* 0.33 instrumentation [WIP] (#10610)

* wip instrumentation

* add nqf instrumentation

* Fix data-metabase-event that wasn't being forwarded

* Merge master into release-0.33.x (#10634)

* Compute Content-Security-Policy hashes for inline JS (#10504)

* Split out inline JS from index/init templates to separate files

* Read inline JS from resources at run time

* Calculate inline JS hashes for CSP header from content

* Move inline JS to resource sub-directory

* Update and memoize inline JS loading

* Revert debug code

* Deduplicate `resp/response` calls

* Fix paths to moved inline JS resources

* Force creation of test data DB so things don't get left in the cache

This fix was provided by @camsaul.

* Combine and `defonce` inline JS hashes

* s/inlinejs/inline-js/

* Ensure that Metabase JAR is readable by `metabase` container user (#10510)

If the umask of the user that builds the image is xx7, the JAR will not be
world readable in the resulting image.

* Remove `--add-modules=java.xml.bind` Java option (#10521)

Fixes #10244. @camsaul confirmed that it is no longer needed.

* Join on collection table's ID, not the joining table's `collection_id` (#10481)

* Join on collection table's ID, not the joining table's `collection_id`

This caused each record that joins on collection, to be duplicated for each
existing collection:

`LEFT JOIN collection collection ON card.collection_id = collection_id`

should be

`LEFT JOIN collection collection ON card.collection_id = collection.id`

* Test fixes from @cam on EE

* Insights: correctly handle infinities in results (#10502)

Filter out models with infinities

* Transfer log events as JSON objects and allow filtering on front-end (#10522)

* Return log events as JSON objects from API; render on front-end

Site UUID added to log events.

* Remove superfluous memoization of site UUID retrieval

Settings are already cached.

* Transfer timestamps in ISO-8601 format

* Move `metabase.metabot.instance/local-process-uuid` to `metabase.public-settings`

* Use `local-process-uuid` in stead of `site-uuid`

`site-uuid` is not unique across processes, which is what we want to
associate with log events.

* Remove unused import

* Allow log events to be filtered by process UUID on front-end

* Move process selector out of loading wrapper

Otherwise, if there are process UUIDs with no log events, the selector is
removed with the log event list.

* Figured out how to add docs to `defonce`

* Fix ns declaration

* Linter appeasement

* Merge log events received from back-end with previously received ones

This allows responses from multiple back-end instances to be spliced
together.

* Use MB components in stead of plain, styled HTML tags

The select is only displayed if more than one process UUID was found.

* Linter appeasement

* Move `metabase.public-settings/local-process-uuid` to `metabase.config`

* Fix sorting on multiple log event fields

* Flatten `Select` children to allow nested arrays of children

* Generate options directly under parent Select

* Limit the number of log events that we render

* Docstring and style updates

* Update editor config with Clojure files max line length

* Ensure that `NumericWrapper` is imported before use

* Cleanup layout

* Bump HoneySQL version (#10559)

The new version (0.9.5) includes @camsaul's Turkish upper case fix:
jkk/honeysql#237

* Factor out test for access to localStorage (#10533)

* Factor out test for access to localStorage

This allows code that uses localStorage to test against
`window.hasLocalStorage`, in stead of handling exceptions generated when
access to localStorage is denied.

* Move check for localStorage to metabase/lib/dom

* Fix typo in warning message (#10556)

* revert text color to #74838f (#10560)

* revert text-medium color to #74838f

* use light instead of medium on preview button

* MBTL (#10105)

Add transforms and domain models

* Added page about maps and updated nav (#10495)

* Added page about maps and updated nav

* Clarified step 1

* Added more details throughout

* Quick URL change

* Added additional resource!

* fix typo: 'sdisplay' to 'display'

* Add message with link to docs for fields without any filter widgets (#10340)

* Correct proxy command line [ci skip] (#10430)

* Bump Toucan version to include Turkish lower case fix (#10581)

* Wrap `tru` and `trs` macro results in `str` (#10571)

* Add versions of `trs` and `tru` that wrap results in `str`

The pre-existing `trs` and `tru` were renamed to `lazy-trs` and `lazy-tru`
respectively, and new `trs` and `tru` funcs were added, wrapping the result
of its lazy counterpart in `str`.

This way the normal use case of `trs` and `tru` is improved by no longer
requiring that it be wrapped in `str`.

Cases where the translated result is passed to `str` anyway, the lazy
version can be used.

* `(str (trs ...))` → `(trs ...)`

And the same for `tru`.

* Allow `defsetting` descriptions to use lazy versions of `trs`/`tru`

* Use `lazy-trs`/`lazy-tru` where `str` is applied separately

* Remove unnecessary `vec` from `tru`/`trs` macros

* puppetlabs.i18n does not have a `lazy-tru`

* Missed some settings that now need to use `lazy-tru`

* Only use `lazy-tru` in top-level `def`s

If the localized strings are looked up on module import, before locales are
loaded, the lookup will fail and the original input string will be used.

* Fix bad usages of `tru` that should be `lazy-tru`

* s/lazy-tr/deferred-tr/g

* Avoid `tr*` macros being used in top-level (compile time) statements

Because localizations are not yet loaded at compile time.

* Add type hint for `str*` wrapping of `trs`/`tru`

* Fix assigned function's return type hint

* Expand docstrings for `i18n/tr[su]`

* Use `trs` and `tru` from metabase.util.i18n instead of puppetlabs.i18n.core

* Defer compile time translation lookups

These changes were pointed out by exceptions generated by `i18n/str*`.

* Remove unused `require`d function

* New compile time `trs` usages caught by `lein uberjar`

* Ensure that error message from db driver is a string

It is necessary to ensure that the error message is a string, because some
db driver errors come from statically declared error messages, using
`deferred-tru`. Like those in
`metabase.driver.common/connection-error-messages`.

Fixes #10347 and #10473.

* Remove string type hint from `humanize-connect-error-message`

* Don't disable preview for fields with non-trivial type  (#9687)

* Don't create API callback if no database is associated with card (#10573)

* Don't create API callback if no database is associated with card

Fixes #10538

* Return empty array to avoid mapping over null

* Operations guide breakout (#10569)

* Splitting the operations guide into separate pages

* Added a description to the Operations Guide nav

* Renamed the files and updated the navigation

* FAQ section of the docs (#10587)

* FAQ section of the docs

* Made links relative

* Link & TOC changes

* Fixing duplicate header, adding data collection URL

* Removed the "option is turned off by default" wording

* Don't return table data for archive searches (#10627)

Fixes #10439

* Fix docs links, small text changes (#10613)

* Fingerprinting: correctly handle datetimes that are also FKs (#10621)

* Test fixes [ci druid]

* Disable failing test for now

* v0.33.0

* Only throttle failed login attempts (#10593)

* Compute Content-Security-Policy hashes for inline JS (#10504)

* Split out inline JS from index/init templates to separate files

* Read inline JS from resources at run time

* Calculate inline JS hashes for CSP header from content

* Move inline JS to resource sub-directory

* Update and memoize inline JS loading

* Revert debug code

* Deduplicate `resp/response` calls

* Fix paths to moved inline JS resources

* Force creation of test data DB so things don't get left in the cache

This fix was provided by @camsaul.

* Combine and `defonce` inline JS hashes

* s/inlinejs/inline-js/

* Ensure that Metabase JAR is readable by `metabase` container user (#10510)

If the umask of the user that builds the image is xx7, the JAR will not be
world readable in the resulting image.

* Remove `--add-modules=java.xml.bind` Java option (#10521)

Fixes #10244. @camsaul confirmed that it is no longer needed.

* Join on collection table's ID, not the joining table's `collection_id` (#10481)

* Join on collection table's ID, not the joining table's `collection_id`

This caused each record that joins on collection, to be duplicated for each
existing collection:

`LEFT JOIN collection collection ON card.collection_id = collection_id`

should be

`LEFT JOIN collection collection ON card.collection_id = collection.id`

* Test fixes from @cam on EE

* Insights: correctly handle infinities in results (#10502)

Filter out models with infinities

* Transfer log events as JSON objects and allow filtering on front-end (#10522)

* Return log events as JSON objects from API; render on front-end

Site UUID added to log events.

* Remove superfluous memoization of site UUID retrieval

Settings are already cached.

* Transfer timestamps in ISO-8601 format

* Move `metabase.metabot.instance/local-process-uuid` to `metabase.public-settings`

* Use `local-process-uuid` in stead of `site-uuid`

`site-uuid` is not unique across processes, which is what we want to
associate with log events.

* Remove unused import

* Allow log events to be filtered by process UUID on front-end

* Move process selector out of loading wrapper

Otherwise, if there are process UUIDs with no log events, the selector is
removed with the log event list.

* Figured out how to add docs to `defonce`

* Fix ns declaration

* Linter appeasement

* Merge log events received from back-end with previously received ones

This allows responses from multiple back-end instances to be spliced
together.

* Use MB components in stead of plain, styled HTML tags

The select is only displayed if more than one process UUID was found.

* Linter appeasement

* Move `metabase.public-settings/local-process-uuid` to `metabase.config`

* Fix sorting on multiple log event fields

* Flatten `Select` children to allow nested arrays of children

* Generate options directly under parent Select

* Limit the number of log events that we render

* Docstring and style updates

* Update editor config with Clojure files max line length

* Ensure that `NumericWrapper` is imported before use

* Cleanup layout

* Bump HoneySQL version (#10559)

The new version (0.9.5) includes @camsaul's Turkish upper case fix:
jkk/honeysql#237

* Factor out test for access to localStorage (#10533)

* Factor out test for access to localStorage

This allows code that uses localStorage to test against
`window.hasLocalStorage`, in stead of handling exceptions generated when
access to localStorage is denied.

* Move check for localStorage to metabase/lib/dom

* Fix typo in warning message (#10556)

* revert text color to #74838f (#10560)

* revert text-medium color to #74838f

* use light instead of medium on preview button

* MBTL (#10105)

Add transforms and domain models

* Added page about maps and updated nav (#10495)

* Added page about maps and updated nav

* Clarified step 1

* Added more details throughout

* Quick URL change

* Added additional resource!

* fix typo: 'sdisplay' to 'display'

* Add message with link to docs for fields without any filter widgets (#10340)

* Correct proxy command line [ci skip] (#10430)

* Bump Toucan version to include Turkish lower case fix (#10581)

* Wrap `tru` and `trs` macro results in `str` (#10571)

* Add versions of `trs` and `tru` that wrap results in `str`

The pre-existing `trs` and `tru` were renamed to `lazy-trs` and `lazy-tru`
respectively, and new `trs` and `tru` funcs were added, wrapping the result
of its lazy counterpart in `str`.

This way the normal use case of `trs` and `tru` is improved by no longer
requiring that it be wrapped in `str`.

Cases where the translated result is passed to `str` anyway, the lazy
version can be used.

* `(str (trs ...))` → `(trs ...)`

And the same for `tru`.

* Allow `defsetting` descriptions to use lazy versions of `trs`/`tru`

* Use `lazy-trs`/`lazy-tru` where `str` is applied separately

* Remove unnecessary `vec` from `tru`/`trs` macros

* puppetlabs.i18n does not have a `lazy-tru`

* Missed some settings that now need to use `lazy-tru`

* Only use `lazy-tru` in top-level `def`s

If the localized strings are looked up on module import, before locales are
loaded, the lookup will fail and the original input string will be used.

* Fix bad usages of `tru` that should be `lazy-tru`

* s/lazy-tr/deferred-tr/g

* Avoid `tr*` macros being used in top-level (compile time) statements

Because localizations are not yet loaded at compile time.

* Add type hint for `str*` wrapping of `trs`/`tru`

* Fix assigned function's return type hint

* Expand docstrings for `i18n/tr[su]`

* Use `trs` and `tru` from metabase.util.i18n instead of puppetlabs.i18n.core

* Defer compile time translation lookups

These changes were pointed out by exceptions generated by `i18n/str*`.

* Remove unused `require`d function

* New compile time `trs` usages caught by `lein uberjar`

* Ensure that error message from db driver is a string

It is necessary to ensure that the error message is a string, because some
db driver errors come from statically declared error messages, using
`deferred-tru`. Like those in
`metabase.driver.common/connection-error-messages`.

Fixes #10347 and #10473.

* Remove string type hint from `humanize-connect-error-message`

* Only throttle failed login attempts

This will not work until metabase/throttle#1 has been merged, and
Metabase's deps updated to include that change.

* Don't disable preview for fields with non-trivial type  (#9687)

* Don't create API callback if no database is associated with card (#10573)

* Don't create API callback if no database is associated with card

Fixes #10538

* Return empty array to avoid mapping over null

* Throttle logins on request support, with custom header support

If the `:mb-session-throttle-source-header` config option is set, a login
request's source is read from that header in the HTTP request, instead of
using `(:remote-addr request)`. The concrete use case for this is setting
is `X-Forwarded-For`.

* Update test expectations to reflect fixes in `throttle` lib

* Expand `X-Forwarded-For` header source IP test

* Add test for per request source throttling

* Rename variable

* Factor out injection of HTTP 400 status into error

* Replace remaining uses of `throttle-check` with `with-throttling`

* Re-add `throttle-check` for use in `forgot_password` endpoint

The usage semantics of this endpoint is different, in that it doesn't have
a concept of the failed request. Therefore all requests need to be
throttled.

* Operations guide breakout (#10569)

* Splitting the operations guide into separate pages

* Added a description to the Operations Guide nav

* Renamed the files and updated the navigation

* Bump throttle version

* Initialize new `source-address-header` setting during setup

* Replace request source header config with public setting

* Update `with-throttling` usage to new multi-throttler form

* Parameterize `cleaned-throttlers` to make it more generally applicable

* Add test for throttling on `forgot_password` endpoint

* Update docstring

* Only throttle Google auth requests when throttling is enabled

* Don't initialize source address header setting last

It nukes the returned response object from `set-session-cookie`.

* Linter fixes and appeasement

* FAQ section of the docs (#10587)

* FAQ section of the docs

* Made links relative

* Link & TOC changes

* Fixing duplicate header, adding data collection URL

* Removed the "option is turned off by default" wording

* Don't return table data for archive searches (#10627)

Fixes #10439

* Fix docs links, small text changes (#10613)

* Fingerprinting: correctly handle datetimes that are also FKs (#10621)

* Center chart with legend (#10406)

* Simplify function implementation

* Replace consecutive `get`s with single `get-in`s

* Fix comment styling

* Ensure that `source-address-header` setting is always (safely) lower cased

* Add test for `metabase.util/lower-case-end`

* fix i18n files; Update toucan (#10642)

* Fix locales newlines

* Bump Toucan version -> 1.14.0

* Update version