Remove usage of eval in hreflang.js

[connorjclark]

see: https://docs.google.com/document/d/10gp-4xzsQuJpdfMdYHPZbf6EYq3lBnu1Adc11bcMQE8/edit#

CDT wants to tighten their CSP, and this came up as an issue. We could revert what #11442 did–alternatively we could add the list of locales to the Accessibility artifact.

[brendankenny]

#11661 (comment) may finally be able to shine :)

[paulirish]

Ohh also I think we didnt catch that the axe list of langs went from 20kb to 2kb in axe 4.1.0 (which we've had since #11661

dequelabs/axe-core#2527
https://github.com/dequelabs/axe-core/blob/develop/lib/core/utils/valid-langs.js

nice job axe folks :D

[connorjclark]

No, definitely caught that, it was on my suggestion :)

[brendankenny]

we're dropping support for Node 12 (and we decided to move past Node 12.17 since last December anyways), so dynamic import for hreflang (and reverting back to the old fs.readFileSync in the accessibility gatherer) would maintain the size savings and is easily doable for LH9

[connorjclark]

wouldn't that inline as a string (brfs) that module and include it in the bundle as JS (for import)?

I don't see how dynamic import is any different than the old commonjs require for that explicit module, in terms of avoiding the duplication