Dev

Yo NPM, We Updated

Updating node packages to latest, for reals

If I’m honest, I probably don’t run npm-update on existing projects as much as I should.

The same holds true for the my various project starters which compounds the issue.

In my defense, I work at an Agency, where stuff is always on fire, clients are always clamoring at the gate, PMs are always circling, and some designer is always about to go off the rails (Hi Chaun).

But, new year, new me, and all that nonsense.

And, to quote the great American philosopher, Rocky, “I Guess What I’m Trying to Say, Is That if I Can Change, and You Can Change, Everybody Can Change!”

So, Let’s Get Updated

First, some insight into our shame


npm outdated

This checks the registry against your packages.json to see what’s out of date. It even returns a nifty color coded chart.

npm outdated shame
yikes – npm outdated shame

Then you can


npm update

This updates all packages listed to the latest version (specified by the tag config), respecting semver.

So, it will, sorta update your stuffs, but with respects to semantic versioning. To prevent potentially breaking changes, this won’t take you past major versions.

If you wanna pull a TopGun and update them node packages for reals for reals (to absolute latest versions that is),

Install npm-check-updates globally:


npm install -g npm-check-updates

Then run it:


ncu -u

This will upgrade the version hints in your package.json.

Now you can run


npm update

Once again, and all you packages will update to the latest version.

Homies

Do a git push and the next npm install will start things off all up to date like. Nice. Unless your stuff broke. Then, awe. But, suck it up bruv and fix your stuffs up.

Check the npm check updates docs for various additional options.

And, while you’re at it, go take a peak at the npm cli docs. Lots of useful commands that you may have overlooked.

Housekeeping

Make some updates and have some old packages hanging around all creepy like? Maybe it’s time to fix that.

Remove unused packages


npm prune

npm prune removes “extraneous” packages. If a package name is provided, then only packages matching one of the supplied names are removed.

Keep stuff Secure


npm audit fix

npm audit Scans for vulnerabilities and auto installs any compatible updates to those vulnerable dependencies.

Now, run npm outdated again, and it should come back clean.

Read Next

RenderHBS.js

Read Story