security: remediate idna CVE-2026-45409, release 0.2.2

[mjstealey]

Summary

• Bump idna 3.12 → 3.17 in uv.lock (transitive via requests) to remediate CVE-2026-45409 (Moderate, flagged by Dependabot — requires >= 3.15).
• Release 0.2.2: version bump in comanage_api/__init__.py, CHANGELOG.md entry, and version assertion in tests/test_api.py.

Lock-file-only dependency change — no minimum Python or direct dependency bump required.

Test plan

• uv run pytest -q — 138 passed
• Confirmed idna resolves to 3.17 in uv.lock

🤖 Generated with Claude Code