General reasons for using NoScript: security (js sandboxes are not flawless), privacy (brower fingerpring [1][2], Sniffly [3], ...), less CPU usage, less UI bloat (modal popups, blinking stuff, ...; although I have to manually whitelist some websites).

[1] https://amiunique.org/ [2] https://github.com/ben174/hsts-cookie [3] https://github.com/diracdeltas/sniffly

Great summary. I recommend uMatrix (https://github.com/gorhill/uMatrix) which has really good controls for toggling not just JavaScript but also cookies, XHR, frames, etc for origin and 3rd party/cross-domain requests with per-site settings. A lot of websites that need JavaScript will still work if you enable loading of scripts from the origin domain but leave things like Google Analytics, etc, from other domains blocked. uMatrix is also easier to use and has a much smaller footprint than ad blockers.

I also have javascript disabled, and selectively enable it for websites as required. For me it's less about security and more about disabling annoyances e.g. assisted scrolling and such.

On the security point, there are some answers out there relating to javascript in tor [0]. Basically it's not a risk per se, but it does increase your risk surface area.

[0]:https://security.stackexchange.com/questions/40620/why-is-ja...

Im interested in this too. Why?

Security

How is having Javascript enabled less secure?

Greater attack surface.

Yeah, like doors or Windows in your home. Take it however you like.

A home without doors cannot be used. A browser without Javascript can be.