HowTo use 3rd party lib with content-security-policy omitting eval()

The problem ist described here: https://stackoverflow.com/questions/74959323/how-to-make-ui5-content-compatible-with-the-flp-setting-asynchronous-module-loa

We have developed some UI5 components, that use 3rd party libs (e.g. Excel File handling or jsrasign). During build we see the Warning: lbt:bundle:Builder Module ..../lib/xlsx.full.min.js requires top level scope and can only be embedded as a string (requires 'eval')

This is normally no problem but when using this component in a Fiori Launchpad setting "Asynchronous Module Loading" the component is not loaded because of the content security policy

Is there a setting for a UI5 component that allows using such 3rd party libs even with CSP unsave-eval switched off?

Or is there another way to embed a 3rd party lib other than we do currently?

sap.ui.define([ ...., "../lib/xlsx.full.min", ...], function (.....) {...var encodedCol = XLSX.utils.encode_col(col); // XLSX comes from the lib
.......}Regards Michael