Bump webpacker from 4.0.7 to 4.2.0

[dependabot-preview]

Bumps webpacker from 4.0.7 to 4.2.0.

Changelog

Sourced from webpacker's changelog.

[4.2.0] - 2019-11-12

• Fixed installer bug #2366

[4.1.0] - 2019-11-12

• Added favicon_pack_tag to generate favicon links #2281
• Add support for Brotli compression #2273
• Support .(sass|scss).erb #2259
• Elm: Enable production optimizations when compiling in production #2234
• fixes webpacker:clean erroring because of nested hashes #2318
• Revert of production env enforcement #2341
• Add a preload_pack_asset helper #2124
• Record the compilation digest even on webpack error #2117
• See more changes here

Commits

• d905149 4.2.0
• 93152cf Check for webpacker.yml before setting source (#2366)
• f36e5ed 4.1.0
• 05179f8 fix doc. config webpacker with docker for autoreload (#2297)
• ec47091 Update deployment.md (#2290)
• de25514 Update troubleshooting.md (#2298)
• 749675d Fix doc to follow options for css-loader v3 (#2362)
• 13756f1 Update dependencies (#2360)
• 5da39a1 fixes webpacker:clean erroring because of nested hashes on manifest (#2318)
• 25ff653 Typo 'pnp' instead of 'php' (#2357)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[ClearlyClaire]

What happens here is that webpacker 4.2.0 actually uses the test env instead of the production env like it has erroneously done forever.
If I understand correctly what is going on, it seems this has the side-effect of having the async modules not be in their own named chunks, which is in theory ok as they are not entry points… however, the haml templates refer to them explicitly to add them to preload list.
I don't know exactly why those modules don't get their own chunks, and I don't know how to ensure they do.

EDIT: note that it isn't something specific in our test.js config, as running node ./node_modules/.bin/webpack --config config/webpack/test.js with NODE_ENV unset adds a features/getting_started chunk, but the same with NODE_ENV=test does not.
EDIT2: It works correctly with NODE_ENV=development and even NODE_ENV=foo, so it seems something in webpack or one of the loaders does special stuff when NODE_ENV=test. And unfortunately setting optimization.nodeEnv in our test.js doesn't help.