From 25ad4e98219646277d00f45be24e0b213444dc71 Mon Sep 17 00:00:00 2001
From: Aaron Zuspan <aa.zuspan@gmail.com>
Date: Thu, 9 Jan 2025 22:54:52 -0800
Subject: [PATCH] Update changelog

---
 CHANGELOG.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ea30443..ae10262 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -15,6 +15,7 @@ All notable changes to this project will be documented in this file.
     ```
 
     If you're using `eerepr` through `geemap>=0.35.2`, this is [handled automatically](https://github.com/gee-community/geemap/pull/2183) by `geemap`.
+- For security, HTML within Earth Engine objects is no longer rendered. This is consistent with the Code Editor.
 
 ### Added
 
@@ -37,6 +38,10 @@ All notable changes to this project will be documented in this file.
 - Dropped Python 3.7 support
 - Automatic `initialize` on import
 
+### Security
+
+- Escape HTML in all server-side data to prevent injection attacks
+
 ## [0.0.4] - 2022-11-30
 
 ### Added