Update Node Dependencies Automatically, Selectively, or Incrementally
March 14, 2022
Managing Node Dependencies Can Be Tricky
As you are probably well aware, node dependencies can and do change very quickly. Updating these dependencies can become tricky and cumbersome.
Thankfully there is a node package called
npm-check-updates that can help the
update process become slightly less painful. With the program you can do the
- Automatically update all the dependencies
- Selectively update the dependencies that you choose
- Incrementally update dependencies that don't break your tests
NOTE: There is a native command with npm to show outdated node modules (
npm outdated), but its output is static. If you use
yarnthere is also a native command called
yarn upgrade-interactive, but
npm-check-updateshas those features and many more.
One way to execute
npm-check-updates is to install it globally, then you can
execute with the
npm install -g npm-check-updates
Running with NPX
Another way to run
npm-check-updates is to temporarily install and execute it
npx. The benefit of this approach is that you don't have to have it
installed globally. However, the downside is a slower runtime since it
always downloads the application before running it.
NOTE: If you want to learn more about
npxthere is a free 17 minute Execute npm Package Binaries with the npx Package Runner course on Egghead.
Automatically update all the dependencies
If you run
ncu with no parameters (or
npx npm-check-updates) the program
will scan your project and assess your dependencies and compare those with the
latest version of the dependencies. The result is a list of modules and its
No changes are made to your
package.json by running
ncu. There is a message
at the end suggesting running
ncu -u to upgrade the recommended versions.
NOTE: If you are interested in how
ncudetermines which node modules need to be updated, you can reference their detailed documentation from their repository.
ncu -u to Update Dependencies
After running the previous
ncu command, you can follow up (or skip the
previous step) by running
ncu -u (shorthand for
ncu --upgrade) to
automatically update your
package.json with the latest versions. However,
this stop only updates your
package.json, it does not actually install those
modules, you'll need to follow up with
npm install if you want to do that.
There will be a message at the end of the command to remind you of this step.
NOTE: This will update ALL of your node dependencies to the latest version. If you don't want this behavior, then you might prefer the Selectively update the dependencies that you choose section.
Installing the Dependencies that were Updated
As the previous step mentioned, you'll need to manually
npm install after
ncu -u to actually install the node modules that were updated.
Selectively update the dependencies that you choose
Instead of installing the latest version of ALL of your dependencies, you may instead, wish to selectively pick which node modules you'd like to upgrade. For example, maybe you'd first like to target those modules with only patch upgrades, or only handpick a few modules to start.
Thankfully, you can selectively pick which modules to upgrade by running
-i (which is shorthand for
ncu --interactive). This mode will prompt you for
each node module asking if you would like to upgrade. At the end of the command,
it will output which modules were updated in your
package.json, but as with
ncu -u command, it is up to you to run
npm install to actually install
Incrementally update dependencies that don't break your tests
Having the ability to automatically and interactively upgrade modules is great,
but it doesn't help you to understand which modules might break your tests or build. Thankfully there is a special
--doctor flag that will
incrementally update modules while running tests along the way.
The general flow of
--doctor mode is the following:
npm testto make sure everything is passing before upgrading anything
ncu -uto upgrade ALL of the dependencies and installs those upgrades
npm testagain to see if they pass. If the tests pass, then exit
- If the tests fail, then restore the
- Then start again, but for each dependency, install an upgrade and re-run the tests
- If a breaking upgrade is found, save the partially upgraded
package.jsonto the version that worked
npm script instead of Tests
It's possible that you don't have unit tests in your package, but you'd still
like the benefit of the
--doctor command. Thankfully, there is a
--doctorTest flag that you can pass to define your own script that will be
executed after the upgrade of each dependency. For example, if you'd like to
test the status of your build you could pass
--doctorTest="npm run build".
Explore the Documentation for More Features
There are many more features and options of
npm-check-updates that you might
like to explore. If this blog post was interesting to you, then it might be
worth your time to explore the
documentation and explore
all that the module provides.
Tweet about this post and have it show up here!