How to update each dependency in package.json to the latest version?
npm-check-updates
is a utility that automatically adjusts a package.json with the
latest version of all dependencies
see https://www.npmjs.org/package/npm-check-updates
$ npm install -g npm-check-updates
$ ncu -u
$ npm install
[EDIT] A slightly less intrusive (avoids a global install) way of doing this if you have a modern version of npm
is:
$ npx npm-check-updates -u
$ npm install
Updated for npm v2+
npm 2+ (Node 0.12+):
npm outdated
npm update
git commit package-lock.json
Ancient npm (circa 2014):
npm install -g npm-check-updates
npm-check-updates
npm shrinkwrap
git commit package-lock.json
Be sure to shrinkwrap your deps, or you may wind up with a dead project. I pulled out a project the other day and it wouldn't run because my deps were all out of date/updated/a mess. If I'd shrinkwrapped, npm would have installed exactly what I needed.
Details
For the curious who make it this far, here is what I recommend:
Use npm-check-updates
or npm outdated
to suggest the latest versions.
# `outdated` is part of newer npm versions (2+)
$ npm outdated
# If you agree, update.
$ npm update
# OR
# Install and use the `npm-check-updates` package.
$ npm install -g npm-check-updates
# Then check your project
$ npm-check-updates
# If you agree, update package.json.
$ npm-check-updates -u
###Then do a clean install (w/o the rm I got some dependency warnings)
$ rm -rf node_modules
$ npm install
Lastly, save exact versions to npm-shrinkwrap.json
with npm shrinkwrap
$ rm npm-shrinkwrap.json
$ npm shrinkwrap
Now, npm install
will now use exact versions in npm-shrinkwrap.json
If you check npm-shrinkwrap.json
into git, all installs will use the exact same versions.
This is a way to transition out of development (all updates, all the time) to production (nobody touch nothing).
npm outdated
npm-check-updates
npm shrinkwrap
p.s. Yarn is sending your package list to Facebook.
To update one dependency to its lastest version without having to manually open the package.json
and change it, you can run
npm install {package-name}@* {save flags?}
i.e.
npm install express@* --save
This flow is compatible with workspaces, i.e.
npm --workspace some/package install express@*
For reference, npm-install
Note: Some npm versions may need latest flag instead, i.e. npm install express@latest
As noted by user Vespakoen on a rejected edit, it's also possible to update multiple packages at once this way:
npm install --save package-nave@* other-package@* whatever-thing@*
He also apports a one-liner for the shell based on npm outdated
. See the edit for code and explanation.
PS: I also hate having to manually edit package.json
for things like that ;)
Looks like npm-check-updates is the only way to make this happen now.
npm i -g npm-check-updates
ncu -u
npm install
On npm <3.11:
Simply change every dependency's version to *
, then run npm update --save
. (Note: broken in recent (3.11) versions of npm).
Before:
"dependencies": {
"express": "*",
"mongodb": "*",
"underscore": "*",
"rjs": "*",
"jade": "*",
"async": "*"
}
After:
"dependencies": {
"express": "~3.2.0",
"mongodb": "~1.2.14",
"underscore": "~1.4.4",
"rjs": "~2.10.0",
"jade": "~0.29.0",
"async": "~0.2.7"
}
Of course, this is the blunt hammer of updating dependencies. It's fine if—as you said—the project is empty and nothing can break.
On the other hand, if you're working in a more mature project, you probably want to verify that there are no breaking changes in your dependencies before upgrading.
To see which modules are outdated, just run npm outdated
. It will list any installed dependencies that have newer versions available.
For Yarn specific solution, refer to this StackOverflow answer.