Npm-check-updates: ncu doesn't update package.json

Created on 11 Aug 2016  Β·  9Comments  Β·  Source: raineorshine/npm-check-updates

I have all node_modules up-to-date, but my package.json file isn't getting updated. I.e.:

ncu -a -u -l verbose --semverLevel major
Initializing...
Running in local mode...
Finding package file data...
Getting installed packages...
Fetching major versions...
βΈ¨β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘βΈ© β ‡ :
All dependencies match the major package versions :)

But, for example:

package.json:
"babel-core": "^6.7.6"

And:

npm list --depth=0
β”œβ”€β”€ [email protected]

So, everything is up-to-date but the package.json file never gets touched.

No dead symlinks, or other FAQ issues.

ncu --version
2.8.0
enhancement revive-me

Most helpful comment

Hi @raineorshine, thanks for the quick response.

I understand your comment, but:

a) shouldn't --upgradeAll and --semverLevel major force it to rewrite the file?

AND:

b) after "rm -rf node_modules && npm update", then "ncu -a" package.json WAS updated:

ncu -a -u
phantomjs-prebuilt  ^2.1.10  β†’  ^2.1.12-alpha 
Upgraded /Users/burdon/projects/src/alienlaboratories/nx-lite/sub/frontend/package.json

So my theory is, unless there is SOMETHING to update, the file rewrite isn't triggered even though:
"-a -u" is specified.

Does that make sense?

All 9 comments

6.13.2 is included in the range ^6.7.6. ncu does not update version numbers
that already include the latest version. It doesn't need to, as a simple
npm install or update will get the latest version. If that package jumps to
7.0.0, ncu will update the dependency to ^7.0.0. Does that make sense?
On Thu, Aug 11, 2016 at 11:08 AM Rich Burdon [email protected]
wrote:

I have all node_modules up-to-date, but my package.json file isn't getting
updated. I.e.:

ncu -a -u -l verbose --semverLevel major
Initializing...
Running in local mode...
Finding package file data...
Getting installed packages...
Fetching major versions...
βΈ¨β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘β–‘βΈ© β ‡ :
All dependencies match the major package versions :)

But, for example:

package.json:
"babel-core": "^6.7.6"

And:

npm list --depth=0
β”œβ”€β”€ [email protected]

So, everything is up-to-date but the package.json file never gets touched.

No dead symlinks, or other FAQ issues.

ncu --version = 2.8.0

β€”
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
https://github.com/tjunnone/npm-check-updates/issues/261, or mute the
thread
https://github.com/notifications/unsubscribe-auth/AAtyxPa4zxNsCmaqlUrbKzr-QsPOa-oJks5qe1bkgaJpZM4JiVk0
.

Hi @raineorshine, thanks for the quick response.

I understand your comment, but:

a) shouldn't --upgradeAll and --semverLevel major force it to rewrite the file?

AND:

b) after "rm -rf node_modules && npm update", then "ncu -a" package.json WAS updated:

ncu -a -u
phantomjs-prebuilt  ^2.1.10  β†’  ^2.1.12-alpha 
Upgraded /Users/burdon/projects/src/alienlaboratories/nx-lite/sub/frontend/package.json

So my theory is, unless there is SOMETHING to update, the file rewrite isn't triggered even though:
"-a -u" is specified.

Does that make sense?

That's a good point. It is confusing that the behavior is different when you do not have any packages installed. I believe there is another ticket where this suggestion came up. I haven't had as much time these days to add feature improvements, but this would be a good one to make more consistent.

To respond to a), if a specified dependency range already includes the latest, why would you need to re-write it? ncu follows the semantics of semver and leaves upgrading version numbers within that range to ncu update. If you want to force re-write for any version increase, you should just use exact versions (i.e. not ^) and then ncu will always bump it up when there is a new version.

I lost almost 2 hours debugging this before stumbling on this ticket. It would be extremely appreciated if the behavior remained consistent both when packages are installed and when they are not.

Thank you @csvan for sharing your painful experience. I am sure you are not the only one. I will make this a priority so that others do not go through what you did.

This was fixed by raineorshine on May 27 in this commit https://github.com/tjunnone/npm-check-updates/commit/71386c98ba581abf1c6ff88c1f6a86bfa06788ad (Thanks!!!). Unfortunately, it's slated for v3. I'm guessing because it could be considered a breaking change. However, I'd consider it a critical bug fix.

Since v3 won't get to npm for a long time, I've made a fork off master with this single fix merged in.

You can reference it in your package.json like this:
"npm-check-updates": "github:speige/npm-check-updates"

I don't plan to maintain my fork, but npm-check-updates is unusable without this fix. I'll go back to the original repo/npm as soon as this is resolved.

Thanks raine & tomas! It's an awesome package!

duplicate of #263 #389

Although this issue is "closed", it's not been published to npm (& appears it won't be until v3, which is a long ways out).

For those who don't want to wait, I've chosen to switch to npm-check:

    "scripts": {
        "update-npm-versions": "npm-check --skip-unused --update-all --save-exact --ignore",
        "update-npm-versions-interactive": "npm-check"
    },
    "devDependencies": {
        "npm-check": "5.8.0",
    }

After more than two years, there is still no "3.x", and this problem still exist. At least we can show some information in this case to reduce confusion. I really spent a lot of time trying again and again until I see this issue.

@speige Thanks for recommending npm-check, works great.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

evgenyrodionov picture evgenyrodionov  Β·  4Comments

mkungla picture mkungla  Β·  6Comments

benface picture benface  Β·  7Comments

nicksarafa picture nicksarafa  Β·  6Comments

anonimoconiglio picture anonimoconiglio  Β·  6Comments