* Return the table id from csv upload (as a header)

* Add date format that google sheets uses

* Smuggle id

* done?

* comment

* with empty h2 db

* dashing

* fix flaky test

* Parse the correct date class

---------

Co-authored-by: Alexander Solovyov <alexander@solovyov.net>

* Pivot Exports/Downloads Should Not include pivot-grouping or 'Extra' Rows

Fixes 46561

When downloading a pivot table's data, a column 'pivot-grouping' is included as well as 'extra' rows that correspond
to various totals in the table.

This PR removes the pivot-grouping column and any of these 'extra' rows from the downloads/exports.

* fix xlsx

* Fix csv

* fix json

* add test and fix some failing tests

* fmt

* Update src/metabase/query_processor/streaming/csv.clj

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* static viz table renders filter out pivot-grouping

* address review feedback

* add some comments to try explain the changes

---------

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* Ensure :effective-type for columns from an aggregation in a card

Fixes #47184

* Synchronize effective-type with the base-type on override

When :base-type in the column metadata is overridden with the :base-type in the field ref, set it as :effective-type
too.  If :effective-type is also set in the field ref, it wins.

* Rollback to legacy unique-name-generator in annotate-native-cols

* Add native query long column alias test to nested queries tests

* Add native query long column alias test to dataset api tests

* Add native query long column alias test to models e2e tests

* Move limit into inner native query

* PR suggestion: simplify lambda argslist

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* PR suggestion: remove unnecessary mt/with-temp-copy-of-db

* Tweak test name

---------

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* Initial commit of controlled upgrades

- new setting upgrade-threshold (`MB_UPGRADE_THRESHOLD`)
  number 0-100
- conditionally removing latest from upgrade checks

AS OF RIGHT NOW IT ALWAYS REMOVES the latest.
Should help FE make this optional

* dumb mistake

* handle no latest version info

* implement and basic test

* More tests, refactor name

* more tests

* cljfmt does not like commas in source code.

* Just move site-uuid to the declaration and don't declare it

nothing is sacred in the settings order. no reason. i think i was just
trying to minimize the diff, which a dumb and ignoble goal.

* add context strings

* update unit tests

* use display version

* Have upgrade threshold include current major version

hopefully helps rotate people from early to late, and late to early
across major versions. Idea from sanya and quite nice!

---------

Co-authored-by: Ryan Laurie <iethree@gmail.com>

* Fix some minor collections issues

- explicitly provide access to the trash to all users, in the same way
we provide access to personal collections. Due to migration order, we
don't necessarily have a permissions row with the correct `perm_type`,
`perm_value`, and `collection_id` for the Trash collection. That's ok -
we don't actually move things to the Trash, so there isn't any
item where `collection_id=$trash.id` - but this may affect things like
effective ancestors for children of the trash. Let's be explicit about
the permissions that users have.

- replace a case where we manually calculated effective location and
then got the parent_id with just hydrating `:effective_parent`. This is
more efficient.

- replace the simple hydration method for `effective-location-path` with
a batched hydration method that fetches `visible-collection-ids` *once*
and then uses it to figure out the effective location path for each
collection passed.

Fixes #47735

* Don't encrypt `site-locale`

* Fix test for `site-locale`

The previous test required encryption. Theoretically the referenced
error just depends on the fact that something is logged during the
process of getting the value, so I reworked it to depend on that
directly rather than triggering it through an encryption key rotation.

Fixes #45938.

Remapping is handled at the top level of the query, and should be
ignored for inner queries. This PR hides it from `results_metadata` on
source queries.

It also fixes the interaction with `large-int-id` logic to make big
integers JS-safe.

Fixes #4755

* Always allow localhost:* on CORS

* Use `embedding-app-origin-sdk` method for the headers

* Fix BE code formatting

* Fix BE formatting

We had a security issue where it was possible to query timelines without
having the requisite permissions on the collection. This test checks to
make sure this doesn't happen again.

* walk the error to remove any visualization settings

Thanks Dan for the patch, this approach is nice because it doesn't require changing all 3 streaming-response-writer
implementations (json csv and xlsx). It keeps behaviour basically the same, but just cleans up the output to not
include potentially sensitive column/dataset details.

* add a test that confirms json/csv errors are cleaned

* walk the error to remove any visualization settings

Thanks Dan for the patch, this approach is nice because it doesn't require changing all 3 streaming-response-writer
implementations (json csv and xlsx). It keeps behaviour basically the same, but just cleans up the output to not
include potentially sensitive column/dataset details.

* add a test that confirms json/csv errors are cleaned

* fix dataset error test

* cljfmt

* try to be a little more surgical with what we take out of the error

* formatting again, oops

* pass export format, only modify the obj for file exports

In the case of errors being saved to files, the obj is a map with a :status :failed key assoc'd by the qp somewhere
along the way. The format-exception cond branch is not used in this case, so we can't rely on modifying
`format-exception` to just dissoc ex-data.

Instead, I've kept the obj modification, but it excludes the query and the preprocessed keys, which are the only 2
keys where we see :viz-settings. This doesn't eliminate the problem of needing to exclude other keys in the future,
but it does improve the surface area - the query and viz settings are the most likely candidates for holding
potentially sensitive info.

I'd prefer to stick with this solution, as we can get a fix for the security concern in quicker, and perhaps a
non-security bug can be opened regarding the most correct way to indicate errors to users whose downloads have failed.

* keep format-exception the same

* cleaner passing of export-format to write-error!

* Support field remapping in pivot queries

* Generate breakouts without inversions

The way this was implemented, it also hid the section for management
of uploaded CSV files.  Further, admins might want to intentionally
switch from uploading to the data warehouse provided by Metabase to
one of their own.

This reverts commit fbaf58ad.

References: https://github.com/metabase/harbormaster/issues/5121
References: https://metaboat.slack.com/archives/C032LFJFANL/p1725296255637989

* API endpoint dox generation should resolve schemas from the registry #46799

* Update Kondo config

* Fix formatting

* Fix typo in MetadataProvider docstring

* Fix typo in caching-test: s/Second/Third/

* Store ::nil markers in CachedMetadataProvider for failed lookups

Store ::nil markers in CachedMetadataProvider for any ids for which the wrapped/uncached upstream provider fails to return
metadatas. This prevents repeatedly querying the uncached-provider for ids that don't exist.

The downside is that if the uncached-provider suddenly starts returning metadata for an id that previously did not
exist, we won't pick up on it, but the assumption here is that this is no different / worse than cache invalidation
for existing ids that happen to change after we cache them.

* PR suggestion: remove unnecessary test assertion

* tracking entity id translation

* add total and more tests

* indentation

* realign the last test

* fix: sqlserver handle uniqueidentifier uuids

Fixes #46148

Include sqlserver in `uuid-type` handling as its `uniqueidentifier` type
stores uuids.

* Don't be so precise with varchar size

* Add seam for drivers to cast to text type

* Fix arg order