Currently included mpd-parser version is flagged with security issues

[heennkkee]

Description

The library xmldom is flagged with security problems (causing npm audit to be sad). This is fixed in xmldom >= 0.5.0.
mpd-parser depends on xmldom and from 16.0 it is updated to xmldom 0.5.0.
@video.js/http-streaming is currently depending on mpd-parser 15.4 (which depends on xmldom 0.4.0).

The solution would be to depend on mpd-parser 16.0 instead.

Sources

N/A (https://github.com/videojs/http-streaming/blob/main/package.json#L64)

Steps to reproduce

1. Create a new project
2. Install @videojs/http-streaming with npm npm install @videojs/http-streaming
3. Run npm audit

Results

Expected

No warnings

Error output

Additional Information

Please include any additional information necessary here. Including the following:

videojs-http-streaming version

videojs-http-streaming 2.6.4

videojs version

video.js 7.11.4

Browsers

N/A

Platforms

N/A

Other Plugins

N/A

Other JavaScript

N/A

[gkatsev]

We'll update it soon!
However, I just wanted to note that xmldom is only used by mpd-parser when it's run in node.js and thus isn't a concern for this library since VHS only runs in browsers.