chore(dependabot): bump github.com/open-component-model/ocm from 0.3.0-rc.1 to 0.4.0

[dependabot]

Bumps github.com/open-component-model/ocm from 0.3.0-rc.1 to 0.4.0.

Release notes

Sourced from github.com/open-component-model/ocm's releases.

v0.4.0

Release v0.4.0

• Bump github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4 (#502)
• switch to reworked logging version (#501)
• fix trailing space handling for write sequences (#500)
• CA certificate of oci registry as part of credentials (#497)
• log output for failing CD decode + trim trailing spaces in md generator (#498)
• fix local transfer option handling (#496)
• Provide wrapper function for often used OCM code sequences to simplify usage (#470)
• command to update ocm cli (#491)
• fix pr test action not to fail on forked repositories (#494)
• improve documentation for attribute mapping (#405)
• some fixes (#488)
• fix missing entrypoint in ocmcli image (#490)
• add missing permission for gh action (#489)
• add github action to run integration tests on PR (#485)
• extend utf8 input type to accept and generate YAML/JSON content (#487)
• Update README.md (#486)
• fix and extend label access functions (#484)
• fix provider normalization (#478)
• fix evaluation of docker config file (#482)
• Bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 (#398)
• Provide default implementation to support implementations of simple virtual/simulated OCM repositories, (#441)
• add missing helmRepository option for input (#462)
• area command docu + aliases (#459)
• adjust ca handling for helm repositories (#467)
• fix: transfer logic has defer in loop (#465)
• get rid of unnecessary replacements (#463)

v0.3.0

Changelog

• d2d09d0c #105 - Panic Handlers (#273)
• 3fb1b026 Add Keyless Signing using Sigstore (#379)
• f342960d Add example for toi installation with helm chart dependencies (#315)
• 5ecbd93d Adds GetResourcesByName Method to ComponentVersionAccess Objects (#321)
• 79e4129a Adjust dockerconfig.RepositorySpec (#324)
• cac80150 Align make generate and make format (#442)
• cf13fc69 Bump github.com/aws/aws-sdk-go from 1.15.11 to 1.34.0 (#329)
• 7bac90d6 Bump github.com/docker/docker (#325)
• 6e9c826c Component archive (#399)
• 902e7427 Consistent handling of spec versions (#364)
• 84d97844 Create user_story.md (#411)
• 8b33f961 DirectoryTree download support (#358)
• 218c2b1e Extend OCM Plugins to support generic actions + define oci.repository.prepare action to assure existence of OCI repositories (#320)
• 78c8e23c Fix of errors/problems discovered during usage of TOI on MAC (#336)
• 73b48181 Image (#401)
• 37852e49 JCS(RFC8785) normalization support (#331)
• dc3457f8 OCI tag mapping (#355)
• 4737c160 Release v0.3.0

... (truncated)

Commits

• 992e32b Release v0.4.0
• 88ba38c ReleaseNotes for v0.4.0
• 1c35211 Bump github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4 (#502)
• 1a7afec Add link to central web page at the beginning (#508)
• 53d94be Update cmd.go (#507)
• b9f08d4 switch to reworked logging version (#501)
• 3204008 fix trailing space handling for write sequences (#500)
• 9b72630 CA certificate of oci registry as part of credentials (#497)
• 23f6a91 log output for failing CD decode + trim trailing spaces in md generator (#498)
• 300b0f8 fix local transfer option handling (#496)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[kyma-bot]

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pre-kyma-cli	c4d032a	link	true	/test pre-kyma-cli
pre-main-cli-e2e	c4d032a	link	true	/test pre-main-cli-e2e
pull-cli-unit-test	c4d032a	link	true	/test pull-cli-unit-test

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[dependabot]

Superseded by #1800.