Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dgwarlug47 patch 1 #31952

Closed
wants to merge 5 commits into from
Closed

Dgwarlug47 patch 1 #31952

wants to merge 5 commits into from

Conversation

dgwarlug47
Copy link

Please follow the guide below

  • You will be asked some questions, please read them carefully and answer honestly
  • Put an x into all the boxes [ ] relevant to your pull request (like that [x])
  • Use Preview tab to see how your pull request will actually look like

Before submitting a pull request make sure you have:

In order to be accepted and merged into youtube-dl each piece of code must be in public domain or released under Unlicense. Check one of the following options:

  • I am the original author of this code and I am willing to release it under Unlicense
  • I am not the original author of this code but it is in public domain or released under Unlicense (provide reliable evidence)

What is the purpose of your pull request?

  • Bug fix
  • Improvement
  • New extractor
  • New feature

Description of your pull request and other information

Explanation of your pull request in arbitrary form goes here. Please make sure the description explains the purpose and effect of your pull request and is worded well enough to be understood. Provide as much context and examples as possible.

@dirkf
Copy link
Contributor

dirkf commented Mar 29, 2023

How is this going to differ from flake8 linter already in workflows?

Feel free to explain this by completing the PR template properly.

@github-advanced-security
Copy link

You have successfully added a new CodeQL configuration /language:python. As part of the setup process, we have scanned this repository and found 23 existing alerts. Please check the repository Security tab to see all alerts.

@dirkf
Copy link
Contributor

dirkf commented Apr 1, 2023

The results of the test run don't offer anything much. The diagnostics highlight these features:

  • "Inefficient regular expressions" which have never been a problem but might be adjusted in future if anyone cares
  • "Incomplete URL substring sanitization": a deliberate code pattern that has no security impact in yt-dl (not that anything much does)
  • "Default version of SSL/TLS may be insecure": invoked only on old Python versions that don't support more recent security protocols
  • "Use of insecure SSL/TLS version": ditto
  • "Use of a broken or weak cryptographic hashing algorithm on sensitive data": matching what's done by a target website, or locally with no security impact.

If the PR is correctly completed we could have this as an optional workflow to run every so often but it's not suitable to be incorporated into the build or test processes.

@dirkf
Copy link
Contributor

dirkf commented Mar 15, 2024

Supserseded by #32745.

@dirkf dirkf closed this Mar 15, 2024
@dirkf dirkf mentioned this pull request Mar 15, 2024
Open
11 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
do-not-merge incomplete
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@dgwarlug47 @dirkf