v2.1:

Notable changes

• Bundle new lexicons:
  • lexicon.community.*, as of 2bf2cbb.
  • site.standard.*, from lexicon.garden, as of 2026-02-03.
• Update bundled Bluesky PBC lexicons (app.bsky, com.atproto, etc.) as of 19ecf5f.
• base.load_lexicons: ignore non-lexicon files.
• Schema validation:
  • For the uri string format, handle URLs with brackets (eg ]) in the hostname, eg https://example.com].
  • Don't require $type in event stream subscription payloads.
  • Bug fixes for unions and arrays.
  • Ignore maxGraphemes on non-string fields.
  • Allow type: permission-set.

v2.0:

Breaking changes:

• For queries with non-JSON outputs, Client.call now returns requests.Response instead of the raw output bytes. This gives callers access to the HTTP response headers, including Content-Type.

Non-breaking changes:

• Client:
  • Handle non-JSON output encodings.
  • Don't attempt to refresh access token when a com.atproto.identity procedure fails, eg when the PLC code is wrong.
  • Accept arbitrary kwargs in the Client constructor, pass them through to requests.get/post.
• flask_server:
  • init_flask: add limit_ips kwarg for whether to allow more than one connection to event stream subscription methods per client IP.

v1.1:

Notable changes

• Schema validation:
  • Validate subscription (event stream websocket) parameters and output message payloads in both Client and Server.
  • When truncate is set, recurse into refs and arrays to truncate their string properties as necessary too.
  • Allow digits in NSID name (last segment) (background).
• Server: raise ValidationError on unknown parameters.
  • Don't allow #main in $type (bluesky-social/atproto#1968).
  • Bug fix for open unions, allow types that aren't in refs.
• Client:
  • Include headers in websocket connections for event streams.
  • Add new auth constructor kwarg to support any requests auth instance, eg requests_oauth2client.DPoPToken.
• server:
  • Redirect: Add headers kwarg.
• flask_server:
  • Interpret second positional arg to ValueError and ValidationError, ie err.args[1], as a dict of additional HTTP headers to return with the HTTP 400 response.

v1.0

• Add full lexicon schema validation for records and XRPC method parameters, input, and output. Includes primitive and object types, refs and unions, string formats, type-specific constraints, etc.
• Dependencies: switch from dag-cbor to libipld, for performance.
• client:
  • Add new decode kwarg to subscription methods to control whether DAG-CBOR messages should be decoded into native dicts for header and payload.
• flask_server: add new top-level subscribers attr that tracks clients connected (subscribed) to each event stream.
• server:
  • Add status param to Redirect.

v0.7

Notable changes

• Fix websocket subscription server hang with blocking server XRPC methods due to exhausting worker thread pool (#8).
• Add truncate kwarg to Client and Server constructors to automatically truncate (ellipsize) string values that are longer than their maxGraphemes or maxLength in their lexicon. Defaults to False.
• Add new base.XrpcError exception type for named errors in method definitions.
• flask_server:
  • Handle base.XrpcError, convert to JSON error response with error and message fields.
• Client:
  • Bug fix for calls with binary inputs that refresh the access token. Calls with binary input now buffer the entire input in memory. (snarfed/bridgy#1670)
  • Bug fix: omit null (None) parameters instead of passing them with string value None.
• Update bundled app.bsky and com.atproto lexicons, as of bluesky-social/atproto@15cc6ff37c326d5c186385037c4bfe8b60ea41b1.

v0.6:

Notable changes

• Drop typing-extensions version pin now that typing-validation has been updated to be compatible with it.
• Update bundled app.bsky and com.atproto lexicons, as of bluesky-social/atproto@f45eef3.

v0.5:

Notable changes

• Client:
  • Support binary request data automatically based on input type, eg dict vs bytes.
  • Add new headers kwarg to call and auto-generated lexicon method calls, useful for providing an explicit Content-Type when sending binary data.
  • Bug fix: don't infinite loop if refreshSession fails.
  • Other minor authentication bug fixes.

v0.4:

Notable changes

• Bundle the official lexicons for app.bsky and com.atproto, use them by default.
• Base:
  • Expose lexicons in defs attribute.
• Client:
  • Add minimal auth support with access_token and refresh_token constructor kwargs and session attribute. If you use a Client to call com.atproto.server.createSession or com.atproto.server.refreshSession, the returned tokens will be automatically stored and used in future requests.
  • Bug fix: handle trailing slash on server address, eg http://ser.ver/ vs http://ser.ver.
  • Default server address to official https://bsky.social PDS.
  • Add default User-Agent: lexrpc (https://lexrpc.readthedocs.io/) request header.
• Server:
  • Add new Redirect class. Handlers can raise this to indicate that the web server should serve an HTTP redirect. Whether this is official supported by the XRPC spec is still TBD.
• flask_server:
  • Return HTTP 405 error on HTTP requests to subscription (websocket) XRPCs.
  • Support the new Redirect exception.
  • Add the error field to the JSON response bodies for most error responses.

v0.3:

Notable changes

• Add array type support.
• Add support for non-JSON input and output encodings.
• Add subscription method type support over websockets.
• Add headers kwarg to Client constructor.
• Add new Server.register method for manually registering handlers.
• Bug fix for server @method decorator.

v0.2:

Bluesky's Lexicon design and schema handling is still actively changing, so this is an interim release. It generally supports the current lexicon design, but not full schema validation yet. I'm not yet trying to fast follow the changes too closely; as they settle down and stabilize, I'll put more effort into matching and fully implementing them. Stay tuned!

Breaking changes:

• Fully migrate to new lexicon format. Original format is no longer supported.