no, libreddit ( a privacy frontend for reddit, third party) was renamed to redlib.

old reddit or libreddit (now redlib). If you browse without accout, that should be enough. If you have a account, I would still enable js only for old reddit and not reddit as whole.

No, it is unnecessary, and it would break many auto updating websites, for example, if you use mail in web, then your mail provider has web sockets to get notifications from server to fetch you mail.

I generally would recommend to disable javascript , and have a whitelist for websites you trust (easily achievable by ublock, or no script). If they do not have js, most attack vectors are neutralised. If you can trust a website to run js, you can trust it to run web sockets.