Skip to content
This repository has been archived by the owner on Apr 22, 2023. It is now read-only.

Releases: Rudloff/alltube

3.2.0-alpha: Switched to yt-dlp instead of youtube-dl

22 Apr 21:25
@Rudloff Rudloff
3.2.0-alpha
This tag was signed with the committer’s verified signature.
Rudloff Pierre Rudloff
SSH Key Fingerprint: xZlajgIwqw5LA9Z2uS7WwfT8J8wHyHgGaTh8VGxTm8I Learn about vigilant mode.
ec95a8f
This commit was signed with the committer’s verified signature.
Rudloff Pierre Rudloff
SSH Key Fingerprint: xZlajgIwqw5LA9Z2uS7WwfT8J8wHyHgGaTh8VGxTm8I Learn about vigilant mode.
Compare
Choose a tag to compare
3.2.0-alpha: Switched to yt-dlp instead of youtube-dl Pre-release
Pre-release 
PHP 7.4+ is now required
Assets 3

3.1.1

11 Mar 13:34
@Rudloff Rudloff
3.1.1
This tag was signed with the committer’s verified signature.
Rudloff Pierre Rudloff
SSH Key Fingerprint: xZlajgIwqw5LA9Z2uS7WwfT8J8wHyHgGaTh8VGxTm8I Learn about vigilant mode.
2bef4d5
This commit was signed with the committer’s verified signature.
Rudloff Pierre Rudloff
SSH Key Fingerprint: xZlajgIwqw5LA9Z2uS7WwfT8J8wHyHgGaTh8VGxTm8I Learn about vigilant mode.
Compare
Choose a tag to compare
3.1.1 Latest
Latest 
Updated robo to 3.0

Various dependencies update
Assets 3

3.1.0

16 Oct 13:38
@Rudloff Rudloff
3.1.0
36a91c8
Compare
Choose a tag to compare
3.1.0 
Removed every reference to alltubedownload.net (#422)

Updated youtube-dl to 2021.12.17
Updated alltube-library to 0.1.3
Updated Smarty to 4.0
PHP 8 compatibility
Various refactoring and typying improvement
Assets 3

3.0.3

08 Mar 20:19
@Rudloff Rudloff
3.0.3
3d09289
Compare
Choose a tag to compare
3.0.3

This release fixes a vulnerability that could be used to trigger either an open redirect attack or a Server-Side Request Forgery attack (see GHSA-75p7-527p-w8wp).

The fix requires applying a patch to youtube-dl to disable its generic extractor. If you are using the version of youtube-dl bundled with 3.0.3, it is already patched.
However, if you are using your own unpatched version of youtube-dl you might still be vulnerable.

Assets 3

3.0.2

27 Feb 12:05
@Rudloff Rudloff
3.0.2
148a171
Compare
Choose a tag to compare
3.0.2

This release fixes a Server-Side Request Forgery vulnerability that could be used to send a request to an internal hostname (see GHSA-r5hc-wm3g-hjw6).

Part of the fix requires applying a patch to youtube-dl to prevent it from following HTTP redirects. If you are using the version of youtube-dl bundled with 3.0.2, it is already patched.
However, if you are using your own unpatched version of youtube-dl you might still be vulnerable.

Assets 3

3.0.1

20 Feb 13:24
@Rudloff Rudloff
3.0.1
3ab22c6
Compare
Choose a tag to compare
3.0.1

This release fixes an open redirect vulnerability that could be used to construct a URL redirecting to an arbitrary domain (see GHSA-jmhf-9fj8-88gh).

Assets 3

3.0.0: This release contains several breaking changes:

20 Apr 21:24
@Rudloff Rudloff
3.0.0
eeda434
Compare
Choose a tag to compare
3.0.0: This release contains several breaking changes: 
The Video class is now available as a separate Composer package (rudloff/alltube-library)
The release package and Docker image now contain only production dependencies
youtube-dl is now a production dependency
Composer does not install ffmpeg or phantomjs anymore
The "avconv" and "avconvVerbosity" options are now respectively "ffmpeg" and "ffmpegVerbosity"

Other changes:

Setting the "stream" option to "ask" now works correctly
New locales are automatically detected
New Italian translation (thanks to @holoitsme)
If the "best" format does not exist, it will fall back to "bestvideo"
Composer 2 compatibility
youtube-dl and ffmpeg commands are now logged when debug mode is enabled
404 and 405 error pages now have the same style as the other pages
The new "defaultAudio" option allows converting to audio by default (thanks to @bellington3)
The Heroku build now uses Python 3 (thanks to @telegrambotdev)
The app now supports the container Heroku stack (thanks to @telegrambotdev)
The new "convertSeek" option allows disabling seeking when converting to audio (thanks to @bellington3)
Exceptions are now logged
AllTube can now run correctly behind a reverse proxy with a custom path or port (thanks to @bellington3)
Assets 3

3.0.0-beta5

17 Dec 19:13
@Rudloff Rudloff
3.0.0-beta5
c9aa41d
Compare
Choose a tag to compare
3.0.0-beta5 Pre-release
Pre-release 
Composer 2 compatibility

Updated youtube-dl to 2020.11.12
Make sure locale is always set, even on first request
Assets 3

3.0.0-beta4

04 Nov 22:13
@Rudloff Rudloff
3.0.0-beta4
f6d3a72
Compare
Choose a tag to compare
3.0.0-beta4 Pre-release
Pre-release 
Fixed the CSP because it was breaking downloads on Chrome (#327)

Upgraded youtube-dl to 2020.11.01.1 (#326)
Assets 3

3.0.0-beta3

28 Oct 21:11
@Rudloff Rudloff
3.0.0-beta3
ac6cd1d
Compare
Choose a tag to compare
3.0.0-beta3 Pre-release
Pre-release 
We now temporarily get youtube-dl from PyPI (because their GitHub rep…

…ository is not available anymore)

Upgraded alltube-library to 0.1.1
The bookmarklet is now correctly generated when AllTube is behind a reverse proxy
The bookmarklet is now compatible with ugly URLs
Assets 3