1549  

Looks like npm-check-updates is the only way to make this happen now.

看起来npm-check-update是使这种情况发生的唯一方法。

npm i -g npm-check-updates
ncu -u
npm install

On npm <3.11:

在npm < 3.11:

Simply change every dependency's version to *, then run npm update --save. (Note: broken in recent (3.11) versions of npm).

只需将每个依赖项的版本更改为*，然后运行npm更新——保存。(注:最近(3.11)版本的npm被打破)。

Before:

之前:

  "dependencies": {
    "express": "*",
    "mongodb": "*",
    "underscore": "*",
    "rjs": "*",
    "jade": "*",
    "async": "*"
  }

After:

后:

  "dependencies": {
    "express": "~3.2.0",
    "mongodb": "~1.2.14",
    "underscore": "~1.4.4",
    "rjs": "~2.10.0",
    "jade": "~0.29.0",
    "async": "~0.2.7"
  }

Of course, this is the blunt hammer of updating dependencies. It's fine if—as you said—the project is empty and nothing can break.

当然，这是更新依赖关系的钝锤。就像你说的，这个项目是空的，什么也不能打破。

On the other hand, if you're working in a more mature project, you probably want to verify that there are no breaking changes in your dependencies before upgrading.

另一方面，如果您在一个更成熟的项目中工作，您可能需要验证在升级之前，您的依赖项没有发生任何破坏。

To see which modules are outdated, just run npm outdated. It will list any installed dependencies that have newer versions available.

要查看哪些模块过时了，只运行npm已经过时了。它将列出所有已安装的依赖项，这些依赖项有较新的版本可用。

843  

npm-check-updates is a utility that automatically adjusts a package.json with the latest version of all dependencies

npm- checkupdates是一个自动调整包的实用程序。json具有所有依赖项的最新版本。

see https://www.npmjs.org/package/npm-check-updates

参见https://www.npmjs.org/package/npm-check-updates

$ npm install -g npm-check-updates
$ ncu -u
$ npm install 

278  

TLDR; (updated for newer NPM versions)

Things have changed a bit since these answers were originally written.

自从这些答案最初被写下来之后，事情发生了一些变化。

npm 2+: npm outdated+npm update+npm shrinkwrap

Older npm: npm-check-updates package + npm shrinkwrap

Be sure to shrinkwrap your deps, or you may wind up with a dead project. I pulled out a project the other day and it wouldn't run because my deps were all out of date/updated/a mess. If I'd shrinkwrapped, npm would have installed exactly what I needed.

一定要收缩包装，否则你的计划可能会泡汤。前几天我做了一个项目，它不会运行，因为我的副总裁都已经过时/更新/一团糟。如果我把它包好，npm就会安装我所需要的东西。

Details

For the curious who make it this far, here is what I recommend:

对于好奇的人来说，这是我的建议:

Use npm-check-updates or npm outdated to suggest the latest versions.

# `outdated` is part of newer npm versions (2+)
$ npm outdated
# If you agree, update.  
$ npm update

#       OR

# Install and use the `npm-check-updates` package.
$ npm install -g npm-check-updates
# Then check your project
$ npm-check-updates
# If you agree, update package.json.
$ npm-check-updates -u

Then do a clean install (w/o the rm I got some dependency warnings)

$ rm -rf node_modules
$ npm install 

Lastly, save exact versions to npm-shrinkwrap.json with npm shrinkwrap

$ rm npm-shrinkwrap.json
$ npm shrinkwrap

Now, npm install will now use exact versions in npm-shrinkwrap.json

If you check npm-shrinkwrap.json into git, all installs will use the exact same versions.

如果你检查npm-shrinkwrap。json进入git，所有安装都将使用完全相同的版本。

This is a way to transition out of development (all updates, all the time) to production (nobody touch nothing).

这是一种从开发(所有的更新，所有的时间)过渡到生产的方法(没有人不碰任何东西)。

• npm outdated

  npm过时

• npm-check-updates

  npm-check-updates

• npm shrinkwrap

  npm收缩包装

142  

To update one dependency to its lastest version without having to manually open the package.json and change it, you can run

要更新对其最新版本的依赖关系，无需手动打开包。json并改变它，你可以运行。

npm install {package-name}@* {save flags?}

i.e.

即。

npm install express@* --save

For reference, npm-install

作为参考,npm-install

As noted by user Vespakoen on a rejected edit, it's also possible to update multiple packages at once this way:

正如用户Vespakoen在一个被拒绝的编辑中所指出的那样，也可以同时更新多个包:

npm install --save package-nave@* other-package@* whatever-thing@*

He also apports a one-liner for the shell based on npm outdated. See the edit for code and explanation.

他还为基于npm的外壳设计了一套单一的外壳。查看代码和解释的编辑。

PS: I also hate having to manually edit package.json for things like that ;)

PS:我也讨厌手工编辑软件包。诸如此类的json;

47  

This works as of npm 1.3.15.

这是在npm 1.3.15的工作。

"dependencies": {
  "foo": "latest"
}

37  

1. Use * as the version for the latest releases, including unstable
2. 使用*作为最新版本的版本，包括不稳定版本。
3. Use latest as version definition for the latest stable version
4. 为最新的稳定版本使用最新的版本定义。
5. Modify the package.json with exactly the latest stable version number using LatestStablePackages
6. 修改方案。json使用最新的稳定版本号，使用LatestStablePackages。

Here is an example:

这是一个例子:

"dependencies": {
        "express": "latest"  // using the latest STABLE version
    ,   "node-gyp": "latest"    
    ,   "jade": "latest"
    ,   "mongoose": "*" // using the newest version, may involve the unstable releases
    ,   "cookie-parser": "latest"
    ,   "express-session": "latest"
    ,   "body-parser": "latest"
    ,   "nodemailer":"latest"
    ,   "validator": "latest"
    ,   "bcrypt": "latest"
    ,   "formidable": "latest"
    ,   "path": "latest"
    ,   "fs-extra": "latest"
    ,   "moment": "latest"
    ,   "express-device": "latest"
},

35  

If you happen to be using Visual Studio Code as your IDE, this is a fun little extension to make updating package.json a one click process.

如果您碰巧使用Visual Studio代码作为您的IDE，那么这是一个有趣的小扩展，可以进行更新包。一个单击过程。

Version Lense

33  

The only caveat I have found with the best answer above is that it updates the modules to the latest version. This means it could update to an unstable alpha build.

我在上面的最好答案中发现的唯一的警告是，它将模块更新到最新版本。这意味着它可以更新到不稳定的alpha构建。

I would use that npm-check-updates utility. My group used this tool and it worked effectively by installing the stable updates.

我将使用npm-check-update实用工具。我的团队使用了这个工具，它通过安装稳定的更新来有效地工作。

As Etienne stated above: install and run with this:

如Etienne所述:安装并运行如下:

$ npm install -g npm-check-updates
$ npm-check-updates -u
$ npm install 

21  

Here is a basic regex to match semantic version numbers so you can quickly replace them all with an asterisk.

这里有一个基本的正则表达式来匹配语义版本号，所以您可以快速地用星号替换它们。

Semantic Version Regex

([>|<|=|~|^|\s])*?(\d+\.)?(\d+\.)?(\*|\d+)

How to use

Select the package versions you want to replace in the JSON file.

选择要在JSON文件中替换的包版本。

Input the regex above and verify it's matching the correct text.

输入regex，并验证它是否匹配正确的文本。

Replace all matches with an asterisk.

将所有匹配替换为星号。

Run npm update --save

运行npm更新——保存

15  

I really like how npm-upgrade works. It is a simple command line utility that goes through all of your dependencies and lets you see the current version compared to the latest version and update if you want.

我非常喜欢npm升级的工作方式。它是一个简单的命令行实用程序，它遍历所有的依赖项，并让您看到与最新版本相比的当前版本，如果您想要更新的话。

Here is a screenshot of what happens after running npm-upgade in the root of your project:

下面是在你的项目的根上运行npm-upgade之后发生的事情的截图:

For each dependency you can choose to upgrade, ignore, view the changelog, or finish the process. It has worked great for me so far.

对于每个依赖项，您可以选择升级、忽略、查看更改，或完成流程。到目前为止，它对我的工作很好。

14  

To see which packages have newer versions available, then use the following command:

要查看哪些包有新版本可用，请使用以下命令:

npm outdated

to update just one dependency just use the following command:

要更新一个依赖项，只需使用以下命令:

npm install yourPackage@latest --save

For example:

例如:

My package.json file has dependency:

我的包。json文件的依赖:

"@progress/kendo-angular-dateinputs": "^1.3.1",

then I should write:

然后我应该写:

npm install @progress/kendo-angular-dateinputs@latest --save

11  

I recently had to update several projects that were using npm and package.json for their gruntfile.js magic. The following bash command (multiline command) worked well for me:

最近，我不得不更新几个使用npm和包的项目。gruntfile json。js魔法。下面的bash命令(多行命令)对我很有效:

npm outdated --json --depth=0 | \
jq --ascii-output --monochrome-output '. | keys | .[]' | \
xargs npm install $1 --save-dev

The idea here: To pipe the npm outdated output as json, to jq
(jq is a json command line parser/query tool)
(notice the use of --depth argument for npm outdated)
jq will strip the output down to just the top level package name only.
finally xargs puts each LIBRARYNAME one at a time into a npm install LIBRARYNAME --save-dev command

这里的想法是:将npm过时的输出作为json输出到jq (jq是一个json命令行解析器/查询工具)(请注意，对于npm过时的)jq将会将输出降低到顶层包名。最后，xargs将每个LIBRARYNAME一次放入一个npm安装LIBRARYNAME—save-dev命令。

The above is what worked for me on a machine runnning: node=v0.11.10 osx=10.9.2 npm=1.3.24

以上是在机器运行中为我工作的:节点=v0.11.10 osx=10.9.2 npm=1.3.24。

this required:
xargs http://en.wikipedia.org/wiki/Xargs (native to my machine I believe)
and
jq http://stedolan.github.io/jq/ (I installed it with brew install jq)

这是需要的:xargs http://en.wikipedia.org/wiki/Xargs(我认为本机是我的机器)和jq http://stedolan.github。io/jq/(我安装了brew安装jq)

Note: I only save the updated libraries to package.json inside of the json key devDependancies by using --save-dev, that was a requirement of my projects, quite possible not yours.

注意:我只将更新后的库保存到包中。json在json密钥中使用——save-dev，这是我的项目的要求，很可能不是你的。

Afterward I check that everything is gravy with a simple

后来我检查了一下，所有的东西都很简单。

npm outdated --depth=0

Also, you can check the current toplevel installed library versions with

此外，您还可以检查当前的toplevel安装库版本。

npm list --depth=0

10  

Updtr!

Updtr !

Based on npm outdated, updtr installs the latest version and runs npm test for each dependency. If the test succeeds, updtr saves the new version number to your package.json. If the test fails, however, updtr rolls back its changes.

基于npm过时，updtr安装最新版本，并为每个依赖项运行npm测试。如果测试成功，updtr将新版本号保存到您的package.json中。如果测试失败，updtr会回滚它的更改。

https://github.com/peerigon/updtr

https://github.com/peerigon/updtr

7  

I use npm-check to archive this.

我使用npm检查来归档这个。

npm i -g npm npm-check
npm-check -ug #to update globals
npm-check -u #to update locals

Another useful command list which will keep exact version numbers in package.json

另一个有用的命令列表，它将在package.json中保留准确的版本号。

npm cache clean
rm -rf node_modules/
npm i -g npm npm-check-updates
ncu -g #update globals
ncu -ua #update locals
npm i

7  

Commands that I had to use to update package.json for NPM 3.10.10:

我必须使用的命令来更新包。json对于NPM 3.10.10:

npm install -g npm-check-updates
ncu -a
npm install

Background:

背景:

I was using the latest command from @josh3736 but my package.json was not updated. I then noticed the description text when running npm-check-updates -u:

我使用的是@josh3736的最新命令，但是我的包。json并没有更新。在运行npm-check-update -u时，我注意到描述文本。

The following dependency is satisfied by its declared version range, but the installed version is behind. You can install the latest version without modifying your package file by using npm update. If you want to update the dependency in your package file anyway, run ncu -a.

以下依赖项由其声明的版本范围满足，但已安装的版本在后面。您可以在不修改包文件的情况下使用npm更新安装最新版本。如果您想要更新包文件中的依赖项，运行ncu -a。

Reading the documentation for npm-check-updates you can see the difference:

阅读npm-check更新文档，您可以看到其中的区别:

https://www.npmjs.com/package/npm-check-updates

https://www.npmjs.com/package/npm-check-updates

-u, --upgrade: overwrite package file

-u，升级:覆盖包文件。

-a, --upgradeAll: include even those dependencies whose latest version satisfies the declared semver dependency

-upgradeAll:甚至包括那些最新版本满足声明的semver依赖性的依赖项。

ncu is an alias for npm-check-updates as seen in the message when typing npm-check-updates -u:

ncu是npm-check-update的别名，在键入npm-check-update -u时可以看到消息。

[INFO]: You can also use ncu as an alias

5  

If you are using yarn, yarn upgrade-interactive is a really sleek tool that can allow you to view your outdated dependencies and then select which ones you want to update.

如果您使用的是纱线，那么纱线升级-交互式是一个非常光滑的工具，它可以让您查看过时的依赖关系，然后选择您想要更新的。

More reasons to use Yarn over npm. Heh.

更多的理由使用纱线超过npm。哈。

5  

One easy step:

一个简单的步骤:

$ npm install -g npm-check-updates && ncu -a && npm i

5  

Try following command if you using npm 5 and node 8

如果您使用npm 5和节点8，可以尝试以下命令。

npm update --save

npm更新——保存

5  

Ncu is a new alias to check for updates. By doing so you do not have to manually update ur version numbers in package.json ncu does it for you . Follow the method below if you are on a Linux machine

Ncu是用于检查更新的新别名。通过这样做，您不必手动更新包中的ur版本号。json ncu为您服务。如果您在Linux机器上，请遵循下面的方法。

sudo npm i -g npm-check-updates
ncu
ncu -a // to update your package.json
sudo npm install

4  

The above commands are unsafe because you might break your module when switching versions. Instead I recommend the following

上面的命令不安全，因为在切换版本时可能会破坏模块。相反，我推荐以下内容。

• Set actual current node modules version into package.json using npm shrinkwrap command.
• 将实际的当前节点模块版本设置为包。json使用npm shrinkwrap命令。
• Update each dependency to the latest version IF IT DOES NOT BREAK YOUR TESTS using https://github.com/bahmutov/next-update command line tool
• 如果没有使用https://github.com/bahmutov/next Update命令行工具来破坏您的测试，请更新每个对最新版本的依赖关系。

npm install -g next-update
// from your package
next-update

4  

A very late reply. but may help someone.

一个很晚的答复。但可能帮助别人。

this feature has been introduced in npm v5. update to npm using npm install -g npm@latest and

该特性已在npm v5中引入。使用npm安装- gnpm@latest，更新到npm。

to update package.json

更新package.json

1. delete /node_modules and package-lock.json (if you have any)

   删除/ node_modules和package-lock。json(如果有的话)

2. run npm update. this will update package.json to the latest version with installed dependencies.

   运行npm更新。这将更新包。json到最新版本的安装依赖项。

to update to very latest version. you can go with npm-check-updates

更新到最新版本。您可以使用npm检查更新。

3  

Alternative is

替代方法是

"dependencies":{
    "foo" : ">=1.4.5"
}

everytime you use npm update , it automatically update to the latest version. For more version syntax, you may check here: https://www.npmjs.org/doc/misc/semver.html

每次使用npm更新时，它都会自动更新到最新版本。对于更多的版本语法，您可以在这里查看:https://www.npmjs.org/doc/misc/semver.html。

2  

Solution without additional packages

解决方案没有额外的包

Change every dependency's version to *:

将每个依赖项的版本更改为*:

"dependencies": {
    "react": "*",
    "react-google-maps": "*"
  }

Then run npm update --save.

然后运行npm更新——保存。

Some of your packages were updated, but some not?

您的一些包被更新了，但是有些没有更新?

"dependencies": {
    "react": "^15.0.1",
    "react-google-maps": "*"
  }

This is the tricky part, it means your local version of "react" was lower than the newest one. In this case npm downloaded and updated "react" package. However your local version of "react-google-maps" is the same as the newest one.

这是一个棘手的部分，它意味着你的本地版本的“反应”低于最新的版本。在本例中，npm下载并更新了“react”包。但是你的本地版本的“谷歌地图”和最新的一样。

If you still want to "update" unchanged *, you have to delete these modules from node_modules folder.

如果您仍然希望“更新”不变*，则必须从node_modules文件夹中删除这些模块。

e.g. delete node_modules/react-google-maps.

如删除node_modules / react-google-maps。

Finally run again npm update --save.

最后再次运行npm更新——保存。

"dependencies": {
    "react": "^15.0.1",
    "react-google-maps": "^4.10.1"
  }

Do not forget to run npm update --save-dev if you want to update development dependencies.

不要忘记运行npm更新——如果您想要更新开发依赖项的话，就可以使用save-dev。

2  

This is what I did to update all the dependencies in package.json to latest:

这就是我在包中更新所有依赖项所做的。json最新的:

npm install -g npm-check-updates
ncu -u --packageFile package.json 

1  

Greenkeeper if you're using Github. https://greenkeeper.io/

如果你用的是Github。https://greenkeeper.io/

It's a Github integration and incredibly easy to set things up. When installed, it automatically creates pull requests in repositories you specify (or all if wanted) and keeps your code always up-to-date, without forcing you to do anything manually. PRs should then trigger a build on a CI service and depending on a successful or failed check you can keep figuring out what's triggering the issue or when CI passes simply merge the PR.

这是Github的集成，非常容易设置。安装时，它会自动在您指定的存储库中创建pull请求(如果需要的话)，并保持您的代码总是最新的，而不会强迫您手动执行任何操作。然后，PRs应该在CI服务上触发一个构建，并依赖于成功或失败的检查，您可以继续弄清楚是什么触发了这个问题，或者CI通过的时候仅仅是合并了PR。

At the bottom, you can see that the first build failed at first and after a commit ("upgrade to node v6.9") the tests pass so I could finally merge the PR. Comes with a lot of emoji, too.

在底部，您可以看到第一次构建失败了，在提交(“升级到node v6.9”)之后，测试通过了，所以我终于可以合并PR了，也有很多的表情符号。

Another alternative would be https://dependencyci.com/, however I didn't test it intensively. After a first look Greenkeeper looks better in general IMO and has better integration.

另一种选择是https://dependencyci.com/，但我并没有强烈地测试它。在第一次看来，格林门将在国际海事组织中看起来更好，并且有更好的融合。

1  

• npm outdated
• npm过时
• npm update
• npm更新

Should get you the latest wanted versions compatible for your app. But not the latest versions.

应该为你的应用提供最新的版本，但不是最新版本。

0  

The following code (which was accepted) wrote me something like "it takes too long blah-blah" and did nothing. Probably using the global flag was the problem, idk.

下面的代码(被接受了)给我写了一些东西，比如“太长时间的废话”，什么也没做。可能使用全球标志是问题，idk。

npm i -g npm-check-updates
ncu -u
npm install

I decided to use my text editor and follow a semi-manual approach instead.

我决定使用我的文本编辑器，转而使用半手动方法。

I copied a list like this (just a lot longer) from the dev dependencies of my package.json to the notepad++ text editor:

我从包的dev依赖项中复制了这样的列表(只是更长时间)。json到notepad++文本编辑器:

"browserify": "10.2.6",
"expect.js": "^0.3.1",
"karma": "^0.13.22",
"karma-browserify": "^5.2.0",

I set the search mode to regular expression, used the ^\s*"([^"]+)".*$ pattern to get the package name and replaced it with npm uninstall \1 --save-dev \nnpm install \1 --save-dev. Clicked on "replace all". The otput was this:

我设置了搜索模式的正则表达式,使用^ \ s *”([^]+)。*$模式获取包名并将其替换为npm uninstall \1—save-dev \nnpm安装\1—save-dev。点击“替换所有”。otput是这样的:

npm uninstall browserify --save-dev 
npm install browserify --save-dev
npm uninstall expect.js --save-dev 
npm install expect.js --save-dev
npm uninstall karma --save-dev 
npm install karma --save-dev
npm uninstall karma-browserify --save-dev 
npm install karma-browserify --save-dev

I copied it back to bash and hit enter. Everything was upgraded and working fine. That's all.

我将它复制回bash并回车。一切都升级了，运行良好。这是所有。

"browserify": "^16.1.0",
"expect.js": "^0.3.1",
"karma": "^2.0.0",
"karma-browserify": "^5.2.0",

I don't think it is a big deal, since you have to do it only every now and then, but you can easily write a script, which parses the package.json and upgrades your packages. I think it is better this way, because you can edit your list if you need something special, for example keeping the current version of a lib.

我不认为这是一件大事，因为你必须偶尔做，但是你可以很容易地写一个脚本，它会解析这个包。json和升级包。我认为这样更好，因为如果您需要一些特殊的东西，比如保留当前版本的lib，您可以编辑您的列表。