(#147) Upgrade to Node 18, Webpack 5, npm audit fixes

[adriancofie]

(#147) Upgrade to Node 18, Webpack 5, npm audit fixes

Description

Updates node, webpack, and other packages to enable security changes. Upgrades dependencies to webpack 5 compatible versions.

Notable package upgrades

Package	Old Version	New Version
webpack	^4.42.1	^5.90.3
axios	^0.21.4	^1.6.7
cypress	^10.9.0	^13.6.6
eslint	^7.20.0	^8.0.1"
start-server-and-test	^1.11.7	2.0.0
webpack-manifest-plugin	2.2.0	3.0.0

Replaces deprecated (Since March 2020) babel-eslint with @babel/eslint-parser

		"@babel/eslint-parser": "^7.23.10"

Replace deprecated eslint-loader with eslint-webpack-plugin

		"eslint-webpack-plugin": "^4.0.1",

In addition, adds the following dev dependencies

		"@babel/plugin-proposal-private-property-in-object": "^7.21.11",
		"buffer": "^6.0.3",
		"https-browserify": "^1.0.0",
		"process": "^0.11.10",
		"url": "^0.11.3"

---

Updates node to 18

    nvm install 18
    nvm use 18

File(s): .nvmrc

• Updates LTS to lts/hydrogen

---

Extracts jest config to separate file

File(s): .package.json jest.config.js

• Moves jest config from package.json

---

Updates Webpack to 5

Installl latest webpack,

	npm install webpack@latest --save-dev

• Update and install dev dependencies

	npm install —save-dev eslint-webpack-plugin  @babel/eslint-parser  @babel/plugin-proposal-private-property-in-object
	html-webpack-plugin  buffer stream-http process https-browserify url

Updates webpack config to address CRA CommonJS import bug affecting axios/nock/jest combo

File(s): /config/paths.js webpack.config.js jest.config.js

• Adds support for cjs/mjs extension

  • See: CRA5 Bug: require a submodule of a package (i.e. my-package/sub-module) returns a string instead of the module facebook/create-react-app#11889 (comment)
  • Adds axios to transformIgnoreModules in jest.config.js

• Updates buildAxiosRequest.test.js to set the addapter type to http

	const axiosInstance = axios.create({
		timeout: 10000,
		adapter: 'http',
	});

• Updates App.test.js to remove the following:

axios.defaults.adapter = require('axios/lib/adapters/http');

Updates webpack config for breaking changes from v4 -> v5

Misc webpack config changes following migration guide: https://webpack.js.org/migrate/5/

File(s): webpack.config.js babel.config.js .eslintrc.js

• Updates syntax change for IgnorePlugin in webpack config

  • Webpack 5 does not polyfill Node.js core modules by default anymore so remove the following:

    node: {
      module: 'empty',
      dgram: 'empty',
      dns: 'mock',
      fs: 'empty',
      http2: 'empty',
      net: 'empty',
      tls: 'empty',
      child_process: 'empty',
    }

• And add the following to the resolver

		fallback: {
			"http": require.resolve("stream-http"),
			"https": require.resolve('https-browserify'),
			"buffer": require.resolve('buffer'),
			"url": require.resolve("url"),
		},
		

• And the following Buffer plugin

new webpack.ProvidePlugin({
			Buffer: ['buffer', 'Buffer'],
		})

• Updates the import statement for the ManifestPlugin to the following:

js const { WebpackManifestPlugin } = require('webpack-manifest-plugin');

• Updates the webpack hashing function from the insecure md4 to xxhash64

  • Node uses OpenSSL for its hash functions and encryption on *nix systems. The latest version of OpenSSL disables MD4 by default—which will break any previously working program that uses MD4

  Resolves the following error:

	Error: error:0308010C:digital envelope routines::unsupported
	    at new Hash (node:internal/crypto/hash:67:19)

• Adds absoluteRuntime key to babel.config.js

• Replaces deprecated babe-eslint with @babel/eslint-parser

• Replaces eslint-loader with eslint-webpack-plugin in webpack config

• Updates loader syntax. Usage of loader notation 'style-loader!css-loader' is deprecated and replaced with
  [{loader: ‘style-loader’}, {loader: ‘css-loader’}]

Security Fixes

    npm audit fix --force

Linter fixes

	npm run lint:fix

[github-actions]

Viewing Information

• The testing site

[adriancofie]

Closing in favor of PR #155