top | item 42040973

(no title)

wis | 1 year ago

FWIW, It appears one of the people who saw this post asked in a comment in an issue on GitHub [1]:

  > @seproDev unrelated, but what you think about https://news.ycombinator.com/item?id=42040600

.. and one of the main maintainers (ranked #14th by #commits, but a recently active maintainer) replied the following:

  > False positive in virus total. Calling yt-dlp without any arguments makes no web requests.
  > To expand a bit more. Our releases are built with github runners and they report back the sha hash during build. https://github.com/yt-dlp/yt-dlp/actions/runs/11656153929 for the release from yesterday
  > You can see the commit that was built, what we merged in the last couple days, and the hash of the resulting files to check against the files in the release section.
  > Those network requests are likely just other processes on the machine. I remember windows executable would regularly show microsoft servers in the "connections made" list due to windows update and telemetry still running.

[1] https://github.com/yt-dlp/yt-dlp/issues/11451#issuecomment-2...

discuss

dqv|1 year ago

Can you link to the issue?

wis|1 year ago

Sure: https://github.com/yt-dlp/yt-dlp/issues/11451#issuecomment-2...

I edited my reply too.

Edit: I'd caution against spamming the maintainers though (not caution you specifically), the possibility of that happening is what swayed me to not post the link originally.

unknown|1 year ago

[deleted]