Could you elaborate on the htmx security holes? I only know about xss attacks, and for those it’s trivial to sanitize in the backend.
I too gravitate towards just templating for static or simple interactivity, but for pages that need SEO and interactivity I’m still wondering what’s a good solution that doesn’t involve SSR and a js framework. For a recent project I had I generated the html in php and sent a lot of pure js for dom manipulation