This is a tangential idea based off a recent discussion

The problem

For those folks that create their custom or modified templates, a task they have to do upon every upgrade is to update the SRI hashes in the script tags. Of course they may also have to add any new HTML elements we might have added, but to be fair, that is rare.

The solution

The SRI-hashes are the same for all templates, and could be injected into them from a single source of truth, for example from default configuration values. That way they could still be overridden in the configuration file, if really needed (=when they modify the JS themselves), but otherwise they would always be up to date upon the upgrade.

Can anyone think of any risks that this would introduce?

Alternatives

We decide the current solution is adequate and we leave everything as it is.

Additional context

This is a bit of a papercut-issue, annoying but not blocking. It may lead to admins avoiding updates or avoiding to customize the templates, which kinda defeats the point of the feature (templates).