Code review (on 748c7c7) flagged that Bootstrap CDN tags in base.html
use integrity=sha384-... + crossorigin=anonymous, but the Choices.js
tags added in Task 7 did not. Since both are admin-only privileged
contexts and Bootstrap sets the precedent, Choices.js should match.
Hashes computed from cdn.jsdelivr.net/npm/choices.js@10.2.0 via
curl ... | openssl dgst -sha384 -binary | openssl base64
No behavior change when the CDN is healthy; defense against a
compromised CDN serving altered bytes.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
702bba10ed