Merge branch 'docs/326728-document-ds-enable-via-mr' into 'master'

Enable the secDependencyScanningUiEnable feature flag by default

See merge request gitlab-org/gitlab!58363

doc/user/application_security/configuration/index.md

@@ -78,6 +78,9 @@ You can configure the following security controls:
 - Secret Detection
   - Select **Configure via Merge Request** to create a merge request with the changes required to
     enable Secret Detection. For more details, see [Enable Secret Detection via an automatic merge request](../secret_detection/index.md#enable-secret-detection-via-an-automatic-merge-request).
+- Dependency Scanning
+  - Select **Configure via Merge Request** to create a merge request with the changes required to
+    enable Dependency Scanning. For more details, see [Enable Dependency Scanning via an automatic merge request](../dependency_scanning/index.md#enable-dependency-scanning-via-an-automatic-merge-request).
 
 ## Enable or disable UI redesign **(FREE SELF)**
 

doc/user/application_security/dependency_scanning/index.md

@@ -110,6 +110,31 @@ The results are saved as a
 that you can later download and analyze. Due to implementation limitations, we
 always take the latest dependency scanning artifact available.
 
+### Enable Dependency Scanning via an automatic merge request
+
+> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4908) in GitLab 14.1.
+> - [Deployed behind a feature flag](../../../user/feature_flags.md), enabled by default.
+> - Enabled on GitLab.com.
+> - Recommended for production use.
+> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-configure-dependency-scanning-via-a-merge-request). **(ULTIMATE SELF)**
+
+WARNING:
+This feature might not be available to you. Check the **version history** note above for details.
+
+There can be
+[risks when disabling released features](../../../user/feature_flags.md#risks-when-disabling-released-features).
+Refer to this feature's version history for more details.
+
+To enable Dependency Scanning in a project, you can create a merge request
+from the Security Configuration page.
+
+1. In the project where you want to enable Dependency Scanning, navigate to
+   **Security & Compliance > Configuration**.
+1. In the **Dependency Scanning** row, select **Configure via Merge Request**.
+
+This automatically creates a merge request with the changes necessary to enable Dependency Scanning
+that you can review and merge to complete the configuration.
+
 ### Customizing the dependency scanning settings
 
 The dependency scanning settings can be changed through [CI/CD variables](#available-cicd-variables) by using the
@@ -656,3 +681,22 @@ with a dependency on this version of Python should use `retire.js` version 2.10.
 ### Error: `dependency_scanning is used for configuration only, and its script should not be executed`
 
 For information on this, see the [GitLab Secure troubleshooting section](../index.md#error-job-is-used-for-configuration-only-and-its-script-should-not-be-executed).
+
+### Enable or disable Configure Dependency Scanning via a Merge Request
+
+Configure Dependency Scanning via a Merge Request is under development but ready for production use.
+It is deployed behind a feature flag that is **enabled by default**.
+[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md)
+can opt to disable it.
+
+To disable it:
+
+```ruby
+Feature.disable(:sec_dependency_scanning_ui_enable)
+```
+
+To enable it:
+
+```ruby
+Feature.enable(:sec_dependency_scanning_ui_enable)
+```

ee/config/feature_flags/development/sec_dependency_scanning_ui_enable.yml

@@ -5,4 +5,4 @@ rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/326005
 milestone: '13.11'
 type: development
 group: group::composition analysis
-default_enabled: false
+default_enabled: true