JavaScript files loaded from another domain should be verified using the integrity attribute.
If the contents loaded from another domain is not verified the browser will execute the contents without verifying with a correct hash.
You won't be notified about changes to this idea.