repo sync

content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md

@@ -57,7 +57,7 @@ Each {% data variables.product.prodname_dependabot %} alert has a unique numeric
 1. Optionally, if there isn't already a {% data variables.product.prodname_dependabot_security_updates %} update for the alert, to create a pull request to resolve the vulnerability, click **Create {% data variables.product.prodname_dependabot %} security update**.
   ![Create {% data variables.product.prodname_dependabot %} security update button](/assets/images/help/repository/create-dependabot-security-update-button-ungrouped.png)
 1. When you're ready to update your dependency and resolve the vulnerability, merge the pull request. Each pull request raised by {% data variables.product.prodname_dependabot %} includes information on commands you can use to control {% data variables.product.prodname_dependabot %}. For more information, see "[Managing pull requests for dependency updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)."
-1. Optionally, if the alert is being fixed, if it's incorrect, or located in unused code, select the "Dismiss" drop-down, and click a reason for dismissing the alert.
+1. Optionally, if the alert is being fixed, if it's incorrect, or located in unused code, select the "Dismiss" dropdown, and click a reason for dismissing the alert.{% if reopen-dependabot-alerts %} Unfixed dismissed alerts can be reopened later.{% endif %}
    ![Choosing reason for dismissing the alert via the "Dismiss" drop-down](/assets/images/help/repository/dependabot-alert-dismiss-drop-down-ungrouped.png)
 
 {% elsif ghes = 3.3 %}
@@ -94,6 +94,22 @@ Each {% data variables.product.prodname_dependabot %} alert has a unique numeric
   ![Dismiss security banner](/assets/images/enterprise/3.0/dependabot-alert-dismiss.png)
 {% endif %}
 
+{% if reopen-dependabot-alerts %}
+
+## Viewing and updating closed alerts
+
+{% data reusables.repositories.navigate-to-repo %}
+{% data reusables.repositories.sidebar-security %}
+{% data reusables.repositories.sidebar-dependabot-alerts %}
+1. To just view closed alerts, click **Closed**.
+  ![Screenshot showing the "Closed" option](/assets/images/help/repository/dependabot-alerts-closed.png)
+1. Click the alert that you would like to view or update.
+  ![Screenshot showing a highlighted dependabot alert](/assets/images/help/repository/dependabot-alerts-select-closed-alert.png)
+2. Optionally, if the alert was dismissed and you wish to reopen it, click **Reopen**.
+  ![Screenshot showing the "Reopen" button](/assets/images/help/repository/reopen-dismissed-alert.png)
+
+{% endif %}
+
 ## Further reading
 
 - "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %}

content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules.md

@@ -2,6 +2,7 @@
 title: Configuring tag protection rules
 shortTitle: Configure tag rules
 intro: You can configure tag protection rules for your repository to prevent contributors from creating or deleting tags.
+product: '{% data reusables.gated-features.tag-protection-rules %}'
 versions:
   fpt: '*'
   ghes: '>3.4'

data/features/reopen-dependabot-alerts.yml

@@ -0,0 +1,6 @@
+# Reference 5861
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '>3.4'
+  ghae: 'issue-5861'

data/reusables/gated-features/tag-protection-rules.md

@@ -0,0 +1 @@
+{% ifversion ghae %}Tag protection rules are available in internal and private repositories with {% data variables.product.prodname_ghe_managed %}, {% else%}Tag protection rules are available {% endif %}in public repositories with {% data variables.product.prodname_free_user %} and {% data variables.product.prodname_free_team %} for organizations, and in public and private repositories with {% data variables.product.prodname_pro %}, {% data variables.product.prodname_team %}, {% data variables.product.prodname_ghe_cloud %}, and {% data variables.product.prodname_ghe_server %}. {% ifversion fpt or ghec %}{% data reusables.gated-features.more-info %}{% endif %}

package.json

@@ -40,7 +40,7 @@
     "hast-util-to-string": "^2.0.0",
     "hastscript": "^7.0.2",
     "helmet": "^4.6.0",
-    "highlight.js": "11.2.0",
+    "highlight.js": "11.4.0",
     "highlightjs-curl": "^1.3.0",
     "highlightjs-graphql": "^1.0.2",
     "hot-shots": "^9.0.0",