Correct GHAS offerings feature list (Dependabot auto-triage rules) (#49168)

Co-authored-by: Anne-Marie <[email protected]>

Author: mchammer01

content/code-security/dependabot/dependabot-auto-triage-rules/about-dependabot-auto-triage-rules.md

@@ -28,11 +28,29 @@ There are two types of {% data variables.dependabot.auto_triage_rules %}:
 - {% data variables.dependabot.default_rules %}
 - {% data variables.dependabot.custom_rules_caps %}
 
-The {% data variables.product.company_short %}-curated default rule, `Dismiss low impact issues for development-scoped dependencies`, auto-dismisses certain types of vulnerabilities that are found in npm dependencies used in development. The rule has been curated to reduce false positives and reduce alert fatigue. The rule is enabled by default for public repositories and can be opted into for private repositories. However, you cannot modify {% data variables.dependabot.default_rules %}. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-auto-triage-rules/using-github-curated-default-rules-to-prioritize-dependabot-alerts)."
+### About {% data variables.dependabot.default_rules %}
+
+{% note %}
+
+{% data reusables.dependabot.dependabot-default-auto-triage-rules %}
+
+{% endnote %}
+
+{% data reusables.dependabot.dismiss-low-impact-rule %}
+
+### About {% data variables.dependabot.custom_rules %}
+
+{% note %}
+
+{% data reusables.gated-features.dependabot-custom-auto-triage-rules %}
+
+{% endnote %}
 
 With {% data variables.dependabot.custom_rules %}, you can create your own rules to automatically dismiss or reopen alerts based on targeted metadata, such as severity, package name, CWE, and more. You can also specify which alerts you want {% data variables.product.prodname_dependabot %} to open pull requests for. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-auto-triage-rules/customizing-auto-triage-rules-to-prioritize-dependabot-alerts)."
 
-Whilst you may find it useful to auto-dismiss alerts, you can still reopen auto-dismissed alerts and filter to see which alerts have been auto-dismissed. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-auto-triage-rules/managing-automatically-dismissed-alerts)."
+### About auto-dismissing alerts
+
+Whilst you may find it useful to use auto-triage rules to auto-dismiss alerts, you can still reopen auto-dismissed alerts and filter to see which alerts have been auto-dismissed. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-auto-triage-rules/managing-automatically-dismissed-alerts)."
 
 Additionally, auto-dismissed alerts are still available for reporting and reviewing, and can be auto-reopened if the alert metadata changes, for example:
 - If you change the scope of a dependency from development to production.

content/code-security/dependabot/dependabot-auto-triage-rules/customizing-auto-triage-rules-to-prioritize-dependabot-alerts.md

@@ -2,7 +2,7 @@
 title: Customizing auto-triage rules to prioritize Dependabot alerts
 intro: 'You can create your own {% data variables.dependabot.auto_triage_rules_short %} to control which alerts are dismissed or snoozed, and which alerts you want {% data variables.product.prodname_dependabot %} to open pull requests for.'
 permissions: 'People with write permissions can view {% data variables.dependabot.auto_triage_rules %} for the repository. People with admin permissions to a repository can enable or disable {% data variables.dependabot.auto_triage_rules_short %} for the repository, as well as create {% data variables.dependabot.custom_rules %}. Additionally, organization owners and security managers can set {% data variables.dependabot.auto_triage_rules_short %} at the organization-level and optionally choose to enforce rules for repositories in the organization.'
-product: '{% data reusables.gated-features.dependabot-auto-triage-rules %}'
+product: '{% data reusables.gated-features.dependabot-custom-auto-triage-rules %}'
 versions:
   feature: dependabot-auto-triage-rules
 type: how_to

content/code-security/getting-started/github-security-features.md

@@ -42,7 +42,7 @@ and "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dep
 
 {% ifversion dependabot-auto-triage-rules %}
 
-{% data reusables.dependabot.dependabot-alert-rules %}
+You can use default {% data variables.dependabot.auto_triage_rules %} curated by {% data variables.product.prodname_dotcom %} to automatically filter out a substantial amount of false positives. {% data reusables.dependabot.dismiss-low-impact-rule %}
 
 {% endif %}
 
@@ -106,6 +106,14 @@ Automatically detect security vulnerabilities and coding errors in new or modifi
 
 Automatically detect tokens or credentials that have been checked into a repository. You can view alerts for any secrets that {% data variables.product.company_short %} finds in your code, in the **Security** tab of the repository, so that you know which tokens or credentials to treat as compromised. For more information, see {% ifversion fpt or ghec %}"[AUTOTITLE](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-alerts-for-users){% elsif ghes %}"[AUTOTITLE](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-on-github-enterprise-server){% endif %}."
 
+{% ifversion dependabot-auto-triage-rules %}
+
+### {% data variables.dependabot.custom_rules_caps %}
+
+{% data reusables.dependabot.dependabot-custom-rules-ghas %}
+
+{% endif %}
+
 ### Dependency review
 
 Show the full impact of changes to dependencies and see details of any vulnerable versions before you merge a pull request. For more information, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)."

content/get-started/learning-about-github/about-github-advanced-security.md

@@ -38,6 +38,12 @@ A {% data variables.product.prodname_GH_advanced_security %} license provides th
 
 - **{% data variables.product.prodname_secret_scanning_caps %}** - Detect secrets, for example keys and tokens, that have been checked into {% ifversion fpt %} private repositories{% else %} the repository{% endif %}. {% ifversion fpt%}{% data variables.secret-scanning.user_alerts_caps %} and {% data variables.secret-scanning.partner_alerts %} are available and free of charge for public repositories on {% data variables.product.prodname_dotcom_the_website %}.{% endif %}{% ifversion secret-scanning-push-protection %} If push protection is enabled, also detects secrets when they are pushed to your repository. For more information, see "[AUTOTITLE](/code-security/secret-scanning/about-secret-scanning)" and "[AUTOTITLE](/code-security/secret-scanning/push-protection-for-repositories-and-organizations)."{% else %} For more information, see "[AUTOTITLE](/code-security/secret-scanning/about-secret-scanning)."{% endif %}
 
+{% ifversion dependabot-auto-triage-rules %}
+
+- **{% data variables.dependabot.custom_rules_caps %}** - {% data reusables.dependabot.dependabot-custom-rules-ghas %}
+
+{% endif %}
+
 - **Dependency review** - Show the full impact of changes to dependencies and see details of any vulnerable versions before you merge a pull request. For more information, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)."
 
 {% ifversion fpt or ghec %}
@@ -48,7 +54,8 @@ The table below summarizes the availability of {% data variables.product.prodnam
 | | Public repository | Private repository <br>without {% data variables.product.prodname_advanced_security %} | Private repository <br>with {% data variables.product.prodname_advanced_security %} |
 | --- | --- | --- | --- |
 | Code scanning     | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} |
-| Secret scanning   | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} |
+| Secret scanning   | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} |{% ifversion dependabot-auto-triage-rules %}
+| {% data variables.dependabot.custom_rules_caps %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} |{% endif %}
 | Dependency review | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} |
 
 {% endrowheaders %}

data/reusables/dependabot/dependabot-alert-rules.md

@@ -1 +1 @@
-Additionally, you can use {% data variables.dependabot.auto_triage_rules %} to manage your alerts at scale, so you can auto-dismiss or snooze alerts, and specify which alerts you want {% data variables.product.prodname_dependabot %} to open pull requests for. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-auto-triage-rules/about-dependabot-auto-triage-rules)."
+Additionally, you can use {% data variables.dependabot.auto_triage_rules %} to manage your alerts at scale, so you can auto-dismiss or snooze alerts, and specify which alerts you want {% data variables.product.prodname_dependabot %} to open pull requests for. For information about the different types of auto-triage rules, and whether your repositories are eligible, see "[AUTOTITLE](/code-security/dependabot/dependabot-auto-triage-rules/about-dependabot-auto-triage-rules)."

data/reusables/dependabot/dependabot-custom-rules-ghas.md

@@ -0,0 +1 @@
+Help you manage your {% data variables.product.prodname_dependabot_alerts %} at scale. With {% data variables.dependabot.custom_rules %} you have control over the alerts you want to ignore, snooze, or trigger a {% data variables.product.prodname_dependabot %} security update for. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)" and "[AUTOTITLE](/code-security/dependabot/dependabot-auto-triage-rules/customizing-auto-triage-rules-to-prioritize-dependabot-alerts)."

data/reusables/dependabot/dependabot-default-auto-triage-rules.md

@@ -0,0 +1 @@
+{% data variables.dependabot.default_rules%} for {% data variables.product.prodname_dependabot_alerts %} are available for all repositories.

data/reusables/dependabot/dismiss-low-impact-rule.md

@@ -0,0 +1 @@
+The {% data variables.product.company_short %}-curated default rule, `Dismiss low impact issues for development-scoped dependencies`, auto-dismisses certain types of vulnerabilities that are found in npm dependencies used in development. The rule has been curated to reduce false positives and reduce alert fatigue. The rule is enabled by default for public repositories and can be opted into for private repositories. However, you cannot modify {% data variables.dependabot.default_rules %}. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-auto-triage-rules/using-github-curated-default-rules-to-prioritize-dependabot-alerts)."

data/reusables/gated-features/dependabot-alerts.md

@@ -1,7 +1,7 @@
 {%- ifversion fpt or ghec %}
-{% data variables.product.prodname_dependabot_alerts %} are free to use for all repositories on {% data variables.product.prodname_dotcom_the_website %}. Advanced capabilities, like reachability analysis and the ability to create {% data variables.dependabot.auto_triage_rules_short %}, are available on any public repositories (for free), and on any private repositories, when you have a license for {% data variables.product.prodname_GH_advanced_security %}.
+{% data variables.product.prodname_dependabot_alerts %} are free to use for all repositories on {% data variables.product.prodname_dotcom_the_website %}. {% ifversion fpt%}Advanced capabilities, like the ability to create {% data variables.dependabot.custom_rules %} for {% data variables.product.prodname_dependabot_alerts %}, are available (for free) on public repositories only.{% elsif ghec %} Advanced capabilities, like reachability analysis and the ability to create {% data variables.dependabot.custom_rules %}, are available on any organization-owned repositories, when you have a license for {% data variables.product.prodname_GH_advanced_security %}.{% endif %}
 
 {%- elsif ghes %}
-{% data variables.product.prodname_dependabot_alerts %} are free to use for repositories (user-owned and organization-owned) on {% data variables.product.prodname_ghe_server %}, provided enterprise administrators enable the feature for your enterprise.
+{% data variables.product.prodname_dependabot_alerts %} are free to use for repositories (user-owned and organization-owned) on {% data variables.product.prodname_ghe_server %}, provided enterprise administrators enable the feature for your enterprise.{% ifversion dependabot-auto-triage-rules %} Advanced capabilities, like the ability to create {% data variables.dependabot.custom_rules %}, are available to all organization-owned repositories, when you have a license for {% data variables.product.prodname_GH_advanced_security %}.{% endif %}
 
 {% endif %}