For the first time last week, i received a “Security Alert Digest” email from Github.
Inside were all the dependencies of a project, gatsby-starter
, that had known vulnerabilities. It listed the name of the dependency, its version, and the version i should upgrade to to be safe. Okay.
I started thinking, wait, how the heck do i upgrade all of the dependencies at once? There were about 14 or so.
In case you’re wondering how to do so, too, here you go.
![npm outdated command](https://macariojames.com/blog/wp-content/uploads/2019/09/npm-oudated-command-1024x211.png)
First off, running npm update
won’t update major releases by standard package.json
rules. You’ll need to install the npm-check-updates
package globally. It’s used to let npm know to install the minor dev
and devDependencies
for each of your packages in the node_modules
folder.
npm install -g npm-check-updates
then run ncu -u
then npm install
. Boom.
Hope that helps!
Cheers and peace.