From 6195b24e13c4abfb8a4c600696b05e6152353132 Mon Sep 17 00:00:00 2001
From: Alana Bellucci <abellucci@gitlab.com>
Date: Fri, 9 Feb 2024 21:15:57 +0000
Subject: [PATCH] Fix capitalization and non-words, regen page

Fix a few things like double spaces, extra capitalization, and
wrapping some non-words in code tags. Also, regenerate the
deprecations file so the pipeline will pass.
---
 .../16-9-deprecate-dependency-files.yml        | 14 ++++++++++++++
 doc/update/deprecations.md                     | 18 ++++++++++++++++++
 2 files changed, 32 insertions(+)
 create mode 100644 data/deprecations/16-9-deprecate-dependency-files.yml

diff --git a/data/deprecations/16-9-deprecate-dependency-files.yml b/data/deprecations/16-9-deprecate-dependency-files.yml
new file mode 100644
index 000000000000..e64f928c6e82
--- /dev/null
+++ b/data/deprecations/16-9-deprecate-dependency-files.yml
@@ -0,0 +1,14 @@
+- title: "`dependency_files` is deprecated"
+  removal_milestone: "17.0"
+  announcement_milestone: "16.9"
+  breaking_change: true
+  reporter: abellucci
+  stage: govern
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/396376
+  body: |  # (required) Don't change this line.
+    Today in GitLab, a project's dependency list is generated using content from `dependency_files` in the Dependency Scanning report. However, to maintain consistency with the group dependency list, starting with GitLab 17.0, the project's dependency list will use CycloneDX SBOM report artifacts, stored in GitLab's PostgreSQL database. As such, the `dependency_files` property of the Dependency Scanning report schema is deprecated, and will be removed in 17.0.
+
+    As a part of this deprecation, the [`dependency_path`](https://docs.gitlab.com/ee/user/application_security/dependency_list/#dependency-paths) will also be deprecated and removed in 17.0. GitLab will move forward with the implementation of the [dependency graph using the CycloneDX specification](https://gitlab.com/gitlab-org/gitlab/-/issues/441118) to provide similar information.
+
+    Additionally, the Container Scanning CI job [will no longer produce a Dependency Scanning report](https://gitlab.com/gitlab-org/gitlab/-/issues/439782) to provide the list of Operating System components as this is replaced with the CycloneDX SBOM report. The `CS_DISABLE_DEPENDENCY_LIST` environment variable for Container Scanning is no longer in use and will also be removed in 17.0.
+  tiers: [Gold, Ultimate]
diff --git a/doc/update/deprecations.md b/doc/update/deprecations.md
index 8f31a7bc1753..26e358d1f0d0 100644
--- a/doc/update/deprecations.md
+++ b/doc/update/deprecations.md
@@ -1740,6 +1740,24 @@ The [`after_script`](https://docs.gitlab.com/ee/ci/yaml/#after_script) CI/CD key
 
 <div class="deprecation breaking-change" data-milestone="17.0">
 
+### `dependency_files` is deprecated
+
+<div class="deprecation-notes">
+- Announced in GitLab <span class="milestone">16.9</span>
+- Removal in GitLab <span class="milestone">17.0</span> ([breaking change](https://docs.gitlab.com/ee/update/terminology.html#breaking-change))
+- To discuss this change or learn more, see the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/396376).
+</div>
+
+Today in GitLab, a project's dependency list is generated using content from `dependency_files` in the Dependency Scanning report. However, to maintain consistency with the group dependency list, starting with GitLab 17.0, the project's dependency list will use CycloneDX SBOM report artifacts, stored in GitLab's PostgreSQL database. As such, the `dependency_files` property of the Dependency Scanning report schema is deprecated, and will be removed in 17.0.
+
+As a part of this deprecation, the [`dependency_path`](https://docs.gitlab.com/ee/user/application_security/dependency_list/#dependency-paths) will also be deprecated and removed in 17.0. GitLab will move forward with the implementation of the [dependency graph using the CycloneDX specification](https://gitlab.com/gitlab-org/gitlab/-/issues/441118) to provide similar information.
+
+Additionally, the Container Scanning CI job [will no longer produce a Dependency Scanning report](https://gitlab.com/gitlab-org/gitlab/-/issues/439782) to provide the list of Operating System components as this is replaced with the CycloneDX SBOM report. The `CS_DISABLE_DEPENDENCY_LIST` environment variable for Container Scanning is no longer in use and will also be removed in 17.0.
+
+</div>
+
+<div class="deprecation breaking-change" data-milestone="17.0">
+
 ### `metric` filter and `value` field for DORA API
 
 <div class="deprecation-notes">
-- 
GitLab