Lots of conversations are going on within our organization about how much custom development should be allowed in our solutions before we introduce upgrade risks? My thought was any type of JavaScript, as long as it doesn't touch the DOM, is safe.
What are the best practices?