Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Adding new downloadAlternateFFmpeg option to download non-proprietary ffmpeg library #7477

Merged
merged 1 commit into from Mar 15, 2023
Merged

feat: Adding new downloadAlternateFFmpeg option to download non-proprietary ffmpeg library #7477

merged 1 commit into from Mar 15, 2023

Conversation

mmaietta
Copy link
Collaborator

Implements #7210

Credit to @burnhamup for PR example #7247 🙂

@changeset-bot
Copy link

changeset-bot bot commented Mar 15, 2023

🦋 Changeset detected

Latest commit: 74c9ed2

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 8 packages
Name Type
app-builder-lib Minor
dmg-builder Minor
electron-builder-squirrel-windows Minor
electron-builder Minor
electron-forge-maker-appimage Minor
electron-forge-maker-nsis-web Minor
electron-forge-maker-nsis Minor
electron-forge-maker-snap Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@netlify
Copy link

netlify bot commented Mar 15, 2023
edited

Deploy Preview for car-park-attendant-cleat-11576 ready!

Name Link
🔨 Latest commit 74c9ed2
🔍 Latest deploy log https://app.netlify.com/sites/car-park-attendant-cleat-11576/deploys/641127558d17ba0008d41d44
😎 Deploy Preview https://deploy-preview-7477--car-park-attendant-cleat-11576.netlify.app/configuration/configuration
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site settings.

@mmaietta mmaietta mentioned this pull request Mar 15, 2023
Closed
@mmaietta mmaietta merged commit 1dd26cc into master Mar 15, 2023
12 checks passed
@mmaietta mmaietta deleted the feat/alternate-ffmpeg branch March 15, 2023 14:44
This was referenced Mar 15, 2023
Merged
Open
Open
@AviVahl
Copy link
Contributor

AviVahl commented Mar 23, 2023

This change introduced a LOT of new dependencies and a vulnerability due to request being re-depended again.

┌───────────────┬──────────────────────────────────────────────────────────────┐
│ moderate      │ Server-Side Request Forgery in Request                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ request                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ No patch available                                           │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ electron-builder                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ electron-builder > app-builder-lib >                         │
│               │ electron-packager-plugin-non-proprietary-codecs-ffmpeg >     │
│               │ request                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1091459                     │
└───────────────┴──────────────────────────────────────────────────────────────┘

@mmaietta
Copy link
Collaborator Author

Hmmmmm, stay tuned for a 24.1.1 then. I'll try and take a different approach to maintain feature parity

@mmaietta
Copy link
Collaborator Author

@AviVahl released 24.1.1. Removed the dependency entirely and wrote it from scratch

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
app-builder-lib
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@mmaietta @AviVahl