When I started building Weather & Clock Dashboard — a Firefox new tab extension that shows live weather and world clocks — I had a choice: use a modern framework or go vanilla. I went vanilla. Here's why, and what I learned. The Case Against Frameworks in Extensions 1. Bundle size matters more in extensions A React app might add 40KB+ of compressed JS. In a web app that's negligible. In a browser extension, that's loaded on every new tab, blocking render. Users feel it. My entire extension is ~15KB uncompressed. It renders instantly. 2. No build tooling = no attack surface Supply chain attacks on npm packages are real. Zero dependencies means: No npm install No lockfile drift No audits needed No node_modules to accidentally commit The security model is simple: I wrote all the code, all the code is right here. 3. Extensions live in a privileged context Browser extensions have access to browser APIs, storage, and (with permissions) cross-origin requests.…