Fix a flaky test by freezing time in the right spot.

Replace all .(lms|cms).(\w+|_)?\.json to .(lms|cms).(\w+|_)?\.yml

Plugins can listen to USER_ACCOUNT_ACTIVATED signal to perform custom logic.

Created new UI for Data download in instructors dashboard

Co-authored-by: Awais Jibran <awaisdar001@gmail.com>

Revert "Python Requirements Update"

Revert "ARCHBOM-1494: Refer to custom attributes, not metrics, especially with edx-django-utils (#25010)" (#25025)

This reverts commit ba9ee4e1.

Fixed Style lint issue

Python Requirements Update

Add some tracing to the CourseListView endpoint

email opt-in mgmt command: Disable the course lookup if a list is provided

ENT-3367 | Show at most 1 Enterprise Learner Portal dashboard link in the header user-menu. Also, guard against no branding config when getting learner portal data.

This uses the new names introduced in edx-django-utils
3.8.0 (edx/edx-django-utils#59), which we're already using, as
well as updating a few other locations where we incorrectly refer
to New Relic custom metrics instead of custom attributes.

Includes a couple of unrelated lint fixes in a file I modified.

disable xsslint

This is cherry-picked verbatim from
zafft/analytics-exporter-settings-hotfix (#18530).  I'm fear that
without merging these changes upstream, a larger set of courses will be
consdiered for processing, and that would alter the behavior of the
analytics-email-optin-* jobs.

[BD-21] Document feature toggles

The test was only freezing time for the first two calls to password reset
which meant that sometimes the last call to reset password was far enough
in the future to not be affected by the rate limiting.

We move the freeze_time context manager to outside of all the password
reset calls to make things more reliable.

AA-335: Avoid due dates for ORA subsections

Previously, we'd been avoiding PLS due dates for ORA *sections*.
That is, if a section had only ORA content, we'd not set a PLS
due date for anything in that section.

If any content in that section had non-ORA graded content however,
we would set dates on all subsections, including the ORA one.

This resulted in some ORA-only subsections showing up twice on the
dates tab. So this patch simply brings down the ORA-only check
to a *subsection* level, not a section one.

* Add CSRF to post requests to demographics

* Reorganize code

MST-418 retire program_enrollments external_user_key with hashed values instead of setting it to null (#25001)

* Add CSRF tokens to demographics modal PATCH

We have temporarilly copied over the CSRF code from frontend-platform to
use with the demographics modal. This code is most likely temporary and
is not maintained like frontend-platform.