Pre release fixes

• Update custom schema values immediately after removing permissions
• Ignore 404s when removing batches of permissions but still treat the overall action as a failure
• Safety check if previous run removed permissions before setting "permissions-none" (and potential user deletion)
• Use earlier file when recovering as it will have all the files