yt-dlp

Commit Graph

Author	SHA1	Message	Date
Simon Sawicki	ff07792676	[core] Prevent RCE when using `--exec` with `%q` (CVE-2024-22423) The shell escape function now properly escapes `%`, `\\` and `\n`. `utils.Popen` as well as `%q` output template expansion have been patched accordingly. Prior to this fix using `--exec` together with `%q` when on Windows could cause remote code to execute. See https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-hjq6-52gw-2g7p for more details. Authored by: Grub4K	7 months ago
Simon Sawicki	32abfb00bd	[utils] `traverse_obj`: Convenience improvements (#9577 ) Add support for: - `http.cookies.Morsel` - Multi type filters (`{type, type}`) Authored by: Grub4K	7 months ago
pukkandan	c305a25c1b	[cleanup] Standardize `import datetime as dt` (#8978 )	7 months ago
sepro	86e3b82261	[core] Fix `filesize_approx` calculation (#9560 ) Reverts `22e4dfacb6` Despite being documented as `Kbit/s`, the extractors/manifests were returning bitrates in SI units of kilobits/sec. Authored by: seproDev, pukkandan	7 months ago
Simon Sawicki	3699eeb67c	[utils] `traverse_obj`: Allow unbranching using `all` and `any` (#9571 ) Authored by: Grub4K	7 months ago
pukkandan	615a84447e	[cleanup] Misc (#8968 ) Authored by: pukkandan, bashonly, seproDev	8 months ago
pukkandan	45491a2a30	[utils] Improve `repr` of `DateRange`, `match_filter_func`	8 months ago
pukkandan	93240fc184	[cleanup] Fix misc bugs (#8968 ) Closes #8816 Authored by: bashonly, seproDev, pukkandan, Grub4k	8 months ago
pukkandan	47ab66db0f	[docs] Misc Cleanup (#8977 ) Closes #8355, #8944 Authored by: bashonly, Grub4k, Arthurszzz, seproDev, pukkandan Co-authored-by: sepro <4618135+seproDev@users.noreply.github.com> Co-authored-by: bashonly <bashonly@protonmail.com> Co-authored-by: Arthurszzz <minecraftgamerarthur@gmail.com> Co-authored-by: Simon Sawicki <accounts@grub4k.xyz> Co-authored-by: bashonly <88596187+bashonly@users.noreply.github.com>	8 months ago
Simon Sawicki	ffbd4f2a02	[utils] `traverse_obj`: Support `xml.etree.ElementTree.Element` (#8911 ) Authored by: Grub4K	10 months ago
Simon Sawicki	f9fb3ce86e	[cleanup] Misc (#8598 ) Authored by: bashonly, pukkandan, seproDev, Grub4K Co-authored-by: bashonly <bashonly@protonmail.com> Co-authored-by: pukkandan <pukkandan.ytdlp@gmail.com> Co-authored-by: sepro <4618135+seproDev@users.noreply.github.com>	10 months ago
Simon Sawicki	65de7d204c	Update to ytdl-commit-be008e6 (#8836 ) - [utils] Make restricted filenames ignore some Unicode categories (by dirkf) - [ie/telewebion] Fix extraction (by Grub4K) - [ie/imgur] Overhaul extractor (by bashonly, Grub4K) - [ie/EpidemicSound] Add extractor (by Grub4K) Authored by: bashonly, dirkf, Grub4K Co-authored-by: bashonly <bashonly@protonmail.com>	10 months ago
coletdjnz	196eb0fe77	[networking] Strip whitespace around header values (#8802 ) Fixes https://github.com/yt-dlp/yt-dlp/issues/8729 Authored by: coletdjnz	11 months ago
Simon Sawicki	0b6f829b1d	[utils] `traverse_obj`: Move `is_user_input` into output template (#8673 ) Authored by: Grub4K	11 months ago
pukkandan	a174c453ee	Let `read_stdin` obey `--quiet` Closes #8668	11 months ago
coletdjnz	ccfd70f4c2	[rh:websockets] Migrate websockets to networking framework (#7720 ) * Adds a basic WebSocket framework * Introduces new minimum `websockets` version of 12.0 * Deprecates `WebSocketsWrapper` Fixes https://github.com/yt-dlp/yt-dlp/issues/8439 Authored by: coletdjnz	12 months ago
bashonly	f04b5bedad	[ie] Do not smuggle `http_headers` See: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-3ch3-jhc6-5r8x Authored by: coletdjnz	12 months ago
bashonly	84e26038d4	[utils] `write_xattr`: Use `os.setxattr` if available (#8205 ) Closes #8193 Authored by: bashonly, Grub4K Co-authored-by: Simon Sawicki <contact@grub4k.xyz>	1 year ago
Simon Sawicki	1c51c520f7	[fd/fragment] Improve progress calculation (#8241 ) This uses the download speed from all threads and also adds smoothing to speed and eta Authored by: Grub4K	1 year ago
Awal Garg	9d7ded6419	[utils] `js_to_json`: Fix `Date` constructor parsing (#8295 ) Authored by: awalgarg, Grub4K	1 year ago
Simon Sawicki	de015e9307	[core] Prevent RCE when using `--exec` with `%q` (CVE-2023-40581) The shell escape function is now using `""` instead of `\"`. `utils.Popen` has been patched to properly quote commands. Prior to this fix using `--exec` together with `%q` when on Windows could cause remote code to execute. See https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-42h4-v29r-42qg for reference. Authored by: Grub4K	1 year ago
bashonly	52414d64ca	[utils] `js_to_json`: Handle `Array` objects Authored by: Grub4K, std-move Co-authored-by: std-move <26625259+std-move@users.noreply.github.com> Co-authored-by: Simon Sawicki <accounts@grub4k.xyz>	1 year ago
Simon Sawicki	836e06d246	[core] Fix support for upcoming Python 3.12 (#8130 ) This also adds the following test runners: - `3.12-dev` on `ubuntu-latest` - `3.12-dev` on `windows-latest` - `pypy-3.10` on `ubuntu-latest` Authored by: Grub4K	1 year ago
Simon Sawicki	f659e64394	[ie/bpb] Overhaul extractor (#8119 ) Authored by: Grub4K	1 year ago
pukkandan	3f7965105d	[utils] HTTPHeaderDict: Handle byte values	1 year ago
coletdjnz	4bf912282a	[networking] Remove dot segments during URL normalization (#7662 ) This implements RFC3986 5.2.4 remove_dot_segments during the URL normalization process. Closes #3355, #6526 Authored by: coletdjnz	1 year ago
coletdjnz	bbeacff7fc	[networking] Ignore invalid proxies in env (#7704 ) Authored by: coletdjnz	1 year ago
pukkandan	a250b24733	[compat] Ensure submodules are imported correctly Closes #7663	1 year ago
bashonly	af86873218	[utils] Improve `parse_duration` Authored by: bashonly	1 year ago
coletdjnz	3d2623a898	[compat, networking] Deprecate old functions (#2861 ) Authored by: coletdjnz, pukkandan	1 year ago
coletdjnz	227bf1a33b	[networking] Rewrite architecture (#2861 ) New networking interface consists of a `RequestDirector` that directs each `Request` to appropriate `RequestHandler` and returns the `Response` or raises `RequestError`. The handlers define adapters to transform its internal Request/Response/Errors to our interfaces. User-facing changes: - Fix issues with per request proxies on redirects for urllib - Support for `ALL_PROXY` environment variable for proxy setting - Support for `socks5h` proxy - Closes https://github.com/yt-dlp/yt-dlp/issues/6325, https://github.com/ytdl-org/youtube-dl/issues/22618, https://github.com/ytdl-org/youtube-dl/pull/28093 - Raise error when using `https` proxy instead of silently converting it to `http` Authored by: coletdjnz	1 year ago
pukkandan	c365dba843	[networking] Add module (#2861 ) No actual changes - code is only moved around	1 year ago
pukkandan	1b392f905d	[utils] Add temporary shim for logging Related: #5680, #7517	1 year ago
Mahmoud Abdel-Fattah	2af4eeb772	[utils] `clean_podcast_url`: Handle more trackers (#7556 ) Authored by: mabdelfattah, bashonly Closes #7544	1 year ago
coletdjnz	f8b4bcc0a7	[core] Prevent `Cookie` leaks on HTTP redirect Ref: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj Authored by: coletdjnz	1 year ago
pukkandan	337734d4a8	[cleanup] Misc	1 year ago
pukkandan	91302ed349	[utils] clean_podcast_url: Handle protocol in redirect URL Closes #7430	1 year ago
pukkandan	e59e20744e	Bugfix for `b4e0d75848`	1 year ago
pukkandan	812cdfa06c	[cleanup] Misc	1 year ago
pukkandan	b4e0d75848	Improve `--download-sections` * Support negative time-ranges * Add `*from-url` to obey time-ranges in URL Closes #7248	1 year ago
pukkandan	ad54c9130e	[cleanup] Misc Closes #6288, Closes #7197, Closes #7265, Closes #7353, Closes #5773 Authored by: mikf, freezboltz, pukkandan	1 year ago
Nicolai Dagestad	db3ad8a676	Add option `--netrc-cmd` (#6682 ) Authored by: NDagestad, pukkandan Closes #1706	1 year ago
pukkandan	ebe1b4e34f	[outtmpl] Fix some minor bugs Closes #7164	1 year ago
pukkandan	a35af4306d	[utils] `strftime_or_none`: Handle negative timestamps Closes #6706 Authored by pukkandan, dirkf	1 year ago
pukkandan	eedda5252c	[utils] `FormatSorter`: Improve `size` and `br` Closes #1596 Previously, when some formats have accurate size and some approximate, the ones with accurate size was always prioritized For formats with known tbr and unknown vbr/abr, we were setting (vbr=tbr, abr=0) for sorting to work. This is no longer needed. Authored by pukkandan, u-spec-png	1 year ago
hoaluvn	7bcd481321	[extractor/urplay] Extract all subtitles (#7309 ) Authored by: hoaluvn	1 year ago
garret	4cbfa570a1	[extractor/camfm] Add extractors (#7083 ) Authored by: garret1317	1 year ago
coletdjnz	daafbf49b3	[core] Support decoding multiple content encodings (#7142 ) Authored by: coletdjnz	1 year ago
coletdjnz	b87e01c123	[cookies] Move `YoutubeDLCookieJar` to cookies module (#7091 ) Authored by: coletdjnz	1 year ago
coletdjnz	08916a49c7	[core] Improve HTTP redirect handling (#7094 ) Aligns HTTP redirect handling with what browsers commonly do and RFC standards. Fixes issues `afac4caa7d` missed. Authored by: coletdjnz	1 year ago

1 2

54 Commits (bdfeb4357b56908534c2a0539905f08731adac45)