Perform more strict validation of *all* media types

[tianon]

Docker media types inside OCI media types is semantically fine (and Docker sure doesn't care), but technically invalid, so this increases our validation from just the manifest media type all the way down to the config and layer media types also.

See also docker-library/official-images#13950 (comment) (docker-library/official-images#13983)

[tianon]

$ bashbrew build ubuntu
Building bashbrew/cache:d7486128b40a58cd530279d02b41b6f8e7c873920ec7bc23610b89e2e7beae4b (ubuntu:18.04)
failed oci-import build of "ubuntu" (tags "18.04, bionic-20230126, bionic")
unsupported mediaType "application/vnd.docker.container.image.v1+json" for config descriptor "sha256:5d2df19066aca89df8e5317544a1cb599dc657830184762ff6fdefaaf708db65" (from directory "oci" in commit "4dd8c0973fccaf8699bac0a666f007b9d05c95fd")

[codecov-commenter]

Codecov Report

Merging #64 (057b598) into master (82fa443) will not change coverage.
The diff coverage is n/a.

📣 This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more

@@           Coverage Diff           @@
##           master      #64   +/-   ##
=======================================
  Coverage   73.10%   73.10%           
=======================================
  Files           7        7           
  Lines         714      714           
=======================================
  Hits          522      522           
  Misses        162      162           
  Partials       30       30           

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[tianon]

(I also tested this successfully against my older oci-debian example that had the correct media types throughout)