How to determine, which packages (deep-dependencies, not top-level) are outdated in the local node_modules folder?
I run the following command:
npm install
having this in my package.json:
"dependencies": {
"bluebird": "^3.3.4",
"body-parser": "~1.15.0",
"connect-flash": "^0.1.1",
"cookie-parser": "~1.4.1",
"debug": "~2.2.0",
"express": "~4.13.1",
"express-session": "^1.13.0",
"hbs": "~4.0.0",
"lodash": "^4.6.1",
"mkdirp-bluebird": "^1.0.0",
"morgan": "~1.7.0",
"opener": "^1.4.1",
"sequelize": "^3.19.3",
"serve-favicon": "~2.3.0",
"sqlite3": "^3.1.1"
},
and get the following output:
$ npm install
npm WARN deprecated [email protected]: graceful-fs version 3 and before will fail on newer node releases. Please update to graceful-fs@^4.0.0 as soon as possible.
npm WARN deprecated [email protected]: lodash@<3.0.0 is no longer maintained. Upgrade to lodash@^4.0.0.
npm WARN deprecated [email protected]: graceful-fs version 3 and before will fail on newer node releases. Please update to graceful-fs@^4.0.0 as soon as possible.
In my package.json all packages are fresh. But some of the deep dependencies are outdated and I don't know how to determine WHICH, I neither know which of explicitly installed packages caused that... Bonus: if I can do it quickly;)
How to determine, which packages (deep-dependencies, not top-level) are outdated in the local node_modules folder?
I run the following command:
npm install
having this in my package.json:
"dependencies": {
"bluebird": "^3.3.4",
"body-parser": "~1.15.0",
"connect-flash": "^0.1.1",
"cookie-parser": "~1.4.1",
"debug": "~2.2.0",
"express": "~4.13.1",
"express-session": "^1.13.0",
"hbs": "~4.0.0",
"lodash": "^4.6.1",
"mkdirp-bluebird": "^1.0.0",
"morgan": "~1.7.0",
"opener": "^1.4.1",
"sequelize": "^3.19.3",
"serve-favicon": "~2.3.0",
"sqlite3": "^3.1.1"
},
and get the following output:
$ npm install
npm WARN deprecated [email protected]: graceful-fs version 3 and before will fail on newer node releases. Please update to graceful-fs@^4.0.0 as soon as possible.
npm WARN deprecated [email protected]: lodash@<3.0.0 is no longer maintained. Upgrade to lodash@^4.0.0.
npm WARN deprecated [email protected]: graceful-fs version 3 and before will fail on newer node releases. Please update to graceful-fs@^4.0.0 as soon as possible.
In my package.json all packages are fresh. But some of the deep dependencies are outdated and I don't know how to determine WHICH, I neither know which of explicitly installed packages caused that... Bonus: if I can do it quickly;)
- Does this answer your question? How to find reverse dependencies on npm package? – Michael Freidgeim Commented Jan 1, 2023 at 9:54
- @MichaelFreidgeim nope, because it is about building a list of dependencies of dependencies. I wanted to find deep outdated deps , and maybe, a way to upgrade them. And there are good answers here, which help ;) – maxkoryukov Commented Jan 6, 2023 at 5:55
2 Answers
Reset to default 16you want ...
npm install -g npm-check-updates
then to show available updates
ncu
also ...
ncu -u
which actually change package.json to reflect the output of ncu.
And if that wasn't enough ...
ncu -m bower
check for new bower packages too!
Package npm-check-updates and more documentation is here
Edit for DEEP dependencies
npm-check-updates does not provide a depth option. With further research I found that npm now provides a CLI utitility to do what you want.
This essentially allows you to do ...
npm outdated --depth=5
which provides a similar output to npm-check-updates but also checks depth.
Note the default depth is 0 viz top level packages only. Also note that npm outdated only lists
- current version
- wanted version
- latest version
it does not actually do the update.
To update packages use:
npm update --depth=5
npm warns against using the depth option in conjunction with npm-update
Another one option (I found it later) — npm-check (thanks Hannah Wolfe)
Install:
npm install npm-check --global
Check and update dependencies for the current project:
npm-check -u