14
0
Files
python-spotipy/python-spotipy.changes
Steve Kowalik e649388e4d - Update to 2.25.1:
* Security
    + CVE-2025-27154 – Cache file permissions tightened: now 600 (user
      read/write only) instead of 644, preventing unauthorized local access
      to auth tokens (bsc#1238059)
  * Added
    + Added examples for audiobooks, shows and episodes methods to examples
      directory
  * Fixed
    + Fixed scripts in examples directory that didn't run correctly
    + Updated documentation for Client.current_user_top_artists to indicate
      maximum number of artists limit
  * Changed
    + Updated get_cached_token and save_token_to_cache methods to utilize
      Python's Context Management Protocol
    + Added except clause to get_cached_token method to handle json decode
      errors
    + Added warnings and updated docs due to Spotify's deprecation of HTTP
      and "localhost" redirect URIs
    + Use newer string formatters (https://pyformat.info)
    + Marked recommendation_genre_seeds as deprecated

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-spotipy?expand=0&rev=32
2025-02-28 05:09:56 +00:00

366 lines
18 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

-------------------------------------------------------------------
Fri Feb 28 05:07:51 UTC 2025 - Steve Kowalik <steven.kowalik@suse.com>
- Update to 2.25.1:
* Security
+ CVE-2025-27154 Cache file permissions tightened: now 600 (user
read/write only) instead of 644, preventing unauthorized local access
to auth tokens (bsc#1238059)
* Added
+ Added examples for audiobooks, shows and episodes methods to examples
directory
* Fixed
+ Fixed scripts in examples directory that didn't run correctly
+ Updated documentation for Client.current_user_top_artists to indicate
maximum number of artists limit
* Changed
+ Updated get_cached_token and save_token_to_cache methods to utilize
Python's Context Management Protocol
+ Added except clause to get_cached_token method to handle json decode
errors
+ Added warnings and updated docs due to Spotify's deprecation of HTTP
and "localhost" redirect URIs
+ Use newer string formatters (https://pyformat.info)
+ Marked recommendation_genre_seeds as deprecated
-------------------------------------------------------------------
Tue Jan 7 14:28:06 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to 2.25.0
* Added unit tests for queue functions
* Added detailed function docstrings to 'util.py', including descriptions and special sections
that lists arguments, returns, and raises.
* Updated order of instructions for Python and pip package manager installation in TUTORIAL.md
* Updated TUTORIAL.md instructions to match current layout of Spotify Developer Dashboard
* Added test_artist_id, test_artist_url, and test_artists_mixed_ids to non_user_endpoints test.py
* Added rate/request limit to FAQ
* Added custom `urllib3.Retry` class for printing a warning when a rate/request limit is reached.
* Added `personalized_playlist.py`, `track_recommendations.py`, and `audio_features_analysis.py`
to `/examples`.
* Discord badge in README
* Added `SpotifyBaseException` and moved all exceptions to `exceptions.py`
* Marked the following methods as deprecated:
- artist_related_artists
- recommendations
- audio_features
- audio_analysis
- featured_playlists
- category_playlists
* Added FAQ entry for inaccessible playlists
* Audiobook integration tests
* Edited docstrings for certain functions in client.py for functions that are no longer in use
and have been replaced.
* `current_user_unfollow_playlist()` now supports playlist IDs, URLs, and URIs rather than
previously where it only supported playlist IDs.
* `mock` no longer listed as a test dependency. Only built-in `unittest.mock` is actually used.
- Use Python 3.11 on SLE-15 by default
- Switch build system from setuptools to pyproject.toml
* Add python-pip and python-wheel to BuildRequires
* Replace %python_build with %pyproject_wheel
* Replace %python_install with %pyproject_install
-------------------------------------------------------------------
Tue Sep 3 10:00:31 UTC 2024 - pgajdos@suse.com
- python-six is not required
-------------------------------------------------------------------
Mon Jun 10 09:22:32 UTC 2024 - Dirk Müller <dmueller@suse.com>
- update to 2.24.0:
* Added `MemcacheCacheHandler`, a cache handler that stores the
token info using pymemcache.
* Added support for audiobook endpoints: `get_audiobook`,
`get_audiobooks`, and `get_audiobook_chapters`.
* Added integration tests for audiobook endpoints.
* Added `update` field to `current_user_follow_playlist`.
* Fixed error obfuscation when Spotify class is being inherited
and an error is raised in the Child's `__init__`
* Replaced `artist_albums(album_type=...)` with
`artist_albums(include_groups=...)` due to an API change.
* Updated `_regex_spotify_url` to ignore `/intl-<countrycode>`
in Spotify links
-------------------------------------------------------------------
Fri Dec 8 13:45:17 UTC 2023 - Dirk Müller <dmueller@suse.com>
- update to 2.23.0:
* Added optional `encoder_cls` argument to `CacheFileHandler`,
which overwrite default encoder for token before writing to
disk
* Integration tests for searching multiple types in multiple
markets (non-user endpoints)
* Publish to PyPI action
* Fixed the regex for matching playlist URIs with the format
spotify:user:USERNAME:playlist:PLAYLISTID.
* `search_markets` now factors the counts of all types in the
`total` rather than just the first type (#534)
* Add alternative module installation instruction to README
* Added Comment to README - Getting Started for user to add URI
to app in Spotify Developer Dashboard.
* Added playlist_add_tracks.py to example folder
* Modified docstring for playlist_add_items() to accept "only
URIs or URLs",
* with intended deprecation for IDs in v3
* Path traversal vulnerability that may lead to type confusion
in URI handling code
* Update contributing.md
-------------------------------------------------------------------
Tue Dec 13 17:06:22 UTC 2022 - Yogalakshmi Arunachalam <yarunachalam@suse.com>
- Update to version 2.22.0
* Added
Integration tests via GHA (non-user endpoints)
Unit tests for new releases, passing limit parameter with minimum and maximum values of 1 and 50
Unit tests for categories, omitting country code to test global releases
Added CODE_OF_CONDUCT.md
* Fixed
Incorrect category_id input for test_category
Assertion value for test_categories_limit_low and test_categories_limit_high
Pin Github Actions Runner to Ubuntu 20 for Py27
Fixed potential error where found variable in test_artist_related_artists is undefined if for loop never evaluates to true
Fixed false positive test test_new_releases which looks up the wrong property of the JSON response object and always evaluates to true
-------------------------------------------------------------------
Wed Nov 9 19:13:31 UTC 2022 - Yogalakshmi Arunachalam <yarunachalam@suse.com>
- Update to version 2.21.0
Added
* Added market parameter to album and albums to address #753
* Added 'show_featured_artists.py' to 'examples'.
* Expanded contribution and license sections of the documentation.
* Added FlaskSessionCacheHandler, a cache handler that stores the token info in a flask session.
* Added Python 3.10 in GitHub Actions
Fixed
* Updated the documentation to specify ISO-639-1 language codes.
* Fix AttributeError for text attribute of the Response object
* Require redis v3 if python2.7 (fixes readthedocs)
-------------------------------------------------------------------
Thu Sep 29 13:02:28 UTC 2022 - Adrian Schröter <adrian@suse.de>
- update to version 2.20.0
### Added
* Added `RedisCacheHandler`, a cache handler that stores the token info in Redis.
* Changed URI handling in `client.Spotify._get_id()` to remove qureies if provided by error.
* Added a new parameter to `RedisCacheHandler` to allow custom keys (instead of the default `token_info` key)
* Simplify check for existing token in `RedisCacheHandler`
-------------------------------------------------------------------
Tue Apr 19 10:06:31 UTC 2022 - pgajdos@suse.com
- version update to 2.19.0
## [2.19.0] - 2021-08-12
### Added
* Added `MemoryCacheHandler`, a cache handler that simply stores the token info in memory as an instance attribute of this class.
* If a network request returns an error status code but the response body cannot be decoded into JSON, then fall back on decoding the body into a string.
* Added `DjangoSessionCacheHandler`, a cache handler that stores the token in the session framework provided by Django. Web apps using spotipy with Django can directly use this for cache handling.
### Fixed
* Fixed a bug in `CacheFileHandler.__init__`: The documentation says that the username will be retrieved from the environment, but it wasn't.
* Fixed a bug in the initializers for the auth managers that produced a spurious warning message if you provide a cache handler and you set a value for the "SPOTIPY_CLIENT_USERNAME" environment variable.
* Use generated MIT license and fix license type in `pip show`
## [2.18.0] - 2021-04-13
### Added
- Enabled using both short and long IDs for playlist_change_details
- Added a cache handler to `SpotifyClientCredentials`
- Added the following endpoints
* `Spotify.current_user_saved_episodes`
* `Spotify.current_user_saved_episodes_add`
* `Spotify.current_user_saved_episodes_delete`
* `Spotify.current_user_saved_episodes_contains`
* `Spotify.available_markets`
### Changed
- Add support for a list of scopes rather than just a comma separated string of scopes
### Fixed
* Fixed the bugs in `SpotifyOAuth.refresh_access_token` and `SpotifyPKCE.refresh_access_token` which raised the incorrect exception upon receiving an error response from the server. This addresses #645.
* Fixed a bug in `RequestHandler.do_GET` in which the non-existent `state` attribute of `SpotifyOauthError` is accessed. This bug occurs when the user clicks "cancel" in the permissions dialog that opens in the browser.
* Cleaned up the documentation for `SpotifyClientCredentials.__init__`, `SpotifyOAuth.__init__`, and `SpotifyPKCE.__init__`.
## [2.17.0] - 2021-02-28
### Changed
- moved os.remove(session_cache_path()) inside try block to avoid TypeError on app.py example file
- A warning will no longer be emitted when the cache file does not exist at the specified path
- The docs for the `auth` parameter of `Spotify.init` use the term "access token" instead of "authorization token"
- Changed docs for `search` to mention that you can provide multiple types to search for
- The query parameters of requests are now logged
- Deprecate specifing `cache_path` or `username` directly to `SpotifyOAuth`, `SpotifyPKCE`, and `SpotifyImplicitGrant` constructors, instead directing users to use the `CacheFileHandler` cache handler
- Removed requirement for examples/app.py to specify port multiple times (only SPOTIPY_REDIRECT_URI needs to contain the port)
### Added
- Added log messages for when the access and refresh tokens are retrieved and when they are refreshed
- Support `market` optional parameter in `track`
- Added CacheHandler abstraction to allow users to cache tokens in any way they see fit
### Fixed
- Fixed Spotify.user_playlist_reorder_tracks calling Spotify.playlist_reorder_tracks with an incorrect parameter order
- Fixed deprecated Urllib3 `Retry(method_whitelist=...)` in favor of `Retry(allowed_methods=...)`
- python-mock is not required for build
-------------------------------------------------------------------
Thu Oct 29 09:29:48 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>
- Update to 2.16.1:
* Fixed
+ playlist_tracks example code no longer prints extra
characters on final loop iteration
+ SpotifyException now thrown when a request fails & has no
response (#571, #581)
+ Added scope, playlist-read-private, to examples that access
user playlists using the spotipy api:
current_user_playlists()
+ Enable retries for POST, DELETE, PUT (#577)
* Changed
+ both inline and starting import lists are sorted using isort
module
+ changed Max Retries exception code from 599 to 429
- Update to 2.16.0:
* Added
+ open_browser can be passed to the constructors of
SpotifyOAuth and SpotifyPKCE to make it easier to authorize
in browserless environments
- Update to 2.15.0:
* Added
+ SpotifyPKCE.parse_auth_response_url, mirroring that method in
SpotifyOAuth
* Changed
+ Specifying a cache_path or username is now optional
* Fixed
+ Using SpotifyPKCE.get_authorization_url will now generate a
code challenge if needed
- Update to 2.14.0:
* Added
+ (experimental) Support to search multiple/all markets at
once.
+ Support to test whether the current user is following certain
users or artists
+ Proper replacements for all deprecated playlist endpoints (See
https://developer.spotify.com/community/news/2018/06/12/changes-to-playlist-uris/
and below)
+ Allow for OAuth 2.0 authorization by instructing the user to
open the URL in a browser instead of opening the browser.
+ Reason for 403 error in SpotifyException
+ Support for the PKCE Auth Flow
+ Support to advertise different language to Spotify
+ Added 'collaborative' parameter to user_playlist_create
method.
+ Enforce CHANGELOG update on PR
+ Adds additional_types parameter to retrieve currently playing
podcast episode
+ Support to get info about a single category
* Deprecated
+ user_playlist_change_details in favor of
playlist_change_details
+ user_playlist_unfollow in favor of
current_user_unfollow_playlist
+ user_playlist_add_tracks in favor of playlist_add_items
+ user_playlist_replace_tracks in favor of
playlist_replace_items
+ user_playlist_reorder_tracks in favor of
playlist_reorder_items
+ user_playlist_remove_all_occurrences_of_tracks in favor of
playlist_remove_all_occurrences_of_items
+ user_playlist_remove_specific_occurrences_of_tracks in favor
of playlist_remove_specific_occurrences_of_items
+ user_playlist_follow_playlist in favor of
current_user_follow_playlist
+ user_playlist_is_following in favor of playlist_is_following
+ playlist_tracks in favor of playlist_items
* Fixed
+ fixed issue where episode URIs were being converted to track
URIs in playlist calls
-------------------------------------------------------------------
Tue Jul 7 06:56:38 UTC 2020 - Steve Kowalik <steven.kowalik@suse.com>
- Update to 2.13.0:
* Added
+ Added `SpotifyImplicitGrant` as an auth manager option. It provides
user authentication without a client secret but sacrifices the ability
to refresh the token without user input. (However, read the class
docstring for security advisory.)
+ Added built-in verification of the `state` query parameter
+ Added two new attributes: error and error_description to `SpotifyOauthError` exception class to show
+ authorization/authentication web api errors details.
+ Added `SpotifyStateError` subclass of `SpotifyOauthError`
+ Allow extending `SpotifyClientCredentials` and `SpotifyOAuth`
+ Added the market paramter to `album_tracks`
+ Added a method to update the auth token.
+ Support for shows/podcasts and episodes
+ Added CONTRIBUTING.md
* Deprecated
+ Deprecated `util.prompt_for_user_token` in favor of `spotipy.Spotify(auth_manager=SpotifyOAuth())`
* Fixed
+ Logging regression due to the addition of `logging.basicConfig()` which was unneeded.
+ Issue where using `http://localhost` as redirect_uri would cause the authorization process to hang.
+ Fixed miscellaneous issues with parsing of callback URL
+ Close session when Spotipy object is unloaded
+ Propagate refresh token error
* Changed
+ Updated the documentation to give more details on the authorization
+ process and reflect 2020 Spotify Application jargon and practices.
+ The local webserver is only started for localhost redirect_uri which specify a port,
+ i.e. it is started for `http://localhost:8080` or `http://127.0.0.1:8080`, not for `http://localhost`.
+ Client retry logic has changed as it now uses urllib3's `Retry` in conjunction with requests `Session`
+ The session is customizable as it allows for:
- status_forcelist
- retries
- status_retries
- backoff_factor
+ Spin up a local webserver to auto-fill authentication URL
+ Use session in SpotifyAuthBase
+ Logging used instead of print statements
- Skip one test that requires external internet access
-------------------------------------------------------------------
Thu Mar 26 14:45:02 UTC 2020 - Marketa Calabkova <mcalabkova@suse.com>
- update to 2.10.0
* Support for add_to_queue
* Add CHANGELOG and LICENSE to released package
-------------------------------------------------------------------
Tue Mar 17 13:57:10 UTC 2020 - pgajdos@suse.com
- version update to 2.9.0
* Support `position_ms` optional parameter in `start_playback`
* Add `requests_timeout` parameter to authentication methods
* Make cache optional in `get_access_token`
* Support for `playlist_cover_image`
* Support `after` and `before` parameter in `current_user_recently_played`
* CI for unit tests
* Automatic `token` refresh
* `auth_manager` and `oauth_manager` optional parameters added to `Spotify`'s init.
* Optional `username` parameter to be passed to `SpotifyOAuth`, to infer a `cache_path` automatically
* Optional `as_dict` parameter to control `SpotifyOAuth`'s `get_access_token` output type. However, this is going to be deprecated in the future, and the method will always return a token string
* Optional `show_dialog` parameter to be passed to `SpotifyOAuth`
* Both `SpotifyClientCredentials` and `SpotifyOAuth` inherit from a common `SpotifyAuthBase` which handles common parameters and logics.
* Support for `playlist_tracks`
* Support for `playlist_upload_cover_image`
* `user_playlist_tracks` doesn't require a user anymore (accepts `None`)
* Deprecated `user_playlist` and `user_playlist_tracks`
* Fixed broken examples in README, examples and doc
* Allow session keepalive
* Bump requests to 2.20.0
* Fixed inconsistent behaviour with some API methods when
a full HTTP URL is passed.
* Fixed invalid calls to logging warn method
* Support for `playlist` to get a playlist without specifying a user
* Support for `current_user_saved_albums_delete`
* Support for `current_user_saved_albums_contains`
* Support for `user_unfollow_artists`
* Support for `user_unfollow_users`
* Added follow and player endpoints
-------------------------------------------------------------------
Wed Dec 19 16:22:44 UTC 2018 - Jan Engelhardt <jengelh@inai.de>
- Trim filler wording from descriptions.
-------------------------------------------------------------------
Wed Dec 19 13:08:00 UTC 2018 - Matej Cepl <mcepl@suse.com>
- Fix description and summary
-------------------------------------------------------------------
Wed Oct 17 05:28:28 UTC 2018 - Thomas Bechtold <tbechtold@suse.com>
- Initial packaging (version 2.4.4)