Updating NPM Packages Safely


Updated Aug 27th, 2022

Safely is important. One at a time, test, rollback if necessary. Read up on updates.

npm outdated
npm update

But “npm update” will not necessarily do the trick. Why? You may be restricted by the carets and tildes in the “package.json” file.

Carets and Tildes

Semantic versioning (or semver) is Major.Minor.Patch. You will often see a tilde or caret in front of the version number. A tilde will only allow patch updates. Carets will allow patch updates and minor updates.


You can update the “package.json” file manually, which is error prone and not recommended, or use a library.

npm install -g npm-check-updates

// then run

ncu -u

Global versus Local

This is a thing.

npm list -g