The plugin author should definitely be blamed for this. But I think that the root problem is with the `teacher` npm package. An issue[0] was also opened just 6 days ago raising doubts about using http.
That makes this even more shocking. But, after seeing Microsoft's recent stance on privacy in general with things like Windows 10, maybe this is just par for the course.
This is my thinking too. The use of HTTP is bad, but the real issue is trusting a third party with large amounts of potentially very sensitive information. Especially when the service in question was designed for people checking the spelling and grammar of their blog posts, something designed to be shared anyway.
Online spell checkers are better along many axis. For example they can spell check names in the news and slang that's likely not in an offline dictionary
Because an online service can dedicate 10TB of disk space to spell checking, while your laptop with a 512GB SSD won't like to store >100MB for the spellchecker.
If you had 100Mb of data I strongly suspect it'd return too many false positives - the likelihood of a string being in there would be too high. A spellchecker isn't very useful if it knows "Donald Trumo" is a real name.
For reference, the hunspell dictionary file used in apps like Libre Office and Firefox is about 400kb. That's effectively the whole of the English language.
I think "the cloud" is making people forget how simple some common features actually are. The default assumption seems to be that it needs to be in the cloud because it's too hard to do locally.
Besides the good points made by other commenters, I'll raise you another one: want to trade space? How about cutting out some of that fat modern software comes with? Change the configuration language from XML to JSON and you'll suddenly have space for 10 spellcheckers. Cut out that pointless high-resolution banner and you'll have space for 10 more.
[0] https://github.com/vesln/teacher/issues/4