chore: release v3.4.0

[mise-en-dev]

🚀 Features

• (spec) output KDL multiline strings for descriptions by @gaojunran in #639

🐛 Bug Fixes

• (ci) preserve release push credentials by @jdx in #650
• (nushell) use caret for invoking cmd in completion script by @silvanshade in #638
• (parse) keep inherited global flags when a subcommand re-declares them as non-global by @JamBalaya56562 in #649
• (zsh) consistently single-quote choice values containing spaces by @jdx in #635

🛡️ Security

• (ci) add zizmor workflow for github actions security analysis by @jdx in #633

🔍 Other Changes

• (ci) make sponsor blurb append idempotent by @jdx in #627
• (ci) remove autofix.ci workflow by @jdx in #631
• (ci) assert mise run render produces no diff by @jdx in #632
• (ci) add PR autocloser by @jdx in #640
• remove pull_request_target workflow by @jdx in #629
• remove caching from publishing workflows by @jdx in #630

📦️ Dependency Updates

• lock file maintenance by @renovate[bot] in #621
• update taiki-e/install-action digest to e5de28a by @renovate[bot] in #624
• update rust crate ctor to 0.12 by @renovate[bot] in #625
• update taiki-e/install-action digest to 4c7e9f3 by @renovate[bot] in #626
• update rust crate ctor to v1 by @renovate[bot] in #637
• update codecov/codecov-action digest to e79a696 by @renovate[bot] in #642
• update zizmorcore/zizmor-action action to v0.5.4 by @renovate[bot] in #644
• update rust crate assert_cmd to v2.2.2 by @renovate[bot] in #643
• update rust crate serde_with to v3.20.0 by @renovate[bot] in #645
• lock file maintenance by @renovate[bot] in #647
• update zizmorcore/zizmor-action action to v0.5.6 by @renovate[bot] in #648

New Contributors

• @JamBalaya56562 made their first contribution in #649
• @silvanshade made their first contribution in #638

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	cargo/​ctor@​1.0.6 ⏵ 1.0.7

View full report

[gemini-code-assist]

Code Review

This pull request bumps the version of the project from 3.3.0 to 3.4.0. The changes include updating the changelog, Cargo manifests, lockfiles, and documentation references to reflect the new version. There are no review comments, so I have no feedback to provide.

[greptile-apps]

Greptile Summary

This is a standard release PR bumping the project from v3.3.0 to v3.4.0, aggregating features, bug fixes, security improvements, and dependency updates merged since the last release.

• Version strings are updated consistently across all relevant files: Cargo.toml, cli/Cargo.toml, lib/Cargo.toml, cli/usage.usage.kdl, docs/cli/reference/commands.json, docs/cli/reference/index.md, and Cargo.lock.
• Cargo.lock picks up several transitive dependency upgrades (notably kdl 6.5→6.7 dropping the num meta-crate in favour of num-traits+serde, winnow 0.6→0.7, and shlex 1.3→2.0); package.json bumps eslint and semver dev-dependencies.
• aube-lock.yaml is reformatted to remove the verbose per-package time: block, consistent with the CI "format release lock after aube update" change noted in the changelog.

Confidence Score: 5/5

Routine release commit — all changes are version bumps, generated artifact updates, and a changelog addition. No logic changes are introduced directly in this PR.

Every changed file is either a version number update, a generated artifact regenerated from existing source, a lock file update, or a changelog entry. There are no new code paths, no modified business logic, and no altered configuration values beyond the version string itself.

No files require special attention.

Important Files Changed

Filename	Overview
CHANGELOG.md	Adds the v3.4.0 release section with features, bug fixes, security changes, CI changes, and dependency updates.
Cargo.toml	Bumps usage-lib workspace dependency from 3.3.0 to 3.4.0.
cli/Cargo.toml	Bumps usage-cli package version from 3.3.0 to 3.4.0.
lib/Cargo.toml	Bumps usage-lib package version from 3.3.0 to 3.4.0.
Cargo.lock	Updates transitive dependency versions including kdl 6.5→6.7, winnow 0.6→0.7, shlex 1.3→2.0, and removes the num crate. All workspace crate versions updated to 3.4.0.
aube-lock.yaml	Reformatted and significantly trimmed — removes the verbose time: block of per-package timestamps.
cli/usage.usage.kdl	Version string updated from 3.3.0 to 3.4.0 in the generated CLI spec.
docs/cli/reference/commands.json	Version field updated from 3.3.0 to 3.4.0 in the generated CLI reference JSON.
docs/cli/reference/index.md	Version updated from 3.3.0 to 3.4.0 in the generated CLI reference docs.
package.json	Bumps devDependencies: eslint ^10.1.0→^10.4.1, semver ^7.7.4→^7.8.1.

_{Reviews (2): Last reviewed commit: "chore: release v3.4.0" | Re-trigger Greptile}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 73.17%. Comparing base (64e34b3) to head (0b0fd23).

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #652      +/-   ##
==========================================
- Coverage   79.58%   73.17%   -6.42%     
==========================================
  Files          49       49              
  Lines        7430     7596     +166     
  Branches     7430     7596     +166     
==========================================
- Hits         5913     5558     -355     
- Misses       1142     1308     +166     
- Partials      375      730     +355     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.