Is your feature request related to a problem? Please describe.

All libraries which are passed as "dependencies" in the Lib.init call in the library.js must be declared as dependency in the manifest.json as well.
If this is not done, this can cause a sync require which uses eval. When running such libs in a strict CSP environment which disallows unsafe-eval, it fails.
Currently the linter does not detect and fix this.

Describe the solution you'd like

The linter should evaluate the Lib.init call (formerly sap.ui.getCore().initLibrary) and find the passed dependencies.
Those must be cross checked against the manifest.json and occur there as non-lazy library dependencies as well.
If missing they should be added. If they are lazy they must be switched to non-lazy.

Ideally the linter should detect even more occurrences of dependencies e.g. from sap.ui.define statements or namespace definition in views.

Describe alternatives you've considered

Additional context

In SAP Workzone a site can be switched into async loading mode. This also enhances the CSP headers to disallow unsage-eval.
Also such issues are future fatals for UI5 2.x.