Soft rejected, but don't get two issue no 7 & 8. Can anybody explain?

Hello guys,
Trying to launch a new product after a long time. Approving product is getting so hard nowadays I think. I have created the project with Laravel framework.
Here is the issue list I got from the review team. I tried to solve them all but don’t understand issues number 7 & 8.

Any help will be appreciable.

No 7 means - that you should not “hard-code” content into script, it should be easily modifiable by buyer, ie. with language files.

No 8 imples - that you should escape all your outputted data, use purifier.

can you please send me these point including links (on image can not click) ,

Here it is

  1. Content should not be hard coded: Screen Shot on 2021-05-23 at 08-57-25.png • Droplr

  2. Outputting unescaped data is a potential XSS risk. You should only output data that you expect, or need.

For example, with Laravel and Blade, you can use this package: GitHub - mewebstudio/Purifier: HTMLPurifier for Laravel 5/6/7/8 which allows you to pass an array of allowed HTML, thus creating a whitelist, preventing unexpected data from being output.

For more information on XSS: Cross Site Scripting Prevention - OWASP Cheat Sheet Series

Thanks for answering.

No 7: Should I use __ function for the whole paragraph?
Example:
__(‘It doesn’t matter what your business does—time is your most valuable resource. You need to make sure you’re spending that time wisely, and the calendar is your budget. That’s why it’s so important you find the best calendar app for the job.’)

No 8: Actually I didn’t find anything like that in my code. In blade I output everything with this syntax {{ $var->value }} .

Thanks again for your help.