update docs for bngd features

docs/deployment/primary-branch.md

@@ -76,6 +76,6 @@ This means that the count of findings in your Code, Secrets, or Supply Chain pag
 
 The following links explain how Semgrep presents findings for each Semgrep product in their respective page:
 
-- [Semgrep Code default view](/docs/semgrep-code/findings#default-page-view)
+- [Semgrep Code default view](/docs/semgrep-code/findings#how-semgrep-displays-findings-on-multiple-branches)
 - [Semgrep Supply Chain > Vulnerabilities tab view](/semgrep-supply-chain/triage-and-remediation)
-- [Semgrep Secrets default view](/semgrep-secrets/view-triage#default-secrets-page-view-and-branch-logic)
+- [Semgrep Secrets default view](/semgrep-secrets/triage-remediation#default-secrets-page-view-and-branch-logic)

docs/faq/overview.md

@@ -209,3 +209,11 @@ A policy is a simple collection of rules and a definition of what to do with rul
 ### Do you have a visualization UI?
 
 Semgrep Team users can create custom dashboards and visualizations. Semgrep also supports posting results through [webhooks](/semgrep-appsec-platform/webhooks) to any JSON endpoint, so you can easily integrate it with your favorite visualization tool.
+
+## Privacy
+
+### How long does Semgrep retain findings data?
+
+Semgrep, Inc. retains findings data as long as an account remains active. Semgrep securely destroy data within **90 days of contract termination** for **Enterprise** customers.
+
+Additionally, account owners may request data destruction at any time by contacting [Support](/support).

docs/ignoring-files-folders-code.md.template

@@ -10,7 +10,6 @@ tags:
 <!-- IMPORTANT: Make sure to edit the .md.template source file, not the
      generated .md file -->
 
-import IgnoreIndividualFindingNoGrouping from "/src/components/procedure/_ignore-individual-finding-no-grouping.mdx"
 import PL from '@site/src/components/Placeholder';
 
 # Ignore files, folders, and code
@@ -222,7 +221,7 @@ Semgrep AppSec Platform users can disable rules and rulesets through the Policie
 
 **Ignoring** can also be a triage action. In this case, the code is scanned rather than excluded, and if a pattern match occurs, a finding record is generated that you can then triage as **Ignored**. See [Triage and remediate Semgrep Code findings in Semgrep AppSec Platform](/semgrep-code/triage-remediation/#ignore-findings) to learn how to:
 
-* [Manage findings](/semgrep-code/triage-remediation#manage-findings)
+* [Manage findings](/semgrep-code/triage-remediation#triage-and-remediation)
 * [Ignore findings through PR and MR comments](/docs/semgrep-code/triage-remediation#triage-findings-through-pr-and-mr-comments)
 ## Troubleshooting
 

docs/kb/semgrep-appsec-platform/findings-count-differ-platform.md

@@ -16,13 +16,13 @@ You may see different findings counts across the [Dashboard](/semgrep-appsec-pla
 Semgrep AppSec Platform computes the findings count displayed on the **Projects** page as follows:
 
 - For Semgrep Code and Semgrep Supply Chain, the findings count is computed using the [**primary branch**](/deployment/primary-branch). The Projects page displays **Open** findings. This does not currently include findings in the **To Fix** or **Fixing** statuses.
-- For Semgrep Secrets, the findings count is computed from [deduplicated findings across all branches](/semgrep-secrets/view-triage#default-secrets-page-view-and-branch-logic).
+- For Semgrep Secrets, the findings count is computed from [deduplicated findings across all branches](/semgrep-secrets/triage-remediation#default-secrets-page-view-and-branch-logic).
 
 The product-specific **Findings** pages display findings as follows:
 
 - [Semgrep Code](/semgrep-code/findings): displays findings from the primary branches of all repositories. Shows **Open** findings by default.
-- [Semgrep Supply Chain](/semgrep-supply-chain/view-export): displays vulnerability findings from the primary branches of all repositories. Shows **Open** findings that are **Reachable** or **Needs review** by default.
-- [Semgrep Secrets](/semgrep-secrets/view-triage): displays the instance of a finding from the most recent branch scanned. Shows **Open** that are not **Confirmed invalid** by default.
+- [Semgrep Supply Chain](/semgrep-supply-chain/findings): displays vulnerability findings from the primary branches of all repositories. Shows **Open** findings that are **Reachable** or **Needs review** by default.
+- [Semgrep Secrets](/semgrep-secrets/triage-remediation): displays the instance of a finding from the most recent branch scanned. Shows **Open** that are not **Confirmed invalid** by default.
 
 ## The Projects page displays a different findings count from the Scans page
 

docs/kb/semgrep-appsec-platform/search-filter-sort-findings.md

@@ -14,8 +14,8 @@ Semgrep AppSec Platform provides you with an overview of the findings identified
 Learn more about the filters Semgrep offers using the following articles:
 
 - [Semgrep Code filters](/semgrep-code/findings#filter-findings)
-- [Supply Chain filters](/semgrep-supply-chain/view-export#filter-findings)
-- [Secrets filters](/semgrep-secrets/view-triage#default-secrets-page-view-and-branch-logic)
+- [Supply Chain filters](/semgrep-supply-chain/findings#filter-findings)
+- [Secrets filters](/semgrep-secrets/triage-remediation#default-secrets-page-view-and-branch-logic)
 
 The following sections of this article explain how you can use filters to identify a specific subset of findings.
 

docs/semgrep-appsec-platform/dashboard.md

@@ -121,8 +121,8 @@ This displays the following filters in the filter drawer:
 
 - [Severity](/writing-rules/rule-syntax#required)
 - [Confidence](/contributing/contributing-to-semgrep-rules-repository#confidence)
-- [Reachability](/semgrep-supply-chain/view-export#reachability)
-- [Validation](/semgrep-secrets/getting-started#validation)
+- [Reachability](/semgrep-supply-chain/findings#reachability)
+- [Validation](/semgrep-secrets/conceptual-overview#validate-secrets)
 - Time period
 - Product
 - Project
@@ -134,8 +134,8 @@ This displays the following filters in the filter drawer:
 This refers to any finding that is **Critical** or **High** severity in **addition** to being:
 
 - [High confidence](/contributing/contributing-to-semgrep-rules-repository#confidence) - if the finding is from Semgrep Code.
-- [Reachable](/semgrep-supply-chain/view-export#reachability) - if the finding is from Semgrep Supply Chain.
-- [Valid](/semgrep-secrets/getting-started#validation) - if the finding is from Semgrep Secrets.
+- [Reachable](/semgrep-supply-chain/findings#reachability) - if the finding is from Semgrep Supply Chain.
+- [Valid](/semgrep-secrets/conceptual-overview#validate-secrets) - if the finding is from Semgrep Secrets.
 
 By default, **<i class="fa-solid fa-toggle-large-on"></i> Recommended priority** filters are enabled.
 

docs/semgrep-appsec-platform/slack.md

@@ -80,7 +80,7 @@ To set up or subscribe to notifications for findings in your Slack workspace, pe
 3. Choose an organization in the list under **Select target organization**. 
     ![Semgrep Slack app dialog box for subscribing to Secrets notifications](/img/semgrep-secrets-slack-subscribe.png "Semgrep Slack app dialog box for subscribing to Secrets notifications")
 4. Click **Subscribe**. You can now configure Semgrep Secrets notifications for this channel. 
-5. This channel is now ready to receive Semgrep Secrets notifications. To configure when notifications are sent, create a [**Semgrep Secrets policy**](/semgrep-secrets/policies#manage-policies). 
+5. This channel is now ready to receive Semgrep Secrets notifications. To configure when notifications are sent, create a [**Semgrep Secrets policy**](/semgrep-secrets/policies#slack-notification-policies). 
 6. Optional: To set up Slack notifications for additional workspaces, repeat steps 1 to 4. The Semgrep Slack integration is set up on a per-workspace basis.
 
 ![Message from Semgrep Slack app consolidating findings after a scan](/img/slack-secrets-findings-message.png#md-width "Message from Semgrep Slack app consolidating findings after a scan")

docs/semgrep-assistant/overview.md

@@ -90,7 +90,7 @@ _**Figure.** Semgrep AppSec Platform's Findings page showing the Component filte
 
 Semgrep Assistant uses AI's understanding of programming languages and libraries, and your code and triage history, to auto-triage findings and suggest whether a finding can safely be ignored. For every recommendation to ignore a finding, Semgrep also provides guidance with an explanation on why this is the case.
 
-Auto-triage recommendations are available in Semgrep AppSec Platform's **Findings** page when you filter for findings that Assistant suggests should be ignored, and in the [finding's details](/semgrep-code/findings/#view-findings-details-about-a-specific-finding).
+Auto-triage recommendations are available in Semgrep AppSec Platform's **Findings** page when you filter for findings that Assistant suggests should be ignored, and in the [finding's details](/semgrep-code/findings#view-details-about-a-specific-finding).
 
 ![Semgrep Assistant in the filtered Findings page](/img/semgrep-assistant-autotriage-findings.png#md-width)
 _**Figure.** Semgrep Assistant auto-triage in the Findings page._

docs/semgrep-ci/findings-ci.md

@@ -29,6 +29,7 @@ These states correspond to:
 Semgrep AppSec Platform builds on CI findings to track status and provide additional context for managing findings within your organization. A finding can be one of four statuses in Semgrep AppSec Platform:
 
 * `OPEN`
+* `PROVISIONALLY_IGNORED`
 * `REVIEWING`
 * `FIXING`
 * `IGNORED`

docs/semgrep-code/editor.md

@@ -147,7 +147,6 @@ To write a rule in advanced mode:
 1. Ensure that you are in **advanced** mode.
     ![Semgrep Playground's advanced mode](/img/pleditor-advanced.png "Playground advanced mode")
 1. Click the **plus sign** and select a template. The **New rule** template includes the minimum keys required for a Semgrep rule, but there are additional templates that can help you write more complex rules:
-   - **Semgrep Assistant**: use Semgrep Assistant to [generate custom rules](/semgrep-assistant/customize#write-custom-rules-beta)
    - **Metavariable-comparison**: demonstrates how to use [the `metavariable-comparison` key](/writing-rules/rule-syntax/#metavariable-comparison)
    - **Metavariable-pattern**: demonstrates how to use [the `metavariable-pattern` key](/writing-rules/rule-syntax/#metavariable-pattern)
    - **Dataflow analysis**: demonstrates how to leverage dataflow analysis through [`pattern-sources`](/writing-rules/data-flow/taint-mode/overview#sources), [`pattern-sinks`](/writing-rules/data-flow/taint-mode/overview#sinks), and [`pattern-sanitizers`](/writing-rules/data-flow/taint-mode/overview#sanitizers).

docs/semgrep-code/finding-details.md

@@ -0,0 +1,92 @@
+---
+slug: finding-details
+title: View finding details
+description: "The finding's details page allows users to view in-depth information for findings identified by Semgrep Code."
+hide_title: true
+tags:
+    - Semgrep Code
+    - Semgrep AppSec Platform
+---
+
+import DisplayTaintedDataIntro from "/src/components/concept/_semgrep-code-display-tainted-data.mdx"
+import DisplayTaintedDataProcedure from "/src/components/procedure/_semgrep-code-display-tainted-data.mdx"
+
+# View findings' details
+
+The finding's details page displays in-depth information about the finding, including:
+
+- A detailed description of the finding
+- Rule details, including the rule pattern itself, the vulnerability class, and identifiers such as the CWE ID
+- Finding details, such as when the finding was identified, the project and branch name, and commit ID where the issue was introduced
+- The code snippet where the issue was identified, along with a link to the source code where Semgrep identified the issue
+- Suggested fixes for the issue, either generated by Semgrep Assistant or from the rule itself
+- Activity history for the finding, including when it was first identified, whether it has been analyzed by Semgrep Assistant, whether there are any accompanying Jira tickets, notes written by other Semgrep users specifically about this finding, and more.
+
+## View a finding's details
+
+1. Log in to [Semgrep AppSec Platform](https://semgrep.dev/login).
+2. In the **Navigation bar**, click **[Code](https://semgrep.dev/orgs/-/findings)**.
+3. Identify the finding whose details you want to view:
+   - If the default **Group by Rule** is enabled, click the <i class="fa-regular fa-window-restore"></i> **Details** icon on the card of the finding.
+   - If the **No grouping** view is enabled, click the **header hyperlink** on the card of the finding.
+
+### Semgrep Assistant’s rule and analysis explanation 
+
+When Semgrep Assistant is enabled and classifies a finding as a true or false positive, an alert appears at the top of the finding’s details page. You can also view a detailed explanation that, if applicable, includes steps to exploitability in the **Finding description** tab.
+
+For true positives, the detailed explanation includes a summary and rationale for why the finding was flagged. It draws on the code that matched the rule pattern and the surrounding code to provide context for the rule message. For security-related rules, it also explains how the finding relates to the rule’s threat model.
+
+For false positives, the explanation contains only Assistant’s reasoning, without additional code context. Some explanations refer to memories, which Assistant uses to determine whether a finding is a false positive. However, memories are not used when generating the explanation itself.
+
+If Assistant flags a finding as a false positive, you can provide feedback by selecting **Agree and Ignore** or **Disagree**.
+
+## Dataflow traces
+
+Dataflow traces allow you to visualize the path of tainted, or untrusted, data in findings. This path can help you track the sources and sinks of the tainted data as they propagate through the body of a function or a method. For general information about taint analysis, see [Taint tracking](/writing-rules/data-flow/taint-mode/overview).
+
+### View dataflow traces
+
+<DisplayTaintedDataProcedure />
+
+## Available actions on the finding details' page
+
+Click on the **kebab** icon to see the menu that includes the following options:
+
+- **Mark as reviewing** to change its status to **Reviewing** and flag the finding as one that is under further manual review 
+- **Copy file path** of the source code where Semgrep identified the issue
+- **Copy link** to the finding's details page
+
+### Scan with Assistant
+
+If the finding hasn't been analyzed by Assistant, click the **Analyze** button to begin analysis. Assistant can:
+
+- Recommend whether the finding should be fixed or ignored
+- Provide remediation guidance and generate a recommended code fix, if appropriate
+- Tag the finding with a component tag, such as `auth` or `payments`.
+
+### Ignore the finding
+
+Click **Ignore...** to ignore the finding. Provide an **Ignore reason**, and add **Comments** on why you think that this finding should be ignored.
+
+If the file for the finding in question is a test file or something similar, you can choose the **Ignore files in future scans...** option, then select the file. Semgrep ignores the file in subsequent scans.
+
+Click **Ignore** to proceed.
+
+### Fix the finding
+
+Click **Fix** see the menu that includes the following options:
+
+- View the associated Jira ticket, if available
+- Open a PR that fixes the issue, if possible
+- Change the status of the issue as **To fix**, indicating that you plan to return to the finding in the future
+
+Semgrep automatically marks findings as fixed when they're no longer detected in subsequent scans.
+
+### Add notes to findings
+
+To **add notes** to the activity history of a finding:
+
+1. Select a finding where you want to view details or add notes, and then do one of the following actions:
+   - If the default **Group by Rule** is enabled, click <i class="fa-regular fa-window-restore"></i> **Details** icon on the card of the finding.
+   - If **No grouping** view is enabled, click the **header hyperlink** on the card of the finding.
+2. Go to the **Activity** section, then click **New note**.