More fine grain control over when to allow hashes and nonces

A new breaking changes has been introduced into this version of the CspHtmlWebpackPlugin:

• devAllowUnsafe has been removed, and has been replaced with 2 object configurations: hashEnabled and nonceEnabled.
  • These 2 objects accept <string, boolean> entries of a policy name, and whether that policy should include hashes or nonces.

By setting all hashes and nonces to false for script-src and style-src, this should act in the same was as setting the now removed devAllowUnsafe to true