(#624) Update Node, Webpack, and other security updates

.nvmrc

@@ -1 +1 @@
-lts/gallium
+lts/iron

config/paths.js

@@ -41,6 +41,7 @@ function getServedPath(appPackageJson) {
 const moduleFileExtensions = [
   'web.mjs',
   'mjs',
+  'cjs',
   'web.js',
   'js',
   'web.ts',

config/webpack.config.js

@@ -155,16 +155,14 @@ module.exports = function (webpackEnv) {
 		].filter(Boolean),
 		output: {
 			// The build folder.
-			path: isEnvProduction ? paths.appBuild : undefined,
+			path: isEnvProduction ? paths.appBuild : paths.appBuild,
 			// Add /* filename */ comments to generated require()s in the output.
 			pathinfo: isEnvDevelopment,
 			// There will be one main bundle, and one file per asynchronous chunk.
 			// In development, it does not produce real files.
 			filename: isEnvProduction
 				? 'static/js/[name].js'
 				: isEnvDevelopment && 'static/js/bundle.js',
-			// TODO: remove this when upgrading to webpack 5
-			futureEmitAssets: true,
 			// There are also additional JS chunk files if you use code splitting.
 			chunkFilename: isEnvProduction
 				? 'static/js/[name].js'
@@ -307,7 +305,7 @@ module.exports = function (webpackEnv) {
 				// First, run the linter.
 				// It's important to do this before Babel processes the JS.
 				{
-					test: /\.(js|mjs|jsx|ts|tsx)$/,
+					test: /\.(js|cjs|mjs|jsx|ts|tsx)$/,
 					enforce: 'pre',
 					use: [
 						{
@@ -342,7 +340,7 @@ module.exports = function (webpackEnv) {
 						// Process application JS with Babel.
 						// The preset includes JSX, Flow, TypeScript, and some ESnext features.
 						{
-							test: /\.(js|mjs|jsx|ts|tsx)$/,
+							test: /\.(js|cjs|mjs|jsx|ts|tsx)$/,
 							include: paths.appSrc,
 							loader: require.resolve('babel-loader'),
 							options: {
@@ -387,7 +385,7 @@ module.exports = function (webpackEnv) {
 						// Process any JS outside of the app with Babel.
 						// Unlike the application JS, we only compile the standard ES features.
 						{
-							test: /\.(js|mjs)$/,
+							test: /\.(js|cjs|mjs)$/,
 							exclude: /@babel(?:\/|\\{1,2})runtime/,
 							loader: require.resolve('babel-loader'),
 							options: {
@@ -487,7 +485,7 @@ module.exports = function (webpackEnv) {
 							// its runtime that would otherwise be processed through "file" loader.
 							// Also exclude `html` and `json` extensions so they get processed
 							// by webpacks internal loaders.
-							exclude: [/\.(js|mjs|jsx|ts|tsx)$/, /\.html$/, /\.json$/],
+							exclude: [/\.(js|cjs|mjs|jsx|ts|tsx)$/, /\.html$/, /\.json$/],
 							options: {
 								name: 'static/media/[name].[ext]',
 							},
@@ -581,7 +579,10 @@ module.exports = function (webpackEnv) {
 			// solution that requires the user to opt into importing specific locales.
 			// https://github.com/jmblog/how-to-optimize-momentjs-with-webpack
 			// You can remove this if you don't use Moment.js:
-			new webpack.IgnorePlugin(/^\.\/locale$/, /moment$/),
+			new webpack.IgnorePlugin({
+				resourceRegExp: /^\.\/locale$/, // Example RegExp
+				contextRegExp: /moment$/, // Optional: contextRegExp is used to further restrict which contexts to ignore
+			}),
 			// Generate a service worker script that will precache, and keep up to date,
 			// the HTML & assets that are part of the Webpack build.
 			isEnvProduction &&
@@ -625,18 +626,6 @@ module.exports = function (webpackEnv) {
 					silent: true,
 				}),
 		].filter(Boolean),
-		// Some libraries import Node modules but don't use them in the browser.
-		// Tell Webpack to provide empty mocks for them so importing them works.
-		node: {
-			module: 'empty',
-			dgram: 'empty',
-			dns: 'mock',
-			fs: 'empty',
-			http2: 'empty',
-			net: 'empty',
-			tls: 'empty',
-			child_process: 'empty',
-		},
 		// Turn off performance processing because we utilize
 		// our own hints via the FileSizeReporter
 		performance: false,

cypress/e2e/AdvancedSearchPage/AdvancedSearchForm/index.js

@@ -11,14 +11,11 @@ And('Search tip icon is displayed and text {string} appears', (tiptext) => {
 	cy.get('.cts-search-tip__body').should('contain', tiptext);
 });
 
-And(
-	'sticky block is displayed with {string} and {string} buttons',
-	(findbtn, clearbtn) => {
-		cy.get('.sticky-block').should('be.visible');
-		cy.get('.faux-btn-submit').contains(findbtn).should('be.visible');
-		cy.get('.clear-form').contains(clearbtn).should('be.visible');
-	}
-);
+And('sticky block is displayed with {string} and {string} buttons', (findbtn, clearbtn) => {
+	cy.get('.sticky-block').should('be.visible');
+	cy.get('.faux-btn-submit').contains(findbtn).should('be.visible');
+	cy.get('.clear-form').contains(clearbtn).should('be.visible');
+});
 
 When('user scrolls to the {string} section', (section) => {
 	cy.get(`input[aria-label="${section}"]`).scrollIntoView();

cypress/e2e/AdvancedSearchPage/AgeSection/index.js

@@ -2,14 +2,9 @@
 import { Then, When, And } from 'cypress-cucumber-preprocessor/steps';
 import { fieldMap } from '../../../utils/ctsFields.js';
 
-Then(
-	'help icon is displayed in {string} section with href {string}',
-	(fieldLabel, helpHref) => {
-		cy.get(`#fieldset--${fieldMap[fieldLabel]}`)
-			.find('a.text-icon-help')
-			.should('have.attr', 'href', helpHref);
-	}
-);
+Then('help icon is displayed in {string} section with href {string}', (fieldLabel, helpHref) => {
+	cy.get(`#fieldset--${fieldMap[fieldLabel]}`).find('a.text-icon-help').should('have.attr', 'href', helpHref);
+});
 
 Then('alert {string} is displayed', (alertText) => {
 	cy.get('.cts-input__error-message').should('have.text', alertText);

cypress/e2e/AdvancedSearchPage/CancerTypeCondition/index.js

@@ -2,12 +2,9 @@
 import { And, Then, When } from 'cypress-cucumber-preprocessor/steps';
 import { fieldMap } from '../../../utils/ctsFields';
 
-And(
-	'info text {string} is displayed in the {string} section body',
-	(infoText, fieldSet) => {
-		cy.get(`fieldset.${fieldSet}`).find('p').should('contain.text', infoText);
-	}
-);
+And('info text {string} is displayed in the {string} section body', (infoText, fieldSet) => {
+	cy.get(`fieldset.${fieldSet}`).find('p').should('contain.text', infoText);
+});
 
 And('autocomplete dropdown is displayed', () => {
 	cy.get('.cts-autocomplete .menu-anchor :visible').should('exist');
@@ -17,61 +14,37 @@ And('user selects {string} from dropdown', (keyword) => {
 	cy.get('.cts-autocomplete__menu-item').contains(keyword).click();
 });
 
-And(
-	'{string} input field has helper text {string}',
-	(fieldLabel, helperText) => {
-		cy.get(`input#${fieldMap[fieldLabel]}`)
-			.parent()
-			.siblings('span')
-			.should('have.text', helperText);
-	}
-);
+And('{string} input field has helper text {string}', (fieldLabel, helperText) => {
+	cy.get(`input#${fieldMap[fieldLabel]}`).parent().siblings('span').should('have.text', helperText);
+});
 
 And('trial info displayes {string}', (infoText) => {
 	cy.get('.all-trials').should('have.text', infoText);
 });
-And(
-	'the url query has the following corresponding code with duplicated keys',
-	(dataTable) => {
-		cy.location('href').then((url) => {
-			const params = new URL(url).searchParams;
-			//verify num of url params matches expected
-			expect(Array.from(params.entries()).length).to.eq(dataTable.raw().length);
-			//verify that url query params have expected values
-			expect(Array.from(params.entries())).to.deep.equal(dataTable.raw());
-		});
-	}
-);
+And('the url query has the following corresponding code with duplicated keys', (dataTable) => {
+	cy.location('href').then((url) => {
+		const params = new URL(url).searchParams;
+		//verify num of url params matches expected
+		expect(Array.from(params.entries()).length).to.eq(dataTable.raw().length);
+		//verify that url query params have expected values
+		expect(Array.from(params.entries())).to.deep.equal(dataTable.raw());
+	});
+});
 
-Then(
-	'{string} field has the following types selected',
-	(fieldLabel, dataTable) => {
-		cy.get(`input#${fieldMap[fieldLabel]}`)
-			.parent('.cts-chip-list')
-			.as('fieldInFocus');
-		//expected number of selected items is displayed
-		cy.get('@fieldInFocus')
-			.find('span[class*="label"]')
-			.should('have.length', dataTable.rows().length);
-		for (const { selected } of dataTable.hashes()) {
-			//verify that the ony expected items are selected
-			cy.get('@fieldInFocus')
-				.find('span[class*="label"]')
-				.contains(selected)
-				.should('be.visible');
-		}
+Then('{string} field has the following types selected', (fieldLabel, dataTable) => {
+	cy.get(`input#${fieldMap[fieldLabel]}`).parent('.cts-chip-list').as('fieldInFocus');
+	//expected number of selected items is displayed
+	cy.get('@fieldInFocus').find('span[class*="label"]').should('have.length', dataTable.rows().length);
+	for (const { selected } of dataTable.hashes()) {
+		//verify that the ony expected items are selected
+		cy.get('@fieldInFocus').find('span[class*="label"]').contains(selected).should('be.visible');
 	}
-);
+});
 
-When(
-	'user removes {string} from the {string} field',
-	(selectedType, fieldLabel) => {
-		cy.get(`input#${fieldMap[fieldLabel]}`)
-			.parent('.cts-chip-list')
-			.as('fieldInFocus');
-		cy.get('@fieldInFocus').find(`button[value="${selectedType}"]`).click();
-	}
-);
+When('user removes {string} from the {string} field', (selectedType, fieldLabel) => {
+	cy.get(`input#${fieldMap[fieldLabel]}`).parent('.cts-chip-list').as('fieldInFocus');
+	cy.get('@fieldInFocus').find(`button[value="${selectedType}"]`).click();
+});
 
 When('user clicks on Modify Search Criteria button', () => {
 	cy.get('button.btnAsLink').contains('Modify Search Criteria').click();

cypress/e2e/AdvancedSearchPage/DrugTreatmentSection/index.js

@@ -2,38 +2,22 @@
 import { Then, When, And } from 'cypress-cucumber-preprocessor/steps';
 import { fieldMap } from '../../../utils/ctsFields.js';
 
-And(
-	'help icon is displayed in {string} section with href {string}',
-	(fieldLabel, helpHref) => {
-		cy.get('#fieldset--drug-trtmt')
-			.find('a.text-icon-help')
-			.should('be.visible', fieldLabel)
-			.and('have.attr', 'href', helpHref);
-	}
-);
+And('help icon is displayed in {string} section with href {string}', (fieldLabel, helpHref) => {
+	cy.get('#fieldset--drug-trtmt').find('a.text-icon-help').should('be.visible', fieldLabel).and('have.attr', 'href', helpHref);
+});
 
 And('info text {string} is displayed in the section body', (infoText) => {
 	cy.get('#fieldset--drug-trtmt').find('p').should('have.text', infoText);
 });
 
-Then(
-	'autocomplete dropdown is displayed with {string} text',
-	(autosuggestItem) => {
-		cy.get('div.cts-autocomplete__menu-item:visible').should(
-			'have.text',
-			autosuggestItem
-		);
-	}
-);
+Then('autocomplete dropdown is displayed with {string} text', (autosuggestItem) => {
+	cy.get('div.cts-autocomplete__menu-item:visible').should('have.text', autosuggestItem);
+});
 
 And('user selects {string} from dropdown', (autosuggestTerm) => {
-	cy.contains(
-		'#fieldset--drug-trtmt .cts-autocomplete__menu-item',
-		autosuggestTerm,
-		{
-			timeout: 7000,
-		}
-	).click({ force: true, timeout: 7000 });
+	cy.contains('#fieldset--drug-trtmt .cts-autocomplete__menu-item', autosuggestTerm, {
+		timeout: 7000,
+	}).click({ force: true, timeout: 7000 });
 });
 
 And('trial info displays {string}', (infoText) => {
@@ -57,45 +41,27 @@ When('user clicks on Modify Search Criteria button', () => {
 
 Then('{string} input field has a value {string}', (fieldLabel, value) => {
 	if (fieldLabel.toLowerCase().includes('drug')) {
-		cy.get(`input#${fieldMap[fieldLabel]}`)
-			.parent()
-			.find('span')
-			.first()
-			.should('have.text', value);
+		cy.get(`input#${fieldMap[fieldLabel]}`).parent().find('span').first().should('have.text', value);
 	} else {
-		cy.get(`input#${fieldMap[fieldLabel]}`)
-			.parent()
-			.find('span')
-			.first()
-			.should('have.text', value);
+		cy.get(`input#${fieldMap[fieldLabel]}`).parent().find('span').first().should('have.text', value);
 	}
 });
 
-When(
-	'user removes {string} from the {string} field',
-	(selectedType, fieldLabel) => {
-		cy.get(`input#${fieldMap[fieldLabel]}`)
-			.parent('.cts-chip-list')
-			.as('fieldInFocus');
-		cy.get('@fieldInFocus').find(`button[value="${selectedType}"]`).click();
-	}
-);
+When('user removes {string} from the {string} field', (selectedType, fieldLabel) => {
+	cy.get(`input#${fieldMap[fieldLabel]}`).parent('.cts-chip-list').as('fieldInFocus');
+	cy.get('@fieldInFocus').find(`button[value="${selectedType}"]`).click();
+});
 
-And(
-	'the url query has the following corresponding code with duplicated keys',
-	(dataTable) => {
-		cy.location('href').then((url) => {
-			const params = new URL(url).searchParams;
-			//verify num of url params matches expected
-			expect(Array.from(params.entries()).length).to.eq(dataTable.raw().length);
-			//verify that url query params have expected values
-			expect(Array.from(params.entries())).to.deep.equal(dataTable.raw());
-		});
-	}
-);
+And('the url query has the following corresponding code with duplicated keys', (dataTable) => {
+	cy.location('href').then((url) => {
+		const params = new URL(url).searchParams;
+		//verify num of url params matches expected
+		expect(Array.from(params.entries()).length).to.eq(dataTable.raw().length);
+		//verify that url query params have expected values
+		expect(Array.from(params.entries())).to.deep.equal(dataTable.raw());
+	});
+});
 
 Then('autocomplete dropdown is displayed', () => {
-	cy.get('#fieldset--drug-trtmt .cts-autocomplete__menu-item').should(
-		'be.visible'
-	);
+	cy.get('#fieldset--drug-trtmt .cts-autocomplete__menu-item').should('be.visible');
 });

cypress/e2e/AdvancedSearchPage/KeywordsSection/index.js

@@ -6,14 +6,9 @@ const keywordsFields = {
 	KeywordsPhrases: 'keywordPhrases',
 };
 
-Then(
-	'help icon is displayed in {string} section with href {string}',
-	(fieldLabel, helpHref) => {
-		cy.get(`#fieldset--${keywordsFields[fieldLabel]}`)
-			.find('a.text-icon-help')
-			.should('have.attr', 'href', helpHref);
-	}
-);
+Then('help icon is displayed in {string} section with href {string}', (fieldLabel, helpHref) => {
+	cy.get(`#fieldset--${keywordsFields[fieldLabel]}`).find('a.text-icon-help').should('have.attr', 'href', helpHref);
+});
 
 And('trial info displays {string}', (infoText) => {
 	cy.get('.all-trials').should('have.text', infoText);