# raineorshine/npm-check-updates **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/raineorshine-npm-check-updates).** 10,146 stars · 355 forks · TypeScript · other ## Links - GitHub: https://github.com/raineorshine/npm-check-updates - awesome-repositories: https://awesome-repositories.com/repository/raineorshine-npm-check-updates.md ## Topics `npm` `npm-check-updates` ## Description npm-check-updates is a command line utility and programmatic module used to check for newer versions of npm packages and update project manifest files. It functions as a registry client and semantic version manager that upgrades package constraints to the latest releases. The tool distinguishes itself by including supply chain security features, such as a release cooldown period and package ownership tracking, to prevent the adoption of unstable or malicious new releases. It also provides a programmatic API for integrating dependency checks and upgrades directly into custom scripts. Broad capabilities include automated dependency upgrades, recursive manifest scanning for monorepos, and interactive package selection. The tool supports version target specification via distribution tags, peer dependency compatibility validation, and filtering via regular expressions or organization scopes. It can also fetch version data from custom registries or local JSON mirrors. ## Tags ### Development Tools & Productivity - [Package Dependency Managers](https://awesome-repositories.com/f/development-tools-productivity/package-dependency-managers.md) — Checks for newer versions of npm packages and updates project manifest files to the latest releases. - [Outdated Version Detection](https://awesome-repositories.com/f/development-tools-productivity/project-version-managers/outdated-version-detection.md) — Identifies updates for dependencies that exceed the version ranges specified in the project manifest. ([source](https://github.com/raineorshine/npm-check-updates/blob/main/package.json)) - [Package Registry Integrations](https://awesome-repositories.com/f/development-tools-productivity/dependency-managers/package-registry-integrations.md) — Retrieves the latest package versions by querying a remote package registry or local JSON mirrors. - [Manifest-Driven Dependency Managers](https://awesome-repositories.com/f/development-tools-productivity/manifest-driven-dependency-managers.md) — Parses project configuration files to compare installed dependency versions against remote registry data. - [Automated Dependency Updaters](https://awesome-repositories.com/f/development-tools-productivity/package-dependency-managers/automated-dependency-updaters.md) — Identifies newer versions of dependencies and updates the manifest files according to selected target rules. ([source](https://github.com/raineorshine/npm-check-updates#readme)) - [Recursive Manifest Scanning](https://awesome-repositories.com/f/development-tools-productivity/package-dependency-managers/automated-dependency-updaters/recursive-manifest-scanning.md) — Scans the working directory for all manifest files to update dependencies across multiple projects simultaneously. ([source](https://github.com/raineorshine/npm-check-updates/blob/main/CHANGELOG.md)) - [Package Registry Clients](https://awesome-repositories.com/f/development-tools-productivity/package-registry-clients.md) — Fetches package version data from the npm registry or custom JSON files to identify available updates. - [Package Upgraders](https://awesome-repositories.com/f/development-tools-productivity/package-upgraders.md) — Upgrades versions in a package file to the latest available releases while preserving semantic versioning policies. ([source](https://github.com/raineorshine/npm-check-updates#readme)) - [Semver Constraint Filtering](https://awesome-repositories.com/f/development-tools-productivity/semver-constraint-filtering.md) — Filters potential updates using semantic versioning rules to restrict upgrades to specific ranges like patches or minors. - [Version Constraints](https://awesome-repositories.com/f/development-tools-productivity/version-constraints.md) — Allows restricting version upgrades to specific semantic ranges, such as only applying patches or minor updates. ([source](https://github.com/raineorshine/npm-check-updates/blob/main/README.md)) - [Update Execution APIs](https://awesome-repositories.com/f/development-tools-productivity/link-management/programmatic-infrastructure/update-execution-apis.md) — Provides a programmatic interface allowing developers to execute dependency checks and upgrades within custom scripts. ([source](https://github.com/raineorshine/npm-check-updates/blob/main/README.md)) - [Dependency Scope Targeting](https://awesome-repositories.com/f/development-tools-productivity/package-dependency-managers/automated-dependency-updaters/dependency-scope-targeting.md) — Limits update checks to specific sections of the manifest, such as production or development dependencies. ([source](https://github.com/raineorshine/npm-check-updates/blob/main/CHANGELOG.md)) - [Dependency Update Cooldowns](https://awesome-repositories.com/f/development-tools-productivity/package-dependency-managers/automated-dependency-updaters/dependency-update-cooldowns.md) — Prevents the adoption of new versions by requiring they meet a minimum publication age to ensure stability. - [Programmatic Update APIs](https://awesome-repositories.com/f/development-tools-productivity/package-dependency-managers/automated-dependency-updaters/programmatic-update-apis.md) — Provides a programmatic module for integrating version check and upgrade logic into automated workflows. - [Update Candidate Filtering](https://awesome-repositories.com/f/development-tools-productivity/package-dependency-managers/automated-dependency-updaters/update-candidate-filtering.md) — Includes or excludes specific packages from the update process using strings, regex, or custom functions. ([source](https://github.com/raineorshine/npm-check-updates/blob/main/README.md)) - [Update Exclusion Filters](https://awesome-repositories.com/f/development-tools-productivity/package-dependency-managers/update-exclusion-filters.md) — Provides flags and filters to prevent specific dependencies from being updated in the project manifest. ([source](https://github.com/raineorshine/npm-check-updates#readme)) - [Interactive Update Selection](https://awesome-repositories.com/f/development-tools-productivity/package-upgraders/interactive-update-selection.md) — Provides a user interface to manually choose which specific dependencies should be upgraded. ([source](https://github.com/raineorshine/npm-check-updates#readme)) - [Iterative Test Execution](https://awesome-repositories.com/f/development-tools-productivity/package-upgraders/iterative-test-execution.md) — Installs updates and runs test suites sequentially to identify which specific package change causes a build failure. - [Provenance Tracking](https://awesome-repositories.com/f/development-tools-productivity/package-upgraders/provenance-tracking.md) — Verifies if the publisher of a package has changed between versions to detect potential account takeovers. ([source](https://github.com/raineorshine/npm-check-updates/blob/main/CHANGELOG.md)) - [Release Cooldowns](https://awesome-repositories.com/f/development-tools-productivity/release-management/release-cooldowns.md) — Prevents the adoption of very recent releases by requiring a minimum publication age to ensure stability. ([source](https://github.com/raineorshine/npm-check-updates/blob/main/CHANGELOG.md)) ### DevOps & Infrastructure - [Dependency Analysis](https://awesome-repositories.com/f/devops-infrastructure/dependency-management/analysis-visualization-tools/dependency-analysis.md) — Identifies outdated dependencies by comparing current versions against the latest available versions in a registry. ([source](https://github.com/raineorshine/npm-check-updates/blob/main/README.md)) - [Semantic Versioning Systems](https://awesome-repositories.com/f/devops-infrastructure/dependency-management/version-compatibility-management/semantic-versioning-systems.md) — Upgrades package constraints to the latest releases while strictly respecting semantic versioning rules. - [Package Scope Filtering](https://awesome-repositories.com/f/devops-infrastructure/dependency-management/environment-scoping-controls/dependency-scoping/package-scope-filtering.md) — Uses wildcards or regular expressions to filter updates for specific packages and organization scopes. ([source](https://github.com/raineorshine/npm-check-updates/blob/main/CHANGELOG.md)) - [Dependency Aliasing](https://awesome-repositories.com/f/devops-infrastructure/dependency-management/resolution-mapping-systems/dependency-aliasing.md) — Resolves and updates dependency versions specified via GitHub URLs or package aliases. ([source](https://github.com/raineorshine/npm-check-updates/blob/main/CHANGELOG.md)) - [Version and Compatibility Management](https://awesome-repositories.com/f/devops-infrastructure/dependency-management/version-compatibility-management.md) — Ensures updated packages remain compatible with the peer dependency constraints of other installed modules. ([source](https://github.com/raineorshine/npm-check-updates#readme)) - [Supply Chain Security](https://awesome-repositories.com/f/devops-infrastructure/supply-chain-security.md) — Mitigates supply chain risks by preventing the adoption of very recent, potentially unstable or malicious releases. ### Security & Cryptography - [Supply Chain](https://awesome-repositories.com/f/security-cryptography/security/supply-chain.md) — Implements security mechanisms to mitigate supply chain attacks by filtering unstable or malicious new releases. ([source](https://github.com/raineorshine/npm-check-updates#readme)) - [Software Supply Chain Security](https://awesome-repositories.com/f/security-cryptography/software-supply-chain-security.md) — Protects the development pipeline by filtering out very recent releases to avoid unstable or compromised packages. ### Software Engineering & Architecture - [Recursive Manifest Scanning](https://awesome-repositories.com/f/software-engineering-architecture/dependency-manifests/recursive-manifest-scanning.md) — Traverses the directory tree to find and update multiple manifest files across monorepos or complex project structures. - [Monorepo Dependency Auditing](https://awesome-repositories.com/f/software-engineering-architecture/monorepo-dependency-auditing.md) — Identifies outdated dependencies and checks for new releases across multiple projects in a workspace. - [Manifest File Discovery](https://awesome-repositories.com/f/software-engineering-architecture/recursive-validation-engines/recursive-tree-traversers/file-system-traversers/manifest-file-discovery.md) — Traverses the file system to locate and update multiple manifest files across a monorepo structure. - [Distribution Tag Targeting](https://awesome-repositories.com/f/software-engineering-architecture/configuration-versioning/server-versioning/version-selection-interfaces/distribution-tag-targeting.md) — Selects the upgrade version based on criteria such as distribution tags or specific release tags. ([source](https://github.com/raineorshine/npm-check-updates#readme)) ### Data & Databases - [Package Selection Filters](https://awesome-repositories.com/f/data-databases/data-query-filters/regex-filters/package-selection-filters.md) — Uses regular expressions and wildcards to include or exclude specific packages or organization scopes from the update process. ### Testing & Quality Assurance - [Update Regression Testing](https://awesome-repositories.com/f/testing-quality-assurance/update-regression-testing.md) — Installs upgrades and runs tests iteratively to identify which specific package update causes a build or test failure. ([source](https://github.com/raineorshine/npm-check-updates/blob/main/CHANGELOG.md)) ### Part of an Awesome List - [Package Management](https://awesome-repositories.com/f/awesome-lists/devtools/package-management.md) — Checks for dependency updates.