* Don't log names of internal symbols that can be used for attacks
* Add integrity check to dropzone.js library
* Better a11y of web form labels
* Safer handling of file download paths
* Don't invert boolean check
* Make backend auth check a flask abort
* Clean up indentation to remove unwanted tabs
* Run workflow either on PR events, or branch pushes, not both
* Upload to tmp file name then rename if successful
* Move the dropzone.js operations back into web.py
* Move list_images() from file commands into piscsi commands (it was the only class method in that package that calls the protobuf interface)
* Remove now-redundant helptext
- New utility method for the web app, which sorts image files into dicts where the subdir is the key
- In the web ui, display each subdir in a table nested in a details tag.
- Allow for picking destination subdir when uploading files
- Style the expandable details blocks in the images table
- Add a check for ~ paths to the is_safe_path() utility method
- Rename `/config/load` endpoint to `/config/action` since it has multiple functions
- Add a `send` function to above endpoint, which triggers a download of the config file, and use it with a new Download button on the index page
- Add an option to upload to the CFG_DIR
- Improve layout of the file transfer destination web form: radio buttons before labels, and better padding between options
- Add a test for config downloading
- Introduce a dedicated Upload page and move the upload form there
- Style the utility hyperlinks on the index page with icons and bold text
- Display the cancel / dismiss downloads link, and tweak the link text to make more sense. Note: Cancelled downloads won't remove the partially uploaded file.
- Hide image preview thumbnails. Not relevant to our usecase, and mess up the layout when it happens.
- Turn on chunk retries and tweaks chunk size to be a full MiB (probably won't make a big difference)