We heard about a bug where learners granted extensions would still
lose access to content if it was marked as "hidden after due date".
This was caused by the HiddenContentTransformer using the due date
from collection time (publish time) rather than the user date returned
from the edx-when DateOverrideTransformer.

A small subtletly of this PR is that Transformers with the
FilteringTransformerMixin are executed before those without it so
part of the fix was to make the HiddenContentTransformer not use the
FilteringTransformerMixin to ensure the DateOverrideTransformer had
run first.

Part 3/3 - Removing old collect code with merged due date

fix: AA-724: Updating the HiddenContentTransformer

Adds a command to create an API connection to credentials for testing
program certificates on devstack. This command is not meant to be ran
manually, and will be included in a provisioning type script that will
be added later.

MICROBA-1039

We heard about a bug where learners granted extensions would still
lose access to content if it was marked as "hidden after due date".
This was caused by the HiddenContentTransformer using the due date
from collection time (publish time) rather than the user date returned
from the edx-when DateOverrideTransformer.

A small subtletly of these PRs is that Transformers with the
FilteringTransformerMixin are executed before those without it so
part of the fix was to make the HiddenContentTransformer not use the
FilteringTransformerMixin to ensure the DateOverrideTransformer had
run first.

Part 2/3 - Updating transform method + updating Read version

fix: AA-724: Updating the HiddenContentTransformer

fix: Don't make request change logging a waffle flag.

Waffle flags are useful for gradual rollout but that's not possible this
high in the middleware because a lot of the data needed (request.user)
to partition incoming requests is not availabale this high in the
middleware.

Convert this to a WaffleSwitch which will be safer to operate.

Also increase the number of frames in the stack to print per change.
Printing just 1 did not provide enough info because DRF requests wrap
WSGI requests and have a setter proxy.  It will be useful to figure out
how they do this in case it's better that what we're doing in the safe
sessions middleware.

Ticket: https://openedx.atlassian.net/browse/ARCHBOM-1718

We heard about a bug where learners granted extensions would still
lose access to content if it was marked as "hidden after due date".
This was caused by the HiddenContentTransformer using the due date
from collection time (publish time) rather than the user date returned
from the edx-when DateOverrideTransformer.

A small subtletly of these PRs is that Transformers with the
FilteringTransformerMixin are executed before those without it so
part of the fix was to make the HiddenContentTransformer not use the
FilteringTransformerMixin to ensure the DateOverrideTransformer had
run first.

Part 1/3

feat: bump edx-ace to 1.1.0

This gives us the ability to set a Braze-specific from-address via
configuration settings.

fix: surface assignment type short_label in Progress Tab MFE API

[TNL-7971] - Correct filename for anonymized id report.

 feat: Add more detailed request user change logging.

The function under test by the StrftimeLocalizedHtmlTest checks the
timezone in the user preferences of the user making the request.  If we
don't explicitly set a request here, it will simply use the last Request
that `crum` cached in the thread local cache.  This broke now
that we sometimes set the crum request.user to an invalid user in other
tests.

This change ensures that we have a valid request for these tests as a
part of the setup of this test class.

Since we are handling the MFE redirection in login_and_registration_form()
we don't need to handle it here. It's redirecting the enterprise users to
MFE instead of FE which is currently handled in login_and_registration_form()
view.

VAN-425

The new WaffleFlag.is_enabled check in middleware increased query counts
for multiple tests.

The change is behind a WafleFlag and can be turned on to log every time
the `user` attribute of an instrumented request changes.  This will
significantly increase log volume so it shouldn't be left on all the
time but can be turned on to quickly debug issues related to sessions.

Ticket: https://openedx.atlassian.net/browse/ARCHBOM-1718

* Added batch_get_or_create_user_ids method for ExternalId Model

Update doc string

* Update docstring & fix bug on test

[BD-24] [BB-2726] [TNL-7330] 

MICROBA-1078

For some SAML providers, learners are redirected to MFE and breaking
the flow. Check for running pipeline and if the provider is a SAML
provider keep them on FE.

VAN-425

MICROBA-1039

Close https://github.com/openedx/build-test-release-wg/issues/10

Currently the registration endpoint has no rate limit. Added a new ratelimit
variable to support the change, it's value is set to 60/7d.

VAN-302

AA-722: surface num_droppable assignments in MFE Progress Tab API

* Revert "Revert "fix: Stop rendering Visibility and Move buttons on libraries (#26885)" (#27113)"

This reverts commit 23443c43.

* fix: change method of accessing course id

fix: Add ‘ENABLE_HELP_LINK’ to Studio settings

If edxloggedin cookie is not present but the user is authenticated;
user is redirected to authn MFE and then back to dashboard instead
of the desired redirect URL (e.g. finish_auth) resulting in learners
not enrolling into the courses.

VAN-415

disbale xsslint