github spotipy-dev/spotipy 2.25.1
2.25.1: CVE-2025-27154
on GitHub

20 hours ago

Security

  • CVE-2025-27154Cache file permissions tightened: now 600 (user read/write only) instead of 644, preventing unauthorized local access to auth tokens (by @alichtman)
    • Upgrade if you run spotipy in a multi-user environment, manage multiple users' auth tokens, or need better protection against local unauthorized access; not required if you're the only user and your home directory is private.

Added

  • Added examples for audiobooks, shows and episodes methods to examples directory

Fixed

  • Fixed scripts in examples directory that didn't run correctly
  • Updated documentation for Client.current_user_top_artists to indicate maximum number of artists limit

Changed

  • Updated get_cached_token and save_token_to_cache methods to utilize Python's Context Management Protocol
  • Added except clause to get_cached_token method to handle json decode errors
  • Added warnings and updated docs due to Spotify's deprecation of HTTP and "localhost" redirect URIs
  • Use newer string formatters (https://pyformat.info)
  • Marked recommendation_genre_seeds as deprecated
Check out latest releases or
releases around spotipy-dev/spotipy 2.25.1

Don't miss a new spotipy release

NewReleases is sending notifications on new releases.

Get notifications