Merge remote-tracking branch 'upstream/main'

.github/ISSUE_TEMPLATE/question.md

@@ -20,7 +20,14 @@ assignees: ''
 **Have you read the [FAQ](https://bit.ly/ShakaFAQ) and checked for duplicate open issues?**
 
 
+**If the question is related to FairPlay, have you read the tutorial?**
+<!-- NOTE: https://shaka-player-demo.appspot.com/docs/api/tutorial-fairplay.html -->
+
+
 **What version of Shaka Player are you using?**
 
 
+**What browser and OS are you using?**
+
+
 **Please ask your question**

.github/workflows/appspot.yaml

@@ -15,24 +15,24 @@ jobs:
   appspot:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           ref: ${{ inputs.ref }}
           fetch-depth: 0
           persist-credentials: false
 
-      - uses: actions/setup-node@v1
+      - uses: actions/setup-node@v4
         with:
           node-version: 16
           registry-url: 'https://registry.npmjs.org'
 
       - uses: ./.github/workflows/custom-actions/prep-for-appspot
 
-      - uses: google-github-actions/auth@v0
+      - uses: google-github-actions/auth@v2
         with:
           credentials_json: '${{ secrets.APPENGINE_DEPLOY_KEY }}'
 
-      - uses: google-github-actions/deploy-appengine@v0
+      - uses: google-github-actions/deploy-appengine@v2
         with:
           project_id: shaka-player-demo
           version: ${{ inputs.subdomain }}

.github/workflows/build-and-test.yaml

@@ -25,7 +25,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ inputs.ref || github.ref }}
 
@@ -89,7 +89,7 @@ jobs:
         run: sudo apt -y update && sudo apt -y install ffmpeg
 
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ inputs.ref || github.ref }}
 
@@ -128,7 +128,7 @@ jobs:
 
       # Some CI images (self-hosted or otherwise) don't have the minimum Java
       # version necessary for the compiler (Java 11).
-      - uses: actions/setup-java@v3
+      - uses: actions/setup-java@v4
         with:
           distribution: zulu
           java-version: 11
@@ -178,7 +178,7 @@ jobs:
           fi
 
       - name: Upload coverage reports
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         if: ${{ always() && steps.coverage.outputs.coverage_found }}
         with:
           name: coverage
@@ -194,7 +194,7 @@ jobs:
 
       # Upload new screenshots and diffs on failure; ignore if missing
       - name: Upload screenshots
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         if: ${{ failure() }}
         with:
           name: screenshots-${{ matrix.browser }}
@@ -212,7 +212,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ inputs.ref || github.ref }}
 

.github/workflows/custom-actions/set-commit-status/action.yaml

@@ -14,24 +14,46 @@ inputs:
   token:
     description: A GitHub access token.
     required: true
+  job_name:
+    description: A job name, so that the status' target URL can point to a specific job.
+    required: false
 
 runs:
   using: composite
   steps:
     - name: Report Commit Status
       shell: bash
       run: |
-        # This is the URL to view this workflow run on GitHub.  It will be
-        # attached to the commit status, so that when someone clicks "details"
-        # next to the status on the PR, it will link to this run where they can
-        # see the logs.
-        RUN_URL="https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}"
+        export GITHUB_TOKEN="${{ inputs.token }}"
+
+        # Here we compute a "target URL".  It will be attached to the commit
+        # status, so that when someone clicks "details" next to the status on
+        # the PR, it will link to the appropriate logs.
+        if [[ "${{ inputs.job_name }}" != "" ]]; then
+          # There are three identifiers for the job:
+          #   - The job's key in YAML, which is "github.job"
+          #   - The job's name, which is not provided by any runner environment
+          #   - The job's numerical ID, which is not provided either
+          # To link to this specific job in the status, we need the numerical
+          # job ID.  The GH API provides a list of jobs, which contain
+          # numerical IDs and names, but not keys.  So the caller of this
+          # action must provide the string name, and then we look up the
+          # numerical ID in the API.  "github.job" is useless here.
+          job_id=$(
+            gh api /repos/${{github.repository}}/actions/runs/${{github.run_id}}/jobs \
+                | jq '.jobs | map(select(.name=="${{ inputs.job_name }}")) | .[].id'
+          )
+          TARGET_URL="https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}/job/$job_id"
+        else
+          # Generic link to the run, without any specific job.
+          TARGET_URL="https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}"
+        fi
+
         SHA1=$(git rev-parse HEAD)
 
-        GITHUB_TOKEN=${{ inputs.token }} \
         gh api \
           -X POST \
           -F "context=${{ inputs.context }}" \
           -F "state=${{ inputs.state }}" \
-          -F "target_url=$RUN_URL" \
+          -F "target_url=$TARGET_URL" \
           "repos/${{ github.repository }}/statuses/$SHA1"

.github/workflows/demo-version-index.yaml

@@ -22,19 +22,19 @@ jobs:
   appspot:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           # We need a list of all tags for this, so fetch the entire history.
           fetch-depth: 0
 
-      - uses: google-github-actions/auth@v0
+      - uses: google-github-actions/auth@v2
         with:
           credentials_json: '${{ secrets.APPENGINE_DEPLOY_KEY }}'
 
       - name: Generate static content
         run: python3 app-engine/demo-version-index/generate.py
 
-      - uses: google-github-actions/deploy-appengine@v0
+      - uses: google-github-actions/deploy-appengine@v2
         with:
           project_id: shaka-player-demo
           version: index

.github/workflows/nightly-demo.yaml

@@ -11,12 +11,12 @@ jobs:
   appspot:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
           persist-credentials: false
 
-      - uses: actions/setup-node@v1
+      - uses: actions/setup-node@v4
         with:
           node-version: 16
           registry-url: 'https://registry.npmjs.org'
@@ -31,11 +31,11 @@ jobs:
 
       - uses: ./.github/workflows/custom-actions/prep-for-appspot
 
-      - uses: google-github-actions/auth@v0
+      - uses: google-github-actions/auth@v2
         with:
           credentials_json: '${{ secrets.APPENGINE_DEPLOY_KEY }}'
 
-      - uses: google-github-actions/deploy-appengine@v0
+      - uses: google-github-actions/deploy-appengine@v2
         with:
           project_id: shaka-player-demo
           version: nightly

.github/workflows/release-please.yaml

@@ -12,29 +12,29 @@ jobs:
     outputs:
       release_created: ${{ steps.release.outputs.release_created }}
       tag_name: ${{ steps.release.outputs.tag_name }}
+      patch: ${{ steps.release.outputs.patch }}
     steps:
       # Create/update release PR
-      - uses: google-github-actions/release-please-action@v3
+      - uses: google-github-actions/release-please-action@v4
         id: release
         with:
-          # Required input to specify the release type (node package).
-          release-type: node
           # Make sure we create the PR against the correct branch.
-          default-branch: ${{ github.ref_name }}
+          target-branch: ${{ github.ref_name }}
           # Use a special shaka-bot access token for releases.
           token: ${{ secrets.RELEASE_PLEASE_TOKEN }}
-          # Update these additional files containing version numbers.
-          extra-files: lib/player.js
+          # See also settings in these files:
+          manifest-file: .release-please-manifest.json
+          config-file: .release-please-config.json
 
   # The jobs below are all conditional on a release having been created by
   # someone merging the release PR.  They all run in parallel.
 
   tag-main:
     runs-on: ubuntu-latest
     needs: release
-    if: needs.release.outputs.release_created && endsWith(needs.release.outputs.tag_name, '.0') == false
+    if: needs.release.outputs.release_created && needs.release.outputs.patch == '0'
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           # Check out the origin repo, and do it at main, not the PR branch.
           ref: main
@@ -55,12 +55,12 @@ jobs:
     needs: release
     if: needs.release.outputs.release_created
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
           persist-credentials: false
 
-      - uses: actions/setup-node@v1
+      - uses: actions/setup-node@v4
         with:
           node-version: 16
           registry-url: 'https://registry.npmjs.org'
@@ -113,25 +113,26 @@ jobs:
           fi
 
       - run: npm pack
-      - uses: svenstaro/upload-release-action@483c1e56f95e88835747b1c7c60581215016cbf2
-        with:
-          repo_token: ${{ secrets.GITHUB_TOKEN }}
-          tag: ${{ needs.release.outputs.tag_name }}
-          file: shaka-player-*.tgz
-          file_glob: true
-          overwrite: true
+
+      - name: Attach to release
+        env:
+          GITHUB_TOKEN: ${{ secrets.RELEASE_PLEASE_TOKEN }}
+        run: |
+          gh release upload \
+              ${{ needs.release.outputs.tag_name }} shaka-player-*.tgz \
+              --clobber
 
   appspot:
     runs-on: ubuntu-latest
     needs: release
     if: needs.release.outputs.release_created
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
           persist-credentials: false
 
-      - uses: actions/setup-node@v1
+      - uses: actions/setup-node@v4
         with:
           node-version: 16
           registry-url: 'https://registry.npmjs.org'
@@ -165,11 +166,11 @@ jobs:
 
       - uses: ./.github/workflows/custom-actions/prep-for-appspot
 
-      - uses: google-github-actions/auth@v0
+      - uses: google-github-actions/auth@v2
         with:
           credentials_json: '${{ secrets.APPENGINE_DEPLOY_KEY }}'
 
-      - uses: google-github-actions/deploy-appengine@v0
+      - uses: google-github-actions/deploy-appengine@v2
         with:
           project_id: shaka-player-demo
           version: ${{ env.APPSPOT_SUBDOMAIN }}
@@ -178,9 +179,9 @@ jobs:
   auto-branch:
     runs-on: ubuntu-latest
     needs: release
-    if: needs.release.outputs.release_created && endsWith(needs.release.outputs.tag_name, '.0')
+    if: needs.release.outputs.release_created && needs.release.outputs.patch == '0'
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
           # Use a special shaka-bot access token for releases.

.github/workflows/report-incremental-coverage.yaml

@@ -15,7 +15,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Compute incremental code coverage
         id: compute