Address code review feedback: remove optional chaining and document CSP limitations

Co-authored-by: granatonatalia <[email protected]>

Author: Copilot

src/app/pages/mapping/mapping.component.ts

@@ -180,7 +180,7 @@ export class MappingComponent implements OnInit, AfterViewInit {
     // Auto-fit columns for better readability
     worksheet.columns.forEach(column => {
       let maxLength = 0;
-      column.eachCell?.({ includeEmpty: true }, cell => {
+      column.eachCell({ includeEmpty: true }, cell => {
         const cellLength = cell.value ? cell.value.toString().length : 10;
         if (cellLength > maxLength) {
           maxLength = cellLength;

src/index.html

@@ -5,6 +5,9 @@
     <title>DSOMM</title>
     <base href="/" />
     <meta name="viewport" content="width=device-width, initial-scale=1" />
+    <!-- Content Security Policy for XSS mitigation (Dependabot #58)
+         Note: 'unsafe-inline' and 'unsafe-eval' are required for Angular 13.
+         These will be removed when upgrading to Angular 19+ which supports stricter CSP. -->
     <meta
       http-equiv="Content-Security-Policy"
       content="default-src 'self';