Commit graph

256 commits

Author SHA1 Message Date
c9fadaae20
chore(deps): update PHPStan to v1.8
Upgraded PHPStan from v0.12.72 to v1.8 to leverage improvements and new features. This change includes adjustments to support requirements and package metadata. Ensures compatibility with newer PHP versions and provides enhanced static analysis capabilities.
2024-07-21 11:18:10 +02:00
Pierre Rudloff
3e45f19682
Switch to yt-dlp (fixes #432)
youtube-dl has no new release since 2021
2023-03-30 21:41:08 +02:00
Pierre Rudloff
b52a582539
Stop supporting PHP 7.3 (#430)
It is unmaintained
2023-03-21 20:07:08 +01:00
Pierre Rudloff
8e6e88a2b2
Dependencies update 2023-03-03 00:14:36 +01:00
Pierre Rudloff
4e09393fd9 Update robo to 3.0
To fix a PHP 8 compatibility notice
2022-10-16 15:42:19 +02:00
Pierre Rudloff
1031ad152d Remove every reference to alltubedownload.net (#422) 2022-10-16 15:22:47 +02:00
Pierre Rudloff
ffeda5ea90 Declare allowed composer plugins 2022-06-28 23:05:34 +02:00
Pierre Rudloff
10b7658240 Merge tag '3.0.3' into develop
Fixed a vulnerability that could be used to trigger either an open redirect or a SSRF attack
2022-03-08 09:36:00 +01:00
Pierre Rudloff
8913f27716 Disable the generic extractor entirely
It can be used for SSRF attacks even when redirects are disabled
2022-03-08 09:29:57 +01:00
Pierre Rudloff
7f28275fb0 Merge tag '3.0.2' into develop
Fixed a SSRF vulnerability that could be used to send a request to an internal hostname
2022-02-27 12:34:23 +01:00
Pierre Rudloff
1b099bb983 Patch youtube-dl to disable redirects
In order to prevent SSRF attacks using redirects
2022-02-27 12:30:15 +01:00
Pierre Rudloff
3a4f09dda0 Prevent SSRF requests
By validating the provided URL before passing it to youtube-dl
2022-02-27 11:00:33 +01:00
Pierre Rudloff
e246ab03e9 Partial PHP 8 compatibility
But we still need to update rinvex/countries
2022-02-22 22:58:57 +01:00
Pierre Rudloff
5677ce719a Update youtube-dl to 2021.12.17 (#395) 2022-02-17 22:13:56 +01:00
Pierre Rudloff
655490eeb3 Use HTTPS URLs in composer.json 2022-02-17 22:00:08 +01:00
Pierre Rudloff
ce9b4d9a48 Update Smarty to 4.0 2022-02-06 18:43:08 +01:00
Pierre Rudloff
835170f4b5 Use phpmnd to detect magic numbers 2022-01-27 00:03:37 +01:00
Pierre Rudloff
359c358df1 Symfony 5.0 is not maintained anymore 2022-01-26 23:53:14 +01:00
Pierre Rudloff
55db198d39 Upgrade phpunit to 9.5
So we stop depending on the unmaintained php-token-stream
2021-10-17 21:14:39 +02:00
Pierre Rudloff
f3ffa90a2e Update alltube-library to 0.1.3 2021-05-13 13:03:10 +02:00
Pierre Rudloff
a95d1de67e Update alltube-library to 0.1.2 2021-05-05 21:48:10 +02:00
Pierre Rudloff
b902c9027b Upgrade youtube-dl to 2021.04.01 (fixes #349) 2021-04-02 21:05:50 +02:00
Pierre Rudloff
3cfd450258 Use a stable release of debugbar-smarty 2021-02-11 19:36:11 +01:00
Pierre Rudloff
9a27e7764a Upgrade grumphp to 1.3
In order to use the new securitychecker_enlightn task
2021-02-07 13:40:02 +01:00
Pierre Rudloff
36ba147430 phpstan update 2021-02-07 12:42:03 +01:00
Pierre Rudloff
50fe879f16 Add route info to debug bar 2021-02-07 12:24:16 +01:00
Pierre Rudloff
9af922f3f1 Add Smarty collector to debug bar 2021-02-07 00:03:37 +01:00
Pierre Rudloff
5c0ed594f3 Debug bar 2021-02-06 15:35:09 +01:00
Pierre Rudloff
58f79c5012 Use enlightn/security-checker instead of sensiolabs/security-checker (fixes #342) 2021-02-02 21:26:26 +01:00
Pierre Rudloff
05959b17f0 Upgrade grumphp to 1.1
In order to improve output in CI
2020-11-16 23:31:18 +01:00
Pierre Rudloff
b5a585443a fixup! The youtube-dl repository is back 2020-11-16 23:28:36 +01:00
Pierre Rudloff
81e42057f9 Upgrade composer-dangling-locked-deps to 0.2.1
To fix Composer 2 compatibility
2020-11-16 23:21:32 +01:00
Pierre Rudloff
a800a058fa The youtube-dl repository is back 2020-11-16 20:48:03 +01:00
Pierre Rudloff
17422d8485 Upgrade youtube-dl to 2020.11.01.1 (fixes #326) 2020-11-02 21:09:27 +01:00
Pierre Rudloff
f4a9528b56 Explicitely require PHP >= 7.3 2020-10-28 22:17:27 +01:00
Pierre Rudloff
c15f1e6bba Use a stable release of alltube-library 2020-10-27 23:33:00 +01:00
Pierre Rudloff
e330adec76 Get youtube-dl from PyPI (fixes #323) 2020-10-27 23:18:59 +01:00
Pierre Rudloff
9a12a2d13b Don't install open-sans in vendor 2020-10-20 01:24:36 +02:00
Pierre Rudloff
22bcbbb9ae Upgrade grumphp to 1.0
So tests can be run in parallel
2020-10-20 00:16:56 +02:00
Pierre Rudloff
561b6c8370 Make the CSP compatible with debug tools 2020-10-19 23:59:23 +02:00
Pierre Rudloff
5ee9d457b2 Upgrade youtube-dl to 2020.09 (fixes #300) 2020-10-10 23:05:08 +02:00
Pierre Rudloff
8ab2ed838b Upgrade composer-dangling-locked-deps to 0.2 2020-10-09 23:38:23 +02:00
Pierre Rudloff
4bd121cda2 Disable timeout for "composer test" 2020-09-27 19:50:12 +02:00
Pierre Rudloff
d38b1cd9aa composer-dangling-locked-deps 2020-09-01 12:47:06 +02:00
Pierre Rudloff
3ba720dce0 Get open-sans from Packagist
So we can stop requiring Asset Packagist
2020-07-20 23:04:03 +02:00
Pierre Rudloff
96a75cbf14 Log youtube-dl and ffmpeg commands (fixes #297) 2020-07-15 22:52:38 +02:00
Pierre Rudloff
7e575e1bb2 composer-normalize 2020-07-05 11:58:50 +02:00
Pierre Rudloff
32f0a5012c Use security-checker instead of security-advisories
So it can be checked with grumphp
2020-07-05 03:23:14 +02:00
Pierre Rudloff
7ecfe8cb87 Use autoload-dev for test classes (fixes #293) 2020-07-01 22:58:26 +02:00
Pierre Rudloff
d127964eff Simplify PSR-4 autoload 2020-07-01 22:52:22 +02:00