Update inline javascript tags to allow for csp nonces

[venables]

Avo currently does not work if you have a content security policy which blocks unsafe-inline. This Pull Request uses the built-in option for javascript_tag to allow a nonce to mark the inline script as safe.

This change is also safe for apps without a content_security_policy.

[codecov]

Codecov Report

Merging #201 (1b1a6f3) into master (8a13028) will increase coverage by 0.89%.
The diff coverage is 93.92%.

@@            Coverage Diff             @@
##           master     #201      +/-   ##
==========================================
+ Coverage   96.03%   96.92%   +0.89%     
==========================================
  Files          87      136      +49     
  Lines        1890     3836    +1946     
==========================================
+ Hits         1815     3718    +1903     
- Misses         75      118      +43     

Impacted Files	Coverage Δ
lib/avo/app/tools_manager.rb	50.00% <50.00%> (ø)
lib/avo/app/action.rb	80.48% <80.48%> (ø)
lib/avo/engine.rb	85.71% <85.71%> (ø)
lib/avo/app/fields/boolean_field.rb	93.75% <87.50%> (ø)
lib/avo/app/app.rb	89.61% <89.61%> (ø)
lib/avo/app/resource.rb	90.35% <90.35%> (ø)
lib/avo/app/fields/key_value_field.rb	90.90% <90.90%> (ø)
app/controllers/avo/resources_controller.rb	91.45% <91.45%> (ø)
.../avo/app/fields/field_extensions/has_field_name.rb	91.66% <91.66%> (ø)
...lds/field_extensions/visible_in_different_views.rb	92.85% <92.85%> (ø)
... and 177 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 556c896...1b1a6f3. Read the comment docs.

[adrianthedev]

Thank you for your contribution! 🤙

[adrianthedev]

Tagged under 0.4.4. Thanks again!