[ushakov]

we might have different experiences, but in my view when you take the downsides into account: a build system requirement and very large amount of dependencies, then Tailwind isn't worth it

you should avoid large dependency trees and if possible avoid the JS-ecosystem altogether, because these dependencies introduce security vulnerabilities routinely

we already have web components which support scoped styles, so you can just build a component once and reuse it everywhere else in your code

i'd love to hear more counter-arguments though

[kaba0]

I really dislike the js ecosystem, but as mentioned in my other comment, there is barely any security risk in shipping a compiled css file. Most of the deps are just there for file system watching and live-reloads.

Regarding web components, you can just use them with tailwind, they are not complementers. Hell, if you want to have a stylized button, of course just write it once, but the reusability comes from it being a component — I really have to question the reusability of CSS styles that are more complex than a few properties. Like, do you honestly reuse the style of a button in your menu? Perhaps the color scheme and font, but those should be variables to begin with.

[ushakov]

> there is barely any security risk in shipping a compiled css file

not when you require 500 dependencies to actually compile the css

imagine running “npm run build” but instead of getting a css file you get your hard drive wiped out, because some author of random npm module decided it’s April Fool’s day today

this is a hard reality than many are not willing to acknowledge because of all the hype around JS

[kaba0]

I agree that it is currently a very real security risk but at the same time we should ask ourselves what on Earth are our OSs do? Because my phone could protect me from that 100%. Running arbitrary code should pose no such threat ever.