The python history file (~./pythonhist by default), is created with world readable permissions (644).

(venv)chris:~/ $ ls -l ~/.pythonhist
-rw-r--r--  1 chris  staff  46 Feb 23 11:14 /Users/chris/.pythonhist

This can allow other users on the system to read bpython history, which may include passwords / API keys etc.

I believe the permissions should be 600 upon file creation.