GHES 3.15 minor updates for security features: versioning and enterprise CodeQL PR alerts view (#52905)

Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com>
Co-authored-by: Pallavi <96553709+pallsama@users.noreply.github.com>
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
Co-authored-by: isaacmbrown <isaacmbrown@github.com>
Co-authored-by: mchammer01 <42146119+mchammer01@users.noreply.github.com>
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
Co-authored-by: Jules <19994093+jules-p@users.noreply.github.com>
Co-authored-by: Rachael Rose Renk <91027132+rachaelrenk@users.noreply.github.com>
Co-authored-by: docs-bot <77750099+docs-bot@users.noreply.github.com>
Co-authored-by: Hector Alfaro <hectorsector@github.com>
Co-authored-by: Kevin Heis <heiskr@users.noreply.github.com>

Author: 11 people

content/code-security/security-overview/viewing-metrics-for-pull-request-alerts.md

@@ -2,7 +2,7 @@
 title: Viewing metrics for pull request alerts
 shortTitle: View PR alert metrics
 allowTitleToDifferFromFilename: true
-intro: 'You can use security overview to see how {% data variables.product.prodname_codeql %} is performing in pull requests for repositories across your organization, and to identify repositories where you may need to take action.'
+intro: 'You can use security overview to see how {% data variables.product.prodname_codeql %} is performing in pull requests for repositories across your organizations, and to identify repositories where you may need to take action.'
 permissions: '{% data reusables.permissions.security-overview %}'
 type: how_to
 topics:
@@ -16,26 +16,36 @@ versions:
   feature: security-overview-org-codeql-pr-alerts
 ---
 
-## About {% data variables.product.prodname_codeql %} pull request alerts metrics for an organization
+## About {% data variables.product.prodname_codeql %} pull request alerts metrics
 
-The metrics overview for {% data variables.product.prodname_codeql %} pull request alerts helps you to understand how well {% data variables.product.prodname_codeql %} is preventing vulnerabilities in your organization. You can use the metrics to assess how {% data variables.product.prodname_codeql %} is performing in pull requests, and to easily identify the repositories where you may need to take action in order to identify and reduce security risks.
+The metrics overview for {% data variables.product.prodname_codeql %} pull request alerts helps you to understand how well {% data variables.product.prodname_codeql %} is preventing vulnerabilities in your organizations. You can use the metrics to assess how {% data variables.product.prodname_codeql %} is performing in pull requests, and to easily identify the repositories where you may need to take action in order to identify and reduce security risks.
 
-The overview shows you a summary of how many vulnerabilities prevented by {% data variables.product.prodname_codeql %} have been caught in pull requests. The metrics are only tracked for pull requests that have been merged into the default branches of repositories in your organization.
+The overview shows you a summary of how many vulnerabilities prevented by {% data variables.product.prodname_codeql %} have been caught in pull requests. The metrics are only tracked for pull requests that have been merged into the default branches of repositories in your organizations.
 
-You can also find more granular metrics, such as how many alerts were fixed with and without {% data variables.product.prodname_copilot_autofix_short %} suggestions, how many were unresolved and merged, and how many were dismissed as false positive or as risk accepted.
+You can also find more granular metrics, such as how many alerts were fixed{% ifversion code-scanning-autofix %} with and without {% data variables.product.prodname_copilot_autofix_short %} suggestions{% endif %}, how many were unresolved and merged, and how many were dismissed as false positive or as risk accepted.
 
 You can also view:
 
-* The rules that are causing the most alerts in your organization, and how many alerts each rule is associated with.
+* The rules that are causing the most alerts, and how many alerts each rule is associated with.
 
+* The number of alerts that were merged into the default branch without resolution, and the number of alerts dismissed as an acceptable risk.
+
+{% ifversion code-scanning-autofix %}
 * The number of alerts that were fixed with an accepted {% data variables.product.prodname_copilot_autofix_short %} suggestion, displayed as a fraction of how many total {% data variables.product.prodname_copilot_autofix_short %} suggestions were available.
 
 * Remediation rates, in a graph showing the percentage of alerts that were remediated with an available {% data variables.product.prodname_copilot_autofix_short %} suggestion, and the percentage of alerts that were remediated without a {% data variables.product.prodname_copilot_autofix_short %} suggestion.
+{% endif %}
 
 You can apply filters to the data. The metrics are based on activity from the default period or your selected period.
 
 ![Screenshot of the "CodeQL pull request alerts" view for an organization, showing status and trends over 90 days.](/assets/images/help/security-overview/security-overview-codeql-pull-requests-alerts-report.png)
 
+{% ifversion code-scanning-autofix %}
+> [!NOTE] Metrics for {% data variables.product.prodname_copilot_autofix_short %} will be shown only for repositories where {% data variables.product.prodname_copilot_autofix_short %} is enabled.
+{% else %}
+> [!NOTE] Metrics for {% data variables.product.prodname_copilot_autofix_short %} are omitted because {% data variables.product.prodname_copilot_autofix_short %} is available only on {% data variables.product.github %} cloud platforms.
+{% endif %}
+
 ## Viewing {% data variables.product.prodname_codeql %} pull request alerts metrics for an organization
 
 {% data reusables.organizations.navigate-to-org %}
@@ -49,3 +59,17 @@ You can apply filters to the data. The metrics are based on activity from the de
     * To search for repositories matching the selected filter, fill out the available fields for that filter, then click **Apply**. You can repeat this process to add as many filters as you would like to your search.
     * Optionally, to remove a filter from your search, click {% octicon "filter" aria-hidden="true" %} **Filter**. In the row of the filter you want to remove, click {% octicon "x" aria-label="Delete FILTER-NUMBER: FILTER-PROPERTIES" %}, then click **Apply**.{% ifversion security-overview-export-data %}
 1. You can use the {% octicon "download" aria-hidden="true" %} **Export CSV** button to download a CSV file of the data currently displayed on the page for security research and in-depth data analysis. For more information, see "[AUTOTITLE](/code-security/security-overview/exporting-data-from-security-overview)." {% endif %}
+
+{% ifversion security-overview-enterprise-codeql-pr-alerts %}
+
+## Viewing {% data variables.product.prodname_codeql %} pull request alerts metrics for your enterprise
+
+You can also view metrics for {% data variables.product.prodname_codeql %} alerts in pull requests across organizations in your enterprise.
+
+{% data reusables.security-overview.enterprise-filters-tip %}
+
+{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
+{% data reusables.code-scanning.click-code-security-enterprise %}
+1. In the sidebar, under "Metrics", click **{% octicon "graph" aria-hidden="true" %} {% data variables.product.prodname_codeql %} pull request alerts**.
+
+{% endif %}

data/features/enforce-security-configurations.yml

@@ -2,4 +2,4 @@
 versions:
   fpt: '*'
   ghec: '*'
-  ghes: '>= 3.14'
+  ghes: '>= 3.15'

data/features/security-overview-enterprise-codeql-pr-alerts.yml

@@ -0,0 +1,5 @@
+# Reference: #14348
+# Documentation for enterprise-level CodeQL PR alerts report
+versions:
+  ghes: '> 3.14'
+  ghec: '*'

data/features/security-overview-org-codeql-pr-alerts.yml

@@ -1,4 +1,4 @@
-# Reference: #4347
+# Reference: #14347
 # Documentation for org-level CodeQL PR alerts report
 versions:
   ghes: '> 3.14'