Subresource Integrity is a nifty idea to use SRI hashes to verify external resources your web app depends on haven’t been compromised.
But it does mean you’re trusting the CDN. With SRI hashes you don’t need to trust it as much - though IE users will, but then if you’re using Microsoft products you don’t care about security so not that big a deal.
You can use a website to calculate those SRI hashes for you. Alternatively you can just use this script: