Open bryanpizzillo opened 2 months ago
It should be noted that as of 20240916 npm audit
shows:
156 vulnerabilities (2 low, 110 moderate, 38 high, 6 critical)
(Many of these should be resolved by r4r's removal from the code base)
After removing the R4R package:
19 vulnerabilities (9 moderate, 8 high, 2 critical)
(which is much more manageable to resolve in a separate ticket)
Issue description
This is the cgdp peer to https://github.com/NCIOCPL/r4r-app/issues/11. This work should only be committed once production has been updated to use the generic app module.
Release 1 Tasks:
docroot/profiles/custom/cgov_site/modules/custom/cgov_yaml_content/content/009_app_module_r4r.content.yml
to have the new App module config and make sure it works.cgov_r4r
fromdocroot/profiles/custom/cgov_site/cgov_site.info.yml
r4r-app
library. These should change to output no HTML.docroot/profiles/custom/cgov_site/themes/custom/ncids_trans/templates/app_module/r4r/app-module--cgov-r4r-app.html.twig
docroot/profiles/custom/cgov_site/themes/custom/cgov/cgov_common/src/libraries/r4r
docroot/profiles/custom/cgov_site/themes/custom/ncids_trans/front-end/src/entrypoints/r4r
r4r-app
fromdocroot/profiles/custom/cgov_site/themes/custom/ncids_trans/front-end/webpack.entries.js
docroot/profiles/custom/cgov_site/themes/custom/ncids_trans/front-end/local_packages
@nciocpl/r4r-app
from the ncids_transpackage.json
devDependencies
list -- verify they are no longer ncids_trans' dependencies.cgov/src/analytics/dumb-datalayer.js
as it appears that r4r is the last thing using it.docroot/profiles/custom/cgov_site/themes/custom/ncids_trans/front-end/postcss.config.js
cgov_application_page
that turns offcgov_r4r
module and removes the R4R app module config.cgov_application_page_update_8004
fromcgov_application_page.install
leaving a comment that8004 installed the old cgov_r4r which has been removed
Release 2 Tasks:
docroot/modules/custom/cgov_r4r