Today I was thinking to update also the front page of my site.
It was stale for a while because my life was so packed up that I didn't find much time to do what I love.

So, I have downloaded from the server my old site and... I saw lot's of updates, from deprecation to problem with node security.

If you like front-end, you also, probably, like programming with framework such as node, and not only pure with just HTML5 (not the old school one) or Php etc.

So... lets begin.

How do you update all your project dependencies stored in package.json to their latest version available?

First of all, when you install a package using npm install <package-name>, the latest available version of the package is downloaded.
All its files are put in the node_modules folder and its corresponding entry is added to the package.json and package-lock.json files that are present in your current folder.

npm calculates the dependencies and installs the latest available version of those as well.

For example, I'm going to install cowsay, a cool command line tool that creates a cow, drawed with ascii characters, and lets you make it say thing.

When you npm install cowsay (you can find out more here), this entry is added to the package.json file:

{
  "dependencies": {
    "cowsay": "^1.3.1"
  }
}

and this is an extract of package-lock.json, where I removed the nested dependencies for clarity:

{
  "requires": true,
  "lockfileVersion": 1,
  "dependencies": {
    "cowsay": {
      "version": "1.3.1",
      "resolved": "https://registry.npmjs.org/cowsay/-/cowsay-1.4.0.tgz",
      "integrity": "sha512-3PVFe6FePVtPj1HTeLin9v8WyLl+VmM1l1H/5P+BTTDkMAjufp+0F9eLjzRnOHzVAYeIYFF5po5NjRrgefnRMQ==",
      "requires": {
        "get-stdin": "^5.0.1",
        "optimist": "~0.6.1",
        "string-width": "~2.1.1",
        "strip-eof": "^1.0.0"
      }
    }
  }
}

Now those 2 files tell us that we installed version 1.3.1 of cowsay, and our rule for updates is ^1.3.1, which for the npm versioning rules means that npm can update to patch and minor releases: 0.13.10.14.0 and so on.

If there is a new minor or patch release and we type npm update, the installed version is updated, and the package-lock.json file diligently filled with the new version.

package.json remains unchanged.

To discover new releases of the packages, you run npm outdated.

As you can see, right now cowsay has got an update, the 1.4.0.

Running npm update won’t update the version of those. Major releases are never updated in this way because they (by definition) introduce breaking changes, and npm want to save you trouble.

To update to a new major version all the packages, install the npm-check-updates package globally:

npm install -g npm-check-updates

where -g stands for global...

Then, run it:

ncu -u

this will upgrade all the version hints in the package.json file, to dependencies and devDependencies, so npm can install the new major version.

You are now ready to run the update:

npm update

If you just downloaded the project without the node_modules dependencies and you want to install the shiny new versions first, just run

npm install

And that's all!
Probably I'm going to write an introduction to npm too...

What can I say... I am @Nebulino... I like Anime, the Android world and all kawaii stuff... Don't think something strange... I like to dev too!