The latest articles on DEV Community by Shaunak (@jskidding). https://dev.to/jskidding https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F998826%2F000715d5-67fc-451e-9aed-4f7175b2688b.jpg https://dev.to/jskidding en Shaunak Fri, 30 Dec 2022 05:14:35 +0000 https://dev.to/jskidding/safe-and-elegant-way-to-update-your-npm-packages-quickly-5c5a https://dev.to/jskidding/safe-and-elegant-way-to-update-your-npm-packages-quickly-5c5a <p>Maintaining projects that run on npm brings more trouble than building a new one. Throughout the project development, we refer many external npm packages to help us build faster than reinvent the wheel. Thousands of open-source devs contribute daily to build stable npm packages and make those available to the global dev community.</p> <h3> Why should you update npm packages regularly? </h3> <ol> <li> <p>Security patches</p> <p>Many packages themselves have references to other public npm packages. There are times when a security vulnerability pops up and this needs a chain of updates to the packages, from the source to the destination.</p> </li> <li> <p>Deprecations</p> <p>Methods exposed by these npm packages keep on getting improved and optimized so the developers no longer support old methods.</p> </li> <li> <p>New features</p> <p>Developers keep adding new features to the package. Always good to get the latest.</p> </li> </ol> <p>Now, the real pain arises when you are building a big project, like Angular, where many external packages like prime-ng, date pickers etc. are being referred. Or you own an old project but still have to maintain the codebase regularly.</p> <p>A great tool called NPM Check Updates makes your life easy. It is a CLI that helps safely make those updates with ease.</p> <p>Steps to use NPM Check Updates(<code>ncu</code>)</p> <ol> <li> <p>Install <code>npm-check-updates</code>, preferably globally.<br> </p> <pre class="highlight javascript"><code><span class="nx">npm</span> <span class="nx">install</span> <span class="o">-</span><span class="nx">g</span> <span class="nx">npm</span><span class="o">-</span><span class="nx">check</span><span class="o">-</span><span class="nx">updates</span> </code></pre> <p>or with <code>npx</code><br> </p> <pre class="highlight javascript"><code><span class="nx">npx</span> <span class="nx">npm</span><span class="o">-</span><span class="nx">check</span><span class="o">-</span><span class="nx">updates</span> </code></pre> </li> <li> <p>Run NPM Check Updates.<br> </p> <pre class="highlight javascript"><code><span class="nx">ncu</span> </code></pre> <p>This command returns a changelog of all your packages.<br><br> Add option <code>-u</code> to update your <code>package.json</code> file with the requested versions.</p> </li> <li> <p>There are multiple options to get into more details or filter your packages. By semantic versioning (patch, minor, major).<br> </p> <pre class="highlight javascript"><code><span class="nx">ncu</span> <span class="o">-</span><span class="nx">u</span> <span class="o">-</span><span class="nx">t</span> <span class="nx">patch</span><span class="o">|</span><span class="nx">minor</span><span class="o">|</span><span class="nx">major</span> </code></pre> <p>By name/pattern matching<br> </p> <pre class="highlight javascript"><code><span class="c1">// By package name</span> <span class="nx">ncu</span> <span class="o">-</span><span class="nx">u</span> <span class="nx">express</span> <span class="nx">ncu</span> <span class="o">-</span><span class="nx">u</span> <span class="o">-</span><span class="nx">f</span> <span class="nx">express</span> <span class="nx">ncu</span> <span class="o">-</span><span class="nx">u</span> <span class="o">--</span><span class="nx">filter</span> <span class="nx">express</span> <span class="c1">// everything except express</span> <span class="nx">ncu</span> <span class="o">-</span><span class="nx">u</span> <span class="err">\</span><span class="o">!</span><span class="nx">express</span> <span class="nx">ncu</span> <span class="o">-</span><span class="nx">x</span> <span class="nx">express</span> <span class="nx">ncu</span> <span class="o">--</span><span class="nx">reject</span> <span class="nx">express</span> <span class="c1">// pattern matching</span> <span class="nx">ncu</span> <span class="o">-</span><span class="nx">u</span> <span class="nx">react</span><span class="o">-*</span> <span class="nx">ncu</span> <span class="o">-</span><span class="nx">u</span> <span class="p">@</span><span class="nd">angular</span><span class="cm">/* </span></code></pre> </li> <li><p>Run <code>npm i</code> to install the changes</p></li> </ol> <p>This two-step process makes wonders, and helps you quickly update your project dependencies. There are many option available to make it safer than manual updates. </p> <p>Some useful <code>ncu</code> Installation options:<br><br> <code>-u, --upgrade</code> : Overwrite package.json with upgraded versions instead of just logging output to the console.<br><br> <code>-f, --filter</code> : filter by names/string<br><br> <code>--cache</code> : Cache versions to the cache file<br><br> <code>--peer</code> : Checks peer dependencies of the packages and filters updates to compatible versions. Run <code>ncu --help --peer</code> for more help.<br><br> <code>--deep</code>: Scans current directly recursively for updates.</p> <p>For more information refer to their docs:</p> <p><a href="https://www.npmjs.com/package/npm-check-updates">https://www.npmjs.com/package/npm-check-updates</a></p> <p>That's all folks!</p>