CSP loading issue of JS resources in current devel docker container setup

Steps to reproduce

In a docker setup using https://dev.funkwhale.audio/funkwhale/funkwhale/-/blob/develop/deploy/docker.nginx.template with FUNKWHALE_VERSION=develop, the front page fails to load JS files.

What happens?

JS files fail to load due to CSP errors:

The CSP errors indicate that eval is being used to load the resources.

Indeed changing the CSP header at https://dev.funkwhale.audio/funkwhale/funkwhale/-/blob/develop/deploy/docker.nginx.template#L29 to include unsafe-eval as script sources makes the loading work again.

What is expected?

Resources can be loaded. There are two options:

1. Preferred: unsafe-eval is not needed, JS resources get loaded without eval being used
2. The docker.nginx.template gets changed to include unsafe-eval:

   add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
   

I really don't see why eval should be needed to load JS dependencies, and allowing unsafe-eval might have some security implications.