🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
DemoInstallSign in
Socket
DemoInstallSign in

spdl-core

Package Overview
Dependencies
5
Maintainers
1
Versions
30
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

spdl-core

Spotify track downloader module. Written in pure javascript.

2.0.2
latest
Source
npm
70

Supply Chain Security

100

Vulnerability

99

Quality

77

Maintenance

100

License

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Unpopular package

Quality

This package is not very popular.

Found 1 instance in 1 package

Version published
Weekly downloads
8
-77.14%
Maintainers
1
Weekly downloads
 
Created
Source

spdl-core

Spotify track downloader module. Written in pure javascript.

Support

You can contact us for support on our chat server

Usage

const fs = require('fs');
const spdl = require('spdl-core').default;
// Typescript: import spdl from 'spdl-core';

spdl.getInfo('https://open.spotify.com/track/3fjmSxt0PskST13CSdBUFx?si=e420cd3a80834011').then(infos => {
  spdl(infos.url).then(stream => {
    stream.on('end', () => console.log('Done!'));
    stream.pipe(fs.createWriteStream(`${infos.title}.mp3`));
  });
});

API

async spdl(url, options?)

Downloads the track from the given url. Returns a readable stream Options are the options for discord-ytdl-core

async spdl.getInfo(url)

Gives the information of a track

spdl.validateURL(url, type?)

Returns true if url is a spotify link

Limitations

Generated download links are valid for 6 hours, and may only be downloadable from the same IP address.

Install

npm install spdl-core@latest

Or for Yarn users:

yarn add spdl-core@latest

Make sure you're installing the latest version of spdl-core to keep up with the latest fixes.

Discord Bot

You'll need to install discord.js and @discordjs/opus.

const { MessageEmbed, Client } = require('discord.js');
const spdl = require('spdl-core');
function formatDuration(duration) {
  let seconds = duration / 1000;
  return `${Math.floor(seconds / 60)}m ${Math.floor(seconds % 60)}s`;
}

const client = new Client();
client.login('Your Discord Bot Token');
client.on('ready', () => console.log('Ready'));

client.on('message', async (msg) => {
  if (!msg.content.startsWith('!play')) return;
  const url = msg.content.split('!play ')[1];
  if (!spdl.validateURL(url)) return msg.channel.send('Invalid URL');
  const channel = msg.member.voice.channel;
  if (!channel) return msg.channel.send('Not in a voc channel');
  try {
    const connection = await channel.join();
    connection
      .play(await spdl(url))
      .on('error', e => console.error(e));
    const infos = await spdl.getInfo(url);
    const embed = new MessageEmbed()
      .setTitle(`Now playing: ${infos.title}`)
      .setURL(infos.url)
      .setColor('#1DB954')
      .addField('Artist', infos.artist, true)
      .addField('Duration', formatDuration(infos.duration), true)
      .setThumbnail(infos.thumbnail);
    msg.channel.send(embed);
  } catch (err) {
    console.error(err);
    msg.channel.send(`An error occurred: ${err.message}`);
  }
});

Note

There is nothing illegal here, the module just searches for the song on Youtube and downloads it.

Keywords

spotify
download
spotifydl
spotify-dl
api
dl

FAQs

Package last updated on 21 May 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Socket Now Supports pylock.toml Files

Product

Socket Now Supports pylock.toml Files

Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.

By Trevor Norris  -  Jun 05, 2025