Dr. McKay

You should probably attach a callback so you can see if there was an error.

What is there to fix? If you're trade banned you aren't necessarily community banned.

https://github.com/DoctorMcKay/node-steamcommunity/releases/tag/v3.41.1

Either your clock is wrong or your secret is wrong.

It cannot be added to steam-user. Sorry. You don't need to call getSteamUser to use this method. Just call community.sendImageToUser(steamID, imageBuffer, options, callback).

Your shared_secret is retrieved from enabling mobile two factor using steamcommunity. If you don't have a mobile authenticator enabled on your account, then you can't use generateAuthCode and you need to get a code from your email instead.

https://github.com/DoctorMcKay/node-steamcommunity/releases/tag/v3.41.0

Those are system messages, not chat features. You can't send them yourself. No, you would lose all new chat functionality.

Steam's probably having an issue.

In the user event (or getPersonas), user.persona_state == SteamUser.EPersonaState.Away tells you if their status is set to "Away". And you can check if user.game_played_app_id is truthy to see if they're in-game.

So this is happening because JavaScript is single-threaded, and your loop is taking too long. While the loop is running, the rest of the code can't keep the connection to Steam alive and do other housekeeping tasks. You'll need to figure out a way to get the time that loop takes down, perhaps by limiting how many items it will process at a time, or perhaps by using setImmediate periodically so the rest of the event loop can get processed.

The first argument to client.chatMessage needs to be the SteamID of the user to whom you're sending the message.

I have no idea what trips that, but running a bot doesn't seem to have a significant impact on it.

You may run into problems with confirmations not appearing if you use two different solutions to confirm trades. But otherwise, it should work alright. I'm not sure I understand what you're asking here. If you create an account but don't enable a mobile authenticator on it, it'll work fine but it won't be able to trade without 15-day trade holds.

If you don't want to use the mechanisms built into steam-tradeoffer-manager, then you'll have to call GetAssetClassInfo yourself.

If you pass a language to the constructor, then item descriptions (including name) will be set. tradable is false if you don't have a language set because an item's tradability is part of its description, which isn't loaded if there's no language set. It would probably be a good idea if I deleted those properties for items that don't have descriptions available, I guess.

403 usually means your IP got temporarily blocked. You need to tone down the requests you make, especially to inventories. And don't use the confirmation checker.

This is a known issue. I haven't gotten around to adding proper support for showcases yet.

They're the same thing.

Asset IDs generally won't change if an item is just sitting in your inventory. They will change (for Valve games) if they are "changed" somehow (e.g. renamed in-game) or if they're traded away. Note that in some circumstances, a trade offer can be sent and accepted, but the actual item exchange might fail and Steam might roll back the trade. If this happens, some (but not necessarily all) of the items in the trade will have their IDs change.

You need to use community.setCookies() to log SteamCommunity into Steam.

No problem at all. It's definitely possible that they disabled the old webchat endpoints (I haven't checked to see if they work in a long while). If they have, I would seriously recommend just using steam-user. As mentioned earlier, it's rather lightweight if all you're doing is logging on and setting yourself to online.

It doesn't look like you ever logged in.

As far as I'm aware, the old webchat endpoints do still work, and I never removed the code from steamcommunity. You could try using it. That said, using steam-user just to go online and do nothing else is pretty lightweight. It's just a single connection getting held open, and sending heartbeat packets every 9 seconds or so. I use Charles Proxy to intercept app requests. If your phone is rooted, research how to add a root certificate to the system store. Then you can MITM whatever you want, as long as the app doesn't implement cert pinning (Steam doesn't, last I checked).

Why not just use steam-user to go online? To analyze the calls an Android app makes, you need a rooted phone. Android 7 (I think) made it to where apps need to explicitly opt-in to allowing user-entered roots for secure connections, which few apps do.