update-modules
Advanced tools
Advanced module updater with backup, security audit, and reporting features
A comprehensive, enterprise-grade module updater with advanced features including backup/restore, security audits, selective updates, and intelligent update strategies. Keep your projects up-to-date effortlessly with fine-grained control over the update process.
npm install update-modules@latest
npm install -g update-modules@latest
{
"scripts": {
"update-modules": "update-modules"
}
}
# Check and update all modules
update-modules
# Dry run - see what would be updated
update-modules --dry-run
# Interactive mode - choose modules individually
update-modules --interactive
# Silent mode for CI/CD
update-modules --ci
# Only patch updates (1.0.0 → 1.0.1)
update-modules --strategy=patch
# Patch and minor updates (1.0.0 → 1.1.0)
update-modules --strategy=minor
# All updates including major (1.0.0 → 2.0.0) - default
update-modules --strategy=major
# Update only specific modules
update-modules --only=express,lodash,moment
# Exclude specific modules
update-modules --exclude=react,vue,angular
# Update only development dependencies
update-modules --dev-only
# Update only production dependencies
update-modules --prod-only
# Create backup of package-lock.json
update-modules --backup
# Restore from backup (interactive selection)
update-modules --restore
# List available backups
update-modules --list-backups
# Run security vulnerability check
update-modules --security
# Run npm audit
update-modules --audit
# Combine with updates
update-modules --security --strategy=patch
# Generate update report
update-modules --report
# Export report in specific format
update-modules --export=json
update-modules --export=txt
# Combine with dry run for planning
update-modules --dry-run --export=json
# Clear both node_modules and package-lock.json
update-modules -clear
# Clear only node_modules
update-modules -clear node_modules
# Clear only package-lock.json
update-modules -clear package-lock.json
# Combined operations
update-modules --strategy=minor --backup --interactive --report
# CI/CD pipeline
update-modules --ci --strategy=patch --export=json
# Development workflow
update-modules --dev-only --interactive --backup
Create a .updaterc.json file in your project root for custom settings:
{
"ignore": ["update-modules", "legacy-module"],
"autoUpdate": false,
"updateStrategy": "minor",
"clearBeforeUpdate": false,
"backupPackageLock": true,
"maxBackups": 10
}
| Option | Type | Default | Description |
|---|---|---|---|
ignore | Array | [] | Modules to ignore during updates |
autoUpdate | Boolean | false | Skip confirmation prompts |
updateStrategy | String | "major" | Default update strategy (patch, minor, major) |
clearBeforeUpdate | Boolean | false | Clear cache before updating |
backupPackageLock | Boolean | true | Automatically backup package-lock.json |
maxBackups | Number | 10 | Maximum number of backups to keep |
update-modules [options]
--help, -h - Show help message--debug - Enable debug mode with verbose output--dry-run - Show what would be updated without making changes--interactive - Interactive mode for selecting modules--ci - Silent mode for CI/CD environments--strategy=patch - Only patch updates--strategy=minor - Patch and minor updates--strategy=major - All updates (default)--only=module1,module2 - Update only specified modules--exclude=module1,module2 - Exclude specified modules from updates--dev-only - Update only devDependencies--prod-only - Update only dependencies--backup - Create backup of package-lock.json--restore - Restore from backup interactively--list-backups - List all available backups--security - Run security vulnerability check--audit - Run npm audit--report - Generate update report--export=format - Export report (json, txt)-clear - Clear node_modules and package-lock.json-clear node_modules - Clear only node_modules-clear package-lock.json - Clear only package-lock.json# 1. Check for updates with backup
update-modules --backup --dry-run --report
# 2. Update only patch versions interactively
update-modules --strategy=patch --interactive
# 3. Update dev dependencies only
update-modules --dev-only --strategy=minor
# 1. Security audit before update
update-modules --security --audit
# 2. Safe production update
update-modules --strategy=patch --backup --ci
# 3. Generate deployment report
update-modules --dry-run --export=json
# 1. List available backups
update-modules --list-backups
# 2. Restore from backup
update-modules --restore
# 3. Clear corrupted cache
update-modules -clear
View previous changes from commits.
If you have any feedback, contribution, bug report or suggestion, please feel free to contact me@cihatksm.com.
Made with ❤️ by cihatksm
This project was developed with assistance from GitHub Copilot AI
FAQs
Advanced module updater with backup, security audit, and reporting features
We found that update-modules demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
Research
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
Security News
TeamPCP is partnering with ransomware group Vect to turn open source supply chain attacks on tools like Trivy and LiteLLM into large-scale ransomware operations.