How to update each dependency in package.json to the latest version?
Looks like npm-check-updates is the only way to make this happen now.
npm i -g npm-check-updatesncu -unpm install
On npm <3.11:
Simply change every dependency's version to *
, then run npm update --save
. (Note: broken in recent (3.11) versions of npm).
Before:
"dependencies": { "express": "*", "mongodb": "*", "underscore": "*", "rjs": "*", "jade": "*", "async": "*" }
After:
"dependencies": { "express": "~3.2.0", "mongodb": "~1.2.14", "underscore": "~1.4.4", "rjs": "~2.10.0", "jade": "~0.29.0", "async": "~0.2.7" }
Of course, this is the blunt hammer of updating dependencies. It's fine if—as you said—the project is empty and nothing can break.
On the other hand, if you're working in a more mature project, you probably want to verify that there are no breaking changes in your dependencies before upgrading.
To see which modules are outdated, just run npm outdated
. It will list any installed dependencies that have newer versions available.
For Yarn specific solution, refer to this StackOverflow answer.
npm-check-updates
is a utility that automatically adjusts a package.json with the latest version of all dependencies
see https://www.npmjs.org/package/npm-check-updates
$ npm install -g npm-check-updates$ ncu -u$ npm install
[EDIT] A slightly less intrusive (avoids a global install) way of doing this if you have a modern version of npm
is:
$ npx npm-check-updates -u$ npm install
Updated for npm v2+
npm 2+ (Node 0.12+):
npm outdatednpm updategit commit package-lock.json
Ancient npm (circa 2014):
npm install -g npm-check-updatesnpm-check-updatesnpm shrinkwrapgit commit package-lock.json
Be sure to shrinkwrap your deps, or you may wind up with a dead project. I pulled out a project the other day and it wouldn't run because my deps were all out of date/updated/a mess. If I'd shrinkwrapped, npm would have installed exactly what I needed.
Details
For the curious who make it this far, here is what I recommend:
Use npm-check-updates
or npm outdated
to suggest the latest versions.
# `outdated` is part of newer npm versions (2+)$ npm outdated# If you agree, update. $ npm update# OR# Install and use the `npm-check-updates` package.$ npm install -g npm-check-updates# Then check your project$ npm-check-updates# If you agree, update package.json.$ npm-check-updates -u
###Then do a clean install (w/o the rm I got some dependency warnings)
$ rm -rf node_modules$ npm install
Lastly, save exact versions to npm-shrinkwrap.json
with npm shrinkwrap
$ rm npm-shrinkwrap.json$ npm shrinkwrap
Now, npm install
will now use exact versions in npm-shrinkwrap.json
If you check npm-shrinkwrap.json
into git, all installs will use the exact same versions.
This is a way to transition out of development (all updates, all the time) to production (nobody touch nothing).