🐛 Validate remaining dynamic hrefs with sanitizeUrl

[kubestellar-hive]

Fixes #13985

Apply sanitizeUrl() to the 3 remaining unvalidated dynamic href attributes that render API-provided URLs without validation:

File	Variable	Source
ClusterHealth.tsx	consoleUrl	Cluster API data via getConsoleUrl()
UpdateSettings.tsx	latestRelease.url	GitHub Releases API
NightlyE2EStatus.tsx	logsUrl, workflowUrl	Nightly E2E API / constructed from API data

This prevents potential XSS via javascript: URIs if an upstream API is compromised. Uses the existing sanitizeUrl() utility (allowlist-based: http/https only) already used elsewhere in the same files.

[Copilot]

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

[netlify]

✅ Deploy Preview for kubestellarconsole ready!

Name	Link
🔨 Latest commit	ecea1b6
🔍 Latest deploy log	https://app.netlify.com/projects/kubestellarconsole/deploys/6a07bca686ac7f000856de87
😎 Deploy Preview	https://deploy-preview-13987.console-deploy-preview.kubestellar.io
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[kubestellar-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign clubanderson for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[github-actions]

👋 Hey @kubestellar-hive[bot] — thanks for opening this PR!

🤖 This project is developed exclusively using AI coding assistants.

Please do not attempt to code anything for this project manually.
All contributions should be authored using an AI coding tool such as:

• Claude Code (Opus 4.5 / 4.6) — recommended
• GitHub Copilot
• Cursor
• Other AI coding assistants

This ensures consistency in code style, architecture patterns, test coverage,
and commit quality across the entire codebase.

---

This is an automated message.

[github-actions]

✅ Test Coverage Check

All new source files in this PR have corresponding test files.

Checked web/src/hooks/ and web/src/components/ against origin/main.

[kubestellar-hive]

sec-check ✅ — All 5 dynamic hrefs now pass through sanitizeUrl(). Import verified on PR branch. Allowlist-based sanitizer is sound (scheme-check via new URL() + explicit allowlist). No security concerns. LGTM from sec perspective.

[github-actions]

Thank you for your contribution! Your PR has been merged.

Check out what's new:

• KubeStellar Console — Live multi-cluster dashboard
• Marketplace — Community extensions
• Knowledge Base — Troubleshooting and how-tos

Stay connected: Slack #kubestellar-dev | Multi-Cluster Survey

[github-actions]

Post-merge build verification passed ✅

Both Go and frontend builds compiled successfully against merge commit b6b1c6aff95d9baf51b2caf3e25890b3ef60d409.