It’s time again for every framework author’s favorite: The JavaScript Site Generator Review (Feb 2023 edition).
Site generators and versions (in alphabetical order):
Astro 2.0.15
Eleventy 2.0.0
Gatsby 5.7.0
Next.js 13.2.1
Nuxt 3.2.2
Remix 1.13.0
SvelteKit 1.8.3
(…uh, this is a thread )
`npm install` time (in seconds)
(forcing a clean cache, average of 5 runs)
Notably, next.js seems to bypass `npm` by vendoring its dependencies (speedier install, without those pesky npm audits)
Hides `npm audit` reports during installation:
Astro
Gatsby
Next (via vendoring)
Shows `npm audit` reports during installation:
Eleventy
Nuxt
Remix
SvelteKit
Telemetry (anonymous data collection on usage) enabled by default (requires opt-out):
Astro
Next.js
Gatsby
Nuxt
No known Telemetry or data collection:
Eleventy
Remix
SvelteKit
This concludes the Site Generator Review—happy to receive feedback or recommendations on aspects of these tools you’d like to see reviewed for next time!
I should probably cross-post to the blog post that resulted from the above thread!
@zachleat what’s going on over in Gatsby land. I’ve used entire operating systems with a smaller footprint.
@mdh I kinda knew about Gatsby—Remix was surprising though
@zachleat Do GitHub stars and Weekly Downloads too.
@davatron5000 ah, I haven’t personally found popularity metrics to be useful in the discussion of these tools—I wouldn’t want to add to that
@zachleat @davatron5000 Is the hiding of npm audit intentional by these tools? And is vendoring bad?
@rick @davatron5000 re: intentions, I couldn’t say!
re: vendoring being “bad”—not definitively. It certainly helps install speed, but bypasses a lot of the benefits npm provides
@zachleat I just want to see if stars correlate to bundle size.
@zachleat Do number of possums in node_modules
@zachleat would love to see wire sizes for the JS bundles (gzip, not brotli, as not everyone has that yet)
@zachleat Automatic telemetry opt-in is one reason why I have a backlog issue to migrate away from Astro when 11ty launches the ESM support.
@zachleat How does one hide `npm audit` reports‽ That's a bit scary.
(fwiw, I don't consider what Next is doing as "vendoring", they're apparently rather "bundling" everything into a single big JS file through https://github.com/vercel/ncc –not the same as bundledDependencies though–; result is the same though: remove dependencies from the package.json; do Astro and Gatsby do similar things?)
@tbroyer https://fediverse.zachleat.com/@zachleat/109916510211225665 has some more context.
Ah fair point about the definition of vendoring!
@zachleat on that particular topic, I just read https://www.peterbe.com/plog/benchmarking-npm-install-with-or-without-audit so it seems to be significative if you measure the speed of `npm install`
@david just for clarification all `npm install` benchmark results in this thread had auditing enabled
@zachleat alright I wasn’t sure about the hiding thing
@david yeah—fair question! Those audit defaults were tested separately.
@zachleat gatsby is big-boned zach be kind