Update npm Dependencies

ToolsPosted on

3 min read

Updating npm dependencies isn’t a big task, but sometimes it can be more complicated depending on our needs.

To understand the package updating mechanism, first, we have to understand the versioning and the nature of npm.

Semantic Versioning

Managing packages is a big deal in modern development. If you check the size of the node_modules folder in any of your projects, you will see the tens of thousands of files and the vast physical size.

There is a tremendous dependency in any project that we don’t know about. And this is the point where versioning is critical because it is easy to break things.

The semantic versioning means that we have a version number (1.2.3) with three digits:

  • MAJOR version (1.x.x), which can contain breaking changes, more significant updates.
  • MINOR version (x.2.x), which adds new functionality, but it is backward compatible.
  • PATCH version (x.x.3), backward compatible bug fixes.

Installing an npm Package

To install a package, we have to use the following command:

npm install sass

The command has a lot of flags; for more information, please visit the official site.

The point here is that this command will install the named package’s latest safe version with dependencies if they aren’t present in the node_modules folder and the package-lock.json file.

The package will be present under the node_modules folder and in the package.json file with a version number prefixed with the ^ character (which has a pair: ~).

"dependencies": {
  "sass": "^1.45.1",
}
The ^ and ~ are related to semantic versioning. The ^ refers to the MINOR section of the version number, so it will only allow updating minor changes (the second number), while the ~ is referring to the PATCH section (the third number), it will only enable updating to a patch release only.

Update

We can use the npm outdated command to query and list the obsolete packages with additional information.

The result of the npm outdated command. It shows that there is a newer sass version (1.45.2).

Update to Close-by Version

Using the npm update command, we can update all of our packages or any specific one (adding the package name after the command).

It will only update to an allowed, close-by version (which is determined by the prefix character: ^, ~):

npm update
"dependencies": {
  "sass": "^1.45.2",
}

In this example, the package was updated to 1.45.2 from 1.45.1 because a patch was available. Using the npm update command will also update to 1.46 if available.

Update to Major Version

With npm update, we can’t update to a major version (the first number). We should use the npm install command with the latest keyword (using the @ character, we can specify version numbers too).

npm install [email protected]

In this case, we are talking about breaking changes, so be cautious.

Update More Than One Dependency With Major Changes

A cool package named npm-check-updates lets us update bulk major package changes. Firstly, we have to install it (globally):

npm install -g npm-check-updates

Secondly, use the following command to update the versions in your package.json file:

ncu -u

This tool doesn’t install the packages but changes the version numbers in your package.json file to the latest.

Lastly, run the install:

npm install

Need a web developer? Maybe we can help, get in touch!

To see and write comments, you must allow the related (Disqus) cookies. For more information, please visit our privacy policy page.

Similar Posts

More content in Tools category