v1.0.6

Drops the bybit-api SDK for a tiny in-house signed-fetch client. A fresh npx headless-tracker install goes from ~258 packages to ~97, and the deprecated-abab warning is gone.

Changed

• The Bybit connector no longer depends on bybit-api. That SDK shipped its whole webpack build toolchain as optionalDependencies (installed by default), pulling ~160 transitive packages into every install for a connector that makes two read-only GET requests. Replaced with a small client on Node's built-in fetch + crypto: same V5 HMAC signing, same two endpoints, zero added dependencies. Verified against the live Bybit API and with new unit tests.

Fixed

• Gateway-level Bybit auth/rate errors now map correctly: 401/403 -> auth_failed, 429 -> rate_limited.

---

Install: npx headless-tracker . Data aggregation only, not financial advice.