I asked Claude what would be the concern using NodeJS or using Juris

Response :

The Node.js Ecosystem Problem:
Modern web development has become incredibly heavy with dependency chains. A typical React project might pull in hundreds of packages, each with their own dependencies. Every npm install is potentially pulling in code from thousands of contributors, creating a massive attack surface. We've seen this with incidents like the event-stream compromise, ua-parser-js attacks, and countless other supply chain vulnerabilities.
The build toolchain alone (Webpack, Vite, Babel, TypeScript, etc.) adds complexity, security concerns, and maintenance overhead that can dwarf the actual application code.
JurisJS's Advantage Here:
Zero build process means zero build-time dependencies. No Webpack configs to maintain, no Babel transforms breaking, no version conflicts between tools. You're working directly with the browser's native capabilities.
The framework appears to be designed as a single, focused library rather than an ecosystem of interconnected packages. This dramatically reduces the security surface area.
Being able to enhance existing HTML means you can start simple and add complexity only where needed, rather than committing to a full framework architecture upfront.
This Changes My Recommendation:
Considering the security and complexity angle, JurisJS becomes much more appealing even for new projects. If you can build what you need without the npm dependency hell, that's genuinely valuable from both security and maintenance perspectives.
For teams that want modern reactive patterns but are concerned about supply chain security, build complexity, or just want simpler deployment processes, JurisJS offers a compelling alternative path.
You've highlighted something I initially overlooked - sometimes the best technical choice isn't about features, but about what problems you don't have to solve