Ensure PluginTestRunnerTest and TestRunnerInEngineTest use clean Bundler env

Use Bundler.with_unbundled_env for GeneratorsTestHelper run_app_update

Makes sure that byte ranges for blobs don't exceed 100mb by default.
Content ranges that are too big can result in denial of service.

[CVE-2026-33174]
[GHSA-r46p-8f7g-vvvg]

Multi-Range requests can easily be abused DoS the service.

The backend could and should be optimized to handle multi-range
requests better, but ultimately there isn't a whole lot of legitimate
uses for them, and if you are exposing Active Storage to your
users with large files, you should consider not using the default
proxy.

[CVE-2026-33658]
[GHSA-p9fm-f462-ggrg]

BigDecimal support scientific notation, which allow expressing
extremly large numbers with just a few bytes of input.

This could be exploited to DOS a service if somehow user input is
passed to number converter.

[CVE-2026-33176]
[GHSA-2j26-frm8-cmj9]

For direct uploads, metadata is an entirely user controlled blob.
However over time the `metadata` store has been used to record internal
state such as `analyzed` etc.

Hence we shouldn't let users set these keys.

This is a simple fix that is easy to backport, however the cleaner
long term fix should be to stop using the metadata store for internal
state, and instead use proper materialized columns.

[CVE-2026-33173]
[GHSA-qcfx-2mfw-w4cg]

Formatting an unsafe buffer should produce an unsafe buffer.

[CVE-2026-33170]
[GHSA-89vf-4333-qx8v]

[CVE-2026-33169]
[GHSA-cg4j-q9v8-6v38]

When DiskService receives a blob key containing path traversal segments
(e.g. `../../etc/passwd`), the resolved filesystem path can escape the
storage root directory. This allows reading or writing arbitrary files on
the server.

`DiskService#path_for` is the primary filesystem security check for all
disk storage operations. This change adds path traversal protection:

- `DiskService#path_for` now raises an `InvalidKeyError` when passed
  keys with dot segments (".", ".."), or if the resolved path is outside
  the storage root directory.
- `#path_for` also now consistently raises `InvalidKeyError` if the key
  is invalid in any way, for example containing null bytes or having an
  incompatible encoding. Previously, the exception raised may have been
  `ArgumentError` or `Encoding::CompatibilityError`.
- `DiskController` now explicitly rescues `InvalidKeyError` with
  appropriate HTTP status codes.

Document that custom blob keys are trusted strings. These changes are
defense-in-depth measures intended to limit the blast radius of
developer errors, and are not a trust boundary.

[CVE-2026-33195]
[GHSA-9xrj-h377-fr87]

`Blob#delete` calls `DiskService#delete_prefixed` with a string that
includes the blob key. In turn, `DiskService#delete_prefixed` pass
that string to `Dir.glob`.

If a developer is generating custom blob keys (or has mistakenly
allowed untrusted input to be used as a blob key) and that key
contains glob metacharacters, then it may be possible to delete
unintended files. It may also be possible to delete unintended files
if `delete_prefixed` is called directly with a prefix containing glob
metacharacters.

Update `delete_prefixed` to:

- Update `delete_prefixed` to escape glob metacharacters in the
  resolved path before passing to `Dir.glob`
- Extract a private method `escape_glob_metacharacters`.

Note that this change breaks any existing code that is relying on
`delete_prefixed` to expand glob metacharacters. This change presumes
that is unintended behavior (as other storage services do not respect
these metacharacters).

Also note that this is a defense-in-depth measure to limit the blast
radius of malicious keys, and is not a trust boundary.

[CVE-2026-33202]
[GHSA-73f9-jhhh-hr5m]

When a blank string is used as an HTML attribute name in tag helpers,
`xml_name_escape` returns an empty string, producing malformed HTML
that may be susceptible to mXSS attacks.

`tag_options` now skips blank keys in all three iteration paths: the
top-level options loop, and (for consistency) the inner data/aria hash
loops.

[CVE-2026-33168]
[GHSA-v55j-83pf-r9cq]