@SuperDicq @green Even free JavaScript is a security risk, as someone could compromise the server and make it send proprietary JavaScript and you'll never know, as a misconfigurated browser silently runs whatever a website throws at it.

Free JavaScript would be acceptable if you could download the the source code and/or binary version as a versioned tarball (i.e. via a package manager) and check the signature and run that version with the website, as that would give the user the freedom to choose whether to keep using that version or install an updated version.

The closest we have to that is Tapermonkey or Haketilo, but those extensions can't make any guarantee that proprietary JavaScript won't be executed (the only way to do that is to set javascript.enabled=false, but that would break the proxy version of Haketilo and the browser extension is "depreciated").