fix: harden release and demo workflows

Fixes all Clawpatch findings by removing shared demo PATH shims, making installers replace binaries atomically, tightening workflow validation, and isolating integration test config roots.

Prepares release metadata for v0.9.3.

Author: Microck

.github/workflows/ci.yml

@@ -37,7 +37,7 @@ jobs:
         run: cargo clippy --all-targets --all-features -- -D warnings
 
       - name: Run cargo check
-        run: cargo check --locked
+        run: cargo check --workspace --all-targets --locked
 
       - name: Run tests
-        run: cargo test -q --locked
+        run: cargo test --workspace --all-targets --locked

.github/workflows/coverage.yml

@@ -29,7 +29,7 @@ jobs:
         uses: Swatinem/rust-cache@v2
 
       - name: Install cargo-llvm-cov
-        run: cargo install cargo-llvm-cov --locked
+        run: cargo install cargo-llvm-cov --version 0.8.7 --locked
 
       - name: Generate coverage report
         run: cargo llvm-cov --workspace --all-features --lcov --output-path lcov.info

.github/workflows/npm-publish.yml

@@ -13,7 +13,7 @@ permissions:
   id-token: write
 
 concurrency:
-  group: npm-publish-${{ github.workflow }}-${{ github.ref }}
+  group: npm-publish-${{ github.workflow }}-${{ github.event_name == 'workflow_run' && github.event.workflow_run.head_sha || github.ref }}
   cancel-in-progress: true
 
 jobs:

.github/workflows/release.yml

@@ -15,7 +15,7 @@ permissions:
   contents: write
 
 concurrency:
-  group: release-${{ github.workflow }}-${{ github.ref }}
+  group: release-${{ github.workflow }}-${{ github.event_name == 'workflow_dispatch' && inputs.release_tag || github.ref_name }}
   cancel-in-progress: false
 
 jobs:
@@ -44,7 +44,7 @@ jobs:
         run: |
           cargo fmt --check
           cargo clippy --all-targets --all-features -- -D warnings
-          cargo test -q --locked
+          cargo test --workspace --all-targets --locked
 
   build:
     needs: verify

.github/workflows/security.yml

@@ -10,7 +10,6 @@ on:
 
 permissions:
   contents: read
-  security-events: write
 
 concurrency:
   group: security-${{ github.workflow }}-${{ github.ref }}
@@ -32,7 +31,7 @@ jobs:
         uses: Swatinem/rust-cache@v2
 
       - name: Install cargo-audit
-        run: cargo install cargo-audit --locked
+        run: cargo install cargo-audit --version 0.22.2 --locked
 
       - name: Audit dependencies
         run: cargo audit

.gitignore

@@ -1,5 +1,7 @@
 
 # ── local workflow / agent state ──
+.clawpatch/
+.workflow/
 .gsd/
 .artifacts/
 .bg-shell/

CHANGELOG.md

@@ -7,6 +7,16 @@ Before `1.0.0`, breaking changes may still ship in minor releases.
 
 ## [Unreleased]
 
+## [0.9.3]
+
+### Fixed
+
+- Hardened demo scripts so they no longer use a predictable shared `/tmp` PATH shim before running authenticated `kagi` commands.
+- Made Unix and PowerShell installers replace existing binaries through staged same-directory writes instead of overwriting the installed binary directly.
+- Tightened release, publish, security, coverage, CI, and Makefile checks for more reproducible and complete release validation.
+- Isolated integration test home and XDG directories so local user config cannot leak into test runs.
+- Reduced default CLI failure output to a single user-facing diagnostic.
+
 ## [0.9.2]
 
 ### Added

Cargo.lock

@@ -1,6 +1,6 @@
 [package]
 name = "kagi"
-version = "0.9.2"
+version = "0.9.3"
 edition = "2024"
 description = "Agent-native CLI for Kagi subscribers with JSON-first search output"
 license = "MIT"

Cargo.toml

@@ -4,7 +4,7 @@ build:
 	cargo build --release
 
 test:
-	cargo test -q --locked
+	cargo test --workspace --all-targets --locked
 
 fmt:
 	cargo fmt --check
@@ -16,7 +16,7 @@ check: fmt lint test
 
 coverage:
 	rustup component add llvm-tools-preview
-	cargo install cargo-llvm-cov --locked
+	cargo install cargo-llvm-cov --version 0.8.7 --locked
 	cargo llvm-cov --workspace --all-features --lcov --output-path lcov.info
 
 setup-hooks: