The Developer's Guide to Updating npm Packages

Written by alexandrunastase | Published 2023/02/28
Tech Story Tags: javascript | npm | productivity | npm-package | js | javascript-frameworks | javascript-development | javascript-tutorial

TLDRnpm comes with the tools to upgrade your packages out of the box. We can update individual packages by running `npm update {package-name}`. We could do the same for all the packages and if you have a production-critical application, you probably want to pay close attention to the packages that you upgrade.via the TL;DR App

The simplest way to update npm packages is to install npm-check-updates, run npx ncu, followed by npx ncu -u to update the package.json followed by npm install to update packages in package.lock and node_modules.

Vanilla npm approach

npm comes with the tools to upgrade your packages out of the box.

When running npm outdated you can get a list of packages that have available updates:

We can update individual packages by running npm update {package-name}.

Let's try it for the last package on the list:

npm update sass

Enter fullscreen mode Exit fullscreen mode. Now if we run npm outdated again we can (as seen in the image below) that the package was indeed updated. One thing to note is that while package.lock was updated package.json remains untouched.

Now we could do the same for all the packages and if you have a production-critical application, you probably want to pay close attention to the packages that you upgrade and the implications that an upgrade could have.

Upgrades using npm-check-updates

Another option, that I find slightly more convenient, especially for more low-risk projects is using the npm-check-updates package.

To install it simply run:

npm install -g npm-check-updates

Enter fullscreen mode Exit fullscreen mode.

After it's installed we can check for updates by running:

npx ncu

Enter fullscreen mode Exit fullscreen mode.

Similar to npm outdated this gives us a list of all available updates:

In order to update one single package we can run:

npx ncu -uf sass

Enter fullscreen mode Exit fullscreen mode

Followed by:

npm install

Enter fullscreen mode Exit fullscreen mode.

Now, if we run npx ncu again we see the sass package was updated:

What is nice about the npm-check-updates package is that we can also update all of the packages if we choose so by running:

npx ncu -u

Enter fullscreen mode Exit fullscreen mode, followed again by:

npm install

Enter fullscreen mode Exit fullscreen mode.

Now, if we run npx ncu again we get:

Now both package.json and package.lock were updated, so this makes it clearer what version of the packages we have without the need to look into the package.lock file.

Conclusion

If you want to easily upgrade all your packages you can use the npm-check-updates npm package with the commands shown above, otherwise, you can also use npm's built-in commands npm outdated and npm update.

References

Also published here.

Written by alexandrunastase | Sr. Software Engineer ∙ Open Source Enthusiast ∙ Lifelong Learner
Published by HackerNoon on 2023/02/28
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy