One of the objects which seems to crop up rather often when discussing this idea, is that

My users are now dependent on a CDN!

This is true, although my investigation makes this appear way less scary then it first looks. In fact on balance I've developed a strong preference for them...

The reliability concern is dealt with in two ways. Firstly according to jsdelivr status, its uptime was 100% in 2023. So, that's not too bad.

And if you specify the explicit dependence of the module you are using... actually, it gets waaaay better ... because when the CDN responds to an explicitly versioned request, it includes a bunch of headers which say "This artifact is immutable. Don't bother me about this again. Ever".

And the browser will respect that - next time you go ask for your dependency, it simply loads it out of its cache. There is no network request. Dependency load time: 0ms, according to the browser network tools.

It's tought to get faster than 0. Also, no request means no network risk.

So, under "ideal" conditions:

• You are using a modern browser
• You are making the request for a second+ time
• You have explicitly specified the version of the dependencies you're using

Dependency resolution is both very reliable and very fast. What's cool - that cache survives redeployment. So your app is slow for the user the first time... but the cache survives a redeployment. It's fast afterwards. We can reword the statement as follows;

My users are now dependent on a CDN being available the first time they visit my site.

Which is less scary given the historical uptime!