PrivateCoffee/alltube
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
1596 commits 1 branch 0 tags 4.5 MiB
Commit graph

338 commits

Author SHA1 Message Date
Kumi
c9fadaae20
chore(deps): update PHPStan to v1.8 
Upgraded PHPStan from v0.12.72 to v1.8 to leverage improvements and new features. This change includes adjustments to support requirements and package metadata. Ensures compatibility with newer PHP versions and provides enhanced static analysis capabilities.
 2024-07-21 11:18:10 +02:00
Kumi
d1896f49d4
chore(deps): update multiple dependencies for compatibility 
Upgraded various dependencies to their latest versions. Key updates include:

- `clue/stream-filter`: v1.6.0 to v1.7.0
- `composer/installers`: v2.2.0 to v2.3.0
- `guzzlehttp/promises`: 1.5.2 to 1.5.3
- `jawira/case-converter`: v3.4.6 to v3.5.1
- `paragonie/constant_time_encoding`: v2.6.3 to v2.7.0
- `paragonie/csp-builder`: v2.8.0 to v2.9.0
- `php-http/client-common`: 2.6.0 to 2.7.1
- `php-http/discovery`: 1.15.2 to 1.19.4
- `php-http/httplug`: 2.3.0 to 2.4.0
- `php-http/message`: 1.13.0 to 1.16.1
- `php-http/message-factory`: v1.0.2 to 1.1.0
- `php-http/promise`: 1.1.0 to 1.3.1
- `psr/container`: 1.1.1 to 1.1.2
- `psr/http-client`: 1.0.1 to 1.0.3
- `psr/http-factory`: 1.0.1 to 1.1.0
- `slim/slim`: 3.12.4 to 3.12.5
- `smarty/smarty`: v4.3.1 to v4.5.3
- `symfony/console`: v5.4.21 to v5.4.41
- `symfony/deprecation-contracts`: v2.5.2 to v2.5.3
- `symfony/finder`: v5.4.21 to v5.4.40
- `symfony/options-resolver`: v5.4.21 to v5.4.40
- `symfony/polyfill-*`: various to 1.30.0
- `symfony/process`: v5.4.21 to v5.4.40
- `symfony/service-contracts`: v2.5.2 to v2.5.3
- `symfony/string`: v5.4.21 to v5.4.41
- `symfony/translation-contracts`: v2.5.2 to v2.5.3
- `amphp/amp`: v2.6.2 to v2.6.4
- `amphp/byte-stream`: v1.8.1 to v1.8.2
- `amphp/parallel`: v1.4.2 to v1.4.3
- `amphp/parser`: v1.0.0 to v1.1.1
- `amphp/process`: v1.1.4 to v1.1.7
- `composer/semver`: 3.3.2 to 3.4.2
- `consolidation/annotated-command`: 4.8.1 to 4.10.0
- `consolidation/output-formatters`: 4.2.4 to 4.5.0
- `consolidation/robo`: 3.0.11 to 3.0.12
- `consolidation/self-update`: 2.1.0 to 2.2.0
- `dflydev/dot-access-data`: v3.0.2 to v3.0.3
- `doctrine/deprecations`: v1.0.0 to 1.1.3
- `enlightn/security-checker`: v1.10.0 to v1.11.0
- `ergebnis/composer-normalize`: 2.20.0 to 2.43.0
- `guzzlehttp/promises`: 1.5.2 to 1.5.3
- `justinrainbow/json-schema`: 5.2.12 to 5.3.0
- `league/container`: 4.2.0 to 4.2.2
- `mockery/mockery`: 1.5.1 to 1.6.12
- `monolog/monolog`: 2.9.1 to 2.9.3
- `myclabs/deep-copy`: 1.11.0 to 1.12.0
- `nikic/php-parser`: v4.15.3 to v4.19.1
- `ondram/ci-detector`: 4.1.0 to 4.2.0
- `phar-io/manifest`: 2.0.3 to 2.0.4
- `php-mock/php-mock`: 2.4.0 to 2.5.0
- `phpunit/php-code-coverage`: 9.2.25 to 9.2.31
- `phpunit/phpunit`: 9.6.4 to 9.6.20
- `sebastian/cli-parser`: 1.0.1 to 1.0.2
- `sebastian/diff`: 4.0.4 to 4.0.6
- `sebastian/ lines-of-code`: 1.0.3 to 1.0.4
and many more.

This ensures compatibility with newer versions, security improvements, and overall system stability.
 2024-07-21 08:51:05 +02:00
Pierre Rudloff
a9da2314af
Merge branch 'master' into develop 2023-04-22 23:16:52 +02:00
dependabot[bot]
fcb3d2e84c
Bump guzzlehttp/psr7 from 1.9.0 to 1.9.1 (#436) 
Bumps [guzzlehttp/psr7](https://github.com/guzzle/psr7) from 1.9.0 to 1.9.1.
- [Release notes](https://github.com/guzzle/psr7/releases)
- [Changelog](https://github.com/guzzle/psr7/blob/1.9.1/CHANGELOG.md)
- [Commits](https://github.com/guzzle/psr7/compare/1.9.0...1.9.1)

---
updated-dependencies:
- dependency-name: guzzlehttp/psr7
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-19 23:47:18 +02:00
Pierre Rudloff
f09b7b43d7
Merge branch 'master' into develop 2023-03-30 21:46:49 +02:00
dependabot[bot]
a4146a63c8
Bump smarty/smarty from 4.3.0 to 4.3.1 (#431) 
Bumps [smarty/smarty](https://github.com/smarty-php/smarty) from 4.3.0 to 4.3.1.
- [Release notes](https://github.com/smarty-php/smarty/releases)
- [Changelog](https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md)
- [Commits](https://github.com/smarty-php/smarty/compare/v4.3.0...v4.3.1)

---
updated-dependencies:
- dependency-name: smarty/smarty
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-30 21:46:39 +02:00
Pierre Rudloff
3e45f19682
Switch to yt-dlp (fixes #432) 
youtube-dl has no new release since 2021
 2023-03-30 21:41:08 +02:00
Pierre Rudloff
b52a582539
Stop supporting PHP 7.3 (#430) 
It is unmaintained
 2023-03-21 20:07:08 +01:00
Pierre Rudloff
8e6e88a2b2
Dependencies update 2023-03-03 00:14:36 +01:00
Pierre Rudloff
4e09393fd9 Update robo to 3.0 
To fix a PHP 8 compatibility notice
 2022-10-16 15:42:19 +02:00
Pierre Rudloff
87e30f2e87 Merge branch 'master' into develop 2022-10-16 15:16:38 +02:00
dependabot[bot]
3b6b1f0387
Bump smarty/smarty from 3.1.45 to 3.1.47 (#425) 
Bumps smarty/smarty from 3.1.45 to 3.1.47.

---
updated-dependencies:
- dependency-name: smarty/smarty
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-09-25 15:09:49 +02:00
Pierre Rudloff
b95fed4935 Update phpstan 
To fix compatibility with PHP 8.1
 2022-06-28 23:08:03 +02:00
Pierre Rudloff
b5f757b562 Merge branch 'master' into develop 2022-06-28 23:07:07 +02:00
Pierre Rudloff
ffeda5ea90 Declare allowed composer plugins 2022-06-28 23:05:34 +02:00
Pierre Rudloff
e9efc6ef71 Update symfony/string 
To avoid redeclaring functions that already exist: af4b27f47b
 2022-06-28 23:04:03 +02:00
dependabot[bot]
550371db7c
Bump guzzlehttp/guzzle from 6.5.7 to 6.5.8 (#418) 
Bumps [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) from 6.5.7 to 6.5.8.
- [Release notes](https://github.com/guzzle/guzzle/releases)
- [Changelog](https://github.com/guzzle/guzzle/blob/6.5.8/CHANGELOG.md)
- [Commits](https://github.com/guzzle/guzzle/compare/6.5.7...6.5.8)

---
updated-dependencies:
- dependency-name: guzzlehttp/guzzle
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-28 22:52:44 +02:00
dependabot[bot]
4e826e554d
Bump guzzlehttp/guzzle from 6.5.6 to 6.5.7 (#415) 
Bumps [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) from 6.5.6 to 6.5.7.
- [Release notes](https://github.com/guzzle/guzzle/releases)
- [Changelog](https://github.com/guzzle/guzzle/blob/6.5.7/CHANGELOG.md)
- [Commits](https://github.com/guzzle/guzzle/compare/6.5.6...6.5.7)

---
updated-dependencies:
- dependency-name: guzzlehttp/guzzle
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-14 22:05:02 +02:00
Pierre Rudloff
f6ae6eded3 Merge branch 'master' into develop 2022-05-28 23:52:51 +02:00
dependabot[bot]
e7fd4c6bc4
Bump guzzlehttp/guzzle from 6.5.5 to 6.5.6 (#412) 
Bumps [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) from 6.5.5 to 6.5.6.
- [Release notes](https://github.com/guzzle/guzzle/releases)
- [Changelog](https://github.com/guzzle/guzzle/blob/6.5.6/CHANGELOG.md)
- [Commits](https://github.com/guzzle/guzzle/compare/6.5.5...6.5.6)

---
updated-dependencies:
- dependency-name: guzzlehttp/guzzle
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-05-28 23:50:56 +02:00
dependabot[bot]
b894cdd6ce
Bump smarty/smarty from 3.1.43 to 3.1.45 (#413) 
Bumps smarty/smarty from 3.1.43 to 3.1.45.

---
updated-dependencies:
- dependency-name: smarty/smarty
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-05-28 23:50:20 +02:00
Pierre Rudloff
e3187a7258 Merge branch 'master' into develop 2022-04-07 22:15:36 +02:00
dependabot[bot]
6731fcdf96
Bump guzzlehttp/psr7 from 1.6.1 to 1.8.5 (#406) 
Bumps [guzzlehttp/psr7](https://github.com/guzzle/psr7) from 1.6.1 to 1.8.5.
- [Release notes](https://github.com/guzzle/psr7/releases)
- [Changelog](https://github.com/guzzle/psr7/blob/1.8.5/CHANGELOG.md)
- [Commits](https://github.com/guzzle/psr7/compare/1.6.1...1.8.5)

---
updated-dependencies:
- dependency-name: guzzlehttp/psr7
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-30 09:11:45 +02:00
Pierre Rudloff
10b7658240 Merge tag '3.0.3' into develop 
Fixed a vulnerability that could be used to trigger either an open redirect or a SSRF attack
 2022-03-08 09:36:00 +01:00
Pierre Rudloff
8913f27716 Disable the generic extractor entirely 
It can be used for SSRF attacks even when redirects are disabled
 2022-03-08 09:29:57 +01:00
Pierre Rudloff
7f28275fb0 Merge tag '3.0.2' into develop 
Fixed a SSRF vulnerability that could be used to send a request to an internal hostname
 2022-02-27 12:34:23 +01:00
Pierre Rudloff
1b099bb983 Patch youtube-dl to disable redirects 
In order to prevent SSRF attacks using redirects
 2022-02-27 12:30:15 +01:00
Pierre Rudloff
3a4f09dda0 Prevent SSRF requests 
By validating the provided URL before passing it to youtube-dl
 2022-02-27 11:00:33 +01:00
Pierre Rudloff
e246ab03e9 Partial PHP 8 compatibility 
But we still need to update rinvex/countries
 2022-02-22 22:58:57 +01:00
Pierre Rudloff
e567f9c9fa Update annotated-command 
To fix PHP 8 compatibility issues: https://github.com/consolidation/annotated-command/pull/210
 2022-02-20 14:19:41 +01:00
Pierre Rudloff
5677ce719a Update youtube-dl to 2021.12.17 (#395) 2022-02-17 22:13:56 +01:00
Pierre Rudloff
655490eeb3 Use HTTPS URLs in composer.json 2022-02-17 22:00:08 +01:00
Pierre Rudloff
ce9b4d9a48 Update Smarty to 4.0 2022-02-06 18:43:08 +01:00
Pierre Rudloff
835170f4b5 Use phpmnd to detect magic numbers 2022-01-27 00:03:37 +01:00
Pierre Rudloff
359c358df1 Symfony 5.0 is not maintained anymore 2022-01-26 23:53:14 +01:00
Pierre Rudloff
8f3f1cdaf8 Merge branch 'master' into develop 2022-01-17 20:14:06 +01:00
dependabot[bot]
fb78ecb410 Bump smarty/smarty from 3.1.39 to 3.1.43 (#383) 
Bumps smarty/smarty from 3.1.39 to 3.1.43.

---
updated-dependencies:
- dependency-name: smarty/smarty
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-13 00:05:49 +01:00
Pierre Rudloff
55db198d39 Upgrade phpunit to 9.5 
So we stop depending on the unmaintained php-token-stream
 2021-10-17 21:14:39 +02:00
Pierre Rudloff
f3ffa90a2e Update alltube-library to 0.1.3 2021-05-13 13:03:10 +02:00
Pierre Rudloff
a95d1de67e Update alltube-library to 0.1.2 2021-05-05 21:48:10 +02:00
Pierre Rudloff
b902c9027b Upgrade youtube-dl to 2021.04.01 (fixes #349) 2021-04-02 21:05:50 +02:00
Pierre Rudloff
97d6532388 Merge branch 'master' into develop 2021-02-26 22:53:09 +01:00
dependabot[bot]
6ab19b6d84
Bump smarty/smarty from 3.1.33 to 3.1.39 (#346) 
Bumps smarty/smarty from 3.1.33 to 3.1.39.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-02-26 22:48:17 +01:00
Pierre Rudloff
3cfd450258 Use a stable release of debugbar-smarty 2021-02-11 19:36:11 +01:00
Pierre Rudloff
9a27e7764a Upgrade grumphp to 1.3 
In order to use the new securitychecker_enlightn task
 2021-02-07 13:40:02 +01:00
Pierre Rudloff
36ba147430 phpstan update 2021-02-07 12:42:03 +01:00
Pierre Rudloff
50fe879f16 Add route info to debug bar 2021-02-07 12:24:16 +01:00
Pierre Rudloff
9af922f3f1 Add Smarty collector to debug bar 2021-02-07 00:03:37 +01:00
Pierre Rudloff
5c0ed594f3 Debug bar 2021-02-06 15:35:09 +01:00
Pierre Rudloff
58f79c5012 Use enlightn/security-checker instead of sensiolabs/security-checker (fixes #342) 2021-02-02 21:26:26 +01:00