# aiomail — ledger

## v0.1.2

- **fidelity capability (non-breaking):** added `match_field="from"|"to"` to
  `retrieve_otp`. `"from"` (default) is the current behavior, byte-identical — matches
  the sender address. `"to"` matches the recipient address (the per-user alias the code
  was sent to) primary, and additionally accepts a forwarded match on the From header,
  restoring the original `imap_tool.py` recipient-primary matching for alias flows. The
  server query builds `TO "..."` (vs `FROM "..."`) and the client-side predicate checks
  the To header (with the From fallback) accordingly.

## v0.1.1

- **XOAUTH2 token is str, not bytes:** aioimaplib f-string-interpolates the token into
  the SASL string, so a bytes token injected a `b'...'` repr and broke every login.
  Dropped the `.encode()`. (A false CLAUDE.md "bytes required" note had propagated this.)
- tolerant SEARCH parse (skip non-numeric tokens instead of crashing the whole search).
- `connect()` logs out the IMAP object on a failed attempt (was a socket leak); moved the
  `asyncio` import in `oauth.py` to module top.

## v0.1.0

- initial: async IMAP one-time-code retrieval; password + XOAUTH2 auth, dynamic
  sender/subject/code matching via flexible match specs.