You know CSP is another security layer.
CSP is a good point to protect distant script, because if DNS poisoning occur or MITM at the source of your file (any distant libraries for example) it could replace the script loaded on your site.
It's always better to reach maximum security but if your inline script get hacked it would mean that your entire site or whole server is compromised.
And put inline scripts into a file, well I don't know, it's at the dev's discretion. But for some, if they are inline that's in most case for a good reason.
regards