Do you keep your npm and yarn packages up to date?

Updated by Jack Pettit [SSW] 1 year ago. See history

123
No component provided for introEmbed

Running npm outdated returns an overview of your packages versions showing:

  • The current version your project is using
  • The wanted version, i.e. the maximum version of the package that satisfies the semver range specified in package.json
  • The latest version of the package

The packages output from this command will also show up in different colours:

  • Red indicates the package version is below the wanted version
  • Yellow indicates the package version is at the wanted version but below the latest version
Image

Figure: Use 'npm outdated'

npm audit returns an audit on your packages for vulnerabilities. It also provides information on how to resolve them.

Image

Figure: Use 'npm audit' to discover vulnerabilities in your application

To add a new package, use:

# NPM
npm install package-name


# Yarn
yarn add package-name

To update your packages, use:

# NPM
npm update package-name


# Yarn
yarn upgrade package-name

Yarn also has a useful tool called yarn upgrade-interactive that allows you to see which packages are outdated, and upgrade them all at once.

Image

Figure: Using yarn upgrade-interactive

Note: Use yarn upgrade-interactive --latest to see outdated packages with breaking changes.

Categories

Rules to Better Websites - Development

Acknowledgements

Sebastien Boissiere
Adam Cogan
Christian Morford-Waite
Chris Clement
Brook Jeynes
Zach Keeping
Related rules

Need help?

SSW Consulting has over 30 years of experience developing awesome software solutions.

We open source.Loving SSW Rules? Star us on GitHub. Star