Modernize our js.erb so we can turn the csp back on

[colinxfleming]

Thanks for creating an issue! Please fill out this form so we can be sure to have all the information we need, and to minimize back and forth.

• What are we trying to do?

As rails has gotten better about CSPs they've been using UJS/js.erb a lot less. Deprecating webpacker came at the cost of basically shutting our CSP off; as a condition of getting our CSP back we're going to have to come up with a better approach here.

See the discussion in this PR - #2651

• What feature or behavior is this required for?
  CSP, modern rails stack

• How could we solve this issue? (Not knowing is okay!)

Rails seems to be coalescing around a strategy / stack called hotwire, but I'm highly suggestible. Less intensity and a smoother transition would be preferable, bonus to not have to rig up a whole other framework, but man idk.

• Anything else?

[colinxfleming]

Finished a timebox by going thru the guide at https://dev.to/thomasvanholder/how-to-upgrade-migrate-turbolinks-to-hotwire-3e7 and seeing what would happen on the accountants controller. I think generally:

• modals appear to be kinda tricky (bad)
• but hotwire seems pretty easy to set up (good)
• but we do a lot of ujs in both controllers and views (bad)
• but it DOES seem like we might be able to incrementally rewrite things piece by piece (good)
• and our systemtest posture means that we can probably guard against regressions pretty well (good)
  I'm gonna try putting up a proof of concept PR and see where it gets us.