proxmox-sdk v0.0.4.post2

# proxmox-sdk v0.0.4.post2

v0.0.4.post2

| Field |Value |
| --- | --- |
| Canonical URL | https://emersonfelipesp.com/proxmox-sdk/releases/v0.0.4.post2 |
| GitHub URL | https://github.com/emersonfelipesp/proxmox-sdk/releases/tag/v0.0.4.post2 |
| Tag | v0.0.4.post2 |
| State | latest |
| Author | emersonfelipesp |
| Created | 2026-05-14 20:00 UTC |
| Published | 2026-05-14 20:01 UTC |
| Target | main |
| Synced | 2026-05-15 00:48 UTC |
| Assets | 0 |

## Release notes

First release certified against **Proxmox VE 9.1.11**, plus a security-only dependency patch.

## Proxmox VE 9.1.11 certification (#9)

Re-captures the Proxmox API surface from a live 9.1.11 lab and ships it as both `proxmox_sdk/generated/proxmox/9.1.11/` and a refreshed `latest/` mirror (435 paths, 649 operations). Each artifact embeds `GENERATED_FOR_PROXMOX_VERSION`, `GENERATED_SOURCE_SHA256` (canonical-JSON hash), and `GENERATED_AT` so `test_generated_integrity.py` catches drift between `openapi.json` and `pydantic_models.py` on either tag.

- **Codegen**: `crawler.py` adds opt-in `allow_insecure_ssl` and Playwright resilience (Proxmox 9 viewer has no `<nav>`); `pipeline.py` threads a single canonical-JSON SHA-256 through `pydantic_generator`; `security.py` / `cli.py` add `--allow-private-ips` for LAN-only Proxmox lab nodes.
- **CI matrix**: `ci.yml` `test` job and `publish-testpypi.yml` `validate-testpypi` fan out across `proxmox_schema: [latest, "9.1.11"]` — the publish leg is a 6-cell 3 Python × 2 schema grid (all green on this release).
- **Tests**: `test_generated_integrity.py` and `test_loading_validation.py` parametrize over both tags via path-based module loading so non-identifier tags like `9.1.11` import cleanly. New `tests/live/` package (registered `live` marker) hits a real Proxmox node when `PROXMOX_API_URL` + token env vars are set; default `pytest` skips it.
- **Docs**: README, AGENTS, CLAUDE, `proxmox_sdk/CLAUDE.md`, plus the api-reference, architecture, codegen-pipeline, development, faq, sdk-internals, and sdk-mock guides bumped 8.1 → 9.1.11, with a new "Supported Proxmox Versions" table in README and FAQ.

## Dependency bumps (#10)

Resolves six Dependabot security alerts (#4, #5, #6, #7, #8, #9):

| Package | Before | After | Advisory |
|---|---|---|---|
| granian | 2.7.2 | 2.7.4 | GHSA-mjqr-h33h-7gwh (WS subprotocol panic), GHSA-q39c-rjg2-h7r6 (WSGI header panic) |
| paramiko | 4.0.0 | 5.0.0 | GHSA-99vp-jmw3-6q42 (SHA-1 rsakey signature) |
| python-multipart | 0.0.26 | 0.0.28 | GHSA-59g5-xgcq-4qw3 (unbounded multipart-header DoS) |
| urllib3 | 2.6.3 | 2.7.0 | decompression-bomb bypass; sensitive headers forwarded across origins |

Direct-dependency floors raised: `paramiko>=5.0.0` (`extras.ssh`, `extras.all`), `granian>=2.7.4` (`extras.granian`). Transitive pins added via `[tool.uv] constraint-dependencies` so the published library does not over-constrain downstream resolution.

**Note:** paramiko 4.x → 5.x is a major bump; the SDK's paramiko surface (`SSHClient`, `WarningPolicy`, `connect`, `exec_command`, `SFTPClient.open`) is stable across the transition.

## Full changelog

https://github.com/emersonfelipesp/proxmox-sdk/compare/v0.0.4.post1...v0.0.4.post2

## Assets

No binary assets attached.

Source archives:

| Format |URL |
| --- | --- |
| zip | https://api.github.com/repos/emersonfelipesp/proxmox-sdk/zipball/v0.0.4.post2 |
| tar.gz | https://api.github.com/repos/emersonfelipesp/proxmox-sdk/tarball/v0.0.4.post2 |