44 Upgrade dependencies and specify es6

[kelseymorsebrown]

#44 Trying to take a stab at upgrading dependencies to resolve a whole bunch of vulnerabilities we keep getting alerts about in upstream systems using lateralus.

Here is a list of package upgrades and the vulnerabilities they resolve

Dependencies

• jquery@3.7.1
  • Moderate - GHSA-rmxg-73gg-4p98
  • Moderate - GHSA-gxr4-xjj5-5px2
  • Moderate - GHSA-6c3j-c64m-qhgq
  • Moderate - GHSA-jpcq-cgw6-v4j6
• mustache@4.2.0
  • ⚠️ High - GHSA-w3w8-37jv-2c58

Dev Dependencies

• babel-loader@8.1.0

  • ‼️ Critical - GHSA-67hx-6x53-jw92

• @babel/core >=7.23.2

  • ⚠️ High - GHSA-9c47-m6qq-7p4h

• eslint@9.9.0

  • ⚠️ High - GHSA-64g7-mvw6-v9qj
  • ⚠️ High - GHSA-4rq4-32rv-6wp6

• jsdoc@4.0.3

  • ⚠️ High - GHSA-mxhp-79qh-mcx6

• jsdom@24.1.1

  • Moderate - GHSA-72xf-g2v4-qvf3
  • Moderate - GHSA-p8p7-x288-28g6

• mocha@10.7.3

  • ‼️ Critical - GHSA-qh2h-chj9-jffq
  • ‼️ Critical - GHSA-vh95-rmgr-6w4m
  • ‼️ Critical - GHSA-xvch-5gv4-984h
  • ⚠️ High - GHSA-gxpj-cx7g-858c
  • ⚠️ High - GHSA-9vvw-cc9w-f27h
  • ⚠️ High - GHSA-h6ch-v84p-w6p9
  • ⚠️ High - GHSA-hxm2-r34f-qmc5
  • ⚠️ High - GHSA-f8q6-p94x-37v3
  • ⚠️ High - GHSA-w9mr-4mfr-499f
  • ⚠️ High - GHSA-3fx5-fwvr-xrjg

• webpack-dev-server@4.15.2

  • ‼️ Critical - GHSA-6h5x-7c5m-7cr7
  • ⚠️ High - GHSA-whgm-jr23-g3j9
  • ⚠️ High - GHSA-grv7-fg5c-xmjg
  • ⚠️ High - GHSA-7p7h-4mm5-852v
  • ⚠️ High - GHSA-2p57-rm9w-gvfp
  • ⚠️ High - GHSA-5rrq-pxf6-6jx5
  • ⚠️ High - GHSA-gf8q-jrpm-jvxq
  • ⚠️ High - GHSA-2r2c-g63r-vccr
  • ⚠️ High - GHSA-8fr3-hfg3-gpgp
  • ⚠️ High - GHSA-cfm4-qjh2-4765
  • ⚠️ High - GHSA-x4jg-mjrx-434g
  • ⚠️ High - GHSA-wr3j-pwj9-hqq6
  • Moderate - GHSA-pfrx-2q88-qq97
  • Moderate - GHSA-c9g6-9335-x697

• webpack@4.47.0

  • Moderate - GHSA-v88g-cgmw-v5xw
  • Moderate - GHSA-p9pc-299p-vxgp
  • Low - GHSA-977x-g7h5-7qgw
  • Low - GHSA-f7q4-pwc6-w24p
  • Low - GHSA-49q7-c7j4-3p7m

[kelseymorsebrown]

I feel like I must be missing something with the webpack upgrade - npm run start is successful but when I try to load http://127.0.0.1:8080/test/ per the README, there's a GET error. 🤔

[jeremyckahn]

I feel like I must be missing something with the webpack upgrade - npm run start is successful but when I try to load http://127.0.0.1:8080/test/ per the README, there's a GET error. 🤔

It looks like the docs are out of date (or incorrect, at least). Sorry about that. 😅

Based on the contents of webpack.test.config.cjs, I wouldn't expect anything to be available at http://127.0.0.1:8080/test/ when running npm run start:

lateralus/package.json

Line 14 in b42a46d

"start": "webpack serve --open --config webpack.test.config.cjs",

lateralus/webpack.test.config.cjs

Lines 1 to 19 in b42a46d

	const config = require('./webpack.common');
	const { merge } = require('webpack-merge');
	const path = require('path');
	module.exports = merge(config, {
	entry: './test/index.js',
	output: {
	path: path.join(__dirname, 'dist'),
	publicPath: '/assets/',
	filename: 'index.js',
	library: 'index',
	libraryTarget: 'umd',
	umdNamedDefine: true
	},
	mode: 'development',
	devServer: {
	static: './dist',
	}
	});

However, I do see lateralus.js and lateralus.js.map being served from http://localhost:8080/:

[jeremyckahn]

It appears that the README is accurate for the develop branch:

So, it seems that something in this PR has caused things to work unexpectedly.