Javascript has managed to even ruin the linux desktop. Running every random JS application sent to your browser VM makes the browser insecure which means the entire computer can't be trusted. This is the reason things like the waylands enforce a smartphone like model of security where the user's applications aren't allowed to communicate or interact with other elements of the graphical desktop. Applications aren't trusted. So the user isn't trusted. A trade-off not worth it.

Huh? What are you trying to say? There's no conflict between distrusting applications and trusting the user. Even on Android (which is pretty paranoid these days), you, the user, can still opt to trust apps with things like accessibility API access and background location.

Why exactly should we perpetuate the insecure old single-privilege-level desktop model?

>Why exactly should we perpetuate the insecure old single-privilege-level desktop model?

Because after 10 years of heavy development none of the waylands have managed support simple things like screen readers. X11 supports screen readers and innumberable other vital accessibility features that wayland never will be able to. Some waylands might eventually develop extensions for their particular desktop but there won't ever be a way for wayland protocol because it can't. Security theater is more important than accessibility/usability for wayland that leaves many use cases and entire demographics of people out in the cold.

So yes, X11, which is still the least worst option. Better to have the ability to do all things than have to wait decades+ for developers to write complex extensions to do things (and just for their DE, causing fragmentation).