Add details of Code Scanning's categorisation labels (github#22079)

* Add details of Code Scanning's categorization labels

content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md

@@ -8,6 +8,7 @@ versions:
   fpt: '*'
   ghes: '>=3.0'
   ghae: '*'
+miniTocMaxHeadingLevel: 3
 redirect_from:
   - /github/managing-security-vulnerabilities/managing-alerts-from-automated-code-scanning
   - /github/finding-security-vulnerabilities-and-errors-in-your-code/managing-alerts-from-code-scanning
@@ -58,6 +59,25 @@ To calculate the security severity of an alert, we use Common Vulnerability Scor
 
 By default, any code scanning results with a security severity of `Critical` or `High` will cause a check failure. You can specify which security severity level for code scanning results should cause a check failure. For more information, see "[Defining the severities causing pull request check failure](/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#defining-the-severities-causing-pull-request-check-failure)."{% endif %}
 
+### About labels for alerts that are not found in application code
+
+{% data variables.product.product_name %} assigns a category label to alerts that are not found in application code. The label relates to the location of the alert.
+
+- **Generated**: Code generated by the build process
+- **Test**: Test code
+- **Library**: Library or third-party code
+- **Documentation**: Documentation
+
+{% data variables.product.prodname_code_scanning_capc %} categorizes files by file path. You cannot manually categorize source files.
+
+Here is an example from the {% data variables.product.prodname_code_scanning %} alert list of an alert marked as occuring in library code.
+
+![Code scanning library alert in list](/assets/images/help/repository/code-scanning-library-alert-index.png)
+
+On the alert page, you can see that the filepath is marked as library code (`Library` label).
+
+![Code scanning library alert details](/assets/images/help/repository/code-scanning-library-alert-show.png)
+
 ## Viewing the alerts for a repository
 
 Anyone with read permission for a repository can see {% data variables.product.prodname_code_scanning %} annotations on pull requests. For more information, see "[Triaging {% data variables.product.prodname_code_scanning %} alerts in pull requests](/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests)."
@@ -112,14 +132,7 @@ If you enter multiple filters, the view will show alerts matching _all_ these fi
 
 ### Restricting results to application code only
 
-You can use the "Only alerts in application code" filter or `autofilter:true` keyword and value to restrict results to alerts in application code. Application code excludes the following.
-
-- Code generated by the build process
-- Test code
-- Library or third-party code
-- Documentation
-
-{% data variables.product.prodname_code_scanning_capc %} categorizes files by file path. At this time, you cannot manually categorize source files.
+You can use the "Only alerts in application code" filter or `autofilter:true` keyword and value to restrict results to alerts in application code. See "[About labels for alerts not in application code](#about-labels-for-alerts-that-are-not-found-in-application-code)" above for more information about the types of code that are not application code.
 
 {% ifversion fpt or ghes > 3.1 %}