Bump hls.js from 1.6.7 to 1.6.13

[dependabot]

Bumps hls.js from 1.6.7 to 1.6.13.

Release notes

Sourced from hls.js's releases.

v1.6.13

Summary

HLS.js v1.6.13 includes bug fixes and improvements over the last release.

The initPTS fix addresses an edge-case introduced in v1.6.6 with #7311, where hls.js began using MSE timestampOffset in place or remapping media timestamps.

The content protection related fixes address issues resulting from an expectation for a KEYID attribute or a key ID value in the EXT-X-KEY tag or its URI.

Changes Since The Last Release

video-dev/hls.js@v1.6.12...v1.6.13

• Fix seeking back in live with timestamp wrapping (#7537) @​robwalch
  • Fixes "fragParsingError" after seeking back in live - regression introduced in 1.6.6 with #7311 (#7536) @​bmarshall
• Use Widevine KEYID or parse PlayReady when level keys are present (#7545)
  • Fixes FairPlay parsing error - regression introduced in 1.6.11 (#7542) @​Jason239
• Get KEYID from init segment 'tenc' when not found elsewhere (#7547)
  • Fixes Widevine key parsing error - regression introduced in 1.6.11 with #7527 (#7541) @​AfLosada

Demo Page

Get demo url from https://github.com/video-dev/hls.js/tree/deployments

API and Breaking Changes

If you are upgrading from version v0.14.17 or lower, see the MIGRATING guide for API changes between v0.14.x and v1.0.0.

Feedback

Please provide feedback via Issues in GitHub. For more details on how to contribute to HLS.js, see our CONTRIBUTING guide.

v1.6.12

Summary

HLS.js v1.6.12 includes bug fixes and improvements over the last release.

Changes Since The Last Release

video-dev/hls.js@v1.6.11...v1.6.12

• Fixed PlayReady regression introduced v1.6.11:
  • Fix PlayReady key endianness (#7510) @​ShubhamSharma2311
  • Error handling for PlayReady key with no status change (#7527) @​robwalch
• Use (incomplete) Widevine PSSH parsing when KEYID attribute missing from playlist KEY tags (#7415) @​yajin2021
• Multivariant Playlist parsing fixes (#7523) @​robwalch
  • Add missing stats.parsing.end timing to manifest events
  • Use playlist CODECS in mime-type when handling unknown codecs (fixes handling of AIV example content)
• Setup as audio-only when main segment has no video and CODECS is missing (#7530)
• Fix live reload failure after empty playlist response (“no EXTM3U delimiter” error) (#7533)

Demo Page

https://37434c54.hls-js-dev.pages.dev/demo/

API and Breaking Changes

If you are upgrading from version v0.14.17 or lower, see the MIGRATING guide for API changes between v0.14.x and v1.0.0.

... (truncated)

Commits

• abb6945 Get KEYID from init segment 'tenc' when not found elsewhere
• b282f03 Roll initPTS forward when needed by earlier segments
• 6f91d50 Use Widevine KEYID or parse Playready when level keys are present
• 785c0a5 Update npm to v11 before publish
• e49270c Use GitHub release env for npm publish (#7544)
• c4d9bf3 Fix "Missing format identifier #EXTM3U" playlist parsing errors
• 0919731 Merge pull request #7530 from video-dev/bugfix/audio-only-main
• 0638d9a Setup as audio-only when main segment has no video
• a3c63bd Multivariant Playlist parsing fixes (#7523)
• 5a62280 Error handling for PlayReady key with no status change (#7527)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for hls.js since your current version.

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}