I know the framework7.io website(s) support https, but if I just visit framework7.io I end up on the unencrypted http:// url. It’s common practise these days to redirect non-https traffic to the https equivalent, with url-rewriting. And even better you could implement HSTS as well.
Leading all traffic via HTTPS will improve security and privacy. And if your webserver supports HTTPS/2 the performance will probably be better than HTTP and SEO could also profit.
Keep up the good work!