* Commits:
  fix: Upgrade lti-consumer-xblock for migration fix

JIRA:EDUCATOR-5590

* update edx-proctoring version

* update to newest version

MB-908 | Prevent ability for learner to appear on both certificate invalidation and certificate exceptions lists

[MICROBA-908]
- When adding a learner to the allowlist we now check if they have an invalidated certificate on the blocklist
- Refactor some pieces of the Certificate Invalidation flow
- Make it so an error message is displayed when trying to add someone to CertificateInvalidation list if they already appear on the Allowlist
- Add support to pass back and display an error message to Instructor Dashboard UI if a learner already appears on the certificate invalidation list when attempting to create certificate exceptions in bulk
- Add python tests for backend changes
- Disable xss linting warnings in certificate_bulk_whitelist.js (checked with security group first)

In preparation for switching LMS/Studio over
from serving legacy courseware URLs in certain
places (for example, resume_course_url) to serving
learning micro-frontend URLs.

TNL-7796

refactor: use q objects when fetching user using an identifier

account activation event added

Add throttling to validate token and reset password end points

VAN-312

Bump Version of edx-proctoring Library to 3.6.2: Change "proctoring_started" to "onboarding_started" in Student Onboarding Status panel, make time_remaining_seconds model field read only, and fix message bug on the Django admin panel for ProctoredExamStudentAttempt model

Revert "BOM-2368: pyupgrade in LMS Directory"

feat: bump version of edx-proctoring library to 3.6.2: change "proctoring_started" to "onboarding_started" in Student Onboarding Status panel, make time_remaining_seconds model field read only, and fix message bug on the Django admin panel for ProctoredExamStudentAttempt model

This release changes learner onboarding status from "proctoring_started" to "onboarding_started" to more clearly describe the learner's onboarding status in the Instructor Dashboard Student Onboarding Status panel. This impacts course authors, developers, and operators.

This release adds the time_remaining_seconds field of ProctoredExamStudentAttempt model to readonly_fields in Django admin page so it is not required when editing the model. This impacts developers.

This release updates reference to Exception.message to use string representation of the exception, as message is no longer an attribute of the Exception class. This impacts developers.

This reverts commit fc06846c.

feat: turn on schedule creation by default

This reverts commit a235425a.

SE-1168 [FAL-92] implement ORA process summary report csv

This commit removes several waffle toggles that have been enabled
on edx.org for years. It's time to remove the rollout gating for
these features and enable them by default.

This doesn't directly change any behavior. But it does create new
database objects by default now and allows for enabling other
schedule based features more easily.

Specifically, the following toggles were affected.

schedules.create_schedules_for_course
- Waffle flag removed as always-enabled
- We now always create a schedule when an enrollment is created

schedules.send_updates_for_course
- Waffle flag removed as always-enabled
- Course update emails are sent as long as the ScheduleConfig
  allows it.
- This is not a change in default behavior, because ScheduleConfig
  is off by default.

dynamic_pacing.studio_course_update
- Waffle switch removed as always-enabled
- Course teams can now always edit course updates directly in Studio

ScheduleConfig.create_schedules
ScheduleConfig.hold_back_ratio
- Model fields for rolling out the schedules feature
- Schedules are now always created
- This commit only removes references to these fields, they still
  exist in the database. A future commit will remove them entirely

This commit also adds a new has_highlights field to CourseOverview.
This is used to cache whether a course has highlights, used to
decide which course update email behavior they get. Previously every
enrollment had to dig into the modulestore to determine that.

VAN-390

* Remove edx-proctoring constraint

* Ran make upgrade

* Remove authentication, including SessionAuthentication, to fix CSRF
  exemption by dropping CSRF check of SessionAuthentication.
* Several changes to make it more clear that only POST is supported and
  clean up GET method testing.
* Removed the temporary 403 error logging that wasn't working.
* Removed test_single_access_token which was written for DOP, but
  doesn't work with DOT. See
  [MA-2122](https://openedx.atlassian.net/browse/MA-2122) for a ticket
  about implementing this for DOT, although it doesn't seem to be a
  priority. NOTE: A comment was added to the ticket explaining that this
  test was removed.
* GET now returns default error for methods not allowed.

ARCHBOM-1667

Revert "Remove the "role of users being enrolled" field from Instructor Dashboard"

authn mfe url added in recover account command

BOM-2352: Removed unused imports from lms/djangoapps/{email_marketing…

BOM-2352: Removed unused imports from lms/djangoapps/{course_blocks, …