Proposal: Replace gulp with a modern build system for st2web #23
Description
Motivation
The Gulp build system is no longer supported, but the st2web repository has not been updated to use something else. This increases the signal-to-noise ratio of dependency alerts we receive for that repository. Luckily, a lot of the outdated dependencies are only development dependencies that will never see production, but automated scanners will still report those to us, and might cause us to miss an outdated non-development dependency, since it "normalizes deviance".
Solution
We should replace the current build system, Gulp, with something that is maintained, like Webpack.
Downsides
We don't have a lot of front end developers, so this may be a lot of effort for the developers that we do have. However, switching to a more modern, updated build system might lower the barrier to contribute, thereby making it easier for more frontend developers to engage with the project and contribute additional fixes and features.
Alternatives
We can just live with the out-of-date development dependency notifications, as long as we guarantee that they aren't used in production. This seems fairly easy to guarantee, but not necessarily easy to live with.
I am not a frontend developer, so it would be helpful to have at least one or two frontend developers weigh in on this (paging @guzzijones and @bgaeddert).