Find newer versions of package dependencies than what your package.json allows
This is the first prerelease in preparation for the next major v17. It mainly involves a node engines bump and lot of internal dependency upgrades, so if you notice any regressions, please let me know!
Run npx [email protected]
to test.
There are a two more breaking/high-risk changes I intend to make for the v17 release, which I will also release as prerelease versions for testing.
Thanks for your help and enjoy! 🍰
--root
is now set by default (#1353)
--no-root
.bun.lockb
is detected.$ ncu --packageManager bun
$ ncu -p bun
Thanks to @ImBIOS for the PR!
--install
option to control auto-install behavior.Usage:
ncu --install [value]
Default: prompt
Control the auto-install behavior.
always | Runs your package manager's install command automatically after upgrading. |
never | Does not install and does not prompt. |
prompt | Shows a message after upgrading that recommends an install, but does not install. In interactive mode, prompts for install. (default) |
filterResults
option to filter out upgrades based on a user provided function.filterResults
runs after new versions are fetched, in contrast to filter
and filterVersion
, which run before. This allows you to filter out upgrades with filterResults
based on how the version has changed (e.g. a major version change).
Only available in .ncurc.js or when importing npm-check-updates as a module.
/** Filter out non-major version updates.
@param {string} packageName The name of the dependency.
@param {string} currentVersion Current version declaration (may be range).
@param {SemVer[]} currentVersionSemver Current version declaration in semantic versioning format (may be range).
@param {string} upgradedVersion Upgraded version.
@param {SemVer} upgradedVersionSemver Upgraded version in semantic versioning format.
@returns {boolean} Return true if the upgrade should be kept, otherwise it will be ignored.
*/
filterResults: (packageName, {currentVersion, currentVersionSemver, upgradedVersion, upgradedVersionSemver}) => {
const currentMajorVersion = currentVersionSemver?.[0]?.major
const upgradedMajorVersion = upgradedVersionSemver?.major
if (currentMajorVersion && upgradedMajorVersion) {
return currentMajorVersion < upgradedMajorVersion
}
return true
}
For the SemVer type definition, see: https://git.coolaj86.com/coolaj86/semver-utils.js#semverutils-parse-semverstring
Thanks to mslowiak for this enhancement!
Added --cacheClear
option for—you guessed it—clearing the cache 🫥.
This brings the suite of cache-related options to:
--cache
: Cache versions to the cache file.--cacheClear
: Clear the default cache, or the cache file specified by --cacheFile.--cacheExpiration <min>
: Cache expiration in minutes (default: 10).--cacheFile <path>
: Filepath for the cache file (default: "~/.ncu-cache.json").Thanks to @ly3xqhl8g9 whose code is gratefully more lucid than his username.
Upgrade all workspaces:
ncu --workspaces
ncu -ws
Upgrade a single workspace:
ncu --workspace a
ncu -w a
Upgrade more than one workspace:
ncu --workspace a --workspace b
ncu -w a -w b
Upgrade all workspaces AND the root project:
ncu --workspaces --root
Upgrade a single workspace AND the root project:
ncu --workspace a --root
workspaces
or --workspace
is run in --interactive
mode, ncu will prompt to npm install
once in the root project rather than separately in each workspace (#1182).--deep
will not trigger workspace support.v14.0.0
. Add --stdin
for old behavior. (#136)ncu -f '*vite*'
would not include @vitejs/plugin-react
. Now, filters will match any part of the package name, including the scope. Use a more specific glob or regex expression for old behavior. (#1168)update-notifier
with has a moderate severity vulnerability--packageManager
is not given, there is no package-lock.json
in the current folder, and there is a yarn.lock
in an ancestor directory, npm-check-updates will now use yarn.--packageManager yarn
explicitly before, you may not have to nowYou can now group upgrades by risk level using --format group
:
Interactive mode was completely rewritten for a better user experience.
Inspired by npm-check.
Combine with --format group
for a truly luxe experience:
A new option --packageManager staticRegistry
allows upgrades to be recommended from a static JSON file. This can be used to power custom versioning infrastructure that is completely independent from the npm registry.
Thanks to agrouse who did a fine job on the PR.
Example:
$ ncu --packageManager staticRegistry --registry ./my-registry.json
my-registry.json:
{
"prettier": "2.7.0",
"typescript": "4.7.0"
}
The latest versions of prettier
and typescript
are set in the registry file. When ncu
is run, it will recommend upgrades from the static registry file without touching the npm registry:
$ ncu --packageManager staticRegistry --registry ./my-registry.json
Checking /Users/raine/projects/ncu-issues/14.1.0/package.json
[====================] 2/2 100%
prettier ^2.0.1 → ^2.7.0
typescript ^3.4.0 → ^4.7.0
Run ncu -u to upgrade package.json