chore(main): release 0.2.4

[Aureliolo]

🤖 I have created a release beep boop

0.2.4 (2026-03-15)

Bug Fixes

• attach cosign signatures and provenance bundle to release assets (#438) (f191a4d)
• create git tag explicitly for draft releases (#432) (1f5120e)
• docker healthcheck, CI optimization, and container hardening (#436) (4d32bca)
• ensure security headers on all HTTP responses (#437) (837f2fc)
• make install scripts usable immediately without terminal restart (#433) (b45533c)
• migrate pids_limit to deploy.resources.limits.pids (#439) (66b94fd)

Refactoring

• redesign release notes layout (#434) (239aaf7)

Maintenance

• site: replace hero CTA with license link and scroll arrow (#440) (56af41c)
• web: adopt @vue/tsconfig preset (#435) (7d4b214)

---

This PR was generated with Release Please. See documentation.

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

⛔ Ignored keywords (2)

• chore(main): release ai-company
• chore(main): release

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 78564ae5-0fa3-42b9-91bf-827a65ffa60e

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch release-please--branches--main--components--synthorg

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch release-please--branches--main--components--synthorg

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request marks the release of version 0.2.0, representing a substantial leap forward in the project's capabilities and robustness. It integrates a multitude of new functionalities, significantly bolsters security and stability across the platform, and refines the underlying architecture for improved maintainability and scalability. The changes collectively aim to provide a more comprehensive, secure, and developer-friendly experience.

Highlights

• Major Feature Additions: Introduced a wide range of new features including a CLI installer page, a dependency update PR review skill, approval workflow gates for TaskEngine, a CFO cost optimization service with anomaly detection, a comprehensive code quality toolchain, container packaging with Docker Compose, a cross-platform Go CLI, various memory backend adapters, PR preview deployments via Cloudflare Pages, a SecOps security agent, and a web dashboard built with Vue 3.
• Security and Stability Enhancements: Implemented numerous bug fixes and hardening measures, addressing post-merge review findings, correcting API reference links, improving release workflow, strengthening API key hashing, enhancing Docker sandbox security, and resolving CodeQL path-injection alerts. The CI/CD pipeline also received significant hardening.
• Architectural Refinements and Refactoring: Undertook significant refactoring efforts, including renaming the package from ai_company to synthorg, adopting NotBlankStr across models, extracting base classes, and improving validation and error handling in key components like BudgetEnforcer.
• Improved Development Workflow and Documentation: Enhanced the CI/CD pipeline with Release Please for automated versioning, added SLSA L3 provenance, and updated various Dependabot actions. Documentation was expanded with new ADRs, a contributing guide, and a rebranded documentation site, alongside new review skills to streamline development.

Changelog

• .github/CHANGELOG.md
  • Added a comprehensive list of features, bug fixes, performance improvements, refactoring changes, documentation updates, tests, CI/CD enhancements, and maintenance tasks for version 0.2.0.

Activity

• No human activity detected in this pull request.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request, which appears to be an automated release for version 0.2.0, is critically flawed. It attempts to downgrade the project's version from 0.2.3 to 0.2.0. Version numbers must be monotonically increasing to follow semantic versioning and ensure compatibility with package managers. Furthermore, the generated changelog for version 0.2.0 incorrectly includes changes from subsequent releases like 0.2.1, 0.2.2, and 0.2.3. This indicates a significant problem with the release automation setup that needs to be resolved before proceeding.

[gemini-code-assist]

This changelog entry is for version 0.2.0, but it is being added on top of the existing 0.2.3 release. Changelogs should be in reverse chronological order, with the newest version at the top. The compare link compare/v0.2.3...v0.2.0 is also inverted. This indicates a fundamental issue in the release generation process that needs to be addressed.

[gemini-code-assist]

The project version is being downgraded from 0.2.3 to 0.2.0. This is a critical issue. According to semantic versioning principles, new releases must have a version number that is higher than any previous release. Downgrading the version can cause significant problems for users and package managers. Please correct this to a version greater than 0.2.3.

[greptile-apps]

Greptile Summary

This is a Release Please–generated release PR that bumps the project from v0.2.3 to v0.2.4. All four version markers are updated consistently and correctly, and the CHANGELOG comparison URL points in the right direction (v0.2.3...v0.2.4).

• .github/.release-please-manifest.json: manifest version advanced to "0.2.4" ✓
• .github/CHANGELOG.md: new 0.2.4 section prepended with correct comparison URL and complete list of included fixes/refactors/maintenance entries ✓
• pyproject.toml: commitizen version field bumped to "0.2.4" ✓
• src/synthorg/__init__.py: __version__ bumped to "0.2.4" ✓

No issues were found. This PR is safe to merge as-is.

Confidence Score: 5/5

• This PR is safe to merge — all version markers are updated consistently and the changelog is well-formed.
• All four changed files make a single, mechanical version bump from 0.2.3 to 0.2.4 with no logic changes, no regressions, and no inconsistencies between files. The CHANGELOG comparison URL is correctly ordered and the included entries match the PR description.
• No files require special attention.

Important Files Changed

Filename	Overview
.github/.release-please-manifest.json	Correctly advances the Release Please tracked version from 0.2.3 to 0.2.4.
.github/CHANGELOG.md	Prepends a new 0.2.4 section with a correctly-ordered comparison URL (v0.2.3...v0.2.4) and accurate changelog entries.
pyproject.toml	Commitizen version field bumped from 0.2.3 to 0.2.4 via the x-release-please-version marker; no other changes.
src/synthorg/init.py	__version__ correctly advanced from "0.2.3" to "0.2.4", consistent with all other version markers.

_{Last reviewed commit: 3cc4d57}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.67%. Comparing base (837f2fc) to head (3cc4d57).
⚠️ Report is 5 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #431   +/-   ##
=======================================
  Coverage   93.67%   93.67%           
=======================================
  Files         469      469           
  Lines       22213    22213           
  Branches     2144     2144           
=======================================
  Hits        20808    20808           
  Misses       1094     1094           
  Partials      311      311           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Aureliolo]

🤖 Created releases:

• v0.2.4

🌻