* Require `:encryption` for string settings

For settings that are not typed as JSON, CSV, or strings, encryption now
defaults to `:no` (*except* if you have
explicitly marked your setting as `:sensitive?` - these will default to
`:when-encryption-key-set`).

I went through all our settings and provided what I think are reasonable
values here. I tried to be conservative - when I wasn't sure whether a
stored setting was sensitive, I kept it as encrypted. For example, the
`ldap-port` setting is probably non-sensitive but theoretically someone
could be using a weird port for security-by-obscurity, so I kept that
encrypted.

* Change possible values for `:encryption`

`:maybe` was confusing: let's be more explicit that the value will be
encrypted `:when-encryption-key-set` to make it obvious what actually
turns encryption on and off.

* Support skipToken in useFetchMetrics

* WIP

* Add user setting for verified metrics

* Add verified metrics to the VERIFIED_CONTENT plugin

* Use metric plugins for verified metrics

* Move helpers down

* Do not filter for verified metrics if there are none, regardless of user setting

* Add label to filter button

* Revalidate search when card gets (un-)verified

* Add e2e test for verified metrics

* Avoid checking for verified metrics on when content-verification is not enabled

* Fix broken test

* Simplify content verification plugin structure for metrics

* Add content moderation types and API helpers

* Update content moderation plugin to make use of the moderation api in metabase/api

* Fix lint

* Fix missing list tag

* Store verified metric filter preference

* Move all helpers to the bottom

* Ensure the user setting gets updated when chaning the filter

* Add comment about component similarity

* Undo changes to embedding-sdk

* Return the table id from csv upload (as a header)

* Add date format that google sheets uses

* Smuggle id

* done?

* comment

* with empty h2 db

* dashing

* fix flaky test

* Parse the correct date class

---------

Co-authored-by: Alexander Solovyov <alexander@solovyov.net>

* Pivot Exports/Downloads Should Not include pivot-grouping or 'Extra' Rows

Fixes 46561

When downloading a pivot table's data, a column 'pivot-grouping' is included as well as 'extra' rows that correspond
to various totals in the table.

This PR removes the pivot-grouping column and any of these 'extra' rows from the downloads/exports.

* fix xlsx

* Fix csv

* fix json

* add test and fix some failing tests

* fmt

* Update src/metabase/query_processor/streaming/csv.clj

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* static viz table renders filter out pivot-grouping

* address review feedback

* add some comments to try explain the changes

---------

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* Ensure :effective-type for columns from an aggregation in a card

Fixes #47184

* Synchronize effective-type with the base-type on override

When :base-type in the column metadata is overridden with the :base-type in the field ref, set it as :effective-type
too.  If :effective-type is also set in the field ref, it wins.

* add license problem hook

* add warning banner

* style cue component

* update cue component

* report issue to console

* report issue to console

* use sdk loader for pre-initialization

* extract print problem method

* use non-standard shadows

* add unit tests

* prevent console log spam during tests

* mock the embedding token feature

* mock the embedding token feature by default

* add more test cases

* add test case

* add test cases

* increase popover z-index

* simplify test setup

* simplify test setup

* do not load individual component when a license error happens

* move SdkLicenseProblemDisplay component out

* replace colors with color-mix

* replace colors with color-mix

* make the text unthemed to ensure legibility

* hard-code colors to prevent them from being themed

* hard-code colors to prevent them from being themed

* update border styles

* make the chevron unthemed

* unset console text color

* only set stroke on errors

* optimistic query settings

* document the sdk license condition

* remove redundant condition

* add notes on api keys always being allowed on localhost

* move the no auth method message to warning component

* rename sdk license problem to usage problem

* add eslint rule for stories

* rename sdk license problem to usage problem

* move sdk usage problem display out of the init controller

* specify fallback font if instance is down or CORS error

* add comments on conditions pending on the CORS PR

* add notes on non-localhost checks

* make test ids constant

* add test case for neither provided

* fix types

* address code reviews

* pass `embedding-sdk` flag in `token-features`

* address code review

Co-authored-by: Mahatthana (Kelvin) Nomsawadi <me@bboykelvin.dev>

* remove appName from console logs

* rename embedding-sdk to embedding_sdk

* add the embedding_sdk premium token feature

* do not setup enterprise plugin in sdk test

* do not localize visual cue messages

* fix unit test in setup-sdk-auth

* rename tests

* remove unused eslint-disable

* enable embedding_sdk premium feature for sdk unit tests

* revert security_test.clj to use embedding instead of embedding-sdk

* remove unneeded test

* changes to support the style leak fixes

---------

Co-authored-by: Mahatthana (Kelvin) Nomsawadi <me@bboykelvin.dev>

* Rollback to legacy unique-name-generator in annotate-native-cols

* Add native query long column alias test to nested queries tests

* Add native query long column alias test to dataset api tests

* Add native query long column alias test to models e2e tests

* Move limit into inner native query

* PR suggestion: simplify lambda argslist

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* PR suggestion: remove unnecessary mt/with-temp-copy-of-db

* Tweak test name

---------

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* Initial commit of controlled upgrades

- new setting upgrade-threshold (`MB_UPGRADE_THRESHOLD`)
  number 0-100
- conditionally removing latest from upgrade checks

AS OF RIGHT NOW IT ALWAYS REMOVES the latest.
Should help FE make this optional

* dumb mistake

* handle no latest version info

* implement and basic test

* More tests, refactor name

* more tests

* cljfmt does not like commas in source code.

* Just move site-uuid to the declaration and don't declare it

nothing is sacred in the settings order. no reason. i think i was just
trying to minimize the diff, which a dumb and ignoble goal.

* add context strings

* update unit tests

* use display version

* Have upgrade threshold include current major version

hopefully helps rotate people from early to late, and late to early
across major versions. Idea from sanya and quite nice!

---------

Co-authored-by: Ryan Laurie <iethree@gmail.com>

so we need to account for that in serialization paths, storage
paths and when exporting/importing foreign keys

* Fix some minor collections issues

- explicitly provide access to the trash to all users, in the same way
we provide access to personal collections. Due to migration order, we
don't necessarily have a permissions row with the correct `perm_type`,
`perm_value`, and `collection_id` for the Trash collection. That's ok -
we don't actually move things to the Trash, so there isn't any
item where `collection_id=$trash.id` - but this may affect things like
effective ancestors for children of the trash. Let's be explicit about
the permissions that users have.

- replace a case where we manually calculated effective location and
then got the parent_id with just hydrating `:effective_parent`. This is
more efficient.

- replace the simple hydration method for `effective-location-path` with
a batched hydration method that fetches `visible-collection-ids` *once*
and then uses it to figure out the effective location path for each
collection passed.

Fixes #47735

* Move stale endpoint to /ee/stale/${collection-id}

It's an enterprise-only endpoint, so it makes sense to put the whole
thing under enterprise.

* refactors ui to use ee stale endpoint

lint fixes, change endpoint location

fix failure e2e test

* Fix endpoint location

---------

Co-authored-by: Sloan Sparger <sloansparger@gmail.com>

* Don't encrypt `site-locale`

* Fix test for `site-locale`

The previous test required encryption. Theoretically the referenced
error just depends on the fact that something is logged during the
process of getting the value, so I reworked it to depend on that
directly rather than triggering it through an encryption key rotation.

Fixes #45938.

Remapping is handled at the top level of the query, and should be
ignored for inner queries. This PR hides it from `results_metadata` on
source queries.

It also fixes the interaction with `large-int-id` logic to make big
integers JS-safe.

Fixes #4755

* perf: [metabase.util.performance] Faster mapv for small collections

* perf: Optimize some query processor functions

* Fix miss

* Another spot, plus clean up

* Always allow localhost:* on CORS

* Use `embedding-app-origin-sdk` method for the headers

* Fix BE code formatting

* Fix BE formatting