chore(deps-dev): bump dashjs from 5.1.1 to 5.2.0

[dependabot]

Bumps dashjs from 5.1.1 to 5.2.0.

Release notes

Sourced from dashjs's releases.

dash.js v5.2.0

Features

• Introduces comprehensive support for CMCD (Common Media Client Data) Version 2, significantly expanding the player's capabilities for media analytics and client-side data reporting. The implementation leverages the @​svta/cml-cmcd library's CmcdReporter to centralize reporting mechanisms, reducing complexity and improving maintainability while aligning with the latest CMCD specifications by @​cotid-qualabs, @​sebastianpiq , @​littlespex,@​dsilhavy in Dash-Industry-Forum/dash.js#4816
• Add support for Certurl element by @​gorkemg and @​dsilhavy in Dash-Industry-Forum/dash.js#4876, Dash-Industry-Forum/dash.js#4973
• Add Apple FairPlay Streaming (FPS) DRM support by @​tobbee in Dash-Industry-Forum/dash.js#4941
• Add a new reference UI by @​dsilhavy (Claude Opus 4.6 was used in this PR) in Dash-Industry-Forum/dash.js#4974
• Add a limitBitrateByPortalMinimum setting to prevent limiting too much by @​robertbryer in Dash-Industry-Forum/dash.js#4950
• Update 608 library to support H.265/H.266 payloads by @​littlespex in Dash-Industry-Forum/dash.js#4954
• Add a new method getRepresentationsByTypeUnfiltered. This allows applications to get all Representations regardless of any filter settings by @​dsilhavy in Dash-Industry-Forum/dash.js#4963
• Enable mapping of Supplemental and Essential Properties from AdaptationSet to all Representations, but exclude those needed for URLQueryParams according to Annex I. by @​stschr in Dash-Industry-Forum/dash.js#4901
• Add a setting blacklistExpiryTime to expire blacklisted service locations by @​robertbryer in Dash-Industry-Forum/dash.js#4983

Improvements

• Performance: reduce Object.keys allocations in hot paths by @​PascalThuet in Dash-Industry-Forum/dash.js#4937
• Performance: make GapController interval configurable and reduce hot-path allocations by @​PascalThuet in Dash-Industry-Forum/dash.js#4943
• Apply npm audit fixes by @​dsilhavy in Dash-Industry-Forum/dash.js#4899, Dash-Industry-Forum/dash.js#4994, Dash-Industry-Forum/dash.js#5023
• Allow preload to work even when the setting cacheInitSegments is false by @​robertbryer in Dash-Industry-Forum/dash.js#4957
• Adds a warning message when an AdaptationSet is filtered because of unsupported EssentialProperties by @​dsilhavy in Dash-Industry-Forum/dash.js#4961
• Add Agents.md with information for AI agents by @​dsilhavy in Dash-Industry-Forum/dash.js#4965
• Improve track equality check by @​stschr in Dash-Industry-Forum/dash.js#4966
• Low Latency Improvements by @​ryanmccartney in Dash-Industry-Forum/dash.js#4916
• Refactors the GitHub actions to make specific parts reusable and avoid code duplication by @​dsilhavy in Dash-Industry-Forum/dash.js#4975
• Add notification pane in reference UI by @​dsilhavy in Dash-Industry-Forum/dash.js#4977
• Refactor: replace bcp-47-normalize with lightweight BCP-47 normalization (-185 KB) by @​PascalThuet in Dash-Industry-Forum/dash.js#4970
• Adds options to set the persistentState and the distinctiveIdentifier via the reference UIby @​dsilhavy in Dash-Industry-Forum/dash.js#4991
• Replace ua-parser-js with lightweight browser detection (-26 KB) by @​PascalThuet in Dash-Industry-Forum/dash.js#4972, Dash-Industry-Forum/dash.js#5007
• Dynamically read out request timeout in case settings are updated during runtime by @​dsilhavy in Dash-Industry-Forum/dash.js#4997
• Abort retrieveManifest requests after reset by @​robertbryer in Dash-Industry-Forum/dash.js#5027

Bugfixes

• Fix an issue with AdaptationSets linking to themself in a SupplementalProperty by @​dsilhavy in Dash-Industry-Forum/dash.js#4918
• Remove karma-webdriver-launcher because of insecurities and add buffe… by @​dsilhavy in Dash-Industry-Forum/dash.js#4920
• Check K value when determining whether to enable low latency mode by @​ryanmccartney in Dash-Industry-Forum/dash.js#4915
• Fix an issue that lead to exponential Increase in Concurrent Segment Requests for low latency streaming by @​dsilhavy in Dash-Industry-Forum/dash.js#4921
• changing media asset location by @​stschr in Dash-Industry-Forum/dash.js#4928
• Fix downloads of WebVTT segments in multiperiod MPD by @​dsilhavy in Dash-Industry-Forum/dash.js#4925
• Fix a bug in the L3D implementation when playing livesim2 content by @​dsilhavy in Dash-Industry-Forum/dash.js#4927
• Fix(steering): Fix incorrect splice/indexOf arguments in blacklist timer cleanup by @​PascalThuet in Dash-Industry-Forum/dash.js#4946
• Fix(mss): prevent crash when all DVR segments are removed by @​PascalThuet in Dash-Industry-Forum/dash.js#4947
• Fix addressing changed codecs at Period boundaries by @​stschr in Dash-Industry-Forum/dash.js#4949
• Adds missing NEW_TRACK_SELECTED to Typescript file. Fixes #4940 by @​dsilhavy in Dash-Industry-Forum/dash.js#4952
• Change StreamProcessor bandwidth check for scalable LCEVC by @​v-nova-romas in Dash-Industry-Forum/dash.js#4951
• Fix/nullpointer accessibility by @​dsilhavy in Dash-Industry-Forum/dash.js#4955
• Fix(streaming): add LRU cache limit to InitCache by @​PascalThuet in Dash-Industry-Forum/dash.js#4935
• Fix(core): prevent memory leaks in EventBus and XHRLoader by @​PascalThuet in Dash-Industry-Forum/dash.js#4934
• Replace Edgeware with Eyevinn in reference player contributors by @​tobbee in Dash-Industry-Forum/dash.js#4968
• jsdoc fix + verbose logger by @​stschr in Dash-Industry-Forum/dash.js#4980
• Fix: make MediaPlayerFactory SSR-safe to prevent 'window is not defined' error by @​PascalThuet in Dash-Industry-Forum/dash.js#4929

... (truncated)

Commits

• 4a2d7a9 Add dist files for version 5.2.0
• be1e2ef Merge remote-tracking branch 'origin/development'
• d91d923 Change description of test vector in list of smoke vectors
• 745c3bc Fix vulnerability issues in simple express server (#5031)
• 5647d89 Feature: CMCD v2 (#4816)
• 61d6502 Add a setting blacklistExpiryTime to expire blacklisted service locations (#4...
• 93f6aec Fix unreachable code warning in MediaController and update eslint config to p...
• 7bcce8b Abort retrieveManifest requests after reset (#5027)
• 551cfd1 Fix a bug in the refrence UI causing loop for multiperiod content before the ...
• 278b302 Use responseStart for resourceTiming.responseStart (#5024)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Benchmark Results (GitHub Actions runner)

Resolution	FPS	ms/frame
1080p (50f)	33.4 fps	29.9 ms/frame
4K (25f)	10.4 fps	95.7 ms/frame

Note: GitHub Actions runners (2-core x86) are ~2-3x slower than Apple Silicon.
These numbers are for regression detection, not absolute performance.

_{Auto-generated by CI benchmark}