forms: FeedbackLabel: display unescaped description (sanitized HTML)

[ptamarit]

❤️ Thank you for your contribution!

Description

• Fixes checks: add links to rules so we can link to static pages zenodo/zenodo-rdm#1135

Checklist

Ticks in all boxes and 🟢 on all GitHub actions status checks are required to merge:

• I'm aware of the code of conduct.
• I've created logical separate commits and followed the commit message format.
• I've added relevant test cases.
• I've added relevant documentation.
• I've marked translation strings.
• I've identified the copyright holder(s) and updated copyright headers for touched files (>15 lines contributions).
• I've NOT included third-party code (copy/pasted source code or new dependencies).
  • If you have added third-party code (copy/pasted or new dependencies), please reach out to an architect on Discord.

Frontend

• I've followed the CSS/JS and React guidelines.
• I've followed the web accessibility guidelines.
• I've followed the user interface guidelines.

Reminder

By using GitHub, you have already agreed to the GitHub’s Terms of Service including that:

1. You license your contribution under the same terms as the current repository’s license.
2. You agree that you have the right to license your contribution under the current repository’s license.

[kpsherva]

in general we try to avoid to use dangerouslySetInnerHTML, I guess we are sure there is no securiy issue

[slint]

These are backend-generated errors that for now don't come from user input, and if/when they do (e.g. for users defining their own checks rules) we'll be sanitizing input.

[ptamarit]

The sanitization is done in Marshmallow in the other pull request inveniosoftware/invenio-checks#30 (field CheckConfigSchema.description).
Since FeedbackLabel expects either a plain text error, or the new error format from the checks, the risk of this widget being misused should be low.