The API documentation decorators do not have to leak which solution we
use to generate the docs. Here, and as discussed in PR #21820, we rename
the `openapi` module to `apidocs`, and we make sure that this module
includes all the right functions to document API Views without referring
to Open API.

Current YouTube logo is not compliant with YouTube's branding
guidelines.

PROD-816

fix toggle implementation annotations and rename waffle flags

If this isn't installed, the sample_task provided by
openedx.core.djangoapps.heartbeat isn't imported, and thus are never
registered with the celery workers.  This sample_task is used for the
extended heartbeat api call. Since the celery heartbeat check is turned
on by default, we should also make sure this djangoapp and thus
sample_task is registered by default. Otherwise the extended heartbeat
check fails with the default configuration.

* Always run CSMHE migrations for every application in all contexts

This commit introduces the changes needed for XBlocks in Blockstore to save
their user state into CSM. Before this commit, all student state for Blockstore
blocks was ephemeral (in-process dict store).

Notes:

* The main risk factor of this PR is that it adds non-course keys to the
  course_id field in CSM. If any code (like analytics?) reads course keys
  directly out of CSM and doesn't have graceful handling for key types it
  doesn't recognize, it could cause an issue. With the included changes to
  opaque-keys, calling CourseKey.from_string(...) on these values will raise
  InvalidKeyError since they're not CourseKeys. (But calling
  LearningContextKey.from_string(...) will work for both course and library
  keys.)
* This commit introduces a slight regression for the Studio view of XBlocks in
  Blockstore content libraries: their state is now lost from request to request.
  I have a follow up PR to give them a proper studio-appropriate state store,
  but I want to review it separately so it doesn't hold up this PR and we can
  test this PR on its own.

API docs are now always available, no more toggle to enable them.

clean up toggle annotations and lint when running feature toggle report

This is an ancient feature flag that uses an archived and
unsupported support library (edinsights, edx/insights).

DEPR-44

The reverted commit did not make the intended change.

This reverts commit 7e928ade.

Due to a request from a Master's partner who reports
that the current 4MB limit is not enough for their
degree programs.

EDUCATOR-4635

ENABLE_MKTG_SITE has been serving double duty to both indicate that
an Open edX installation is using a Drupal marketing site AND
is using the Publisher workflow tool for managing course metadata.

But now that publisher-frontend is available and the Publisher
feature is no longer tied to the marketing site, we want to tease
apart those two concerns. Hence ENABLE_PUBLISHER.

Only really used so far in Studio, to control which fields are
shown (if using Publisher, some fields are only editable in
Publisher).

https://github.com/edx/edx-platform/pull/20645

This introduces:
* A new XBlock runtime that can read and write XBlocks that are persisted using
  Blockstore instead of Modulestore. The new runtime is currently isolated so
  that it can be tested without risk to the current courseware/runtime.
* Content Libraries v2, which store XBlocks in Blockstore not modulestore
* An API Client for Blockstore
* "Learning Context" plugin API. A learning context is a more abstract concept
  than a course; it's a collection of XBlocks that serves some learning purpose.

feature roles and permissions

* Update Financial Assistance logic

Use the zendesk proxy app instead of the unsupported zendesk library.

* Move to pre-fetching the group IDs.

Rather than making extra requests to zendesk to list all groups and find
a specific group ID. Just make a pre-filled list of group IDs for the
groups we care about.  When a group name is passed in, it is checked
against this list and the ticket is created in the correct group so the
right people can respond to it.

-Remove Depricated View and tests

Prod-349

remove social auth users command

-Removed Submit-feedback View
-Removed related tests
-Removed help_modal.html
-Removed help_modal.html test
-Removed zendesk from requirements
-Updated requirements

This reverts commit 5e8f90ca.

* New system_wide_roles app added in openedx/core/djangoapps
* Added SystemWideRole and SystemWideRoleAssignment classes to govern
  non-enterprise system wide roles

PROD-424

* reword INCR-483: Make compatible with Python 3.x without breaking Python 2.7 support

pick INCR-483: Re-run isort for lms/envs/test.py

INCR-483: change import order

INCR-483: PyLint fixes

* INCR-483: Fixes useless suppression

* INCR-483: Remove unused get_swagger_view

This would patch all templates (django/mako)
for a possible XSS code injection via
translation files by html escaping them..

LEARNER-4632

These were originally fixed individually, but had to be reverted, and
are now combined in one commit.  The originals were:

7b9040f6 This enum was backwards
8774ff1f Use ref_name to disambiguate serializers that drf-yasg would otherwise assume are the same.
8a443971 Is this field missing because it is None?
4a1154a7 Give a safer buffer for clearing the rate limiting
64c47856 DRF 3.7.4 changed how you delegate to another view, so don't
7359ca4f Is this right? It fixes two tests
fdd66e53 Adjust the expected error message for DRF 3.7.7
9257f68f The default TIME_ZONE should be UTC

* Install drf-yasg

* Add drf-yasg settings and urls

* Pin drf to make drf-yasg work

* Adjust config-models version to be compatible

* Remove django-rest-swagger (the old way)