This year, the survey received over 30,000 respondents, more than doubling the amount from last year. Respondents from a total of 194 countries answered 54 (optional) questions. (See further information about the methodology here.)
2019’s results show that it’s a banner year for React.
63% of respondents report that they write React code. (In addition, 15% of respondents do not currently use React, but are considering it. 21% of respondents do not use React and are not considering it.) Of the 57% who write React code, 49% primarily write it. The results from npm claim that React is “more than twice as popular as the next-biggest framework, Angular”.
(Compare these results to Ionic’s 2018 survey which crowned Angular as the most used JS framework for development work. However, this may because of React’s more common use in the enterprise, as mentioned by a report from CloudAcademy in March 2019.)
56% of respondents deploy JS with containers (such as Kubernetes), while 33% are using a serverless technique. Most developers answered that they use multiple methods for deployment, however container tech was the most popular single method.
TypeScript also gains some ground in the community, with 62% of npm users reporting that they write TypeScript. 15% of users do not write TypeScript themselves, but use third-party libraries that use TypeScript (such as Angular).
As far as what to consider next, GraphQL and WebAssembly is on the radar. 49% of respondents are considering using GraphQL, despite only 7% of respondents frequently using it.
When asked if they have heard of WebAssembly, 54% of respondents said that they are interesting in using WebAssembly, compared to only 3% who are using it. From this data, npm suggests it foreshadows “a very strong sign for WebAssembly’s adoption in 2019 and beyond”. Since WASM is still a fairly recent tech, time will tell how its mainstream adoption plays out.
Open source challenges
According to the survey results, 83% of developers are concerned about the security of open source code. This is up from last year’s results of 77%.
In order to secure this code, most developers (76%) use code review. This year, nearly half of respondents use automatic code scanning tools. 23% of respondents do not use any method to ensure code security.
Meanwhile, the report also found that licensing is a major decision factor in what packages developers use.
A huge 58% of npm users said that the license of a package impacts their decision to use it, indicating that the compliance issue is of concern to a much greater portion of our user base than we expected…55% of developers who care about licensing are prohibited from using certain licenses by their companies.
Unrecognized licenses and code without a license were the two most common licenses that developers were preventing from using. GPL and AGPL also provoked some concern, with a respective 43% and 34% of developers unable to use packages under these licenses.
As for future surveys, npm states that they will be sending up follow-ups to a number of respondents in specific groups to learn more.