/check-outdated

Ensures that your dependencies are up to date, otherwise the process is terminated with status code 1.

Primary LanguageJavaScriptMIT LicenseMIT

check-outdated

npm version install size Known Vulnerabilities npm node Ensure Node.js compatibility MIT license

Light-weight CLI tool to ensure that your dependencies are up-to-date, otherwise the process is terminated with status code 1.

This is an improved version of npm outdated, which can be used in build-pipelines, pre-publish scripts (npm) or pre-commit hook (Git) to make sure all the used dependencies are up-to-date.

  • Zero dependencies
  • Optionally ignore pre-releases (e.g. "2.1.0-alpha", "2.1.0-beta", "2.1.0-rc.1")
  • Optionally ignore dev dependencies
  • Optionally ignore specific packages
  • Optionally ignore a specific version or version range of a package (e.g. to skip a broken version)
  • Optionally restrict the update type (e.g. only show minor updates, or reverted versions)
  • Optionally check globally installed packages
  • Optionally set depth for checking dependency tree
  • Show link to changelogs
  • Configure visible columns

Example Screenshot

Usage without installation

The benefit of using npx is, that it ensures that always the latest version of check-outdated is used. In addition, a download is only necessary in environments where it is needed - e.g. if check-outdated is not needed on the build server, it does not have to be downloaded there, which may speeds up the dependency installation slightly.

On command-line you can run the command like this:

npx check-outdated --ignore-pre-releases --ignore-dev-dependencies --ignore-packages package1,package2 --columns name,type,current,latest,changes

Or put it into your package.json:

{
  "scripts": {
    "check-outdated": "npx --yes -- check-outdated --ignore-pre-releases --ignore-dev-dependencies --ignore-packages package1,package2 --columns name,type,current,latest,changes --types major,minor,patch,reverted",
    "preversion": "npm run lint && npm run test && npm run check-outdated"
  }
}

Usage with installation

Install

npm install check-outdated --save-dev
# or
yarn add check-outdated -D

Usage

After you've installed check-outdated you can run the command like this:

node_modules/.bin/check-outdated --ignore-pre-releases --ignore-dev-dependencies --ignore-packages package1,package2 --columns name,type,current,latest,changes --types major,minor,patch,reverted

Or put it into your package.json:

{
  "scripts": {
    "check-outdated": "check-outdated --ignore-pre-releases --ignore-dev-dependencies --ignore-packages package1,package2 --columns name,type,current,latest,changes --types major,minor,patch,reverted",
    "preversion": "npm run lint && npm run test && npm run check-outdated"
  }
}

Command-line arguments

Argument Description Example
--help, -h Show the help --help
--ignore-pre-releases Don't recommend to update to versions which contain a hyphen (e.g. "2.1.0-alpha", "2.1.0-beta", "2.1.0-rc.1") --ignore-pre-releases
--ignore-dev-dependencies Do not warn if devDependencies are outdated. --ignore-dev-dependencies
--ignore-packages <comma-separated-list-of-package-names> Ignore the listed packages, even if they are outdated.
Using the @ syntax (<package>@<version>) you can also, only ignore a specific version, or a semver range (like ^2, ~2.3.4, 2.*, 2.3.x) of a package (e.g. if it's broken).
--ignore-packages typescript,terser-webpack-plugin@3.0.0,got@^12
--prefer-wanted Compare the Current version to the Wanted version, instead of the Latest version. --prefer-wanted
--columns <comma-separated-list-of-columns> Defines which columns should be shown in which order. (See Available Columns below) --columns name,current,latest,changes
--types <comma-separated-list-of-update-types> Restrict the update type (e.g. only show minor updates, or reverted versions) (See Available Types below) --types minor,reverted
--global Check packages in the global install prefix instead of in the current project (equal to the npm outdated-option) --global
--depth <number> Max depth for checking dependency tree (equal to the npm outdated-option) --depth 3

Available Columns

By default, the following columns are shown:
package, current, wanted, latest, reference, changes, location

You are able to overwrite the default by using the --columns argument.

Caption --columns value Description Example
Package package The name of the package.
Red means there's a newer version matching your semver requirements, so you should update now.
Yellow indicates that there's a newer version above your semver requirements (usually new major, or new 0.x minor) so proceed with caution.
typescript
Current current The currently installed version of the package. 3.7.2
Wanted wanted The maximum version of the package that satisfies the semver range specified in package.json. If there's no available semver range (i.e. you're using the --global argument, or the package isn't included in package.json), then wanted shows the currently-installed version.
This column is always colored in green.
3.7.2
Latest latest The version of the package tagged as latest in the npm registry.
This column is always colored in magenta.
3.8.3
Reference reference Contains a link to the line and column of the dependency in the package.json.
By using a terminal which supports clicking on such links, you can navigate directly the the item.
P:\my-project\package.json:47:3
Changes changes check-outdated tries to find a direct link to changelog of the package. The following places are considered in the given order:
  1. {package}/package.json > "repository" *
  2. {package}/package.json > "homepage"
  3. https://www.npmjs.com/package/{name}
* GitHub-repository URLs are adjusted, so that they directly link to the CHANGELOG.md or the Releases section.
https://github.com/Microsoft/TypeScript/releases
Changes changesPreferLocal Same as changes, but first check for a CHANGELOG.md in the package folder.
Keep in mind, you'll only see the changelog of the currently installed version, not of the version which is recommended.
node_modules/fs-extra/CHANGELOG.md
Type type Shows if the difference between Current and Latest is a major, minor, patch, prerelease, build or reverted update, in Semantic Versioning. For more details see Available Types below. minor
Location location Shows where in the dependency tree the package is located. Note that check-outdated defaults to a depth of 0, so unless you override that, you'll always be seeing only top-level dependencies that are outdated. node_modules/typescript
Package Type packageType Tells you whether this package is a dependency or a devDependency. Packages not included in package.json are always marked dependencies. If this column is not activated, the packages are grouped by their type, otherwise they are ordered by their name. devDependencies
Homepage homepage An URL with additional information to the package. The following places are considered in the given order:
  1. {package}/package.json > "homepage"
  2. {package}/package.json > "repository"
  3. {package}/package.json > "author"
  4. https://www.npmjs.com/package/{name}
https://www.typescriptlang.org/
npmjs.com npmjs A link to the package on the npmjs.com website. https://www.npmjs.com/package/typescript

Available Types

The type describes the difference between the Current version and Latest version, in Semantic Versioning. By default, all types are shown.

You are able to overwrite the default by using the --types argument.

--types value Description Example
major Backward-incompatible updates 1.2.3 -> 2.0.0
minor Backward-compatible features 1.2.3 -> 1.3.0
patch Backward-compatible bug fixes 1.2.3 -> 1.2.4
reverted Latest available version is lower than the installed version 1.2.3 -> 1.1.5
prerelease Only the pre-release version has been amended or added 1.2.3 -> 1.2.3-beta.1
build Only build metadata has been amended or added 1.2.3 -> 1.2.3+build.2