I'm interested to hear what architecture and regulations prevent the use of something that is foundational to web develpment and backwards compatible by design? Which also, by the way, comes with the advantage of not incinerating other parts of the restaurant (accessibility, user experience...), forcing expensive countermeasures or total rebuilds of the things destroyed every time you turn it on.

90% of the SPAs I use could be Django/Rails/Flask apps with no noticeable difference, other than that they'd be many times more responsive on slower devices.

"Old" SSR apps are mature, not obsolete. It's ridiculous when they're not considered even when they'd be the right tool for the job. I wouldn't try to clone Google Docs in Django, but something like Linear could 100% be modeled as a CRUD app with new page loads on click without a substantial loss of functionality from the user's POV. Not to mention built-in, automatic support for pervasive "deep linking", aka "linking", because you access a URL's contents by GETting and rendering that URL is just how it works.

I don't understand how having to pay 20 different vendors so hackers can run commands on your server barely impeded is somehow simpler.