fix(security): make allowFrom id-only by default with dangerous name opt-in (#24907)

* fix(channels): default allowFrom to id-only; add dangerous name opt-in

* docs(security): align channel allowFrom docs with id-only default

extensions/googlechat/src/monitor.test.ts

@@ -2,8 +2,9 @@ import { describe, expect, it } from "vitest";
 import { isSenderAllowed } from "./monitor.js";
 
 describe("isSenderAllowed", () => {
-  it("matches allowlist entries with raw email", () => {
-    expect(isSenderAllowed("users/123", "Jane@Example.com", ["jane@example.com"])).toBe(true);
+  it("matches raw email entries only when dangerous name matching is enabled", () => {
+    expect(isSenderAllowed("users/123", "Jane@Example.com", ["jane@example.com"])).toBe(false);
+    expect(isSenderAllowed("users/123", "Jane@Example.com", ["jane@example.com"], true)).toBe(true);
   });
 
   it("does not treat users/<email> entries as email allowlist (deprecated form)", () => {
@@ -17,6 +18,8 @@ describe("isSenderAllowed", () => {
   });
 
   it("rejects non-matching raw email entries", () => {
-    expect(isSenderAllowed("users/123", "jane@example.com", ["other@example.com"])).toBe(false);
+    expect(isSenderAllowed("users/123", "jane@example.com", ["other@example.com"], true)).toBe(
+      false,
+    );
   });
 });