Reorder badges URL patterns as URL pattern taking a SWHID as
argument should be checked prior the one taking object_type
and object_id as arguments (as a qualified SWHID can also match
that URL pattern).

Return more meaningful HTTP status code when an error occurs
when attempting to generate a badge.

Generated bearer tokens are stored encrypted in webapp database.

To encrypt a token, the django secret is used plus the user id as salt.

Previously, secret rotation was not taken into account which could result
in token that could no longer be decrypted.

So handle fallback secrets when attempting to decrypt a token and re-encrypt
token with new django secret when secret was rotated.

Also, return a more meaningful error when a secret could not be decrypted.

This way we could finally remove the deprecated swh.loader.git.from_disk module
that would be not used anymore.

We catch MaskedObjectException at the webapp level and display a
specific error page. The page lists the opaque identifier of the masking
requests and the legal email address where to send inquiries.

We also add support for MaskedObjectException in API responses.

Thanks to @anlambert for deduplicating the error templates and fixtures.
Thanks to @vlorentz for improving the wording of the error page.

That make it possible to show the end user the exception for the failure
of the loading task, if any.

Related to #4805

Add /provenance/whereis/ Web API endpoint wrapping call to whereis
operation from swh-provenance API. It enables to get a qualified SWHID
with provenance info from a core SWHID.

Add /provenance/whereare/ Web API endpoint wrapping call to whereare
operation from swh-provenance API. It enables to get qualified SWHIDs
with provenance info from a list of core SWHIDs.

These endpoints are protected by authentication and a user permission
named "swh.web.api.provenance".

Related to swh/infra/sysadm-environment#5397.

It enables to simplify the declaration of a webapp URL containing
a SWHID in its path.

Previously, it was hard to display the most recent counter value in
histogram tooltip. This is no longer the case with this change.

Add Web API endpoint /api/1/origin/save/bulk/requests/ enabling a user
to list the save bulk requests he submitted and get info URLs about them.

Related to #4802.

showdown-highlight is a plugin for showdownjs enabling to highlight a code
block with highlightjs when rendering markdown to html.

There was some issues at the time to use the npm version but it is no longer
the case so fetch that code from the npm registry instead of vendoring it
in swh-web frontend code.

That updated version also fixes some rendering issues related to code blocks
with no explicitly declared programming language.

Add Web API endpoint /origin/save/bulk/request/(request_id)/ to get
feedback about a previously sent save bulk request.

The endpoint requires authentication and special permission to be
queried, also only the user that submitted the request or SWH staff
members can query it.

It returns for each submitted origin the following info:

- the origin URL
- the visit type
- the origin status regarding its processing by the bulk save lister,
  either pending, accepted or rejected
- the last scheduling date if any
- the last visit date if any
- the last visit status if any
- the last snapshot SWHID if any
- the rejection reason if the origin was rejected by the lister
- the browse URL if the origin was successfully visited

These info are returned in a paginated way as the number of submitted
origins can be large.

Related to #4802.

Allow to define endpoint route using a simple string instead of a
regular expression.

It notably enables to use django parameter type annotations like
int or uuid.

test_get_snapshot_context_with_origin sometimes fails due to
a date comparison issue (seconds might be offset by 1).