build(deps): Bump github.com/distribution/distribution/v3 from 3.0.0 to 3.1.0

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps github.com/distribution/distribution/v3 from 3.0.0 to 3.1.0.

Release notes

Sourced from github.com/distribution/distribution/v3's releases.

v3.1.0

Welcome to the v3.1.0 release of registry!

This is a stable release

Please try out the release binaries and report any issues at https://github.com/distribution/distribution/issues.

Notable Changes

• Fixes CVE-2026-35172
• Fixes CVE-2026-33540
• Adds support for tag pagination (#4360, #4353)
• Fixes default credentials in Azure storage provider (#4619)
• Drops support for go1.23 and go1.24 and updates to go1.25

See the full changelog below for the full list of changes.

What's Changed

• docs: Update to refer to new image tag v3 by @​schanzel in distribution/distribution#4373
• Fix default_credentials in azure storage provider by @​switchboardOp in distribution/distribution#4619
• chore: make function comment match function name by @​closeobserve in distribution/distribution#4622
• build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 in the go_modules group across 1 directory by @​dependabot[bot] in distribution/distribution#4625
• fix: implement JWK thumbprint for Ed25519 public keys by @​zhangyoufu in distribution/distribution#4626
• fix: Annotate code block from validation.indexes configuration docs by @​anzoman in distribution/distribution#4629
• feat: extract redis config to separate struct by @​shanduur in distribution/distribution#4620
• Fix: resolve issue #4478 by using a temporary file for non-append writes by @​onporat in distribution/distribution#4624
• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @​dependabot[bot] in distribution/distribution#4645
• docs: Add note about OTEL_TRACES_EXPORTER by @​jcpunk in distribution/distribution#4669
• fix: set OTEL traces to disabled by default by @​jcpunk in distribution/distribution#4671
• Fix markdown syntax for OTEL traces link in docs by @​shantanoo-desai in distribution/distribution#4676
• Switch UUIDs to UUIDv7 by @​binaryfire in distribution/distribution#4666
• refactor: replace map iteration with maps.Copy/Clone by @​whosehang in distribution/distribution#4632
• s3-aws: fix build for 386 by @​ChenQi1989 in distribution/distribution#4642
• docs: Add OpenTelemetry links to quickstart docs (#4270) by @​dpw13 in distribution/distribution#4640
• Fix S3 driver loglevel param by @​milosgajdos in distribution/distribution#4617
• Fixed data race in TestSchedule test by @​horoshev in distribution/distribution#4647
• Fixes #4683 - uses X/Y instead of Gx/Gy for thumbprint of ecdsa keys by @​gpgenaiz in distribution/distribution#4684
• build(deps): bump actions/checkout from 4 to 5 by @​dependabot[bot] in distribution/distribution#4687
• Fix broken link to Docker Hub fair use policy by @​Klikini in distribution/distribution#4688
• fix(registry/handlers/app): redis CAs by @​ChandonPierre in distribution/distribution#4668
• build(deps): bump actions/labeler from 5 to 6 by @​dependabot[bot] in distribution/distribution#4694
• build(deps): bump actions/setup-go from 5 to 6 by @​dependabot[bot] in distribution/distribution#4693
• build(deps): bump actions/upload-pages-artifact from 3 to 4 by @​dependabot[bot] in distribution/distribution#4691
• build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by @​dependabot[bot] in distribution/distribution#4706
• build(deps): bump github/codeql-action from 3.26.5 to 4.30.7 by @​dependabot[bot] in distribution/distribution#4710
• build(deps): bump github/codeql-action from 4.30.7 to 4.30.8 by @​dependabot[bot] in distribution/distribution#4714
• chore: labeler: add area/client mapping for internal/client/** by @​artem-tkachuk in distribution/distribution#4716
• client: add Accept headers to Exists() HEAD by @​artem-tkachuk in distribution/distribution#4715
• feat(registry): Make graceful shutdown test robust by @​Sumedhvats in distribution/distribution#4720

... (truncated)

Commits

• 708f8d6 chore(ci): Prep for v3.1 release (#4841)
• b1d5dbc chore(ci): Prep for v3.1 release
• 078b078 Merge commit from fork
• cccd0d4 fix(vendor): fix broke vendor validation (#4839)
• 49447e8 fix(vendor): fix broke vendpor validation
• cc5d5fa Merge commit from fork
• 4cfa178 build(deps): bump actions/configure-pages from 5.0.0 to 6.0.0 (#4834)
• c4bac3b build(deps): bump codecov/codecov-action from 5.5.4 to 6.0.0 (#4836)
• 2f2ce9f Opt: refactor tag list pagination support (#4353)
• 6a02a0e Opt: refactor tag list pagination support
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[gaius-qi]

LGTM