Skip to content

2.25.2: CVE-2025-66040

Latest
Latest

Choose a tag to compare

View all tags
@dieser-niko dieser-niko released this 26 Nov 20:22
· 2 commits to master since this release
2.25.2
b5be7fb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Security

  • CVE-2025-66040HTML for OAuth flow now sanitized: prevents potential XSS attacks (by @yueyueL)
  • Upgrade if you run spotipy with the default OAuth flow (uses a local HTTP server as a callback method)

Added

  • Adds additional_types parameter to retrieve currently playing episode
  • Add deprecation warnings to documentation

Fixed

  • Fixed dead link in README.md
  • Corrected Spotify/Spotipy typo in documentation

Contributors

yueyueL
Assets 2
Loading