Add latest changes from gitlab-org/gitlab@master

4 files changed, 54 insertions, 6 deletions

diff --git a/doc/user/compliance/compliance_report/index.md b/doc/user/compliance/compliance_report/index.md
index d04aeec066f..90167b0b5c7 100644
--- a/doc/user/compliance/compliance_report/index.md
+++ b/doc/user/compliance/compliance_report/index.md
@@ -35,6 +35,8 @@ When you select a row in the compliance report, a drawer appears that provides:
 
 ### View the compliance violations report for a group
 
+> Target branch search [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/358414) in GitLab 16.0.
+
 Prerequisites:
 
 - You must be an administrator or have the Owner role for the group.
@@ -50,6 +52,12 @@ You can sort the compliance report on:
 - Type of violation.
 - Merge request title.
 
+You can filter the compliance violations report on:
+
+- Project.
+- Date range of merge.
+- Target branch.
+
 Select a row to see details of the compliance violation.
 
 #### Severity levels
diff --git a/doc/user/group/saml_sso/scim_setup.md b/doc/user/group/saml_sso/scim_setup.md
index 38a1c4125aa..e05c28bd3f7 100644
--- a/doc/user/group/saml_sso/scim_setup.md
+++ b/doc/user/group/saml_sso/scim_setup.md
@@ -190,8 +190,7 @@ During provisioning:
 
 - Both primary and secondary emails are considered when checking whether a GitLab user account exists.
 - Duplicate usernames are handled by adding suffix `1` when creating the user. For example, if `test_user` already
-  exists, `test_user1` is used. If `test_user1` already exists, GitLab increments the suffix until an unused username
-  is found.
+  exists, `test_user1` is used. If `test_user1` already exists, GitLab increments the suffix to find an unused username. If no unused username is found after 4 tries, a random string is attached to the username.
 
 On subsequent visits, new and existing users can access groups either:
 
diff --git a/doc/user/packages/npm_registry/index.md b/doc/user/packages/npm_registry/index.md
index 52fdda0d523..33ae73dddc2 100644
--- a/doc/user/packages/npm_registry/index.md
+++ b/doc/user/packages/npm_registry/index.md
@@ -119,15 +119,16 @@ Your package should now publish to the Package Registry when the pipeline runs.
 
 If multiple packages have the same name and version, when you install a package, the most recently-published package is retrieved.
 
-You can install a package from a GitLab project or instance:
+You can install a package from a GitLab project, group, or instance:
 
 - **Instance-level**: Use when you have many npm packages in different GitLab groups or in their own namespace.
+- **Group-level**: Use when you have many npm packages in different projects in the same GitLab group.
 - **Project-level**: Use when you have few npm packages and they are not in the same GitLab group.
 
 ### Authenticate to the Package Registry
 
-You must authenticate to the Package Registry to install a package from a private project.
-No authentication is needed if the project is public.
+You must authenticate to the Package Registry to install a package from a private project or a private group.
+No authentication is needed if the project or the group is public.
 
 To authenticate with `npm`:
 
@@ -145,7 +146,13 @@ If you're installing:
   npm config set -- //your_domain_name/api/v4/packages/npm/:_authToken=your_token
   ```
 
-  From the project level:
+- From the group level:
+
+  ```shell
+  npm config set -- //your_domain_name/api/v4/groups/your_group_id/-/packages/npm/:_authToken=your_token
+  ```
+
+- From the project level:
 
   ```shell
   npm config set -- //your_domain_name/api/v4/projects/your_project_id/packages/npm/:_authToken=your_token
@@ -154,6 +161,7 @@ If you're installing:
 In these examples:
 
 - Replace `your_domain_name` with your domain name, for example, `gitlab.com`.
+- Replace `your_group_id` with your group ID, found on the group's home page.
 - Replace `your_project_id` is your project ID, found on the project's home page.
 - Replace `your_token` with a deploy token, group access token, project access token, or personal access token.
 
@@ -185,6 +193,32 @@ To install a package from the instance level, the package must have been publish
    npm install @scope/my-package
    ```
 
+### Install from the group level
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299834) in GitLab 16.0 [with a flag](../../../administration/feature_flags.md) named `npm_group_level_endpoints`. Disabled by default.
+
+FLAG:
+On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to [enable the feature flag](../../../administration/feature_flags.md) named `npm_group_level_endpoints`.
+The feature is not ready for production use.
+
+1. [Authenticate to the Package Registry](#authenticate-to-the-package-registry).
+
+1. Set the registry
+
+   ```shell
+   npm config set @scope:registry=https://your_domain_name/api/v4/groups/your_group_id/-/packages/npm/
+   ```
+
+   - Replace `@scope` with the [root level group](#naming-convention) of the group you're installing to the package from.
+   - Replace `your_domain_name` with your domain name, for example, `gitlab.com`.
+   - Replace `your_group_id` is your group ID, found on the group's home page.
+
+1. Install the package
+
+   ```shell
+   npm install @scope/my-package
+   ```
+
 ### Install from the project level
 
 1. [Authenticate to the Package Registry](#authenticate-to-the-package-registry).
diff --git a/doc/user/profile/preferences.md b/doc/user/profile/preferences.md
index da4d2da70fe..e72113dc321 100644
--- a/doc/user/profile/preferences.md
+++ b/doc/user/profile/preferences.md
@@ -182,6 +182,13 @@ NOTE:
 This feature is experimental, and choosing absolute times might break certain layouts.
 Open an issue if you notice that using absolute times breaks a layout.
 
+## User identities in CI job JSON web tokens
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/387537) in GitLab 16.0. False by default.
+
+You can select to include the list of your external identities in the JSON Web Token information that is generated for a CI job.
+For more information and examples, see [Token Payload](../../ci/secrets/id_token_authentication.md#token-payload).
+
 ## Integrations
 
 Configure your preferences with third-party services which provide enhancements to your GitLab experience.