From ad3c9b75fb7d069f44d549103e392b03381c6a09 Mon Sep 17 00:00:00 2001 From: test1 Date: Mon, 7 Jul 2025 14:44:00 -0700 Subject: [PATCH 01/12] simple func using yt_dlp to download video to an mp4 format with no audio --- utils/download_yt.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 utils/download_yt.py diff --git a/utils/download_yt.py b/utils/download_yt.py new file mode 100644 index 0000000..8400b2e --- /dev/null +++ b/utils/download_yt.py @@ -0,0 +1,16 @@ +import os +import sys +import yt_dlp +from pathlib import Path + +from yt_dlp import YoutubeDL + +url = "https://www.youtube.com/watch?v=vWQpiMd-v0A" + +ydl_opts = { + 'format': 'bestvideo[ext=mp4]/bestvideo', + 'merge_output_format': 'mp4', +} + +with yt_dlp.YoutubeDL(ydl_opts) as ydl: + ydl.download([url]) \ No newline at end of file From a8c1525f2293ce660e336f9df7755435c239631f Mon Sep 17 00:00:00 2001 From: test1 Date: Mon, 7 Jul 2025 15:04:16 -0700 Subject: [PATCH 02/12] added github actions workflow for video downloading --- .github/workflows/download_yt.yml | 38 +++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 .github/workflows/download_yt.yml diff --git a/.github/workflows/download_yt.yml b/.github/workflows/download_yt.yml new file mode 100644 index 0000000..185628e --- /dev/null +++ b/.github/workflows/download_yt.yml @@ -0,0 +1,38 @@ +on: + push: + branches: [all] + pull_request: + branches: [all] + workflow_dispatch: + +jobs: + download_video: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Setup Python + - uses: actions/setup-python@v4 + with: + python-version: '3.13' + - name: Install dependencies + run: | + python3 -m pip install --upgrade pip + pip install yt-dlp + + - name: Create video downloads directory + run: mkdir -p downloads + + - name: Download Youtube video + run: | + cd downloads + python3 ../utils/download_yt.py + # check if vid downloaded correctly + ls -la ./ + + - name: Upload downloaded vids to artifact + uses: actions/upload-artifact + with: + name: download-video + path: downloads/ + retention-days: 7 \ No newline at end of file From fca25bf2463c245edb87bc97a453b7b1728fd665 Mon Sep 17 00:00:00 2001 From: test1 Date: Mon, 7 Jul 2025 15:05:31 -0700 Subject: [PATCH 03/12] syntax error in gh actions workflow --- .github/workflows/download_yt.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/download_yt.yml b/.github/workflows/download_yt.yml index 185628e..f884d94 100644 --- a/.github/workflows/download_yt.yml +++ b/.github/workflows/download_yt.yml @@ -12,7 +12,7 @@ jobs: - name: Checkout code uses: actions/checkout@v4 - name: Setup Python - - uses: actions/setup-python@v4 + uses: actions/setup-python@v4 with: python-version: '3.13' - name: Install dependencies From 14ca51be35ac7eaa7fcf3ec01465bcae612f86e7 Mon Sep 17 00:00:00 2001 From: test1 Date: Mon, 7 Jul 2025 15:07:52 -0700 Subject: [PATCH 04/12] syntax error in gh actions workflow --- .github/workflows/download_yt.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/download_yt.yml b/.github/workflows/download_yt.yml index f884d94..3f386b1 100644 --- a/.github/workflows/download_yt.yml +++ b/.github/workflows/download_yt.yml @@ -31,7 +31,7 @@ jobs: ls -la ./ - name: Upload downloaded vids to artifact - uses: actions/upload-artifact + uses: actions/upload-artifact@v4 with: name: download-video path: downloads/ From f4b875153c851df3c941aba79602bb1696a52b59 Mon Sep 17 00:00:00 2001 From: test1 Date: Mon, 7 Jul 2025 15:11:37 -0700 Subject: [PATCH 05/12] added @v4 to actions/upload-artifact --- .github/workflows/download_yt.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/download_yt.yml b/.github/workflows/download_yt.yml index 3f386b1..60f9f12 100644 --- a/.github/workflows/download_yt.yml +++ b/.github/workflows/download_yt.yml @@ -35,4 +35,5 @@ jobs: with: name: download-video path: downloads/ - retention-days: 7 \ No newline at end of file + retention-days: 7 + \ No newline at end of file From c9d4ecb113c13d06e4c57cef4bcd8d5816745743 Mon Sep 17 00:00:00 2001 From: test1 Date: Mon, 7 Jul 2025 15:17:32 -0700 Subject: [PATCH 06/12] removed branches option from push and pull request --- .github/workflows/download_yt.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/download_yt.yml b/.github/workflows/download_yt.yml index 60f9f12..09b48ab 100644 --- a/.github/workflows/download_yt.yml +++ b/.github/workflows/download_yt.yml @@ -1,8 +1,6 @@ on: push: - branches: [all] pull_request: - branches: [all] workflow_dispatch: jobs: From b94424ec6d3c97e1bc1b6a7d55d6046a09bdb4ac Mon Sep 17 00:00:00 2001 From: test1 Date: Mon, 7 Jul 2025 15:24:52 -0700 Subject: [PATCH 07/12] testing adjustments to prevent youtube from blocking me --- utils/download_yt.py | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/utils/download_yt.py b/utils/download_yt.py index 8400b2e..34da54b 100644 --- a/utils/download_yt.py +++ b/utils/download_yt.py @@ -10,7 +10,22 @@ ydl_opts = { 'format': 'bestvideo[ext=mp4]/bestvideo', 'merge_output_format': 'mp4', + 'user_agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36', + 'headers': { + 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', + 'Accept-Language': 'en-us,en;q=0.5', + 'Sec-Fetch-Mode': 'navigate', + }, + 'retries': 3, + 'fragment_retries': 3, + 'ignoreerrors': True, } -with yt_dlp.YoutubeDL(ydl_opts) as ydl: - ydl.download([url]) \ No newline at end of file +try: + with yt_dlp.YoutubeDL(ydl_opts) as ydl: + print(f"Attempting to download: {url}") + ydl.download([url]) + print("Download completed successfully!") +except Exception as e: + print(f"Download failed: {str(e)}") + sys.exit(0) \ No newline at end of file From b640ab169b6cd768407307b44aebe4cc8de76b31 Mon Sep 17 00:00:00 2001 From: test1 Date: Wed, 9 Jul 2025 17:39:31 -0700 Subject: [PATCH 08/12] reverting commit and deleting github actions flow due to bot protection on youtube. --- .github/workflows/download_yt.yml | 37 ------------------------------- 1 file changed, 37 deletions(-) delete mode 100644 .github/workflows/download_yt.yml diff --git a/.github/workflows/download_yt.yml b/.github/workflows/download_yt.yml deleted file mode 100644 index 09b48ab..0000000 --- a/.github/workflows/download_yt.yml +++ /dev/null @@ -1,37 +0,0 @@ -on: - push: - pull_request: - workflow_dispatch: - -jobs: - download_video: - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v4 - - name: Setup Python - uses: actions/setup-python@v4 - with: - python-version: '3.13' - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - pip install yt-dlp - - - name: Create video downloads directory - run: mkdir -p downloads - - - name: Download Youtube video - run: | - cd downloads - python3 ../utils/download_yt.py - # check if vid downloaded correctly - ls -la ./ - - - name: Upload downloaded vids to artifact - uses: actions/upload-artifact@v4 - with: - name: download-video - path: downloads/ - retention-days: 7 - \ No newline at end of file From 9b22bb0f9921ce1d1c3fd55c78b516f916d45bf0 Mon Sep 17 00:00:00 2001 From: test1 Date: Wed, 9 Jul 2025 17:42:34 -0700 Subject: [PATCH 09/12] reverting commit and deleting github actions flow due to bot protection on youtube. --- utils/download_yt.py | 19 ++----------------- 1 file changed, 2 insertions(+), 17 deletions(-) diff --git a/utils/download_yt.py b/utils/download_yt.py index 34da54b..8400b2e 100644 --- a/utils/download_yt.py +++ b/utils/download_yt.py @@ -10,22 +10,7 @@ ydl_opts = { 'format': 'bestvideo[ext=mp4]/bestvideo', 'merge_output_format': 'mp4', - 'user_agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36', - 'headers': { - 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', - 'Accept-Language': 'en-us,en;q=0.5', - 'Sec-Fetch-Mode': 'navigate', - }, - 'retries': 3, - 'fragment_retries': 3, - 'ignoreerrors': True, } -try: - with yt_dlp.YoutubeDL(ydl_opts) as ydl: - print(f"Attempting to download: {url}") - ydl.download([url]) - print("Download completed successfully!") -except Exception as e: - print(f"Download failed: {str(e)}") - sys.exit(0) \ No newline at end of file +with yt_dlp.YoutubeDL(ydl_opts) as ydl: + ydl.download([url]) \ No newline at end of file From ce5cfd20746762b2baebde3292d2931b92c94069 Mon Sep 17 00:00:00 2001 From: test1 Date: Wed, 9 Jul 2025 18:23:12 -0700 Subject: [PATCH 10/12] moved everything under automateDownload class. made program interactive in cli for either one or many youtube links. added parent.yml to manage sast and sec scans on every commit --- .github/workflows/parent.yml | 133 +++++++++++++++++++++++++++++++++++ utils/download_yt.py | 52 ++++++++++++-- 2 files changed, 178 insertions(+), 7 deletions(-) create mode 100644 .github/workflows/parent.yml diff --git a/.github/workflows/parent.yml b/.github/workflows/parent.yml new file mode 100644 index 0000000..9b0011f --- /dev/null +++ b/.github/workflows/parent.yml @@ -0,0 +1,133 @@ +name: Security and Code Quality + +on: + push: + pull_request: + +jobs: + codeql-analysis: + name: CodeQL SAST Analysis + runs-on: ubuntu-latest + timeout-minutes: 15 # Add this line + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'python' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + # Optional: specify additional queries + queries: security-extended,security-and-quality + + - name: Setup Python + uses: actions/setup-python@v4 + with: + python-version: '3.x' + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + if [ -f requirements.txt ]; then pip install -r requirements.txt; fi + if [ -f setup.py ]; then pip install -e .; fi + + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" + + dependency-review: + name: Dependency Review + runs-on: ubuntu-latest + if: github.event_name == 'pull_request' + permissions: + contents: read + pull-requests: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Dependency Review + uses: actions/dependency-review-action@v4 + with: + # Fail on critical vulnerabilities + fail-on-severity: critical + # Comment on PRs with findings + comment-summary-in-pr: true + + basic-quality-checks: + name: Basic Code Quality + runs-on: ubuntu-latest + permissions: + contents: read + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Setup Python + uses: actions/setup-python@v4 + with: + python-version: '3.x' + + - name: Check Python syntax + run: | + python -m py_compile $(find . -name "*.py" -not -path "./.git/*") + + - name: Check for common security issues + run: | + # Check for hardcoded secrets (basic patterns) + echo "Checking for potential hardcoded secrets..." + if grep -r -i -E "(password|pwd|secret|key|token|api_key)\s*=\s*['\"][^'\"]{8,}" --include="*.py" . ; then + echo "⚠️ Potential hardcoded secrets found!" + exit 1 + fi + + # Check for SQL injection patterns + echo "Checking for potential SQL injection patterns..." + if grep -r -E "(execute|query|cursor)\s*\(\s*['\"].*%.*['\"]" --include="*.py" . ; then + echo "⚠️ Potential SQL injection patterns found!" + exit 1 + fi + + # Check for eval/exec usage + echo "Checking for dangerous eval/exec usage..." + if grep -r -E "(^|[^a-zA-Z])(eval|exec)\s*\(" --include="*.py" . ; then + echo "⚠️ Dangerous eval/exec usage found!" + exit 1 + fi + + echo "✅ Basic security checks passed" + + security-summary: + name: Security Summary + runs-on: ubuntu-latest + needs: [codeql-analysis, dependency-review, basic-quality-checks] + if: always() + permissions: + contents: read + issues: write + + steps: + - name: Security Scan Summary + run: | + echo "## Security Scan Results" >> $GITHUB_STEP_SUMMARY + echo "- **CodeQL Analysis**: ${{ needs.codeql-analysis.result }}" >> $GITHUB_STEP_SUMMARY + echo "- **Dependency Review**: ${{ needs.dependency-review.result }}" >> $GITHUB_STEP_SUMMARY + echo "- **Basic Quality Checks**: ${{ needs.basic-quality-checks.result }}" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "Check the Security tab for detailed CodeQL findings." >> $GITHUB_STEP_SUMMARY diff --git a/utils/download_yt.py b/utils/download_yt.py index 8400b2e..4a9cda7 100644 --- a/utils/download_yt.py +++ b/utils/download_yt.py @@ -5,12 +5,50 @@ from yt_dlp import YoutubeDL -url = "https://www.youtube.com/watch?v=vWQpiMd-v0A" +class automateDownload: + def __init__(self): + pass -ydl_opts = { - 'format': 'bestvideo[ext=mp4]/bestvideo', - 'merge_output_format': 'mp4', -} + def getUrlsInteractive(self): + urls = [] + + print("Youtube Video Downloader") + print("Enter Youtube URLs (press Enter on empty line to finish):") -with yt_dlp.YoutubeDL(ydl_opts) as ydl: - ydl.download([url]) \ No newline at end of file + while True: + url = input(f"URL {len(urls) + 1}: ").strip() + if not url: + break + urls.append(url) + return urls + + def downloadVideos(self, urls): + ydl_opts = { + 'format': 'bestvideo[ext=mp4]/bestvideo', + 'merge_output_format': 'mp4', + 'outtmpl': 'downloads/%(title)s.%(ext)s', + 'ignoreerrors': True + } + + with yt_dlp.YoutubeDL(ydl_opts) as ydl: + for url in urls: + try: + print(f"Downloading: {url}") + ydl.download([url]) + print(f"Success: {url}") + except Exception as e: + print(f"Failed: {url} - {e}") + + def main(self): + urls = self.getUrlsInteractive() + + if not urls: + print("No URLS provided!") + sys.exit(1) + + print(f"\n Downloading {len(urls)} videos ...") + self.downloadVideos(urls) + +if __name__ == "__main__": + downloader = automateDownload() + downloader.main() \ No newline at end of file From 2f762d175d0ce493c0535dbaa4f6efb6e0adaabe Mon Sep 17 00:00:00 2001 From: test1 Date: Wed, 9 Jul 2025 18:27:02 -0700 Subject: [PATCH 11/12] parent.yml not needed nvm --- .github/workflows/parent.yml | 133 ----------------------------------- 1 file changed, 133 deletions(-) delete mode 100644 .github/workflows/parent.yml diff --git a/.github/workflows/parent.yml b/.github/workflows/parent.yml deleted file mode 100644 index 9b0011f..0000000 --- a/.github/workflows/parent.yml +++ /dev/null @@ -1,133 +0,0 @@ -name: Security and Code Quality - -on: - push: - pull_request: - -jobs: - codeql-analysis: - name: CodeQL SAST Analysis - runs-on: ubuntu-latest - timeout-minutes: 15 # Add this line - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'python' ] - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - # Optional: specify additional queries - queries: security-extended,security-and-quality - - - name: Setup Python - uses: actions/setup-python@v4 - with: - python-version: '3.x' - - - name: Install dependencies - run: | - python -m pip install --upgrade pip - if [ -f requirements.txt ]; then pip install -r requirements.txt; fi - if [ -f setup.py ]; then pip install -e .; fi - - - name: Autobuild - uses: github/codeql-action/autobuild@v3 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:${{matrix.language}}" - - dependency-review: - name: Dependency Review - runs-on: ubuntu-latest - if: github.event_name == 'pull_request' - permissions: - contents: read - pull-requests: write - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Dependency Review - uses: actions/dependency-review-action@v4 - with: - # Fail on critical vulnerabilities - fail-on-severity: critical - # Comment on PRs with findings - comment-summary-in-pr: true - - basic-quality-checks: - name: Basic Code Quality - runs-on: ubuntu-latest - permissions: - contents: read - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Setup Python - uses: actions/setup-python@v4 - with: - python-version: '3.x' - - - name: Check Python syntax - run: | - python -m py_compile $(find . -name "*.py" -not -path "./.git/*") - - - name: Check for common security issues - run: | - # Check for hardcoded secrets (basic patterns) - echo "Checking for potential hardcoded secrets..." - if grep -r -i -E "(password|pwd|secret|key|token|api_key)\s*=\s*['\"][^'\"]{8,}" --include="*.py" . ; then - echo "⚠️ Potential hardcoded secrets found!" - exit 1 - fi - - # Check for SQL injection patterns - echo "Checking for potential SQL injection patterns..." - if grep -r -E "(execute|query|cursor)\s*\(\s*['\"].*%.*['\"]" --include="*.py" . ; then - echo "⚠️ Potential SQL injection patterns found!" - exit 1 - fi - - # Check for eval/exec usage - echo "Checking for dangerous eval/exec usage..." - if grep -r -E "(^|[^a-zA-Z])(eval|exec)\s*\(" --include="*.py" . ; then - echo "⚠️ Dangerous eval/exec usage found!" - exit 1 - fi - - echo "✅ Basic security checks passed" - - security-summary: - name: Security Summary - runs-on: ubuntu-latest - needs: [codeql-analysis, dependency-review, basic-quality-checks] - if: always() - permissions: - contents: read - issues: write - - steps: - - name: Security Scan Summary - run: | - echo "## Security Scan Results" >> $GITHUB_STEP_SUMMARY - echo "- **CodeQL Analysis**: ${{ needs.codeql-analysis.result }}" >> $GITHUB_STEP_SUMMARY - echo "- **Dependency Review**: ${{ needs.dependency-review.result }}" >> $GITHUB_STEP_SUMMARY - echo "- **Basic Quality Checks**: ${{ needs.basic-quality-checks.result }}" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "Check the Security tab for detailed CodeQL findings." >> $GITHUB_STEP_SUMMARY From 541ac412dec92f1cdb27af9bab3d60675bb812f2 Mon Sep 17 00:00:00 2001 From: test1 Date: Wed, 9 Jul 2025 18:30:34 -0700 Subject: [PATCH 12/12] made parent.yml super simple --- .github/workflows/parent.yml | 58 ++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 .github/workflows/parent.yml diff --git a/.github/workflows/parent.yml b/.github/workflows/parent.yml new file mode 100644 index 0000000..48943b9 --- /dev/null +++ b/.github/workflows/parent.yml @@ -0,0 +1,58 @@ +name: Security Scan + +on: + push: + pull_request: + +jobs: + security-scan: + name: Security & Quality Check + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Python + uses: actions/setup-python@v4 + with: + python-version: '3.x' + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + if [ -f requirements.txt ]; then pip install -r requirements.txt; fi + + - name: Check Python syntax + run: | + python -m py_compile $(find . -name "*.py" -not -path "./.git/*") + + - name: Basic security checks + run: | + echo "Checking for potential issues..." + + # Check for hardcoded secrets + if grep -r -i -E "(password|secret|key|token)\s*=\s*['\"][^'\"]{8,}" --include="*.py" . ; then + echo "⚠️ Potential hardcoded secrets found!" + exit 1 + fi + + # Check for dangerous functions + if grep -r -E "(eval|exec)\s*\(" --include="*.py" . ; then + echo "⚠️ Dangerous functions found!" + exit 1 + fi + + echo "✅ Basic checks passed" + + - name: CodeQL Analysis + uses: github/codeql-action/init@v3 + with: + languages: python + + - name: Run CodeQL + uses: github/codeql-action/analyze@v3 \ No newline at end of file