v1.17.1 - 2026-03-10

Breaking: DELETE /orders — four-bucket cancel response

The response now categorizes each requested order ID into exactly one of four buckets:

Field	Type	Description
`orders_cancelled`	`string[]`	IDs fully deleted from Redis (limit and RFQ orders)
`orders_pending_cancel`	`string[]`	IDs that were inflight — marked for cancellation but may still partially fill
`rejected_cancellations`	`string[]`	IDs rejected due to ownership violation (order belongs to another user) or margin account in liquidation
`orders_not_found`	`string[]`	IDs not found in the system

Before: { orders_cancelled: string[] } After: { orders_cancelled, orders_pending_cancel, rejected_cancellations, orders_not_found }

Every requested order ID appears in exactly one bucket. Clients parsing only orders_cancelled should handle the additional fields.

DELETE /orders_all — adds orders_pending_cancel bucket

The response now includes a second field for inflight orders:

Field	Type	Description
`orders_cancelled`	`string[]`	IDs fully deleted from Redis (limit and RFQ orders)
`orders_pending_cancel`	`string[]`	IDs that were inflight — marked for cancellation but may still partially fill

Before: { orders_cancelled: string[] } After: { orders_cancelled, orders_pending_cancel }

DELETE /orders — ownership enforcement (IDOR fix)

Previously, any authenticated user could cancel orders belonging to other users by specifying their order IDs. The endpoint now validates ownership and returns rejected IDs in the rejected_cancellations bucket.