Released version 2.11.4

A maintenance release focused on CSP-friendly assets, mobile-friendly error pages, and a couple of handy API additions. Expect cleaner nonce handling, better behavior on phones, and a bar.js that no longer trips strict Content Security Policies.

• script-src-elem support in Helpers::getNonce() – nonces are now also picked up from the script-src-elem CSP directive, not just script-src (#612).
• CSP-friendly Tracy Bar – replaced the inline onload attribute in bar.js with a native addEventListener, eliminating a common CSP violation (#614).
• FileSession::clean() – emits a warning when the session directory is not readable, making misconfigured storage easier to diagnose (#538).
• Mobile-friendly error pages – BlueScreen and the 500 error template now include a proper viewport meta tag, so exceptions no longer render microscopically on phones (#604).
• Improved PHPDoc descriptions and fixed PHPStan errors across the codebase.
• open-in-editor on Windows – installer now registers the protocol via AutoLaunchProtocolsFromOrigins, suppressing the browser's "Open external app?" confirmation prompt (#573).