chore(main): release 0.3.3

[Aureliolo]

🤖 I have created a release beep boop

0.3.3 (2026-03-18)

Features

• backup: implement automated backup and restore system (#541) (867b7c1)
• providers: runtime provider management with CRUD, presets, and multi-auth (#540) (936c345), closes #451
• tools: wire per-category sandbox backend selection (#534) (311a1ab)

Bug Fixes

• cli: switch cosign verification from .sig tags to OCI referrers (#533) (8ee5471), closes #532

CI/CD

• bump wrangler from 4.74.0 to 4.75.0 in /.github in the minor-and-patch group (#535) (de15867)

Maintenance

• bump github.com/google/go-containerregistry from 0.21.2 to 0.21.3 in /cli in the minor-and-patch group (#536) (4a09aed)
• bump litellm from 1.82.3 to 1.82.4 in the minor-and-patch group (#538) (9f7f83d)
• bump vue-tsc from 3.2.5 to 3.2.6 in /web in the minor-and-patch group across 1 directory (#537) (eb3dc4e)

---

This PR was generated with Release Please. See documentation.

[coderabbitai]

Important

Review skipped

Auto reviews are limited based on label configuration.

🚫 Excluded labels (none allowed) (1)

• autorelease: pending

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: a9501e71-ecb1-4d4a-9595-8e0636bb72c1

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Version 0.3.2 is bumped to 0.3.3 across release manifest, project configuration, and module exports. A changelog entry documents a CLI cosign signature verification bug fix that switches from deprecated .sig tags to OCI referrers.

Changes

Cohort / File(s)	Summary
Version Bumps .github/.release-please-manifest.json, pyproject.toml, src/synthorg/__init__.py	Updates version string from 0.3.2 to 0.3.3 in release manifest, Python project configuration, and module __version__ export.
Release Notes .github/CHANGELOG.md	Adds changelog entry for version 0.3.3 documenting CLI cosign verification bug fix: switched from deprecated .sig tags to OCI referrers API.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• chore: reset version to 0.2.3 for re-release #444: Modifies the same version-related entries across release manifest, project configuration, and module exports.

Suggested labels

autorelease: tagged

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Linked Issues check	⚠️ Warning	The PR claims to address issue #532 (cosign verification fix) but the actual code changes are only version bumps. The bug fix implementation appears to be in a separate commit (8ee5471) not included in this PR's file changes.	This PR only bumps versions and documents the fix. Verify that the actual cosign.go rewrite and CI changes from commit 8ee5471 are present, or clarify if this is purely a release automation PR.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The pull request title 'chore(main): release 0.3.3' clearly summarizes the main change, which is a version bump release. This is a standard release commit title.
Out of Scope Changes check	✅ Passed	All changes are scoped to version bumping across manifest, changelog, pyproject.toml, and init.py files, which are expected for a release commit generated by Release Please.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description check	✅ Passed	The PR description clearly relates to the changeset, detailing a 0.3.3 release that includes bug fixes, features, and maintenance updates matching the version bumps shown in the files.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch release-please--branches--main--components--synthorg

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch release-please--branches--main--components--synthorg

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request automates the release of version 0.3.3 for the synthorg project. The primary change included in this release is a critical bug fix that updates the Cosign verification mechanism within the CLI, enhancing security and compatibility by utilizing OCI referrers instead of .sig tags.

Highlights

• Version Bump: Updated the project version from 0.3.2 to 0.3.3 across various configuration and source files.
• Bug Fix: Implemented a bug fix in the CLI to switch Cosign verification from .sig tags to OCI referrers, addressing issue fix(cli): switch cosign verification from .sig tags to OCI referrers #533 and closing fix(cli): cosign signature verification fails with MANIFEST_UNKNOWN #532.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[gemini-code-assist]

Code Review

This pull request is an automated release, updating the project version from 0.3.2 to 0.3.3 across the manifest, changelog, pyproject.toml, and src/synthorg/__init__.py. The changes are consistent with a version bump and include the changelog entry for the new release. No further issues or improvements were identified in these automated changes.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.01%. Comparing base (9f7f83d) to head (6d60bb0).
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #539   +/-   ##
=======================================
  Coverage   93.01%   93.01%           
=======================================
  Files         526      526           
  Lines       25687    25687           
  Branches     2437     2437           
=======================================
  Hits        23893    23893           
  Misses       1429     1429           
  Partials      365      365           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Aureliolo]

🤖 Created releases:

• v0.3.3

🌻

[github-actions]

Preview Deployment

URL: https://pr-539.synthorg-pr-preview.pages.dev

Built from commit 29b2e87