There is no package.json to make sure all versions are vulnerabilities free or are up to date, which raises security concerns.
Also .js packages are minified and uglyfied which makes it really hard to debug, and also it makes it hard to tell if any changes were made to the original packages raising security concerns due to lack of transparency.
You should provide the means for users to be able to download the packages from the original repository and to be able to pack it if they wanted. Otherwise security concerns due to lack of transparency will be raised.
There is no package.json to make sure all versions are vulnerabilities free or are up to date, which raises security concerns.
Also .js packages are minified and uglyfied which makes it really hard to debug, and also it makes it hard to tell if any changes were made to the original packages raising security concerns due to lack of transparency.
You should provide the means for users to be able to download the packages from the original repository and to be able to pack it if they wanted. Otherwise security concerns due to lack of transparency will be raised.