Start the process of modernizing sonar dependencies.
Review Request #12435 — Created July 5, 2022 and submitted — Latest diff uploaded
Sonar hasn't been updated in quite some time, and several of our
dependencies (both direct and indirect) have known security issues. This
change starts the process of modernizing.
Some of these are related to build: gulp, babel, and webpack (and
associated plugins). These are all now running on the latest releases.
We're still using the legacy mode for JS decorators, but otherwise
everything is up to date.
For some reason, the update to webpack broke the gzip step for
bundle.js. I've changed things over to use brotli for compression and
express-static-gzipto serve it, which gets us even better
file size savings.
The rest of the dep changes are more runtime oriented. The biggest
change is the switch from the old
apollo-boostpackage to the new
@apollo/client. As part of this, we're now on the newest versions of
Verified that I could log in, navigate around, and edit data.