2bae36884d
- Update to 2.25.2: * Security + CVE-2025-66040 – HTML for OAuth flow now sanitized: prevents potential XSS attacks (by @yueyueL) Upgrade if you run spotipy with the default OAuth flow (uses a local HTTP server as a callback method) (bsc#1254285) * Added + Adds additional_types parameter to retrieve currently playing episode + Add deprecation warnings to documentation * Fixed + Fixed dead link in README.md + Corrected Spotify/Spotipy typo in documentation
Daniel Garcia2025-11-27 07:22:11 +00:00
3ca0a9eda0
- Update to 2.25.1: * Security + CVE-2025-27154 – Cache file permissions tightened: now 600 (user read/write only) instead of 644, preventing unauthorized local access to auth tokens (bsc#1238059) * Added + Added examples for audiobooks, shows and episodes methods to examples directory * Fixed + Fixed scripts in examples directory that didn't run correctly + Updated documentation for Client.current_user_top_artists to indicate maximum number of artists limit * Changed + Updated get_cached_token and save_token_to_cache methods to utilize Python's Context Management Protocol + Added except clause to get_cached_token method to handle json decode errors + Added warnings and updated docs due to Spotify's deprecation of HTTP and "localhost" redirect URIs + Use newer string formatters (https://pyformat.info) + Marked recommendation_genre_seeds as deprecated
Steve Kowalik2025-02-28 05:09:56 +00:00
fa2b11860d
Accepting request 1235646 from devel:languages:python
Ana Guerrero2025-01-07 19:55:06 +00:00
b51698b38f
Accepting request 1235644 from home:glaubitz:branches:devel:languages:python
Markéta Machová2025-01-07 14:33:59 +00:00
f901f27283
Accepting request 1198446 from home:pgajdos
Matej Cepl2024-09-03 23:21:27 +00:00
1713c617c7
Accepting request 1179665 from devel:languages:python
Ana Guerrero2024-06-10 15:38:14 +00:00
44ddbe5924
- update to 2.24.0: * Added MemcacheCacheHandler, a cache handler that stores the token info using pymemcache. * Added support for audiobook endpoints: get_audiobook, get_audiobooks, and get_audiobook_chapters. * Added integration tests for audiobook endpoints. * Added update field to current_user_follow_playlist. * Fixed error obfuscation when Spotify class is being inherited and an error is raised in the Child's __init__ * Replaced artist_albums(album_type=...) with artist_albums(include_groups=...) due to an API change. * Updated _regex_spotify_url to ignore /intl-<countrycode> in Spotify links
Dirk Mueller2024-06-10 09:23:24 +00:00
9596e2258b
Accepting request 1133445 from devel:languages:python
Ana Guerrero2023-12-15 20:50:38 +00:00
6b7a2e1958
- update to 2.23.0: * Added optional encoder_cls argument to CacheFileHandler, which overwrite default encoder for token before writing to disk * Integration tests for searching multiple types in multiple markets (non-user endpoints) * Publish to PyPI action * Fixed the regex for matching playlist URIs with the format spotify:user:USERNAME:playlist:PLAYLISTID. * search_markets now factors the counts of all types in the total rather than just the first type (#534) * Add alternative module installation instruction to README * Added Comment to README - Getting Started for user to add URI to app in Spotify Developer Dashboard. * Added playlist_add_tracks.py to example folder * Modified docstring for playlist_add_items() to accept "only URIs or URLs", * with intended deprecation for IDs in v3 * Path traversal vulnerability that may lead to type confusion in URI handling code * Update contributing.md - Update to version 2.22.0 - Update to version 2.21.0
Dirk Mueller2023-12-08 13:45:36 +00:00
2a2e9a03a5
- Update to 2.13.0: * Added + Added SpotifyImplicitGrant as an auth manager option. It provides user authentication without a client secret but sacrifices the ability to refresh the token without user input. (However, read the class docstring for security advisory.) + Added built-in verification of the state query parameter + Added two new attributes: error and error_description to SpotifyOauthError exception class to show + authorization/authentication web api errors details. + Added SpotifyStateError subclass of SpotifyOauthError + Allow extending SpotifyClientCredentials and SpotifyOAuth + Added the market paramter to album_tracks + Added a method to update the auth token. + Support for shows/podcasts and episodes + Added CONTRIBUTING.md * Deprecated + Deprecated util.prompt_for_user_token in favor of spotipy.Spotify(auth_manager=SpotifyOAuth()) * Fixed + Logging regression due to the addition of logging.basicConfig() which was unneeded. + Issue where using http://localhost as redirect_uri would cause the authorization process to hang. + Fixed miscellaneous issues with parsing of callback URL + Close session when Spotipy object is unloaded + Propagate refresh token error * Changed + Updated the documentation to give more details on the authorization + process and reflect 2020 Spotify Application jargon and practices. + The local webserver is only started for localhost redirect_uri which specify a port, + i.e. it is started for http://localhost:8080 or http://127.0.0.1:8080, not for http://localhost. + Client retry logic has changed as it now uses urllib3's Retry in conjunction with requests Session + The session is customizable as it allows for: - status_forcelist - retries - status_retries - backoff_factor + Spin up a local webserver to auto-fill authentication URL + Use session in SpotifyAuthBase + Logging used instead of print statements - Skip one test that requires external internet access
Steve Kowalik2020-07-07 06:58:55 +00:00
Ana Guerrero
Markéta Machová
Daniel Garcia
Dominique Leuenberger
Steve Kowalik
Matej Cepl
Dirk Mueller
Richard Brown
Tomáš Chvátal
Thomas Bechtold