chore(dependabot): bump ocm.software/ocm from 0.18.0 to 0.19.0

[dependabot]

Bumps ocm.software/ocm from 0.18.0 to 0.19.0.

Release notes

Sourced from ocm.software/ocm's releases.

v0.19.0

What's Changed

🚀 Features

• feat(log): log http requests for OCI and docker based on trace level by injecting a logger by @​jakobmoellerdev in open-component-model/ocm#1118

🧰 Maintenance

• chore: change guide for 0.18.0 by @​jakobmoellerdev in open-component-model/ocm#1066
• chore(deps): bump the ci group with 2 updates by @​dependabot in open-component-model/ocm#1068
• chore(deps): bump the go group with 10 updates by @​dependabot in open-component-model/ocm#1067
• chore: allow publishing to Brew via custom script by @​jakobmoellerdev in open-component-model/ocm#1059
• chore: remove ocm inception during build CTF aggregation by @​jakobmoellerdev in open-component-model/ocm#1065
• chore: release branches as instead of by @​jakobmoellerdev in open-component-model/ocm#1071
• chore: cleanup release action by @​jakobmoellerdev in open-component-model/ocm#1076
• chore: disable mandatory period comments by @​jakobmoellerdev in open-component-model/ocm#1079
• chore: make sure that version bumping happens everytime by @​jakobmoellerdev in open-component-model/ocm#1090
• chore: also create a branch based on the tag to avoid dangling commits by @​jakobmoellerdev in open-component-model/ocm#1098
• chore: add correct labels for flake nix job by @​jakobmoellerdev in open-component-model/ocm#1100
• chore: allow triggering blackduck scans manually by @​jakobmoellerdev in open-component-model/ocm#1104
• chore: remove the int test repository dispatch by @​jakobmoellerdev in open-component-model/ocm#1106
• chore: rework labeling jobs by @​jakobmoellerdev in open-component-model/ocm#1103
• chore: ensure that PR titles must be semantic by @​jakobmoellerdev in open-component-model/ocm#1108
• chore: move process options to struct by @​jakobmoellerdev in open-component-model/ocm#1109
• chore: automatically set github actions label by @​jakobmoellerdev in open-component-model/ocm#1112
• chore: remove releasenotes.yaml by @​jakobmoellerdev in open-component-model/ocm#1111
• docs: document complex artifact transfer by @​jakobmoellerdev in open-component-model/ocm#1113
• chore: setup release to reuse CTF from components workflow by @​jakobmoellerdev in open-component-model/ocm#1077
• docs: revise RELEASE_PROCESS.md by @​jakobmoellerdev in open-component-model/ocm#1086
• chore: label prs based on conventional commit by @​jakobmoellerdev in open-component-model/ocm#1121
• docs: finally some working examples for a lot of commands by @​jakobmoellerdev in open-component-model/ocm#1123
• chore: let's not store the release notes in the repository by @​hilmarf in open-component-model/ocm#1120
• chore: fixup release action versioning and notes process by @​jakobmoellerdev in open-component-model/ocm#1124
• chore: make sure we release to brew too with our release by @​jakobmoellerdev in open-component-model/ocm#1125
• chore(deps): bump anchore/sbom-action from 0.17.7 to 0.17.8 in the ci group by @​dependabot in open-component-model/ocm#1128
• chore: publish to website as other by @​jakobmoellerdev in open-component-model/ocm#1126
• chore(github_actions): push-to-winget: permissions: by @​hilmarf in open-component-model/ocm#1133
• chore(signing): correct Fulcio service to correct address by @​morri-son in open-component-model/ocm#1135
• chore(github_actions): using now classic secret of OCM_CI_ROBOT by @​hilmarf in open-component-model/ocm#1137
• chore: rework release note handling by @​jakobmoellerdev in open-component-model/ocm#1139
• chore(backport): fixup release notes (#1148) by @​jakobmoellerdev in open-component-model/ocm#1149
• chore(backport): adjust labels to new configuration by @​hilmarf in open-component-model/ocm#1154

⬆️ Dependencies

• chore(deps): bump the go group with 17 updates by @​dependabot in open-component-model/ocm#1127

... (truncated)

Changelog

Sourced from ocm.software/ocm's changelog.

Release Process

General Information

In the Open Component Model organization, the main development is done on the main branch. Thus, the main branch is used to develop on the latest minor version.

The release process focuses on the creation of release/<major>.<minor> release branches and the generation of release tags based on these branches. Every release branch is used to permanently track the development of a specific minor release of the OCM project. Whenever there is a critical issue for a specific minor release, a patch is cherry-picked into the release branch and a new patch release for that given minor version is created.

The release branches are initially created from the main branch via the GitHub action Release Branch Creation.

A release is generated by calling a specific release GitHub Action. It is executed on the branch which should be released - regardless whether it is a patch or a minor release.

In any case, a pre-release may be created by specifying a pre-release suffix for the release action execution. This will lead (for most use cases) to the creation of a "Release Candidate" which can be tested and delivered to end users willing to test the new release.

Release Workflow

Diagram

gitGraph TB:
    commit id: "VERSION 0.17.0-dev"
    commit id: "feat: some feature"
    branch "releases/v0.17"
    commit tag: "v0.17.0-rc.1" type: REVERSE
    checkout main
    commit id: "fix: hotfix bug" type: HIGHLIGHT
    checkout releases/v0.17
    cherry-pick id: "fix: hotfix bug"
    commit tag: "v0.17.0-rc.2"
    branch "releases/v0.17.0"
    checkout "releases/v0.17.0"
    commit id: "VERSION 0.17.0" tag:"v0.17.0"
    checkout main
    commit id: "VERSION 0.18.0-dev"
</tr></table> 

Loading

... (truncated)

Commits

• 7b3927d chore: rework release note handling (#1139)
• 4205242 chore(documentation): How to publish winget packages. (#1138)
• 17166ce chore(example): let's limit the listed versions (#1136)
• 3465bb4 chore(github_actions): using now classic secret of OCM_CI_ROBOT (#1137)
• 9033cb5 chore(signing): correct Fulcio service to correct address (#1135)
• 3133edf chore(github_actions): push-to-winget: permissions: write-all (#1133)
• f5a1cd2 chore: publish to website as other (#1126)
• 88d3ead chore: update 'flake.nix' (#1129)
• bd14400 chore(deps): bump the go group with 17 updates (#1127)
• 0f25608 chore(deps): bump anchore/sbom-action from 0.17.7 to 0.17.8 in the ci group (...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Looks like ocm.software/ocm is up-to-date now, so this is no longer needed.