24

Before you flag it as duplicate, I have searched for the similar questions and none of them helped me.

Currently this is what I have tried:

  1. Delete package-lock.json file.
  2. Delete node_modules.
  3. Run npm update
  4. Run npm install

This would always allow me to install the latest (minor) version of the packages in node_modules, and update the package-lock.json file. However, the package.json file does not update.

For example, my moment is package.json is stated as "moment": "^2.27.0". After running above steps, package-lock.json will update to "moment": { "version": "2.29.1", ...} But package.json will still be "moment": "^2.27.0".

What is the correct way to do this? Running npm install moment manually updates the package.json to become "moment": "^2.29.1" but its quite absurd if I have to run npm install for every single dependency?

Edit Thanks to the selected answer, I realised that I do not actually need to update my package.json, as it shows compatible version, not exact version.

Samson
  • 1,336
  • 2
  • 13
  • 28
  • 2
    Does this answer your question? [How to update each dependency in package.json to the latest version?](https://stackoverflow.com/questions/16073603/how-to-update-each-dependency-in-package-json-to-the-latest-version) – Daniel_Knights Dec 01 '20 at 08:18
  • ^^^ basically, get **npm-check-updates** (ncu) https://www.npmjs.com/package/npm-check-updates – nntrn Dec 01 '20 at 09:29
  • does ncu update to the latest minor or major version? I don't want to upgrade to the next major version as it may break things – Samson Dec 01 '20 at 12:12

2 Answers2

17

package.json will not updated by npm install. That contains about dependencies and compatible version list.

"moment": "^2.27.0" meaning allowed moment version: 2.27.0 <= version < 3.0.0, not allowed moment version = 2.27.0. So when you run npm install, npm will install the latest version of major version 2(In your case, 2.29.1), But package.json will not updated by that command. Because It not contains installed version, It contains compatible version.

However, npm install moment command do install the latest version of moment, So package.json updated the latest version, because "^2.27.0" is lower than "^2.29.1".

Anyway, If you want to update your package.json, You can use npm-check-updates (a.k.a. ncu). See this answer. If you not want running ncu, You can use "latest"(Example: "moment": "latest") to install the latest version anytime.

Hoto Cocoa
  • 489
  • 3
  • 12
  • does ncu update to the latest minor or major version? I don't want to upgrade to the next major version as it may break things – Samson Dec 01 '20 at 12:12
  • 2
    @Samson: Yes, `ncu` do. If you want use the latest version of major version 2, use `"moment": "<3"`. – Hoto Cocoa Dec 01 '20 at 17:10
17

npm outdated lists all packages that can be updated with the current, wanted and latest version numbers.

  • current is the currently installed version
  • wanted is the last minor version update
  • latest is the latest major version update

To update all packages to latest just do:

npm outdated | awk 'NR>1 {print $1"@"$4}' | xargs npm install

which simply calls npm install with the latest version of each outdated package.

It is highly recommended to check the resulting changes to your packages.json file just to make sure all changes are as expected.

QT-1
  • 900
  • 14
  • 21