spotipy-dev/spotipy 2.25.2
2.25.2: CVE-2025-66040

on GitHub

15 hours ago

Security

CVE-2025-66040 – HTML for OAuth flow now sanitized: prevents potential XSS attacks (by @yueyueL)
Upgrade if you run spotipy with the default OAuth flow (uses a local HTTP server as a callback method)

Added

Adds additional_types parameter to retrieve currently playing episode
Add deprecation warnings to documentation

Fixed

Fixed dead link in README.md
Corrected Spotify/Spotipy typo in documentation

Check out latest releases or
releases around spotipy-dev/spotipy 2.25.2

Don't miss a new spotipy release

NewReleases is sending notifications on new releases.

Get notifications