Unpacking Software Livestream

Join our monthly Unpacking Software livestream to hear about the latest news, chat and opinion on packaging, software deployment and lifecycle management!

Learn More

Chocolatey Product Spotlight

Join the Chocolatey Team on our regular monthly stream where we put a spotlight on the most recent Chocolatey product releases. You'll have a chance to have your questions answered in a live Ask Me Anything format.

Learn More

Chocolatey Coding Livestream

Join us for the Chocolatey Coding Livestream, where members of our team dive into the heart of open source development by coding live on various Chocolatey projects. Tune in to witness real-time coding, ask questions, and gain insights into the world of package management. Don't miss this opportunity to engage with our team and contribute to the future of Chocolatey!

Learn More

Calling All Chocolatiers! Whipping Up Windows Automation with Chocolatey Central Management

Webinar from
Wednesday, 17 January 2024

We are delighted to announce the release of Chocolatey Central Management v0.12.0, featuring seamless Deployment Plan creation, time-saving duplications, insightful Group Details, an upgraded Dashboard, bug fixes, user interface polishing, and refined documentation. As an added bonus we'll have members of our Solutions Engineering team on-hand to dive into some interesting ways you can leverage the new features available!

Watch On-Demand
Chocolatey Community Coffee Break

Join the Chocolatey Team as we discuss all things Community, what we do, how you can get involved and answer your Chocolatey questions.

Watch The Replays
Chocolatey and Intune Overview

Webinar Replay from
Wednesday, 30 March 2022

At Chocolatey Software we strive for simple, and teaching others. Let us teach you just how simple it could be to keep your 3rd party applications updated across your devices, all with Intune!

Watch On-Demand
Chocolatey For Business. In Azure. In One Click.

Livestream from
Thursday, 9 June 2022

Join James and Josh to show you how you can get the Chocolatey For Business recommended infrastructure and workflow, created, in Azure, in around 20 minutes.

Watch On-Demand
The Future of Chocolatey CLI

Livestream from
Thursday, 04 August 2022

Join Paul and Gary to hear more about the plans for the Chocolatey CLI in the not so distant future. We'll talk about some cool new features, long term asks from Customers and Community and how you can get involved!

Watch On-Demand
Hacktoberfest Tuesdays 2022

Livestreams from
October 2022

For Hacktoberfest, Chocolatey ran a livestream every Tuesday! Re-watch Cory, James, Gary, and Rain as they share knowledge on how to contribute to open-source projects such as Chocolatey CLI.

Watch On-Demand

Downloads:

12

Downloads of v 0.0.3:

12

Last Update:

26 Nov 2024

Published Date:

26 Nov 2024

Reviewed Date:

18 Dec 2024

Reviewer:

gravatar

Package Maintainer(s):

Software Author(s):

  • welpo

Tags:

shuku media subtitles dialogue-extraction audio-processing video-processing python language-learning

shuku

(Maintainer responded, waiting for review/Maintainer update)

  • 1
  • 2
  • 3

0.0.3 | Updated: 26 Nov 2024

Downloads:

12

Downloads of v 0.0.3:

12

Published:

26 Nov 2024

Reviewed:

18 Dec 2024

Reviewer:

gravatar

Maintainer(s):

Software Author(s):

  • welpo

shuku 0.0.3

(Maintainer responded, waiting for review/Maintainer update)

Legal Disclaimer: Neither this package nor Chocolatey Software, Inc. are affiliated with or endorsed by welpo. The inclusion of welpo trademark(s), if any, upon this webpage is solely to identify welpo goods or services and not for commercial purposes.

  • 1
  • 2
  • 3

Some Checks Have Failed or Are Not Yet Complete

Not All Tests Have Passed


Validation Testing Passed


Verification Testing Passed

Details

Scan Testing Resulted in Flagged as an Error:

At least one file within this package has greater than 10 detections

Details
IMPORTANT

This version is in moderation and has not yet been approved. This means it doesn't show up under normal search.

  • Until approved, you should consider this package version unsafe - it could do very bad things to your system (it probably doesn't but you have been warned, that's why we have moderation).
  • This package version can change wildly over the course of moderation until it is approved. If you install it and it later has changes to this version, you will be out of sync with any changes that have been made to the package. Until approved, you should consider that this package version doesn't even exist.
  • You cannot install this package under normal scenarios. See How to install package version under moderation for more information.
  • There are also no guarantees that it will be approved.
WARNING

There are versions of this package awaiting moderation (possibly just this one). See the Version History section below.

welpo (maintainer) on 26 Nov 2024 20:32:42 +00:00:

User 'welpo' (maintainer) submitted package.

chocolatey-ops (reviewer) on 26 Nov 2024 21:07:04 +00:00:

shuku has passed automated validation. It may have or may still fail other checks like testing (verification).
NOTE: No required changes that the validator checks have been flagged! It is appreciated if you fix other items, but only Requirements will hold up a package version from approval. A human review could still turn up issues a computer may not easily find.

Guidelines

Guidelines are strong suggestions that improve the quality of a package version. These are considered something to fix for next time to increase the quality of the package. Over time Guidelines can become Requirements. A package version can be approved without addressing Guideline comments but will reduce the quality of the package.

  • Package contains dependencies with no specified version. You should at least specify a minimum version of a dependency. More...
  • ProjectUrl and ProjectSourceUrl are typically different, but not always. Please ensure that projectSourceUrl is pointing to software source code or remove the field from the nuspec. More...
  • Release Notes (releaseNotes) are a short description of changes in each version of a package. Please include releasenotes in the nuspec. NOTE: To prevent the need to continually update this field, providing a URL to an external list of Release Notes is perfectly acceptable. More...
  • Title (title) matches id exactly. Please consider using something slightly more descriptive for the title in the nuspec. More...
Notes

Notes typically flag things for both you and the reviewer to go over. Sometimes this is the use of things that may or may not be necessary given the constraints of what you are trying to do and/or are harder for automation to flag for other reasons. Items found in Notes might be Requirements depending on the context. A package version can be approved without addressing Note comments.

  • The package maintainer field (owners) matches the software author field (authors) in the nuspec. The reviewer will ensure that the package maintainer is also the software author. More...

chocolatey-ops (reviewer) on 26 Nov 2024 21:17:14 +00:00:

shuku has passed automated package testing (verification). The next step in the process is package scanning.
Please visit https://gist.github.com/choco-bot/fed31a7d9e8946d51e26cb407cac62cd for details.
This is an FYI only. There is no action you need to take.

chocolatey-ops (reviewer) on 26 Nov 2024 22:59:13 +00:00:

shuku has been flagged as part of automated virus scanning.
Package virus scanning found that at least 1 file within, or downloaded by, the package has between 6 and 10 VirusTotal detections associated with it.
This package version cannot be approved without an exemption from a Moderator.

Windos (reviewer) on 11 Dec 2024 01:37:01 +00:00:

Rerunning scanner
Scanner Status Change - Virus Scanner has been set to rerun

chocolatey-ops (reviewer) on 11 Dec 2024 02:56:22 +00:00:

shuku has been flagged as part of automated virus scanning.
Package virus scanning found that at least 1 file within, or downloaded by, the package has between 6 and 10 VirusTotal detections associated with it.
This package version cannot be approved without an exemption from a Moderator.

flcdrg (reviewer) on 12 Dec 2024 11:01:10 +00:00:

Please resolve these to allow this package to be approved:

  • A high VirusTotal detection score needs to be investigated, for example checking with the software author. Hopefully it is a false positive, but even open source software is not immune. eg. a 'supply chain' attack could compromise an otherwise innocent application. If the total remains in the range 5-10, then you will need to append a note to the description indicating why there are false positive results for this package.

thanks,
David

welpo (maintainer) on 18 Dec 2024 20:25:08 +00:00:

Hi David!

Thanks for taking a look. I am the software author! (Should I have marked this in some way? I've been looking through the docs but couldn't find an answer.)

The reason it's flagged by AV is I'm using the free version of Nuitka to compile. See relevant discussions:
https://old.reddit.com/r/learnpython/comments/13igjrl/nuitka_hello_world_binary_detected_as_malware_why/
https://github.com/Nuitka/Nuitka/issues/1470
https://github.com/Nuitka/Nuitka/issues/1804
https://github.com/Nuitka/Nuitka/issues/2093

In short: malware creators also use Nuitka, and there's no solution unless one pays for the commercial license (250€/year).

To mitigate concerns, I am using attestations throughout the build process so users can verify the files are created by the GitHub Release Action.

How should I proceed?

  • Any way to mark myself as the package author?
  • Should I add the disclaimer to the description and push again?

Thank you!

—Óscar

flcdrg (reviewer) on 18 Dec 2024 22:31:00 +00:00:

If you're the owner and author then no changes needed there.

Adding a disclaimer to the description with info about potential false positives is recommended. BUT.....

However the VT score has gone up to the highest I've ever seen. 39 when I just checked. It needs to get back down to 10 or lower for it to either be approved or exempted, so that's a blocker at the moment.

David
Scanner Status Change - Virus Scanner has been set to rerun

chocolatey-ops (reviewer) on 18 Dec 2024 22:59:40 +00:00:

shuku has been flagged as part of automated virus scanning.
Package virus scanning found that at least 1 file within, or downloaded by, the package has greater than 10 VirusTotal detections associated with it.
This package is now in a waiting state while you review the findings and provide an updated package, or send a message in the package review box on the package page.

welpo (maintainer) on 26 Dec 2024 23:52:39 +00:00:

Thanks for taking the time help me with this.

I'm trying with pyinstaller. As long as I don't add an icon, I get 6/72 hits on virustotal.

I will update the CD action, test everything works fine and update the version here.

Thanks again!

Description

Designed for language learners, shuku creates dialogue-only versions of media (show episodes, films) using subtitles. Useful to revisit content efficiently and improve comprehension.

Features

  • Create condensed audio, video, and subtitle files based on dialogue
  • Smart audio/subtitle track selection
  • Fuzzy matching for external subtitles
  • Pad subtitle timings for context and smoother transitions
  • Shift subtitle timing without extra tools
  • Skip unwanted subtitle lines (e.g., lyrics or sound effects)
  • Skip chapters (e.g., openings, previews, credits)
  • Smart metadata extraction (season, episode, title)
  • Logging and progress tracking
  • Generate LRC files from subtitles to use with music players
  • Batch processing of multiple files and directories

Note: shuku — from 縮小 (しゅくしょう): "minification"


tools\chocolateyInstall.ps1
$ErrorActionPreference = 'Stop'

$packageName = $env:ChocolateyPackageName
$toolsDir = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
$url = "https://github.com/welpo/shuku/releases/download/v$($env:ChocolateyPackageVersion)/shuku-x86_64-pc-windows-msvc.zip"

$packageArgs = @{
  packageName   = $packageName
  unzipLocation = $toolsDir
  url           = $url
  checksum      = '61573e8b90929f5bb3f9c413bf5615adef85098d095098e9205e8cd5bb50e405'
  checksumType  = 'sha256'
}

Install-ChocolateyZipPackage @packageArgs

Log in or click on link to see number of positives.

In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).

Chocolatey Pro provides runtime protection from possible malware.

Add to Builder Version Downloads Last Updated Status
shuku 0.0.3 12 Tuesday, November 26, 2024
Responded
Discussion for the shuku Package

Ground Rules:

  • This discussion is only about shuku and the shuku package. If you have feedback for Chocolatey, please contact the Google Group.
  • This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
  • The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
  • Tell us what you love about the package or shuku, or tell us what needs improvement.
  • Share your experiences with the package, or extra configuration or gotchas that you've found.
  • If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.
comments powered by Disqus