Looks like npm-check-updatesis the only way to make this happen now.

看起来npm-check-updates是现在实现这一目标的唯一方法。

npm i -g npm-check-updates
ncu -u
npm install

On npm <3.11:

在 npm <3.11 上：

Simply change every dependency's version to *, then run npm update --save. (Note:broken in recent (3.11) versions of npm).

只需将每个依赖项的版本更改为*，然后运行npm update --save。（注意：在最近 (3.11) 版本的 npm 中损坏了）。

Before:

前：

  "dependencies": {
    "express": "*",
    "mongodb": "*",
    "underscore": "*",
    "rjs": "*",
    "jade": "*",
    "async": "*"
  }

After:

后：

  "dependencies": {
    "express": "~3.2.0",
    "mongodb": "~1.2.14",
    "underscore": "~1.4.4",
    "rjs": "~2.10.0",
    "jade": "~0.29.0",
    "async": "~0.2.7"
  }

Of course, this is the blunt hammer of updating dependencies. It's fine if—as you said—the project is empty and nothing can break.

当然，这是更新依赖的钝锤。如果 - 正如你所说的 - 项目是空的，没有什么可以破坏的，那很好。

On the other hand, if you're working in a more mature project, you probably want to verify that there are no breaking changes in your dependencies before upgrading.

另一方面，如果您在一个更成熟的项目中工作，您可能希望在升级之前验证您的依赖项中没有重大更改。

To see which modules are outdated, just run npm outdated. It will list any installed dependencies that have newer versions available.

要查看哪些模块已过时，只需运行npm outdated. 它将列出具有更新版本可用的所有已安装依赖项。

npm-check-updatesis a utility that automatically adjusts a package.json with the latest version of all dependencies

npm-check-updates是一个实用程序，可以自动调整 package.json 与所有依赖项的最新版本

see https://www.npmjs.org/package/npm-check-updates

见https://www.npmjs.org/package/npm-check-updates

$ npm install -g npm-check-updates
$ ncu -u
$ npm install 

[EDIT] A slightly less intrusive (avoids a global install) way of doing this if you have a modern version of npmis:

[编辑] 如果您使用的是现代版本，npm则一种稍微不那么侵入性（避免全局安装）的方法是：

$ npx npm-check-updates -u
$ npm install 

Updated for latest NPM

更新了最新的 NPM

npm 2+ (Node 0.12+):

npm 2+（节点 0.12+）：

npm outdated
npm update
git commit package-lock.json

Ancient npm (circa 2014):

古代 npm（大约 2014 年）：

npm install -g npm-check-updates
npm-check-updates
npm shrinkwrap
git commit package-lock.json

Be sure to shrinkwrap your deps, or you may wind up with a dead project. I pulled out a project the other day and it wouldn't run because my deps were all out of date/updated/a mess. If I'd shrinkwrapped, npm would have installed exactly what I needed.

一定要对你的 deps 进行收缩包装，否则你可能会以一个死项目告终。前几天我退出了一个项目，但它无法运行，因为我的 deps 已经过时/更新/一团糟。如果我收缩包装，npm 就会安装我需要的东西。

Details

细节

For the curious who make it this far, here is what I recommend:

对于已经走到这一步的好奇的人，这是我的建议：

Use npm-check-updatesor npm outdatedto suggest the latest versions.

使用npm-check-updates或npm outdated来建议最新版本。

# `outdated` is part of newer npm versions (2+)
$ npm outdated
# If you agree, update.  
$ npm update

#       OR

# Install and use the `npm-check-updates` package.
$ npm install -g npm-check-updates
# Then check your project
$ npm-check-updates
# If you agree, update package.json.
$ npm-check-updates -u

Then do a clean install (w/o the rm I got some dependency warnings)

然后进行全新安装（没有 rm 我收到了一些依赖警告）

$ rm -rf node_modules
$ npm install 

Lastly, save exact versions to npm-shrinkwrap.jsonwith npm shrinkwrap

最后，将精确版本保存到npm-shrinkwrap.jsonwithnpm shrinkwrap

$ rm npm-shrinkwrap.json
$ npm shrinkwrap

Now, npm installwill now use exact versions in npm-shrinkwrap.json

现在，现在npm install将使用确切的版本npm-shrinkwrap.json

If you check npm-shrinkwrap.jsoninto git, all installs will use the exact same versions.

如果您签npm-shrinkwrap.json入 git，所有安装都将使用完全相同的版本。

This is a way to transition out of development (all updates, all the time) to production (nobody touch nothing).

这是一种从开发（所有更新，一直）过渡到生产（没有人接触任何东西）的方法。

• npm outdated

• npm-check-updates

• npm shrinkwrap

• npm 过时了

• npm 检查更新

• npm 收缩包装

p.s. Yarn is sending your package list to Facebook.

ps Yarn 正在将您的包裹清单发送至 Facebook。

To update onedependency to its lastest version without having to manually open the package.jsonand change it, you can run

要将一个依赖项更新到其最新版本而无需手动打开package.json和更改它，您可以运行

npm install {package-name}@* {save flags?}

i.e.

IE

npm install express@* --save

For reference, npm-install

作为参考，npm-install

As noted by user Vespakoenon a rejected edit, it's also possible to update multiple packages at once this way:

正如用户Vespakoen在被拒绝的编辑中指出的那样，也可以通过这种方式一次更新多个包：

npm install --save package-nave@* other-package@* whatever-thing@*

He also apports a one-liner for the shell based on npm outdated. See the editfor code and explanation.

他还为基于npm outdated. 请参阅代码和解释的编辑。

PS: I also hate having to manually edit package.jsonfor things like that ;)

PS：我也讨厌必须手动编辑这样package.json的东西;)

If you happen to be using Visual Studio Codeas your IDE, this is a fun little extension to make updating package.jsona one click process.

如果你碰巧使用Visual Studio Code作为你的 IDE，这是一个有趣的小扩展，可以让更新package.json一键完成。

Version Lens

版本镜头

This works as of npm 1.3.15.

这适用于 npm 1.3.15。

"dependencies": {
  "foo": "latest"
}

1. Use *as the version for the latest releases, including unstable
2. Use latestas version definition for the latest stable version
3. Modify the package.json with exactly the latest stable version number using LatestStablePackages

1. 使用*的版本为最新版本，包括不稳定
2. 使用latest的版本定义了最新的稳定版本
3. 使用最新的稳定版本号修改 package.json LatestStablePackages

Here is an example:

下面是一个例子：

"dependencies": {
        "express": "latest"  // using the latest STABLE version
    ,   "node-gyp": "latest"    
    ,   "jade": "latest"
    ,   "mongoose": "*" // using the newest version, may involve the unstable releases
    ,   "cookie-parser": "latest"
    ,   "express-session": "latest"
    ,   "body-parser": "latest"
    ,   "nodemailer":"latest"
    ,   "validator": "latest"
    ,   "bcrypt": "latest"
    ,   "formidable": "latest"
    ,   "path": "latest"
    ,   "fs-extra": "latest"
    ,   "moment": "latest"
    ,   "express-device": "latest"
},

The only caveat I have found with the best answer above is that it updates the modules to the latest version. This means it could update to an unstable alpha build.

我发现上述最佳答案的唯一警告是它将模块更新到最新版本。这意味着它可能会更新为不稳定的 alpha 版本。

I would use that npm-check-updates utility. My group used this tool and it worked effectively by installing the stable updates.

我会使用那个 npm-check-updates 实用程序。我的小组使用了这个工具，它通过安装稳定的更新而有效地工作。

As Etienne stated above: install and run with this:

正如 Etienne 上面所说：安装并运行：

$ npm install -g npm-check-updates
$ npm-check-updates -u
$ npm install 

To see which packages have newer versions available, then use the following command:

要查看哪些软件包有较新版本可用，请使用以下命令：

npm outdated

to update just onedependency just use the following command:

要仅更新一个依赖项，只需使用以下命令：

npm install yourPackage@latest --save

For example:

例如：

My package.jsonfile has dependency:

我的package.json文件有依赖性：

"@progress/kendo-angular-dateinputs": "^1.3.1",

then I should write:

那我应该写：

npm install @progress/kendo-angular-dateinputs@latest --save

I really like how npm-upgradeworks. It is a simple command line utility that goes through all of your dependencies and lets you see the current version compared to the latest version and update if you want.

我真的很喜欢npm-upgrade 的工作方式。它是一个简单的命令行实用程序，它遍历您的所有依赖项，并让您查看当前版本与最新版本的比较，并根据需要进行更新。

Here is a screenshot of what happens after running npm-upgradein the root of your project (next to the package.jsonfile):

这是npm-upgrade在项目的根目录（package.json文件旁边）中运行后发生的情况的屏幕截图：

For each dependency you can choose to upgrade, ignore, view the changelog, or finish the process. It has worked great for me so far.

对于每个依赖项，您可以选择升级、忽略、查看更改日志或完成该过程。到目前为止，它对我来说效果很好。

EDIT: To be clear this is a third party package that needs to be installed before the command will work. It does not come with npm itself:

编辑：需要明确的是，这是一个需要在命令工作之前安装的第三方软件包。它本身不带有 npm：

npm install -g npm-upgrade

Then from the root of a project that has a package.json file:

然后从具有 package.json 文件的项目的根目录：

npm-upgrade