Investigate moving common dependencies to root to make updates easier

[garethbowen]

Describe the issue

Updating dependencies is necessary for patching vulnerabilities quickly, but...

• Updating dependencies manually is a big effort because it means navigating to a dozen directories (root, api, sentinel, webapp, admin, and all shared-libs) and doing an npm install. It's inevitable that we get inconsistencies with some dependencies being updated and some not.
• Automatic updating through dependabot isn't working well because it does one directory at a time so you get a dozen PRs every time lodash updates.
• Node services are packaged very crudely by just including all shared libs rather than just those that are needed for that service. This is not a big deal because if the code doesn't run then it shouldn't be exploitable, and it doesn't contribute much to image size.
• Finally this continues to get worse as we add more and more shared libs

Describe the improvement you'd like

The way monorepos should work is all common dependencies (and maybe all dependencies) are defined at the root level. This works fine for bundled apps (admin and webapp) because the bundler pulls in only needed code. But we don't have a good solution for node services. This should be solvable by npm pack with bundledDependencies.

Describe alternatives you've considered

• Bundling service code (eg: TS) but that adds another step to the dev build that I'd rather avoid.

[garethbowen]

Also check out the npm-pack-all-zip package..