Add ability to bypass Honeypot by IP

Here's a reroll of #11 with PHP 8.1.x compatibility support.

Here's a reroll of #8 with PHP 8.1.x compatibility support.

Still needs a reroll, still needs tests.

Also needs a hook_update_N() to set the value of the new configuration variable when updating this module on an existing site.

Updated the patch to work with the module's new version.

I'm not against this feature, but there are certain minimum standards here that must be met:

1. MR must not introduce new cspell errors.
2. MR must not introduce new phpcs errors.
3. MR must not introduce new phpstan errors.
4. Tests must be provided for new features like this, and those tests must pass.
5. An update hook must be provided to add this feature to existing sites.

Aside from those things, allowedlist_ips should absolutely NOT be a string setting. Putting all the IPs and IP ranges into one big string separated by \n of all things is horrible UX and DX. This configuration variable should be a sequence type at a minimum, and preferably individual IPs and IP ranges should not be mixed together because that prevents the configuration from being validated.

Personally, I think a better way to integrate whitelists would be through a hook like in ✨ Allow custom conditionals for skipping Honeypot validation Needs review . That allows easy integration into any existing whitelist/blacklist/etc. service without having to implement those services directly into Honeypot. The uses cases for this are likely to be pretty site-specific IMO, and trying to create a general-purpose whitelisting service inside Honeypot that can only be used for Honeypot and not for other purposes on the site seems like a dead-end solution to me.

Those are good points. I was just copying the existing patches into an MR to make further updates easier to deal with (and the patches didn't work against 2.2).

I like the idea of the plugins or an event or hooks. Would make it easier to have an ecosystem of rules (or even tie into ECA with super complex rules).