DhanHQ 2.1.10 → 2.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 300207afdb6b293a9b73b5cf6d2bb11da0eb8251bed6ab489c115287ab201051
-  data.tar.gz: 49fde0cde20215c959d167860529ccaa2e984b1aa46653f8024a463a8ff8db53
+  metadata.gz: 7f0476726fe811ed0f25424e4e29c0e4d0b2bb7f18732883aed5902ae8fde017
+  data.tar.gz: ece7774203912cb63ce57c9b723450290e01239415d573aa4b5a190039023ded
 SHA512:
-  metadata.gz: eb75dbe33b1c937cb825dde8f8a2e86748f1fce2f230a52190ca5862a900f40b64d7f17319cf34c6847253d5c98ab42396e6ee5d46b9ae66c26c34c473d7fb69
-  data.tar.gz: d491b32c1ec671414d2d1c7bdef765cde05631bca5be3c41ff1df66d7060901b6e58b5612092891e25b3d06b7b920525ef69097a91b3104cdd2364b8c97c3a6f
+  metadata.gz: 4733638b5d2687f0f4ebfb9f08925ae980ce90d822fe0473438b43057b242e64f6cf3915a69b602adc87eeb9b2d282c62c2446ecef44cd2f327d2997844b5d52
+  data.tar.gz: fec3e15617126ddc8f218765b284f1ba8e7c14defd0c3d41b3b4d5cf16480188a0abdb5f449835c7b4243ed21a606a38566ca4858a50ecf56f1ed8824f4864d8

data/.rubocop.yml

@@ -8,7 +8,7 @@ require:
   - rubocop-rake
 
 AllCops:
-  TargetRubyVersion: 3.1
+  TargetRubyVersion: 3.2
   NewCops: enable
 
 Style/StringLiterals:

data/.rubocop_todo.yml

@@ -1,26 +1,31 @@
 # This configuration was generated by
-# `rubocop --auto-gen-config --auto-gen-only-exclude --exclude-limit 999`
-# on 2025-10-12 11:03:03 UTC using RuboCop version 1.80.2.
+# `rubocop --auto-gen-config --exclude-limit 9999`
+# on 2026-01-19 19:18:55 UTC using RuboCop version 1.82.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
-# Offense count: 4
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: Max, AllowHeredoc, AllowURI, AllowQualifiedName, URISchemes, IgnoreCopDirectives, AllowedPatterns, SplitStrings.
-# URISchemes: http, https
-Layout/LineLength:
-  Exclude:
-    - 'lib/DhanHQ/ws/decoder.rb'
-
-# Offense count: 2
+# Offense count: 3
 # Configuration parameters: IgnoreLiteralBranches, IgnoreConstantBranches, IgnoreDuplicateElseBranch.
 Lint/DuplicateBranch:
   Exclude:
     - 'bin/ta_strategy.rb'
+    - 'lib/DhanHQ/helpers/response_helper.rb'
     - 'lib/dhanhq/analysis/helpers/bias_aggregator.rb'
 
+# Offense count: 1
+# Configuration parameters: AllowComments, AllowEmptyLambdas.
+Lint/EmptyBlock:
+  Exclude:
+    - 'spec/support/script_data_helper.rb'
+
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+Lint/RedundantCopDisableDirective:
+  Exclude:
+    - 'spec/dhan_hq/models/order_spec.rb'
+
 # Offense count: 3
 # Configuration parameters: AllowComments, AllowNil.
 Lint/SuppressedException:
@@ -28,134 +33,55 @@ Lint/SuppressedException:
     - 'lib/DhanHQ/ws/connection.rb'
     - 'lib/DhanHQ/ws/registry.rb'
 
-# Offense count: 42
-# Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes, Max.
+# Offense count: 72
+# Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes.
 Metrics/AbcSize:
-  Exclude:
-    - 'bin/ta_strategy.rb'
-    - 'bin/ws_feed_test.rb'
-    - 'lib/DhanHQ/helpers/response_helper.rb'
-    - 'lib/DhanHQ/models/order.rb'
-    - 'lib/DhanHQ/rate_limiter.rb'
-    - 'lib/DhanHQ/ws/client.rb'
-    - 'lib/DhanHQ/ws/connection.rb'
-    - 'lib/DhanHQ/ws/decoder.rb'
-    - 'lib/DhanHQ/ws/orders/connection.rb'
-    - 'lib/DhanHQ/ws/websocket_packet_parser.rb'
-    - 'lib/dhan_hq.rb'
-    - 'lib/dhanhq/analysis/helpers/bias_aggregator.rb'
-    - 'lib/dhanhq/analysis/multi_timeframe_analyzer.rb'
-    - 'lib/dhanhq/analysis/options_buying_advisor.rb'
-    - 'lib/ta/candles.rb'
-    - 'lib/ta/fetcher.rb'
-    - 'lib/ta/indicators.rb'
-    - 'lib/ta/technical_analysis.rb'
+  Max: 100
 
-# Offense count: 1
-# Configuration parameters: CountComments, Max, CountAsOne, AllowedMethods, AllowedPatterns, inherit_mode.
+# Offense count: 2
+# Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns, inherit_mode.
 # AllowedMethods: refine
 Metrics/BlockLength:
-  Exclude:
-    - 'lib/DhanHQ/ws/connection.rb'
+  Max: 32
 
-# Offense count: 8
-# Configuration parameters: CountComments, Max, CountAsOne.
+# Offense count: 11
+# Configuration parameters: CountComments, CountAsOne.
 Metrics/ClassLength:
-  Exclude:
-    - 'lib/DhanHQ/core/base_model.rb'
-    - 'lib/DhanHQ/models/order.rb'
-    - 'lib/DhanHQ/ws/connection.rb'
-    - 'lib/DhanHQ/ws/orders/connection.rb'
-    - 'lib/DhanHQ/ws/websocket_packet_parser.rb'
-    - 'lib/dhanhq/analysis/multi_timeframe_analyzer.rb'
-    - 'lib/dhanhq/analysis/options_buying_advisor.rb'
-    - 'lib/ta/technical_analysis.rb'
+  Max: 631
 
-# Offense count: 25
-# Configuration parameters: AllowedMethods, AllowedPatterns, Max.
+# Offense count: 40
+# Configuration parameters: AllowedMethods, AllowedPatterns.
 Metrics/CyclomaticComplexity:
-  Exclude:
-    - 'bin/ta_strategy.rb'
-    - 'bin/ws_feed_test.rb'
-    - 'lib/DhanHQ/helpers/response_helper.rb'
-    - 'lib/DhanHQ/models/order.rb'
-    - 'lib/DhanHQ/ws/connection.rb'
-    - 'lib/DhanHQ/ws/decoder.rb'
-    - 'lib/DhanHQ/ws/orders/connection.rb'
-    - 'lib/DhanHQ/ws/segments.rb'
-    - 'lib/DhanHQ/ws/websocket_packet_parser.rb'
-    - 'lib/dhanhq/analysis/helpers/bias_aggregator.rb'
-    - 'lib/dhanhq/analysis/multi_timeframe_analyzer.rb'
-    - 'lib/dhanhq/analysis/options_buying_advisor.rb'
-    - 'lib/ta/candles.rb'
-    - 'lib/ta/indicators.rb'
-    - 'lib/ta/technical_analysis.rb'
+  Max: 33
 
-# Offense count: 52
-# Configuration parameters: CountComments, Max, CountAsOne, AllowedMethods, AllowedPatterns.
+# Offense count: 101
+# Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns.
 Metrics/MethodLength:
-  Exclude:
-    - 'bin/ta_strategy.rb'
-    - 'bin/ws_feed_test.rb'
-    - 'lib/DhanHQ/core/base_model.rb'
-    - 'lib/DhanHQ/helpers/response_helper.rb'
-    - 'lib/DhanHQ/models/holding.rb'
-    - 'lib/DhanHQ/models/instrument.rb'
-    - 'lib/DhanHQ/models/ledger_entry.rb'
-    - 'lib/DhanHQ/models/order.rb'
-    - 'lib/DhanHQ/rate_limiter.rb'
-    - 'lib/DhanHQ/ws/connection.rb'
-    - 'lib/DhanHQ/ws/decoder.rb'
-    - 'lib/DhanHQ/ws/orders/connection.rb'
-    - 'lib/DhanHQ/ws/segments.rb'
-    - 'lib/DhanHQ/ws/singleton_lock.rb'
-    - 'lib/DhanHQ/ws/websocket_packet_parser.rb'
-    - 'lib/dhanhq/analysis/helpers/bias_aggregator.rb'
-    - 'lib/dhanhq/analysis/multi_timeframe_analyzer.rb'
-    - 'lib/dhanhq/analysis/options_buying_advisor.rb'
-    - 'lib/ta/candles.rb'
-    - 'lib/ta/fetcher.rb'
-    - 'lib/ta/indicators.rb'
-    - 'lib/ta/technical_analysis.rb'
+  Max: 88
 
-# Offense count: 3
-# Configuration parameters: CountComments, Max, CountAsOne.
+# Offense count: 5
+# Configuration parameters: CountComments, CountAsOne.
 Metrics/ModuleLength:
-  Exclude:
-    - 'bin/ta_strategy.rb'
-    - 'lib/DhanHQ/constants.rb'
-    - 'lib/ta/indicators.rb'
+  Max: 158
 
 # Offense count: 1
-# Configuration parameters: Max, CountKeywordArgs, MaxOptionalParameters.
+# Configuration parameters: CountKeywordArgs, MaxOptionalParameters.
 Metrics/ParameterLists:
-  Exclude:
-    - 'lib/ta/technical_analysis.rb'
+  Max: 7
 
-# Offense count: 21
-# Configuration parameters: AllowedMethods, AllowedPatterns, Max.
+# Offense count: 31
+# Configuration parameters: AllowedMethods, AllowedPatterns.
 Metrics/PerceivedComplexity:
-  Exclude:
-    - 'bin/ta_strategy.rb'
-    - 'bin/ws_feed_test.rb'
-    - 'lib/DhanHQ/helpers/response_helper.rb'
-    - 'lib/DhanHQ/models/order.rb'
-    - 'lib/DhanHQ/ws/connection.rb'
-    - 'lib/DhanHQ/ws/decoder.rb'
-    - 'lib/DhanHQ/ws/orders/connection.rb'
-    - 'lib/dhanhq/analysis/helpers/bias_aggregator.rb'
-    - 'lib/dhanhq/analysis/multi_timeframe_analyzer.rb'
-    - 'lib/dhanhq/analysis/options_buying_advisor.rb'
-    - 'lib/ta/candles.rb'
-    - 'lib/ta/indicators.rb'
-    - 'lib/ta/technical_analysis.rb'
+  Max: 28
 
-# Offense count: 1
+# Offense count: 5
 # Configuration parameters: MinNameLength, AllowNamesEndingInNumbers, AllowedNames, ForbiddenNames.
 # AllowedNames: as, at, by, cc, db, id, if, in, io, ip, of, on, os, pp, to
 Naming/MethodParameterName:
   Exclude:
+    - 'lib/DhanHQ/ws/base_connection.rb'
     - 'lib/DhanHQ/ws/connection.rb'
+    - 'lib/DhanHQ/ws/orders/connection.rb'
 
 # Offense count: 7
 # Configuration parameters: Mode, AllowedMethods, AllowedPatterns, AllowBangMethods, WaywardPredicates.
@@ -168,18 +94,117 @@ Naming/PredicateMethod:
     - 'lib/DhanHQ/models/super_order.rb'
     - 'lib/DhanHQ/ws/singleton_lock.rb'
 
-# Offense count: 5
+# Offense count: 13
 # Configuration parameters: EnforcedStyle, CheckMethodNames, CheckSymbols, AllowedIdentifiers, AllowedPatterns.
 # SupportedStyles: snake_case, normalcase, non_integer
 # AllowedIdentifiers: TLS1_1, TLS1_2, capture3, iso8601, rfc1123_date, rfc822, rfc2822, rfc3339, x86_64
 Naming/VariableNumber:
   Exclude:
+    - 'lib/DhanHQ/ws/base_connection.rb'
     - 'lib/DhanHQ/ws/connection.rb'
+    - 'lib/DhanHQ/ws/market_depth/client.rb'
     - 'lib/DhanHQ/ws/orders/connection.rb'
 
-# Offense count: 3
+# Offense count: 4
 # Configuration parameters: MinSize.
 Performance/CollectionLiteralInLoop:
   Exclude:
+    - 'lib/DhanHQ/ws/base_connection.rb'
     - 'lib/dhanhq/analysis/multi_timeframe_analyzer.rb'
     - 'lib/ta/fetcher.rb'
+
+# Offense count: 1
+Performance/MapMethodChain:
+  Exclude:
+    - 'lib/DhanHQ/ws/market_depth/client.rb'
+
+# Offense count: 1
+RSpec/BeforeAfterAll:
+  Exclude:
+    - '**/spec/spec_helper.rb'
+    - '**/spec/rails_helper.rb'
+    - '**/spec/support/**/*.rb'
+    - 'spec/dhan_hq/configuration_spec.rb'
+
+# Offense count: 4
+# Configuration parameters: AssignmentOnly.
+RSpec/InstanceVariable:
+  Exclude:
+    - 'spec/dhan_hq/configuration_spec.rb'
+
+# Offense count: 6
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: have_received, receive
+RSpec/MessageSpies:
+  Exclude:
+    - 'spec/dhan_hq/base_model_spec.rb'
+    - 'spec/dhan_hq/helpers/response_helper_spec.rb'
+    - 'spec/dhan_hq/ws/orders/client_spec.rb'
+
+# Offense count: 2
+RSpec/RepeatedExample:
+  Exclude:
+    - 'spec/dhan_hq/contracts/expired_options_data_contract_spec.rb'
+
+# Offense count: 1
+# Configuration parameters: CustomTransform, IgnoreMethods, IgnoreMetadata, InflectorPath, EnforcedInflector.
+# SupportedInflectors: default, active_support
+RSpec/SpecFilePathFormat:
+  Exclude:
+    - '**/spec/routing/**/*'
+    - 'spec/dhan_hq/helpers/response_helper_spec.rb'
+
+# Offense count: 1
+# Configuration parameters: IgnoreNameless, IgnoreSymbolicNames.
+RSpec/VerifiedDoubles:
+  Exclude:
+    - 'spec/dhan_hq/ws/orders/client_spec.rb'
+
+# Offense count: 3
+# Configuration parameters: AllowedConstants.
+Style/Documentation:
+  Exclude:
+    - 'spec/**/*'
+    - 'test/**/*'
+    - 'bin/comprehensive_test.rb'
+    - 'bin/test_helpers.rb'
+    - 'lib/DhanHQ/ws/market_depth.rb'
+
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: EnforcedStyle, AllowComments.
+# SupportedStyles: empty, nil, both
+Style/EmptyElse:
+  Exclude:
+    - 'lib/DhanHQ/ws/market_depth/decoder.rb'
+
+# Offense count: 30
+# This cop supports safe autocorrection (--autocorrect).
+Style/IfUnlessModifier:
+  Exclude:
+    - 'bin/ta_strategy.rb'
+    - 'lib/DhanHQ/contracts/order_contract.rb'
+    - 'lib/DhanHQ/contracts/place_order_contract.rb'
+    - 'lib/DhanHQ/contracts/slice_order_contract.rb'
+    - 'lib/DhanHQ/helpers/response_helper.rb'
+    - 'lib/DhanHQ/models/expired_options_data.rb'
+    - 'lib/DhanHQ/models/funds.rb'
+    - 'lib/DhanHQ/models/trade.rb'
+    - 'lib/DhanHQ/rate_limiter.rb'
+    - 'lib/DhanHQ/ws/orders/client.rb'
+    - 'lib/dhanhq/analysis/options_buying_advisor.rb'
+    - 'lib/ta/indicators.rb'
+    - 'spec/spec_helper.rb'
+
+# Offense count: 1
+# Configuration parameters: Max.
+Style/SafeNavigationChainLength:
+  Exclude:
+    - 'lib/DhanHQ/ws/market_depth/client.rb'
+
+# Offense count: 31
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: AllowHeredoc, AllowURI, AllowQualifiedName, URISchemes, AllowRBSInlineAnnotation, AllowCopDirectives, AllowedPatterns, SplitStrings.
+# URISchemes: http, https
+Layout/LineLength:
+  Max: 181

data/CHANGELOG.md

@@ -1,5 +1,132 @@
 ## [Unreleased]
 
+## [2.2.0] - 2026-01-31
+
+### Authentication & token handling
+
+- **Dynamic access token resolution**: Token can be resolved at request time via `config.access_token_provider` (Proc/lambda). When set, the provider is called on each request; when not set, the gem falls back to `config.access_token`. No memoization — token is fetched per request for production-safe rotation.
+- **Auto-expiry detection**: API error code **807** (token expired) now raises `DhanHQ::TokenExpiredError` so callers can handle expiry explicitly. Error codes 401, 807, 809, and 808 are treated as auth failures for retry logic.
+- **Retry-on-401 with token re-fetch**: When the API returns 401 or token-expired (InvalidAuthenticationError, InvalidTokenError, TokenExpiredError, AuthenticationFailedError) and `config.access_token_provider` is set, the client retries the request **once** after the next token resolution (provider is called again). No separate “refresh” call — the provider is the source of the new token.
+- **Optional `on_token_expired` hook**: `config.on_token_expired` (callable) is invoked when an auth failure triggers a retry, before the retry is performed. Use for logging or refreshing token in your store; the retry then uses the token from `access_token_provider`.
+- **`DhanHQ::AuthenticationError`**: New error for local auth failures (missing token or provider returned nil/empty). API-level auth errors continue to use `InvalidAuthenticationError` / `InvalidTokenError` / `TokenExpiredError` as before.
+
+### Configuration
+
+- **New**: `config.access_token_provider` — callable that returns the access token string at request time.
+- **New**: `config.on_token_expired` — optional callable invoked when 401/token-expired triggers a retry (only when `access_token_provider` is set).
+- **New**: `config.resolved_access_token` — returns the token to use (from provider or static `access_token`); raises `AuthenticationError` if provider returns nil/empty.
+
+### Errors
+
+- **New**: `DhanHQ::AuthenticationError` — raised when token cannot be resolved (missing config or provider returned nil/empty).
+- **New**: `DhanHQ::TokenExpiredError` — raised when API returns error code 807 (token expired). Mapped from `DHAN_ERROR_MAPPING["807"]`.
+
+### Tests
+
+- **WebMock specs for auth failures**: `spec/dhan_hq/client_spec.rb` — contexts for 401, 403, 807, retry-on-401 with provider, retry then raise when 401 persists, and `on_token_expired` hook.
+- **Response helper**: Spec for 807 → TokenExpiredError in `spec/dhan_hq/helpers/response_helper_spec.rb`.
+
+### Documentation
+
+- **README.md**: New subsection “Dynamic access token (optional)” under Configuration.
+- **GUIDE.md**: Short “Dynamic access token” note and link to docs/AUTHENTICATION.md.
+- **docs/AUTHENTICATION.md**: New doc for static vs dynamic token, retry-on-401, and auth-related errors.
+- **docs/TESTING_GUIDE.md**: Optional access_token_provider / on_token_expired in config examples.
+- **docs/rails_integration.md**: “Dynamic access token (optional)” with Rails initializer example.
+- **docs/websocket_integration.md**, **docs/live_order_updates.md**: Pointer to docs/AUTHENTICATION.md for dynamic token.
+
+### Backward compatibility
+
+- **Non-breaking**: Existing `config.access_token = "static-token"` continues to work. `access_token_provider` is optional. Safe to release as a **minor** version bump.
+
+---
+
+## [2.1.11] - 2025-01-27
+
+This release includes comprehensive bug fixes, security improvements, and reliability enhancements. All changes are **backward compatible** - no breaking changes.
+
+### 🔴 Critical Fixes
+
+#### Thread Safety & Concurrency
+- **Rate limiter race condition**: Fixed thread safety issue where cleanup threads modified shared state without synchronization. Added mutex protection and graceful shutdown mechanism.
+- **WebSocket thread safety**: Fixed callback iteration race condition by creating frozen snapshots to prevent modification during event emission.
+
+#### Error Handling & Validation
+- **Client credential validation**: Moved validation to request time (in `build_headers`) rather than initialization, maintaining backward compatibility while ensuring credentials are validated before API calls.
+- **WebSocket error handling**: Added proper cleanup and state reset on exceptions, improved logging with backtraces for better debugging.
+- **Price field validation**: Added comprehensive validation for all float fields (price, trigger_price, bo_profit_value, bo_stop_loss_value, drv_strike_price) to reject NaN, Infinity, and values exceeding reasonable bounds (1,000,000,000).
+
+### 🟠 High Priority Fixes
+
+#### Memory Management
+- **Order tracker memory leak**: Fixed unbounded memory growth in WebSocket order tracker by implementing automatic cleanup with configurable limits:
+  - Maximum tracked orders: 10,000 (configurable via `DHAN_WS_MAX_TRACKED_ORDERS`)
+  - Maximum order age: 7 days (configurable via `DHAN_WS_MAX_ORDER_AGE`)
+  - Automatic cleanup thread runs hourly
+
+#### Reliability & Error Handling
+- **JSON parse error handling**: Improved error handling for invalid JSON responses. Empty strings return empty hash (backward compatible), but truly invalid JSON now raises `DataError` with detailed logging.
+- **Timeout configuration**: Added configurable timeouts to prevent requests from hanging indefinitely:
+  - Connection timeout: 10s (configurable via `DHAN_CONNECT_TIMEOUT`)
+  - Read timeout: 30s (configurable via `DHAN_READ_TIMEOUT`)
+  - Write timeout: 30s (configurable via `DHAN_WRITE_TIMEOUT`)
+- **Retry logic**: Added automatic retry with exponential backoff for transient errors (RateLimitError, InternalServerError, NetworkError, timeouts). Default: 3 retries with exponential backoff (1s, 2s, 4s, capped at 30s).
+
+### 🟡 Medium Priority Fixes
+
+#### Code Quality & Reliability
+- **Order modification validation**: Added warning logs for invalid order states (TRADED, CANCELLED, EXPIRED, CLOSED) but still attempts API call - API handles final validation (backward compatible).
+- **Error mapping**: Added logging for unmapped error codes to aid investigation and debugging.
+- **Rate limiter cleanup**: Added `shutdown()` method to gracefully stop cleanup threads and prevent resource leaks.
+- **Order operation logging**: Added structured logging for order placement and modification operations to aid debugging.
+
+### 🔵 Low Priority Fixes
+
+#### Code Quality
+- **Code deduplication**: Made `delete` delegate to `destroy`, removing duplicate code.
+- **Type consistency**: Added `.to_s` conversion for `id` method to ensure consistent string return type.
+- **Response format logging**: Added logging for unexpected response formats in collection parsing to help identify API changes.
+
+### ✅ API Compliance
+
+- **Header validation**: Validates required headers (`access_token`, `client_id` for DATA APIs) before making requests, providing clear error messages.
+- **202 Accepted status**: Properly handles `202 Accepted` status code for async operations (e.g., position conversion).
+
+### ➕ Added
+
+#### Configuration Options
+- **Timeout configuration** via environment variables:
+  - `DHAN_CONNECT_TIMEOUT` - Connection timeout in seconds (default: 10)
+  - `DHAN_READ_TIMEOUT` - Read timeout in seconds (default: 30)
+  - `DHAN_WRITE_TIMEOUT` - Write timeout in seconds (default: 30)
+- **WebSocket order tracker configuration** via environment variables:
+  - `DHAN_WS_MAX_TRACKED_ORDERS` - Maximum orders to track (default: 10,000)
+  - `DHAN_WS_MAX_ORDER_AGE` - Maximum order age in seconds (default: 604,800 = 7 days)
+
+#### Test Coverage
+- `spec/dhan_hq/contracts/place_order_contract_spec.rb` - Comprehensive price validation tests
+- `spec/dhan_hq/helpers/response_helper_spec.rb` - JSON parsing and error handling tests
+- `spec/dhan_hq/ws/orders/client_spec.rb` - Order tracker cleanup and thread safety tests
+- Updated existing specs to cover new functionality and improvements
+
+### 🔄 Changed
+
+- **Error handling**: Improved error messages and logging throughout the codebase
+- **Thread safety**: Enhanced thread safety in rate limiter and WebSocket clients
+- **Memory management**: Order tracker now automatically cleans up old orders
+- **JSON parsing**: Invalid JSON now raises `DataError` with logging (empty strings still return empty hash for backward compatibility)
+
+### 🗑️ Removed
+
+- `lib/DhanHQ/contracts/modify_order_contract_copy.rb` - Removed unused duplicate file
+
+### 📝 Notes
+
+- **Backward Compatibility**: All changes maintain 100% backward compatibility. No breaking changes.
+- **API Compliance**: All fixes align with official API documentation at https://api.dhan.co/v2/#/
+- **Performance**: Memory leak fixes and cleanup mechanisms improve long-running application stability
+- **Reliability**: Retry logic and improved error handling increase resilience to transient failures
+
 ## [2.1.10] - 2025-11-11
 
 ### Fixed