Sandboxlib

- The security hardening in 0.181 broke Gogs, for a different reason. This release rolls back the hardening temporarily while we resolve the issue.

- The security hardening in 0.181 broke Ethercalc. This release fixes it.

- Sandstorm for Work: Feature keys now automatically renew when they expire. If automatic renewal isn't possible, the administrators will receive notifications by bell menu and (if possible) e-mail.
- Added hardening against clickjacking and CSRF attacks on apps. On Chrome and Safari, CSRF attacks should now be totally blocked, even if the app fails to implement proper protections.
- Fixed that newly-received shares were appearing at the bottom of the grain list using the default sort order (by last-opened date). Never-opened grains will now sort according to the share date, and will show "Unopened" in the last-opened column.
- Fixed bug in Meteor that could cause the server to suddenly spawn tens of thousands of fibers, which in turn due to a bug in V8 would make the server permanently consume excessive CPU, even after the fibers exited.
- Fixed that the "stay anonymous" button on the sign-in hint didn't work (but closing the hint dialog worked and had the same effect).
- Fixed that after manually updating an app, the button to upgrade existing grains did not appear. (When auto-updating an app via the notifications menu, grains are updated automatically.)
- Fixed grain tab close buttons sometimes being the wrong size on new builds of Chrome.
- Fixed some console log spam.
- Various refactoring.
- Updated all dependencies.

- The "Who has access" dialog now shows collections of which the grain is a part, and (more generally) other grains through which this grain has been shared.
- The "Delete Account" button now makes you type a phrase to confirm. (It still doesn't actually delete your account for 7 days.)
- When a user deletes their own account, they will now receive an e-mail notification, in case of hijacking.
- The "Sandstorm for Work" section of the admin panel now contains a direct link to manage your feature key's billing preferences.
- Added `spk dev --proc` flag which requests that `/proc` be mounted in the sandbox for debugging purposes. This may decrease security of the sandbox, so is only allowed in dev mode.
- The account settings page now looks reasonable on mobile.
- Fixed grains in trash sometimes missing icon and other app details.
- Setting a BASE_URL with a trailing slash will no longer subtly break things.
- Dropping a SturdyRef not owned by the calling grain will now act as if the SturdyRef doesn't exist rather than throwing an exception. This particularly affects grains that have been backup/restored and so have someone else's tokens in their storage.
- HTTP API requests will no longer throw an exception if the user-agent header is missing.
- sandstorm-http-bridge will now log a note if the app doesn't seem to be coming up on the expected port.
- Oasis: Added self-monitoring and auto-restart for the ["fiber bomb" problem](https://github.com/meteor/meteor/issues/7747). Also added instrumentation to track down root cause.

- A user can now request deletion of their own account, unless they are a member of a Sandstorm for Work organization. Deletion has a 7-day cooldown during whith the user can change their mind.
- Admins can now suspend and delete accounts from the admin panel.
- Apps can now request that an offer template be a link with a special protocol scheme that can trigger a mobile intent, allowing one-click setup of mobile apps. Apps will need to be updated to take advantage of this.
- Identity capabilities now have a getProfile() method, allowing a grain to discover when a user's profile information has changed without requiring the user to return to the grain.
- Fixed that admins were unable to un-configure SMTP after it had been configured.
- Fixed problems in sandstorm-http-bridge that could make notifications unreliable. Affected apps will need to rebuild.
- Increased expiration time for uploading a backup from 15 minutes to 2 hours, to accommodate large backup files on slow connections.
- Fixed email attachments from apps having incorrect filenames.
- Fixed various styling issues.
- Various ongoing refactoring.

- The grain list can now be sorted by clicking on the column headers.
- Many improvements to mobile UI. (Still more to do.)
- Your current identity's profile picture now appears next to your name in the upper-right.
- Fixed desktop notifications displaying grain titles incorrectly.
- Fixed `spk publish` throwing an exception due to a bug in email handling.
- Improved accessibility of "Sandstorm has been updated - click to reload" bar.
- When an app returns an invalid `ETag` header, sandstorm-http-bridge will now log an error and drop it rather than throw an exception.
- Updated to Meteor 1.4.1.
- Oasis: Fixed appdemo not working for Davros.