Using npm update and npm outdated to update dependencies
It's hard to update a new version of a library. Semantic versioning screws things just enough, so it's safer to manually edit package.json than to attempt npm acrobatics. Here's the correct way to update dependencies using only npm from the command line.
Updating to close-by version with npm update
When you run npm install on a fresh project, npm installs the latest versions satisfying the semantic versioning ranges defined in your package.json. After the initial install, re-running npm install does not update existing packages since npm already finds satisfying versions installed on the file system.
Instead of npm install, you can use npm update to freshen already installed packages. When you run npm update, npm checks if there exist newer versions out there that satisfy specified semantic versioning ranges and installs them.
Let's say we depend on lodash version ^3.9.2, and we have that version installed under node_modules/lodash.
"dependencies": {
"lodash": "^3.9.2"
}Then running npm update installs version 3.10.1 under node_modules/lodash and updates package.json to reference this version number.
$ npm update
└── lodash@3.10.1"dependencies": {
"lodash": "^3.10.1"
}Going for bigger update with @latest tag
Updating a version that is beyond the semantic versioning range requires two parts. First, you ask npm to list which packages have newer versions available using npm outdated.
$ npm outdated
Package Current Wanted Latest Location
lodash 3.10.1 3.10.1 4.16.4 backendThen you ask npm to install the latest version of a package. You can ask for the latest version with the @latest tag.
$ npm install lodash@latestNow npm installs version 4.16.4 under node_modules. Also, package.json is updated.
"dependencies": {
"lodash": "^4.16.4"
}
Semantic Versioning Cheatsheet
Learn the difference between caret (^) and tilde (~) in package.json.