Gap
Smarkets's spec defines a session-logout operation, but SmarketsExchange.close() is a no-op (commented "No WebSocket or persistent connections to clean up") and never calls it — Smarkets sessions created by performLogin() are never explicitly invalidated server-side. Flagging with lower confidence/priority since this may be considered acceptable (sessions likely expire server-side on their own), but per the spec-diffing methodology it's a real, unused capability.
Core
core/src/exchanges/smarkets/api.ts:9729-9950 — delete_current_session operationId, DELETE /v3/sessions/ (logout).
core/src/exchanges/smarkets/index.ts:118-146 (performLogin()) — only calls POST /v3/sessions/ to create a session.
core/src/exchanges/smarkets/index.ts:366-368 (close()) — a no-op comment, never calls delete_current_session.
TypeScript SDK
N/A — nothing in core to expose (SDK's close() proxies to core's no-op).
Python SDK
N/A — same.
Evidence
core/src/exchanges/smarkets/index.ts:366-368 shows close()'s no-op body; core/src/exchanges/smarkets/api.ts:9729-9950 confirms the logout operation exists in the spec but has no call site anywhere in index.ts/fetcher.ts.
Impact
Smarkets sessions created by pmxt are left active server-side after a client disconnects/closes, relying entirely on the venue's own session expiry rather than explicit logout — a minor hygiene gap rather than a functional blocker.
Found by automated Core-to-SDK surface coverage audit
Gap
Smarkets's spec defines a session-logout operation, but
SmarketsExchange.close()is a no-op (commented "No WebSocket or persistent connections to clean up") and never calls it — Smarkets sessions created byperformLogin()are never explicitly invalidated server-side. Flagging with lower confidence/priority since this may be considered acceptable (sessions likely expire server-side on their own), but per the spec-diffing methodology it's a real, unused capability.Core
core/src/exchanges/smarkets/api.ts:9729-9950—delete_current_sessionoperationId,DELETE /v3/sessions/(logout).core/src/exchanges/smarkets/index.ts:118-146(performLogin()) — only callsPOST /v3/sessions/to create a session.core/src/exchanges/smarkets/index.ts:366-368(close()) — a no-op comment, never callsdelete_current_session.TypeScript SDK
N/A — nothing in core to expose (SDK's
close()proxies to core's no-op).Python SDK
N/A — same.
Evidence
core/src/exchanges/smarkets/index.ts:366-368showsclose()'s no-op body;core/src/exchanges/smarkets/api.ts:9729-9950confirms the logout operation exists in the spec but has no call site anywhere inindex.ts/fetcher.ts.Impact
Smarkets sessions created by pmxt are left active server-side after a client disconnects/closes, relying entirely on the venue's own session expiry rather than explicit logout — a minor hygiene gap rather than a functional blocker.
Found by automated Core-to-SDK surface coverage audit