Hi,

TweetNaCl.js currently includes a minified build in its package on npm, but unfortunately this is making dependency auditing quite a bit harder; now in addition to a human-readable version, a minified version now also needs to be audited and/or reproduced (which has its own toolchain trust issues).

I've written a bit more about this topic (and why minified builds are not useful on npm) here -- I'd like to request removing it from the npm package :)