update changelog9.34

[joamatab]

• update changelog
• update

Summary by Sourcery

Update release notes and introduce an automated Claude-based pull request review workflow.

CI:

• Add a GitHub Actions workflow to run automated Claude code reviews on pull requests and relevant issue comments.

Documentation:

• Extend CHANGELOG with recent PR entries, including design rule updates and packaging changes.

[sourcery-ai]

Reviewer's Guide

Adds release note entries to the changelog and introduces a new GitHub Actions workflow that uses the Claude code review action for automated PR reviews in this repository.

Sequence diagram for Claude PR Review workflow execution

sequenceDiagram
  participant Dev as Developer
  participant GH as GitHub
  participant WF as Workflow_Claude_PR_Review
  participant CO as actions_checkout_v4
  participant CC as anthropics_claude_code_action
  participant AN as Anthropic_API

  Dev->>GH: Open or update pull request
  GH-->>WF: Trigger pull_request event
  WF->>CO: Checkout repository with fetch-depth 0
  CO-->>WF: Repository checked out
  WF->>CC: Run Claude code review job
  CC->>AN: Call Claude API with anthropic_api_key
  AN-->>CC: Return code review analysis
  CC-->>GH: Post review comments on PR

  Dev->>GH: Add PR comment containing @claude
  GH-->>WF: Trigger issue_comment event
  WF->>CC: Run Claude code review job (comment triggered)
  CC->>AN: Call Claude API with context from comment
  AN-->>CC: Return updated review
  CC-->>GH: Post additional review comments on PR

Loading

File-Level Changes

Change	Details	Files
Extend changelog with recent PR and release notes entries above the 1.4.1 section.	Insert new bullet points for several merged PRs, including straight-ring handling, CI checkout version bump, prior changelog updates, and removal of samples from the wheel Place the new entries in the Towncrier-managed section before the existing 1.4.1 release notes	CHANGELOG.md
Introduce an automated Claude-based pull request review workflow in GitHub Actions.	Create a new GitHub Actions workflow triggered on pull_request events and issue comments Configure permissions and checkout of the repository using actions/checkout@v4 Invoke anthropics/claude-code-action@beta with repository-specific custom review instructions, model selection, timeout, and allowed tools	.github/workflows/claude-pr-review.yml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've found 1 issue, and left some high level feedback:

• The claude-pr-review workflow currently runs on every pull_request event regardless of the @claude trigger phrase; if the intent is on‑demand reviews only, tighten the if: condition to require the trigger phrase for PR events as well.
• Consider pinning anthropics/claude-code-action to a specific version or commit instead of @beta to avoid unexpected behavior from upstream changes in your CI pipeline.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The `claude-pr-review` workflow currently runs on every `pull_request` event regardless of the `@claude` trigger phrase; if the intent is on‑demand reviews only, tighten the `if:` condition to require the trigger phrase for PR events as well.
- Consider pinning `anthropics/claude-code-action` to a specific version or commit instead of `@beta` to avoid unexpected behavior from upstream changes in your CI pipeline.

## Individual Comments

### Comment 1
<location> `.github/workflows/claude-pr-review.yml:7-11` </location>
<code_context>
+  contents: read
+  pull-requests: write
+  issues: write
+  id-token: write
+jobs:
+  claude-review:
</code_context>

<issue_to_address>
**🚨 suggestion (security):** Consider dropping `id-token: write` permission if the workflow does not use OIDC

`id-token: write` lets the workflow request OIDC tokens, typically only needed for federated auth with external services (e.g., cloud providers). If this job doesn’t actually use OIDC, please remove this permission to adhere to least‑privilege access.

```suggestion
permissions:
  contents: read
  pull-requests: write
  issues: write
```
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

🚨 suggestion (security): Consider dropping id-token: write permission if the workflow does not use OIDC

id-token: write lets the workflow request OIDC tokens, typically only needed for federated auth with external services (e.g., cloud providers). If this job doesn’t actually use OIDC, please remove this permission to adhere to least‑privilege access.

Suggested change

	permissions:
	contents: read
	pull-requests: write
	issues: write
	id-token: write
	permissions:
	contents: read
	pull-requests: write
	issues: write