npm-upgrade
Advanced tools
Interactive CLI utility to easily update outdated NPM dependencies with changelogs inspection support.
If you are tired of manually upgrading package.json every time your package dependencies are getting out of date then this utility is for you.
Take a look at this demo:
First, install Node.js (at least v0.10).
Then install this utility as global npm-module:
npm i -g npm-upgrade
Run npm-upgrade [filter] [options] in the root directory of your Node.js project (it must contain package.json that you want to update):
cd ~/my-projects/my-node-project
npm-upgrade
Utility will find all of your outdated deps and ask to update them in package.json. Just answer the questions and you are done.
If you want to check only some deps, you can use filter argument:
# Will check only `babel-core`:
npm-upgrade babel-core
# Will check all the deps with `babel` in the name:
npm-upgrade '*babel*'
# Note quotes around `filter`. They are necessary because without them bash may interpret `*` as wildcard character.
# Will check all the deps, excluding any with `babel` in the name:
npm-upgrade '!*babel*'
# You can combine including and excluding rules:
npm-upgrade '*babel* !babel-transform-* !babel-preset-*'
Use Ctrl-C to exit if you changed your mind.
-h, --help output usage information
-V, --version output the version number
-p, --production Check only "dependencies"
-d, --development Check only "devDependencies"
-o, --optional Check only "optionalDependencies"
Wrong changelog shown for <moduleName> or not shown at all!
Yes, It can happen sometimes. This is because there is no standardized way to specify changelog location for the module, so it tries to guess it, using these rules one by one:
db/changelogUrls.json from master branch on GitHub or the local copy if it's unreachable.changelog field from module's package.json.repository.url field and if it's on GitHub, try to request some common changelog files (CHANGELOG.md, History.md etc.) from master branch and if it fails, open Releases page.So, if it guessed wrong it would be great if you could either fill an issue about this or submit a PR which adds proper changelog URL to db/changelogUrls.json. There is a tool in the repository for you to make it as easy as possible:
./tools/addModuleChangelogUrlToDb.js <moduleName> <changelogUrl>
1.0.1
New Feature
Internal
FAQs
Interactive CLI utility to easily update outdated NPM dependencies
The npm package npm-upgrade receives a total of 2,269 weekly downloads. As such, npm-upgrade popularity was classified as popular.
We found that npm-upgrade demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
npm now supports Trusted Publishing with OIDC, enabling secure package publishing directly from CI/CD workflows without relying on long-lived tokens.
Research
/Security News
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
Security News
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.