@oclif/plugin-warn-if-update-available
Advanced tools
warns if there is a newer version of CLI released
warns if there is a newer version of CLI released
This plugin shows a warning message if a user is running an out of date CLI.
This checks the version against the npm registry asynchronously in a forked process once every 60 days by default (see Configuration for how to configure this). It then saves a version file to the cache directory that will enable the warning. The upside of this method is that it won't block a user while they're using your CLI—the downside is that it will only display after running a command that fetches the new version.
Add the plugin to your project with yarn add @oclif/plugin-warn-if-update-available, then add it to the package.json of the oclif CLI:
{
"name": "mycli",
"version": "0.0.0",
// ...
"oclif": {
"plugins": ["@oclif/plugin-help", "@oclif/plugin-warn-if-update-available"]
}
}
In package.json, set oclif['warn-if-update-available'] to an object with
any of the following configuration properties:
timeoutInDays - Duration between update checks. Defaults to 60.message - Customize update message.registry - URL of registry. Defaults to following your .npmrc configurationauthorization - Authorization header value for registries that require auth. Defaults to following your .npmrc configurationfrequency - The frequency that the new version warning should be shown.frequencyUnit - The unit of time that should be used to calculate the frequency (days, hours, minutes, seconds, milliseconds). Defaults to minutes.{
"oclif": {
"plugins": ["@oclif/plugin-warn-if-update-available"],
"warn-if-update-available": {
"timeoutInDays": 7,
"message": "<%= config.name %> update available from <%= chalk.greenBright(config.version) %> to <%= chalk.greenBright(latest) %>.",
"registry": "https://my.example.com/module/registry",
"authorization": "Basic <SOME READ ONLY AUTH TOKEN>"
}
}
}
Once a new version has been found, the default behavior is to notify the user on every command execution. You can modify this by setting the frequency and frequencyUnit options.
Examples
Once every 10 minutes.
{
"oclif": {
"warn-if-update-available": {
"frequency": 10
}
}
}
Once every 6 hours.
{
"oclif": {
"warn-if-update-available": {
"frequency": 6,
"frequencyUnit": "hours"
}
}
}
Once a day.
{
"oclif": {
"warn-if-update-available": {
"frequency": 1,
"frequencyUnit": "days"
}
}
}
Once every 30 seconds.
{
"oclif": {
"warn-if-update-available": {
"frequency": 30,
"frequencyUnit": "seconds"
}
}
}
<CLI>_SKIP_NEW_VERSION_CHECK: Skip this version check<CLI>_FORCE_VERSION_CACHE_UPDATE: Force the version cache to update<CLI>_NEW_VERSION_CHECK_FREQ: environment variable override for frequency setting<CLI>_NEW_VERSION_CHECK_FREQ_UNIT: environment variable override for frequencyUnit setting<CLI>_NEW_VERSION_CHECK_TAG: distribution tag to check against (defaults to latest)update-notifier is a package that checks for updates of a given npm package and notifies the user if an update is available. It is similar to @oclif/plugin-warn-if-update-available but can be used with any Node.js application, not just Oclif-based CLIs.
npm-check-updates is a tool that allows you to find and update outdated npm dependencies in your project. While it is more focused on updating dependencies rather than notifying users of CLI updates, it provides similar functionality in terms of keeping software up-to-date.
FAQs
warns if there is a newer version of CLI released
We found that @oclif/plugin-warn-if-update-available demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket MCP now lets AI assistants review org alerts, investigate threats using the Socket threat feed, and inspect package files in addition to dependency scoring.
Product
Socket Firewall blocks malicious VS Code and Open VSX extensions before install, protecting developers from compromised editor marketplaces.
Research
More than 140 Mastra npm packages were compromised in a supply chain attack that used a typosquatted dependency to deliver a cross-platform infostealer during installation.