Datagrids were assuming some content was HTML-safe. This wasn't

user-provided input, but rather labels passed to columns. While not

normally a problem, it could be problematic accidentally, depending on

label content and translations.
This changes most of the code to use format_html instead of

mark_safe in several places, helping to protect against mistakes.

It also adds unit tests for CheckboxColumn, which had the bulk of the

changes.

Unit tests pass.