First of all great work. Looks really nice! What I don't like is your advocating for throwing away npm. While I do get the appeal of simplicity you should not forget the features you get from using a packet manager for third party libraries. One being handling of updates. As it is right now you will have to "know" that there is an update for the library you are using. Any updates (even security related ones) you are in danger of missing and thus maybe allowing malicious actors to attack your site. While I think the actual risk here is minimal I really don't want this not to be mentioned as third party libraries and dependency management are one of the top security issues we face today in applications security.
First of all great work. Looks really nice! What I don't like is your advocating for throwing away npm. While I do get the appeal of simplicity you should not forget the features you get from using a packet manager for third party libraries. One being handling of updates. As it is right now you will have to "know" that there is an update for the library you are using. Any updates (even security related ones) you are in danger of missing and thus maybe allowing malicious actors to attack your site. While I think the actual risk here is minimal I really don't want this not to be mentioned as third party libraries and dependency management are one of the top security issues we face today in applications security.
Nonetheless awesome idea :D
~Cheers
That's is a fair point!
I based my decision on:
I'll surely setup typescript and yarn if the project grows. For now it has been super fun to do it, just vanilla js and html