chore(main): release 0.3.4

[Aureliolo]

🤖 I have created a release beep boop

0.3.4 (2026-03-18)

Bug Fixes

• cli: support cosign v3 bundle format for signature verification (#546) (6115eff), closes #532

---

This PR was generated with Release Please. See documentation.

[coderabbitai]

Important

Review skipped

Auto reviews are limited based on label configuration.

🚫 Review skipped — only excluded labels are configured. (1)

• autorelease: pending

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 95cf3168-de3d-47fc-827e-40af5725fb94

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch release-please--branches--main--components--synthorg

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch release-please--branches--main--components--synthorg

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request represents an automated release for version 0.3.4 of the project. It primarily updates the project's version across various configuration and source files and incorporates a critical bug fix related to Cosign v3 bundle format support in the CLI.

Highlights

• Version Update: The project's version has been incremented from 0.3.3 to 0.3.4, reflecting a new release.
• CLI Bug Fix: The command-line interface (CLI) now supports the Cosign v3 bundle format for signature verification, resolving a previous issue.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request, generated by release-please, prepares for the 0.3.4 release. The changes correctly increment the version number in .github/.release-please-manifest.json, pyproject.toml, and src/synthorg/__init__.py. The CHANGELOG.md is also updated with the contents of this release, which includes a bug fix for cosign v3 signature verification. The automated changes appear correct and I have no feedback on the modifications in this pull request.

[Aureliolo]

🤖 Created releases:

• v0.3.4

🌻

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.49%. Comparing base (a32cb1b) to head (14f13a5).
⚠️ Report is 2 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #547   +/-   ##
=======================================
  Coverage   92.49%   92.49%           
=======================================
  Files         542      542           
  Lines       26655    26655           
  Branches     2544     2544           
=======================================
  Hits        24655    24655           
  Misses       1598     1598           
  Partials      402      402           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.