quarterly lockfile trimming

[jsladerman]

should fix majority of dependabot alerts. bumps or removes a handful of design system dependencies that in a lot of cases either aren't used or can be provided directly from the console's package.json. also removes all the old design system ci/cd that's not used anymore (particularly firebase who's deps were causing a handful of alerts). if we ever wanted to add it back it should just be done with a plural flow

also does another handful of loading spinner replacements in some of the cluster drill down views (part of PROD-4466)

Plural Flow: console

[linear]

PROD-4460 update packages with dependabot CVEs in console

PROD-4466 get rid of loading spinners in cd cluster drilldowns

[greptile-apps]

Greptile Summary

Dependency cleanup and UI improvements reducing lockfile by ~4000 lines and addressing Dependabot alerts.

Key changes:

• Removed Firebase configuration and old design system CI/CD workflows (replaced with Plural Flow)
• Trimmed design system dependencies: removed firebase-tools, babel packages, and unused testing libraries
• Updated @emotion/react and @emotion/styled, bumped @graphql-codegen/* packages and vite
• Replaced content-disposition npm package with custom implementation to reduce dependencies
• Improved loading states across cluster drill-down views by replacing LoadingIndicator with Table loading prop and skeleton loaders
• Changed several components from default to named exports for consistency

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• The changes are well-contained dependency cleanup and consistent UI improvements. The custom content-disposition parser has tests and properly handles edge cases. Loading state improvements follow established patterns. All GraphQL files were regenerated cleanly from updated codegen packages.
• No files require special attention

Important Files Changed

Filename	Overview
assets/design-system/package.json	Updated emotion packages, removed unused dependencies (firebase-tools, babel, testing libraries), moved type-fest to devDependencies
assets/package.json	Removed content-disposition dependency, bumped graphql-codegen packages and vite, updated fast-xml-parser
assets/src/utils/contentDisposition.ts	Added custom content-disposition parser to replace removed npm dependency
assets/src/utils/contentDisposition.test.ts	Added tests for content-disposition parser covering quoted filenames, UTF-8 encoding, and error cases
assets/src/components/security/compliance/ComplianceReports.tsx	Replaced content-disposition npm package with custom parseContentDispositionFilename utility
assets/src/components/cd/cluster/Cluster.tsx	Changed default export to named export, updated ClusterContextType to allow nullable cluster, removed LoadingIndicator for cleaner loading state
assets/src/components/cd/cluster/ClusterNodes.tsx	Replaced LoadingIndicator with Table loading prop, changed to named export, switched from navigate to Link, uses useClusterContext
assets/src/components/cd/cluster/ClusterPods.tsx	Replaced LoadingIndicator with Table loading prop, changed to named export, removed manual empty state handling
assets/yarn.lock	Lockfile updated with trimmed dependencies, removing 4000+ lines of unused packages

_{Last reviewed commit: 470120c}