WordPress 5.7 adds a handful of new functions that enables passing attributes, such as async or nonce, to both regular and inline script tag attributes. This creates a path forward for enabling a Content-Security-Policy (or CSP) in Core, plugins, and themes.
Origen: Introducing script attributes related functions in WordPress 5.7 – Make WordPress Core