v0.36.0

What's Changed

‼️ Breaking Changes

• fix!: use Fulcio certificate instead of public key and upgrade Sigstore Cosign from v2 to v3 by @morri-son in #1726
• fix: chart access artifact set media type by @fabianburth in #1786

🚀 Features

• feat: support index based reading of OCI artifacts by @jakobmoellerdev in #1646

🐛 Bug Fixes

• fix: add --oci-layout flag for OCI Image Layout blob paths by @piotrjanik in #1723
• fix: update image reference name to use the open-component-model organization repository by @piotrjanik in #1784
• fix(1560): add more explicit errors on get cv by @matthiasbruns in #1787

⬆️ Dependencies

14 changes

• chore(deps): bump the go group with 2 updates by @dependabot[bot] in #1728
• chore(deps): bump the go group with 18 updates by @dependabot[bot] in #1734
• chore: retract 0.33.0 and 0.34.1 by @frewilhelm in #1740
• chore(deps): bump the go group with 11 updates by @dependabot[bot] in #1749
• chore(deps): bump github.com/klauspost/compress by @frewilhelm in #1752
• chore(deps): bump golang from 1.25.4-alpine3.22 to 1.25.5-alpine3.22 by @dependabot[bot] in #1718
• chore: bump sigstore/fulcio by @jakobmoellerdev in #1757
• chore(deps): bump the go group with 3 updates by @dependabot[bot] in #1764
• chore(deps): bump the go group with 12 updates by @dependabot[bot] in #1770
• chore(deps): bump github.com/sigstore/fulcio from 1.8.4 to 1.8.5 by @dependabot[bot] in #1774
• chore(deps): bump the go group with 6 updates by @dependabot[bot] in #1778
• chore(deps): bump github.com/sigstore/sigstore from 1.10.3 to 1.10.4 by @dependabot[bot] in #1792
• chore(deps): bump the go group with 7 updates by @dependabot[bot] in #1795
• chore(deps): bump golang from 1.25.5-alpine3.22 to 1.25.6-alpine3.22 by @dependabot[bot] in #1794

🧰 Maintenance

• chore: bump VERSION to 0.36.0-dev by @ocmbot[bot] in #1724

New Contributors

• @piotrjanik made their first contribution in #1723
• @matthiasbruns made their first contribution in #1787

Full Changelog: v0.35...v0.36.0