Polish SBOMs how-to for consistency with the rest of docs/

Stylistic pass so the new page reads like its neighbors:
- Condense the 4-paragraph intro to one paragraph.
- Move the "files end up in the wheel at…" sentence to right after the
  static-files code block, where it belongs in the reader's flow.
- Fold the canonical-name-match note into the "File naming and
  validation" bullets rather than giving it its own standalone
  paragraph.
- Drop the scientific-Python project name-drop; the page is meant to
  be generic, other how-to guides don't namecheck downstream users.
- Normalize "artefact" / "recognised" to the American spelling the
  rest of docs/ use.

Author: fangchenli

docs/how-to-guides/sboms.rst

@@ -8,25 +8,22 @@
 Including SBOMs in wheels (PEP 770)
 ***********************************
 
-`PEP 770`_ specifies that wheels may carry Software Bill of Materials
-(SBOM) documents under the ``.dist-info/sboms/`` directory.
-``meson-python`` places any file installed under
-``{py_purelib}/<distname>-<version>.dist-info/<subdir>/...`` into the
-wheel's ``.dist-info/<subdir>/`` at pack time. This is the mechanism
-scientific-Python projects (pandas, NumPy, SciPy, scikit-learn) use to
-ship SBOMs in their wheels without post-build wheel surgery.
-
-The ``<distname>-<version>.dist-info`` directory name is recognised
-regardless of whether the user wrote the project name with hyphens or
-underscores — the comparison is canonicalised.
+`PEP 770`_ defines a location for Software Bill of Materials (SBOM)
+files inside the wheel's ``.dist-info/sboms/`` directory.
+``meson-python`` routes any file installed under
+``{py_purelib}/<name>-<version>.dist-info/<subdir>/...`` or
+``{py_platlib}/<name>-<version>.dist-info/<subdir>/...`` into the
+wheel's own ``.dist-info/<subdir>/`` at pack time, giving projects a
+way to ship SBOMs and other dist-info-bound metadata files without
+post-build wheel surgery.
 
 .. _PEP 770: https://peps.python.org/pep-0770/
 
 Static SBOM files
 =================
 
-For SBOMs that are checked into the source tree (typically describing
-source-vendored components):
+For SBOMs that are checked into the source tree, typically describing
+source-vendored components:
 
 .. code-block:: meson
 
@@ -41,21 +38,17 @@ source-vendored components):
      install_dir: py.get_install_dir() / distinfo / 'sboms',
    )
 
-``py.get_install_dir()`` returns a path under ``{py_purelib}`` for
-``pure: true`` projects and ``{py_platlib}`` for ``pure: false``
-(the common case when shipping C extensions). ``meson-python``
-recognises the distinfo prefix under either root.
-
 The files end up in the wheel at
 ``my_project-1.0.0.dist-info/sboms/component1.cdx.json`` and
-``component2.cdx.json``.
+``component2.cdx.json``. ``py.get_install_dir()`` returns a path under
+``{py_purelib}`` for ``pure: true`` projects and ``{py_platlib}`` for
+``pure: false`` projects; both roots are recognized.
 
 Dynamically generated SBOMs
 ===========================
 
-Many projects generate the SBOM at build time from a TOML manifest of
-vendored components. Use a ``custom_target`` that produces the SBOM file
-and installs it to the same location:
+When the SBOM is generated at build time, use a ``custom_target`` that
+writes the file and installs it to the same location:
 
 .. code-block:: meson
 
@@ -67,36 +60,38 @@ and installs it to the same location:
      install_dir: py.get_install_dir() / distinfo / 'sboms',
    )
 
-The generator runs during the build, and ``meson-python`` injects the
-output into ``my_project-1.0.0.dist-info/sboms/vendored.cdx.json``.
+The generator runs during the build, and the output is routed into
+``my_project-1.0.0.dist-info/sboms/vendored.cdx.json``.
 
 Other ``.dist-info`` subdirectories
 ===================================
 
-Any subdirectory under the ``.dist-info`` directory works the same way.
-PEP 639 license files can be placed under ``licenses``, for example:
+Any subdirectory works the same way. Additional PEP 639 license files,
+for example, can go under ``licenses``:
 
 .. code-block:: meson
 
    install_data('LICENSES/extra.txt',
      install_dir: py.get_install_dir() / distinfo / 'licenses')
 
-PEP 639 license files declared via ``project.license-files`` in
-``pyproject.toml`` are handled separately and go into
-``.dist-info/licenses/`` automatically (no ``meson.build`` change
-needed). Use the pattern above only for additional license files
-outside the standard ``project.license-files`` list.
+License files declared via ``project.license-files`` in
+``pyproject.toml`` are already placed in ``.dist-info/licenses/``
+automatically and do not need a ``meson.build`` entry. Use the pattern
+above only for additional files outside the standard
+``project.license-files`` list.
 
 File naming and validation
 ==========================
 
-* Files installed under ``<distname>-<version>.dist-info/<subdir>/``
-  must have unique basenames within their subdirectory. ``meson-python``
-  raises an error at build time if two files would write to the same
-  path inside ``.dist-info/<subdir>/``. The collision check covers
-  files routed via this mechanism and PEP 639 license-files from
-  ``project.license-files``.
-* The recommended file extensions are ``.cdx.json`` for CycloneDX and
+* Files installed under ``<name>-<version>.dist-info/<subdir>/`` must
+  have unique basenames within their subdirectory. ``meson-python``
+  raises a ``BuildError`` at build time if two files would write to
+  the same path, including collisions between files routed through
+  this mechanism and files written from ``project.license-files``.
+* The ``<name>-<version>.dist-info`` directory name is matched
+  canonically, so hyphens and underscores in the user's project name
+  do not break routing.
+* Recommended file extensions are ``.cdx.json`` for CycloneDX and
   ``.spdx.json`` for SPDX, per the PSF
   `SBOMs for Python packages`_ proposal.
 
@@ -105,10 +100,8 @@ File naming and validation
 Editable installs
 =================
 
-Files staged via this mechanism are placed in the wheel when
-``meson-python`` builds a regular wheel (``pip install .`` or
-``python -m build``). They are **not** included in editable wheels
-(``pip install -e .``), because editable wheels redirect imports to the
-build directory rather than carrying project files. SBOMs are intended
-for distribution artefacts, so this limitation generally does not
-affect development workflows.
+Files staged via this mechanism are only placed in non-editable wheels
+(``pip install .`` or ``python -m build``). Editable wheels
+(``pip install -e .``) redirect imports to the build directory and do
+not carry dist-info-bound payloads. Since SBOMs are distribution
+artifacts, this limitation does not affect development workflows.

mesonpy/__init__.py

@@ -174,7 +174,7 @@ def _map_to_wheel(
 
             # Files staged under {py_purelib}/<our-distinfo>/... or
             # {py_platlib}/<our-distinfo>/... are routed into the wheel's
-            # .dist-info/ at pack time. Both roots are recognised because a
+            # .dist-info/ at pack time. Both roots are recognized because a
             # project built with pure: false installs into platlib (pandas,
             # numpy, scipy) while a pure-Python project uses purelib.
             # Authority for the distinfo dir name is the PEP 621 metadata;