Sandboxlib

- Improved handling of powerbox HTTP APIs, including correctly returning HTTP error bodies.
- The contact chooser powerbox (e.g. as used by Wekan when adding people to a board or a card) now respects the "Make all organization users visible to each other" setting.
- Fixed some server-side memory leaks, which might fix the occasional-100%-CPU bug.
- Fixed bug where trashed grains could be started by trying to use capabilities they serve.

- Worked around MacOS Safari bug breaking WebSockets.
- Oasis: Removed experiment that caused 50% of users to see a plan-chooser prompt immediately upon creating their account. All users will now default to the free plan without having to choose it explicitly. (Showing the plan chooser did not appear to make any more people choose a paid plan.)

- Fixed grain backups not working under "privileged" sandbox (which is the default for most newer self-hosted Sandstorm installs).
- Fixed SAML integration with Azure Active Directory when users are not Microsoft accounts.

- Removed stray console logging on e-mail send.

- Fixed security issues discovered during security review by [DevCore Inc.](http://devco.re/), commissioned by Department of Cyber Security of Taiwan. See blog post coming soon.
- Apps may now request access via the Powerbox to HTTP resources external to Sandstorm, in the same way that they request access to HTTP resources hosted by other apps. Credentials -- including basic auth passwords and OAuth tokens -- are stored and protected by Sandstorm, not the app.
- An e-mail organization can now be defined by multiple domains, including wildcard subdomains.

- Removed Sandstorm for Work paywall. All Sandstorm for Work features are now available on all servers for free. Feature keys are no longer needed and all code related to them has been removed.
- `sandstorm-http-bridge-internal.capnp` is no longer included with the other, public `.capnp` files in the package. This file was not intended to be used by third parties, and indeed did not parse correctly after installation since it references other files that are not installed. This caused some dev tools to report spurious errors.