Adjust our Content Security Policy on production so that it is more
restrictive than when we run in development mode. Changes include:
- Do not allow loading content/scripts/fonts from localhost
- Do not allow running code that contains `eval` statements
Use `CspHtmlWebpackPlugin` to generate our content security policy
using code rather than hard coding meta tags on our html index page.
This provides us a more flexible means to configure our CSP dynamically.
Use `HtmlWebpackPlugin` to generate our final html file so that we can
remove our inline scripts and insert them dynamically based on our
webpack config.
If we catch these errors and resolve to the error itself, then `await` for that
function resolves to the error value rather than throw. Because no api currently
handles the associated errors, it is better to be noisy about these errors, by
throwing rather than returning the error object.
The final size of renderer.prod.js is about 4.75mb. 2.35mb of this comes
from react-icons.
Update the react icon imports to import only the specific icons that we
use. This reduces the final size of renderer.prod.js by about 50%
This enables easy access to all lnd settings for development, and is a step
toward relying on an external configuration file that will be accessible to
users for whom the code is not.
Webpack environment `mode` is defined directly in our environment
specific webpack config files. Due to this, we no longer need to
manually set `NODE_ENV` or check to ensure that it has been set.
See:
- https://webpack.js.org/concepts/mode/
Webpack v4 introduced a new `mode` setting, which - amongst other
things - automates the definition of the NODE_ENV environment variable.
We already had the `mode` settings set in our webpack configs so this
change is just to clean up some redundant code that is handled
automatically by this setting.
See:
- https://webpack.js.org/concepts/mode/
pass the `--raw` flag to concurrently so that we output the raw output
of processes. This disables concurrently prettifying and provides a more
legible output for our scripts.
Tom Kirkpatrick
Ben Woosley
Jack Mallers
odb366