Steve Kinney

Avoiding Unnecessary Dependencies

Every dependency you add to your React project is a bet—a bet that the value it provides outweighs its cost in bundle size, maintenance overhead, and potential security vulnerabilities. Too often, we reach for popular libraries without considering whether we actually need them or if there’s a lighter alternative. Let’s explore how to audit your dependencies, identify unnecessary bloat, and make informed choices that keep your React applications lean and fast.

The Hidden Cost of Dependencies

Before we dive into solutions, let’s talk about what you’re actually paying when you npm install something new. It’s not just the kilobytes (though those matter plenty):

  • Bundle size: Every library increases your JavaScript payload, slowing down initial page loads
  • Parse time: More code means more time for the JavaScript engine to parse and compile
  • Maintenance burden: Dependencies break, get deprecated, or introduce security vulnerabilities
  • Version conflicts: Dependencies can conflict with each other or force you into version hell
  • Tree-shaking limitations: Not all libraries are optimized for dead code elimination

Consider this: adding Lodash for just one utility function can add 70KB to your bundle if it’s not tree-shaken properly. That’s a hefty price for convenience.

Auditing Your Current Dependencies

Before you can trim the fat, you need to know where it is. Here’s how to audit your dependencies effectively:

Bundle Analysis

Start by analyzing your current bundle with a tool like webpack-bundle-analyzer:

npm install --save-dev webpack-bundle-analyzer

Add this script to your package.json:

{
  "scripts": {
    "analyze": "npm run build && npx webpack-bundle-analyzer build/static/js/*.js"
  }
}

This visual breakdown shows you exactly which libraries are consuming the most space. Look for:

  • Large libraries used for small features
  • Multiple libraries that do similar things
  • Libraries with poor tree-shaking support

Dependency Tree Exploration

Use tools like npm ls or yarn why to understand your dependency tree:

# See why a package is installed
npm ls package-name

# Or with yarn
yarn why package-name

Sometimes you’ll discover that a dependency you thought you removed is still being pulled in by another package.

Common Bloat Culprits and Their Alternatives

Let’s look at some frequent offenders and their leaner alternatives:

Date Manipulation: Moment.js → Native APIs or date-fns

Moment.js was once the go-to date library, but it’s heavy (67KB minified) and no longer maintained. For many use cases, native JavaScript is sufficient:

// ❌ Heavy: Using Moment.js for simple operations
import moment from 'moment';

const formatDate = (date: Date) => moment(date).format('MM/DD/YYYY');
const isToday = (date: Date) => moment(date).isSame(moment(), 'day');

// ✅ Light: Native JavaScript
const formatDate = (date: Date) => {
  return date.toLocaleDateString('en-US', {
    month: '2-digit',
    day: '2-digit',
    year: 'numeric',
  });
};

const isToday = (date: Date) => {
  const today = new Date();
  return date.toDateString() === today.toDateString();
};

If you need more complex date operations, consider date-fns, which is modular and tree-shakable:

// Only import what you need
import { format, isToday } from 'date-fns';

const formatDate = (date: Date) => format(date, 'MM/dd/yyyy');

Utility Libraries: Lodash → Native Methods or Targeted Imports

Lodash is incredibly useful, but importing the entire library for a few utilities is wasteful:

// ❌ Bad: Importing entire Lodash (70KB)
import _ from 'lodash';

const users = _.uniqBy(userList, 'id');
const grouped = _.groupBy(users, 'department');

// ✅ Better: Import specific functions
import uniqBy from 'lodash/uniqBy';
import groupBy from 'lodash/groupBy';

const users = uniqBy(userList, 'id');
const grouped = groupBy(users, 'department');

// ✅ Best: Use native methods when possible
const users = userList.filter(
  (user, index, arr) => arr.findIndex((u) => u.id === user.id) === index,
);

const grouped = users.reduce(
  (acc, user) => {
    const dept = user.department;
    if (!acc[dept]) acc[dept] = [];
    acc[dept].push(user);
    return acc;
  },
  {} as Record<string, typeof users>,
);

HTTP Requests: Axios → Fetch API

The Fetch API is now widely supported and handles most HTTP needs:

// ❌ Heavy: Axios for simple requests
import axios from 'axios';

const fetchUser = async (id: string) => {
  const response = await axios.get(`/api/users/${id}`);
  return response.data;
};

// ✅ Light: Native fetch
const fetchUser = async (id: string) => {
  const response = await fetch(`/api/users/${id}`);
  if (!response.ok) {
    throw new Error(`HTTP error! status: ${response.status}`);
  }
  return response.json();
};

For more complex scenarios, you might create a lightweight wrapper:

// Custom fetch wrapper with error handling
const api = {
  async get<T>(url: string): Promise<T> {
    const response = await fetch(url);
    if (!response.ok) {
      throw new Error(`HTTP error! status: ${response.status}`);
    }
    return response.json();
  },

  async post<T>(url: string, data: unknown): Promise<T> {
    const response = await fetch(url, {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify(data),
    });
    if (!response.ok) {
      throw new Error(`HTTP error! status: ${response.status}`);
    }
    return response.json();
  },
};

Maximizing Tree-Shaking

Tree-shaking eliminates dead code from your bundle, but it only works when libraries are built with ES modules and your imports are specific:

// ❌ Bad: Entire library gets bundled
import * as utils from 'my-utils';

// ❌ Bad: May not tree-shake properly
import { debounce } from 'lodash';

// ✅ Good: Specific import that tree-shakes well
import debounce from 'lodash/debounce';

// ✅ Good: Import only what you need
import { useState, useEffect } from 'react';

Webpack Configuration for Better Tree-Shaking

Ensure your webpack configuration supports tree-shaking:

// webpack.config.js
module.exports = {
  mode: 'production',
  optimization: {
    usedExports: true,
    sideEffects: false, // Only if you're sure no modules have side effects
  },
  resolve: {
    mainFields: ['es2015', 'module', 'main'], // Prefer ES modules
  },
};

Building Your Own Utilities

Sometimes the best dependency is no dependency. For simple utilities, consider rolling your own:

// Custom debounce function (instead of importing Lodash)
export function debounce<T extends (...args: unknown[]) => unknown>(
  func: T,
  wait: number,
): (...args: Parameters<T>) => void {
  let timeoutId: NodeJS.Timeout | null = null;

  return (...args: Parameters<T>) => {
    if (timeoutId) clearTimeout(timeoutId);
    timeoutId = setTimeout(() => func(...args), wait);
  };
}

// Custom throttle function
export function throttle<T extends (...args: unknown[]) => unknown>(
  func: T,
  limit: number,
): (...args: Parameters<T>) => void {
  let lastRun = 0;

  return (...args: Parameters<T>) => {
    if (Date.now() - lastRun >= limit) {
      func(...args);
      lastRun = Date.now();
    }
  };
}

// Custom deep clone (for simple objects)
export function deepClone<T>(obj: T): T {
  if (obj === null || typeof obj !== 'object') return obj;
  if (obj instanceof Date) return new Date(obj.getTime()) as T;
  if (Array.isArray(obj)) return obj.map(deepClone) as T;

  const cloned = {} as T;
  for (const key in obj) {
    if (Object.prototype.hasOwnProperty.call(obj, key)) {
      cloned[key] = deepClone(obj[key]);
    }
  }
  return cloned;
}
Before writing custom utilities, check if the native JavaScript API has added support for your use case. The language is evolving rapidly, and many previously library-dependent features now have native support.

Making Informed Decisions

When evaluating whether to add a new dependency, ask yourself:

The Value vs. Cost Analysis

  • How much value does this library provide? Does it solve a complex problem or just save a few lines of code?
  • What’s the bundle cost? Check the library size on Bundlephobia
  • Is it tree-shakable? Look for ESM builds and specific import support
  • How often will you use it? A 50KB library might be worth it if you use it extensively
  • What’s the maintenance burden? Check the library’s update frequency, issue count, and maintainer responsiveness

The Decision Framework

Here’s a simple decision tree:

  1. Can I solve this with native JavaScript? → Use native
  2. Is this a complex problem that would take significant time to solve correctly? → Consider a library
  3. Will I use multiple features from this library? → Library might be worth it
  4. Is the library well-maintained and tree-shakable? → Good candidate
  5. Does the value justify the bundle cost? → Make the call based on your performance budget

Monitoring and Maintenance

Dependency hygiene isn’t a one-time task—it requires ongoing attention:

Regular Audits

Set up automated checks in your CI pipeline:

# Check for outdated packages
npm outdated

# Audit for security vulnerabilities
npm audit

# Analyze bundle size over time
npm run analyze

Bundle Size Budgets

Configure webpack to warn when your bundle exceeds size thresholds:

// webpack.config.js
module.exports = {
  performance: {
    maxAssetSize: 250000, // 250KB
    maxEntrypointSize: 250000,
    hints: 'warning',
  },
};

Dependency Update Strategy

Not all updates are worth taking immediately. Consider:

  • Security patches: Take immediately
  • Bug fixes: Take when convenient
  • New features: Evaluate if you need them
  • Breaking changes: Carefully assess the migration effort

Real-World Case Study

Let me share a recent example from a project I worked on. We had a React dashboard that was loading slowly, with a JavaScript bundle exceeding 2MB. Here’s what we found and fixed:

Before optimization:

  • Bundle size: 2.1MB
  • Initial load time: 4.2s on slow 3G
  • Dependencies: 47 packages

Issues identified:

  • Importing entire Lodash library for 3 utility functions
  • Using Moment.js for simple date formatting
  • Including Chart.js when we only needed basic charts
  • Importing Material-UI icons individually but inefficiently

After optimization:

  • Bundle size: 780KB (63% reduction)
  • Initial load time: 1.8s on slow 3G
  • Dependencies: 31 packages

Changes made:

  • Replaced Lodash with native methods and specific imports
  • Switched from Moment.js to native Intl.DateTimeFormat
  • Built custom chart components using SVG and CSS
  • Implemented proper icon tree-shaking

The result? A significantly faster application with fewer maintenance headaches and security surface area.

Next Steps

Dependency management is an ongoing process, not a destination. Start by:

  1. Audit your current bundle with webpack-bundle-analyzer
  2. Identify the heaviest dependencies that provide the least value
  3. Replace one dependency at a time to minimize risk
  4. Set up monitoring to catch future bundle bloat
  5. Establish a decision framework for evaluating new dependencies

Last modified on .