JavaScript assets on external CDN should have integrity check

[davel]

Increasing Access

Unsure, however adding an integrity check may help protect peoples' sketches.

Feature enhancement details

The <script> tags in index.html that pull in a specific version of an asset from an external CDN should have an "integrity" attribute. https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity

[welcome[bot]]

Welcome! 👋 Thanks for opening your first issue here! And to ensure the community is able to respond to your issue, be sure to follow the issue template if you haven't already.

[lindapaiste]

I'm not sure about this one. Yes it's a best practice. But the when a beginner looks at the "index.html" file in the editor, it's easier to understand the code without it.

[gawandeabhishek]

"Hi @lindapaiste , I'm Abhishek. I aspire to be a top contributor for p5.js-web-editor. I am proficient in the MERN stack, including JavaScript, SCSS, CSS, HTML, MongoDB, and MySQL. However, I'm currently having difficulty finding a suitable issue. Could you please assign me some JavaScript-related tasks? I have a passion for JavaScript and enjoy resolving bugs in its code."

[raclim]

Thank you for opening this issue!

I agree that although its a best practice, I'm not sure if this is strongly needed in the sketches at the moment and might end up adding complexity for newer users. I'm down to revisit this down the line though, and added it to a board for issues/PRs to revisit.