homebrew-core
yt-dlp
Our great sponsors
homebrew-core | yt-dlp | |
---|---|---|
132 | 2,360 | |
13,203 | 70,159 | |
0.9% | 4.5% | |
10.0 | 9.8 | |
2 days ago | 5 days ago | |
Ruby | Python | |
BSD 2-clause "Simplified" License | The Unlicense |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
homebrew-core
-
GitHub Disabled the Xz Repo
Is disabling the compromised repo the typical GitHub policy? My concern is there are monorepos used by package managers, like brew, that are a collection of thousands of projects [1]. These monorepos seem like a prime target for attack and if GitHub disables one because a malicious commit was merged then you've taken down an entire ecosystem.
[1] https://github.com/Homebrew/homebrew-core
-
Backdoor in upstream xz/liblzma leading to SSH server compromise
> Correct. Though we do not appear to be affected, this revert was done out of an abundance of caution.
[1] https://github.com/Homebrew/homebrew-core/pull/167512
-
Pyenv – lets you easily switch between multiple versions of Python
> right, but now you know even less about your setup when you some roadblock
This is the same with a binary though. And with homebrew, you can't follow patches or flags used or if they change.
- https://github.com/Homebrew/homebrew-core/blob/c964ad7fa53ad...
- Apple curl security incident 12604
-
Cowsay
definitely be careful about using fortune in a corporate environment or public space if you don't know what dat files you are using or you might just get an extremely unwelcome surprise.
I was practicing a presentation and used to use "fortune" all the time. I forget exactly what it output but I remember being absolutely mortified about what could have happened if that had popped up during an internal company tech talk.
Kudos to brew for keeping unsuspecting people safe
https://github.com/Homebrew/homebrew-core/commit/3fb3c4c3e55...
-
Ask HN: Trouble with a Stargate
I'm sorry to be asking this as I find it a bit silly, but it's blocking my PR [3], so could a few of you star the project on Github [1] to get my PR to run?
[1] https://github.com/laktak/chkbit-py
[2] https://brew.sh
[3] https://github.com/Homebrew/homebrew-core/pull/160018
- Simulate an Ubuntu-like VM inside macOS
- When open source platforms are worse than closed source
- Homebrew Rejects the Idea for Post-Install Notes
- Homebrew team's developer harassment. They won't remove my software?
yt-dlp
-
FFmpeg 7.0 Released
You can put these options in a config file and they will become the default: https://github.com/yt-dlp/yt-dlp?tab=readme-ov-file#configur...
-
Google fights Invidious (a privacy YouTube Front end)
Yep. yt-dlp and youtube-dl
https://github.com/yt-dlp/yt-dlp
https://github.com/ytdl-org/youtube-dl
Will also start to feel the impact. My theory is that we will see a bunch of new video hosting sites as youtube itself attempts to lock down its ecosystem. They haven't paid attention in any adversarial way as far as I can tell.
When they do, it wont be great.
-
XZ: A Microcosm of the interactions in Open Source projects
The points you make aren't unreasonable.
It is necessary to establish clear boundaries of what can and can be provided by the maintainers. If not done at an earlier stage of the project, the support burden becomes too much to bear at which point the maintainer transfers ownership, and the project suffers from catastrophic consequences such as the xz backdoor we're talking about here, or other cases where the project mostly stalls and serves as an ego-boosting platform for the new maintainer, as was the case with PhantomJS[6].
This can also happen in your life, where a "friend" sees that you possess a certain skill, and then gradually tries to push an inordinate amount of their personal work related to this field onto you.
Personally, I think it's best to use an approach with extremely clear communication as to what the maintainer can and cannot provide. This can be seen, for example, in yt-dlp[1], where the consumer is clearly informed upfront that not providing detailed information as requested will lead them to block said consumer; or sqlite where their position regarding contributed patches[2] and support[3] is similarly made clear.
Having a shouty BDFL like Torvalds can also help improve code quality[4] and questionable contributions[5], though it is better that the shouty BDFL makes statements that are professional and do not show as much aggression; so for example, "Mauro, shut the fuck up"[7] would become "Mauro, your response is completely unbecoming for a Linux kernel maintainer, and is not in line with the promise of not breaking userspace."
[1] https://github.com/yt-dlp/yt-dlp/issues/new?assignees=&label...
[2] https://www.sqlite.org/copyright.html
[3] https://www.sqlite.org/support.html
[4] https://www.theregister.com/2024/01/29/linux_6_8_rc2/
[5] https://cse.umn.edu/cs/linux-incident
[6] https://github.com/ariya/phantomjs/issues/14541
[7] https://lkml.org/lkml/2012/12/23/75
-
Doom Running on a Toothbrush
Or just "yt-dlp "
yt-dlp ( https://github.com/yt-dlp/yt-dlp ) still works pretty well at the current state of Twitter.
- Show HN: I create a free website for download YouTube transcript, subtitle
-
Using LangServe to build REST APIs for LangChain Applications
To download audio from YouTube videos, you'll utilize the widely used yt-dlp library, which can be installed using the pip command as follows:
- YouTube-dl has been taken down
-
Ask HN: YouTube – how to batch scrape comments and details for 300 videos?
Use: `yt-dlp with --write-comments --no-download --batch-file FILE`
- FILE is a text file with a list of YouTube id's/URL's
- https://superuser.com/a/1732443/4390
- https://github.com/yt-dlp/yt-dlp
-
Forget spaceships; I just want my music
> Then youtube-dl wasn't a thing anymore (maybe it is again?)...
yt-dlp is definitely a thing: <https://github.com/yt-dlp/yt-dlp>
What are some alternatives?
asdf-python - Python plugin for the asdf version manager
Simple-YouTube-Age-Restriction-Bypass - A simple browser extension to bypass YouTube's age verification, disable content warnings and watch age restricted videos without having to sign in!
HomeBrew - 🍺 The missing package manager for macOS (or Linux)
tiktok-scraper - TikTok Scraper. Download video posts, collect user/trend/hashtag/music feed metadata, sign URL and etc.
homebrew-php - :beer: Homebrew tap for PHP 5.6 to 8.4. PHP 8.4 is built nightly.
youtube-dl-gui - A cross platform front-end GUI of the popular youtube-dl written in wxPython.
osxfuse - FUSE extends macOS by adding support for user space file systems
youtube-dl - Command-line program to download videos from YouTube.com and other video sites
homebrew-cask-versions - 🔢 Alternate versions of Casks
youtube-dlc - Command-line program to download various media from YouTube.com and other sites
ytmdl - A simple app to get songs from YouTube in mp3 format with artist name, album name etc from sources like iTunes, Spotify, LastFM, Deezer, Gaana etc.
youtube-dl - Command-line program to download videos from YouTube.com and other video sites