My Question or Issue
Your Debian repository under repository.spotify.com is out-of-date for some time now (1.1.42). The only way to get an up-to-date version of Spotify is through snapcraft (1.1.46 and 1.1.52)
There are several reasons not to like snap and snapcraft but I don't want to go into too much detail since most of them are subjective.
But fact is: Your Debian repository provides a GPG signature for the 'Release' file which contains the checksums for the actual *.deb package.
By trusting your GPG signature it is possible to check the spotify package for authenticity (Release.gpg -> Release -> (checksum) -> *.deb)
There's no GPG signature on snapcraft (at least I can't find one). And since there is no way to check for authenticity we don't only have to trust you, but also snapcraft/Canonical. This brings a whole new set of concerns
What are your future plans for Spotify on Linux? Will the Debian repository see updates again?
As far as I can tell there are a few possible solutions to this
- Continue updating the Debian repository
- Provide an AppImage signed with your GPG key, ideally from *.spotify.com
- Provide the Linux Spotify as ZIP or tarball signed with your GPG key, ideally from *.spotify.com