PrivateCoffee/alltube
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
1582 commits 1 branch 0 tags 4.5 MiB
Commit graph

253 commits

Author SHA1 Message Date
Pierre Rudloff
8e6e88a2b2
Dependencies update 2023-03-03 00:14:36 +01:00
Pierre Rudloff
4e09393fd9 Update robo to 3.0 
To fix a PHP 8 compatibility notice
 2022-10-16 15:42:19 +02:00
Pierre Rudloff
1031ad152d Remove every reference to alltubedownload.net (#422) 2022-10-16 15:22:47 +02:00
Pierre Rudloff
ffeda5ea90 Declare allowed composer plugins 2022-06-28 23:05:34 +02:00
Pierre Rudloff
10b7658240 Merge tag '3.0.3' into develop 
Fixed a vulnerability that could be used to trigger either an open redirect or a SSRF attack
 2022-03-08 09:36:00 +01:00
Pierre Rudloff
8913f27716 Disable the generic extractor entirely 
It can be used for SSRF attacks even when redirects are disabled
 2022-03-08 09:29:57 +01:00
Pierre Rudloff
7f28275fb0 Merge tag '3.0.2' into develop 
Fixed a SSRF vulnerability that could be used to send a request to an internal hostname
 2022-02-27 12:34:23 +01:00
Pierre Rudloff
1b099bb983 Patch youtube-dl to disable redirects 
In order to prevent SSRF attacks using redirects
 2022-02-27 12:30:15 +01:00
Pierre Rudloff
3a4f09dda0 Prevent SSRF requests 
By validating the provided URL before passing it to youtube-dl
 2022-02-27 11:00:33 +01:00
Pierre Rudloff
e246ab03e9 Partial PHP 8 compatibility 
But we still need to update rinvex/countries
 2022-02-22 22:58:57 +01:00
Pierre Rudloff
5677ce719a Update youtube-dl to 2021.12.17 (#395) 2022-02-17 22:13:56 +01:00
Pierre Rudloff
655490eeb3 Use HTTPS URLs in composer.json 2022-02-17 22:00:08 +01:00
Pierre Rudloff
ce9b4d9a48 Update Smarty to 4.0 2022-02-06 18:43:08 +01:00
Pierre Rudloff
835170f4b5 Use phpmnd to detect magic numbers 2022-01-27 00:03:37 +01:00
Pierre Rudloff
359c358df1 Symfony 5.0 is not maintained anymore 2022-01-26 23:53:14 +01:00
Pierre Rudloff
55db198d39 Upgrade phpunit to 9.5 
So we stop depending on the unmaintained php-token-stream
 2021-10-17 21:14:39 +02:00
Pierre Rudloff
f3ffa90a2e Update alltube-library to 0.1.3 2021-05-13 13:03:10 +02:00
Pierre Rudloff
a95d1de67e Update alltube-library to 0.1.2 2021-05-05 21:48:10 +02:00
Pierre Rudloff
b902c9027b Upgrade youtube-dl to 2021.04.01 (fixes #349) 2021-04-02 21:05:50 +02:00
Pierre Rudloff
3cfd450258 Use a stable release of debugbar-smarty 2021-02-11 19:36:11 +01:00
Pierre Rudloff
9a27e7764a Upgrade grumphp to 1.3 
In order to use the new securitychecker_enlightn task
 2021-02-07 13:40:02 +01:00
Pierre Rudloff
36ba147430 phpstan update 2021-02-07 12:42:03 +01:00
Pierre Rudloff
50fe879f16 Add route info to debug bar 2021-02-07 12:24:16 +01:00
Pierre Rudloff
9af922f3f1 Add Smarty collector to debug bar 2021-02-07 00:03:37 +01:00
Pierre Rudloff
5c0ed594f3 Debug bar 2021-02-06 15:35:09 +01:00
Pierre Rudloff
58f79c5012 Use enlightn/security-checker instead of sensiolabs/security-checker (fixes #342) 2021-02-02 21:26:26 +01:00
Pierre Rudloff
05959b17f0 Upgrade grumphp to 1.1 
In order to improve output in CI
 2020-11-16 23:31:18 +01:00
Pierre Rudloff
b5a585443a fixup! The youtube-dl repository is back 2020-11-16 23:28:36 +01:00
Pierre Rudloff
81e42057f9 Upgrade composer-dangling-locked-deps to 0.2.1 
To fix Composer 2 compatibility
 2020-11-16 23:21:32 +01:00
Pierre Rudloff
a800a058fa The youtube-dl repository is back 2020-11-16 20:48:03 +01:00
Pierre Rudloff
17422d8485 Upgrade youtube-dl to 2020.11.01.1 (fixes #326) 2020-11-02 21:09:27 +01:00
Pierre Rudloff
f4a9528b56 Explicitely require PHP >= 7.3 2020-10-28 22:17:27 +01:00
Pierre Rudloff
c15f1e6bba Use a stable release of alltube-library 2020-10-27 23:33:00 +01:00
Pierre Rudloff
e330adec76 Get youtube-dl from PyPI (fixes #323) 2020-10-27 23:18:59 +01:00
Pierre Rudloff
9a12a2d13b Don't install open-sans in vendor 2020-10-20 01:24:36 +02:00
Pierre Rudloff
22bcbbb9ae Upgrade grumphp to 1.0 
So tests can be run in parallel
 2020-10-20 00:16:56 +02:00
Pierre Rudloff
561b6c8370 Make the CSP compatible with debug tools 2020-10-19 23:59:23 +02:00
Pierre Rudloff
5ee9d457b2 Upgrade youtube-dl to 2020.09 (fixes #300) 2020-10-10 23:05:08 +02:00
Pierre Rudloff
8ab2ed838b Upgrade composer-dangling-locked-deps to 0.2 2020-10-09 23:38:23 +02:00
Pierre Rudloff
4bd121cda2 Disable timeout for "composer test" 2020-09-27 19:50:12 +02:00
Pierre Rudloff
d38b1cd9aa composer-dangling-locked-deps 2020-09-01 12:47:06 +02:00
Pierre Rudloff
3ba720dce0 Get open-sans from Packagist 
So we can stop requiring Asset Packagist
 2020-07-20 23:04:03 +02:00
Pierre Rudloff
96a75cbf14 Log youtube-dl and ffmpeg commands (fixes #297) 2020-07-15 22:52:38 +02:00
Pierre Rudloff
7e575e1bb2 composer-normalize 2020-07-05 11:58:50 +02:00
Pierre Rudloff
32f0a5012c Use security-checker instead of security-advisories 
So it can be checked with grumphp
 2020-07-05 03:23:14 +02:00
Pierre Rudloff
7ecfe8cb87 Use autoload-dev for test classes (fixes #293) 2020-07-01 22:58:26 +02:00
Pierre Rudloff
d127964eff Simplify PSR-4 autoload 2020-07-01 22:52:22 +02:00
Pierre Rudloff
f90a08e89c Stop installing ffmpeg and phantomjs with Composer 
It is convenient but this a the job of the OS package manager
 2020-06-22 23:21:22 +02:00
Pierre Rudloff
a518e3b7b3 Create release package cleanly from a temporary folder (#279) 2020-06-22 23:15:31 +02:00
Pierre Rudloff
251fbe48ca Add generator meta with the current version 2020-06-21 15:51:28 +02:00