IMO, if you're not going to enable comments or use hosted solutions like Disqus or Livefyre, static content generation really is the way to go and WP is massively overkill. I would say though, static content generators need to be far more user friendly - essentially idiot proof (at least idiot resistant?) - for them to see mass adoption.
It would be better for the overall health of the web if more independent publishers moved to static content.
I would also say, WP is not a blogging platform. It's ventured into the "Content Management Framework" realm with blogging "stuff" bolted on at this point. But PHP is still is the most ubiquitous and easiest environment for the novice (for better or for worse) so that's something to keep in mind as well.
> It would be better for the overall health of the web if more independent publishers moved to static content.
A CMS produces static content... Most sites use caching, serving static files... I think you are meaning that only static files should be put on the server because it's safer? I'd like to see that in action on anything other than a simple blog or site with more than a dozen pages.
> I would also say, WP is not a blogging platform
You're the first person I've heard say that, usually it is the opposite ("it's just a blogging platform"). Can you point to any development in the code base that has suddenly made WP less dedicated to blogging? WP is clearly very versatile, otherwise people wouldn't use it for everything. But there's nothing in the code base that has changed that de-emphasizes its blogging capabilities or focus.
The problem is that people that run 12 page websites are probably more likely to not keep up with upgrades, and to consequently have their sites broken, passwords gotten, etc.
The original comment is not quite right. It's not that WordPress is now a "CMS Framework" with blogging bolted onto it. It's actually the other way around: a CMS framework is bolted onto a simplistic and fairly faulty blogging platform.
If you use it as a blogging platform, or to run a mostly static site, sure it works. But try to actually build something on this "framework" and you'll run into all kinds of ugly. Things like BuddyPress, ecommerce plugins, etc. all are a mess because you can't turn a blog into a social network or an online store any easier than a Prius into an 18 wheeler.
And WP is not versatile. It's just that PHP has no rules. Anyone can do anything at any time. Don't want to wire proper plumbing into your framework to pass some variable to the right view? Just declare a global variable! Don't have access to the right set of posts? Query the database directly!
So my argument against WP is not that it's a bad blogging platform. It's that blogging is all that's it's good for, assuming you spend every minute of every day checking for security updates.
WordPress initial purpose was for blogging, later it grew along with demand and real world usage to become a more robust, capable versatile CMS. The blogging architecture is still front and center however. While there are definitely limitations to what WP should responsibly be used for, some folks like to hash out poorly constructed ones.
Take the security updates aspect - it doesn't matter software you use - it will need updating. A vigilant attitude toward security should be the default for serious sites, regardless of the software used.
Same with cars, they can suffer all kinds of problems if not properly maintained. You can't force the car owner to take the car into the shop to perform said maintenance. That doesn't make the car fundamentally bad.
When people say something to the effect 'WP isn't secure', it's often made as a blanket statement to make it sound like WP is fundamentally weak. There have been very little serious problems with WordPress core itself. Security concerns and exploits are the reality of any software that is widely used, WP is no exception, but it's to be expected. If anyone likes to share any powerful software in use that has millions of users and manages to evolve constantly and stay perfectly robust against any imaginable attack - I'd like to hear some examples.
Back in the real world, what counts is building useful products that matter to its end-users.
It would be better for the overall health of the web if more independent publishers moved to static content.
I would also say, WP is not a blogging platform. It's ventured into the "Content Management Framework" realm with blogging "stuff" bolted on at this point. But PHP is still is the most ubiquitous and easiest environment for the novice (for better or for worse) so that's something to keep in mind as well.