Flexible npm dependency update tool
updates is a CLI tool which checks for npm dependency updates of the current project and optionally updates package.json. It is highly configurable and is typically able to complete in less than a second.
$ npm i --save-dev updates
Then, check for new updates:
$ npx updates
When changes are satisfactory, update package.json and reinstall modules:
$ npx updates -u && rm -rf node_modules && npm i
To only reinstall modules when updates are available:
$ npx updates -uU && rm -rf node_modules && npm i
On a CI, it might be desireable to fail a build when updates are available:
$ npx updates -E
See --help or below for the available options. Option that take multiple arguments can take them either via comma-separated value or by specifying the option multiple times. If an option has a optional pkg argument but none is given, the option will be applied to all packages instead.
usage: updates [options]
Options:
-u, --update Update versions and write package.json
-p, --prerelease [<pkg,...>] Consider prerelease versions
-R, --release [<pkg,...>] Only use release versions, may downgrade
-g, --greatest [<pkg,...>] Prefer greatest over latest version
-i, --include <pkg,...> Include only given packages
-e, --exclude <pkg,...> Exclude given packages
-t, --types <type,...> Check only given dependency types
-P, --patch [<pkg,...>] Consider only up to semver-patch
-m, --minor [<pkg,...>] Consider only up to semver-minor
-E, --error-on-outdated Exit with code 2 when updates are available and code 0 when not
-U, --error-on-unchanged Exit with code 0 when updates are available and code 2 when not
-r, --registry <url> Override npm registry URL
-f, --file <path> Use given package.json file or module directory
-S, --sockets <num> Maximum number of parallel HTTP sockets opened. Default: 64
-j, --json Output a JSON object
-c, --color Force-enable color output
-n, --no-color Disable color output
-v, --version Print the version
-h, --help Print this help
Examples:
$ updates
$ updates -u
$ updates -u -m -e eslint
$ updates -u -U && rm -rf node_modules && npm i
The JSON output is an object with possible properties results, message and error:
$ updates -j | jq
{
"results": {
"string-width": {
"old": "2.1.1",
"new": "3.0.0",
"info": "https://github.com/sindresorhus/string-width"
},
"eslint": {
"old": "5.9.0",
"new": "5.10.0",
"info": "https://github.com/eslint/eslint"
},
"eslint-config-silverwind": {
"old": "2.0.11",
"new": "2.0.12",
"info": "https://github.com/silverwind/eslint-config-silverwind"
}
}
}
© silverwind, distributed under BSD licence
FAQs
Flexible npm and poetry dependency update tool
The npm package updates receives a total of 6,740 weekly downloads. As such, updates popularity was classified as popular.
We found that updates demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.