MAJOR YT-DLP UPDATE IMMINENT (this weekend)https://github.com/yt-dlp/yt-dlp/issues/14404
I'm not ready!
>>107067471>n/sigWhat kind of racial slur is this one? I don't speak zoomer slang.
>>107067471i don't care as long as it works
does this mean I can finally download vids from teachable?
>do webshit in anything but js>have to pull in node anyway later
>>107068053the forward slash (/) denotes alternative. therefore, your statement:>have to pull in nodeis incorrect.
>>107068053The default it uses is deno since it's the safest and there's a single-exe version that can just be dropped next to the yt-dlp exe.
>>107068171>Deno>safestkek>>107067471I figured they would have to bend the knee eventually, pure-Python n-sig extraction was just too good of a hack to last
I don't get the issue anyway, the point is to download youtube videos without ads and without their shitty player. There's nothing wrong with using JS for that.Their FAQ even says that using a headless browser would be "admission of defeat" but if it comes to that and we can use a headless browser with a convenient CLI to download and stream youtube videos anywhere, it'll still be useful at bypassing the shitty official site. You can't actually save the video normally in a real browser after all, nor run it through CLI, nor pipe it into mpv.
>>107068401>>safest>keknta. explain. i know nothing of deno.
>>107067945It's /sig/gers. I'm a simple man, I see /sig/ thread, I bump /sig/ thread.
>>107068472Supposed to be NodeJS++ but no one cared because old heads would rather ride on depreciated bloatware than try new things.
>>107067471>it works>there are straightforward tutorialsI will be happy, cause im not smart enough or trianed in code yet
>>107068472From what I gather it's just a self-contained JS runtime with heavily restricted permissions (sandboxed with no IO, etc.)Unless someone gives actual details it's probably being shit on because 1) it's relatively new and 2) it's made in rust
>>107067471wtf does this mean for the end useris yt-dlp the best option for downloading videos?
>>107068472They lack compliance with the JS standard and their "sandboxing" is effectively a meme with how easy it is to cause a logical bug in their core Rust primitives>>107069003nigger
>>107069009yes
>>107069009just means that you have to have deno/node/bun installed for it to call into to solve some n/sig challenges
why does jewgle even go to such lengths? youtube is popular enough that someone somewhere will always be working on reverse engineering whatever fuckery they add in the client. meanwhile player performance gets worse every daywhy bother? especially when they could potentially switch to DRM video streams, which would almost definitely put an end to yt-dlp supporting youtube
>>107069780It reaches a point where you have to wonder if stripping the player down wouldn't be a more effective means to break yt-dlp.
based
>>107069009>wtf does this mean for the end useryou have to download a javascript runtime next to yt-dlp to be able to download the higher resolutions>>107069780>why does jewgle even go to such lengthstemporary solution until they can just use your browsers DRM
>>107069780>why does jewgle even go to such lengths?They're probably getting completely buttfucked currently by a million video AI startups trying to download every single video for training data.
>>107067471bashonly is a cool guy.I made a PR to yt-dlp once on a friday afternoon. the same evening it was reviewed, I made some small adjustments and everything was merged the next day.
>>107069780>why does jewgle even go to such lengths?So they can charge for it>someone somewhere will always be working on reverse engineering whatever fuckery they add in the clientAnd they want to push that as far underground as possible>why bother? especially when they could potentially switch to DRM video streamsThey would lose more money from cutting off legacy devices than they would gain by blocking downloadsIt's clear they and other companies want to add draconian DRM (see Web Environment Integrity API, and TPM requirements/integrations), but all attempts have been shot down so far. Unless people draw a line and keep fighting back, it's only a matter of time.
>>107072292kekt
>>107067471which is the simplest dependency to install and sandbox on linux that wasn't written in (((rust)))?
>>107073915tl;dr there isn't oneto install deno on linux you just run a simple install script. not really sure why you're so hung up on it being written in rust. most people just use software without caring what language it was written inbun also requires just running an install script. it's written in C++quickjs publishes binary releases so i think you should be able to just get one of them and use itnode is probably the most annoying one. the "official" instructions are to use `nvm` (node version manager). you just run an install script and then run `nvm install node` which will automatically pull in the latest versionthe only one of these that has extensive sandboxing is deno ( https://docs.deno.com/runtime/fundamentals/security/ ). node has some very rudimentary sandboxing ( https://nodejs.org/api/permissions.html ). quickjs and bun don't have any built-in sandboxing. i think in theory all of these can be sandboxed with a library/plugin that intercepts e.g. fs.write calls but it sounds like a lot of effort for something that will end up being really brittlefinally, i don't know if i'd trust even deno's sandboxing. it's just a very nontrivial problem and i don't think they solved it. in 2024 there were a few vulnerabilities that let you by pass the sandbox ( https://secfault-security.com/blog/deno.html ). they're fixed by now but it's just a sign of what things are like. if you really need it to be properly sandboxed, i think your only option is to run it in docker or a VM. yes it's a huge pain but that's just the way it is
>>107073915>which is the simplest dependency to installdepends on your os/distro, most probably have nodejs available
>>107069003the Deno model doesn't bring much security, because you have to grant all code in the whole app the same permissions, which for any non-trivial app will amount to "mostly everything"
>>107074276Well good thing this is going to be a trivial app whose entire job is to parse an inline script and run some pure functions to calculate and output a signature or someshit
>>107074276In their case it's enough as it doesn't need to be granular, but yeah otherwise the sandbox features are kinda weird
Considering deno's only being used for youtube afaik, any attempts to exploit it would absolutely land youtube in legal hell.I could see concern for other sites using it though, depending how it's implemented. If the maintainers are smart, it should be a last resort and have zero permissions to talk to anything else, with yt-dlp being the sole arbiter of communication.
>>107069009for a windows user just download deno-x86_64-pc-windows-msvc.zip from https://github.com/denoland/deno/releases/latest, unpack the zip and put deno.exe in the same folder as yt-dlp.exe
>>107067471So, does it just search the path for deno, node, bun and whatnot and execute the first one it finds?
>>107077322>I could see concern for other sites using it though, depending how it's implementedEssentially you're allowing arbitrary code execution. With deno you can lock that down that nothing can be done with your OS or that no network calls are made. Not sure if the other js runtimes have that >>107077386think they default to deno and every other has to be explicitly specified
Did they fix the problem with AI dubs and chronic 403 of -f 18?>picrel me trying to use yt-dlp with that stupid page
shit indeed just werks nowbased yt dlp devs dabbing on jewgle once again
How about y'all just stop stealing YouTube videos? Ever thought about that?
yt-dlp -f b >>107078495I just stole your post.
>>107078495Nobody downloads your crap Linux
>>107078556Linus*
>>107078495archiving
>>107078495archiving because even innocent channels get banned by the jews all the time
>>107078495I did think about that, then a bunch of videos I loved disappeared from my favorites list, and now I am never going to let that happen again.
>>107078495How about don't put your video on the internet if you don't want people to watch it dummy
>>107069780There's also an element of breaking "It Just Werks" for normal people.There are these temporary outages of yt-dlp while they adapt to changes in YouTube. For some people, these 1 days breaks and requirements of an update are enough for them to say "it was wigging out on me idk, just pay for it, I have the money for Premium" and other assorted giving up phrases, where they throw in the towel and let Google own them.
>>107078495>stealingNigga is you retarded?
