Product-focused polish -header, severity alignment, PASS/FAIL verdict, more

Product-focused polish on the --format text console output. No changes to JSON/SARIF schemas. Exit codes (0/1/2) preserved.

Branded header with tool version and active params (files · config · fail-on) so runs are self-describing in CI logs
Severity badges padded to 8 chars (critical width) so rule IDs line up across MEDIUM  , HIGH    , CRITICAL, LOW     
Clean state is green — no issues found promoted from dim gray
Multi-file aggregate line: 3 files scanned · 18 issues (2 critical, 6 high, 10 medium) · 2 suppressed (not counted)
PASS/FAIL verdict relative to --fail-on: ✓ PASS · threshold: high or ✗ FAIL · N findings at or above high
Suppressed counts pulled out of the breakdown and labeled (not counted) so the math reconciles at a glance

What's Changed

• Bump marketplace-smoke pin to v0.3.3 by @tmatens in #29
• docs/releasing lessons by @tmatens in #30
• Consolidate publish pipeline and document distribution principles by @tmatens in #31
• Add single release gate and per-channel escape hatch by @tmatens in #32
• Remove release workflow by @tmatens in #33
• Refresh README and fix stale docs by @tmatens in #34
• Add Docker Scout vuln scan, SBOM attestation, and pre-push signing hook by @tmatens in #35
• Add ADRs for shellcheck integration and Linux packages by @tmatens in #36
• Brand the text output: header, severity alignment, PASS/FAIL verdict by @tmatens in #37
• Prepare 0.3.4 release by @tmatens in #38

Full Changelog: v0.3.3...v0.3.4