repo: Release v1.34.0

**Summary of changes**:

* Security:
  - [CVE-2025-30157](GHSA-cf3q-gqg7-3fm9): Fixed a bug where local replies were incorrectly sent to the ext_proc server.
  - [CVE-2025-31498](GHSA-6hxc-62jh-p29v): Updated c-ares to version 1.34.5 to address a security vulnerability.

* HTTP:
  - Added support for async load balancing, allowing endpoints to respond with their ability to handle requests.
  - Improved HTTP/1 parser to handle newlines between requests correctly per RFC 9112.
  - Added option to ignore specific HTTP/1.1 upgrade values using configurable matchers.
  - Implemented TCP proxy option to read from downstream connections before establishing upstream connections.

* Performance:
  - Improved performance for HTTP/1 ignored upgrades.
  - Enhanced TCP proxy retries to run in a different event loop iteration to avoid connection issues.
  - Added fixed value option for minimum RTT in adaptive concurrency filter.
  - Enhanced dynamic forward proxy with async lookups for null hosts.

* Reliability:
  - Fixed a bug in preconnecting logic that could lead to excessive connection establishment.
  - Fixed port exhaustion issues in the original_src filter by setting the `IP_BIND_ADDRESS_NO_PORT` socket option.
  - Fixed socket option application for additional listener addresses.
  - Fixed crash when creating an EDS cluster with invalid configuration.

* Features:
  - Added support for loading shared libraries at runtime through dynamic modules.
  - Added support for io_uring in the default socket interface.
  - Extended the compression filter with the ability to skip compression for specific response codes.
  - Added support for QUIC-LB draft standard for connection ID generation.
  - Enhanced ext_proc with graceful gRPC side stream closing and added a new `FULL_DUPLEX_STREAMED` body mode.
  - Introduced PKCE support for OAuth2 authorization code flow and SameSite cookie attribute configuration.
  - Added support for monitoring container CPU utilization in Linux Kubernetes environments.
  - Enhanced proxy protocol TLV support to enable more flexible and customizable usage between downstream and upstream connections.
  - Added multiple formatter attributes improvements, e.g., `QUERY_PARAM`, `CUSTOM_FLAGS`, and `PATH`

* Observability:
  - Enhanced Transport Tap with connection information output per event.
  - Added support for directing LRS to report loads when requests are issued.

**Docker images**:
    https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.34.0
**Docs**:
    https://www.envoyproxy.io/docs/envoy/v1.34.0/
**Release notes**:
    https://www.envoyproxy.io/docs/envoy/v1.34.0/version_history/v1.34/v1.34.0
**Full changelog**:
    v1.33.0...v1.34.0

Author: publish-envoy[bot]

VERSION.txt

@@ -1 +1 @@
-1.34.0-dev
+1.34.0

changelogs/current.yaml

@@ -1,10 +1,6 @@
-date: Pending
-
-behavior_changes:
-# *Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required*
+date: April 15, 2025
 
 minor_behavior_changes:
-# *Changes that may cause incompatibilities for some users, but should not for most*
 - area: geoip
   change: |
     The ``isp_db_path`` has been renamed to ``asn_db_path`` to keep the name consistent with the code behavior.
@@ -68,7 +64,6 @@ minor_behavior_changes:
     TLS parameter to enforce restrictions based on a given policy (e.g. FIPS).
 
 bug_fixes:
-# *Changes expected to improve the state of the world and are unlikely to have negative effects*
 - area: dfp
   change: |
     Fixes a bug when loading a DNS cache entry with an empty authority/host header. This fix can be reverted by setting
@@ -173,7 +168,6 @@ bug_fixes:
     stored in a file was not watched by SDS API.
 
 removed_config_or_runtime:
-# *Normally occurs at the end of the* :ref:`deprecation period <deprecated>`
 - area: http
   change: |
     Removed runtime guard ``envoy.reloadable_features.consistent_header_validation`` and legacy code paths.
@@ -435,5 +429,3 @@ new_features:
 - area: dns
   change: |
     Update C-ares to version 1.34.5 to address **CVE-2025-31498**.
-
-deprecated: