Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Project dependencies may have API risk issues #4

Open
PyDeps opened this issue Oct 27, 2022 · 1 comment
Open

Project dependencies may have API risk issues #4

PyDeps opened this issue Oct 27, 2022 · 1 comment

Comments

@PyDeps
Copy link

PyDeps commented Oct 27, 2022

Hi, In Netflix-4K-Script, inappropriate dependency versioning constraints can cause risks.

Below are the dependencies and version constraints that the project is using

astroid==1.5.3
beautifulsoup4==4.4.1
certifi==2017.4.17
chardet==3.0.3
colorama==0.3.9
cssutils==1.0.2
dnspython==1.15.0
enum34==1.1.6
future==0.16.0
idna==2.5
isort==4.2.14
lazy-object-proxy==1.3.1
lxml==3.8.0
mccabe==0.6.1
protobuf==3.0.0b2
pycaption==1.0.0
pycryptodomex==3.4.6
pylint==1.7.1
pysubs2==0.2.1
requests==2.17.3
six==1.10.0
tqdm==4.14.0
urllib3==1.21.1
wrapt==1.10.10
xmltodict==0.11.0

The version constraint == will introduce the risk of dependency conflicts because the scope of dependencies is too strict.
The version constraint No Upper Bound and * will introduce the risk of the missing API Error because the latest version of the dependencies may remove some APIs.

After further analysis, in this project,
The version constraint of dependency colorama can be changed to ==0.1.
The version constraint of dependency colorama can be changed to >=0.1.3,<=0.1.6.
The version constraint of dependency colorama can be changed to ==0.1.10.
The version constraint of dependency colorama can be changed to >=0.1.13,<=0.1.14.
The version constraint of dependency colorama can be changed to >=0.1.16,<=0.4.5.
The version constraint of dependency requests can be changed to >=2.8.0,<=2.15.1.
The version constraint of dependency urllib3 can be changed to >=1.12,<=1.26.9.

The above modification suggestions can reduce the dependency conflicts as much as possible,
and introduce the latest version as much as possible without calling Error in the projects.

The invocation of the current project includes all the following methods.

The calling methods from the colorama
colorama.init
The calling methods from the requests
requests.packages.urllib3.disable_warnings
requests.Session.post
requests.post
urllib3.util.connection.create_connection
requests.get
requests.put
urllib3.exceptions.NewConnectionError
requests.Session.get
urllib3.exceptions.ConnectTimeoutError
requests.Session
The calling methods from the urllib3
urllib3.util.connection.create_connection
urllib3.exceptions.NewConnectionError
urllib3.exceptions.ConnectTimeoutError
The calling methods from the all methods
self.session.binascii.hexlify.decode
commandline.append
pywidevine.cdm.formats.wv_proto2_pb2.SignedMessage.ParseFromString
self.__set_master_token
App
os.remove
parsed_init_data.text_format.MessageToString.splitlines
get_movie_name.replace.replace.replace.replace.replace.replace
google.protobuf.internal.decoder._DecodeVarint
episode.replace.replace
Cryptodome.Util.Padding.unpad
requests.get
dns.resolver.Resolver.query
self.read_bytes_raw
audio_track.copy
self.get_filename
self.get_track_download_thread
thread.join
pysubs2.SSAFile.from_string.save
logging.getLogger.addHandler
start.replace.replace
serial_title.replace.replace.replace.replace
pywidevine.clients.netflix.profiles.NetflixProfiles.get_all
self.__load_msl_data
popenobj.stdout.readline
base64key_decode
pywidevine.cdm.formats.wv_proto2_pb2.SignedMessage
Cryptodome.Cipher.AES.new.decrypt
json.dumps
get_movie_name.replace
key.Type.wv_proto2.License.KeyContainer.KeyType.Name.encode
re.split
wx.Frame.__init__
episode.str.zfill
base64.urlsafe_b64decode
self.chc54c.SetFont
vt.get_filename.replace
line.strip
self.find_str
pywidevine.decrypt.wvdecryptconfig.WvDecryptConfig
A.A.mp4dump.replace.replace.replace.replace
join
Cryptodome.Hash.HMAC.new.hexdigest
self.st94c.SetFont
logging.getLogger.setLevel
self.session.post
self.get_track_download_thread_audio
self.SetSizeHints
get_movie_name.replace.replace.replace.replace.replace
cls
self.st84c.SetFont
self.__parse_crypto_keys
pywidevine.cdm.formats.wv_proto2_pb2.SignedLicense
requests.Session
service_certificate.text_format.MessageToString.splitlines
self.txm17c.GetValue.split
os.path.isfile
subprocess.Popen.poll
subtitle_track.get_filename
self._parse_init_data
Cryptodome.Random.random.randrange
self.bt55c.SetLabel
self.isEnabledFor
self.config.gf.region_get
self.client.finagle_subs.replace
message.split
self._log
self.encryption_key.base64.standard_b64encode.decode.encode
first_payload_encryption_envelope.encode.base64.standard_b64encode.decode
TaggedReader.read_all_tags
self.__sign
pywidevine.clients.netflix.subs.to_srt
session.keys.append
requests.post
google.protobuf.symbol_database.Default.RegisterMessage
urllib3.util.connection.create_connection
self.Show
cls.from_file
self.st54c.SetLabel
Cryptodome.Hash.SHA256.text.encode.self.sign_key.HMAC.new.digest
resp.base64.standard_b64decode.decode
pywidevine.cdm.formats.wv_proto2_pb2.FileHashes.ParseFromString
self.st64c.SetFont
realPath.replace.replace
google.protobuf.descriptor.EnumValueDescriptor
session_id.encode.encode
first_payload_encryption_envelope.self.__sign.decode
pywidevine.cdm.formats.wv_proto2_pb2.SignedLicenseRequestRaw.MessageType.Value
pycaption.DFXPReader
file_.read
A.A.mp4dump.replace.replace
datetime.datetime.utcfromtimestamp
file_.close
key.pss.new.sign
json.JSONEncoder.encode.encode
audio.append
episode.replace.replace.replace.replace.replace.replace
_b
self.SetTitle
subtitle_track.get_filename.replace
requests.packages.urllib3.disable_warnings
pywidevine.cdm.formats.wv_proto2_pb2.LicenseRequest.RequestType.Value
self.cdm.provide_license
open
pssh.base64.b64encode.decode
argparse.ArgumentParser.parse_args
stdoutdata.decode.encode
episode.replace.replace.replace
pywidevine.cdm.formats.wv_proto2_pb2.WidevineCencHeader.ParseFromString
convert_time
open.write
audio_languages.append
google.protobuf.descriptor.FileDescriptor
self.st84c.SetLabel
Cryptodome.PublicKey.RSA.generate
globals
encrypted_sign_key.cipher_rsa.decrypt.decode
episode.replace.replace.replace.replace
self.__perform_key_handshake
self.logger.info
self.encryption_key.base64.standard_b64encode.decode.decode
str
self.client_config.config.wvdl_cfg.COOKIES_FOLDER.self.load_file.decode
self.do_ffmpeg_fix
TaggedReader
self.cdm.get_keys
pywidevine.cdm.formats.wv_proto2_pb2.WidevineCencHeader
KID.upper.upper
header_encryption_envelope.self.__sign.decode
append_subs
self.file_exists
self.ck66c.IsChecked
Cryptodome.Util.Padding.pad
threading.Thread.start
audio_tracks_flattened.append
self.Layout
pywidevine.cdm.formats.wv_proto2_pb2.License.KeyContainer.KeyType.Name
self.Centre
srt_subs.replace.replace
pywidevine.cdm.formats.wv_proto2_pb2.SignedLicenseRequest
fn.format
self.bt65c.SetLabel
format
wvdl_ats.append
Cryptodome.Cipher.PKCS1_OAEP.new
Cryptodome.Hash.SHA1.new
subtitle.values
self.__decrypt_payload_chunk
msl_data.base64.standard_b64decode.decode
Cryptodome.Hash.CMAC.new.update
self.rsa_key.publickey
Cryptodome.Hash.HMAC.new.update
license_request.Msg.SerializeToString
s.content_re.re.search.group
iv.base64.standard_b64encode.decode
Cryptodome.Util.Padding.pad.encode
argparse.ArgumentParser
print
pywidevine.clients.netflix.client.NetflixClient
os.path.realpath
prev_content.append
pywidevine.cdm.formats.wv_proto2_pb2.SignedDeviceCertificate.ParseFromString
self.config.gf.region_set
pycaption.DFXPReader.read
Cryptodome.Cipher.AES.new
difference.total_seconds.total_seconds
perms.ListFields
self.__process_wv_keydata
pywidevine.cdm.formats.wv_proto2_pb2.ClientIdentification
logging.Formatter
re.search
Cryptodome.Hash.CMAC.new
pycaption.SRTWriter
pywidevine.decrypt.wvdecrypt.WvDecrypt.update_license
pywidevine.cdm.formats.wv_proto2_pb2.SignedDeviceCertificate
pywidevine.cdm.formats.wv_proto2_pb2.FileHashes
self.__parse_rsa_wrapped_crypto_keys
self.client.get_license
data1.base64.standard_b64encode.decode
ciphertext.base64.standard_b64encode.decode
isinstance
start.replace.split
payload.encode
exit
challenge.base64.b64encode.decode
wx.Button
requests.get.raise_for_status
Cryptodome.Random.random.choice
ass_subs.info.update
base64.b64encode
self.client.get_track_and_init_info
base64.b64decode
base64.standard_b64encode
len
pysubs2.SSAFile.from_string
pywidevine.cdm.formats.wv_proto2_pb2.SignedLicenseRequest.SerializeToString
requests.put
episode.replace.replace.replace.replace.replace.replace.replace
wx.TextCtrl
google.protobuf.text_format.MessageToString
pysubs2.Color
google.protobuf.reflection.GeneratedProtocolMessageType
episode.replace.replace.replace.replace.replace
open.close
header_data.append
self.st44c.SetFont
pywidevine.cdm.formats.wv_proto2_pb2.SignedLicenseRequestRaw
time.sleep
self.cdm_session.self.cdm.get_license_request.base64.b64encode.decode
line.strip.split
self.client.finagle_subs
self.__save_rsa_keys
pywidevine.cdm.formats.wv_proto2_pb2.SignedLicenseRequest.MessageType.Value
self.SetTopWindow
self.main.Show
Cryptodome.Hash.HMAC.new
end.replace.replace
google.protobuf.descriptor.EnumDescriptor
f.startswith
wvdl_sts.insert
audio_tracks.append
self.wvdecrypt_process.wait
threading.Thread
json.JSONDecoder.decode
zlib.decompress
range
self.session.get
os.path.basename
use_captions.update
self.log_message
pycaption.SRTWriter.write
self.st74c.SetLabel
self.logger.error
f.write
self.read_tag
output_file.format.format
wx.CheckBox
self.__save_msl_data
self.rsa_key.publickey.exportKey.base64.standard_b64encode.decode
colorama.init
pywidevine.downloader.wvdownloader.WvDownloader
join.split
self.st74c.SetFont
iter
text.split
s.replace.replace
self.cdm.open_session
payloadchunk.bytes.decode
pywidevine.cdm.formats.wv_proto2_pb2.ClientIdentification.SerializeToString
Cryptodome.Cipher.AES.new.encrypt
audio_track.replace.replace
google.protobuf.internal.enum_type_wrapper.EnumTypeWrapper
license_request.Msg.EncryptedClientId.CopyFrom
re.match
header_encryption_envelope.encode.base64.standard_b64encode.decode
self.encryption_key.base64.standard_b64encode.decode
Exception
vt.get_filename
pywidevine.cdm.formats.wv_proto2_pb2.SignedLicense.ParseFromString
self.__parse_chunked_msl_response.json
self.download_and_convert_subtitle
Cryptodome.PublicKey.RSA.importKey
x.encode
bytearray
Cryptodome.Hash.HMAC.new.digest
ValueError
self.do_merge
Cryptodome.Signature.pss.new
logging.StreamHandler.setFormatter
wx.Choice
pywidevine.clients.netflix.config.NetflixConfig.get_login
self.rsa_key.exportKey
pywidevine.downloader.tracks.SubtitleTrack
Cryptodome.Cipher.PKCS1_OAEP.new.decrypt
wx.StaticText
json.JSONEncoder.encode
self.__compress_data
bytearray.append
subprocess.Popen
serial_title.replace.replace
self.lc7c.IsChecked
self.cdm.set_service_certificate
datetime.datetime.now
next
pywidevine.cdm.formats.wv_proto2_pb2.ProtocolVersion.Value
get_movie_name.replace.replace.replace
popenobj.stdout.readline.decode
input
self.sessions.pop
header.encode.base64.standard_b64encode.decode
self.Bind
set
pywidevine.cdm.formats.wv_proto2_pb2.ClientIdentification.ParseFromString
key.kid.hex
license.Msg.SerializeToString
self.chc64c.SetFont
self.txm17c.SetFont
self.client.get_subtitle_download
license_request.Msg.ClientId.CopyFrom
self.__generate_msl_header.encode
urllib3.exceptions.ConnectTimeoutError
A.A.mp4dump.replace.replace.replace
pywidevine.cdm.session.Session
data.json.dumps.encode
self.__load_rsa_keys
shutil.move
self.get_kid
random.SystemRandom
logging.StreamHandler.setLevel
Cryptodome.Hash.CMAC.new.digest
pywidevine.downloader.wvdownloaderconfig.MUXED_FILENAME.format
base64.standard_b64decode
episode.replace.replace.replace.replace.replace.replace.replace.replace.replace
self.__compress_data.decode
self.st54c.SetFont
IndexError
A.A.mp4dump.replace
permissions.append
self.txm23c.SetFont
enumerate
self.st64c.SetLabel
self.__encrypt.encode
threads.append
self.is_end
wx.Font
pywidevine.cdm.deviceconfig.DeviceConfig
binascii.unhexlify
encrypted_encryption_key.cipher_rsa.decrypt.decode
google.protobuf.descriptor.FieldDescriptor
session.license_request.text_format.MessageToString.splitlines
TaggedReader.read_int
file_.flush
episode.replace.replace.replace.replace.replace.replace.replace.replace.replace.replace
episode.replace.replace.replace.replace.replace.replace.replace.replace
output_file.format.split
audio_track.replace.replace.replace
Cryptodome.Random.get_random_bytes
self.config.build_commandline_list
track.get_filename
re.search.group
get_movie_name.replace.replace.replace.replace
f.read
self.__generate_msl_header
thread.start
os.path.exists
wx.InitAllImageHandlers
self.rsa_key.publickey.exportKey
self.chc84c.GetSelection
self.chc54c.GetSelection
get_movie_name.replace.replace
re.compile
check_pssh
os.path.join
google.protobuf.symbol_database.Default
App.MainLoop
int
serial_title.replace.replace.replace
argparse.ArgumentParser.add_argument
fetch_metadata_movie
master_token.base64.standard_b64decode.decode
self.client.login
self.client.needs_ffmpeg
episode.replace
wx.CallAfter
unformatted_filename.format
license.text_format.MessageToString.splitlines
self.__find_wv_key
json.loads
binascii.hexlify
self.sign_key.base64.standard_b64encode.decode
self.filename.replace
google.protobuf.symbol_database.Default.RegisterFileDescriptor
wx.CheckListBox
text.encode
file_.write
self.logger.debug
io.BytesIO.getvalue
bytes
self.client.client_config.config.upper
resp.json.json
pywidevine.downloader.wvdownloader.WvDownloader.run
self.st94c.SetLabel
self.bt65c.SetFont
episodes.append
leading_zeros
key.key.hex
requests.Session.post
pywidevine.downloader.tracks.AudioTrack
self.txm17c.GetValue
pywidevine.cdm.formats.wv_proto2_pb2.EncryptedClientIdentification
self.bt55c.SetFont
subs.append
wx.Point
io.BytesIO
logging.getLogger.error
self.__generate_msl_request_data
re.sub
self.save_file
parseCookieFile
self.load_file
getflix_lookup
self.do_decrypt
get_movie_name
session.device_config.device_private_key_filename.open.read
serial_title.replace.replace.replace.replace.replace
wvdl_sts.append
sorted.values
os.path.dirname
x.encode.decode
audio_track.values
self.logger.logkey
self.chc84c.SetFont
sorted
logging.addLevelName
sys.exit
self.chc64c.GetSelection
quality.replace
math.floor
client_id._FileHashes.CopyFrom
self.client_config.get_proxies
pywidevine.downloader.tracks.VideoTrack
dns.resolver.Resolver
urllib3.exceptions.NewConnectionError
s.end_re.re.search.group
time.time
main
session.license_request.Msg.SerializeToString
logging.getLogger
self.__encrypt
MyFrame.MyFrame
json.JSONDecoder
json.JSONEncoder.encode.replace
bool
self.st66c.SetLabel
Cryptodome.Cipher.PKCS1_OAEP.new.encrypt
data.json.dumps.encode.base64.standard_b64encode.decode
self.read_bytes
KID.upper.lower
platform.system
fetch_metadata
requests.Session.get
pywidevine.cdm.cdm.Cdm
pywidevine.cdm.formats.wv_proto2_pb2.SignedLicense.SerializeToString
self.__generate_msl_request_data_lic
pywidevine.downloader.wvdownloaderconfig.SUBTITLES_FILENAME.format
subprocess.run
self.session.binascii.hexlify.decode.upper
pywidevine.clients.netflix.profiles.NetflixProfiles
self.st44c.SetLabel
wx.Size
s.start_re.re.search.group
dict
track.get_type
list
re.search.split
pywidevine.decrypt.wvdecrypt.WvDecrypt.get_challenge
license_request.Msg.ContentId.CencId.Pssh.CopyFrom
google.protobuf.symbol_database.Default.RegisterEnumDescriptor
mp4dump.stdout.read
re.sub.replace
self.rndm.randint
pywidevine.clients.netflix.config.NetflixConfig
json.JSONEncoder
self.chc74c.SetFont
logging.getLogger.info
subprocess.check_output
child.replace
pywidevine.cdm.formats.wv_proto2_pb2.LicenseType.Value
client_id.text_format.MessageToString.splitlines
google.protobuf.descriptor.Descriptor
pywidevine.downloader.wvdownloaderconfig.WvDownloaderConfig
logging.StreamHandler
audio_track.get_filename
self.__parse_chunked_msl_response
audio_track.replace
pywidevine.decrypt.wvdecrypt.WvDecrypt.start_process
season.str.zfill
self.cdm.get_license_request
pow
self.read_int
self.chc74c.GetSelection
pywidevine.decrypt.wvdecrypt.WvDecrypt
os.listdir
itertools.islice
gzip.GzipFile
pywidevine.cdm.key.Key
data1.encode.encode

@developer
Could please help me check this issue?
May I pull a request to fix it?
Thank you very much.

@TDenisM
Copy link
Owner

TDenisM commented Oct 28, 2022

!IMPORTANT! I'm not the author of this code - I just saved it for the futher digging in it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants