Releases: spotipy-dev/spotipy
Releases · spotipy-dev/spotipy
2.23: Misc. updates
Added
- Added optional
encoder_cls
argument toCacheFileHandler
, which overwrite default encoder for token before writing to disk #941 by @shawncruz - Integration tests for searching multiple types in multiple markets (non-user endpoints) #901 by @rngolam
- Publish to PyPI action #958 by @stephanebruckert
Fixed
2.22.1: CVE-2023-23608
Fixed
- CVE-2023-23608: fixed path traversal vulnerability that may lead to type confusion in URI handling code. Can prevent a potential XSS attack.
- Upgrade if your app is user-facing and it allows user inputs for any type of Spotify IDs/URIs/URLs that may be forwarded to the Spotify API. Thanks to @Shaderbug for finding and fixing this bug b1db0b6
Changed
- Modified docstring for deprecated
playlist_add_items()
to accept "only URIs or URLs", with intended fix for IDs in v3.
2.22: Get queue endpoint
Added
- Integration tests via GHA (non-user endpoints)
- Unit tests for new releases, passing limit parameter with minimum and maximum values of 1 and 50
- Unit tests for categories, omitting country code to test global releases
- Added
CODE_OF_CONDUCT.md
Fixed
- Incorrect
category_id
input for test_category - Assertion value for
test_categories_limit_low
andtest_categories_limit_high
- Pin Github Actions Runner to Ubuntu 20 for Py27
- Fixed potential error where
found
variable intest_artist_related_artists
is undefined if for loop never evaluates to true - Fixed false positive test
test_new_releases
which looks up the wrong property of the JSON response object and always evaluates to true
2.21: Flask cache handler
Added
- Added
market
parameter toalbum
andalbums
to address #753 by @ivyadam - Added 'show_featured_artists.py' to 'examples'.
- Expanded contribution and license sections of the documentation.
- Added
FlaskSessionCacheHandler
, a cache handler that stores the token info in a flask session. - Added Python 3.10 in GitHub Actions
Fixed
2.20: Redis cache handler
Added
- Added
RedisCacheHandler
, a cache handler that stores the token info in Redis. - Changed URI handling in
client.Spotify._get_id()
to remove qureies if provided by error. - Added a new parameter to
RedisCacheHandler
to allow custom keys (instead of the defaulttoken_info
key) - Simplify check for existing token in
RedisCacheHandler
Changed
- Removed Python 3.5 and added Python 3.9 in Github Action
2.19: Memory and Django cache handlers
Added
- Added
MemoryCacheHandler
, a cache handler that simply stores the token info in memory as an instance attribute of this class. - If a network request returns an error status code but the response body cannot be decoded into JSON, then fall back on decoding the body into a string.
- Added
DjangoSessionCacheHandler
, a cache handler that stores the token in the session framework provided by Django. Web apps using spotipy with Django can directly use this for cache handling.
Fixed
- Fixed a bug in
CacheFileHandler.__init__
: The documentation says that the username will be retrieved from the environment, but it wasn't. - Fixed a bug in the initializers for the auth managers that produced a spurious warning message if you provide a cache handler and you set a value for the "SPOTIPY_CLIENT_USERNAME" environment variable.
- Use generated MIT license and fix license type in
pip show
2.18: Saved episodes endpoints
Added
- Enabled using both short and long IDs for playlist_change_details
- Added a cache handler to
SpotifyClientCredentials
- Added the following endpoints
Spotify.current_user_saved_episodes
Spotify.current_user_saved_episodes_add
Spotify.current_user_saved_episodes_delete
Spotify.current_user_saved_episodes_contains
Spotify.available_markets
Changed
- Add support for a list of scopes rather than just a comma separated string of scopes
Fixed
- Fixed the bugs in
SpotifyOAuth.refresh_access_token
andSpotifyPKCE.refresh_access_token
which raised the incorrect exception upon receiving an error response from the server. This addresses #645. - Fixed a bug in
RequestHandler.do_GET
in which the non-existentstate
attribute ofSpotifyOauthError
is accessed. This bug occurs when the user clicks "cancel" in the permissions dialog that opens in the browser. - Cleaned up the documentation for
SpotifyClientCredentials.__init__
,SpotifyOAuth.__init__
, andSpotifyPKCE.__init__
.
2.17.1: Custom cache handlers (fixed dep)
Fixed
allowed_methods
requires urllib3>=1.26.0
2.17: Custom cache handlers
Changed
- moved os.remove(session_cache_path()) inside try block to avoid TypeError on app.py example file
- A warning will no longer be emitted when the cache file does not exist at the specified path
- The docs for the
auth
parameter ofSpotify.init
use the term "access token" instead of "authorization token" - Changed docs for
search
to mention that you can provide multiple types to search for - The query parameters of requests are now logged
- Deprecate specifing
cache_path
orusername
directly toSpotifyOAuth
,SpotifyPKCE
, andSpotifyImplicitGrant
constructors, instead directing users to use theCacheFileHandler
cache handler - Removed requirement for examples/app.py to specify port multiple times (only SPOTIPY_REDIRECT_URI needs to contain the port)
Added
- Added log messages for when the access and refresh tokens are retrieved and when they are refreshed
- Support
market
optional parameter intrack
- Added CacheHandler abstraction to allow users to cache tokens in any way they see fit
Fixed
- Fixed Spotify.user_playlist_reorder_tracks calling Spotify.playlist_reorder_tracks with an incorrect parameter order
- Fixed deprecated Urllib3
Retry(method_whitelist=...)
in favor ofRetry(allowed_methods=...)
2.16.1: Automatic retries bugfixes
Fixed
- playlist_tracks example code no longer prints extra characters on final loop iteration
- SpotifyException now thrown when a request fails & has no response (#571, #581)
- Added scope,
playlist-read-private
, to examples that access user playlists using the spotipy api: current_user_playlists() (#591) - Enable retries for POST, DELETE, PUT (#577)
Changed
- both inline and starting import lists are sorted using
isort
module - changed Max Retries exception code from 599 to 429