[DDO-3907] Update swagger-ui

[jack-r-warren]

So swagger-ui is vulnerable. We don't directly rely on it. We rely on github.com/swaggo/files, which submodules in swagger-ui. Javascript code but not through npm. I'm not kidding -- that took a minute to figure out.

So anyway, looks like someone bumped the v2 branch of swaggo/files to have a non-vulnerable swagger-ui a few months back. But the v2 branch of swaggo/files is incompatible with swaggo/gin-swagger. Ugh. So we have to adapt the fs.FS that swaggo/files now provides with the webdav.FileSystem/webdav.Handler that swaggo/gin-swagger expects. It's not that bad because it's just a stub.

Fun fact, the newer swagger-ui now uses React to apply inline styles imperatively. So it started failing Sherlock's hash-based CSP. Whatever. Sarah Gibson directly confirmed that including unsafe-inline for style-src is okay so that's what I'm doing.

Testing

We have tests that check that Sherlock can boot the router properly. This is also trivial to test locally because you can just load up the Swagger page and if it works then we can be pretty sure that the files making up the page are there.

Risk

Low. Even if this goes super-super sideways somehow, we're still behind IAP and nothing depends on Swagger.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[github-actions]

No API changes detected

[github-actions]

Published image from 8969a25 (merge 45c84a5):

us-central1-docker.pkg.dev/dsp-artifact-registry/sherlock/sherlock:v1.6.7-45c84a5
us-central1-docker.pkg.dev/dsp-devops-super-prod/sherlock/sherlock:v1.6.7-45c84a5

[codecov]

Codecov Report

Attention: Patch coverage is 31.42857% with 24 lines in your changes missing coverage. Please review.

Project coverage is 66.76%. Comparing base (cabddae) to head (8969a25).
Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
sherlock/internal/boot/router.go	29.41%	24 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #690      +/-   ##
==========================================
- Coverage   67.49%   66.76%   -0.73%     
==========================================
  Files         292      292              
  Lines       13695    16488    +2793     
==========================================
+ Hits         9243    11008    +1765     
- Misses       3551     4579    +1028     
  Partials      901      901              

Files with missing lines	Coverage Δ
...herlock/internal/middleware/security/middleware.go	100.00% <100.00%> (ø)
sherlock/internal/boot/router.go	56.52% <29.41%> (-7.93%)	⬇️

... and 271 files with indirect coverage changes