Record document URL as "extra" metadata rather than a tag

It turns out that Sentry has various contraints on the characters that
can appear in tags as well as their length. For debugging purposes we
want to capture the full document URL unmodified. Therefore capture this
as un-indexed "extra" metadata, which has fewer constraints, rather than
an indexed "tag".

Do not link last-edited timestamp to annotation single view

Render, but do not link, the last-edited timestamp. Having both this
and the created timestamp linked to the single-annotation view can lead
to confusion, as it might seem like they link to two different places
if they’re both linked.

Add parent frame URL as context to Sentry error reports

Namespace realtimeupdates module

Add a `document_url` tag to error reports whose value is the URL of the
sidebar's parent frame.

This is useful when reproducing issues that only occur on certain sites.

Bump uglifyify from 5.0.1 to 5.0.2

Bump aws-sdk from 2.502.0 to 2.517.0

Bumps [eslint](https://github.com/eslint/eslint) from 6.2.0 to 6.2.2.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v6.2.0...v6.2.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

[Security] Bump eslint-utils from 1.4.0 to 1.4.2

Namespace selection module

Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.4.0 to 1.4.2. **This update includes a security fix.**
- [Release notes](https://github.com/mysticatea/eslint-utils/releases)
- [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.4.0...v1.4.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.502.0 to 2.517.0.
- [Release notes](https://github.com/aws/aws-sdk-js/releases)
- [Changelog](https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js/compare/v2.502.0...v2.517.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [uglifyify](https://github.com/hughsk/uglifyify) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/hughsk/uglifyify/releases)
- [Commits](https://github.com/hughsk/uglifyify/compare/v5.0.1...v5.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

- Move selectedTab logic out of annotations reducer to selection reducer
- removeAnnotations action now passes the set of removed annotations and remaining annotations
- buildRootThread takes getRootState param

Replace legacy Sentry JS SDK with new Sentry SDK

This enables us to distinguish reports from dev, qa, prod etc. The value
is provided by h for the embed or the browser extension.

Previous experience with Sentry has found that there are various
scenarios that can cause a client to spam the server with a large number
of reports. Although Sentry has its own server-side quotas and rate
limiting, I think it will be useful to do client-side per-session rate
limiting as well. This also provides a place where we can hook in other
client-side filtering in future.

Replace the legacy raven-js package with Sentry's new JS SDK [1], with a
minimal wrapper in `util/sentry.js` that exports the same interface as
the previous `raven.js` module.

To enable Sentry, h or the browser extension must set a `sentry` key in the
sidebar app's configuration.

As part of switching SDKs, the following changes were made:

 - The AngularJS integration was removed, as we are in the process of
   migrating away from Angular
 - The custom code for unhandled promise rejections was removed, as the
   new SDK handles this already
 - The URL rewriting logic was removed. This was done to make the setup
   as minimal as possible. This may need to be re-added later.
 - The `report` function was removed, as it was not used anywhere
 - The `session` module now imports `util/sentry` directly rather than
   using Angular dependency injection. Now that we have a convenient way
   to mock all CJS/ES imports, there isn't a need to use DI for
   utilities

[1] https://docs.sentry.io/platforms/javascript/

Namespace the frames module

Namespace the direct-linked module

Namespace the activity module

Namespace the drafts module

Add namespace capability to store modules

Each module can now opt into being namespaced by exporting the value for "namespace".

Bump katex from 0.10.2 to 0.11.0

Bump gulp-changed from 4.0.0 to 4.0.1

Bump karma-chrome-launcher from 2.2.0 to 3.1.0

Bumps [eslint](https://github.com/eslint/eslint) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v6.1.0...v6.2.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>