Yeah, I use npm2nix a lot, and it does produce very large files (a few thousand lines of code). But in practice it's fine. I very rarely look at the generated code. If I need to update a dependency, I change my package.json file, run npm2nix and start a new nix-shell.
I also wrote a bit of nix code to read the package.json file and figure out what the direct dependencies are, which keeps derivations for my own packages simple.
I also wrote a bit of nix code to read the package.json file and figure out what the direct dependencies are, which keeps derivations for my own packages simple.