require-trusted-types-for is broken

[dragonbear-os]

The following code:

csp({
  directives: {
    "require-trusted-types-for": ["script"],
  }
})

results in this header:

content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https:;style-src 'self' 'unsafe-inline';font-src 'self' data:;default-src 'self';object-src 'none';base-uri 'none';require-trusted-types-for script

which is invalid and results in:

Invalid expression in 'require-trusted-types-for' Content Security Policy directive: script. Did you mean 'script'?

The type for require-trusted-types-for is Array<"script"> so that is the only thing I can pass there.