Bump github.com/vmware-tanzu/carvel-imgpkg from 0.31.0 to 0.36.0 in /hack/imgpkg

[dependabot]

Bumps github.com/vmware-tanzu/carvel-imgpkg from 0.31.0 to 0.36.0.

Release notes

Sourced from github.com/vmware-tanzu/carvel-imgpkg's releases.

v0.35.0

✨ What's new

• Add a way to filter tags when listing them #459
• Enable loading of Certificate Pool from the Operating System when running on windows #462
• API: Add function to build registry options based on environment variables

🔈 Callouts

Thanks to

• Alex Barbato @​alexbarbato
• Vandana Pathak @​Vandy-P

For helping out with this release

📂 Files Checksum

955ec1e8d329f75e6e3803ffae8a6f8e586576904ac418e9ed88f2cc31178c15  ./imgpkg-darwin-amd64
1182217e827a44e22df22be4b95e5392f52530eaed52da5195b5f026d06f41f4  ./imgpkg-darwin-arm64
2c289cf6b5c88a4dd4bec17c9e57e49c2c7531c127ea130737945392cdc65362  ./imgpkg-linux-amd64
eb972061a7a71b03ee224b3e3d7aa0ec9a45ec20a6c8c5b11917b223c58a9570  ./imgpkg-linux-arm64
d3e8e4d8da6b6f5e0a77335864944fc3e74c109c3d4959c976c1caec1dc1807c  ./imgpkg-windows-amd64.exe

v0.34.1

✨ What's new

• Bump go version to 1.19.3
• Bump other libraries to ensure no CVEs are flagged

📂 Files Checksum

3b00269f62eb8673d20344c8fd2d8d23bb82ad05144af4f69488a7d5e6a6e70b  ./imgpkg-windows-amd64.exe
45b0932cbfc2fab1d6687b2ada72360b708cdeaa769fb2e85bac83db7fe8203b  ./imgpkg-linux-arm64
5330dfdd76865cde0db1bd54562578dc39c2fa5a9fa6ef8e97d143b4a5754bcd  ./imgpkg-darwin-amd64
77eea57ead85d7c8385bbe7cc01138a21a12807febe1491af7cbc4a4b96887d6  ./imgpkg-darwin-arm64
de864d7c77cf1338f28c02828de7bfd3a34c0670692cb415ab0c34352c6e605b  ./imgpkg-linux-amd64

v0.34.0

✨ What's new

• describe command fetches all information possible and displays failures #347
• Removed extra output and errors during shell completion #426
• Lots of library bumps

🔈 Callouts

Thanks to

• @​vicmarbev for #432

For helping out with this release

... (truncated)

Commits

• 2fed890 Merge pull request #484 from carvel-dev/change-registry-creation
• 2eabfd2 Add new constructor to the registry
• 5281971 Merge pull request #485 from evankanderson/develop
• 08b722e Store results from Resolve during RoundTripper creation in the Authenticato...
• 57ecc28 Fix a missed map initialization. Also defend against this error in depth.
• 60522f8 Cache authenticators between registry operations to speed up large copies.
• 93bcd93 Merge pull request #482 from carvel-dev/dependabot/go_modules/github.com/maxb...
• ac17da7 build(deps): Bump github.com/maxbrunsfeld/counterfeiter/v6
• 682c97c Merge pull request #478 from carvel-dev/dependabot/go_modules/github.com/goog...
• f722ef5 Merge pull request #473 from carvel-dev/dependabot/go_modules/github.com/cheg...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Dependabot tried to add @sadlerap/reference-implementation as a reviewer to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/sadlerap/service-binding-runtime/pulls/75/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the teams you specified is not a collaborator of the sadlerap/service-binding-runtime repository. // See: https://docs.github.com/rest/reference/pulls#request-reviewers-for-a-pull-request