npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@a_jackie_z/packages-updater

v1.1.2

Published

A non-interactive CLI tool to automatically update dependencies, build, and publish npm packages

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

sanglusanglu

Keywords

npmpackageupdaterdependenciesautomationclipublishmonorepo

Readme

@a_jackie_z/packages-updater

A non-interactive CLI tool to automatically update dependencies to their latest versions, build, and publish npm packages. Perfect for maintaining monorepos and automating package releases.

✨ Features

  • 🚀 Non-interactive - Fully automated, no prompts or user input required
  • 📦 Generic - Works with any npm package or monorepo structure
  • Fast - Processes multiple packages efficiently
  • 🔄 Smart Updates - Always updates to the latest stable versions
  • 🏗️ Auto Build - Automatically builds packages if build script exists
  • 📤 Auto Publish - Publishes to npm registry (skips private packages)
  • 🎯 Validation First - Validates all paths before making any changes
  • 🔍 Dry Run Mode - Preview all changes without modifying anything
  • 🎨 Beautiful Output - Colored console output with progress indicators
  • 🤖 CI/CD Ready - Automatically adapts output for CI environments

📦 Installation

No installation needed! Use directly with npx:

npx @a_jackie_z/packages-updater process <paths...>

Or install globally:

npm install -g @a_jackie_z/packages-updater

🚀 Quick Start

Process a Single Package

# Update dependencies, bump version, build and publish
npx @a_jackie_z/packages-updater process ./my-package

Process Multiple Packages

# Update multiple packages at once
npx @a_jackie_z/packages-updater process ./packages/core ./packages/utils ./packages/cli

Preview Changes (Dry Run)

# See what would be updated without making changes
npx @a_jackie_z/packages-updater process ./my-package --dry-run

📖 Usage Examples

Basic Usage

# Process a single package with default settings (patch bump)
npx @a_jackie_z/packages-updater process ./packages/my-lib

# Process multiple packages
npx @a_jackie_z/packages-updater process ./pkg-1 ./pkg-2 ./pkg-3

Version Bumping

# Bump patch version (1.0.0 -> 1.0.1) - DEFAULT
npx @a_jackie_z/packages-updater process ./my-package --bump patch

# Bump minor version (1.0.0 -> 1.1.0)
npx @a_jackie_z/packages-updater process ./my-package --bump minor

# Bump major version (1.0.0 -> 2.0.0)
npx @a_jackie_z/packages-updater process ./my-package --bump major

Skip Build or Publish

# Update dependencies and bump version, but skip building
npx @a_jackie_z/packages-updater process ./my-package --skip-build

# Update and build, but don't publish to npm
npx @a_jackie_z/packages-updater process ./my-package --skip-publish

# Skip both build and publish (just update dependencies)
npx @a_jackie_z/packages-updater process ./my-package --skip-build --skip-publish

Monorepo Example

# Update all packages in a monorepo with minor version bump
npx @a_jackie_z/packages-updater process \
  ./packages/config \
  ./packages/logger \
  ./packages/utils \
  ./packages/core \
  --bump minor

# Or use shell glob (bash/zsh)
npx @a_jackie_z/packages-updater process ./packages/* --bump minor

Dry Run Examples

# Preview what would be updated in a single package
npx @a_jackie_z/packages-updater process ./my-package --dry-run

# Preview updates for all packages with minor bump
npx @a_jackie_z/packages-updater process ./packages/* --dry-run --bump minor

# Preview without publishing
npx @a_jackie_z/packages-updater process ./my-package --dry-run --skip-publish

CI/CD Integration

# In GitHub Actions, CircleCI, etc.
npx @a_jackie_z/packages-updater process ./packages/core --bump patch

# Update and publish, skip if no changes
npx @a_jackie_z/packages-updater process ./packages/* || echo "No updates needed"

🔧 Command Options

| Option | Type | Default | Description | |--------|------|---------|-------------| | <paths...> | string[] | required | Package directory paths to process | | --dry-run | boolean | false | Preview changes without modifying files | | --skip-build | boolean | false | Skip the build step | | --skip-publish | boolean | false | Skip publishing to npm | | --bump <type> | string | patch | Version bump type: patch, minor, or major |

🔄 What It Does

For each package path provided, the tool automatically:

  1. ✅ Validates Path - Checks if the path exists and contains a valid package.json
  2. 🔍 Checks Dependencies - Uses npm-check-updates to find outdated dependencies
  3. 📦 Updates Dependencies - Automatically updates all dependencies to their latest versions
  4. 🔢 Bumps Version - Increments the package version (patch/minor/major)
  5. ⚙️ Installs - Runs npm install to update the lockfile
  6. 🏗️ Builds - Runs npm run build if a build script exists
  7. 📤 Publishes - Runs npm publish (automatically skips private packages and existing versions)

📊 Output Example

With Dependency Updates

$ npx @a_jackie_z/packages-updater process ./packages/core ./packages/utils

✓ Validated 2 package path(s)

ℹ Processing 2 package(s)...

✓ @my-scope/core: Found updates
  Production Dependencies:
    • lodash
      ^4.17.20 → ^4.17.21
    • axios
      ^1.5.0 → ^1.6.2
  Dev Dependencies:
    • typescript
      ^5.3.0 → ^5.4.5

✓ @my-scope/core: Updated 1.0.0 → 1.0.1 ✓ Published

✓ @my-scope/utils: Found updates
  Production Dependencies:
    • date-fns
      ^2.30.0 → ^3.3.1

✓ @my-scope/utils: Updated 2.1.3 → 2.1.4 ✓ Published

Summary:
ℹ Total packages: 2
✓ Updated: 2
ℹ Total dependencies updated: 4

  Breakdown by package:
    @my-scope/core: 3 dependencies
    @my-scope/utils: 1 dependency

Without Dependency Updates (But Unpublished Version)

$ npx @a_jackie_z/packages-updater process ./my-package

✓ Validated 1 package path(s)
ℹ Processing 1 package(s)...

✓ my-package: No dependency updates, but version not published
ℹ Publishing [email protected]...
(2FA code may be required)

✓ my-package: 1.2.0 (no updates) ✓ Published

Summary:
ℹ Total packages: 1
✓ Updated: 0

🚦 Exit Codes

  • 0 - All packages processed successfully
  • 1 - Validation failed or one or more packages failed to process

📋 Requirements

  • Node.js >= 18.0.0
  • npm (comes with Node.js)
  • npm login - Must be logged in to npm to publish packages
    # Check if logged in
npm whoami
  
# Login if needed
npm login
  • 2FA Support - The tool supports npm's two-factor authentication
    • You'll be prompted for your OTP code during publishing
    • Make sure you have access to your authenticator app

🎯 Use Cases

Local Development

# Quick update before releasing
npx @a_jackie_z/packages-updater process ./my-package

Monorepo Maintenance

# Update all packages in workspace
npx @a_jackie_z/packages-updater process ./packages/* --bump minor

CI/CD Pipeline

# GitHub Actions example
- name: Update and publish packages
  run: npx @a_jackie_z/packages-updater process ./packages/core
  env:
    NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

Batch Updates

# Update multiple independent packages
npx @a_jackie_z/packages-updater process \
  ~/projects/lib-a \
  ~/projects/lib-b \
  ~/projects/lib-c \
  --bump patch

🔧 Troubleshooting

Publishing Issues

"Not logged in to npm"

# Login to npm
npm login

# Verify you're logged in
npm whoami

2FA Code Not Working

  • Make sure you're entering the current OTP code from your authenticator app
  • Wait for the next code if the current one is about to expire
  • Ensure your system time is synchronized

"Version already published"

  • The tool automatically checks and skips already published versions
  • If you need to republish, manually unpublish first: npm unpublish package@version

CI/CD Publishing

# Set npm token in CI environment
export NPM_TOKEN=your-token-here

# Create .npmrc for CI
echo "//registry.npmjs.org/:_authToken=\${NPM_TOKEN}" > ~/.npmrc

🤔 FAQ

Q: Do I need to be logged in to npm?
A: Yes! Run npm login before using the tool. The tool will check and inform you if you're not logged in.

Q: Does it support 2FA (two-factor authentication)?
A: Yes! The tool allows interactive input during publishing, so you can enter your OTP code when prompted by npm.

Q: Will it update dependencies that have breaking changes?
A: Yes, it updates to the latest versions. Use --dry-run to review changes first.

Q: What if a package is already published?
A: The tool automatically checks if the version exists and skips publishing.

Q: Does it work with private packages?
A: Yes! Private packages are automatically skipped during the publish step.

Q: Can I use it in CI/CD?
A: Yes, but you'll need to configure npm authentication in your CI environment using NPM_TOKEN.

Q: What if there are no outdated dependencies?
A: The tool will skip the package and report "No updates needed".

📝 License

MIT

👤 Author

Sang Lu
Email: [email protected]
GitHub: @a-jackie-z

🔗 Links

Made with ❤️ for the npm community