Allow python's cryptographically secure pseudorandom number generator for usage in restricted python and use it where it makes sense.

This also change the API of `Person_generatePassword` which no longer allow to control the number of letters and numbers.

/reviewed-on nexedi/erp5!847

This script no longer allow to control the number of letters and digit

Using same method as python 3.6's secrets module and a bit longer token
that what python currently recommends, since we were using very very
long tokens until now (so that it does not look like a "regression")

- use system random
- generate longer password with a larger space

API change in an incompatible way, it's no longer possible to control
the number of alpha and numeric. This was reducing a lot the number of
combinations, so it's better to break so that callers stop generating
too weak passwords.

to make the difference with other fields more visible

If we rename a script used as external validator, we don't have way of detecting that this script might be used, so add to the "static checks" a check that for every field referencing an external validator, this validator can actually be traversed.

/reviewed-on nexedi/erp5!1031

Check that script exists.

Like a real-world user.

__ac_name & __ac_password are only useful to get a cookie, so only use them
when the test is actually expecting a cookie.

One inline javascript snippet less.

ZODB Components: Preparation of erp5_base migration from FS: Fix pylint no-name-in-module on newTempXXX (04b49859).

Change upgrader internal API to use `filter_dict` instead of `filter`
which is a builtin.
Remove a lot of unused code in extensions

/reviewed-on nexedi/erp5!1014

ZODB Components: Preparation of erp5_base migration from FS: Fix pylint no-name-in-module on newTempXXX (04b49859).

ZODB Components: BusinessTemplate: On migration dialog, ignore source files not available anymore (ex: change branch).

Test should not depend on external websites, we already use erp5.com for
some other tests, so let's use it also for RSS.

/reviewed-on nexedi/erp5!1028

Deleting matrix cells with manage_delObjects is not a good solution, as
this breaks matrix index consistency.
Also, call isBasePricePerSlice rather than introspecting wrapped method
arguments - the only wrapped method is _setBasePricePerSlice anyway !
Also, explicitly trigger SupplyCell_updateSliceBasePrice as it depends on
isBasePricePerSlice value at line level, and it just changed, and cell-level
interaction workflow does not trigger on line changes.
Also, get rid of a trivial local variable.
Also, fix the exception expected from list.index .
Also, raise if multiple quantity criterion are somehow found.

When server replies with a non XML content type feeparser attempt to
parse anyway, but set the bozo flag.

https://universal-feedparser.readthedocs.io/en/latest/#handling-incorrectly-declared-media-types

If parsing fail because the feed is not a valid RSS XML stream,
feedparser fail in other ways, so we can safely ignore this error.

This should repair recent failures with testFeedReaderGadget now that le
monde changed configuration on their website:

     $ curl -sD -  -o /dev/null https://www.lemonde.fr/rss/une.xml | grep Content-Type
     Content-Type: text/html;charset=UTF-8

/reviewed-on nexedi/erp5!1027

See nexedi/erp5@b678a025

Introduce the object_jio_jump action category to mark all compatible actions.

erp5_xhtml_style supports object_jio_jump.

A correct redirection is needed to jump in both UI.

ERP5JS will display modules on the current document context,
as if the jump was instead a object_view action.