Add latest changes from gitlab-org/gitlab@master

3 files changed, 21 insertions, 11 deletions

diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md
index da1439ed13e..6441f74a41b 100644
--- a/doc/user/application_security/index.md
+++ b/doc/user/application_security/index.md
@@ -282,17 +282,25 @@ The merge request security widget displays only a subset of the vulnerabilities
 
 From the merge request security widget, select **Expand** to unfold the widget, displaying any new and no longer detected (removed) findings by scan type.
 
-For each security report type, the widget displays the first 25 added and 25 fixed findings, sorted by severity. To see all
-findings, select **View full report** to go directly to the **Security** tab in the latest branch pipeline.
+For each security report type, the widget displays the first 25 added and 25 fixed findings, sorted by severity.
+This is determined by comparing the security reports from the source branch and target branch pipelines.
+
+As an example, consider two pipelines with these scan results:
+
+- The source branch pipeline detects two vulnerabilities identified as `V1` and `V2`.
+- The target branch pipeline detects two vulnerabilities identified as `V1` and `V3`.
+- `V2` will show on the merge request widget as "added".
+- `V3` will show on the merge request widget as "fixed".
+- `V1` exists on both branches and is not shown on the merge request widget.
+
+To see all findings on the source branch of the merge request, select **View full report** to go directly to the **Security** tab in the latest source branch pipeline.
 
 ![Security scanning results in a merge request](img/mr_security_scanning_results_v14_3.png)
 
 ### Pipeline security tab
 
-A pipeline's security tab lists all findings in the current branch. It includes findings introduced
-by this branch and vulnerabilities already present in the base branch. These results likely do not
-match the findings displayed in the Merge Request security widget, as those do not include the
-existing vulnerabilities. For more information see
+A pipeline's security tab lists all findings from the security reports in the pipeline's
+job artifacts. For more information see
 [Vulnerabilities in a pipeline](vulnerability_report/pipeline.md).
 
 ### Security dashboard
diff --git a/doc/user/application_security/policies/scan-execution-policies.md b/doc/user/application_security/policies/scan-execution-policies.md
index 58d9c0b44f1..92817b70b6c 100644
--- a/doc/user/application_security/policies/scan-execution-policies.md
+++ b/doc/user/application_security/policies/scan-execution-policies.md
@@ -351,11 +351,11 @@ enforced by the policy.
 
 #### `ci_configuration_path` object
 
-| Field     | Type                | Description |
-|-----------|---------------------|-------------|
-| `project` | `string`            | A project namespace path. |
-| `file`    | `string`            | The file name of the CI/CD YAML file. |
-| `ref`     | `string` (optional) | The branch name, tag name, or commit SHA. |
+| Field     | Type                | Required | Description |
+|-----------|---------------------|----------|-------------|
+| `project` | `string`            | true     | A project namespace path. |
+| `file`    | `string`            | true     | The file name of the CI/CD YAML file. |
+| `ref`     | `string`            | false    | The branch name, tag name, or commit SHA. If not specified, uses the default branch. |
 
 #### `scan` action type
 
diff --git a/doc/user/project/merge_requests/reviews/index.md b/doc/user/project/merge_requests/reviews/index.md
index 23b1207619e..78e4c19dd57 100644
--- a/doc/user/project/merge_requests/reviews/index.md
+++ b/doc/user/project/merge_requests/reviews/index.md
@@ -19,6 +19,7 @@ review merge requests in Visual Studio Code.
 
 <i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
 For an overview, see [Merge request review](https://www.youtube.com/watch?v=2MayfXKpU08&list=PLFGfElNsQthYDx0A_FaNNfUm9NHsK6zED&index=183).
+<!-- Video published on 2023-04-29 -->
 
 ## GitLab Duo Suggested Reviewers **(ULTIMATE SAAS)**
 
@@ -31,6 +32,7 @@ GitLab uses machine learning to suggest reviewers for your merge request.
 
 <i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
 For an overview, see [GitLab Duo Suggested Reviewers](https://www.youtube.com/embed/ivwZQgh4Rxw).
+<!-- Video published on 2023-11-03 -->
 
 To suggest reviewers, GitLab uses: