v3.0.2

v3.0.2 — Security patch release 🔒

Closes 5 open Dependabot alerts via targeted uv.lock upgrades. No API changes — fully backward compatible with v3.0.1.

Security fixes

Tracked in CUSS-458. All bumps applied to uv.lock only; pyproject.toml constraints unchanged.

Severity	Package	Old	New	Alert
High (7.5)	pyjwt	2.11.0	2.12.1	#5
Medium (6.6)	python-dotenv	1.2.1	1.2.2	#17
Medium (5.4)	authlib	1.6.9	1.7.0	#16
Medium (5.3)	python-multipart	0.0.22	0.0.26	#15
Low (3.3)	pygments	2.19.2	2.20.0	#12

Additional transitive changes

• pymdown-extensions 10.20 → 10.21.2 — required for pygments 2.20.0 compatibility in docs build (see pymdownx 10.21.2 / pygments#3076). Docs-only dependency.
• joserfc 1.6.4 — new transitive of authlib; not imported at runtime.

Risk assessment

Direct-code impact review: none of the vulnerable code paths are exercised by the SDK or MCP server. Bumps applied proactively to keep the alert dashboard clean and maintain a strong supply-chain posture.

Verification

• pytest — 1222 passed / 175 skipped
• ruff check + ruff format --check — clean
• mypy src/devrev — no issues in 71 source files
• mkdocs build --strict — clean
• CI — 8/8 green across Python 3.11 / 3.12 / 3.13
• Cloud Run — deployed successfully

Installation

pip install py-devrev==3.0.2
# or
uv add py-devrev==3.0.2

Commits

• cae6ac0 — chore(release): v3.0.2
• c942a9e — fix(deps): close 5 open Dependabot alerts (#217)

Related

• PR: #217
• Linear: CUSS-458
• Full diff: v3.0.1...v3.0.2

v3.0.1

What's Changed

• chore(release): v3.0.1 (c5d92aa)
• refactor(services): extract shared _MAX_PAGE and resolve_page_limit helper (#216) (9d3c2a6)

Installation

pip install py-devrev==3.0.1

Full Changelog

See CHANGELOG.md

What's Changed

• refactor(services): extract shared _MAX_PAGE and resolve_page_limit helper (CUSS-457) by @mgmonteleone in #216

Full Changelog: v3.0.0...v3.0.1

v3.0.0

What's Changed

• chore: bump version to 3.0.0 for release (6987b26)
• feat: date-based listing helpers for works and conversations (CUSS-451) (#215) (465a500)

Installation

pip install py-devrev==3.0.0

Full Changelog

See CHANGELOG.md

What's Changed

• feat: date-based listing helpers for works and conversations (CUSS-451) by @mgmonteleone in #215

Full Changelog: v2.14.1...v3.0.0

v2.14.1

What's Changed

• chore: bump version to 2.14.1 for release (77d44c1)
• chore(deps): Bump pytest from 8.4.2 to 9.0.3 (CUSS-409) (fe26a2f)

Installation

pip install py-devrev==2.14.1

Full Changelog

See CHANGELOG.md

What's Changed

• chore(deps): Bump pytest from 8.4.2 to 9.0.3 (CUSS-409) by @mgmonteleone in #212

Full Changelog: v2.14.0...v2.14.1

v2.14.0

What's Changed

• chore: bump version to 2.14.0 for release (a94bae2)
• feat: Add DON ID type validation, Rev Orgs service, and dependency updates (#207) (2fec509)

Installation

pip install py-devrev==2.14.0

Full Changelog

See CHANGELOG.md

What's Changed

• feat: Add DON ID type validation and Rev Orgs service (CUSS-396, CUSS-397) by @mgmonteleone in #207

Full Changelog: v2.13.0...v2.14.0

v2.13.0

What's Changed

• fix: resolve mypy type errors in content converter (#160) (d657b08)
• chore: bump version to 2.13.0 and update changelog (4a3ed86)
• feat: Add article content format handling to all article endpoints (#160) (23e9ecd)

Installation

pip install py-devrev==2.13.0

Full Changelog

See CHANGELOG.md

What's Changed

• feat: Add article content format handling to all article endpoints by @mgmonteleone in #205

Full Changelog: v2.12.2...v2.13.0

v2.12.2

What's Changed

• chore: bump version to 2.12.2 for release (3ab6489)
• ci(deps): bump codecov/codecov-action from 5 to 6 (#203) (4755834)
• ci(deps): bump actions/configure-pages from 4 to 6 (#202) (baee757)
• chore(deps): bump the uv group across 1 directory with 2 updates (#201) (b4a3fc7)
• ci(deps): bump peter-evans/create-pull-request from 6 to 8 (#199) (ab26a0c)

Installation

pip install py-devrev==2.12.2

Full Changelog

See CHANGELOG.md

What's Changed

• ci(deps): bump peter-evans/create-pull-request from 6 to 8 by @dependabot[bot] in #199
• chore(deps): bump the uv group across 1 directory with 2 updates by @dependabot[bot] in #201
• ci(deps): bump actions/configure-pages from 4 to 6 by @dependabot[bot] in #202
• ci(deps): bump codecov/codecov-action from 5 to 6 by @dependabot[bot] in #203

Full Changelog: v2.12.1...v2.12.2

v2.12.1

What's Changed

• chore: bump version to 2.12.1 for release (d4caf4c)
• fix(search): change namespace to namespaces array in search request models (#204) (55397d9)
• fix: update Cloud Build machine type from N1_HIGHCPU_8 to E2_HIGHCPU_8 (37bb46e)

Installation

pip install py-devrev==2.12.1

Full Changelog

See CHANGELOG.md

What's Changed

• fix(search): change namespace to namespaces array in search request models by @mgmonteleone in #204

Full Changelog: v2.12.0...v2.12.1

v2.12.0

What's Changed

• chore: bump version to 2.12.0 for release (df970ea)
• feat: Add MCP-level validation for parent_part on non-product parts (#197) (0f8eea4)
• test: Add service-layer tests for shared_with serialization in articles update (#196) (78ab749)

Installation

pip install py-devrev==2.12.0

Full Changelog

See CHANGELOG.md

What's Changed

• test: Add service-layer tests for shared_with serialization in articles update by @mgmonteleone in #196
• feat: Add MCP-level validation for parent_part on non-product parts by @mgmonteleone in #197

Full Changelog: v2.11.0...v2.12.0

v2.11.0

What's Changed

• chore: bump version to 2.11.0 for release (f3cd8b4)
• test: Add test coverage for issues #185, #187 + shared_with feature (#194) (61fe098)
• feat: Add question-answers CRUD MCP tools (#189) (ede0070)

Installation

pip install py-devrev==2.11.0

Full Changelog

See CHANGELOG.md

What's Changed

• feat: Add question-answers CRUD MCP tools (#189) by @mgmonteleone in #191
• test: Add test coverage for issues #185 and #187 by @mgmonteleone in #194

Full Changelog: v2.10.2...v2.11.0