- Add DOMPurify CDN to HTML template for sanitizing HTML content
- Add escapeHtml helper function to escape user-controlled text
- Add sanitizeHtml function using DOMPurify with allowed tags/attributes
- Apply sanitization to drawer content before setting innerHTML
- Escape user-controlled values in renderTriggerCondition, renderConditionTree, and renderMetadata methods
- Add tests to verify XSS protection is in place
Co-Authored-By: João <joao@crewai.com>
fix: refine nested flow conditionals and ensure router methods and routes are fully parsed
fix: improve docstrings, typing, and logging coverage across all events
feat: update flow.plot feature with new UI enhancements
chore: apply Ruff linting, reorganize imports, and remove deprecated utilities/files
chore: split constants and utils, clean JS comments, and add typing for linters
tests: strengthen test coverage for flow execution paths and router logic
