npm-update

Update all packages in the current project

$ npm update

$ npm update [package]

$ npm update [[-g|--global]] [package]

$ npm update [package1 package2 ...]

npm update [<pkg>...]

<pkg>...
    Names of the packages to update. If no packages are specified, all dependencies will be updated.

--depth <n>
    Max depth to go when recursing dependencies. Default: Infinity.

--global
    Update packages in the global install location instead of in the current project's `node_modules`.

--latest
    Upgrade to the latest version, even if that means violating the version ranges in `package.json`.

--save
    Save updated versions to package.json. Deprecated, see `npm install`.

--save-dev
    Save updated versions to package.json as devDependencies. Deprecated, see `npm install`.

--save-exact
    Save updated versions to package.json exactly as they are. Deprecated, see `npm install`.

--save-bundle
    Save updated versions to package.json as bundleDependencies. Deprecated, see `npm install`.

--force
    Force re-install dependencies

The `npm update` command updates packages in the `node_modules` directory to satisfy the version ranges specified in the package's `package.json` file. It recalculates dependencies based on these versions and updates the `package-lock.json` or `npm-shrinkwrap.json` accordingly. The primary function of `npm update` is to bring your installed packages up to the latest versions that still comply with your specified version ranges.
It doesn't update the versions listed in your `package.json` file itself; that's typically done with tools like `npm install` or `npm install --save/--save-dev `.
If you wish to update your dependencies to the latest possible version even if that means to violate the ranges of your `package.json` use `npm install ` or a similar technique

npm update only updates to versions within the ranges specified in your `package.json`. To update to the absolute latest versions (potentially breaking changes), use npm install with appropriate version specifiers (e.g., npm install package@latest).
It also respects the constraints of your `package-lock.json` or `npm-shrinkwrap.json` if they exist. To ignore these lockfiles, delete them before running npm update or use the --force flag to reinstall.

If a `package-lock.json` or `npm-shrinkwrap.json` file exists, `npm update` will prioritize the versions specified within it. Removing the lockfile before running `npm update` will allow npm to resolve dependencies according to the ranges in `package.json` and generate a new lockfile.

Due to the nature of semantic versioning, upgrading might introduce breaking changes. Check the changelogs of the updated packages to prepare for such changes.

The `npm update` command has been a core part of npm since its early days. It was designed to provide a way to keep dependencies up-to-date within the constraints specified by the `package.json` file. Over time, its behavior and interactions with other npm features, like `package-lock.json`, have evolved to provide more consistent and predictable dependency management.

npm(1), npm-install(1), package.json(5), package-lock.json(5), npm-shrinkwrap(1)