Add support for Content-Security-Policy

[Pruxis]

A common security practice is to use Content-Security-Policy headers to not allow third-party script tags without a corresponding nonce inside your application

Article: https://web.dev/articles/csp

Example error:

I haven't tested my changes yet, will create a patch-package with the same changes and provide feedback 👍

[changeset-bot]

🦋 Changeset detected

Latest commit: 35bccb0

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
react-use-intercom	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[Pruxis]

@devrnt I've added a changelog, package bump etcetra.

Wondering if there's anything else to get this thing through? Package is pretty heavily compiled so not that convenient to properly do patch-package.

Would be a great addition to react-use-intercom to allow it to be used in secured applications.

[devrnt]

Thanks for the PR!

Just some release related feedback, everything else looks great!

[devrnt]

You can skip all the CHANGELOG changes and version bump. Run the changeset script and follow the prompt, changeset will take care of the rest

[Pruxis]

I wanted to however didn't wanne go through downgrading pnpm to install the packages

[devrnt]

No need to install pnpm, you can run npx @changesets/cli@2.26.0

[Pruxis]

Done 👍

[devrnt]

Also please merge upstream, e2e workflow should be fixed ;)

[Pruxis]

Also please merge upstream, e2e workflow should be fixed ;)

I think sometimes the E2E tests keep failing due to timeouts.

[devrnt]

Also please merge upstream, e2e workflow should be fixed ;)

I think sometimes the E2E tests keep failing due to timeouts.

You can ignore it, I ran them locally. I have to look into the flaky tests

[devrnt]

Big thanks!

[Pruxis]

Hmmm, must've missed something, still hitting no nonce. Will check to run with npm link