[Snyk] Upgrade shaka-player from 4.12.10 to 4.13.1

[josephggd]

Snyk has created this PR to upgrade shaka-player from 4.12.10 to 4.13.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.

• The recommended version was released a month ago.

Release notes

Package name: shaka-player

• 4.13.1 - 2025-01-29
  

  4.13.1 (2025-01-29)

  Bug Fixes

  • DASH: Fix DASH_DUPLICATE_REPRESENTATION_ID error when using supplemental codec (#7961) (b183197)
  • DASH: Fix Dolby Atmos detection (#7966) (09c7faa)
  • Fix AC-3 playback on Tizen 3.0 devices (#7969) (3a91bf0)
  • Fix AC-3 playback on Tizen 3.0 devices when transmuxing (#7972) (933052e)
  • Fix playback with Apple Media Keys polyfill detection (#7958) (3f1fdbe)
  • Fix select label audio when using selectAudioLanguage (#7970) (24608ff)
  • HLS: Fix redirect management at media playlist level (#7944) (b564979)
  • net: Add 304 as successful request (#7963) (4dd0029)
  • Use audio label on ExampleBasedCriteria (#7971) (ac3b8dd)
• 4.13.0 - 2025-01-23
  

  4.13.0 (2025-01-23)

  Features

  • ABR: Use PiP window size when using documentPictureInPicture (#7880) (c232867)
  • ABR: Use PiP window size when using requestPictureInPicture (#7882) (a583c4a)
  • Add 'downloadcompleted' event (#7609) (13186bd), closes #7608
  • Add adaptation set criteria factory configuration (#7886) (6e4bfdf), closes #7768
  • Add basic support for the Common Access Token (#7651) (c10b796)
  • Add configuration to ignore SCTE214 supplemental codecs (#7717) (e1d1d19)
  • Add downloadcompleted event description (#7615) (0db5813)
  • Add new error code for missing EME support (#7596) (3a83e76)
  • Add streaming.preferNativeDash config (#7737) (27976f1)
  • add support for multiple robustness levels in drm (#7753) (88472b3)
  • Add support for WisePlay DRM (#7854) (7ef0f92)
  • Add Watermark Support to Shaka Player UI (#7877) (56523e4)
  • Add watermark to uncompiled mode (#7895) (14c4fe1)
  • Ads: Add basic support to DASH OverlayEvent (#7701) (b704af0)
  • Ads: Add support for images and iframes in interstitials (#7712) (8db876f)
  • Ads: Add support for overlay interstitials (or non-linear ads) (#7657) (70257ff)
  • Ads: Allow OverlayEvents without viewport (#7734) (426090d)
  • Ads: Expose the interstitial player (#7793) (6783ce0)
  • Ads: Parse non-linear VAST ads (#7702) (0c7d204)
  • Ads: Populate getAdId and getMediaUrl for interstitials (#7922) (1a6a0db)
  • Ads: Support HTMLResource on non-linear VAST ads (#7710) (6f4d2d2)
  • Check minHdcpVersion in probeSupport (#7809) (fab3faf)
  • CMCD v2 LTC and MSD keys (#7412) (b2673fd)
  • Create segmentIndex when there is only one variant (#7868) (3a85217)
  • DASH: Extract PlayReady licenseServerUri from PSSH (#7898) (8fda5d8)
  • Demo: Allow storage of MSS-PlayReady in demo (#7801) (8764169)
  • Demo: Display unhandled rejections in demo (#7638) (d7e78f6)
  • HLS: Add support for getting license server url for PlayReady (#7790) (effa244)
  • net: Add originalRequest to shaka.extern.Response (#7857) (59c9989)
  • Offline: Allow downloading some clearkey content without persistent license support (#7811) (50a1851)
  • Save CEA708 caption cues on all windows when deleting/clearing windows (#7909) (19bd472)
  • Simplify the use of low latency (#7748) (6616ff2)
  • Stop setting playbackRate to 0 to control buffering state when streaming.rebufferingGoal = 0 (#7617) (84b64af)
  • UI: Add config to show the audio codec in the audio selector (#7644) (ee72b89)
  • UI: Add option to show the video codec name (#7747) (075c3fd)
  • Update usage of minBufferTime according to the DASH spec (#7616) (2260aa9)
  • Use MSE clearLiveSeekableRange and setLiveSeekableRange when available (#7905) (87d9392)

  Bug Fixes

  • Abort operations only once (#7624) (d407d15)
  • Ads: Always fire CUEPOINTS_CHANGED when not using multi video elements (#7584) (a4d0fc8)
  • Ads: Always set endTime for MPD Alternate (#7583) (16580ea)
  • Ads: Apply X-PLAYOUT-LIMIT to entire interstitial (#7804) (e40341c)
  • Ads: Avoid adding custom interstitials without URI (#7696) (743b451)
  • Ads: Avoid skip interstitial when is not allowed (#7686) (7be22db)
  • Ads: Calculate the mimeType in an earlier step so that there is no impact on the ad playback (#7742) (c113738)
  • Ads: Disable interstitials when playing an interstitials (#7621) (7401adf)
  • Ads: Don't allow play an overlay video ad using the base video (#7740) (172e713)
  • Ads: Don't dispatch cue points changed if it is an overlay (#7695) (eb4a45e)
  • Ads: Don't try to play Image and HTML overlay interstitials (#7697) (87cbf4d)
  • Ads: Fix ad position by default (#7659) (ef2c7eb)
  • Ads: Fix bad static overlay ad position (#7735) (e4825c3)
  • Ads: Fix behavior when user JUMPS across more than one interstitial (#7667) (4aa9306)
  • Ads: Fix id of X-ASSET-LIST (#7662) (79b1536)
  • Ads: Fix post-roll playback (#7663) (9fd349a)
  • Ads: Fix unnecessary request when using VAST (#7660) (d09cd7e)
  • Ads: Fix usage of ENABLE-SKIP-AFTER and ENABLE-SKIP-FOR (#7677) (8048d02)
  • Ads: Fix usage of ENABLE-SKIP-FOR in Interstitals (#7652) (46ab1cb)
  • Ads: Fix VAST_INVALID_XML error code (#7593) (c1e26ea)
  • Ads: Limit static overlay playback to the timeline (#7741) (eff0aef)
  • Ads: Only display the secondary video if necessary (#7709) (072acf0)
  • Ads: Prevent playing the same ad twice (#7585) (10659c5)
  • Ads: Remove iframe border in overlays (#7738) (60c88eb)
  • Ads: Stop properly interstitial ads (#7708) (f186185)
  • Ads: Update Alternative MPD to match the latest spec (#7706) (cd78811)
  • Ads: Use region.id as id for Alternative MPD interstitial (#7671) (18ed02c)
  • Allow set maxLatency and minLatency to 0 (#7704) (4744d1e)
  • Allow the user to disable subtitles while paused (#7578) (f41c65d)
  • Avoid setAppendWindow when the window is Infinity (#7923) (c75ebd7)
  • Avoid stack overflow when stringifying objects (#7721) (90e47eb), closes #7435
  • Avoid useless MSE reset when transmuxing muxed content (#7818) (cc930a8)
  • Calculate timeToFirstByte before fire the event 'downloadheadersreceived' (#7605) (0fc5316), closes #7604
  • Cast: Incorrect detection of MediaCapabilities on Linux Chromecast (#7628) (bc0b9f2)
  • CEA: Fix multi byte language support in CEA-708 (#7837) (5b13332)
  • CEA: Fix multi byte language support in CEA-708 (#7929) (3856c58)
  • Codec switch reload - apply boundaries correctly (#7700) (8dd9d20), closes #7595
  • DASH: Change fallback presentation delay (#7918) (b9eabe5)
  • DASH: Error due to deleted stream (#7723) (0ca6ff7)
  • dash: Fix $Time$ usage with SegmentTemplate (#7849) (abd6d8b)
  • DASH: Fix Dolby Atmos detection when there is not SupplementalProperty (#7847) (cf581cd)
  • DASH: Fix playback after DASH period eviction (#7603) (d8a14b0)
  • DASH: Ignore early segments in a period (#7910) (c7a93d7)
  • DASH: Notify time range with the fitted timeline (#7911) (a89ee1a)
  • Detect mov extension as video/quicktime (#7884) (b0be779)
  • Detect smooth codec switch support on Apple devices (#7678) (f765e05)
  • Disable live sync when the stream is paused (#7579) (89267cc)
  • Disable smooth codec switch on Tizen 8 (#7614) (cd6aae7)
  • Disable smooth codec switch on webOS 6 (#7636) (93e6921)
  • Docs: Remove info about small/large gaps from manual (#7762) (9234e44)
  • Don't ignore the license server in manifest when another key-system has license server in configuration (#7797) (ae34b68)
  • Fix cast support for HLG HDR (#7632) (f964708)
  • Fix CBCS support in recent WebOS (#7647) (137f256)
  • Fix change timestampOffset on discontinuities when not necessary (#7823) (d3238dd)
  • Fix ClearKey license on old CDMs (#7816) (fe1f35b)
  • Fix gaps produced by the transmuxer (#7822) (934bdff)
  • Fix isEnded for live streams (#7866) (5e5e5a8)
  • Fix isEnded when is not fullyLoaded (#7883) (7e6116f)
  • Fix missing EMSG events (#7839) (e6ca059)
  • Fix normalized codec for VP9 (#7645) (f2061e4)
  • Fix parameters lost during codec switch (#7630) (7837b60)
  • Fix playback on Apple devices without ManagedMediaSource (#7669) (ff7c465), closes #7666
  • Fix SEGMENT HEAD requests, compatibility with Cast SDK (#7851) (b153a9c), closes #7600
  • Fix select spatial audio when using selectAudioLanguage (#7846) (c5dc5f4)
  • Fix setLiveSeekableRange when the seekable range is too short (#7916) (30be525)
  • Fix support for supplemental codecs (Dolby Vision) (#7720) (279e6cd)
  • Fix unload call after destroy (#7690) (18652b6)
  • Fix usage of keySystemsMapping (#7736) (79a481e)
  • Fix video progress events accuracy (#7654) (5f8e958)
  • Follow the configured playRange for src= (#7825) (b22e546)
  • Forbid usage of instanceof ArrayBuffer (#7653) (55b7bd0), closes #6279
  • HLS: Assign EXT-X-TILES to segment tags (#7864) (851308c)
  • HLS: Correctly identify webvtt subtitles with cmft extension (#7791) (7ef5e62)
  • HLS: Disable audio/video correctly when loading a TS media playlist (#7815) (626591e)
  • HLS: Disable text correctly when loading a media playlist (#7840) (0fa17f6)
  • HLS: Do not use EXT-X-PROGRAM-DATE-TIME on vod when there is only video or audio (#7802) (fe94b6b)
  • HLS: Fix audio detection when there is no audio data but it appears in PMT (#7838) (34b69fa)
  • HLS: Fix playback of raw AAC (#7641) (1d9ac65)
  • HLS: Fix subtitle timing (#7625) (9e2b15e)
  • HLS: Fix subtitle timing when no discontinuity but there is X-TIMESTAMP-MAP (#7681) (7afe08e)
  • HLS: Fix timestamp offset for raw formats when using segments mode (#7819) (bd29645)
  • HLS: Ignore errors when try to detect CC (#7668) (5be0fc4)
  • HLS: Omit daterange without START-DATE in order to avoid errors (#7841) (bc0e1c6)
  • Offline: Allow downloading AES content (#7827) (21bbd93)
  • Offline: Allow storage of MSS streams (#7799) (bc41643)
  • Offline: Fix download HLG tracks when using AUTO hdr level (#7865) (0eedbc9)
  • Offline: Fix some aborted downloads continue to download (#7842) (fb8086b)
  • Only create TextTrack of SimpleTextDisplayer when necessary (#7913) (9e71a01)
  • Prefer Dolby Vision p5 over Dolby Vision p8 (#7745) (60429e9)
  • Prefer SimpleTextDisplayer on iOS (#7569) (bd2c9a7)
  • preload: Wait for drm keys when preloading (#7698) (a1e2f0a), closes #7520
  • PS5: Prevent uncaught promise rejections when requests are aborted (#7637) (09cfac2)
  • re-open the MediaSource if readyState is not open when the init() method is called. (#7783) (6610fa3)
  • Remove useless calls to isTypeSupported (#7817) (bd99632)
  • Remove useless deprecation in UITextDisplayer and add some guards in SimpleTextDisplayer (#7805) (fd78ec4)
  • Silence aborted errors from PreloadManager. (#7619) (f277f2c), closes #7618
  • Silence uncaught rejection errors when closing EME sessions (#7881) (bc6a79f)
  • Timeout unfulfilled request to decodingInfo and requestMediaKeySystemAccess (#7682) (07894ec), closes #7680
  • Transmuxer: Fix transmuxer with overflow data (video nalus and aac samples) between PES (#7813) (77c4251)
  • tXml: Fix findChildrenNS when the namespace is in the element (#7896) (bcff34c)
  • UI: Allow 1x playback rate when default playback rate is not x1 (#7787) (724166e)
  • UI: Allow pause non-linear video ads (#7699) (2953b6f)
  • UI: Change to use legacy css format to support old TVs (#7658) (e03dfc6)
  • UI: Do not show codec name when the same codec is used for the same language (#7643) (87f6aa6)
  • UI: Fix exception while casting to mismatched player version (#7631) (c9534a0)
  • UI: Fix handle of seek on MediaSession (#7879) (57992b2)
  • UI: Fix playback rate resets when pausing or playing the video (#7728) (6e382ce)
  • UI: Hide ad counter when the ad is non-linear (#7718) (effaf95)
  • UI: Hide ad position when the ad is non-linear (#7711) (8566836)
  • UI: Show Dolby Atmos name in the UI (#7848) (a0848f7)
  • UI: Show presentation time when playing non-linear ads (#7707) (d00ea51)
  • UI: Use trickPlay method to control the playback rate (#7580) (70c2fda)
  • UI: Video starts playing automatically when selecting a playback rate (#7786) (

[changeset-bot]

⚠️ No Changeset found

Latest commit: c0ae63c

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR