npm-outdated

Find packages that are outdated in a project

$ npm outdated

$ npm outdated [[-a|--all]]

npm outdated [--json | --long | --parseable] [--depth=] [--global] [--workspaces] [ ...]

[ ...]
    Optional. Specifies one or more package names to check for outdated versions. If omitted, all project dependencies are checked.

--json
    Outputs the results in JSON format, which is useful for programmatic consumption.

--long
    Displays additional columns in the output, such as Package Type (e.g., Dependencies, devDependencies), Homepage, and License.

--parseable
    Outputs the results in a tab-separated, machine-parseable format, making it easier for scripts to process the data.

--depth=
    Limits the depth of the dependency tree traversal. A depth of 0 will only show top-level dependencies.

--global, -g
    Checks for outdated packages installed globally on your system rather than in the current project.

--workspaces
    Checks for outdated packages across all configured workspaces in the project.

npm outdated is a powerful command within the Node.js package manager (npm) ecosystem that helps developers identify dependencies in their project that have newer versions available. It scans your project's node_modules directory and compares the currently installed package versions against the versions specified in your package.json file, as well as the absolute latest versions available in the npm registry.

The command provides a clear, tabular output, detailing for each package its current installed version, the "wanted" version (the highest version that satisfies the semantic versioning range defined in package.json without breaking changes), and the "latest" version (the newest version published to the registry, which may include major, potentially breaking, updates). This crucial insight allows developers to proactively manage their project's dependencies, ensuring they can leverage bug fixes, performance improvements, and new features, while also staying informed about potential breaking changes that might arise from major version updates. It's an essential tool for dependency management and maintaining project health.

While npm outdated is a highly valuable tool, it's important to understand its nuances. The command only checks for newer versions; it does not identify unused or redundant dependencies. The output often uses color coding: red typically indicates a major version bump available (a potentially breaking change), while yellow signals a minor or patch update (usually safe).

The distinction between the "Wanted" and "Latest" columns is crucial. "Wanted" represents the highest version that satisfies the semver range specified in your package.json and is generally safe to update to using npm update. "Latest" is the absolute newest version published, which might be a major version requiring manual npm install <package>@latest and thorough testing due to potential breaking changes. Furthermore, npm outdated queries the npm registry; thus, it requires an active internet connection to provide up-to-date information.

The npm outdated command provides specific exit codes that are useful for scripting and automation:

• 0: No packages are outdated.
• 1: At least one package is outdated.
• Any other non-zero code: An error occurred during command execution.

The npm outdated command has been a fundamental utility within the npm CLI since its early days, reflecting the critical need for effective dependency management in Node.js projects. As the npm ecosystem expanded rapidly and projects accumulated numerous direct and transitive dependencies, the importance of easily identifying and managing outdated packages grew significantly. Its consistent presence and evolution alongside the npm CLI have made it an indispensable tool for developers to maintain the health, security, and performance of their applications by keeping dependencies up-to-date.

npm-update(1), npm-install(1), npm-ls(1), package.json(5)