[X] I have searched for similiar issues before filing this issue.
node version: 10.16.3
Currently, using --semverLevel can be used to limit the level but not to "expand it". For example, we use ~ in our package.json to have tighter control over versions, so it would be nice to be able to do --semverLevel=minor to update to the latest minor release while still using ~ to only allow "automatic" updates of point releases.
Can you clarify what you have in your package.json currently and what you want to have with this new option? I am a bit confused about where the ~ is. npm-check-updates only modifies your package.json, it does not actually update the installed packages. Plus ~ already includes minor releases.
Here's a package.json file:
{
"name": "test_npm_check_updates",
"version": "1.0.0",
"description": "Demo of updating only point version",
"author": "",
"license": "WTFPL",
"dependencies": {
"eslint": "~5.15.3",
"react": "~16.8.3"
}
}
Here's the output of ncu:
> ncu
Checking /Users/dlj/projects/test2/package.json
[====================] 2/2 100%
eslint ~5.15.3 โ ~6.2.2
react ~16.8.3 โ ~16.9.0
Run ncu -u to upgrade package.json
I was assuming that running with --semverLevel=minor would make it recommend eslint be updated to 5.16.0 since that's the latest minor version update, but it outputs that everything is up to date.
Thank you for posting the additional information! I see what you mean now. Rather than --semverLevel, you're looking for something akin to --greatest and --newest but limiting the version of upgraded dependencies to minor. I am certainly open to this as a PR. ~To motivate it as an internal priority, I would need a ๐ from several others to indicate general interest.~
For many, using ^ instead of ~ in order to take advantage of the built-in npm update will be sufficient.
Hello! I'm dropping in to give a ๐ and describe my use-case a little differently: my project vendors our dependencies, meaning we basically bundle up our dependencies as tarballs and commit them to version control.
We do this for a few reasons (not dependent on any registry being alive, inclusion of private code without worrying about registry credentials in all envs), but it has the added effect of saving exact versions. Here's the library we use, my-precious, if you're curious.
Because we store those tarballs, when we run npm install it installs from those, ignoring any ^ semver rules and acting as if we had pinned to an exact version. So even a minor/patch update requires a manual update. npm update does definitely do the trick, but it doesn't have an interactive mode or as nice an experience.
Hope that helps!
Dropping in to give a ๐ have the exact requirement as @daveisfera
The best way for this to get done would be through a PR. I would be happy to support anyone who has a good plan and wants to try to implement this feature.
Hello,
it would be great to be able to get only minor or major upgrades, or to sort packages and displaying major first then minor.
Most helpful comment
Here's a
package.jsonfile:Here's the output of
ncu:I was assuming that running with
--semverLevel=minorwould make it recommendeslintbe updated to5.16.0since that's the latest minor version update, but it outputs that everything is up to date.