Not to poke at React or any of the other popular frameworks, I’m sure they’re suitable for Cybersecurity projects. They surely go through things like reviews and audits.
I’m asking from the perspective that web components are native to the browser and thus reducing what I think is called supply chain attacks (like if “npm install” introduces something it shouldn’t).
Maybe the frameworks don’t matter and depends on the browser/os/device it’s run on?
Context: I have a p2p messaging app created with ReactJS and a separate project for a UI framework based on Lit. Both these projects can be a whole separate discussion. I was wondering if there could be any advantages to refactoring (or starting from scratch) the messaging-app to be based on the webcomponent ui framework.
Same question on r/ExperiencedDevs with comments here. I have an answer there, but posting here in-case anything is being overlooked.
thanks for your thoughts.
thats not quite what im asking. im wondering if there are nuanced benefits to using webcomponents over something like react. with the key difference being the native support.
i hope with the webcomponent approach it could be “furture-proof” as it seems to be the rhetoric i hear around. im sure i wont have a great implementation any time soon, but id like to try out a few ideas to see if it holds-up. hopefully to lead to a “secure javascript ui framework” (which itself could be a whole discussion). i hope that by having it open source, i can point to an example to discuss and improve it.
it seem for the messaging app refactor, i’ll be fine to use react on it. which is great because i already have a working-ish demo.