Safe and elegant way to update your npm packages quickly

Safe and elegant way to update your npm packages quickly

Faster way to view the changelog and update your npm packages

Maintaining projects that run on npm brings more trouble than building a new one. Throughout the project development, we refer many external npm packages to help us build faster than reinvent the wheel. Thousands of open-source devs contribute daily to build stable npm packages and make those available to the global dev community.

Why should you update npm packages regularly?

  1. Security patches

    Many packages themselves have references to other public npm packages. There are times when a security vulnerability pops up and this needs a chain of updates to the packages, from the source to the destination.

  2. Deprecations

    Methods exposed by these npm packages keep on getting improved and optimized so the developers no longer support old methods.

  3. New features

    Developers keep adding new features to the package. Always good to get the latest.

Now, the real pain arises when you are building a big project, like Angular, where many external packages like prime-ng, date pickers etc. are being referred. Or you own an old project but still have to maintain the codebase regularly.

A great tool called NPM Check Updates makes your life easy. It is a CLI that helps safely make those updates with ease.

Steps to use NPM Check Updates(ncu)

  1. Install npm-check-updates, preferably globally.

     npm install -g npm-check-updates
    

    or with npx

     npx npm-check-updates
    
  2. Run NPM Check Updates.

     ncu
    

    This command returns a changelog of all your packages.
    Add option -u to update your package.json file with the requested versions.

  3. There are multiple options to get into more details or filter your packages. By semantic versioning (patch, minor, major).

     ncu -u -t patch|minor|major
    

    By name/pattern matching

     // By package name
     ncu -u express
     ncu -u -f express
     ncu -u --filter express
    
     // everything except express
     ncu -u \!express
     ncu -x express
     ncu --reject express
    
     // pattern matching
     ncu -u react-*
     ncu -u @angular/*
    
  4. Run npm i to install the changes

This two-step process makes wonders, and helps you quickly update your project dependencies. There are many option available to make it safer than manual updates.

Some useful ncu Installation options:
-u, --upgrade : Overwrite package.json with upgraded versions instead of just logging output to the console.
-f, --filter : filter by names/string
--cache : Cache versions to the cache file
--peer : Checks peer dependencies of the packages and filters updates to compatible versions. Run ncu --help --peer for more help.
--deep: Scans current directly recursively for updates.

For more information refer to their docs:

That's all folks!