Using npm update and npm outdated to update dependencies
It's hard to update a new version of a library. Semantic versioning screws things just enough, so it's safer to manually edit
package.json than to attempt npm acrobatics. Here's the correct way to update dependencies using only npm from the command line.
Updating to close-by version with
When you run
npm install on a fresh project, npm installs latest versions satisfying the semantic versioning ranges defined in your
package.json. After initial install, re-running
npm install does not update existing packages since npm already finds satisfying versions installed on the file system.
npm install, you can use
to freshen already installed packages. When you run
npm update, npm checks if there exist newer versions in the repository that satisfy specified semantic versioning ranges and installs them.
Let's say we depend on lodash version ^3.9.2, and we have that version installed under
npm update installs version 3.10.1 under
node_modules/lodash but leaves
package.json untouched (you can change this by passing --save option).
Going for bigger update with
Updating a version that is beyond semantic versioning range requires two parts. First, you ask npm to list which packages have newer versions available using
Then you ask npm to install the latest version of a package. You can ask for the latest version with the @latest tag. You should also use the
--save flag to update
Now npm installs version 4.16.4 under
package.json is updated.
Semantic Versioning Cheatsheet
Learn the difference between caret (^) and tilde (~) in package.json.