release(v0.36.0): traceability-enforcement — ASPICE V closed

[avrabe]

v0.36.0 — traceability-enforcement release

Cuts the traceability milestone now that #311 (full ASPICE SWE/SYS tier migration) is merged. No library code change since v0.34.0 — this release closes the ASPICE V-model: rivet validate goes 77 errors → PASS (0 errors), every one of the 44 sw-reqs + 11 system-reqs carries a typed verification backlink.

Catches up the planned v0.35.0 (its SR-43 opaque-rep oracle, #309, ships here; SR-43 retagged v0.36.0). Also bundles #308 (verification matrix) and #310/#300 (multi-memory lowering contract).

Changes

• Cargo.toml / Cargo.lock: 0.34.0 → 0.36.0
• CHANGELOG.md: [0.36.0] entry with falsification statement
• safety-requirements.yaml: SR-43 release tag v0.35.0 → v0.36.0 (ships in this release)

Dependency note

Requires rivet ≥ v0.19.0 (the #570 YAML-parser fix). compliance.yml already bumped to v0.19.0 in #311.

Tag v0.36.0 to be applied on green main after merge; release.yml then produces the signed/SBOM'd assets.

🤖 Generated with Claude Code

[github-actions]

LS-N verification gate

✅ 57/57 approved LS entries verified

	count
Passed (≥1 test, all green)	57
Failed (≥1 test failure)	0
Missing (no ls_*_NN_* test found)	0

_{Approved loss-scenarios.yaml entries are expected to have a
regression test named ls_<letter>_<num>_* (e.g. LS-A-11 →
ls_a_11_*). The gate runs each prefix via cargo test --lib --no-fail-fast and aggregates pass/fail/missing.}

Failed LS entries

(none)

Missing regression tests

(none)

_{Updated automatically by tools/post_verification_comment.py.
Source of truth: safety/stpa/loss-scenarios.yaml.}