While it won’t offer all the bells and whistles that a vendor-specific integration has, the Internet Printing Protocol (IPP) integration is a nice generic integration that reports status and ink/toner levels of network enabled printers that support IPP. Its a very generic protocol, so I believe most network printers will work fine with that. That might help broaden your search a bit (our 2014 Canon laser printer works fine with it).

How do you track (PostNL) packages?

When working with web components, you will likely also end up with dependencies that you’ll install using npm (eg lit itself). Theoretically, the same supply chain attack can still happen this way and thus introduce malicious code in the web components JavaScript, see for example this article (first search result)

You could write your own ui-library using whatever technique you deem to be safe, or you can stand on the shoulders of giants and start with a readily available one and adjust as needed. Security-wise I thinking would be better to ensure the frontend and backend are separate projects/applications that could (theoretically) be deployed on different machines and still exchange the necessary information through an api, so you’ll know that even if something happens on one end, the other wouldn’t necessarily be affected as well.