How to update each dependency in package.json to the latest version? – Dev

The best answers to the question “How to update each dependency in package.json to the latest version?” in the category Dev.


I copied package.json from another project and now want to bump all of the dependencies to their latest versions since this is a fresh project and I don’t mind fixing something if it breaks.

What’s the easiest way to do this?

The best way I know is to run npm info express version then update each dependency in package.json manually. There must be a better way.

  "name": "myproject",
  "description": "my node project",
  "version": "1.0.0",
  "engines": {
    "node": "0.8.4",
    "npm": "1.1.65"
  "private": true,
  "dependencies": {
    "express": "~3.0.3", // how do I get these bumped to latest?
    "mongodb": "~1.2.5",
    "underscore": "~1.4.2",
    "rjs": "~2.9.0",
    "jade": "~0.27.2",
    "async": "~0.1.22"

For Yarn specific solutions refer to this Stack Overflow thread.


npm-check-updates is a utility that automatically adjusts a package.json with the
latest version of all dependencies


$ npm install -g npm-check-updates
$ ncu -u
$ npm install 

[EDIT] A slightly less intrusive (avoids a global install) way of doing this if you have a modern version of npm is:

$ npx npm-check-updates -u
$ npm install 


Looks like npm-check-updates is the only way to make this happen now.

npm i -g npm-check-updates
ncu -u
npm install

On npm <3.11:

Simply change every dependency’s version to *, then run npm update --save. (Note: broken in recent (3.11) versions of npm).


  "dependencies": {
    "express": "*",
    "mongodb": "*",
    "underscore": "*",
    "rjs": "*",
    "jade": "*",
    "async": "*"


  "dependencies": {
    "express": "~3.2.0",
    "mongodb": "~1.2.14",
    "underscore": "~1.4.4",
    "rjs": "~2.10.0",
    "jade": "~0.29.0",
    "async": "~0.2.7"

Of course, this is the blunt hammer of updating dependencies. It’s fine if—as you said—the project is empty and nothing can break.

On the other hand, if you’re working in a more mature project, you probably want to verify that there are no breaking changes in your dependencies before upgrading.

To see which modules are outdated, just run npm outdated. It will list any installed dependencies that have newer versions available.

For Yarn specific solution, refer to this StackOverflow answer.


To update one dependency to its lastest version without having to manually open the package.json and change it, you can run

npm install {package-name}@* {save flags?}


npm install [email protected]* --save

For reference, npm-install

Update: Recent versions may need latest flag instead, i.e. npm install [email protected]

As noted by user Vespakoen on a rejected edit, it’s also possible to update multiple packages at once this way:

npm install --save [email protected]* [email protected]* [email protected]*

He also apports a one-liner for the shell based on npm outdated. See the edit for code and explanation.

PS: I also hate having to manually edit package.json for things like that 😉


Updated for npm v2+

npm 2+ (Node 0.12+):

npm outdated
npm update
git commit package-lock.json

Ancient npm (circa 2014):

npm install -g npm-check-updates
npm shrinkwrap
git commit package-lock.json

Be sure to shrinkwrap your deps, or you may wind up with a dead project. I pulled out a project the other day and it wouldn’t run because my deps were all out of date/updated/a mess. If I’d shrinkwrapped, npm would have installed exactly what I needed.


For the curious who make it this far, here is what I recommend:

Use npm-check-updates or npm outdated to suggest the latest versions.

# `outdated` is part of newer npm versions (2+)
$ npm outdated
# If you agree, update.  
$ npm update

#       OR

# Install and use the `npm-check-updates` package.
$ npm install -g npm-check-updates
# Then check your project
$ npm-check-updates
# If you agree, update package.json.
$ npm-check-updates -u

###Then do a clean install (w/o the rm I got some dependency warnings)

$ rm -rf node_modules
$ npm install 

Lastly, save exact versions to npm-shrinkwrap.json with npm shrinkwrap

$ rm npm-shrinkwrap.json
$ npm shrinkwrap

Now, npm install will now use exact versions in npm-shrinkwrap.json

If you check npm-shrinkwrap.json into git, all installs will use the exact same versions.

This is a way to transition out of development (all updates, all the time) to production (nobody touch nothing).

  • npm outdated

  • npm-check-updates

  • npm shrinkwrap

p.s. Yarn is sending your package list to Facebook.