1

In my project, the previous developers have put various of JS packages locally, such as chart.js, jquery.block-ui.js, modernizr.js, axios.js, vue.js, etc. I'm trying to manage them using NPM. Problem is, they are all old versions.

Q1: how do I know if they are Semver so it's safe to upgrade them to the latest minor version? I did my research for each package but it's troublesome to look into each one and some of them have very little information about it. Is there somewhere stating all Semvered JS packages?

Q2: for jquery.block-ui.js, it is minified, in the file, there is no information about the version number, in this case, is it possible to find out what version it is thus if it's safe to upgrade?

Yaser Darzi
  • 1,480
  • 12
  • 24
one-hand-octopus
  • 2,229
  • 1
  • 17
  • 51
  • 3
    you never know. that's why you have to write tests. in addition to that, even if a package is semver.. i experienced alot of packages where breaking changes were introduced in patch version changes. – GottZ Oct 01 '19 at 14:02
  • To but what GottZ said more bluntly: *it is **never** "safe" to upgrade a package*. Ever. It is frequently *necessary*, but it is never *safe*. You'll have to just do it one at a time and see what breaks. Start by replacing one of the local files with the latest version from npm in node_modules. Run tests, check visuals. Repeat. Sucks, but the only way to eat technical debt is to start chewing and keep going. – Jared Smith Oct 01 '19 at 14:25

1 Answers1

1

(note: I'm keeping this answer up for future people who had sensible predecessors and are looking for help. I will edit again if I think of something that will help someone who's previous dev copied in their files by hand)

  • Firstly, use npm outdated. This will check for any outdated packages. Nothing to be gained from curing the healthy.

  • Second, as the comment says about semvered packages, you never know. That said, I have found a semi-useful resource here, its a regex that returns semvered version numbers as matches.

  • Third, about the JQuery, npm outdated should return a table stating version numbers. Also see this question about other possible ways to find a JQuery version number.

Here is the example output they gave for npm outdated:

Package      Current   Wanted   Latest  Location
glob          5.0.15   5.0.15    6.0.1  test-outdated-output
nothingness    0.0.3      git      git  test-outdated-output
npm            3.5.1    3.5.2    3.5.1  test-outdated-output
local-dev      0.0.3   linked   linked  test-outdated-output
once           1.3.2    1.3.3    1.3.3  test-outdated-output

I hope this helps. It may not. Like the comments say, you can never be sure so the surest way is to go through them one at a time and see what breaks

ipsa scientia potestas
  • 483
  • 1
  • 8
  • 23