fix(changelog): Fix CSP (#12823)

* including required items to CSP

* remove duplicated item

* Revert "remove duplicated item"

This reverts commit 1f36234.

* allow connect-src to `storage.googleapis.com` for admin image uploads

* also keep connect-src to `sentry.sentry.io` for less reports

---------

Co-authored-by: Alexander Tarasov <[email protected]>

Author: Jeffreyhung

apps/changelog/vercel.json

@@ -17,7 +17,7 @@
         },
         {
           "key": "Content-Security-Policy-Report-Only",
-          "value": "default-src 'none'; font-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' plausible.io 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src 'self' storage.googleapis.com; worker-src blob:; connect-src o1.ingest.us.sentry.io plausible.io 'self' changelog.sentry.dev sentry.sentry.io; report-uri https://o1.ingest.us.sentry.io/api/4507670276341760/security/?sentry_key=e90f5ea060a4102c0a4c50c740e43ae1;"
+          "value": "default-src 'none'; font-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' plausible.io 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src 'self' changelog.sentry.dev lh3.googleusercontent.com storage.googleapis.com; worker-src blob:; connect-src o1.ingest.us.sentry.io plausible.io 'self' changelog.sentry.dev sentry.io sentry.sentry.io storage.googleapis.com; report-uri https://o1.ingest.us.sentry.io/api/4507670276341760/security/?sentry_key=e90f5ea060a4102c0a4c50c740e43ae1;"
         }
       ]
     }