Add latest changes from gitlab-org/gitlab@master

5 files changed, 15 insertions, 5 deletions

diff --git a/doc/development/fe_guide/style/scss.md b/doc/development/fe_guide/style/scss.md
index a39cc1305b7..c0817626360 100644
--- a/doc/development/fe_guide/style/scss.md
+++ b/doc/development/fe_guide/style/scss.md
@@ -99,7 +99,7 @@ ul {
 
 // Best
 // prefer an existing utility class over adding existing styles
-```0
+```
 
 Class names are also preferable to IDs. Rules that use IDs
 are not-reusable, as there can only be one affected element on
diff --git a/doc/development/feature_flags/development.md b/doc/development/feature_flags/development.md
index 0cdfa3e68d7..792b4a1a27f 100644
--- a/doc/development/feature_flags/development.md
+++ b/doc/development/feature_flags/development.md
@@ -71,7 +71,8 @@ push_frontend_feature_flag(:my_ops_flag, project, type: :ops)
 `experiment` feature flags are used for A/B testing on GitLab.com.
 
 An `experiment` feature flag should conform to the same standards as a `development` feature flag,
-although the interface has some differences. More information can be found in the [experiment guide](../experiment_guide/index.md).
+although the interface has some differences. An experiment feature flag should have a rollout issue,
+ideally created using the [Experiment Tracking template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/issue_templates/experiment_tracking_template.md). More information can be found in the [experiment guide](../experiment_guide/index.md).
 
 ## Feature flag definition and validation
 
diff --git a/doc/development/usage_ping.md b/doc/development/usage_ping.md
index 130da059583..fc807b4a2f8 100644
--- a/doc/development/usage_ping.md
+++ b/doc/development/usage_ping.md
@@ -753,7 +753,7 @@ alt_usage_data(999)
 ### Adding counters to build new metrics
 
 When adding the results of two counters, use the `add` usage data method that 
-handles fallback values and exceptions. It also generates a valid SQL export.
+handles fallback values and exceptions. It also generates a valid [SQL export](#exporting-usage-ping-sql-queries-and-definitions).
 
 Example usage:
 
diff --git a/doc/security/two_factor_authentication.md b/doc/security/two_factor_authentication.md
index 7a9ed9d435d..6762becec2d 100644
--- a/doc/security/two_factor_authentication.md
+++ b/doc/security/two_factor_authentication.md
@@ -129,8 +129,15 @@ verification can be done via a GitLab Shell command:
 ssh git@<hostname> 2fa_verify
 ```
 
-Once the OTP is verified, Git over SSH operations can be used for 15 minutes
-with the associated SSH key.
+Once the OTP is verified, Git over SSH operations can be used for a session duration of
+15 minutes (default) with the associated SSH key.
+
+### Security limitation
+
+2FA does not protect users with compromised *private* SSH keys.
+
+Once an OTP is verified, anyone can run Git over SSH with that private SSH key for
+the configured [session duration](../user/admin_area/settings/account_and_limit_settings.md#customize-session-duration-for-git-operations-when-2fa-is-enabled). 
 
 ### Enable or disable Two-factor Authentication (2FA) for Git operations
 
diff --git a/doc/user/admin_area/settings/account_and_limit_settings.md b/doc/user/admin_area/settings/account_and_limit_settings.md
index 2b230f9fb6e..0f391118215 100644
--- a/doc/user/admin_area/settings/account_and_limit_settings.md
+++ b/doc/user/admin_area/settings/account_and_limit_settings.md
@@ -191,6 +191,8 @@ You can prevent the use of expired SSH keys with the following steps:
 1. Expand the **Account and limit** section.
 1. Select the **Enforce SSH key expiration** checkbox.
 
+Enforcing SSH key expiration immediately disables all expired SSH keys.
+
 For more information, see the following issue on [SSH key expiration](https://gitlab.com/gitlab-org/gitlab/-/issues/320970).
 
 ## Optional non-enforcement of Personal Access Token expiration **(ULTIMATE SELF)**