Merge branch 'rename-cyclonedx-report-to-sbom' into 'master'

Rename CycloneDX report to SBOM in docs

See merge request gitlab-org/gitlab!81786

doc/user/application_security/dependency_scanning/index.md

@@ -767,13 +767,13 @@ Here's an example dependency scanning report:
 }
 ```
 
-### CycloneDX reports
+### CycloneDX Software Bill of Materials
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/350509) in GitLab 14.8 in [Beta](../../../policy/alpha-beta-support.md#beta-features).
 
 In addition to the [JSON report file](#reports-json-format), the [Gemnasium](https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium)
-Dependency Scanning tool outputs a [CycloneDX](https://cyclonedx.org/) report for
-each supported lock or build file it detects. These CycloneDX reports are named
+Dependency Scanning tool outputs a [CycloneDX](https://cyclonedx.org/) Software Bill of Materials (SBOM) for
+each supported lock or build file it detects. These CycloneDX SBOMs are named
 `cyclonedx-<package-type>-<package-manager>.json`, and are saved in the same directory
 as the detected lock or build files.
 
@@ -791,7 +791,7 @@ For example, if your project has the following structure:
     └── go.sum
 ```
 
-Then the Gemnasium scanner generates the following CycloneDX reports:
+Then the Gemnasium scanner generates the following CycloneDX SBOMs:
 
 ```plaintext
 .
@@ -809,23 +809,23 @@ Then the Gemnasium scanner generates the following CycloneDX reports:
     └── cyclonedx-go-go.json
 ```
 
-The CycloneDX reports can be downloaded [the same way as other job artifacts](../../../ci/pipelines/job_artifacts.md#download-job-artifacts).
+The CycloneDX SBOMs can be downloaded [the same way as other job artifacts](../../../ci/pipelines/job_artifacts.md#download-job-artifacts).
 
-### Merging multiple CycloneDX Reports
+### Merging multiple CycloneDX SBOMs
 
-You can use a CI/CD job to merge multiple CycloneDX Reports into a single report.
+You can use a CI/CD job to merge multiple CycloneDX SBOMs into a single SBOM.
 For example:
 
 ```yaml
 stages:
   - test
-  - merge-cyclonedx-reports
+  - merge-cyclonedx-sboms
 
 include:
   - template: Security/Dependency-Scanning.gitlab-ci.yml
 
-merge cyclonedx reports:
-  stage: merge-cyclonedx-reports
+merge cyclonedx sboms:
+  stage: merge-cyclonedx-sboms
   image: alpine:latest
   script:
     - wget https://github.com/CycloneDX/cyclonedx-cli/releases/download/v0.22.0/cyclonedx-linux-musl-x64 -O /usr/local/bin/cyclonedx-cli
@@ -838,14 +838,14 @@ merge cyclonedx reports:
 ```
 
 GitLab uses [CycloneDX Properties](https://cyclonedx.org/use-cases/#properties--name-value-store)
-to store implementation-specific details in the metadata of each CycloneDX report,
-such as the location of build and lock files. If multiple CycloneDX reports are merged together,
+to store implementation-specific details in the metadata of each CycloneDX SBOM,
+such as the location of build and lock files. If multiple CycloneDX SBOMs are merged together,
 this information is removed from the resulting merged file.
 
 NOTE:
-CycloneDX reports are a [Beta](../../../policy/alpha-beta-support.md#beta-features) feature,
+CycloneDX SBOMs are a [Beta](../../../policy/alpha-beta-support.md#beta-features) feature,
 and the reports are subject to change during the beta period. Do not build integrations
-that rely on the format of these reports staying consistent, as the format might change
+that rely on the format of these SBOMs staying consistent, as the format might change
 before the feature is made generally available.
 
 ## Versioning and release process