Escape HTML entities before dangerouslySetInnerHTML in release notes renderer to prevent stored XSS via malicious GitHub release bodies. Fix RouteCalculator ignoring the profile parameter (was hardcoded to 'driving'). https://claude.ai/code/session_01SoQKcF5Rz9Y8Nzo4PzkxY8 |
||
|---|---|---|
| .. | ||
| public | ||
| scripts | ||
| src | ||
| index.html | ||
| package-lock.json | ||
| package.json | ||
| postcss.config.js | ||
| tailwind.config.js | ||
| tsconfig.json | ||
| vite.config.js | ||