It's definitely a rant worthy mistake because this would literally never happen in any professional app anywhere. This is a supply chain risk.
replyMicrosoft? Okta? JetBrains? If these are amateurs, who is a professional developer?
replyhttps://www.encryptionconsulting.com/top-10-supply-chain-att...
Are you aware that common libraries like Bootstrap, FontAwesome, and HTMX walk developers through linking to their CDNs directly? In fact, FontAwesome recommends it for CDN performance.
I think you're dangerously mistaken if you believe that it "literally never" happens. It literally does happen all the damned time. And, for your own safety and others', you should assume that when you use any app for which you don't have the source code.