Dep updates 2024 09 02

.circleci/config.yml

@@ -2,7 +2,7 @@ version: 2.1
 orbs:
   git-shallow-clone: guitarrapc/[email protected]
 
-efcms-docker-image: &efcms-docker-image $AWS_ACCOUNT_ID.dkr.ecr.us-east-1.amazonaws.com/ef-cms-us-east-1:4.3.8
+efcms-docker-image: &efcms-docker-image $AWS_ACCOUNT_ID.dkr.ecr.us-east-1.amazonaws.com/ef-cms-us-east-1:4.3.9
 
 parameters:
   run_build_and_deploy:

Dockerfile

@@ -1,6 +1,6 @@
 # Note: node-20.14.0-chrome-125.0.* is debian 12.5 (bookworm)
 
-FROM cypress/browsers:node-20.16.0-chrome-127.0.6533.119-1-ff-129.0.1-edge-127.0.2651.98-1
+FROM cypress/browsers:node-20.17.0-chrome-128.0.6613.119-1-ff-130.0-edge-128.0.2739.63-1
 
 WORKDIR /home/app
 
@@ -37,7 +37,7 @@ RUN apt-get install -y build-essential
 RUN apt-get install -y libcairo2-dev libpango1.0-dev libjpeg-dev libgif-dev librsvg2-dev
 
 ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64
-RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-2.17.36.zip" -o "awscliv2.zip" && \
+RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-2.17.46.zip" -o "awscliv2.zip" && \
   unzip awscliv2.zip && \
   ./aws/install && \
   rm -rf awscliv2.zip

babel.config.js

@@ -1,5 +1,5 @@
 module.exports = {
-  plugins: ['babel-plugin-cerebral', 'transform-html-import-require-to-string'],
+  plugins: ['babel-plugin-cerebral'],
   presets: [
     [
       '@babel/preset-env',

docs/dependency-updates.md

@@ -75,8 +75,8 @@ Below is a list of dependencies that are locked down due to known issues with se
 
 ### puppeteer and @sparticuz/chromium
 
-- When updating puppeteer or puppeteer core in the project, make sure to also match versions in `web-api/runtimes/puppeteer/package.json` as this is our lambda layer which we use to generate pdfs. Puppeteer and chromium versions should always match between package.json and web-api/runtimes/puppeteer/package.json.  Remember to run `npm install --prefix web-api/runtimes/puppeteer` to install and update the package-lock file.
-- Puppeteer also has recommended versions of Chromium, so we should make sure to use the recommended version of chromium for the version of puppeteer that we are on.
+- When updating puppeteer or puppeteer core in the project, make sure to also match versions in `web-api/runtimes/puppeteer/package.json` as this is our lambda layer which we use to generate pdfs. Puppeteer and chromium versions should always match between package.json and web-api/runtimes/puppeteer/package.json.  Remember to run `npm install --prefix web-api/runtimes/puppeteer` to install and update the package-lock file. 
+- Puppeteer also has recommended versions of Chromium, so we should make sure to use the recommended version of chromium for the version of puppeteer that we are on. The chromium versions supported by puppeteer can be found [here](https://pptr.dev/supported-browsers)
 - As of 8/15/2024, we cannot update puppeteer or puppeteer-core beyond 22.13.1 because the latest release of @sparticuz/chromium only supports version 126 of chromium.
 - There is a high-severity security issue with ws (ws affected by a DoS when handling a request with many HTTP headers - https://github.com/advisories/GHSA-3h5v-q93c-6h6q); however, we only use ws on the client side, so this should not be an issue. (We tried to upgrade puppeteer anyway, but unsurprisingly the PDF tests failed because there is no newer version of Chromium that supports puppeteer.)
 
@@ -95,10 +95,6 @@ See: https://github.com/jsx-eslint/eslint-plugin-react/issues/3699
 ### ws, 3rd party dependency of Cerebral
 - When running npm audit, you'll see a high severity issue with ws, 'affected by a DoS when handling a request with many HTTP headers - https://github.com/advisories/GHSA-3h5v-q93c-6h6q'. This doesn't affect us as the vulnerability is on the server side and we're not using this package on the server. We tried to override this to 5.2.4 and 8.18.0 and weren't able to make this work as import paths have changed. In the mean time, we recommend skipping this issue. We could always fork the cerebral repo in the future if needed.
 
-### typescript
-- We currently run version 5.4.5; upon upgrading to version 5.5.3 on 6 July 2024, we ran into a series of issues. While the tests passed, we ran into issues linting and type-checking. The recurring issue was a RangeError: Maximum call stack size exceeded, which occurred with our npx tsc command as well as our lint-staged command. We noticed related issues in Github around this release. In order to prevent delaying other devs and ensure the remaining dependency updates are completed, we decided to hold on this update till version 5.5.3+ and/or we can spend more time to determine why this is occurring.
-- Update 12 July 2024: There are two new related open issues (https://github.com/microsoft/TypeScript/issues/59255 and https://github.com/microsoft/TypeScript/issues/59253), which provides further evidence for a TS bug. TS is still on version 5.5.3.
-
 ## Incrementing the Node Cache Key Version
 
 It's rare to need modify cache key. One reason you may want to do so is if a package fails to install properly, and CircleCI, unaware of the failed installation, stores the corrupted cache. In this case, we will need to increment the cache key version so that CircleCI is forced to reinstall the node dependencies and save them using the new key. To update the cache key, locate `vX-npm` and `vX-cypress` (where X represents the current cache key version) in the config.yml file, and then increment the identified version.

esbuildHelper.mjs

@@ -108,10 +108,7 @@ export default async function ({
       babel({
         config: {
           ignore: ['node_modules'],
-          plugins: [
-            'babel-plugin-cerebral',
-            'transform-html-import-require-to-string',
-          ],
+          plugins: ['babel-plugin-cerebral'],
           presets: [
             [
               '@babel/preset-env',