Skip to content

fix(deps): bump the streaming group with 2 updates #49

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): bump the streaming group with 2 updates #49

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 15, 2025
edited
Loading

Bumps the streaming group with 2 updates: @google-cloud/storage and hls.js.

Updates @google-cloud/storage from 7.17.0 to 7.17.1

Release notes

Sourced from @​google-cloud/storage's releases.

v7.17.1

7.17.1 (2025-08-27)

Bug Fixes

  • Respect useAuthWithCustomEndpoint flag for resumable uploads (#2637) (707b4f2)
Changelog

Sourced from @​google-cloud/storage's changelog.

7.17.1 (2025-08-27)

Bug Fixes

  • Respect useAuthWithCustomEndpoint flag for resumable uploads (#2637) (707b4f2)
Commits

Updates hls.js from 1.6.10 to 1.6.12

Release notes

Sourced from hls.js's releases.

v1.6.12

Summary

HLS.js v1.6.12 includes bug fixes and improvements over the last release.

Changes Since The Last Release

video-dev/hls.js@v1.6.11...v1.6.12

  • Fixed PlayReady regression introduced v1.6.11:
  • Use (incomplete) Widevine PSSH parsing when KEYID attribute missing from playlist KEY tags (#7415) @​yajin2021
  • Multivariant Playlist parsing fixes (#7523) @​robwalch
    • Add missing stats.parsing.end timing to manifest events
    • Use playlist CODECS in mime-type when handling unknown codecs (fixes handling of AIV example content)
  • Setup as audio-only when main segment has no video and CODECS is missing (#7530)
  • Fix live reload failure after empty playlist response (“no EXTM3U delimiter” error) (#7533)

Demo Page

https://37434c54.hls-js-dev.pages.dev/demo/

API and Breaking Changes

If you are upgrading from version v0.14.17 or lower, see the MIGRATING guide for API changes between v0.14.x and v1.0.0.

Feedback

Please provide feedback via Issues in GitHub. For more details on how to contribute to HLS.js, see our CONTRIBUTING guide.

v1.6.11

Summary

HLS.js v1.6.11 includes bug fixes and improvements over the last release.

Changes Since The Last Release

video-dev/hls.js@v1.6.10...v1.6.11

Bug Fixes

  • Fix Interstitial asset events not firing when attaching primary before last asset on PLAYOUT-LIMIT update (#7467) @​robwalch
  • Handle EME key status errors such as "internal-error" and "output-restricted" before appending segments (#7414)
    • Fixes: Playback ends when the "keySystemStatusInternalError" occurs (#7413) @​yajin2021
    • Fixes: HDCP error when playing manifests with both HD and SD levels (#7469) @​mudit2108
  • Defer segment requests when network connection is lost (#7476) @​robwalch
    • Resolves: Regression due to treating HTTP status 0 differently from 404 (#7471) @​Frenzie
  • Fix exception when seeking to program end (#7478) @​robwalch

Tasks

Documentation

... (truncated)

Commits
  • c4d9bf3 Fix "Missing format identifier #EXTM3U" playlist parsing errors
  • 0919731 Merge pull request #7530 from video-dev/bugfix/audio-only-main
  • 0638d9a Setup as audio-only when main segment has no video
  • a3c63bd Multivariant Playlist parsing fixes (#7523)
  • 5a62280 Error handling for PlayReady key with no status change (#7527)
  • 4a334e9 Fix PlayReady key endianness (#7510)
  • 947cbd8 Parse keyid from multi-key widevine PSSH (#7415)
  • 178333c Add ESLint syntax rules to restrict async syntax, no-floating-promises, and n...
  • 82e4695 Improve functional test logs (#7481)
  • b2d7391 Defer segment requests when network connection is lost (#7476)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
fix(deps): bump the streaming group with 2 updates
c7f3800 
Bumps the streaming group with 2 updates: [@google-cloud/storage](https://github.com/googleapis/nodejs-storage) and [hls.js](https://github.com/video-dev/hls.js).


Updates `@google-cloud/storage` from 7.17.0 to 7.17.1
- [Release notes](https://github.com/googleapis/nodejs-storage/releases)
- [Changelog](https://github.com/googleapis/nodejs-storage/blob/main/CHANGELOG.md)
- [Commits](googleapis/nodejs-storage@v7.17.0...v7.17.1)

Updates `hls.js` from 1.6.10 to 1.6.12
- [Release notes](https://github.com/video-dev/hls.js/releases)
- [Changelog](https://github.com/video-dev/hls.js/blob/master/docs/release-process.md)
- [Commits](video-dev/hls.js@v1.6.10...v1.6.12)

---
updated-dependencies:
- dependency-name: "@google-cloud/storage"
  dependency-version: 7.17.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: streaming
- dependency-name: hls.js
  dependency-version: 1.6.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: streaming
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 15, 2025

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot requested a review from code-craka as a code owner September 15, 2025 11:37
@github-actions
Copy link

github-actions bot commented Sep 15, 2025

🤖 AI-Assisted Code Review

🔒 Security Analysis (via CodeQL):

✅ CodeQL scan complete. View security alerts for this PR

🎯 Code Quality Analysis (via ESLint & TypeScript):

✅ No critical ESLint errors found.
⚠️ TypeScript errors detected. Please run pnpm type-check locally to see details.

🎬 StreamVault Specific Reminders:

  • Authentication: Have you tested all user roles (viewer, streamer, admin)?
  • Payments: If you touched Stripe code, did you test the webhook signature?
  • Storage: Are new GCS interactions covered by security rules and signed URLs?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@code-craka code-craka Awaiting requested review from code-craka code-craka is a code owner

Assignees

@code-craka code-craka

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@code-craka