mirror of
https://github.com/yt-dlp/yt-dlp.git
synced 2025-03-02 21:02:03 +00:00
de015e9307
The shell escape function is now using `""` instead of `\"`. `utils.Popen` has been patched to properly quote commands. Prior to this fix using `--exec` together with `%q` when on Windows could cause remote code to execute. See https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-42h4-v29r-42qg for reference. Authored by: Grub4K |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| bash-completion.in | ||
| bash-completion.py | ||
| changelog_override.json | ||
| changelog_override.schema.json | ||
| check-porn.py | ||
| cli_to_api.py | ||
| fish-completion.in | ||
| fish-completion.py | ||
| generate_aes_testdata.py | ||
| lazy_load_template.py | ||
| logo.ico | ||
| make_changelog.py | ||
| make_contributing.py | ||
| make_issue_template.py | ||
| make_lazy_extractors.py | ||
| make_readme.py | ||
| make_supportedsites.py | ||
| prepare_manpage.py | ||
| run_tests.bat | ||
| run_tests.sh | ||
| set-variant.py | ||
| SizeOfImage.patch | ||
| SizeOfImage_w.patch | ||
| update-formulae.py | ||
| update-version.py | ||
| utils.py | ||
| zsh-completion.in | ||
| zsh-completion.py | ||