[Snyk] Upgrade video.js from 8.6.0 to 8.17.3

[kerasus]

Snyk has created this PR to upgrade video.js from 8.6.0 to 8.17.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 25 versions ahead of your current version.

• The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-AXIOS-6144788	539	No Known Exploit
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-7361793	539	Proof of Concept
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	539	Proof of Concept
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	539	No Known Exploit
	Access Control Bypass SNYK-JS-VITE-6182924	539	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	539	Proof of Concept
	Prototype Pollution SNYK-JS-AXIOS-6144788	539	No Known Exploit
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-7361793	539	Proof of Concept
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	539	Proof of Concept
	Unchecked Input for Loop Condition SNYK-JS-KATEX-6483836	539	No Known Exploit
	Template Injection SNYK-JS-DOMPURIFY-6474511	539	Proof of Concept
	Improper Control of Dynamically-Managed Code Resources SNYK-JS-EJS-6689533	539	No Known Exploit
	Open Redirect SNYK-JS-EXPRESS-6474509	539	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	539	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTMLMINIFIER-3091181	539	Proof of Concept
	Improper Access Control SNYK-JS-VITE-6531286	539	Proof of Concept
	Improper Encoding or Escaping of Output SNYK-JS-KATEX-6483831	539	No Known Exploit
	Incomplete List of Disallowed Inputs SNYK-JS-KATEX-6483834	539	No Known Exploit
	Unchecked Input for Loop Condition SNYK-JS-KATEX-6483835	539	No Known Exploit

Release notes

Package name: video.js

• 8.17.3 - 2024-07-30
  

  8.17.3 (2024-07-30)

  Bug Fixes

  • Listen to taps on track controls (#8809) (86d29cd), closes #8808 1000#0
  • Refactor evented to make mincompatable with Chrome 53 (#8810) (a7c9f26), closes /github.com/videojs/video.js/blob/e78bcc7b2d829fce01451cf105b918d8feec4548/src/js/mixins/evented.js#L165-L195 #8783 1000#0
  • spatial-navigation: focus lost in error modal (#8817) (daf40bd), closes 1000#0
  • spatial-navigation: keep navigation going when player has an error (#8805) (76e99b7), closes 1000#0
  • spatial-navigation: refocus available also to the close button of the error modal (#8819) (45570d9), closes 1000#0

  netlify preview for this version

• 8.17.2 - 2024-07-22
  

  8.17.2 (2024-07-22)

  Chores

  • update vhs version 3.13.2 (#8812) (49151ee), closes 1000#0

  netlify preview for this version

• 8.17.1 - 2024-07-15
  

  8.17.1 (2024-07-15)

  Bug Fixes

  • ensure transient button event listeners are removed on dispose (#8796) (0a836e1), closes #8795 1000#0

  netlify preview for this version

• 8.17.0 - 2024-07-10
  

  8.17.0 (2024-07-10)

  Features

  • Adds a transient button component (#8629) (1afe504)

  Bug Fixes

  • apply correct styles to audio descriptions track menu items (#8770) (f701102), closes #8769
  • middleware: cache grows even if no middleware created (#8674) (6221a8f), closes #8653 1000#0
  • types: fix and improve component ready callback definition (#8766) (970faa8), closes 1000#0

  netlify preview for this version

• 8.16.1 - 2024-06-24
  

  8.16.1 (2024-06-24)

  Bug Fixes

  • enable keyboard controls on menu items (#8777) (04b9bb2), closes /github.com/videojs/video.js/commit/35de64ceb04b4b7dd6be067e275128d02c6d6e91#diff-9fd94576fe3b609171a426feb961b0954d70c8c14e598024d49ae9c8836a71 1000#0

  Chores

  • Update typescript to 5.5.2 (#8776) (fa9c41c)

  netlify preview for this version

• 8.16.0 - 2024-06-12
  

  8.16.0 (2024-06-12)

  Features

  • icons: update Twitter X logo (#8764) (b58b4c5), closes 1000#0

  Bug Fixes

  • improve ts output for create logger (#8763) (86ff612), closes 1000#0
  • update to VHS v3.13.1 (#8765) (864074d)
  • use guid to ensure uniqueness of track setting options (#8762) (f4186a0), closes #8761 1000#0

  netlify preview for this version

• 8.15.0 - 2024-06-06
  

  8.15.0 (2024-06-06)

  Features

  • update xhr (#8757) (8cfd6c4)

  Bug Fixes

  • removes duplicate id in text track settings (#8755) (a10d258), closes #8754 1000#0

  netlify preview for this version

• 8.14.1 - 2024-05-30
  

  8.14.1 (2024-05-30)

  Bug Fixes

  • docs: Add workaround for ErrorMetadata typedef (#8737) (4de09e4)
  • lang: Arabic translation grammar, spelling and vocabulary errors (#8724) (ad357b5)
  • lockfile for vhs v3.13.0 (#8751) (38198f6)
  • Remove Firefox warnings about deprecated event props (#8736) (084af2f)

  Chores

  • Update karma dependenciess (#8743) (42e167c)
  • Update PR template (#8750) (c5f548b)
  • update VHS to v3.13.0 (#8742) (978731e)

  Code Refactoring

  • Replace keycode dependency with event.key (#8735) (35de64c)

  netlify preview for this version

• 8.14.0 - 2024-05-06
  

  8.14.0 (2024-05-06)

  Features

  • refactor error consts (#8719) (4dfea61)

  Bug Fixes

  • dom: handle slotted parent transform position (#8158) (9946a19)
  • Ensure aria-labelledby values in track settings are valid (#8711) (ad3be35)
  • player: adapt player height to control bar height in audioOnly mode (#8579) (8050466)
  • prevent error for root shadow elements when restorEl is enabled (#8679) (31b0378)
  • progress bar sometimes is not filled on 100% (#8633) (3e697e9)
  • Support MacOS trackpad with tap-to-click (#8700) (cb76a24)

  Chores

  • css: fix typo in postcss-config browserslist and update list (#8578) (3df0e9b)
  • remove plugin errors from error const (#8706) (466fa97)

  Code Refactoring

  • use URL API (#8716) (992af3b)

  netlify preview for this version

• 8.13.0 - 2024-04-22
• 8.12.0 - 2024-04-16
• 8.11.8 - 2024-03-12
• 8.11.7 - 2024-03-06
• 8.11.6 - 2024-03-04
• 8.11.5 - 2024-02-28
• 8.11.4 - 2024-02-21
• 8.11.3 - 2024-02-20
• 8.11.2 - 2024-02-13
• 8.11.1 - 2024-01-29
• 8.11.0 - 2024-01-25
• 8.10.0 - 2024-01-17
• 8.9.0 - 2024-01-02
• 8.8.0 - 2023-12-14
• 8.7.0 - 2023-12-04
• 8.6.1 - 2023-10-12
• 8.6.0 - 2023-09-25

from video.js GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs