Material-UI Migration Preparations

[sourcegraph-wk]

Motivation

MUI component migrations will begin soon, and there are a few housekeeping items that are necessary for a smooth rollout across the Workiva ecosystem.

A member of Client Platform will reach out when this PR is ready for team review.

If you have any questions about this PR, reach out to us in the #support-mui-migration Slack channel!

Changes

This PR includes automated changes to ensure that the consumption of upstream dependencies that have migrated at least one Web Skin Dart component to MUI doesn't result in unexpected failures in this package or unexpected styling regressions in any of the standalone apps within this repo.

This is accomplished by:

1. Adding the JS MUI <script> tag to all HTML files used in this repo where React components are being rendered on the page
2. Adding react_material_ui as a dependency so that the <script> tags added do not cause 404 errors
3. Adding react_material_ui to the dependency_validator ignore list(s)
4. Wrapping top-level React trees (e.g. react_dom.render calls) in a ThemeProvider that sets the theme to our Workiva theme. This guards against components consumed from upstream dependencies being styled inconsistently.

The initial commit is automatically applied by a codemod and follow up commits may be made to:

• Fix tests

Release Notes

Prepare for MUI component migrations

QA Instructions

• [ ] CI Passes
• [ ] The app does not throw runtime exceptions when navigating to places where the top-level react_dom.render calls are relevant _(only necessary if functional tests run in CI does not navigate to all the views where the react_dom.render calls are used.)_

_Created by Sourcegraph batch change Workiva/mui_migration_rmui_prep2._

[aviary-wf]

Security Insights

(7) Vulnerable direct dependencies were detected

1 vulns in browserslist < 4.16.5 via yarn.lock

1 vulns in elliptic < 6.5.4 via yarn.lock

1 vulns in glob-parent < 5.1.2 via yarn.lock

1 vulns in lodash < 4.17.21 via yarn.lock

1 vulns in path-parse < 1.0.7 via yarn.lock

1 vulns in set-value < 4.0.1 via yarn.lock

1 vulns in ssri < 6.0.2 via yarn.lock

Action Items

• Review dependencies for available updates
• See this Splunk dashboard for more CVE details
• Review PR for security impact; comment "security review required" if needed or unsure

• Verify aviary.yaml coverage of security relevant code

  Questions or Comments? Reach out on Slack: #support-infosec.