Node.js – How to update each dependency in package.json to the latest version

node.jsnpm

I copied package.json from another project and now want to bump all of the dependencies to their latest versions since this is a fresh project and I don't mind fixing something if it breaks.

What's the easiest way to do this?

The best way I know is to run npm info express version then update each dependency in package.json manually. There must be a better way.

{
  "name": "myproject",
  "description": "my node project",
  "version": "1.0.0",
  "engines": {
    "node": "0.8.4",
    "npm": "1.1.65"
  },
  "private": true,
  "dependencies": {
    "express": "~3.0.3", // how do I get these bumped to latest?
    "mongodb": "~1.2.5",
    "underscore": "~1.4.2",
    "rjs": "~2.9.0",
    "jade": "~0.27.2",
    "async": "~0.1.22"
  }
}

For Yarn specific solutions refer to this StackOverflow thread.

Best Answer

Looks like npm-check-updates is the only way to make this happen now.

npm i -g npm-check-updates
ncu -u
npm install

On npm <3.11:

Simply change every dependency's version to *, then run npm update --save. (Note: broken in recent (3.11) versions of npm).

Before:

  "dependencies": {
    "express": "*",
    "mongodb": "*",
    "underscore": "*",
    "rjs": "*",
    "jade": "*",
    "async": "*"
  }

After:

  "dependencies": {
    "express": "~3.2.0",
    "mongodb": "~1.2.14",
    "underscore": "~1.4.4",
    "rjs": "~2.10.0",
    "jade": "~0.29.0",
    "async": "~0.2.7"
  }

Of course, this is the blunt hammer of updating dependencies. It's fine if—as you said—the project is empty and nothing can break.

On the other hand, if you're working in a more mature project, you probably want to verify that there are no breaking changes in your dependencies before upgrading.

To see which modules are outdated, just run npm outdated. It will list any installed dependencies that have newer versions available.

For Yarn specific solution, refer to this StackOverflow answer.

Related Solutions

Node.js – How to update NodeJS and NPM to the next versions

See the docs for the update command:

npm update [-g] [<pkg>...]

This command will update all the packages listed to the latest version (specified by the tag config), respecting semver.

Additionally, see the documentation on Node.js and NPM installation and Upgrading NPM.

The following original answer is from the old FAQ that no longer exists, but should work for Linux and Mac:

How do I update npm?
npm install -g npm
Please note that this command will remove your current version of npm. Make sure to use sudo npm install -g npm if on a Mac.

You can also update all outdated local packages by doing npm update without any arguments, or global packages by doing npm update -g.

Occasionally, the version of npm will progress such that the current version cannot be properly installed with the version that you have installed already. (Consider, if there is ever a bug in the update command.) In those cases, you can do this:
curl https://www.npmjs.com/install.sh | sh

To update Node.js itself, I recommend you use nvm, the Node Version Manager.

Node.js – way to get version from package.json in nodejs code

I found that the following code fragment worked best for me. Since it uses require to load the package.json, it works regardless the current working directory.

var pjson = require('./package.json');
console.log(pjson.version);

A warning, courtesy of @Pathogen:

Doing this with Browserify has security implications.
Be careful not to expose your package.json to the client, as it means that all your dependency version numbers, build and test commands and more are sent to the client.
If you're building server and client in the same project, you expose your server-side version numbers too. Such specific data can be used by an attacker to better fit the attack on your server.

Best Answer

Related Solutions

Node.js – How to update NodeJS and NPM to the next versions

How do I update npm?

Node.js – way to get version from package.json in nodejs code

Related Topic