Remove jQuery from Jira connect app

Since all code has been moved to Vue, it is now
safe to remove jQuery completely. This change
removes the last reference inside the controller.

We also remove the Atlaskit style reference
since it has been replaced with styles from
our own GitLab UI.

Changelog: changed

app/controllers/jira_connect/subscriptions_controller.rb

@@ -7,8 +7,8 @@ class JiraConnect::SubscriptionsController < JiraConnect::ApplicationController
     next if p.directives.blank?
 
     # rubocop: disable Lint/PercentStringArray
-    script_src_values = Array.wrap(p.directives['script-src']) | %w('self' https://connect-cdn.atl-paas.net https://unpkg.com/jquery@3.3.1/)
-    style_src_values = Array.wrap(p.directives['style-src']) | %w('self' 'unsafe-inline' https://unpkg.com/@atlaskit/)
+    script_src_values = Array.wrap(p.directives['script-src']) | %w('self' https://connect-cdn.atl-paas.net)
+    style_src_values = Array.wrap(p.directives['style-src']) | %w('self' 'unsafe-inline')
     # rubocop: enable Lint/PercentStringArray
 
     p.frame_ancestors :self, 'https://*.atlassian.net'

spec/features/jira_connect/subscriptions_spec.rb

@@ -40,8 +40,8 @@ RSpec.describe 'Subscriptions Content Security Policy' do
       visit jira_connect_subscriptions_path(jwt: jwt)
 
       is_expected.to include("frame-ancestors 'self' https://*.atlassian.net")
-      is_expected.to include("script-src 'self' https://some-cdn.test https://connect-cdn.atl-paas.net https://unpkg.com/jquery@3.3.1/")
-      is_expected.to include("style-src 'self' https://some-cdn.test 'unsafe-inline' https://unpkg.com/@atlaskit/")
+      is_expected.to include("script-src 'self' https://some-cdn.test https://connect-cdn.atl-paas.net")
+      is_expected.to include("style-src 'self' https://some-cdn.test 'unsafe-inline'")
     end
   end
 end