Merged requested to merge rs-remove-username-from-sanitize-attrs into master
This attribute is since validated against
has strict requirements for the characters allowed, and should no longer
need to be sanitized in a callback before saving.
This has additional benefits in our test suite, where every creation of
User record was calling
Sanitize.clean on a username value that
was always clean, since we're the ones generating it.