I copied package.json from another project and now want to bump all of the dependencies to their latest versions since this is a fresh project and I don't mind fixing something if it breaks.

What's the easiest way to do this?

The best way I know of now is to run npm info express version then update package.json manually for each one. There must be a better way.

{
  "name": "myproject",
  "description": "my node project",
  "version": "1.0.0",
  "engines": {
    "node": "0.8.4",
    "npm": "1.1.65"
  },
  "private": true,
  "dependencies": {
    "express": "~3.0.3", // how do I get these bumped to latest?
    "mongodb": "~1.2.5",
    "underscore": "~1.4.2",
    "rjs": "~2.9.0",
    "jade": "~0.27.2",
    "async": "~0.1.22"
  }
}

---

I am now a collaborator on npm-check-updates, which is a great solution to this problem.

---

Looks like npm-check-updates is the only way to make this happen now.

npm i -g npm-check-updates
ncu -u
npm install

---

On npm <3.11:

Simply change every dependency's version to * , then run npm update --save . ( Note: broken in recent (3.11) versions of npm).

Before:

  "dependencies": {
    "express": "*",
    "mongodb": "*",
    "underscore": "*",
    "rjs": "*",
    "jade": "*",
    "async": "*"
  }

After:

  "dependencies": {
    "express": "~3.2.0",
    "mongodb": "~1.2.14",
    "underscore": "~1.4.4",
    "rjs": "~2.10.0",
    "jade": "~0.29.0",
    "async": "~0.2.7"
  }

---

Of course, this is the blunt hammer of updating dependencies. It's fine if—as you said—the project is empty and nothing can break.

On the other hand, if you're working in a more mature project, you probably want to verify that there are no breaking changes in your dependencies before upgrading.

To see which modules are outdated, just run npm outdated . It will list any installed dependencies that have newer versions available.

---

npm-check-updates is a utility that automatically adjusts a package.json with the latest version of all dependencies

see https://www.npmjs.org/package/npm-check-updates

$ npm install -g npm-check-updates
$ ncu -u
$ npm install 

---

TLDR; (updated for newer NPM versions)

Things have changed a bit since these answers were originally written.

npm 2+: npm outdated + npm update + npm shrinkwrap

Older npm: npm-check-updates package + npm shrinkwrap

Be sure to shrinkwrap your deps, or you may wind up with a dead project. I pulled out a project the other day and it wouldn't run because my deps were all out of date/updated/a mess. If I'd shrinkwrapped, npm would have installed exactly what I needed.

---

Details

For the curious who make it this far, here is what I recommend:

Use npm-check-updates or npm outdated to suggest the latest versions.

# `outdated` is part of newer npm versions (2+)
$ npm outdated
# If you agree, update.  
$ npm update

#       OR

# Install and use the `npm-check-updates` package.
$ npm install -g npm-check-updates
# Then check your project
$ npm-check-updates
# If you agree, update package.json.
$ npm-check-updates -u

Then do a clean install (w/o the rm I got some dependency warnings)

$ rm -rf node_modules
$ npm install 

Lastly, save exact versions to npm-shrinkwrap.json with npm shrinkwrap

$ rm npm-shrinkwrap.json
$ npm shrinkwrap

Now, npm install will now use exact versions in npm-shrinkwrap.json

If you check npm-shrinkwrap.json into git, all installs will use the exact same versions.

This is a way to transition out of development (all updates, all the time) to production (nobody touch nothing).

npm outdated

npm-check-updates

npm shrinkwrap

链接地址: http://www.djcxy.com/p/4754.html

上一篇: npm WARN package.json：没有存储库字段

下一篇: 如何将package.json中的每个依赖项更新为最新版本？