Add latest changes from gitlab-org/gitlab@13-2-stable-ee

7 files changed, 26 insertions, 9 deletions

diff --git a/doc/user/profile/account/delete_account.md b/doc/user/profile/account/delete_account.md
index 3c6f2989091..a70d11438f4 100644
--- a/doc/user/profile/account/delete_account.md
+++ b/doc/user/profile/account/delete_account.md
@@ -35,7 +35,8 @@ As an administrator, you can delete a user account by:
    - **Delete user and contributions** to delete the user and
      their associated records.
 
-DANGER: **Danger:** Using the **Delete user and contributions** option may result
+DANGER: **Danger:**
+Using the **Delete user and contributions** option may result
 in removing more data than intended. Please see [associated records](#associated-records)
 below for additional details.
 
diff --git a/doc/user/profile/account/two_factor_authentication.md b/doc/user/profile/account/two_factor_authentication.md
index bfcaeaf6a15..4f769f9a671 100644
--- a/doc/user/profile/account/two_factor_authentication.md
+++ b/doc/user/profile/account/two_factor_authentication.md
@@ -5,9 +5,9 @@ group: Access
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 ---
 
-# Two-Factor Authentication
+# Two-factor authentication
 
-Two-factor Authentication (2FA) provides an additional level of security to your
+Two-factor authentication (2FA) provides an additional level of security to your
 GitLab account. Once enabled, in addition to supplying your username and
 password to login, you'll be prompted for a code generated by your one time password
 authenticator. For example, a password manager on one of your devices.
@@ -62,7 +62,7 @@ To enable 2FA:
    1. Click **Submit**.
 
 If the pin you entered was correct, you'll see a message indicating that
-Two-Factor Authentication has been enabled, and you'll be presented with a list
+two-factor authentication has been enabled, and you'll be presented with a list
 of [recovery codes](#recovery-codes). Make sure you download them and keep them
 in a safe place.
 
diff --git a/doc/user/profile/index.md b/doc/user/profile/index.md
index 663a2888ee7..7a871afd861 100644
--- a/doc/user/profile/index.md
+++ b/doc/user/profile/index.md
@@ -22,7 +22,7 @@ See the [authentication topic](../../topics/authentication/index.md) for more de
 
 ### Unknown sign-in
 
-GitLab will notify you if a sign-in occurs that is from an unknown IP address.
+GitLab will notify you if a sign-in occurs that is from an unknown IP address or device.
 See [Unknown Sign-In Notification](unknown_sign_in_notification.md) for more details.
 
 ## User profile
diff --git a/doc/user/profile/notifications.md b/doc/user/profile/notifications.md
index ee228050945..dbf486e399e 100644
--- a/doc/user/profile/notifications.md
+++ b/doc/user/profile/notifications.md
@@ -187,7 +187,7 @@ To minimize the number of notifications that do not require any action, from [Gi
 | Remove milestone merge request | Subscribers, participants mentioned, and Custom notification level with this event selected |
 | New comment            | The above, plus anyone mentioned by `@username` in the comment, with notification level "Mention" or higher |
 | Failed pipeline        | The author of the pipeline |
-| Fixed pipeline    | The author of the pipeline. Disabled by default. To activate it you must [enable the `ci_pipeline_fixed_notifications` feature flag](../../development/feature_flags/development.md#enabling-a-feature-flag-in-development). |
+| Fixed pipeline    | The author of the pipeline. Enabled by default. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/24309) in GitLab 13.1. Administrators can disable this notification option using the `ci_pipeline_fixed_notifications` [feature flag](../../administration/feature_flags.md). |
 | Successful pipeline    | The author of the pipeline, if they have the custom notification setting for successful pipelines set. If the pipeline failed previously, a `Fixed pipeline` message will be sent for the first successful pipeline after the failure, then a `Successful pipeline` message for any further successful pipelines. |
 | New epic **(ULTIMATE)** |        |
 | Close epic **(ULTIMATE)** |      |
diff --git a/doc/user/profile/personal_access_tokens.md b/doc/user/profile/personal_access_tokens.md
index e2c3dc74cf1..59ca124f566 100644
--- a/doc/user/profile/personal_access_tokens.md
+++ b/doc/user/profile/personal_access_tokens.md
@@ -19,6 +19,7 @@ Personal access tokens expire on the date you define, at midnight UTC.
 
 - GitLab runs a check at 01:00 AM UTC every day to identify personal access tokens that will expire in under seven days. The owners of these tokens are notified by email.
 - In GitLab Ultimate, administrators may [limit the lifetime of personal access tokens](../admin_area/settings/account_and_limit_settings.md#limiting-lifetime-of-personal-access-tokens-ultimate-only).
+- In GitLab Ultimate, administrators may [toggle enforcement of personal access token expiry](../admin_area/settings/account_and_limit_settings.md#optional-enforcement-of-personal-access-token-expiry-ultimate-only).
 
 For examples of how you can use a personal access token to authenticate with the API, see the following section from our [API Docs](../../api/README.md#personalproject-access-tokens).
 
@@ -43,6 +44,10 @@ profile.
 At any time, you can revoke any personal access token by clicking the
 respective **Revoke** button under the **Active Personal Access Token** area.
 
+### Token activity
+
+You can see when a token was last used from the **Personal Access Tokens** page. Updates to the token usage is fixed at once per 24 hours. Requests to [API resources](../../api/api_resources.md) and the [GraphQL API](../../api/graphql/index.md) will update a token's usage.
+
 ## Limiting scopes of a personal access token
 
 Personal access tokens can be created with one or more scopes that allow various
diff --git a/doc/user/profile/preferences.md b/doc/user/profile/preferences.md
index a5fa3cf373f..b94ae958d3b 100644
--- a/doc/user/profile/preferences.md
+++ b/doc/user/profile/preferences.md
@@ -63,7 +63,10 @@ Dark theme currently only works with the 'Dark' syntax highlighting.
 
 NOTE: **Note:**
 GitLab uses the [rouge Ruby library](http://rouge.jneen.net/ "Rouge website")
-for syntax highlighting. For a list of supported languages visit the rouge website.
+for syntax highlighting outside of any Editor context. The WebIDE (like Snippets)
+uses [Monaco Editor](https://microsoft.github.io/monaco-editor/) and it's provided [Monarch](https://microsoft.github.io/monaco-editor/monarch.html) library for
+syntax highlighting. For a list of supported languages, visit the documentation of
+the respective libraries.
 
 Changing this setting allows you to customize the color theme when viewing any
 syntax highlighted code on GitLab.
diff --git a/doc/user/profile/unknown_sign_in_notification.md b/doc/user/profile/unknown_sign_in_notification.md
index 200358bb050..6a6820bb2d4 100644
--- a/doc/user/profile/unknown_sign_in_notification.md
+++ b/doc/user/profile/unknown_sign_in_notification.md
@@ -9,16 +9,24 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27211) in GitLab 13.0.
 
-When a user successfully signs in from a previously unknown IP address,
+NOTE: **Note:**
+This feature is enabled by default for self-managed instances. Administrators may disable this feature
+through the [Sign-in restrictions](../admin_area/settings/sign_in_restrictions.md#email-notification-for-unknown-sign-ins) section of the UI.
+The feature is always enabled on GitLab.com.
+
+When a user successfully signs in from a previously unknown IP address or device,
 GitLab notifies the user by email. In this way, GitLab proactively alerts users of potentially
 malicious or unauthorized sign-ins.
 
-There are two methods used to identify a known sign-in:
+There are several methods used to identify a known sign-in. All methods must fail
+for a notification email to be sent.
 
 - Last sign-in IP: The current sign-in IP address is checked against the last sign-in
   IP address.
 - Current active sessions: If the user has an existing active session from the
   same IP address. See [Active Sessions](active_sessions.md).
+- Cookie: After successful sign in, an encrypted cookie is stored in the browser.
+  This cookie is set to expire 14 days after the last successful sign in.
 
 ## Example email