Crypto for websites is completely broken (because the server can serve you whatever it wants), so doing crypto for websites at all is suspicious.

I guess they have this for local email decryption: https://proton.me/mail/bridge

idk if they have anything like that for their other products like calendar or file storage

Presumably if you stick to mobile apps you won't be using JavaScript served by their server? Unless they're just html wrappers

Yeah, apps are generally OK, unless they're webviews, as you say.

The bridge looks good, though it seems really shady that it's not open source. I'd expect it to definitely be open.

It's not "broken", please don't spread FUD. It's a whole lot more transparent than doing it on the server side. Client code can be inspected and publicly audited, and many times you can save/cache it so that it doesn't change. Also opens up the possibility for third party standalone apps that don't change often.

this can be mitigated by using a browser addon to calculate and verify the web js content is matching the hash in a public code repo. That is how CTemplar Mail does it.

I'm disappointed they haven't implemented something like this.

WASM? I have seen it used a lot for this.