• Enhanced JSON sanitization to properly escape control characters.
  Ensures compatibility with low-end devices that transmit
  non-printable characters in serial numbers, preventing parsing
  failures.
• Handle cases where different devices report the same serial number.
  Duplicates are now ignored, which may lead to inconsistent SMART
  diagnostic mapping.
• Implemented permissive CORS and caching headers for static assets to
  ensure icons display correctly in browser dashboards and smart links.
• Various security improvements and memory leak fixes.
• Changed the "touch_zero_subseconds" REST API field type from integer
  to boolean in the OpenAPI spec, while retaining permissive integer
  parsing in the daemon patch handler for backward compatibility.
• Fixed a naming inconsistency in the disk health telemetry where the
  daemon reported "selferror_logged", aligning it with the OpenAPI
  specification and web dashboard which expect "selftest_error_logged".