CSP Blocks no-unsafe-inline-fix-style.min.js

Hi,

First of all, thank you for this plugin, it has helped us easily manage the CSP headers. However, I encountered one issue. The CSP report-only mode is detecting the following:

no-unsafe-inline-fix-style.min.js?ver=1.2.2:2 [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' https: *.force.com 'nonce-0c6cbe5e76337da458c471840b91f5e00d22daf8942945034fc267f555e0a729' 'report-sample'". Either the 'unsafe-inline' keyword, a hash ('sha256-iGvB5oI/ivU7fGqCV1YT6lpdbwA6+pxXufxgCiFeW0U='), or a nonce ('nonce-...') is required to enable inline execution.

The source directs me to:
var e = nativeAppendChild.apply(this, arguments);

This also appears when I enabled the CSP Protection. I checked the external whitelist and confirmed that the file is already whitelisted. However, the specific line does not seem to be detected in the inline whitelist.

This also appears on the dev console:

Directive	Element	Source location	                                Status
style-src-elem		no-unsafe-inline-fix….min.js?ver=1.2.2:2	report-only
style-src-elem		no-unsafe-inline-fix….min.js?ver=1.2.2:2	report-only
style-src-elem		no-unsafe-inline-fix….min.js?ver=1.2.2:2	report-only

Is there any way to whitelist this properly or resolve the issue?

Thank you!