HeadlessTracker

v1.0.6 Breaking

This release includes 1 breaking change for platform teams planning a safe upgrade.

Published 10d MCP Data & Storage

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

binance bybit claude crypto mcp metamask

+5 more

model-context-protocol polymarket portfolio-tracker solana typescript

Affected surfaces

auth

Summary

AI summary

The Bybit connector no longer depends on the bybit-api SDK; gateway-level Bybit errors now map correctly to auth_failed and rate_limited.

Full changelog

Drops the bybit-api SDK for a tiny in-house signed-fetch client. A fresh npx headless-tracker install goes from ~258 packages to ~97, and the deprecated-abab warning is gone.

Changed

The Bybit connector no longer depends on bybit-api. That SDK shipped its whole webpack build toolchain as optionalDependencies (installed by default), pulling ~160 transitive packages into every install for a connector that makes two read-only GET requests. Replaced with a small client on Node's built-in fetch + crypto: same V5 HMAC signing, same two endpoints, zero added dependencies. Verified against the live Bybit API and with new unit tests.

Fixed

Gateway-level Bybit auth/rate errors now map correctly: 401/403 -> auth_failed, 429 -> rate_limited.

Install: npx headless-tracker . Data aggregation only, not financial advice.

Breaking Changes

Removed `bybit-api` SDK dependency; replaced with an in-house signed-fetch client.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track HeadlessTracker

Get notified when new releases ship.

About HeadlessTracker

All releases →

HeadlessTracker

Summary

Changed

Fixed

Breaking Changes

Related context

Related tools