Short answer: dependabot.com/
(Has been acquired by GitHub itself)
Creates a pull request whenever a new version gets released and also gives you an estimated value of compatibility. If you've got CI-Workflows setup in your project, every new PR would trigger your CI-pipeline and if your update broken something, the PR would be marked as failed. I personally never run npm-update as it updates all at once and is a pain to pinpoint specific errors
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Short answer: dependabot.com/
(Has been acquired by GitHub itself)
Creates a pull request whenever a new version gets released and also gives you an estimated value of compatibility. If you've got CI-Workflows setup in your project, every new PR would trigger your CI-pipeline and if your update broken something, the PR would be marked as failed. I personally never run
npm-updateas it updates all at once and is a pain to pinpoint specific errors