The development lifecycle of NPM packages is fast. You’ll regularly notice releases that contain new features or bug fixes. Over time, your project’s dependencies go out of date and you need to invest time into updating the third-party packages.
Show Outdated NPM Packages
The NPM CLI shows outdated packages in your project. Run
npm outdated in a project directory to show a list of outdated packages.
$ npm outdated Package Current Wanted Latest Location ava 1.0.0-rc.2 1.0.1 1.0.1 boost aws-sdk 2.374.0 2.374.0 2.382.0 boost listr 0.14.2 0.14.3 0.14.3 boost mongoose 5.3.16 5.3.16 5.4.0 boost nodemailer-postmark-transport 1.4.0 1.4.1 2.0.0 boost sinon 7.2.0 7.2.2 7.2.2 boost vision 5.4.3 5.4.4 5.4.4 boost
Review the installed version of a module, the wanted version satisfying the package’s version range and the latest version.
The downside: there’s no command in NPM’s CLI to update all packages to their latest version. You need to manually go through your
package.json file and bump all versions. But wait, there’s help!
The npm-check-updates package is a convenient helper providing useful features for dependency upgrades. Install the command line tool globally on your machine with this command:
npm install -g npm-check-updates
As soon as the package installation finished, you’ll have the
ncu command available on your computer. Run it in your project’s folder to check the project’s dependencies for updates:
$ ncu aws-sdk ~2.374.0 → ~2.382.0 mongoose ~5.3.16 → ~5.4.0 nodemailer-postmark-transport ~1.4.0 → ~2.0.0 The following dependencies are satisfied by their declared version range, but the installed versions are behind. You can install the latest versions without modifying your package file by using npm update. If you want to update the dependencies in your package file anyway, run ncu -a. vision ~5.4.3 → ~5.4.4 ava ~1.0.0-rc.2 → ~1.0.1 listr ~0.14.2 → ~0.14.3 sinon ~7.2.0 → ~7.2.2
Notice that the list of outdated packages is different from NPM’s overview. The first list includes all packages that can’t be installed due to the defined version range in your
You can see the leading tilde symbol
~ for each version which means only patch updates satisfy the range. Each item in the list is either a minor or major update.
The second list shows all packages that would install with the next run of
npm update. Their version range still satisfies the latest release and installing updates does not need a version bump.
Update All Dependencies
npm-check-updates comes with handy flags to conveniently update your packages. The following command will update all your dependencies to their latest version:
ncu -ua # the same as "ncu --upgradeAll"
-u flag will update all packages that didn’t satisfy the version range (major and minor versions in this example). The
-a flag is responsible for bumping the versions that would still satisfy the range.
That’s it! All your dependencies are up to date and require the latest version.
- npm-check-updates on GitHub