Use Stock Lit

[strseb]

Note that non-release versions of third-party libraries are not accepted.
https://extensionworkshop.com/documentation/publish/third-party-library-usage/

Given we patched lit to only fix a warning, let's pull an official release from an official source and live with that warning. Given that we can point to https://lit.dev/docs/templates/expressions/ and the fact that we don't use any of the unsafe* directives.
(Spoiler: We dont even ship those anymore.)

Idea 1: Use lit-all-min.js:
Well the bundle comes from https://cdn.jsdelivr.net/gh/lit/dist@3/all/lit-all.min.js
And the rules are clear about CDN's

You should download third-party libraries from their official site, not from a CDN or other location.

It is unclear what the rule is, if lit is actually endorcing a cdn... 🤷 - This might be a good plan b.

Idea 2: Use NPM.
We cannot use the npm lit.js files directly. They are expecting to have a global resolving scope. i.e lit.js is importing "@lit/reactive-element". For this type of import we would need to use a source-map. They are blocked however due to the fact that every Webextension has a default csp script-src "self" . Even after changing the manifest csp to allow eval, the import map did not apply. I meed night file a bug... Also using nonce's are not allowed.

Therefore!

... These processes include minifying your code, as well as the use of module bundlers or similar tools, such as webpack.

Using a bundler is not forbidden. i.e there even is an official webpack plugin. So i quickly use rollup to create a loadable bundle when you do npm install.

[lesleyjanenorton]

R+ but let's just verify again tomorrow that we really have/want to use Stock Lit before merging.