NPM is the package manager of choice when working with Node.js. We don’t need to emphasize the importance of knowing your tools and of course, this holds true for NPM as well. This post will show you tips and tricks using NPM to show installed packages for your local repository or packages installed globally on your system.

To run the commands used within this article, we leverage NPM in version 3.3.4. You should be save running any 2.x version of NPM and have the same output as the examples below.

NPM Quick Tips Series Overview

Installed Packages

The first thing coming to your mind when reading of using NPM to show the installed packages: why shouldn’t I just open the package.json and look up the dependencies section? You know, that is for sure a valid thought and of course you’ll find what you’re looking for. The thing is, using the command line may be faster or you don’t want to open you IDE just to look if a given package is a dependency within your project.

You can leverage NPM’s functionality and list the installed packages for your project. The following command will print a list of installed packages and their dependencies:

npm ls  
# or
npm list  

If you’re just interested in the list of installed packages which you directly depend on, use the --depth option and pass --depth=0.

$ npm ls --depth=0
futurestudio-homepage@1.0.0 /Users/marcuspoehls/Dev/FutureStudio/homepage  
├── bcrypt-as-promised@1.0.1
…
└── when@3.7.3

There is also an NPM command to print additional package information while listing the installed modules:

npm ll  
# or
npm la  

Both commands npm ll and npm la will print the same information which looks like this:

$ npm ll
futurestudio-homepage@2.0.1  
│ /Users/marcuspoehls/Dev/FutureStudio/homepage
│ Future Studio homepage based on hapi, handlebars and Twitter bootstrap
│ https://futurestud.io/giturlto/homepage.git
│ https://futurestud.io
├── bcrypt-as-promised@1.0.1
│   A promisified bcrypt
│   git+ssh://git@github.com/iceddev/bcrypt-as-promised.git
│   https://github.com/iceddev/bcrypt-as-promised
…
└── when@3.7.3
    A lightweight Promises/A+ and when() implementation, plus other async goodies.
    git+https://github.com/cujojs/when.git
    http://cujojs.com

You’ll receive the general project information including the current version number, the project’s location on your local system, project’s description and url. All that information is read from your package.json file, no magic attached. Further, the dependency tree will list the installed packages also including the version number, package description, git url and homepage.

Useful Options - --json: of type boolean, default value is false and possible values are true|false - --long: of type boolean, default value is false and possible values are true|false - --depth: of type int and possible value is any positive number

Note: There are also options to show only the production dependencies (--prod=true) or only the development dependencies (--dev=true). To be honest, we never restrict the list of installed packages to a given environment, since we’re interested in the list of all packages. You can find further information about the --dev and --prod options on NPM’s documentation page for ls.

Outdated Packages

Maintaining your app and dependencies is essential for security and getting newly available features from packages you depend on. NPM offers the outdated command to print a list of packages which are out of date.

npm outdated  

The list of outdated packages includes the currently installed version, the wanted version defined within your package.json file and the latest stable version of the module. The output also shows a location which indicates the project name for which you requested the list of outdated packages.

$ npm outdated
Package           Current  Wanted  Latest  Location  
boom                2.7.2   2.7.2   2.9.0  futurestudio-homepage  
handlebars          3.0.3   3.0.3   4.0.3  futurestudio-homepage  
hapi                8.5.3   8.5.3  10.0.1  futurestudio-homepage  

As you can the in the example above, we currently have three outdated packages for our homepage project. Ok ok, you’ve made your point :D … Maintenance required!

You can also use the outdated command for your globally installed packages:

npm outdated -g  

You see, there are also three packages outdated on my machine.

$ npm outdated -g
Package            Current  Wanted  Latest  Location  
npm-check-updates    2.2.0   2.2.3   2.2.3  lib  
pm2                 0.14.7  0.15.5  0.15.5  lib  
supervisor           0.7.1   0.8.0   0.8.0  lib  

Options

There are options for the outdated packages as well. The example below uses the --long option to additionally show the package type for the outdated packages. The package type is either dependencies or devDependencies.

$ npm outdated --long=true
Package           Current  Wanted  Latest  Location               Package Type  
boom                2.7.2   2.7.2   2.9.0  futurestudio-homepage  dependencies  
handlebars          3.0.3   3.0.3   4.0.3  futurestudio-homepage  dependencies  
hapi                8.5.3   8.5.3  10.0.1  futurestudio-homepage  dependencies  

Useful Options

• --long: of type boolean, default value is false and possible values are true|false
• --depth: of type int and possible value is any positive number

Note: There is also the option to print the list of outdated packages as JSON (--json=true). The complete overview of options is available on NPM’s documentation page for outdated.

Conclusion

We hope you learned some new commands and will benefit from the shown options within your daily work. Please let us know if you have another productivity hack showing installed and outdated packages when using NPM!

---

Additional Resources

• NPM ls documentation with available options
• NPM outdated documentation with available options