oci 1.1 referrers selection is order-dependent (last element) #4655
Description
hi, i noticed the oci 1.1 referrers discovery paths select the last referrer returned when multiple results exist, which makes behavior dependent on registry response order.
examples at commit 03be625:
pkg/cosign/verify.go(oci 1.1 signature discovery): warns on multiple results, then selectsresults[numResults-1]pkg/oci/remote/remote.go(attachmentExperimentalOCI): warns on multiple results, then selectsresults[numResults-1]
since referrers ordering is not guaranteed, this can lead to non-deterministic behavior across registries and over time when multiple referrers exist for the same artifactType.
question:
what behavior should cosign prefer when len(index.Manifests) > 1 for a requested artifactType?
- fail closed as ambiguous?
- fetch/verify all matching referrers?
- deterministic selection using a specific key (e.g. validated annotations), and if so which key?
i can send a small PR that at least makes selection deterministic (by sorting descriptors before selecting), but wanted to confirm the intended semantics first.