wjplayer
wjplayer copied to clipboard
Published
20 hours ago •
neuron-digital
neuron-digital
chore(deps): update dependency video.js to v7 [security]
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| video.js (source) | 5.19.2 -> 7.14.3 |
GitHub Vulnerability Alerts
CVE-2021-23414
This affects the package video.js before 7.14.3. The src attribute of track tag allows to bypass HTML escaping and execute arbitrary code.
Release Notes
videojs/video.js (video.js)
v7.14.3
Bug Fixes
- don't add anchor to DOM for getAbsoluteURL (#7336) (b483a76)
- remove IE8 url parsing workaround (#7334) (b3acf66)
v7.14.2
Bug Fixes
v7.14.1
Bug Fixes
- package: update to VHS 2.9.2 (#7320) (fff0611)
- all !important properties of vjs-lock-showing (#7312) (508a424)
- properly return promise from requestFullscreen and exitFullscreen (#7299) (3921b7f), closes #7298
- remove loading spinner on ended (#7311) (14da28d), closes videojs/http-streaming#1156
Chores
Documentation
v7.14.0
Features
7.13.4 (2021-06-30)
Bug Fixes
- lang: add some translations to es.json (#6822) (fbcfb7b)
- throw error on muted resolution rejection during autoplay (#7293) (f9fb1d3)
- event: event polyfill detection compatibility with react-native-web (#7286) (a221be1), closes #7259
- lang: improve Hungarian translation (#7289) (0f70787)
Chores
7.13.3 (2021-06-23)
Chores
- republish with VHS 2.9.1 (4b50f82)
7.13.2 (2021-06-22)
Bug Fixes
7.13.1 (2021-06-14)
Bug Fixes
v7.13.4
Bug Fixes
- lang: add some translations to es.json (#6822) (fbcfb7b)
- throw error on muted resolution rejection during autoplay (#7293) (f9fb1d3)
- event: event polyfill detection compatibility with react-native-web (#7286) (a221be1), closes #7259
- lang: improve Hungarian translation (#7289) (0f70787)
Chores
v7.13.3
Chores
- republish with VHS 2.9.1 (4b50f82)
v7.13.2
Bug Fixes
v7.13.1
Bug Fixes
v7.13.0
Features
- Add helper classes for 9:16 and 1:1 (#7219) (35ad17a)
- Add normalizeAutoplay option to treat autoplay: true as autoplay: "play" (#7190) (b4ad93a)
- Add option to use full window mode instead of using tech's fullscreen (#7218) (b86f083)
- update to VHS@2.9.0 and mpd-parser@0.17.0 (#7269) (2ea05b4)
- package: add VHS deps as Video.js deps (#7263) (39de502), closes #7091 #7209 #7144 #7109
- player: Add playbackRates() method (#7228) (6259ef7), closes #7198
Documentation
7.12.4 (2021-06-02)
Bug Fixes
- allow Video.js to be required in an env without setTimeout (#7247) (8082c5a)
- player: accept data for fullscreenchange and error events from the tech (#7254) (41d5eb3)
- seek-bar: remove event listener on dispose (#7258) (c70c298)
Chores
- component: update comment around triggering ready in component (#7256) (11ac0b9)
- Update sass and remove now deprecated / for division. (#7253) (b3503c9), closes #7244
7.12.3 (2021-05-20)
Bug Fixes
Chores
7.12.2 (2021-05-19)
Bug Fixes
- update to VHS 2.8.1 (#7238) (c4cfa55)
- utils: add try and catch for computedStyle (#7214) (90ce2d7)
- Better text for exit fullscreen (#7183) (0e46624)
- Don't hide menus with one item and a title (#7215) (d4a08de)
- exit full window mode with Esc key (#7224) (e9953e5)
- incorrect focus styles on selected MenuItem (#7202) (06cdb6f), closes #7200
- make Playback Rate control work better with screen readers (#7193) (17919ce), closes #7121
- silence play promise in the play toggle. (#7189) (2c6e439), closes #6998
- user and programmatic seeks with live streams (#7210) (39485fc)
Chores
- update 'global' package in dependencies (#7213) (cb1d29b)
- update node/nvmrc and various dependencies (#7221) (90f3e39), closes #7216 #6933 #6924 #7179
7.12.1 (2021-04-13)
Bug Fixes
- package: remove remove (#7177) (9abba58), closes #7176
- package: update vtt.js to allow server-side-rendering (#7178) (a3bfeb7)
- package: upgrade VHS to 2.7.1 (#7174) (f0d69cd)
v7.12.4
Bug Fixes
- allow Video.js to be required in an env without setTimeout (#7247) (8082c5a)
- player: accept data for fullscreenchange and error events from the tech (#7254) (41d5eb3)
- seek-bar: remove event listener on dispose (#7258) (c70c298)
Chores
- component: update comment around triggering ready in component (#7256) (11ac0b9)
- Update sass and remove now deprecated / for division. (#7253) (b3503c9), closes #7244
v7.12.3
Bug Fixes
Chores
v7.12.2
Bug Fixes
- update to VHS 2.8.1 (#7238) (c4cfa55)
- utils: add try and catch for computedStyle (#7214) (90ce2d7)
- Better text for exit fullscreen (#7183) (0e46624)
- Don't hide menus with one item and a title (#7215) (d4a08de)
- exit full window mode with Esc key (#7224) (e9953e5)
- incorrect focus styles on selected MenuItem (#7202) (06cdb6f), closes #7200
- make Playback Rate control work better with screen readers (#7193) (17919ce), closes #7121
- silence play promise in the play toggle. (#7189) (2c6e439), closes #6998
- user and programmatic seeks with live streams (#7210) (39485fc)
Chores
- update 'global' package in dependencies (#7213) (cb1d29b)
- update node/nvmrc and various dependencies (#7221) (90f3e39), closes #7216 #6933 #6924 #7179
v7.12.1
Bug Fixes
- package: remove remove (#7177) (9abba58), closes #7176
- package: update vtt.js to allow server-side-rendering (#7178) (a3bfeb7)
- package: upgrade VHS to 2.7.1 (#7174) (f0d69cd)
v7.12.0
Features
- package: update VHS to 2.7.0 (#7164) (0d47306)
- Add a mouse volume tooltip (#6824) (b2edfd2)
- Add a player option
noUITitleAttributesto prevent title attributes in the UI (#7134) (5f59391), closes #6767 - enable responsive controls on fullscreen (#7098) (239c9a1)
- retry on error (#7038) (22e9843), closes #1805
Bug Fixes
Chores
Performance Improvements
7.11.8 (2021-03-23)
Bug Fixes
Documentation
7.11.7 (2021-03-12)
Bug Fixes
7.11.6 (2021-03-09)
Bug Fixes
- add display block to all buttons icon placeholder (#7094) (45eef66), closes #6989
- clear progress control related rAFs when tab is hidden (#7099) (134f039), closes #7086
- do not preload default text track if preloadTextTracks is false (#7021) (b76e816), closes #7019
- focus-visible shouldn't change background styles (#7113) (1b52e7b)
- package: update to videojs/http-streaming 2.6.3 (#7129) (8d0c601)
- try enabling liveui on canplay (#7114) (3d676d6), closes #7034
Chores
Documentation
- Add liveTracker options to options guide (#7097) (6336e57)
- fix broken blogpost urls (#7106) (dd0c675)
Tests
7.11.5 (2021-02-04)
Bug Fixes
- dom: account for translated parent in pointer position on iOS (#7079) (542cead)
- dom: stop findPosition at a fullscreenElement (#7074) (541f2e5)
7.11.4 (2021-01-26)
Bug Fixes
7.11.3 (2021-01-25)
Bug Fixes
- lang: Update nn.json (#7054) (4a9e1ab)
- only preventDefault if event is cancelable (#7063) (b13cb07)
- fs: make sure handlers are unique per player (#7035) (dceedb6), closes #7013
- time-display: fix IE11 appending times instead of replacing (#7059) (ed3c54d)
- better evented validation and error messages (#6982) (ffb690a)
- prevent dispose error and text track duplicate listeners (#6984) (db46578)
Chores
Documentation
7.11.2 (2021-01-14)
Bug Fixes
- set liveWindow to 0 liveCurrentTime is Infinity (#7034) (330c82c)
- player: Ensure fluid works when dimensions not initially known (#7023) (661962c), closes #6939
Chores
Documentation
- Add note to legacy notes (#7022) (f87297b)
- faq: fixup autoplay blogpost url (#7027) (a000fed), closes #6905
Tests
7.11.1 (2020-12-22)
Features
Bug Fixes
- MapSham: fix set method to use map property (#7000) (a35a121)
- package: update to @videojs/http-streaming@2.4.1 (#7010) (ead775b)
- clear readyQueue with dispose (#6967) (11d37e2)
- package: update to @videojs/http-streaming@2.4.0 (#6986) (0631f03)
- time-display: add a null check for text node (#6977) (3e30f83), closes #6699 #6700
- play progress time tooltip from jittering during live (#6968) (799616d)
- rollup: browser globals shouldn't be external (#6954) (63752f3), closes #6443 #6272 #6212 #5680
Chores
Documentation
v7.11.8
Bug Fixes
Documentation
v7.11.7
Bug Fixes
v7.11.6
Bug Fixes
- add display block to all buttons icon placeholder (#7094) (45eef66), closes #6989
- clear progress control related rAFs when tab is hidden (#7099) (134f039), closes #7086
- do not preload default text track if preloadTextTracks is false (#7021) (b76e816), closes #7019
- focus-visible shouldn't change background styles (#7113) (1b52e7b)
- package: update to videojs/http-streaming 2.6.3 (#7129) (8d0c601)
- try enabling liveui on canplay (#7114) (3d676d6), closes #7034
Chores
Documentation
- Add liveTracker options to options guide (#7097) (6336e57)
- fix broken blogpost urls (#7106) (dd0c675)
Tests
v7.11.5
Bug Fixes
- dom: account for translated parent in pointer position on iOS (#7079) (542cead)
- dom: stop findPosition at a fullscreenElement (#7074) (541f2e5)
v7.11.4
Bug Fixes
v7.11.3
Bug Fixes
- lang: Update nn.json (#7054) (4a9e1ab)
- only preventDefault if event is cancelable (#7063) (b13cb07)
- fs: make sure handlers are unique per player (#7035) (dceedb6), closes #7013
- time-display: fix IE11 appending times instead of replacing (#7059) (ed3c54d)
- better evented validation and error messages (#6982) (ffb690a)
- prevent dispose error and text track duplicate listeners (#6984) (db46578)
Chores
Documentation
v7.11.2
Bug Fixes
- set liveWindow to 0 liveCurrentTime is Infinity (#7034) (330c82c)
- player: Ensure fluid works when dimensions not initially known (#7023) (661962c), closes #6939
Chores
Documentation
- Add note to legacy notes (#7022) (f87297b)
- faq: fixup autoplay blogpost url (#7027) (a000fed), closes #6905
Tests
v7.11.1
Features
Bug Fixes
- MapSham: fix set method to use map property (#7000) (a35a121)
- package: update to @videojs/http-streaming@2.4.1 (#7010) (ead775b)
- clear readyQueue with dispose (#6967) (11d37e2)
- package: update to @videojs/http-streaming@2.4.0 (#6986) (0631f03)
- time-display: add a null check for text node (#6977) (3e30f83), closes #6699 #6700
- play progress time tooltip from jittering during live (#6968) (799616d)
- rollup: browser globals shouldn't be external (#6954) (63752f3), closes #6443 #6272 #6212 #5680
Chores
Documentation
v7.11.0
Features
- lang: add thai language translations (#6945) (464b971)
- tech: add a scrubbing getter. (#6920) (a803484)
- track: make label property mutable and fire a labelchange event when the label is changed (#6928) (ee0637c)
- trigger languagechange event on a language change (#6891) (a0d09c1)
Bug Fixes
- cast TOUCH_ENABLED to boolean (#6943) (dcce0e9)
- css: set seek to live button's align-items prop to center (#6942) (3901ab0)
- always set tabIndex to restore keydown a11y (#6871) (0140b28), closes #6145 #6870
- menu: focus correct MenuItem on keyboard open (#6914) (694fe0f), closes #6912
- package: update to @videojs/http-streaming@2.3.0 (#6941) (f74e45b)
Chores
Documentation
7.10.2 (2020-11-04)
Bug Fixes
7.10.1 (2020-10-15)
v7.10.2
Bug Fixes
v7.10.1
7.10.1 (2020-10-15)
v7.10.0
Features
7.9.7 (2020-10-06)
Bug Fixes
- text-track: don't overlap captions when font-size changes (#6874) (affc061), closes /github.com/videojs/video.js/commit/4e5c28cc561487ff29394d19dce3a420675e4f9d#diff-8169d53aa7eee6cab5f85b6641ef3117R176
7.9.6 (2020-10-01)
Bug Fixes
Documentation
7.9.5 (2020-09-10)
7.9.4 (2020-09-10)
Bug Fixes
Chores
7.9.3 (2020-08-17)
Bug Fixes
- lang: Add PiP to de (#6803) (88850e9)
- tech: add abstract setScrubbing in tech.js (#6808) (c91b510)
Documentation
7.9.2 (2020-07-20)
Bug Fixes
7.9.1 (2020-07-13)
Bug Fixes
v7.9.7
Bug Fixes
- text-track: don't overlap captions when font-size changes (#6874) (affc061), closes /github.com/videojs/video.js/commit/4e5c28cc561487ff29394d19dce3a420675e4f9d#diff-8169d53aa7eee6cab5f85b6641ef3117R176
v7.9.6
Bug Fixes
Documentation
v7.9.5
7.9.5 (2020-09-10)
v7.9.4
Bug Fixes
Chores
v7.9.3
Bug Fixes
- lang: Add PiP to de (#6803) (88850e9)
- tech: add abstract setScrubbing in tech.js (#6808) (c91b510)
Documentation
v7.9.2
Bug Fixes
v7.9.1
Bug Fixes
v7.9.0
Features
- Add a default, plugin-specific logger to advanced plugins (#6693) (f6a66e6)
- add debug mode (#6687) (3d505ef)
- Add named requestAnimationFrame to prevent performance issues (#6627) (6e7cc75), closes #5937
- Add support for CAF, FLAC and WAV formats in known mimetypes (#6657) (8d462bc), closes #5982
- adds disablePictureInPicture method to the player API. (#6378) (dbd5203)
- support fastSeek during scrubbing if available (#6525) (8c66c58)
Bug Fixes
- add PiP to zh-CN.json (#6680) (d90569f)
- addChild with index should allow for children that are elements (#6644) (0b91f74), closes #6297
- Disable PIP if tech doesn't support it (#6678) (907d1cd), closes #6398
- Fullscreen broken in iOS (#6735) (fdd807b), closes #6707 #6684 #6645
- Use clamp correctly in progress control (#6625) (cad9114)
- fs: don't set player element css props on native fullscreen (#6673) (d6b07f0), closes #6640
- lang: Update pt-BR.json (#6598) (90e2b0f)
- package: update to @videojs/http-streaming@1.13.3 (#6610) (f779bad)
- text-tracks: set withCredentials on XHR if crossOrigin='use-credentials' (#6588) (a4ea1f9), closes #6587
Chores
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}