Remove use of dangerouslySetInnerHTML

[pl12133]

This removes the use of dangerouslySetInnerHTML which can be problematic. Use preact-markup instead which is a much safer way to set HTML which may come from user input.

[pl12133]

I think this is ready for merge once we have a plan for releasing. I'm going to add the tag change of span -> div as a note to the release notes.

I'm not sure if we should keep releasing this under the ^2.0.0-preactx prerelease or bump it to version 3; I'll have to double check how major versions work with pre-releases. I think since we are still in pre-release it might be allowed to add a new breaking change without bumping the major version.

EDIT: As an example, bumping the version to 2.4.0-preactx would not be picked up by hat range (^) so people installing ^2.3.0-preactx would not pick it up. Then when we cut over to 2.4.0 on the latest npm tag, it is a major change anyway.

[pl12133]

The more I look into SemVer pre-release tags, the more it looks like I've been using them wrong by incrementing the left hand size of the version number in the preactx tag. We probably should have been publishing as 2.0.0-preactx.1, 2.0.0-preactx.2 and so on.

For this change I'm going to bump the version to 2.3.1-preactx just to continue with the conventions the preactx tag has been using so far. Going with patch version because this is a bug fix, and being under a pre-release tag automatically implies it is an unstable/breaking version. I'll add notes about changing the div markup to the release notes.