
   tiers: Ultimate  # (optional - may be required in the future) An array of tiers that the feature is available in currently.  e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
   documentation_url:  # (optional) This is a link to the current documentation page
diff --git a/data/deprecations/15-10-grafana-chart.yml b/data/deprecations/15-10-grafana-chart.yml
index 48070560bfb..ac66aca7910 100644
--- a/data/deprecations/15-10-grafana-chart.yml
+++ b/data/deprecations/15-10-grafana-chart.yml
@@ -33,5 +33,5 @@
     If you're using the bundled Grafana, you should switch to the [newer chart version from Grafana Labs](https://artifacthub.io/packages/helm/grafana/grafana)
     or a Grafana Operator from a trusted provider.
 
-    In your new Grafana instance, you can [configure the GitLab provided Prometheus as a data source](https://docs.gitlab.com/ee/administration/monitoring/performance/grafana_configuration.html#integration-with-gitlab-ui)
-    and [connect Grafana to the GitLab UI](https://docs.gitlab.com/ee/administration/monitoring/performance/grafana_configuration.html#integration-with-gitlab-ui).
+    In your new Grafana instance, you can [configure the GitLab provided Prometheus as a data source](https://docs.gitlab.com/ee/administration/monitoring/performance/grafana_configuration.html#configure-grafana)
+    and [connect Grafana to the GitLab UI](https://docs.gitlab.com/ee/administration/monitoring/performance/grafana_configuration.html#integrate-with-gitlab-ui).
diff --git a/data/deprecations/15-4-confidence-field-in-graphql.yml b/data/deprecations/15-4-confidence-field-in-graphql.yml
index 7f6e0d64c2e..375549a2515 100644
--- a/data/deprecations/15-4-confidence-field-in-graphql.yml
+++ b/data/deprecations/15-4-confidence-field-in-graphql.yml
@@ -1,6 +1,6 @@
 - title: "Vulnerability confidence field"
   announcement_milestone: "15.4"
-  removal_milestone: "16.0"
+  removal_milestone: "17.0"
   breaking_change: true
   reporter: matt_wilson
   stage: govern
@@ -9,4 +9,4 @@
    In GitLab 15.3, [security report schemas below version 15 were deprecated](https://docs.gitlab.com/ee/update/deprecations.html#security-report-schemas-version-14xx).
    The `confidence` attribute on vulnerability findings exists only in schema versions before `15-0-0`, and therefore is effectively deprecated since GitLab 15.4 supports schema version `15-0-0`. To maintain consistency
    between the reports and our public APIs, the `confidence` attribute on any vulnerability-related components of our GraphQL API is now deprecated and will be
-   removed in 16.0.
+   removed in 17.0.
diff --git a/data/deprecations/15-6-deprecate-post-api-v4-runner.yml b/data/deprecations/15-6-deprecate-post-api-v4-runner.yml
index 8c2931faf78..786132b19b5 100644
--- a/data/deprecations/15-6-deprecate-post-api-v4-runner.yml
+++ b/data/deprecations/15-6-deprecate-post-api-v4-runner.yml
@@ -10,7 +10,9 @@
     The support for registration tokens and certain runner configuration arguments in the `POST` method operation on the `/api/v4/runners` endpoint is deprecated.
     This endpoint [registers](https://docs.gitlab.com/ee/api/runners.html#register-a-new-runner) a runner
     with a GitLab instance at the instance, group, or project level through the API. Registration tokens, and support for certain configuration arguments,
-    will be disabled behind a feature flag in GitLab 16.6 and removed in GitLab 17.0. The configuration arguments disabled for authentication tokens are:
+    will start returning the HTTP `410 Gone` status code in GitLab 17.0. For more information, see [Migrating to the new runner registration workflow](../ci/runners/new_creation_workflow.md).
+
+    The configuration arguments disabled for authentication tokens are:
 
     - `--locked`
     - `--access-level`
diff --git a/data/deprecations/15-6-deprecate-runner-register-command.yml b/data/deprecations/15-6-deprecate-runner-register-command.yml
index cb9b9f517cd..81e0f46078f 100644
--- a/data/deprecations/15-6-deprecate-runner-register-command.yml
+++ b/data/deprecations/15-6-deprecate-runner-register-command.yml
@@ -9,7 +9,8 @@
   body: |  # (required) Do not modify this line, instead modify the lines below.
     Registration tokens and certain configuration arguments in the command `gitlab-runner register` that [registers](https://docs.gitlab.com/runner/register/) a runner, are deprecated.
     Authentication tokens will be used to register runners instead. Registration tokens, and support for certain configuration arguments,
-    will be disabled behind a feature flag in GitLab 16.6 and removed in GitLab 17.0. The configuration arguments disabled for authentication tokens are:
+    will be removed in GitLab 17.0. For more information, see [Migrating to the new runner registration workflow](../ci/runners/new_creation_workflow.md).
+    The configuration arguments disabled for authentication tokens are:
 
     - `--locked`
     - `--access-level`
diff --git a/data/deprecations/15-6-deprecate-runner-register-token-k8s-operator.yml b/data/deprecations/15-6-deprecate-runner-register-token-k8s-operator.yml
index da184cfbe43..61b117feb35 100644
--- a/data/deprecations/15-6-deprecate-runner-register-token-k8s-operator.yml
+++ b/data/deprecations/15-6-deprecate-runner-register-token-k8s-operator.yml
@@ -8,7 +8,8 @@
   issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/382077  # (required) Link to the deprecation issue in GitLab
   body: |  # (required) Do not modify this line, instead modify the lines below.
     The [`runner-registration-token`](https://docs.gitlab.com/runner/install/operator.html#install-the-kubernetes-operator) parameter that uses the OpenShift and Kubernetes Vanilla Operator to install a runner on Kubernetes is deprecated. Authentication tokens will be used to register runners instead. Registration tokens, and support for certain configuration arguments,
-    will be disabled behind a feature flag in GitLab 16.6 and removed in GitLab 17.0. The configuration arguments disabled for authentication tokens are:
+    will be removed in GitLab 17.0. For more information, see [Migrating to the new runner registration workflow](../ci/runners/new_creation_workflow.md).
+    The configuration arguments disabled for authentication tokens are:
 
     - `--locked`
     - `--access-level`
diff --git a/data/deprecations/15-7-deprecate-api-v4-runner-registration-token-reset-endpoints.yml b/data/deprecations/15-7-deprecate-api-v4-runner-registration-token-reset-endpoints.yml
index b3031850ca3..3a9690e0836 100644
--- a/data/deprecations/15-7-deprecate-api-v4-runner-registration-token-reset-endpoints.yml
+++ b/data/deprecations/15-7-deprecate-api-v4-runner-registration-token-reset-endpoints.yml
@@ -8,7 +8,7 @@
   issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/383341  # (required) Link to the deprecation issue in GitLab
   body: |  # (required) Do not modify this line, instead modify the lines below.
     The support for runner registration tokens is deprecated. As a consequence, the REST API endpoints to reset a registration token are also deprecated and will
-    be removed in GitLab 17.0.
+    return the HTTP `410 Gone` status code in GitLab 17.0.
     The deprecated endpoints are:
 
     - `POST /runners/reset_registration_token`
diff --git a/data/deprecations/15-9-database-single-database-connection-conf.yml b/data/deprecations/15-9-database-single-database-connection-conf.yml
index c7d59e860ca..de4ae51d615 100644
--- a/data/deprecations/15-9-database-single-database-connection-conf.yml
+++ b/data/deprecations/15-9-database-single-database-connection-conf.yml
@@ -6,6 +6,8 @@
   stage: Enablement
   issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/387898
   body: |
+    This deprecation is now superseded by another [deprecation notice](#running-a-single-database-is-deprecated).
+
     Previously, [GitLab's database](https://docs.gitlab.com/omnibus/settings/database.html)
     configuration had a single `main:` section. This is being deprecated. The new
     configuration has both a `main:` and a `ci:` section.
diff --git a/data/deprecations/15-9-rails-error-tracking.yml b/data/deprecations/15-9-rails-error-tracking.yml
deleted file mode 100644
index 4d9fc371213..00000000000
--- a/data/deprecations/15-9-rails-error-tracking.yml
+++ /dev/null
@@ -1,16 +0,0 @@
-- title: "Error Tracking UI in GitLab Rails is deprecated"
-  announcement_milestone: "15.9"
-  removal_milestone: "16.6"
-  breaking_change: true
-  reporter: kbychu
-  stage: monitor
-  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/389991
-  body: |
-    The [Error Tracking UI](https://docs.gitlab.com/ee/operations/error_tracking.html) is deprecated in 15.9 and will be removed in 16.6 (milestone might change) once GitLab Observability UI is made available. In future versions, you should use the [GitLab Observability UI](https://gitlab.com/gitlab-org/opstrace/opstrace-ui/), which will gradually be made available on GitLab.com over the next few releases.
-
-    During the transition to the GitLab Observability UI, we will migrate the [GitLab Observability Backend](https://gitlab.com/gitlab-org/opstrace/opstrace) from a per-cluster deployment model to a per-tenant deployment model. Because [Integrated Error Tracking](https://docs.gitlab.com/ee/operations/error_tracking.html#integrated-error-tracking) is in Open Beta, we will not migrate any existing user data. For more details about the migration, see the direction pages for:
-
-    - [Observability](https://about.gitlab.com/direction/monitor/observability/data-visualization/).
-    - The [Observability Backend](https://about.gitlab.com/direction/monitor/observability/data-management/).
-    - [Data visualization](https://about.gitlab.com/direction/monitor/observability/data-visualization/).
-  documentation_url: https://docs.gitlab.com/ee/operations/error_tracking.html
diff --git a/data/deprecations/15-9-secure-template-changes.yml b/data/deprecations/15-9-secure-template-changes.yml
index 9129f17b562..390e31a0290 100644
--- a/data/deprecations/15-9-secure-template-changes.yml
+++ b/data/deprecations/15-9-secure-template-changes.yml
@@ -22,7 +22,7 @@
     - Dependency Scanning: [`Dependency-Scanning.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml)
     - IaC Scanning: [`SAST-IaC.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/SAST-IaC.gitlab-ci.yml)
     - SAST: [`SAST.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/SAST.gitlab-ci.yml)
-    - Secret Detection: [`Secret-Detection.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Secret-Detction.gitlab-ci.yml)
+    - Secret Detection: [`Secret-Detection.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Secret-Detection.gitlab-ci.yml)
 
     We recommend that you test your pipelines before the 16.0 release if you use one of the templates listed above and you use the `_DISABLED` variables but set a value other than `"true"`.
 
diff --git a/data/deprecations/16-0-deprecate-omnibus-grafana.yml b/data/deprecations/16-0-deprecate-omnibus-grafana.yml
index 815c60099e9..93fd5c54071 100644
--- a/data/deprecations/16-0-deprecate-omnibus-grafana.yml
+++ b/data/deprecations/16-0-deprecate-omnibus-grafana.yml
@@ -7,8 +7,8 @@
   issue_url: https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/7772
   body: |  # (required) Do not modify this line, instead modify the lines below.
     The version of [Grafana bundled with Omnibus GitLab](https://docs.gitlab.com/omnibus/settings/grafana.html) is
-    disabled in 16.0 and will be removed in 16.3.
-    If you are using the bundled Grafana, you must migrate to either:
+    [deprecated and disabled](https://docs.gitlab.com/ee/administration/monitoring/performance/grafana_configuration.html#deprecation-of-bundled-grafana)
+    in 16.0 and will be removed in 16.3. If you are using the bundled Grafana, you must migrate to either:
 
     - Another implementation of Grafana. For more information, see
       [Switch to new Grafana instance](https://docs.gitlab.com/ee/administration/monitoring/performance/grafana_configuration.html#switch-to-new-grafana-instance).
diff --git a/data/deprecations/16-0-ldap_settings_unlock_groups_by_owners-deprecation.yml b/data/deprecations/16-0-ldap_settings_unlock_groups_by_owners-deprecation.yml
new file mode 100644
index 00000000000..eadcd657994
--- /dev/null
+++ b/data/deprecations/16-0-ldap_settings_unlock_groups_by_owners-deprecation.yml
@@ -0,0 +1,9 @@
+- title: "Adding non-LDAP synced members to a locked LDAP group is deprecated"  # (required) Clearly explain the change, or planned change. For example, "The `confidential` field for a `Note` is deprecated" or "CI/CD job names will be limited to 250 characters."
+  announcement_milestone: "16.0"  # (required) The milestone when this feature was first announced as deprecated.
+  removal_milestone: "16.5"  # (required) The milestone when this feature is planned to be removed
+  breaking_change: false  # (required) Change to false if this is not a breaking change.
+  reporter: hsutor  # (required) GitLab username of the person reporting the change
+  stage: manage  # (required) String value of the stage that the feature was created in. e.g., Growth
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/213311  # (required) Link to the deprecation issue in GitLab
+  body: |  # (required) Do not modify this line, instead modify the lines below.
+    Enabling the `ldap_settings_unlock_groups_by_owners` feature flag allowed non-LDAP synced users to be added to a locked LDAP group. This [feature](https://gitlab.com/gitlab-org/gitlab/-/issues/1793) has always been disabled by default and behind a feature flag. We are removing this feature to keep continuity with our SAML integration, and because allowing non-synced group members defeats the "single source of truth" principle of using a directory service. Once this feature is removed, any LDAP group members that are not synced with LDAP will lose access to that group.
diff --git a/data/deprecations/16-1-dependency-proxy-graphql-field.yml b/data/deprecations/16-1-dependency-proxy-graphql-field.yml
new file mode 100644
index 00000000000..80b43e33f41
--- /dev/null
+++ b/data/deprecations/16-1-dependency-proxy-graphql-field.yml
@@ -0,0 +1,11 @@
+- title: "GraphQL deprecation of `dependencyProxyTotalSizeInBytes` field"  # (required) Actionable title. e.g., The `confidential` field for a `Note` is deprecated. Use `internal` instead.
+  announcement_milestone: "16.1"  # (required) The milestone when this feature was first announced as deprecated.
+  removal_milestone: "17.0"  # (required) The milestone when this feature is planned to be removed
+  breaking_change: true  # (required) If this deprecation is a breaking change, set this value to true
+  reporter: trizzi  # (required) GitLab username of the person reporting the deprecation
+  stage: Package  # (required) String value of the stage that the feature was created in. e.g., Growth
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/414236  # (required) Link to the deprecation issue in GitLab
+  body: |  # (required) Do not modify this line, instead modify the lines below.
+    You can use GraphQL to query the amount of storage used by the GitLab Dependency Proxy. However, the `dependencyProxyTotalSizeInBytes` field is limited to ~2Gb (in bytes), which is not always large enough for the Dependency Proxy. As a result, `dependencyProxyTotalSizeInBytes` is deprecated and will be removed in GitLab 17.0.
+
+    Use `dependencyProxyTotalSizeBytes` instead, introduced in GitLab 16.1.
diff --git a/data/deprecations/16-1-non-decomposed-mode-deprecation.yml b/data/deprecations/16-1-non-decomposed-mode-deprecation.yml
new file mode 100644
index 00000000000..963fc0d8230
--- /dev/null
+++ b/data/deprecations/16-1-non-decomposed-mode-deprecation.yml
@@ -0,0 +1,9 @@
+- title: "Running a single database is deprecated"
+  removal_milestone: "17.0"
+  announcement_milestone: "16.1"
+  breaking_change: true
+  reporter: lohrc
+  stage: data_stores
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/411239
+  body: |
+    The option to run self-managed installations of GitLab on a single database is now deprecated. From GitLab 17.0, we will require a [separate database for CI features](https://gitlab.com/groups/gitlab-org/-/epics/7509). With this change, self-managed versions of GitLab will behave similarly to GitLab.com. This change applies to installation methods with Omnibus GitLab, GitLab Helm chart, GitLab Operator, GitLab Docker images, and installation from source. Before upgrading to GitLab 17.0, please ensure [migration](https://docs.gitlab.com/ee/administration/postgresql/multiple_databases.html) to two databases.
diff --git a/data/deprecations/16-1-unified-approval-rules.yml b/data/deprecations/16-1-unified-approval-rules.yml
new file mode 100644
index 00000000000..8622ed86d5f
--- /dev/null
+++ b/data/deprecations/16-1-unified-approval-rules.yml
@@ -0,0 +1,29 @@
+- title: "Unified approval rules are deprecated"  # (required) Clearly explain the change, or planned change. For example, "The `confidential` field for a `Note` is deprecated" or "CI/CD job names will be limited to 250 characters."
+  announcement_milestone: "16.1"  # (required) The milestone when this feature was first announced as deprecated.
+  removal_milestone: "17.0"  # (required) The milestone when this feature is planned to be removed
+  breaking_change: true  # (required) Change to false if this is not a breaking change.
+  reporter: nagyv-gitlab  # (required) GitLab username of the person reporting the change
+  stage: deploy  # (required) String value of the stage that the feature was created in. e.g., Growth
+  issue_url: https://gitlab.com/groups/gitlab-org/-/epics/9662  # (required) Link to the deprecation issue in GitLab
+  body: |  # (required) Do not modify this line, instead modify the lines below.
+    Unified approval rules are deprecated in favor of multiple approval rules, which provide more flexibility.
+    You might not be able to migrate your Unified approval rules to multiple approval rules without breaking changes.
+    To help you migrate manually, we introduced migration documentation. If you don't migrate manually before unified approval
+    rules are removed, GitLab will automatically migrate your settings.
+
+    In GitLab 15.11, UI support for unified approval rules was removed.
+    You can still access unified approval rules with the API.
+#
+# OPTIONAL END OF SUPPORT FIELDS
+#
+# If an End of Support period applies, the announcement should be shared with GitLab Support
+# in the `#spt_managers` channel in Slack, and mention `@gitlab-com/support` in this MR.
+#
+  end_of_support_milestone:  # (optional) Use "XX.YY" format. The milestone when support for this feature will end.
+  #
+  # OTHER OPTIONAL FIELDS
+  #
+  tiers: [Premium, Ultimate]  # (optional - may be required in the future) An array of tiers that the feature is available in currently.  e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
+  documentation_url: https://docs.gitlab.com/ee/ci/environments/deployment_approvals.html # (optional) This is a link to the current documentation page
+  image_url:  # (optional) This is a link to a thumbnail image depicting the feature
+  video_url:  # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg
diff --git a/data/deprecations/16-1-windows-cmd-runner-shell-executor.yml b/data/deprecations/16-1-windows-cmd-runner-shell-executor.yml
new file mode 100644
index 00000000000..6e892a02a9b
--- /dev/null
+++ b/data/deprecations/16-1-windows-cmd-runner-shell-executor.yml
@@ -0,0 +1,13 @@
+- title: "Deprecate Windows CMD in GitLab Runner"  # (required) The name of the feature to be deprecated
+  announcement_milestone: "16.1"  # (required) The milestone when this feature was first announced as deprecated.
+  announcement_date: "2023-06-22"  # (required) The date of the milestone release when this feature was first announced as deprecated. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
+  removal_milestone: "17.0"  # (required) The milestone when this feature is planned to be removed
+  removal_date: "2024-05-22" # (required) The date of the milestone release when this feature is planned to be removed. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
+  breaking_change: true  # (required) If this deprecation is a breaking change, set this value to true
+  reporter: DarrenEastman  # (required) GitLab username of the person reporting the deprecation
+  stage: Verify # (required) String value of the stage that the feature was created in. e.g., Growth
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/414864 # (required) Link to the deprecation issue in GitLab
+  body: |  # (required) Do not modify this line, instead modify the lines below.
+    In GitLab 11.11 the Windows Batch executor, the CMD shell was deprecated in GitLab Runner in favor of PowerShell. Since then, the CMD shell has continued to be supported in GitLab Runner. However this has resulted in additional complexity for both the engineering team and customers using the Runner on Windows. We plan to fully remove support for Windows CMD from GitLab Runner in 17.0. Customers should plan to use PowerShell when using the runner on Windows with the shell executor. Customers can provide feedback or ask questions in the removal issue, [issue 29479](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/29479).
+  end_of_support_milestone: "17.0"  # (optional) Use "XX.YY" format. The milestone when support for this feature will end.
+  end_of_support_date: "2024-05-22" # (optional) The date of the milestone release when support for this feature will end.
diff --git a/data/deprecations/templates/_deprecation_template.md.erb b/data/deprecations/templates/_deprecation_template.md.erb
index bbca07fbd3c..1817942eac5 100644
--- a/data/deprecations/templates/_deprecation_template.md.erb
+++ b/data/deprecations/templates/_deprecation_template.md.erb
@@ -7,6 +7,18 @@ toc: false
 
 # Deprecations by version
 
+These GitLab features are deprecated and no longer recommended for use.
+Each deprecated feature will be removed in a future release.
+Some features cause breaking changes when they are removed.
+
+On GitLab.com, deprecated features can be removed at any time during the month leading up to the release.
+
+**{rss}** **To be notified of upcoming breaking changes**,
+add this URL to your RSS feed reader: `https://about.gitlab.com/breaking-changes.xml`
+
+You can also view [REST API](https://docs.gitlab.com/ee/api/rest/deprecations.html)
+and [GraphQL](https://docs.gitlab.com/ee/api/graphql/removed_items.html) deprecations/removals.
+
 <!-- vale off -->
 
 <!--
@@ -31,18 +43,6 @@ For deprecation reviewers (Technical Writers only):
 
 {::options parse_block_html="true" /}
 
-These GitLab features are deprecated and no longer recommended for use.
-Each deprecated feature will be removed in a future release.
-Some features cause breaking changes when they are removed.
-
-On GitLab.com, deprecated features can be removed at any time during the month leading up to the release.
-
-**{rss}** **To be notified of upcoming breaking changes**,
-add this URL to your RSS feed reader: `https://about.gitlab.com/breaking-changes.xml`
-
-You can also view [REST API](https://docs.gitlab.com/ee/api/rest/deprecations.html)
-and [GraphQL](https://docs.gitlab.com/ee/api/graphql/removed_items.html) deprecations/removals.
-
 <% if milestones.any? -%><div class="js-deprecation-filters"></div><%- end -%>
 <%- milestones.each do |milestone| %>
 <div class="milestone-wrapper" data-milestone="<%= milestone %>">
diff --git a/data/removals/15_0/15-0-configure-self-managed-cert-based-kube-feature-flag.yml b/data/removals/15_0/15-0-configure-self-managed-cert-based-kube-feature-flag.yml
index 48152a06eb3..7905e0b6dbe 100644
--- a/data/removals/15_0/15-0-configure-self-managed-cert-based-kube-feature-flag.yml
+++ b/data/removals/15_0/15-0-configure-self-managed-cert-based-kube-feature-flag.yml
@@ -14,7 +14,7 @@
 
     If you need more time to migrate, you can enable the `certificate_based_clusters` [feature flag](https://docs.gitlab.com/ee/administration/feature_flags.html), which re-enables the certificate-based integration.
 
-    In GitLab 16.0, we will [remove the feature, its related code, and the feature flag](https://about.gitlab.com/blog/2021/11/15/deprecating-the-cert-based-kubernetes-integration/). GitLab will continue to fix any security or critical issues until 16.0.
+    In GitLab 17.0, we will [remove the feature, its related code, and the feature flag](https://about.gitlab.com/blog/2021/11/15/deprecating-the-cert-based-kubernetes-integration/). GitLab will continue to fix any security or critical issues until 17.0.
 
     For updates and details, follow [this epic](https://gitlab.com/groups/gitlab-org/configure/-/epics/8).
 #
diff --git a/data/removals/15_9/15-9-omniauth-shibboleth.yml b/data/removals/15_9/15-9-omniauth-shibboleth.yml
index a7641bb893b..a3923211244 100644
--- a/data/removals/15_9/15-9-omniauth-shibboleth.yml
+++ b/data/removals/15_9/15-9-omniauth-shibboleth.yml
@@ -8,4 +8,4 @@
   stage: manage  # (required) String value of the stage that the feature was created in. e.g., Growth
   issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/388959  # (required) Link to the deprecation issue in GitLab
   body: |  # (required) Do not modify this line, instead modify the lines below.
-    `omniauth-shibboleth` is an OmniAuth strategy gem that was part of GitLab. The gem has not received security updates and does not meet GitLab quality guidance criteria. This gem was originally scheduled for removal by 14.1, but it was not removed at that time. The gem is being removed now.
+    `omniauth-shibboleth` is an OmniAuth strategy gem that was part of GitLab. The gem has not received security updates and does not meet GitLab quality guidance criteria. This gem was originally scheduled for removal by 14.1, but it was not removed at that time. The gem is being removed now. In GitLab 16.1 or later, use the `omniauth-shibboleth-redux` gem instead.
diff --git a/data/removals/16_0/16-0-grafana-chart.yml b/data/removals/16_0/16-0-grafana-chart.yml
index 3251f477bb0..7d26fc1764e 100644
--- a/data/removals/16_0/16-0-grafana-chart.yml
+++ b/data/removals/16_0/16-0-grafana-chart.yml
@@ -13,7 +13,7 @@
     If you're using the bundled Grafana, you should switch to the [newer chart version from Grafana Labs](https://artifacthub.io/packages/helm/grafana/grafana)
     or a Grafana Operator from a trusted provider.
 
-    In your new Grafana instance, you can [configure the GitLab provided Prometheus as a data source](https://docs.gitlab.com/ee/administration/monitoring/performance/grafana_configuration.html#integration-with-gitlab-ui)
-    and [connect Grafana to the GitLab UI](https://docs.gitlab.com/ee/administration/monitoring/performance/grafana_configuration.html#integration-with-gitlab-ui).
+    In your new Grafana instance, [configure the GitLab provided Prometheus as a data source](https://docs.gitlab.com/ee/administration/monitoring/performance/grafana_configuration.html#configure-grafana)
+    and [connect Grafana to the GitLab UI](https://docs.gitlab.com/ee/administration/monitoring/performance/grafana_configuration.html#integrate-with-gitlab-ui).
   tiers:  # (optional - may be required in the future) An array of tiers that the feature is available in currently.  e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
   documentation_url: https://docs.gitlab.com/ee/administration/monitoring/performance/grafana_configuration.html
diff --git a/data/removals/16_0/16-0-secure-template-changes.yml b/data/removals/16_0/16-0-secure-template-changes.yml
new file mode 100644
index 00000000000..c7ec5a2f894
--- /dev/null
+++ b/data/removals/16_0/16-0-secure-template-changes.yml
@@ -0,0 +1,27 @@
+- title: Secure scanning `_DISABLED` variables now require the value `"true"`  # (required) Clearly explain the change, or planned change. For example, "The `confidential` field for a `Note` is deprecated" or "CI/CD job names will be limited to 250 characters."
+  announcement_milestone: "15.9"  # (required) The milestone when this feature was first announced as deprecated.
+  removal_milestone: "16.0"  # (required) The milestone when this feature is being removed.
+  breaking_change: true  # (required) Change to false if this is not a breaking change.
+  reporter: connorgilbert  # (required) GitLab username of the person reporting the change
+  stage: secure  # (required) String value of the stage that the feature was created in. e.g., Growth
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/391822  # (required) Link to the deprecation issue in GitLab
+  body: |  # (required) Do not modify this line, instead modify the lines below.
+    In GitLab 16.0, we've changed how values for CI/CD variables like `SAST_DISABLED` and `DEPENDENCY_SCANNING_DISABLED` are handled.
+
+    Now, scanning is disabled only if the value is `"true"`, for example `SAST_DISABLED: "true"`. Previously, even if the value were `"false"`, like `SAST_DISABLED: "false"`, scanning would still be disabled.
+
+    This change was previously released in the Latest versions of the CI/CD templates because of the potential to disrupt customized CI/CD pipeline configurations.
+
+    The following templates have been updated:
+
+    - API Fuzzing: [`API-Fuzzing.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/API-Fuzzing.gitlab-ci.yml)
+    - Container Scanning: [`Container-Scanning.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Container-Scanning.gitlab-ci.yml)
+    - Coverage-Guided Fuzzing: [`Coverage-Fuzzing.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Coverage-Fuzzing.gitlab-ci.yml)
+    - DAST: [`DAST.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml)
+    - DAST API: [`DAST-API.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/DAST-API.gitlab-ci.yml)
+    - Dependency Scanning: [`Dependency-Scanning.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml)
+    - IaC Scanning: [`SAST-IaC.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/SAST-IaC.gitlab-ci.yml)
+    - SAST: [`SAST.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/SAST.gitlab-ci.yml)
+    - Secret Detection: [`Secret-Detection.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Secret-Detection.gitlab-ci.yml)
+
+    If you currently use the `_DISABLED` variables but set a value other than `"true"` to disable scanning, change the value to `"true"`.
diff --git a/data/removals/16_0/16-0-source-code-approvals-endpoint.yml b/data/removals/16_0/16-0-source-code-approvals-endpoint.yml
new file mode 100644
index 00000000000..786ed39566b
--- /dev/null
+++ b/data/removals/16_0/16-0-source-code-approvals-endpoint.yml
@@ -0,0 +1,30 @@
+# This is a template for announcing a feature removal or other important change.
+#
+# Please refer to the deprecation guidelines to confirm your understanding of GitLab's definitions.
+# https://docs.gitlab.com/ee/development/deprecation_guidelines/#terminology
+#
+# If this is a breaking change, it must happen in a major release.
+#
+# For more information please refer to the handbook documentation here:
+# https://about.gitlab.com/handbook/marketing/blog/release-posts/#deprecations-and-other-planned-breaking-change-announcements
+#
+# Please delete this line and above before submitting your merge request.
+#
+# REQUIRED FIELDS
+#
+- title: "`POST /projects/:id/merge_requests/:merge_request_iid/approvals` removed"  # (required) Clearly explain the change. For example, "The `confidential` field for a `Note` is removed" or "CI/CD job names are limited to 250 characters."
+  announcement_milestone: "12.3"  # (required) The milestone when this feature was deprecated.
+  removal_milestone: "16.0"  # (required) The milestone when this feature is being removed.
+  breaking_change: true  # (required) Change to false if this is not a breaking change.
+  reporter: tlinz  # (required) GitLab username of the person reporting the removal
+  stage: create  # (required) String value of the stage that the feature was created in. e.g., Growth
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/353097  # (required) Link to the deprecation issue in GitLab
+  body: |  # (required) Do not modify this line, instead modify the lines below.
+    The `/approvals` endpoint was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/11132) in GitLab 12.3. To change the approvals required for a merge request via the API, use the `/approval_rules` endpoint described in [Create merge request level rule](https://docs.gitlab.com/ee/api/merge_request_approvals.html#create-merge-request-level-rule).
+#
+# OPTIONAL FIELDS
+#
+  tiers: [Premium, Ultimate] # (optional - may be required in the future) An array of tiers that the feature is available in currently.  e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
+  documentation_url: https://docs.gitlab.com/ee/api/merge_request_approvals.html#create-merge-request-level-rule  # (optional) This is a link to the current documentation page
+  image_url:  # (optional) This is a link to a thumbnail image depicting the feature
+  video_url:  # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg
diff --git a/data/removals/16_0/16-0-source-code-routes.yml b/data/removals/16_0/16-0-source-code-routes.yml
new file mode 100644
index 00000000000..d45d15e2e00
--- /dev/null
+++ b/data/removals/16_0/16-0-source-code-routes.yml
@@ -0,0 +1,36 @@
+# This is a template for announcing a feature removal or other important change.
+#
+# Please refer to the deprecation guidelines to confirm your understanding of GitLab's definitions.
+# https://docs.gitlab.com/ee/development/deprecation_guidelines/#terminology
+#
+# If this is a breaking change, it must happen in a major release.
+#
+# For more information please refer to the handbook documentation here:
+# https://about.gitlab.com/handbook/marketing/blog/release-posts/#deprecations-and-other-planned-breaking-change-announcements
+#
+# Please delete this line and above before submitting your merge request.
+#
+# REQUIRED FIELDS
+#
+- title: "Legacy routes removed"  # (required) Clearly explain the change. For example, "The `confidential` field for a `Note` is removed" or "CI/CD job names are limited to 250 characters."
+  announcement_milestone: "15.9"  # (required) The milestone when this feature was deprecated.
+  removal_milestone: "16.0"  # (required) The milestone when this feature is being removed.
+  breaking_change: true  # (required) Change to false if this is not a breaking change.
+  reporter: tlinz  # (required) GitLab username of the person reporting the removal
+  stage: create  # (required) String value of the stage that the feature was created in. e.g., Growth
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/214217  # (required) Link to the deprecation issue in GitLab
+  body: |  # (required) Do not modify this line, instead modify the lines below.
+    GitLab 16.0 removes legacy URLs from the GitLab application.
+
+    When subgroups were introduced in GitLab 9.0, a `/-/` delimiter was added to URLs to signify the end of a group path. All GitLab URLs now use this delimiter for project, group, and instance level features.
+
+    URLs that do not use the `/-/` delimiter are planned for removal in GitLab 16.0. For the full list of these URLs, along with their replacements, see [issue 28848](https://gitlab.com/gitlab-org/gitlab/-/issues/28848#release-notes).
+
+    Update any scripts or bookmarks that reference the legacy URLs. GitLab APIs are not affected by this change.
+#
+# OPTIONAL FIELDS
+#
+  tiers:  # (optional - may be required in the future) An array of tiers that the feature is available in currently.  e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
+  documentation_url: https://gitlab.com/gitlab-org/gitlab/-/issues/28848#release-notes  # (optional) This is a link to the current documentation page
+  image_url:  # (optional) This is a link to a thumbnail image depicting the feature
+  video_url:  # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg
diff --git a/data/removals/16_0/16-0-ttl-days-removal.yml b/data/removals/16_0/16-0-ttl-days-removal.yml
new file mode 100644
index 00000000000..213e58017c4
--- /dev/null
+++ b/data/removals/16_0/16-0-ttl-days-removal.yml
@@ -0,0 +1,16 @@
+- title: "Default value of `ttl_days` now 30 days"
+  announcement_milestone: "15.4"  # (required) The milestone when this feature was deprecated.
+  removal_milestone: "16.0"  # (required) The milestone when this feature is being removed.
+  breaking_change: true  # (required) Change to false if this is not a breaking change.
+  reporter: tlinz
+  stage: create  # (required) String value of the stage that the feature was created in. e.g., Growth
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/369122  # (required) Link to the deprecation issue in GitLab
+  body: |  # (required) Do not modify this line, instead modify the lines below.
+    From GitLab 16.0, any personal, project, or group access token [must have an expiration date](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/96594). If you create a personal access token with the GitLab Shell command `personal_access_token` without specifying `ttl_days`, a default value of 30 days is now applied.
+#
+# OPTIONAL FIELDS
+#
+  tiers: [Core, Premium, Ultimate]
+  documentation_url: https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html
+  image_url:
+  video_url:
diff --git a/data/removals/16_0/16-00-JWT-limit-setting.yml b/data/removals/16_0/16-00-JWT-limit-setting.yml
new file mode 100644
index 00000000000..d8e3ccb359a
--- /dev/null
+++ b/data/removals/16_0/16-00-JWT-limit-setting.yml
@@ -0,0 +1,21 @@
+#
+# REQUIRED FIELDS
+#
+- title: "Secure JWT token setting is removed"  # (required) Clearly explain the change. For example, "The `confidential` field for a `Note` is removed" or "CI/CD job names are limited to 250 characters."
+  announcement_milestone: "15.9"  # (required) The milestone when this feature was deprecated.
+  removal_milestone: "16.0"  # (required) The milestone when this feature is being removed.
+  breaking_change: true  # (required) Change to false if this is not a breaking change.
+  reporter: jocelynjane  # (required) GitLab username of the person reporting the removal
+  stage: verify  # (required) String value of the stage that the feature was created in. e.g., Growth
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/366798  # (required) Link to the deprecation issue in GitLab
+  body: |  # (required) Do not modify this line, instead modify the lines below.
+    As part of [the deprecation of old versions of JSON web tokens](https://docs.gitlab.com/ee/update/deprecations.html#old-versions-of-json-web-tokens-are-deprecated), the **Limit JSON Web Token (JWT)** project setting has been removed. This setting was a temporary solution to help users transition to [ID tokens](https://docs.gitlab.com/ee/ci/secrets/id_token_authentication.html), as a way to switch between the old and new tokens, but the setting is no longer needed. In GitLab 16.0 and later, you can simply start using ID tokens in any job. When you use the `id_tokens` keyword in a job, that job uses only ID tokens and the old `CI_JOB_JWT*` tokens are not available. In jobs that do not use the `id_tokens` keyword, the old behavior remains unchanged.
+
+    The old `CI_JOB_JWT*` tokens will be completely removed in GitLab 16.5, so you must switch to ID tokens before that release.
+#
+# OPTIONAL FIELDS
+#
+  tiers:  # (optional - may be required in the future) An array of tiers that the feature is available in currently.  e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
+  documentation_url:  # (optional) This is a link to the current documentation page
+  image_url:  # (optional) This is a link to a thumbnail image depicting the feature
+  video_url:  # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg
diff --git a/data/removals/16_0/16.0-docker-ssh-executors.yml b/data/removals/16_0/16.0-docker-ssh-executors.yml
new file mode 100644
index 00000000000..ec3650c1d1c
--- /dev/null
+++ b/data/removals/16_0/16.0-docker-ssh-executors.yml
@@ -0,0 +1,9 @@
+- title: "`docker-ssh` and `docker-ssh+machine` executors are removed"  # (required) Clearly explain the change. For example, "The `confidential` field for a `Note` is removed" or "CI/CD job names are limited to 250 characters."
+  announcement_milestone: "10.0"  # (required) The milestone when this feature was deprecated.
+  removal_milestone: "16.0"  # (required) The milestone when this feature is being removed.
+  breaking_change: false  # (required) Change to false if this is not a breaking change.
+  reporter: DarrenEastman  # (required) GitLab username of the person reporting the removal
+  stage: Verify  # (required) String value of the stage that the feature was created in. e.g., Growth
+  issue_url: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/29406 # (required) Link to the deprecation issue in GitLab
+  body: |  # (required) Do not modify this line, instead modify the lines below.
+    In GitLab 16.0 and later, the `docker-ssh` and `docker+machine-ssh` executors for GitLab Runner have been removed from the GitLab Runner [code base](https://gitlab.com/gitlab-org/gitlab-runner).
diff --git a/data/removals/16_0/16.0-pre-clone-script-gitlab-saas.yml b/data/removals/16_0/16.0-pre-clone-script-gitlab-saas.yml
new file mode 100644
index 00000000000..062c86e1fd3
--- /dev/null
+++ b/data/removals/16_0/16.0-pre-clone-script-gitlab-saas.yml
@@ -0,0 +1,9 @@
+- title: "`CI_PRE_CLONE_SCRIPT` variable on GitLab SaaS Runners has been removed"  # (required) Clearly explain the change. For example, "The `confidential` field for a `Note` is removed" or "CI/CD job names are limited to 250 characters."
+  announcement_milestone: "15.9"  # (required) The milestone when this feature was deprecated.
+  removal_milestone: "16.0"  # (required) The milestone when this feature is being removed.
+  breaking_change: true  # (required) Change to false if this is not a breaking change.
+  reporter: DarrenEastman  # (required) GitLab username of the person reporting the removal
+  stage: Verify # (required) String value of the stage that the feature was created in. e.g., Growth
+  issue_url: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/29405 # (required) Link to the deprecation issue in GitLab
+  body: |  # (required) Do not modify this line, instead modify the lines below.
+    In GitLab 16.0 and later, the `CI_PRE_CLONE_SCRIPT` variable option on GitLab SaaS Runners has been removed. The `CI_PRE_CLONE_SCRIPT` variable enabled you to run commands in your CI/CD job before the runner executed `git-init` and `git-fetch`. You should use the `pre_get_sources_script` hook instead. For more information, see the blog post, [Guide to pre_clone_script changes on GitLab SaaS Linux Runners](https://about.gitlab.com/blog/2023/03/27/changes-to-the-preclonescript/).
diff --git a/data/removals/templates/_removal_template.md.erb b/data/removals/templates/_removal_template.md.erb
index 89e25c76e04..aa2ae993f45 100644
--- a/data/removals/templates/_removal_template.md.erb
+++ b/data/removals/templates/_removal_template.md.erb
@@ -6,7 +6,7 @@ info: "See the Technical Writers assigned to Development Guidelines: https://abo
 
 # Removals by version
 
-In each release, GitLab removes features that were deprecated in an earlier release.
+In each release, GitLab removes features that were [deprecated](deprecations.md) in an earlier release.
 Some features cause breaking changes when they are removed.
 
 **{rss}** **To be notified of upcoming breaking changes**,
@@ -33,19 +33,25 @@ For removal reviewers (Technical Writers only):
 - For more information about updating the removal doc, see the removal doc update guidance:
   https://about.gitlab.com/handbook/marketing/blog/release-posts/#update-the-removals-doc
 -->
+
+{::options parse_block_html="true" /}
 <% if milestones.any? -%>
   <%- milestones.each do |milestone| %>
 ## Removed in <%= milestone %>
     <%- entries.select{|entry| entry["removal_milestone"] == milestone}.each do |removal| %>
 ### <%= removal["title"]%>
-<% if removal["breaking_change"] -%>
 
-WARNING:
-This is a [breaking change](https://docs.gitlab.com/ee/development/deprecation_guidelines/).
-Review the details carefully before upgrading.
-
-<%= removal["body"] -%><% else %>
-<%= removal["body"] -%><% end %><%- end -%><%- end -%>
+<div class="deprecation-notes">
+- Announced in: GitLab <span class="milestone"><%= removal["announcement_milestone"]%></span>
+<% if removal["breaking_change"] -%>
+- This is a [breaking change](https://docs.gitlab.com/ee/development/deprecation_guidelines/). Review the details carefully before upgrading.
+<%- end -%>
+<% if removal["issue_url"] -%>
+- To discuss this change or learn more, see the [deprecation issue](<%= removal["issue_url"]%>).
+<%- end -%>
+</div>
+
+<%= removal["body"] -%><%- end -%><%- end -%>
 <%- else -%>
 Features scheduled for removal will be listed here, sorted by GitLab version.
 <% end -%>
diff --git a/data/whats_new/202304220001_15_11.yml b/data/whats_new/202304220001_15_11.yml
index cda793f672c..38e5d8bef31 100644
--- a/data/whats_new/202304220001_15_11.yml
+++ b/data/whats_new/202304220001_15_11.yml
@@ -2,7 +2,7 @@
   description: |
     Every day millions of developers use GitLab to contribute code. In February, we launched a closed Beta of this feature, and since then, we’ve been working hard to make [Code Suggestions](https://about.gitlab.com/direction/modelops/ai_assisted/code_suggestions/) available to more developers. During Beta, Code Suggestions is free for all Ultimate and Premium customers. Group admins can enable this setting with a new [group-level control](https://docs.gitlab.com/ee/user/project/repository/code_suggestions.html#group-level-setting). Depending on the prompt, the extension either provides entire code snippets like generating functions or completes the current line. Simply pressing the tab key allows you to accept the suggestions.
 
-    GitLab Code Suggestions can improve developer productivity, focus, and innovation without context switching and within a single DevSecOps platform. Please note that this is a high-demand [Beta feature](https://docs.gitlab.com/ee/policy/alpha-beta-support.html#beta) and may have unscheduled downtime. During beta, it may also produce low-quality or incomplete suggestions. Read about [known limitations](https://docs.gitlab.com/ee/user/project/repository/code_suggestions.html#known-limitations). We are continuously iterating to improve Code Suggestions and make it better. Give it a try, and [share your feedback with us](https://gitlab.com/gitlab-org/gitlab/-/issues/405152).
+    GitLab Code Suggestions can improve developer productivity, focus, and innovation without context switching and within a single DevSecOps platform. Please note that this is a high-demand [Beta feature](https://docs.gitlab.com/ee/policy/experiment-beta-support.html#beta) and may have unscheduled downtime. During beta, it may also produce low-quality or incomplete suggestions. Read about [known limitations](https://docs.gitlab.com/ee/user/project/repository/code_suggestions.html#known-limitations). We are continuously iterating to improve Code Suggestions and make it better. Give it a try, and [share your feedback with us](https://gitlab.com/gitlab-org/gitlab/-/issues/405152).
   stage: modelops
   self-managed: false
   gitlab-com: true
diff --git a/data/whats_new/202305220001_16_0.yml b/data/whats_new/202305220001_16_0.yml
new file mode 100644
index 00000000000..c911d9ef356
--- /dev/null
+++ b/data/whats_new/202305220001_16_0.yml
@@ -0,0 +1,211 @@
+- name: Value Streams Dashboard is now generally available
+  description: | # Do not modify this line, instead modify the lines below.
+    This [new dashboard](https://youtu.be/EA9Sbks27g4) provides strategic insights into metrics that help decision-makers identify trends and patterns to optimize software delivery. The first iteration of the GitLab Value Streams Dashboard is focused on enabling teams to continuously improve software delivery workflows by benchmarking value stream life cycle ([value stream analytics](https://docs.gitlab.com/ee/user/group/value_stream_analytics/), [DORA4](https://docs.gitlab.com/ee/user/analytics/dora_metrics.html)), and [vulnerabilities](https://docs.gitlab.com/ee/user/application_security/vulnerability_report/) metrics.
+
+    Organizations can use the [Value Streams Dashboard](https://docs.gitlab.com/ee/user/analytics/value_streams_dashboard.html) to track and compare these metrics over a period of time, identify downward trends early, understand security exposure, and drill down into individual projects or metrics to take actions for improvements.
+
+    This comprehensive view built as a single application with a unified data store allows all stakeholders, from executives to individual contributors, to have visibility into the software development life cycle, without needing to buy or maintain a third-party tool.
+  stage: Plan
+  self-managed: true
+  gitlab-com: true
+  available_in: [Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/user/analytics/value_streams_dashboard.html
+  image_url: https://about.gitlab.com/images/16_0/16.0_vsd_ga.gif
+  published_at: 2023-05-22
+  release: 16.0
+
+- name: Upsizing GitLab SaaS runners on Linux
+  description: | # Do not modify this line, instead modify the lines below.
+    You asked, we listened! In our efforts to be best-in-class for CI/CD build speeds, we're doubling the vCPU & RAM for all GitLab SaaS runners on Linux, with no increase in the [cost factor](https://docs.gitlab.com/ee/ci/pipelines/cicd_minutes.html#cost-factor).
+
+    We're excited to see pipelines run faster and boost productivity.
+  stage: Verify
+  self-managed: false
+  gitlab-com: true
+  available_in: [Free, Premium, Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/ci/runners/saas/linux_saas_runner.html
+  image_url: https://about.gitlab.com/images/16_0/upsize-runners.png
+  published_at: 2023-05-22
+  release: 16.0
+
+- name: GPU-enabled SaaS runners on Linux
+  description: | # Do not modify this line, instead modify the lines below.
+    We are aiming to bring the best practices of DevSecOps to data sciences by providing more powerful compute hardware within GitLab runner. Previously, data scientists may have had workloads that were compute-intensive and as a result, jobs may not have been as quickly executed in GitLab.
+
+    Now, with GPU-enabled SaaS runners on Linux, these workloads can be seamlessly supported using GitLab.com.
+
+    So why wait? Try out the new runner today and let us know what you think in this [issue](https://gitlab.com/gitlab-org/gitlab/-/issues/403008). We can't wait to hear your feedback!
+  stage: Verify
+  self-managed: false
+  gitlab-com: true
+  available_in: [Premium, Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/ci/runners/saas/linux_saas_runner.html#gpu-enabled-saas-runners-on-linux
+  image_url: https://about.gitlab.com/images/16_0/gpu_standard_runner_tag.png
+  published_at: 2023-05-22
+  release: 16.0
+
+- name: Apple silicon (M1) GitLab SaaS runners on macOS - Beta
+  description: | # Do not modify this line, instead modify the lines below.
+    Mobile DevOps teams can now run their entire CI/CD workflows on Apple silicon (M1) [GitLab SaaS runners on macOS](https://docs.gitlab.com/ee/ci/runners/saas/macos_saas_runner) to seamlessly create, test, and deploy applications for the Apple ecosystem.
+
+    With up to **three times** the performance of hosted x86-64 macOS Runners, you will increase your development team's velocity in building and deploying applications that require macOS in a secure, on-demand GitLab Runner build environment integrated with GitLab CI/CD.
+  stage: Verify
+  self-managed: false
+  gitlab-com: true
+  available_in: [Premium, Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/ci/runners/saas/macos_saas_runner.html#example-gitlab-ciyml-file
+  image_url: https://about.gitlab.com/images/16_0/macos-m1-runners.png
+  published_at: 2023-05-22
+  release: 16.0
+
+- name: Comment templates
+  description: | # Do not modify this line, instead modify the lines below.
+    When you're commenting in issues, epics, or merge requests you might repeat yourself and need to write the same comment over and over. Maybe you always need to ask for more information about a bug report. Maybe you're applying labels via a quick action as part of a triage process. Or maybe you just like to finish all your code reviews with a funny gif or appropriate emoji. 🎉
+
+    Comment templates enable you to create saved responses that you can apply in comment boxes around GitLab to speed up your workflow. To create a comment template, go to **User settings > Comment templates** and then fill out your template. After it's saved, select the **Insert comment template** icon on any text area, and your saved response will be applied.
+
+    This is a great way to standardize your replies and save you time!
+  stage: Create
+  self-managed: true
+  gitlab-com: true
+  available_in: [Free, Premium, Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/user/profile/comment_templates.html
+  image_url: https://about.gitlab.com/images/16_0/create-comment-templates.gif
+  published_at: 2023-05-22
+  release: 16.0
+
+- name: Update your fork from the GitLab UI
+  description: | # Do not modify this line, instead modify the lines below.
+    Managing your fork just got easier. When your fork is behind, select **Update fork** in the GitLab UI to catch it up with upstream changes. When your fork is ahead, select **Create merge request** to contribute your change back to the upstream project. Both operations previously required you to use the command line.
+
+    See how many commits your fork is ahead (or behind) on your project's main page and at **Repository > Files**. If merge conflicts exist, the UI gives guidance on how to resolve them using Git from the command line.
+  stage: Create
+  self-managed: true
+  gitlab-com: true
+  available_in: [Free, Premium, Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/user/project/repository/forking_workflow.html#update-your-fork
+  image_url: https://about.gitlab.com/images/16_0/fetch_new_upstream_contents_when_fork_is_behind.png
+  published_at: 2023-05-22
+  release: 16.0
+
+- name: Mirror specific branches only
+  description: | # Do not modify this line, instead modify the lines below.
+    Do you need to mirror a busy repository with many branches, but you only need a few of them? Limit the number of branches you mirror by creating a regular expression that matches only the branches you need.
+
+    Previously, mirrors required you to mirror an entire repository, or all protected branches. This new flexibility can decrease the amount of data your mirrors push or pull, and keep sensitive branches out of public mirrors.
+  stage: Create
+  self-managed: true
+  gitlab-com: true
+  available_in: [Premium, Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/user/project/repository/mirror/#mirror-specific-branches
+  image_url: https://about.gitlab.com/images/16_0/mirror_specific_branches_only.png
+  published_at: 2023-05-22
+  release: 16.0
+
+- name: New Web IDE experience now generally available
+  description: | # Do not modify this line, instead modify the lines below.
+    Since its introduction, we've been iterating on the usability, performance, and stability of the Web IDE, which has enabled us to build features like remote development workspaces and code suggestions on a powerful foundation.
+
+    We have received overwhelmingly positive feedback on the Web IDE Beta and starting in GitLab 16.0, we are making it the default multi-file code editor across GitLab.
+  stage: Create
+  self-managed: true
+  gitlab-com: true
+  available_in: [Free, Premium, Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/user/project/web_ide/
+  image_url: https://about.gitlab.com/images/16_0/web-ide-ga.png
+  published_at: 2023-05-22
+  release: 16.0
+
+- name: Remote development workspaces available in Beta for public projects
+  description: | # Do not modify this line, instead modify the lines below.
+    Stop spending hours, or even days, troubleshooting your local development environment and interpreting inscrutable package installation errors. Now you can define a consistent, stable, and secure development environment in code and use it to create on-demand, remote development workspaces.
+
+    These workspaces serve as personal, ephemeral development environments in the cloud. By eliminating the need for a local development environment, you can focus more on your code and less on your dependencies. Accelerate the process of onboarding to a new project and get up and running in minutes instead of days.
+
+    After the GitLab Agent for Kubernetes is configured and [the dependencies are installed](https://docs.gitlab.com/ee/user/workspace/#prerequisites) in your self-hosted cluster or cloud platform of choice, you can define your development environment in a `.devfile.yaml` file and store it in a public project. Then, you and any other developers with access to the agent can create a workspace based on the `.devfile.yaml` file and edit directly in the embedded Web IDE. You'll have full terminal access to the container, allowing you to work more efficiently. When you're done, or if something goes wrong, you can shut down the workspace and start a fresh, new workspace for your next development task.
+
+    This short video walks you through the lifecycle of a workspace in the current Beta. Learn more about workspaces in the [documentation](https://docs.gitlab.com/ee/user/workspace/index.html) and let us know what you think in the [feedback issue](https://gitlab.com/gitlab-org/gitlab/-/issues/410031).
+  stage: Create
+  self-managed: true
+  gitlab-com: true
+  available_in: [Premium, Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/user/workspace/index.html
+  image_url: https://img.youtube.com/vi/yjweL075Cdo/hqdefault.jpg
+  published_at: 2023-05-22
+  release: 16.0
+
+- name: Security training with SecureFlag
+  description: | # Do not modify this line, instead modify the lines below.
+    As security shifts left, remediating security findings without guidance can be challenging. Developers need actionable advice so they can resolve vulnerabilities and continue building features. Contextual training that is relevant to the specific vulnerabilty detected was released in GitLab 14.9.
+
+    In this release, we are adding an integration with SecureFlag based upon the CWE of the vulnerability. SecureFlag's training solution is unique in that the labs involve remediating the vulnerability in a live environment, which can be transferred to a real environment.
+  stage: Govern
+  self-managed: true
+  gitlab-com: true
+  available_in: [Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/user/application_security/vulnerabilities/#enable-security-training-for-vulnerabilities
+  image_url: https://about.gitlab.com/images/16_0/secureflag.png
+  published_at: 2023-05-22
+  release: 16.0
+
+- name: Token rotation API
+  description: | # Do not modify this line, instead modify the lines below.
+    As security shifts left, remediating security findings without guidance can be challenging. Developers need actionable advice so they can resolve vulnerabilities and continue building features. Contextual training that is relevant to the specific vulnerabilty detected was released in GitLab 14.9.
+
+    In this release, we are adding an integration with SecureFlag based upon the CWE of the vulnerability. SecureFlag's training solution is unique in that the labs involve remediating the vulnerability in a live environment, which can be transferred to a real environment.
+  stage: Govern
+  self-managed: true
+  gitlab-com: true
+  available_in: [Free, Premium, Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/security/token_overview.html
+  image_url: https://img.youtube.com/vi/Lzb7DbPuqBU/hqdefault.jpg
+  published_at: 2023-05-22
+  release: 16.0
+
+- name: AI-powered workflow features
+  description: | # Do not modify this line, instead modify the lines below.
+    GitLab is evolving into an AI-powered DevSecOps platform. Over the past month, we've introduced 10 new experiments to improve efficiency and productivity across various GitLab features, all leveraging AI.
+
+    These AI-powered workflows boost efficiency and reduce cycle times in every phase of the software development lifecycle.
+
+    Learn more about [AI-powered workflows](https://about.gitlab.com/solutions/ai/)
+  stage: ModelOps
+  self-managed: false
+  gitlab-com: true
+  available_in: [Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/development/ai_features.html
+  image_url: https://img.youtube.com/vi/ILJeqWoVswM/hqdefault.jpg
+  published_at: 2023-05-22
+  release: 16.0
+
+- name: Code Suggestions improvements
+  description: | # Do not modify this line, instead modify the lines below.
+    Code Suggestions is now available on GitLab.com for all users for free while the feature is in Beta. Teams can boost efficiency with the help of generative AI that suggests code while you're developing.
+
+    We've extended language support from our initial six languages to now include 13 languages: C/C++, C#, Go, Java, JavaScript, Python, PHP, Ruby, Rust, Scala, Kotlin, and TypeScript.
+
+    We are making improvements to the Code Suggestions underlying AI model weekly to improve the quality of suggestions. Please remember that AI is non-deterministic, so you may not get the same suggestion week to week.
+
+    Read more about these [improvements and what's next](https://about.gitlab.com/blog/2023/05/16/code-suggestions-for-all-during-beta/).
+  stage: ModelOps
+  self-managed: false
+  gitlab-com: true
+  available_in: [Free, Premium, Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/user/project/repository/code_suggestions.html
+  image_url: https://about.gitlab.com/images/15_11/code-suggestions-loop.gif
+  published_at: 2023-05-22
+  release: 16.0
+
+- name: Custom value streams for project-level value stream analytics
+  description: | # Do not modify this line, instead modify the lines below.
+    To improve the visibility into the complete workstream, we are adding to the project-level Value Stream Analytics (VSA) the [Overview stage](https://docs.gitlab.com/ee/user/group/value_stream_analytics) and the option to [create custom value streams](https://docs.gitlab.com/ee/user/group/value_stream_analytics/#create-a-value-stream-with-custom-stages).
+
+    Until now, these features were only available at the group-level VSA only.
+  stage: Plan
+  self-managed: true
+  gitlab-com: true
+  available_in: [Premium, Ultimate]
+  documentation_link: https://docs.gitlab.com/ee/user/group/value_stream_analytics/
+  image_url: https://about.gitlab.com/images/16_0/16_vsaparity.gif
+  published_at: 2023-05-22
+  release: 16.0