Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
a safe way to upgrade all of your globally-installed npm packages
#!/bin/sh
set -e
set -x
for package in $(npm -g outdated --parseable --depth=0 | cut -d: -f3)
do
npm -g install "$package"
done
#!/bin/sh
set -e
set -x
for package in $(npm -g outdated --parseable --depth=0 | cut -d: -f2)
do
npm -g install "$package"
done
Owner

othiym23 commented Sep 20, 2014

Use npm-upgrade.sh most of the time; use npm-upgrade-bleeding.sh if you have packages that are newer than <package>@latest and you want to keep them on the absolute newest version rather than latest.

What makes this safer?

pgilad commented Sep 20, 2014

npm update -g also upgrades recursively all npm global dependencies

Thanks, I threw this in my ~/bin dir.
Is it possible to make the unmet dependency warnings go away?

Owner

othiym23 commented Sep 21, 2014

@makenova that's due to a change in semver in npm 2 that will gradually work itself out as deps get upgraded. So yes, but not right away.

Owner

othiym23 commented Sep 21, 2014

@aredridel see npm/npm#6247 for details on why this is better.

Actually this broke my npm install.
It tried to install npm@2.0.0, had an error, tried to roll back but failed.

@othiym23, I did a manual install to fix it. Thanks for the script!!

Suggestion: #!/usr/bin/env sh for portability.

mmocny commented Sep 22, 2014

Old issue for adding npm upgrade command: npm/npm#4471

Long standing call-for-PR...

Owner

othiym23 commented Sep 22, 2014

@jsonkarns: if you don't have /bin/sh, you don't have UNIX.

You can run this if you don't feel like downloading it : source <(curl -fsSL https://gist.githubusercontent.com/othiym23/4ac31155da23962afd0e/raw/4ead4c8989c66104a22240819131b99295bc4e37/npm-upgrade.sh)

Add the -bleeding to the url if you like to live on the edge.

dylang commented Oct 20, 2014

If you prefer to choose which global modules are updated I've added interactive updating to npm-check with support for global.

It also includes links to the source for each updated package so you can find out what's new.

Behind the scenes npm-check uses npm install thanks to the recommendation from @othiym23 in this thread.

# install
npm -g i npm-check

# interactive update of global packages
npm-check -u -g

# interactive update for a project you are working on
npm-check -u

Example using npm-check -u:
screen shot 2014-10-20 at 10 39 29 am

Source: https://github.com/dylang/npm-check

iki commented Nov 6, 2014

Batch script for Windows is available in gist fork
https://gist.github.com/iki/ec32bfdeeb23930efd15 (cc @othiym23)

iki commented Nov 10, 2014

@othiym23: I needed to add -q to npm options to reset the loglevel to warn, so that http level msgs are not in the output ... this is generally good practice, as different people can have different default loglevel set in their .npmrc

Thanks for the npm-check util update!

This caused me a lot of heartburn...hope it helps others who find the thread.

The --parseable flag changes the order of the output from npm outdated without the flag.

npm outdated -g --depth=0 produces output according to the header → current | wanted | latest
npm outdated -g --depth=0 --parseable produces output in a different order → wanted | current | latest

# current
npm outdated <package> -g --depth=0 --parseable | cut -d: -f3

# wanted 
npm outdated <package> -g --depth=0 --parseable | cut -d: -f2

# latest
npm outdated <package> -g --depth=0 --parseable | cut -d: -f4

@jsonkarns: if you don't have /bin/sh, you don't have UNIX.

@othiym23 I don't follow. The env isn't to guard against not having sh. It's to ensure that these scripts run against the user's preferred sh executable. For example, running against a homebrew-built sh instead of old system install. Since these scripts are intended to be used directly by the user (and not automated or as part of a utility), then they should be run against the user's chosen executable.

FYI: npm @2.6.1+ does not recursively update dependencies by default anymore.
https://docs.npmjs.com/cli/update

+1 @dylang , thanks bro!!!

martisj commented Sep 18, 2016

+1 @dylang npm-check for president!

edoardoc commented Jan 9, 2017

+1 @dylang npm-check

+1 @dylang npm-check

+1 for npm-check

hoanganh25991 commented Feb 3, 2017 edited

+1 for npm-check
should have emotion for answer in gist, which easy to rise a thumbsub on @dylang's anwser

+1 @dylang npm-check

If you have linked some personal package to global then you should use:

#!/bin/sh
set -e
set -x
for package in $(npm -g outdated --parseable --depth=0 | grep -v @linked | cut -d: -f2)
do
    npm -g install "$package"
done

As this will not try to update your local linked package. Actually this should be the default case since it works even when you don't have linked packages.

I love npm-check too, but my poor man hardware with low memory hates it. So I have developed a very simple package to list outdated packages, install selected ones and update my package.json rules. It will not check for unused or missing packages like npm-check does. But will work with global packages too, and my machine likes it... If you want to take a look: atualiza.

callemo commented Apr 21, 2017 edited

This one-liner made the trick for me: npm -gp outdated | cut -d: -f4 | xargs -n1 npm -g install

the one liner updated npm for me :(

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment