sdk-drift: getExecutionPriceDetailed sends this.config.headers instead of getAuthHeaders() in TypeScript — auth tokens omitted

[realfishsam]

Drift

getExecutionPriceDetailed / get_execution_price_detailed uses different header sources in the two SDKs. Python correctly calls the auth-header helper; TypeScript spreads this.config.headers directly, which does not include the derived auth token headers.

TypeScript SDK

sdks/typescript/pmxt/client.ts (line ~2207):

headers: {
    'Content-Type': 'application/json',
    ...this.config.headers,   // ← raw config headers, NOT getAuthHeaders()
},

this.config.headers holds static headers set at construction time. It does not include the Authorization: Bearer <pmxtApiKey> header (hosted mode) or the x-pmxt-access-token header (local sidecar mode), which are only produced by this.getAuthHeaders().

Python SDK

sdks/python/pmxt/client.py (line ~2714):

headers = {"Content-Type": "application/json"}
headers.update(self._get_auth_headers())   # ← correct auth-header helper

Python calls _get_auth_headers() and therefore includes the correct token on every request.

Expected

TypeScript getExecutionPriceDetailed should call this.getAuthHeaders() (or the equivalent) instead of spreading this.config.headers, matching the pattern used in every other authenticated method in client.ts.

Impact

In hosted mode the Authorization: Bearer <pmxtApiKey> header is absent, causing the request to be rejected as unauthenticated. In local sidecar mode the x-pmxt-access-token is absent, with the same result. The method silently succeeds for unauthenticated (open) endpoints only. Python get_execution_price_detailed works correctly in all modes. This is a functional regression unique to TypeScript.

---

Found by automated SDK cross-language drift audit

[realfishsam]

Opened fix PR: #997

The PR changes TypeScript getExecutionPriceDetailed to use getAuthHeaders() and adds a regression test that fails without the bearer auth header.