c9fadaae20
chore(deps): update PHPStan to v1.8
...
Upgraded PHPStan from v0.12.72 to v1.8 to leverage improvements and new features. This change includes adjustments to support requirements and package metadata. Ensures compatibility with newer PHP versions and provides enhanced static analysis capabilities.
2024-07-21 11:18:10 +02:00
ac44c0e6cc
feat: embed base64 thumbnails in video objects
...
Embedded video thumbnails as base64 data URIs to enhance performance and ensure portability. Updated CSP to allow 'data:' sources for images, preventing CSP violations when rendering base64 images.
Addresses issues with missing thumbnails and enhances security settings.
2024-07-21 09:47:21 +02:00
d1896f49d4
chore(deps): update multiple dependencies for compatibility
...
Upgraded various dependencies to their latest versions. Key updates include:
- `clue/stream-filter`: v1.6.0 to v1.7.0
- `composer/installers`: v2.2.0 to v2.3.0
- `guzzlehttp/promises`: 1.5.2 to 1.5.3
- `jawira/case-converter`: v3.4.6 to v3.5.1
- `paragonie/constant_time_encoding`: v2.6.3 to v2.7.0
- `paragonie/csp-builder`: v2.8.0 to v2.9.0
- `php-http/client-common`: 2.6.0 to 2.7.1
- `php-http/discovery`: 1.15.2 to 1.19.4
- `php-http/httplug`: 2.3.0 to 2.4.0
- `php-http/message`: 1.13.0 to 1.16.1
- `php-http/message-factory`: v1.0.2 to 1.1.0
- `php-http/promise`: 1.1.0 to 1.3.1
- `psr/container`: 1.1.1 to 1.1.2
- `psr/http-client`: 1.0.1 to 1.0.3
- `psr/http-factory`: 1.0.1 to 1.1.0
- `slim/slim`: 3.12.4 to 3.12.5
- `smarty/smarty`: v4.3.1 to v4.5.3
- `symfony/console`: v5.4.21 to v5.4.41
- `symfony/deprecation-contracts`: v2.5.2 to v2.5.3
- `symfony/finder`: v5.4.21 to v5.4.40
- `symfony/options-resolver`: v5.4.21 to v5.4.40
- `symfony/polyfill-*`: various to 1.30.0
- `symfony/process`: v5.4.21 to v5.4.40
- `symfony/service-contracts`: v2.5.2 to v2.5.3
- `symfony/string`: v5.4.21 to v5.4.41
- `symfony/translation-contracts`: v2.5.2 to v2.5.3
- `amphp/amp`: v2.6.2 to v2.6.4
- `amphp/byte-stream`: v1.8.1 to v1.8.2
- `amphp/parallel`: v1.4.2 to v1.4.3
- `amphp/parser`: v1.0.0 to v1.1.1
- `amphp/process`: v1.1.4 to v1.1.7
- `composer/semver`: 3.3.2 to 3.4.2
- `consolidation/annotated-command`: 4.8.1 to 4.10.0
- `consolidation/output-formatters`: 4.2.4 to 4.5.0
- `consolidation/robo`: 3.0.11 to 3.0.12
- `consolidation/self-update`: 2.1.0 to 2.2.0
- `dflydev/dot-access-data`: v3.0.2 to v3.0.3
- `doctrine/deprecations`: v1.0.0 to 1.1.3
- `enlightn/security-checker`: v1.10.0 to v1.11.0
- `ergebnis/composer-normalize`: 2.20.0 to 2.43.0
- `guzzlehttp/promises`: 1.5.2 to 1.5.3
- `justinrainbow/json-schema`: 5.2.12 to 5.3.0
- `league/container`: 4.2.0 to 4.2.2
- `mockery/mockery`: 1.5.1 to 1.6.12
- `monolog/monolog`: 2.9.1 to 2.9.3
- `myclabs/deep-copy`: 1.11.0 to 1.12.0
- `nikic/php-parser`: v4.15.3 to v4.19.1
- `ondram/ci-detector`: 4.1.0 to 4.2.0
- `phar-io/manifest`: 2.0.3 to 2.0.4
- `php-mock/php-mock`: 2.4.0 to 2.5.0
- `phpunit/php-code-coverage`: 9.2.25 to 9.2.31
- `phpunit/phpunit`: 9.6.4 to 9.6.20
- `sebastian/cli-parser`: 1.0.1 to 1.0.2
- `sebastian/diff`: 4.0.4 to 4.0.6
- `sebastian/ lines-of-code`: 1.0.3 to 1.0.4
and many more.
This ensures compatibility with newer versions, security improvements, and overall system stability.
2024-07-21 08:51:05 +02:00
a8fbb72163
chore: update .gitignore to exclude composer.phar
...
Adding composer.phar to .gitignore to prevent the inclusion of the Composer binary in the repository. This ensures local dependencies are not accidentally committed, promoting a cleaner codebase.
2024-07-21 08:47:29 +02:00
Pierre Rudloff
ec95a8f1b7
Merge branch 'release/3.2.0-alpha'
2023-04-22 23:21:32 +02:00
Pierre Rudloff
a9da2314af
Merge branch 'master' into develop
2023-04-22 23:16:52 +02:00
dependabot[bot]
fcb3d2e84c
Bump guzzlehttp/psr7 from 1.9.0 to 1.9.1 ( #436 )
...
Bumps [guzzlehttp/psr7](https://github.com/guzzle/psr7 ) from 1.9.0 to 1.9.1.
- [Release notes](https://github.com/guzzle/psr7/releases )
- [Changelog](https://github.com/guzzle/psr7/blob/1.9.1/CHANGELOG.md )
- [Commits](https://github.com/guzzle/psr7/compare/1.9.0...1.9.1 )
---
updated-dependencies:
- dependency-name: guzzlehttp/psr7
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-19 23:47:18 +02:00
Pierre Rudloff
f09b7b43d7
Merge branch 'master' into develop
2023-03-30 21:46:49 +02:00
dependabot[bot]
a4146a63c8
Bump smarty/smarty from 4.3.0 to 4.3.1 ( #431 )
...
Bumps [smarty/smarty](https://github.com/smarty-php/smarty ) from 4.3.0 to 4.3.1.
- [Release notes](https://github.com/smarty-php/smarty/releases )
- [Changelog](https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md )
- [Commits](https://github.com/smarty-php/smarty/compare/v4.3.0...v4.3.1 )
---
updated-dependencies:
- dependency-name: smarty/smarty
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-30 21:46:39 +02:00
Pierre Rudloff
3e45f19682
Switch to yt-dlp ( fixes #432 )
...
youtube-dl has no new release since 2021
2023-03-30 21:41:08 +02:00
Pierre Rudloff
9564764633
ucfirst Smarty modifier is deprecated
...
See https://github.com/smarty-php/smarty/issues/813
2023-03-21 20:25:47 +01:00
Pierre Rudloff
71647158d3
Stronger typying now that we target PHP 7.4
2023-03-21 20:20:14 +01:00
Pierre Rudloff
b23ce88be8
fixup! fix dockerfile permission issue ( #426 )
2023-03-21 20:07:31 +01:00
Pierre Rudloff
b52a582539
Stop supporting PHP 7.3 ( #430 )
...
It is unmaintained
2023-03-21 20:07:08 +01:00
Pierre Rudloff
7bfe55fff6
"git describe" needs to be non-interactive so we can get its output
2023-03-11 14:37:28 +01:00
Pierre Rudloff
9d8bff3c42
Updated robo to 3.0
...
Various dependencies update
-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAAZcAAAAHc3NoLXJzYQAAAAMBAAEAAAGBAJ1cjUGHGZz2Xlnuxq9dZ2
wA/r2ineVomdWGZBiq9GYcfUirCaArD49YsXbdQKkcHhrQ+gMUNQP4iOWjuPBG5WAPrORz
LXUXwmk0UHdEPdJ2LymHXQsyYyHaldikt3gfsiD0ny/Uf3V9lL3vnrEUhQAxIYN87RaQun
OL0S5y5wOp3vr8DwMlvAUDfZbzZgJ56nzVWRElVLNuQCQSZta9imqnJpzHQf4KTMut191S
hgQjBA0TWeOAqGVeIMOctLqNY1gL5QUSyg5RYmBHjResH8tnOkfPElE1Ih19MCCQ9Eaubw
g1cS6Ls6LgbTIdvyMud6ep+0iF3ifj0g7w1X6NvQfQp0JcWkU3eXyQfOGjdePZG9Kn+27Q
EeMv47cyCGuMdGbpbFoD/yR82T2n78rPmxbYEnPnJSmuy30Wi8reYeaQUP2z+Krexk5tGQ
a/thYIk1yhN+Ui3nSr78sATwgqateS6VvNw8nY315PUzmf4Bk0kDCnj7Q7z4wenHAhkayU
FwAAAANnaXQAAAAAAAAABnNoYTUxMgAAAZQAAAAMcnNhLXNoYTItNTEyAAABgG9ULjUS0q
UP06d9PYGfxYL3aADqwS5eczhU4B3QsUD5aab3q1qbqUfkRZ7Gvhy3lK4UXJvyy5kGC5Ba
1u+WBlCuX4ki6Vgum0skw612V5cKOdcr5eDDc5jYRPwNd3P/Aa/YoBc1Ev4a1Ozlj9g2MR
2XmDHxaoW6tzjsGYgPhihr1eIDAQm+BxeccDdjs9lsSiHfpcW6Vg7MdBzxZFPBEbpeEp6I
WsvWVntjwBKFXG+cx/nBq+HNwdBHOq5ncE3eLHG7loNb5O3cof9t8Y91z+P6Cnw8r6lulu
RIOgBfv/fIgZTIXq/UZ/bjUmbDrpCfDm2mtSi57X4Iaj5ZBXAu0tGwl46ZhGjDnwxBcBGn
DcaLWUhVL19JEhKwq3APdV++ZEpeU4+G4VbuYvjbLe3kT/S/AMaw/5H1D7CFPQB30AeLbl
l+1QWoc3bW8rY0FqBHpaFl5mgvu3VL23H8O+VhrzueM/CK22aaBt86bvUVHQnqLnQQ82xo
oARjISpOfp0xjw==
-----END SSH SIGNATURE-----
gpgsig -----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAAZcAAAAHc3NoLXJzYQAAAAMBAAEAAAGBAJ1cjUGHGZz2Xlnuxq9dZ2
wA/r2ineVomdWGZBiq9GYcfUirCaArD49YsXbdQKkcHhrQ+gMUNQP4iOWjuPBG5WAPrORz
LXUXwmk0UHdEPdJ2LymHXQsyYyHaldikt3gfsiD0ny/Uf3V9lL3vnrEUhQAxIYN87RaQun
OL0S5y5wOp3vr8DwMlvAUDfZbzZgJ56nzVWRElVLNuQCQSZta9imqnJpzHQf4KTMut191S
hgQjBA0TWeOAqGVeIMOctLqNY1gL5QUSyg5RYmBHjResH8tnOkfPElE1Ih19MCCQ9Eaubw
g1cS6Ls6LgbTIdvyMud6ep+0iF3ifj0g7w1X6NvQfQp0JcWkU3eXyQfOGjdePZG9Kn+27Q
EeMv47cyCGuMdGbpbFoD/yR82T2n78rPmxbYEnPnJSmuy30Wi8reYeaQUP2z+Krexk5tGQ
a/thYIk1yhN+Ui3nSr78sATwgqateS6VvNw8nY315PUzmf4Bk0kDCnj7Q7z4wenHAhkayU
FwAAAANnaXQAAAAAAAAABnNoYTUxMgAAAZQAAAAMcnNhLXNoYTItNTEyAAABgJrUC15ar9
VQj/LfmlMNN7+ec1D17Bk4q7/XH27FgUyRCHXLFS4hm0GhtjIZAaA9jErCt23NcAFan7cI
WQyL6AAqqq/DOshmaYXY7Zj+5vQXbiJjDcGu1IsdGEFAA/DIAr721vxfKrri3aArucWK3T
ymPliFOqhL1qyxKqFxrADJmcqZeL9XzoQ0RHxayyN8XRYf5Px8vrmxkgvcI7wiy2W554qk
3DR7UlcHX/rg1H8B6W+PO7WK0JWdFoRRR/EErmo2VzCfEo/3USxJPPNUrhEv6K02WUVzib
1ac6cjuIsb0xHE2zVQO6hgpIH9L73Ef6pOUcEnlu2zqE1FPgJc5u0q5MDXQyNMGTtcKk8U
/UfNJw55umSMneOTHnhZ3AfmNYAmxWGGfwpbc2Y/rrOdBXWVhJzoPZWRKuOANk65+9NIjC
20KLEeZSvodADv+f+WGrsVDHB2NUKLG5YuuWANH/s07a9Mm7I/XedWgRE7wh/WzfT93XKn
BwDuEKTCMHOZwQ==
-----END SSH SIGNATURE-----
Merge tag '3.1.1' into develop
Updated robo to 3.0
Various dependencies update
2023-03-11 14:32:35 +01:00
Pierre Rudloff
2bef4d551d
Merge branch 'release/3.1.1'
2023-03-11 14:30:30 +01:00
Pierre Rudloff
f475fa2a47
Lint
2023-03-03 00:18:00 +01:00
Pierre Rudloff
8e6e88a2b2
Dependencies update
2023-03-03 00:14:36 +01:00
Pierre Rudloff
2d60fd32ef
Merge branch 'master' into develop
2022-11-07 21:20:44 +01:00
Pierre Rudloff
f32412e861
fixup! fix dockerfile permission issue ( #426 )
2022-11-07 21:19:52 +01:00
Samuel Tan
d060650833
fix dockerfile permission issue ( #426 )
2022-10-25 22:43:26 +02:00
Pierre Rudloff
4e09393fd9
Update robo to 3.0
...
To fix a PHP 8 compatibility notice
2022-10-16 15:42:19 +02:00
Pierre Rudloff
5d5a6624b8
Merge tag '3.1.0' into develop
...
Removed every reference to alltubedownload.net (#422 )
Updated youtube-dl to 2021.12.17
Updated alltube-library to 0.1.3
Updated Smarty to 4.0
PHP 8 compatibility
Various refactoring and typying improvement
2022-10-16 15:36:55 +02:00
Pierre Rudloff
36a91c8d4d
Merge branch 'release/3.1.0'
2022-10-16 15:36:37 +02:00
Pierre Rudloff
1031ad152d
Remove every reference to alltubedownload.net ( #422 )
2022-10-16 15:22:47 +02:00
Pierre Rudloff
87e30f2e87
Merge branch 'master' into develop
2022-10-16 15:16:38 +02:00
dependabot[bot]
3b6b1f0387
Bump smarty/smarty from 3.1.45 to 3.1.47 ( #425 )
...
Bumps smarty/smarty from 3.1.45 to 3.1.47.
---
updated-dependencies:
- dependency-name: smarty/smarty
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-25 15:09:49 +02:00
Pierre Rudloff
b95fed4935
Update phpstan
...
To fix compatibility with PHP 8.1
2022-06-28 23:08:03 +02:00
Pierre Rudloff
b5f757b562
Merge branch 'master' into develop
2022-06-28 23:07:07 +02:00
Pierre Rudloff
ffeda5ea90
Declare allowed composer plugins
2022-06-28 23:05:34 +02:00
Pierre Rudloff
e9efc6ef71
Update symfony/string
...
To avoid redeclaring functions that already exist: af4b27f47b
2022-06-28 23:04:03 +02:00
dependabot[bot]
550371db7c
Bump guzzlehttp/guzzle from 6.5.7 to 6.5.8 ( #418 )
...
Bumps [guzzlehttp/guzzle](https://github.com/guzzle/guzzle ) from 6.5.7 to 6.5.8.
- [Release notes](https://github.com/guzzle/guzzle/releases )
- [Changelog](https://github.com/guzzle/guzzle/blob/6.5.8/CHANGELOG.md )
- [Commits](https://github.com/guzzle/guzzle/compare/6.5.7...6.5.8 )
---
updated-dependencies:
- dependency-name: guzzlehttp/guzzle
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-28 22:52:44 +02:00
dependabot[bot]
4e826e554d
Bump guzzlehttp/guzzle from 6.5.6 to 6.5.7 ( #415 )
...
Bumps [guzzlehttp/guzzle](https://github.com/guzzle/guzzle ) from 6.5.6 to 6.5.7.
- [Release notes](https://github.com/guzzle/guzzle/releases )
- [Changelog](https://github.com/guzzle/guzzle/blob/6.5.7/CHANGELOG.md )
- [Commits](https://github.com/guzzle/guzzle/compare/6.5.6...6.5.7 )
---
updated-dependencies:
- dependency-name: guzzlehttp/guzzle
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-14 22:05:02 +02:00
Pierre Rudloff
1055ce0c4b
Merge branch 'master' into develop
2022-06-08 00:10:34 +02:00
Pierre Rudloff
57dd9a7dd3
Convert issue template to form
2022-06-08 00:08:01 +02:00
Pierre Rudloff
e53393d670
Force port for canonical URL ( #410 )
2022-06-01 21:57:46 +02:00
Pierre Rudloff
f6ae6eded3
Merge branch 'master' into develop
2022-05-28 23:52:51 +02:00
dependabot[bot]
e7fd4c6bc4
Bump guzzlehttp/guzzle from 6.5.5 to 6.5.6 ( #412 )
...
Bumps [guzzlehttp/guzzle](https://github.com/guzzle/guzzle ) from 6.5.5 to 6.5.6.
- [Release notes](https://github.com/guzzle/guzzle/releases )
- [Changelog](https://github.com/guzzle/guzzle/blob/6.5.6/CHANGELOG.md )
- [Commits](https://github.com/guzzle/guzzle/compare/6.5.5...6.5.6 )
---
updated-dependencies:
- dependency-name: guzzlehttp/guzzle
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-28 23:50:56 +02:00
dependabot[bot]
b894cdd6ce
Bump smarty/smarty from 3.1.43 to 3.1.45 ( #413 )
...
Bumps smarty/smarty from 3.1.43 to 3.1.45.
---
updated-dependencies:
- dependency-name: smarty/smarty
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-28 23:50:20 +02:00
Pierre Rudloff
e81b8c75a8
Add void return types
2022-05-28 23:44:34 +02:00
Pierre Rudloff
e3187a7258
Merge branch 'master' into develop
2022-04-07 22:15:36 +02:00
Liu Wenyuan
1d1e804b71
Update (redo) zh_CN translation ( #369 )
2022-04-07 22:14:08 +02:00
dependabot[bot]
6731fcdf96
Bump guzzlehttp/psr7 from 1.6.1 to 1.8.5 ( #406 )
...
Bumps [guzzlehttp/psr7](https://github.com/guzzle/psr7 ) from 1.6.1 to 1.8.5.
- [Release notes](https://github.com/guzzle/psr7/releases )
- [Changelog](https://github.com/guzzle/psr7/blob/1.8.5/CHANGELOG.md )
- [Commits](https://github.com/guzzle/psr7/compare/1.6.1...1.8.5 )
---
updated-dependencies:
- dependency-name: guzzlehttp/psr7
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-30 09:11:45 +02:00
Pierre Rudloff
10b7658240
Merge tag '3.0.3' into develop
...
Fixed a vulnerability that could be used to trigger either an open redirect or a SSRF attack
2022-03-08 09:36:00 +01:00
Pierre Rudloff
3d09289104
Merge branch 'hotfix/3.0.3'
2022-03-08 09:33:44 +01:00
Pierre Rudloff
8913f27716
Disable the generic extractor entirely
...
It can be used for SSRF attacks even when redirects are disabled
2022-03-08 09:29:57 +01:00
Pierre Rudloff
113b3d5e50
Some videos have no format
2022-03-06 22:55:33 +01:00
Pierre Rudloff
edaf6f82c0
fixup! LinkHeaderMiddleware should use the same URL as ViewFactory This way the X-Forwarded-Path header is used to generate the Link header
2022-02-27 23:47:19 +01:00
Pierre Rudloff
f814ebc492
Missing exception in @throws tag
2022-02-27 23:45:59 +01:00