chore: revert v0.3.3 release artifacts (Docker signing failed)

[Aureliolo]

Summary

The v0.3.3 release failed because cosign signing required COSIGN_EXPERIMENTAL=1 (fixed in #543). The v0.3.3 tag and draft release have been deleted. This PR reverts the release artifacts so Release Please can create a clean release on the next merge to main.

• Revert version 0.3.3 -> 0.3.2 in pyproject.toml, __init__.py, .release-please-manifest.json
• Remove 0.3.3 changelog section from CHANGELOG.md
• Revert LICENSE change date

What happened

1. PR fix(cli): switch cosign verification from .sig tags to OCI referrers #533 added --registry-referrers-mode=oci-1-1 to cosign sign commands
2. cosign v3.0.3 (installed by cosign-installer v4.1.0) requires COSIGN_EXPERIMENTAL=1 for that flag
3. All 3 image signing steps failed on the v0.3.3 tag push
4. Finalize-release never published the draft (waits for Docker + CLI success)
5. PR fix(ci): add COSIGN_EXPERIMENTAL=1 for OCI referrer mode in cosign sign #543 added the missing env var
6. Tag v0.3.3 and draft release deleted manually
7. This PR resets version state so Release Please starts fresh

After merge

Release Please will see new commits (including #543 cosign fix) and create a release PR for v0.3.3 with the fix baked in.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: a483f031-da07-4e98-9426-7e1ce84e59db

📥 Commits

Reviewing files that changed from the base of the PR and between 226ed2f and 1bcbb47.

📒 Files selected for processing (5)

• .github/.release-please-manifest.json
• .github/CHANGELOG.md
• LICENSE
• pyproject.toml
• src/synthorg/__init__.py

💤 Files with no reviewable changes (1)

• .github/CHANGELOG.md

📜 Recent review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Test (Python 3.14)
• GitHub Check: Build Backend
• GitHub Check: Build Sandbox
• GitHub Check: Analyze (python)

🧰 Additional context used

📓 Path-based instructions (4)

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: No from __future__ import annotations — Python 3.14 has PEP 649 native lazy annotations
PEP 758 except syntax: use except A, B: (no parentheses) — ruff enforces this on Python 3.14
Line length: 88 characters (ruff)

Files:

• src/synthorg/__init__.py

src/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

src/**/*.py: Type hints: all public functions, mypy strict mode
Docstrings: Google style, required on public classes/functions (enforced by ruff D rules)
Immutability: create new objects, never mutate existing ones. For non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement
For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence)
Config vs runtime state: frozen Pydantic models for config/identity; separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves
Never mix static config fields with mutable runtime fields in one model
Models: Pydantic v2 (BaseModel, model_validator, computed_field, ConfigDict). Use @computed_field for derived values instead of storing + validating redundant fields
Use NotBlankStr (from core.types) for all identifier/name fields — including optional (NotBlankStr | None) and tuple (tuple[NotBlankStr, ...]) variants — instead of manual whitespace validators
Async concurrency: prefer asyncio.TaskGroup for fan-out/fan-in parallel operations in new code (e.g. multiple tool invocations, parallel agent calls). Prefer structured concurrency over bare create_task
Functions: < 50 lines, files < 800 lines
Errors: handle explicitly, never silently swallow
Validate: at system boundaries (user input, external APIs, config files)

Files:

• src/synthorg/__init__.py

src/synthorg/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

src/synthorg/**/*.py: Every module with business logic MUST have: from synthorg.observability import get_logger then logger = get_logger(__name__)
Never use import logging / logging.getLogger() / print() in application code
Variable name: always logger (not _logger, not log)
Event names: always use constants from the domain-specific module under synthorg.observability.events (e.g., API_REQUEST_STARTED from events.api, TOOL_INVOKE_START from events.tool). Import directly: from synthorg.observability.events.<domain> import EVENT_CONSTANT
Structured kwargs: always logger.info(EVENT, key=value) — never logger.info("msg %s", val)
All error paths must log at WARNING or ERROR with context before raising
All state transitions must log at INFO
DEBUG for object creation, internal flow, entry/exit of key functions
API reference: auto-generated from docstrings via mkdocstrings + Griffe (AST-based, no imports); document all public APIs with Google-style docstrings
Observability: use structured logging via get_logger() and observability.events constants; correlation tracking for multi-agent workflows

Files:

• src/synthorg/__init__.py

{src,tests}/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

Vendor-agnostic everywhere: NEVER use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples. Use generic names: example-provider, example-large-001, example-medium-001, example-small-001, large/medium/small as aliases

Files:

• src/synthorg/__init__.py

🧠 Learnings (3)

📓 Common learnings

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-15T11:48:14.867Z
Learning: Applies to .github/workflows/docker.yml : CI Docker: build → scan → push to GHCR + cosign sign + SLSA L3 provenance via attest-build-provenance (images only pushed after Trivy/Grype scans pass).

📚 Learning: 2026-03-18T11:08:24.271Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-18T11:08:24.271Z
Learning: Commits: `<type>: <description>` — types: feat, fix, refactor, docs, test, chore, perf, ci; enforced by commitizen (commit-msg hook)

Applied to files:

• pyproject.toml

📚 Learning: 2026-03-18T11:08:24.271Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-18T11:08:24.271Z
Learning: Applies to src/synthorg/**/*.py : API reference: auto-generated from docstrings via mkdocstrings + Griffe (AST-based, no imports); document all public APIs with Google-style docstrings

Applied to files:

• src/synthorg/__init__.py

🔇 Additional comments (4)

.github/.release-please-manifest.json (1)

1-3: LGTM!

Version correctly reverted to 0.3.2. This will allow Release Please to detect new commits and create a fresh release PR for v0.3.3 with the cosign fix included.

src/synthorg/__init__.py (1)

1-3: LGTM!

Version correctly reverted to 0.3.2 with the x-release-please-version marker preserved. This is the source of truth for hatch versioning as configured in pyproject.toml.

pyproject.toml (1)

218-221: LGTM!

Commitizen version correctly reverted to 0.3.2 with the x-release-please-version marker preserved. This ensures tag generation stays in sync with the package version.

LICENSE (1)

33-33: LGTM!

Change Date correctly reverted to March 17, 2029, corresponding to the v0.3.2 release. When Release Please creates the new v0.3.3 release, this date will be updated appropriately.

---

📝 Walkthrough

Summary by CodeRabbit

• Revert
  • Version rolled back from 0.3.3 to 0.3.2
  • Changelog entry for 0.3.3 removed

Walkthrough

This PR downgrades the package version from 0.3.3 to 0.3.2 across release manifest, configuration files, and package metadata. It removes the corresponding 0.3.3 changelog entry and adjusts the license change date by one day.

Changes

Cohort / File(s)	Summary
Version and Release Configuration .github/.release-please-manifest.json, pyproject.toml, src/synthorg/__init__.py	Version downgraded from 0.3.3 to 0.3.2 across release manifest, commitizen config, and package __version__ attribute.
Documentation and Licensing .github/CHANGELOG.md, LICENSE	Removed entire 0.3.3 changelog section (26 lines); updated license change date from March 18, 2029 to March 17, 2029.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• chore: reset version to 0.2.3 for re-release #444: Performs near-identical version reset across release manifest, commitizen config, and package __version__ attributes.
• chore(main): release 0.3.3 #539: This PR directly reverts the release changes introduced in PR #539 by downgrading the version and removing the 0.3.3 changelog entry.

Suggested labels

autorelease: tagged

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and accurately describes the main change: reverting v0.3.3 release artifacts due to Docker signing failure, which aligns perfectly with the changeset modifications.
Description check	✅ Passed	The description provides comprehensive context explaining the release failure, the root cause, and the specific files being reverted, directly relating to all changes in the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/revert-v033-release

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch fix/revert-v033-release

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request aims to reset the repository's state following a failed v0.3.3 release. The release process encountered an issue with Docker image signing, specifically requiring an experimental flag for cosign that was not set. To ensure a clean slate, this PR reverts all artifacts associated with the v0.3.3 release, including version numbers and changelog entries, allowing the automated release system to correctly generate a new v0.3.3 release with the necessary fixes.

Highlights

• Version Reversion: Reverted the project version from 0.3.3 back to 0.3.2 across pyproject.toml, __init__.py, and .release-please-manifest.json to undo the effects of a failed release.
• Changelog Update: Removed the 0.3.3 changelog section from CHANGELOG.md as the release it documented was unsuccessful.
• License Date Correction: Reverted the Change Date in the LICENSE file from March 18, 2029, to March 17, 2029, aligning with the previous version state.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request reverts the versioning and changelog artifacts from the failed v0.3.3 release. The changes correctly reset the version number to 0.3.2 in pyproject.toml, src/synthorg/__init__.py, and .github/.release-please-manifest.json. It also removes the generated changelog entry for v0.3.3 and reverts the associated date change in the LICENSE file. These reversions are consistent with the stated goal of allowing the release automation to create a new, clean v0.3.3 release. The changes are accurate and sufficient for this purpose.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.49%. Comparing base (c3de2a2) to head (1bcbb47).
⚠️ Report is 2 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #544   +/-   ##
=======================================
  Coverage   92.49%   92.49%           
=======================================
  Files         542      542           
  Lines       26655    26655           
  Branches     2544     2544           
=======================================
  Hits        24655    24655           
  Misses       1598     1598           
  Partials      402      402           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.