Skip to main content

The 20 npm Packages Losing Downloads the Fastest in 2026

·PkgPulse Team
npmtrendsjavascriptdeprecatedmigration2026

TL;DR

Declining downloads are a leading indicator, not a death sentence — but they warrant investigation. Packages like Create React App, Moment.js, and Webpack haven't died; their download counts are still huge. But their growth curves are negative while alternatives accelerate. Knowing what's declining helps you avoid starting new projects on legacy tools and plan migrations before the ecosystem leaves you stranded.

Key Takeaways

  • Create React App: -35% YoY — deprecated by React team, no security updates
  • Webpack: -22% YoY — huge absolute downloads but Vite/Rspack eating share
  • Moment.js: -28% YoY — replacements have better DX, smaller bundle
  • Enzyme: -60% YoY — React 18 compatibility issues killed it
  • node-fetch v2: -45% YoY — Node.js native fetch ending the need

Category 1: Officially Deprecated

1. Create React App — -35% YoY

# Status: DEPRECATED. Official React docs removed it.
# Last release: 2022. Security vulnerabilities unfixed.
# Current downloads: ~1.4M/week (was ~2.1M)
# Why still downloaded: legacy CI pipelines, old tutorials

# What to use instead:
# New projects: Vite + @vitejs/plugin-react
# Next.js: Next.js itself handles project setup
# Migration: 30-60 minutes (see CRA → Vite guide)

2. request (HTTP client) — -55% YoY

// Status: Deprecated by maintainer in 2020. No updates since.
// Security vulnerabilities with no patches.
// Current downloads: ~14M/week (legacy, not new installs)

// What to use instead:
// Fetch API (built-in Node 18+)
// axios (npm i axios)
// ky (npm i ky) — fetch-based, small
// undici (npm i undici) — Node.js native HTTP client

3. node-fetch v2 — -45% YoY

// Node 18+ has fetch built-in
// node-fetch v2 was CommonJS; the CJS/ESM transition made it awkward

// What happened:
// Node.js 18: fetch() global available without any npm install
// Most teams just deleted their node-fetch dependency

// If you need it for Node.js 16 (EOL): still fine
// Node.js 18+: just delete the package
const data = await fetch('https://api.example.com').then(r => r.json());
// No import needed in Node 18+

4. cross-fetch — -50% YoY

# Same story: native fetch makes polyfills obsolete
# Downloads: ~2M/week (from ~4M)
# Replacement: native fetch in Node 18+, undici for server-side specific needs

Category 2: Replaced by Better Tools

5. Moment.js — -28% YoY

// Status: Maintenance mode. Maintainers recommend migrating away.
// Downloads: ~14M/week (legacy — not going to zero anytime soon)
// The problem: 300KB bundle, mutable API, no tree shaking

// What teams are switching to:
// Day.js (2KB) — same API, drop-in for most use cases
// date-fns (functional, tree-shakeable)
// Luxon (Intl-based, modern API)
// Temporal (native, polyfill available)

6. Enzyme — -60% YoY

# React 18 compatibility issues that never got fixed
# No adapter for React 18 that works reliably
# Downloads: ~450K/week (from ~1.1M)

# What teams switched to:
npm install @testing-library/react
# Testing Library: tests behavior, not implementation
# Works perfectly with React 18 and beyond

7. Webpack (raw) — -22% YoY

# Webpack itself is declining; create-react-app was a huge source of webpack installs
# Direct webpack usage declining as teams migrate to Vite
# Downloads still ~20M/week (massive install base)
# But new projects rarely choose webpack

# What teams are choosing:
# Vite (new projects): 10x faster dev server
# Rspack (migration): webpack-compatible, 5-10x faster builds
# esbuild (simple builds): ultrafast, no framework overhead

8. express (legacy patterns) — -15% YoY overall

// Express itself still dominant but losing ground in new projects
// Specific express patterns declining:
// - body-parser (now built-in to Express 4.16+)
// - cookie-parser (Hono/Fastify handle this natively)
// - morgan (replaced by pino-http)

// Express downloads stable, but:
// Fastify growing +25% YoY
// Hono growing +195% YoY (edge/Bun use cases)

9. Redux (standalone) — -30% YoY

# Not Redux Toolkit — the raw "redux" package
# Most new installs are via @reduxjs/toolkit (which installs redux as a dep)
# Direct redux usage declining as teams choose:
# Zustand (simple stores)
# Jotai (atomic state)
# TanStack Query (server state)
# Valtio (proxy state)

10. styled-components — -40% YoY

# CSS-in-JS declining with RSC adoption
# styled-components doesn't work in React Server Components
# Downloads: ~5M/week (from ~8.3M)

# What teams are switching to:
# Tailwind CSS (utility-first, RSC compatible)
# CSS Modules (zero runtime, RSC compatible)
# Panda CSS (build-time CSS-in-JS, RSC compatible)
# Plain CSS with CSS custom properties

11. emotion/styled — -35% YoY

# Same issue as styled-components: RSC incompatibility
# Downloads declining across all @emotion/* packages
# Replacement: same as above — Tailwind, CSS Modules, Panda CSS

Category 3: Superseded by Built-ins

12. lodash — -18% YoY

// Not dead, but slowly being replaced by native JS methods
// ES2022+ covers most common lodash operations:
// Array.from(), Object.entries(), structuredClone(), Array.at()
// Optional chaining ?. replaces _.get()
// Nullish coalescing ?? replaces _.defaultTo()

// Still useful for: deep clone (structuredClone is built-in but slower for some cases),
// complex data transformations, fp utilities
// Downloads: ~35M/week but trending down from peak of ~42M

13. util.promisify wrappers — varies

// Many packages exist solely to promisify Node.js callback APIs
// Node.js has been all-promise since Node 14
// Example: fs.promises.readFile() is built-in
// Packages like: `mz`, `graceful-fs`, `fs-extra` declining

// graceful-fs: -30% YoY as fs.promises covers the use cases

14. mkdirp — -40% YoY

// Creates directories recursively
// Built into Node.js since v10.12:
import { mkdirSync } from 'fs';
mkdirSync('a/b/c', { recursive: true });  // Built-in

// mkdirp downloads: declining as devs discover the built-in

15. rimraf — -35% YoY

// Recursive delete — rm -rf for Node.js
// Now built-in to Node.js 14.14+:
import { rmSync } from 'fs';
rmSync('./dist', { recursive: true, force: true });

// rimraf still useful for cross-platform scripts targeting Node 12
// New projects on Node 18+: just use built-in

Category 4: Hype Cycle Correction

16. GraphQL clients (Apollo) — -20% YoY

# Apollo Client still dominant but growing more slowly
# The GraphQL-for-everything wave peaked
# tRPC offering type safety without GraphQL schema overhead
# Many teams: REST + TanStack Query for data fetching, no GraphQL

# apollo-client downloads: ~3.2M/week (from ~4M)
# urql also declining
# Growth going to: tRPC, TanStack Query direct API calls

17. firebase SDK — -15% YoY

# Firebase v9 modular SDK slower to adopt than expected
# Many teams switching to: Supabase (open source Firebase alternative)
# Supabase download growth: +180% YoY
# firebase downloads: ~2.1M/week (from ~2.5M)

18. Gatsby — -65% YoY

# Gatsby acquired by Netlify, then significant layoffs, then stagnation
# Downloads: ~180K/week (from ~510K)
# Replacement: Next.js, Astro, SvelteKit for SSG use cases
# Astro growing: +240% YoY as Gatsby's primary beneficiary

19. Nuxt 2 — -80% YoY

# Nuxt 2 (EOL Jan 2024) losing to Nuxt 3
# Nuxt 2 downloads collapsing as teams upgrade
# Nuxt 3 growing strongly: +45% YoY

20. vue-cli — -70% YoY

# Deprecated in favor of create-vue (uses Vite under the hood)
# Downloads: ~170K/week (from ~570K)

# Replacement:
npm create vue@latest  # Uses Vite, TypeScript-first

How to Check If a Package Is Declining

# 1. npm trends (visual)
# Open: npmtrends.com/package-name
# Look at 1-year and 2-year chart

# 2. PkgPulse (health score + trend)
# Open: pkgpulse.com/compare/package-a-vs-package-b
# Health score factors in download trends

# 3. npm registry directly
npm view package-name time  # Release history
npm view package-name --json | jq '.time | keys[-5:]'  # Last 5 releases

# 4. GitHub signals
# Issues: are they being closed or piling up?
# Last commit date
# README: does it say "deprecated", "maintenance mode"?

# Red flags:
# ❌ Last release 18+ months ago (for active libraries)
# ❌ Official "use X instead" in README
# ❌ Maintainer last active 1+ year ago
# ❌ Security advisories with no response
# ❌ React 18 / Node 20 issues open for months

Monitor package health and download trends for any npm package at PkgPulse.

See the live comparison

View moment vs. date fns on PkgPulse →

Comments

Stay Updated

Get the latest package insights, npm trends, and tooling tips delivered to your inbox.