This release adds 3 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+1 more
Affected surfaces
ReleasePort's take
Light signalVersion v2.23.0 introduces an npm installer, a local single-user control panel, durable media-analysis job actions, and a searchable SQLite analysis index.
Why it matters: Update installers to require Python 3.10-3.12; test new npm CLI smoke tests in dev before deployment.
Summary
AI summaryAdded an npm installer, local control panel, durable media‑analysis jobs, and a searchable SQLite analysis index.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Feature | Medium |
Added npm installer for davinci-resolve-mcp with CLI commands setup, doctor, server, control-panel, --help, and --version. Added npm installer for davinci-resolve-mcp with CLI commands setup, doctor, server, control-panel, --help, and --version. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Implemented managed per-user npm installs copying source to stable application-data directory before running install.py. Implemented managed per-user npm installs copying source to stable application-data directory before running install.py. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Introduced local single-user control panel for Resolve/server status, media-analysis jobs, analysis search, and preferences. Introduced local single-user control panel for Resolve/server status, media-analysis jobs, analysis search, and preferences. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Added durable media-analysis job actions: start_batch_job, run_batch_job_slice, batch_job_status, list_batch_jobs, cancel_batch_job, resume_batch_job. Added durable media-analysis job actions: start_batch_job, run_batch_job_slice, batch_job_status, list_batch_jobs, cancel_batch_job, resume_batch_job. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Implemented analysis index actions: build_index, index_status, query_index. Implemented analysis index actions: build_index, index_status, query_index. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Added npm package-content filtering and GitHub Actions npm publish workflow using OIDC/provenance. Added npm package-content filtering and GitHub Actions npm publish workflow using OIDC/provenance. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high |
— |
| Performance | Medium |
Updated release validation to include npm CLI smoke tests and npm pack --dry-run. Updated release validation to include npm CLI smoke tests and npm pack --dry-run. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low |
— |
| Bugfix | Medium |
Made npm publish workflow skip publishing when package version already exists, allowing manual registration coexistence with tag automation. Made npm publish workflow skip publishing when package version already exists, allowing manual registration coexistence with tag automation. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high |
— |
| Refactor | Medium |
Tightened installer Python validation to require Python 3.10-3.12, matching Resolve scripting compatibility range. Tightened installer Python validation to require Python 3.10-3.12, matching Resolve scripting compatibility range. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high |
— |
Full changelog
v2.23.0
v2.23.0 adds the first npm installer, a local control panel, durable
media-analysis jobs, and a searchable SQLite analysis index while keeping the
existing Python installer as the source of truth.
Added
- Added the
davinci-resolve-mcpnpm package and CLI:
setup,doctor,server,control-panel,--help, and--version. - Added managed per-user npm installs that copy packaged source into a stable
application-data directory before runninginstall.py. - Added the local single-user control panel for Resolve/server status,
source-safe media-analysis jobs, analysis search, and preferences. - Added durable media-analysis job actions:
start_batch_job,run_batch_job_slice,batch_job_status,
list_batch_jobs,cancel_batch_job, andresume_batch_job. - Added analysis index actions:
build_index,index_status, andquery_index. - Added npm package-content filtering and a GitHub Actions npm publish workflow
using OIDC/provenance.
Changed
- Bumped version surfaces to
2.23.0. - Updated the README quick start to
npx davinci-resolve-mcp setup. - Tightened installer Python validation to require Python 3.10-3.12, matching
the documented Resolve scripting compatibility range. - Updated release validation to include npm CLI smoke tests and
npm pack --dry-run. - Made the npm publish workflow skip publishing when the package version already
exists, so a first manual npm registration can coexist with tag automation.
Validation
venv/bin/python tests/test_import.pyvenv/bin/python scripts/audit_api_parity.pyvenv/bin/python -m unittest tests.test_media_analysis tests.test_update_check tests.test_media_pool_ingest_probenpm run smokeDAVINCI_RESOLVE_MCP_INSTALL_ROOT=/private/tmp/davinci-resolve-mcp-npm-smoke node bin/davinci-resolve-mcp.mjs setup --dry-run --no-venv --clients manual --update-policy nevernode bin/davinci-resolve-mcp.mjs doctor --update-policy nevernpm pack --dry-rungit diff --check
Notes
- The npm package is npm-only for v1; PyPI remains deferred because
davinci-resolve-mcpis already owned by another PyPI project. - Analysis job and index artifacts remain under the configured
davinci-resolve-mcp-analysisproject root and do not store sampled image
bytes in SQLite.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
Related context
Beta — feedback welcome: [email protected]