fix(useScript): apply attributes before appending script to DOM

[schnogz]

When using security focused attributes for scripts such as nonce, these values need to be set on the element before it is appended to the DOM. Setting afterwards breaks the security model and the browser will reject executing the script.

Currently

With Change

Notice the value of the nonce is now hidden meaning Chrome has accepted it and masked the value for security reasons.

[vercel[bot]]

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployment, click below or on the icon next to each commit.

🔍 Inspect: https://vercel.com/charlietango/hooks/GLigMFctLK6kGp3u5gw9zwZeWttv
✅ Preview: https://hooks-git-fork-schnogz-fix-use-script-nonce-4d9ace-charlietango.vercel.app

[thebuilder]

Makes sense! - Haven't had the need to set nonce on dynamic scripts.

[schnogz]

Can you publish an updated version of the repo to NPM? would love to use this in production at my company soon but cant due to security issue above.

Thanks for the awesome hooks BTW!