Unable to load the auth-spa-js script inside chrome extension

Hi, I have been trying to load the script file of auth-spa-js, but it shows the error.

       Refused to load the script 'https://cdn.auth0.com/js/auth0-spa-js/1.2/auth0-spa-js.production.js' because it violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

I am developing this app using manifest_version: 3
Here is the manifest.json

  "name": "Chrome extension",
  "version": "1.0.0",
  "description": "",
  "manifest_version": 3,
  "author": "Ayush kumar",
  "action": {
    "default_popup": "index.html",
    "default_title": "Chrome extension"
  "background": {
    "service_worker": "background.js",
    "type": "module"

  "permissions": ["storage", "cookies"],
  "host_permissions": ["http://*/*", "https://*/*"]

Ok, I found a link to v3 which says, that remote codes can no longer be hosted. So it’s better to download the minified versions. https://developer.chrome.com/docs/extensions/mv3/mv3-migration/#remotely-hosted-code