I copied package.json
from another project and now want to bump all of the dependencies to their latest versions since this is a fresh project and I don\'t mind
I solved this by seeing the instructions from https://github.com/tjunnone/npm-check-updates
$ npm install -g npm-check-updates
$ ncu
$ ncu -u # to update all the dependencies to latest
$ ncu -u "specific module name" #in case you want to update specific dependencies to latest
If you don't want to install global npm-check-updates you can simply run that:
node -e "const pk = JSON.parse(require('fs').readFileSync('package.json', 'utf-8'));require('child_process').spawn('npm', ['install', ...Object.keys(Object.assign({},pk.dependencies, pk.devDependencies)).map(a=>a+'@latest')]).stdout.on('data', d=>console.log(d.toString()))"
npm-check-updates
is a utility that automatically adjusts a package.json with the
latest version of all dependencies
see https://www.npmjs.org/package/npm-check-updates
$ npm install -g npm-check-updates
$ ncu -u
$ npm install
[EDIT] A slightly less intrusive (avoids a global install) way of doing this if you have a modern version of npm
is:
$ npx npm-check-updates -u
$ npm install
If you want to use a gentle approach via a beautiful (for terminal) interactive reporting interface I would suggest using npm-check.
It's less of a hammer and gives you more consequential knowledge of, and control over, your dependency updates.
To give you a taste of what awaits here's a screenshot (scraped from the git page for npm-check):
Commands that I had to use to update package.json
for NPM 3.10.10
:
npm install -g npm-check-updates
ncu -a
npm install
Background:
I was using the latest command from @josh3736 but my package.json
was not updated. I then noticed the description text when running npm-check-updates -u
:
The following dependency is satisfied by its declared version range, but the installed version is behind. You can install the latest version without modifying your package file by using npm update. If you want to update the dependency in your package file anyway, run ncu -a.
Reading the documentation for npm-check-updates you can see the difference:
https://www.npmjs.com/package/npm-check-updates
-u, --upgrade: overwrite package file
-a, --upgradeAll: include even those dependencies whose latest version satisfies the declared semver dependency
ncu is an alias for npm-check-updates
as seen in the message when typing npm-check-updates -u
:
[INFO]: You can also use ncu as an alias
The following code (which was accepted) wrote me something like "it takes too long blah-blah" and did nothing. Probably using the global flag was the problem, idk.
npm i -g npm-check-updates
ncu -u
npm install
I decided to use my text editor and follow a semi-manual approach instead.
I copied a list like this (just a lot longer) from the dev dependencies of my package.json
to the notepad++ text editor:
"browserify": "10.2.6",
"expect.js": "^0.3.1",
"karma": "^0.13.22",
"karma-browserify": "^5.2.0",
I set the search mode to regular expression, used the ^\s*"([^"]+)".*$
pattern to get the package name and replaced it with npm uninstall \1 --save-dev \nnpm install \1 --save-dev
. Clicked on "replace all". The otput was this:
npm uninstall browserify --save-dev
npm install browserify --save-dev
npm uninstall expect.js --save-dev
npm install expect.js --save-dev
npm uninstall karma --save-dev
npm install karma --save-dev
npm uninstall karma-browserify --save-dev
npm install karma-browserify --save-dev
I copied it back to bash and hit enter. Everything was upgraded and working fine. That's all.
"browserify": "^16.1.0",
"expect.js": "^0.3.1",
"karma": "^2.0.0",
"karma-browserify": "^5.2.0",
I don't think it is a big deal, since you have to do it only every now and then, but you can easily write a script, which parses the package.json
and upgrades your packages. I think it is better this way, because you can edit your list if you need something special, for example keeping the current version of a lib.