You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: AGENTS.md
+2Lines changed: 2 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -53,6 +53,8 @@ When reviewing changes to this package, verify:
53
53
54
54
5.**No secret leakage**: API keys are passed via `OpenSeaAPIConfig.apiKey`. Never log or expose them. Integration tests read keys from environment variables.
55
55
56
+
6.**OAuth session contract**: `OpenSeaOAuth` requests `offline_access`, so successful code and device flows must return a refresh token. Refresh responses may omit rotation; retain the previous refresh token in that case. The top-level `wallet` JWT claim is the only wallet identity source. Never substitute `sub`, which is an account identifier.
57
+
56
58
## Conventions
57
59
58
60
- CommonJS (`"type": "commonjs"`). The SDK is consumed by both CJS and ESM projects.
Copy file name to clipboardExpand all lines: CHANGELOG.md
+12Lines changed: 12 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,5 +1,17 @@
1
1
# @opensea/sdk
2
2
3
+
## 11.4.3
4
+
5
+
### Patch Changes
6
+
7
+
- b64a4d5: Require complete OAuth wallet sessions, retain refresh tokens during rotation, validate the CLI auth store, and preserve case-sensitive wallet addresses.
8
+
9
+
## 11.4.2
10
+
11
+
### Patch Changes
12
+
13
+
- 5966017: Keep the default SDK test suite offline by blocking unmocked network requests and running live API and RPC checks through the integration suite.
0 commit comments