The Star Count Surprise
Nuxt.js has 60,500 GitHub stars. Laravel — PHP's dominant modern framework, the one that revitalized server-side rendering for an entire language ecosystem — has 34,781. Django and Rails, two frameworks that shaped how an entire generation of developers thinks about web applications, do not individually reach the top tier of the star rankings. Nuxt.js, a framework most enterprise buyers have not heard of, has quietly assembled a larger developer following than any of them.
This is a measure of developer attention, not market share. GitHub stars are a proxy for awareness and interest. They tell you which projects developers bookmarked, not which ones run their production infrastructure. But attention is a leading indicator. The frameworks that accumulate stars today are the ones that accumulate production deployments in the years that follow.
Beyond Stars: The Commit Story
Stars measure the past. Commits measure the present. Nuxt.js logs 1,339 commits per year — a healthy rate that indicates active development, regular releases, and a responsive maintainer base. Its WebPulse activity score is 68.0, placing it in the upper-middle tier of framework velocity. This is not the pace of a framework sprinting to establish itself (Astro at 2,937 commits per year) nor the pace of one coasting on momentum (Gatsby at 183). It is the pace of a mature framework in active service.
The velocity matters because Nuxt.js occupies a specific architectural niche. It is the full-stack layer on top of Vue.js — providing server-side rendering, file-based routing, auto-imports, and deployment targets that Vue alone does not offer. This is the same role Next.js plays for React. In the Vue ecosystem, Nuxt is not optional for serious production applications. It is the production deployment path.
The Security Profile
Nuxt.js has accumulated 29 total CVEs across its lifetime and scores 91 in WebPulse's security dimension. This is a strong record for a full-stack framework that handles server-side rendering, API routes, and client-side hydration. The vulnerability count is low relative to the framework's complexity, and the security score reflects timely patching and responsible disclosure practices.
For comparison, Next.js — Nuxt's direct architectural counterpart in the React ecosystem — has 92 CVEs and scores 90. The two frameworks occupy nearly identical positions in the security ranking despite different language ecosystems and different maintainer structures. Both demonstrate that modern full-stack frameworks can ship complex server-side functionality without inheriting the vulnerability profiles that plagued earlier generations of web platforms.
Vue's Global Position
Nuxt's star count is partly a reflection of Vue.js itself. Vue has the second-largest frontend framework community globally and dominates in specific geographies — particularly China, where Alibaba, Tencent, and Baidu have built significant internal tooling on Vue. Nuxt inherits this geographic distribution. The framework's community is less concentrated in Silicon Valley than Next.js or Remix, and more distributed across Asia and Europe.
This geographic distribution has practical consequences for adoption. Enterprise buyers in APAC and European markets encounter Nuxt more frequently in vendor proposals and developer hiring pools than buyers in North America. A framework's community is not just its size — it is its distribution, and Nuxt's distribution is broader than its mindshare in English-language tech media suggests.
What the Numbers Indicate
Nuxt.js at 60,500 stars with 1,339 annual commits and a 91 security score is a framework in a stable and productive position. It is not the fastest-growing (Astro holds that distinction). It is not the largest (Next.js at 140,095 stars is in a different category entirely). But it is the full-stack production path for the second-largest frontend framework ecosystem in the world, and its developer attention metrics exceed those of three frameworks that have defined server-side web development for over a decade.


