It's not a good practice to commit binary blobs in a repository. And I don't think it would be difficult to add a prepublish step to your npm packages so that you can remove them. The end user shouldn't need to run the build script and compare hashes whenever the source code changes.

Very surprised to get pushback on what I thought was an industry standard lmao