* Databricks JDBC driver base

* Add databricks CI job

* WIP data loading -- it works, further cleanup needed

* Cleanup

* Implement ->honeysql to enable data loading

* Hardcode catalog job var

* Implement driver methods and update tests

* Derive hive instead of sql-jdbc

* Cleanup leftovers after deriving hive

* Run databricks tests on push

* Cleanp and enable set-timezone

* Disable database creation by tests

* Add Databricks to broken drivers for timezone tests

* Exclude Databricks from test

* Enable have-select-privilege?-test

* Restore sql-jdbc-drivers-using-default-describe-table-or-fields-impl post rebase

* Restore joined-date-filter-test

* Adjust to work with dataset definition tests

* Adjust alternative date tests

* Remove leftover reflecttion warning set

* Update test exts

* cljfmt vscode

* Add databricks to kondo drivers

* Update metabase-plugin.yaml

* Update databricks_jdbc.clj

* Rework test extensions

* Update general data loading code to work with Databricks

* Reset tests to orig

* Use DateTimeWithLocalTZ for TIMESTAMP database type

* Convert to LocalDateTime for set-parameter

* Update test extensions field-base-type->sql-tyoe

* Update database-type->base-type

* Enable creation of time columns in test data even though not supported

* Fix typo

* Update tests

* Udpate tests

* Update drivers.yml

* Disable dynamic dataset loading tests

* Adjust the iso-8601-text-fields-should-be-queryable-date-test

* Update load-data/row-xform

* Add time type exception to test

* Update test data loading and enable test

* Whitespace

* Enable all driver jobs

* Update comment

* Make catalog mandatory

* Remove comment

* Remove log level from spec generation

* Update sql.qp/datetime-diff

* Update read-column-thunk

* Remove comment

* Simplify date-time->results-local-date-time

* Update comment

* Move definitions

* Update test extension types mapping

* Remove now obsolete ddl/insert-rows-honeysql-form implementation

* Update sql-jdbc.conn/connection-details->spec for perturb-db-details

* Update load-data/do-insert!

* Remove ssh tunnel from driver as tests do not work with it

* Update test

* Promote ::dynamic-dataset-loading to :test/dynamic-dataset-loading and modify corresponding tests

* Adjust to broken TIMESTAMP_NTZ sync

* Update read-column-thunk to return timestamps always in Z

* Comment

* Disable tests for dynamic datasets

* Return spark jobs into drivers.yml

* Update Databricks CI catalog

* Remove vscode cljfmt tweak

* Update iso-8601-text-fields-expected-rows

* Update datetime-diff

* Formatting

* cljfmt

* Add placeholder test

* Remove comment

* cljfmt

* Use EnableArrow=0 connection param

* Remove comment

* Comment

* Update tests

* cljfmt

* Update driver's deps.edn

* Update tests

* Implement alternative `describe-table`

* WIP Workaround for timestamp_ntz sync, will be thrown away probably

* Update metabase-plugin.yaml with schema filters

* Update driver to use schema filters and remove now redundant sync implemnetations

* Update tests

* Update tests extensions

* Update test

* Add feature flags for fast sync

* Implement describe-fields

* Implement describe-fks-sql

* Enable fast sync features

* Use full_data_type

* Comment

* Add exception for timestamp_ntz columns to new sync code

* Implement db-default-timezone

* Add timestamp_ntz ignored test

* Add db-default-timezone-test

* Fix typo

* Update setReadOnly

* Add comment on setAutoCommit

* Update chunk-size

* Add timezone-in-set-and-read-functions-test

* Drop Athena from driver exceptions

* Use set/intersection instead of a filter

* Add explicit fast-sync tests

* Update describe-fields-sql and add comment

* Add preprocess-additional-options

* Add leading semicolon test

* Disable dataset creation and update comment

* Rename driver to `databricks`

* Use old secret names

* Fix wrongly copied hsql list

* Temporarily allow database creation

* Add *allow-database-deletion*

* Temporarily allow database creation

* Disable database creation

* cljfmt

* cljfmt

* perf: Faster is-trash? for collections

* perf: Faster annotate-collections and collections->tree

* perf: Optimize path generation in collection->tree

Co-authored-by: Thomas Schmidt <thomas@metabase.com>

* Require `:encryption` for string settings

For settings that are not typed as JSON, CSV, or strings, encryption now
defaults to `:no` (*except* if you have
explicitly marked your setting as `:sensitive?` - these will default to
`:when-encryption-key-set`).

I went through all our settings and provided what I think are reasonable
values here. I tried to be conservative - when I wasn't sure whether a
stored setting was sensitive, I kept it as encrypted. For example, the
`ldap-port` setting is probably non-sensitive but theoretically someone
could be using a weird port for security-by-obscurity, so I kept that
encrypted.

* Change possible values for `:encryption`

`:maybe` was confusing: let's be more explicit that the value will be
encrypted `:when-encryption-key-set` to make it obvious what actually
turns encryption on and off.

* Support skipToken in useFetchMetrics

* WIP

* Add user setting for verified metrics

* Add verified metrics to the VERIFIED_CONTENT plugin

* Use metric plugins for verified metrics

* Move helpers down

* Do not filter for verified metrics if there are none, regardless of user setting

* Add label to filter button

* Revalidate search when card gets (un-)verified

* Add e2e test for verified metrics

* Avoid checking for verified metrics on when content-verification is not enabled

* Fix broken test

* Simplify content verification plugin structure for metrics

* Add content moderation types and API helpers

* Update content moderation plugin to make use of the moderation api in metabase/api

* Fix lint

* Fix missing list tag

* Store verified metric filter preference

* Move all helpers to the bottom

* Ensure the user setting gets updated when chaning the filter

* Add comment about component similarity

* Undo changes to embedding-sdk

* Return the table id from csv upload (as a header)

* Add date format that google sheets uses

* Smuggle id

* done?

* comment

* with empty h2 db

* dashing

* fix flaky test

* Parse the correct date class

---------

Co-authored-by: Alexander Solovyov <alexander@solovyov.net>

* Pivot Exports/Downloads Should Not include pivot-grouping or 'Extra' Rows

Fixes 46561

When downloading a pivot table's data, a column 'pivot-grouping' is included as well as 'extra' rows that correspond
to various totals in the table.

This PR removes the pivot-grouping column and any of these 'extra' rows from the downloads/exports.

* fix xlsx

* Fix csv

* fix json

* add test and fix some failing tests

* fmt

* Update src/metabase/query_processor/streaming/csv.clj

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* static viz table renders filter out pivot-grouping

* address review feedback

* add some comments to try explain the changes

---------

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* Ensure :effective-type for columns from an aggregation in a card

Fixes #47184

* Synchronize effective-type with the base-type on override

When :base-type in the column metadata is overridden with the :base-type in the field ref, set it as :effective-type
too.  If :effective-type is also set in the field ref, it wins.

* add license problem hook

* add warning banner

* style cue component

* update cue component

* report issue to console

* report issue to console

* use sdk loader for pre-initialization

* extract print problem method

* use non-standard shadows

* add unit tests

* prevent console log spam during tests

* mock the embedding token feature

* mock the embedding token feature by default

* add more test cases

* add test case

* add test cases

* increase popover z-index

* simplify test setup

* simplify test setup

* do not load individual component when a license error happens

* move SdkLicenseProblemDisplay component out

* replace colors with color-mix

* replace colors with color-mix

* make the text unthemed to ensure legibility

* hard-code colors to prevent them from being themed

* hard-code colors to prevent them from being themed

* update border styles

* make the chevron unthemed

* unset console text color

* only set stroke on errors

* optimistic query settings

* document the sdk license condition

* remove redundant condition

* add notes on api keys always being allowed on localhost

* move the no auth method message to warning component

* rename sdk license problem to usage problem

* add eslint rule for stories

* rename sdk license problem to usage problem

* move sdk usage problem display out of the init controller

* specify fallback font if instance is down or CORS error

* add comments on conditions pending on the CORS PR

* add notes on non-localhost checks

* make test ids constant

* add test case for neither provided

* fix types

* address code reviews

* pass `embedding-sdk` flag in `token-features`

* address code review

Co-authored-by: Mahatthana (Kelvin) Nomsawadi <me@bboykelvin.dev>

* remove appName from console logs

* rename embedding-sdk to embedding_sdk

* add the embedding_sdk premium token feature

* do not setup enterprise plugin in sdk test

* do not localize visual cue messages

* fix unit test in setup-sdk-auth

* rename tests

* remove unused eslint-disable

* enable embedding_sdk premium feature for sdk unit tests

* revert security_test.clj to use embedding instead of embedding-sdk

* remove unneeded test

* changes to support the style leak fixes

---------

Co-authored-by: Mahatthana (Kelvin) Nomsawadi <me@bboykelvin.dev>

* Rollback to legacy unique-name-generator in annotate-native-cols

* Add native query long column alias test to nested queries tests

* Add native query long column alias test to dataset api tests

* Add native query long column alias test to models e2e tests

* Move limit into inner native query

* PR suggestion: simplify lambda argslist

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* PR suggestion: remove unnecessary mt/with-temp-copy-of-db

* Tweak test name

---------

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* Initial commit of controlled upgrades

- new setting upgrade-threshold (`MB_UPGRADE_THRESHOLD`)
  number 0-100
- conditionally removing latest from upgrade checks

AS OF RIGHT NOW IT ALWAYS REMOVES the latest.
Should help FE make this optional

* dumb mistake

* handle no latest version info

* implement and basic test

* More tests, refactor name

* more tests

* cljfmt does not like commas in source code.

* Just move site-uuid to the declaration and don't declare it

nothing is sacred in the settings order. no reason. i think i was just
trying to minimize the diff, which a dumb and ignoble goal.

* add context strings

* update unit tests

* use display version

* Have upgrade threshold include current major version

hopefully helps rotate people from early to late, and late to early
across major versions. Idea from sanya and quite nice!

---------

Co-authored-by: Ryan Laurie <iethree@gmail.com>

so we need to account for that in serialization paths, storage
paths and when exporting/importing foreign keys

* Fix some minor collections issues

- explicitly provide access to the trash to all users, in the same way
we provide access to personal collections. Due to migration order, we
don't necessarily have a permissions row with the correct `perm_type`,
`perm_value`, and `collection_id` for the Trash collection. That's ok -
we don't actually move things to the Trash, so there isn't any
item where `collection_id=$trash.id` - but this may affect things like
effective ancestors for children of the trash. Let's be explicit about
the permissions that users have.

- replace a case where we manually calculated effective location and
then got the parent_id with just hydrating `:effective_parent`. This is
more efficient.

- replace the simple hydration method for `effective-location-path` with
a batched hydration method that fetches `visible-collection-ids` *once*
and then uses it to figure out the effective location path for each
collection passed.

Fixes #47735

* Move stale endpoint to /ee/stale/${collection-id}

It's an enterprise-only endpoint, so it makes sense to put the whole
thing under enterprise.

* refactors ui to use ee stale endpoint

lint fixes, change endpoint location

fix failure e2e test

* Fix endpoint location

---------

Co-authored-by: Sloan Sparger <sloansparger@gmail.com>

* Don't encrypt `site-locale`

* Fix test for `site-locale`

The previous test required encryption. Theoretically the referenced
error just depends on the fact that something is logged during the
process of getting the value, so I reworked it to depend on that
directly rather than triggering it through an encryption key rotation.

Fixes #45938.

Remapping is handled at the top level of the query, and should be
ignored for inner queries. This PR hides it from `results_metadata` on
source queries.

It also fixes the interaction with `large-int-id` logic to make big
integers JS-safe.

Fixes #4755