Move variable relating to Dependency Review outside the product.yml file (#33443)

content/code-security/supply-chain-security/end-to-end-supply-chain/securing-code.md

@@ -53,7 +53,7 @@ As a first step, you want to make a complete inventory of your dependencies. The
 {% ifversion fpt or ghec or ghes > 3.5 or ghae > 3.5 %}
 ### Automatic detection of vulnerabilities in pull requests
 
-The {% data variables.product.prodname_dependency_review_action %} enforces a dependency review on your pull requests, making it easy for you to see if a pull request will introduce a vulnerable version of a dependency to your repository. When a vulnerability is detected, the {% data variables.product.prodname_dependency_review_action %} can block the pull request from merging. For more information, see "[Dependency review enforcement](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement)."{% endif %} 
+The {% data variables.dependency-review.action_name %} enforces a dependency review on your pull requests, making it easy for you to see if a pull request will introduce a vulnerable version of a dependency to your repository. When a vulnerability is detected, the {% data variables.dependency-review.action_name %} can block the pull request from merging. For more information, see "[Dependency review enforcement](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement)."{% endif %} 
     
 
 ### Assessment of exposure to risk from a vulnerable dependency

content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md

@@ -50,16 +50,16 @@ The action is available for all {% ifversion fpt or ghec %}public repositories,
 
 {% data reusables.dependency-review.action-enterprise %}
 
-You can use the {% data variables.product.prodname_dependency_review_action %} in your repository to enforce dependency reviews on your pull requests. The action scans for vulnerable versions of dependencies introduced by package version changes in pull requests, and warns you about the associated security vulnerabilities. This gives you better visibility of what's changing in a pull request, and helps prevent vulnerabilities being added to your repository. For more information, see [`dependency-review-action`](https://github.com/actions/dependency-review-action).
+You can use the {% data variables.dependency-review.action_name %} in your repository to enforce dependency reviews on your pull requests. The action scans for vulnerable versions of dependencies introduced by package version changes in pull requests, and warns you about the associated security vulnerabilities. This gives you better visibility of what's changing in a pull request, and helps prevent vulnerabilities being added to your repository. For more information, see [`dependency-review-action`](https://github.com/actions/dependency-review-action).
 
 ![Dependency review action example](/assets/images/help/graphs/dependency-review-action.png)
 
-By default, the {% data variables.product.prodname_dependency_review_action %} check will fail if it discovers any vulnerable packages. A failed check blocks a pull request from being merged when the repository owner requires the dependency review check to pass. For more information, see "[About protected branches](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-status-checks-before-merging)."
+By default, the {% data variables.dependency-review.action_name %} check will fail if it discovers any vulnerable packages. A failed check blocks a pull request from being merged when the repository owner requires the dependency review check to pass. For more information, see "[About protected branches](/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches#require-status-checks-before-merging)."
 
 The action uses the Dependency Review REST API to get the diff of dependency changes between the base commit and head commit. You can use the Dependency Review API to get the diff of dependency changes, including vulnerability data, between any two commits on a repository. For more information, see "[Dependency review](/rest/reference/dependency-graph#dependency-review)."
 
 {% ifversion dependency-review-action-configuration %}
-You can configure the {% data variables.product.prodname_dependency_review_action %} to better suit your needs. For example, you can specify the severity level that will make the action fail{% ifversion dependency-review-action-licenses %}, or set an allow or deny list for licenses to scan{% endif %}. For more information, see "[Configuring dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review#configuring-the-dependency-review-github-action)." 
+You can configure the {% data variables.dependency-review.action_name %} to better suit your needs. For example, you can specify the severity level that will make the action fail{% ifversion dependency-review-action-licenses %}, or set an allow or deny list for licenses to scan{% endif %}. For more information, see "[Configuring dependency review](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review#configuring-the-dependency-review-github-action)." 
 {% endif %}
 
 {% endif %}

content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review.md

@@ -51,7 +51,7 @@ Dependency review is available when dependency graph is enabled for {% data vari
 {% endif %}
 
 {% ifversion dependency-review-action-configuration %}
-## About configuring the {% data variables.product.prodname_dependency_review_action %}
+## About configuring the {% data variables.dependency-review.action_name %}
 
 {% data reusables.dependency-review.dependency-review-action-overview %}
 
@@ -77,14 +77,14 @@ The following configuration options are available.
 {% endtip %}
 {% endif %}
 
-## Configuring the {% data variables.product.prodname_dependency_review_action %}
+## Configuring the {% data variables.dependency-review.action_name %}
 
-There are two methods of configuring the {% data variables.product.prodname_dependency_review_action %}: 
+There are two methods of configuring the {% data variables.dependency-review.action_name %}: 
 - Inlining the configuration options in your workflow file. 
 - Referencing a configuration file in your workflow file.
 
 Notice that all of the examples use a short version number for the action (`v3`) instead of a semver release number (for example, `v3.0.8`). This ensures that you use the most recent minor version of the action.
-### Using inline configuration to set up the {% data variables.product.prodname_dependency_review_action %}
+### Using inline configuration to set up the {% data variables.dependency-review.action_name %}
 
 1. Add a new YAML workflow to your `.github/workflows` folder.   
    
@@ -108,7 +108,7 @@ Notice that all of the examples use a short version number for the action (`v3`)
    ```
 1. Specify your settings.   
 
-   This {% data variables.product.prodname_dependency_review_action %} example file illustrates how you can use the available configuration options.
+   This {% data variables.dependency-review.action_name %} example file illustrates how you can use the available configuration options.
    ```yaml{:copy}
    name: 'Dependency Review'
    on: [pull_request]
@@ -146,7 +146,7 @@ Notice that all of the examples use a short version number for the action (`v3`)
            fail-on-scopes: development, runtime
   {% endif %}
    ```
-### Using a configuration file to set up {% data variables.product.prodname_dependency_review_action %}
+### Using a configuration file to set up {% data variables.dependency-review.action_name %}
 
 1. Add a new YAML workflow to your `.github/workflows` folder and use `config-file` to specify that you are using a configuration file.