npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

upgradeps

v2.1.1

Published

Audit and upgrade all dependencies in package.json.

Downloads

33,884

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

lroperolropero

Keywords

auditdependenciesmodulespackagessemverupdateupgrade

Readme

upgradeps · npm version Project Status: Active – The project has reached a stable, usable state and is being actively developed.

Audit and upgrade all dependencies in package.json.

upgradeps is a small command-line tool that inspects the dependencies declared in your package.json file, compares them with the latest versions published on the npm registry, and optionally updates package.json for you.

upgradeps screenshot

Features

  • Works as a dry run by default, never changing files unless explicitly told to.
  • Supports all standard dependency groups: dependencies, devDependencies, peerDependencies, optionalDependencies, bundledDependencies.
  • Lets you restrict upgrades to minor and patch versions only.
  • Can remove semver ^ carets and lock your package.json to exact versions.
  • Can use npm or yarn as the package manager.
  • Supports a simple JSON configuration file so you do not have to repeat flags.

Quick start

From the root of a Node project:

  1. Audit dependencies without changing anything:
npx upgradeps
  1. Apply all available upgrades:
npx upgradeps -u
  1. Apply upgrades and remove ^ carets:
npx upgradeps -u -f
  1. Upgrade only minor and patch versions:
npx upgradeps -u -m

CLI usage

upgradeps is intended to be used via npx:

npx upgradeps [options]

-f / --fixed

Remove the ^ caret symbol from versions when upgrading, turning ranges into fixed versions.

This flag has an effect only when used together with -u.

npx upgradeps -u -f

-g / --groups

Comma-separated list of dependency groups to process.

Available groups:

  • bundledDependencies
  • dependencies
  • devDependencies
  • optionalDependencies
  • peerDependencies

If omitted, all groups present in package.json are processed.

npx upgradeps -g dependencies,devDependencies

-m / --minor

Process only minor and patch updates, ignoring major version bumps.

Use this when you want safe, non-breaking upgrades.

npx upgradeps -m

-r / --registry

Use a custom npm registry URL.

npx upgradeps -r https://registry.npmjs.org

-s / --skip

Comma-separated list of package names that should never be upgraded.

This is useful when a dependency is pinned for compatibility reasons.

npx upgradeps -u -s react,react-dom

-u / --upgrade

Modify package.json in place, writing upgraded versions back to each dependency group.

Without this flag, upgradeps only prints a report.

npx upgradeps -u

-v / --verbose

Print information about all dependencies (including those that are already at their latest version).

npx upgradeps -v

-y / --yarn

Use yarn instead of npm when running install commands during an upgrade.

npx upgradeps -u -y

Configuration file

Instead of repeating the same flags, you can add a .upgradeps.json file next to your package.json to define default behavior.

If you run upgradeps without any options, .upgradeps.json is loaded (if it exists) and its values are used (with built-in defaults where needed). If you pass any CLI options, .upgradeps.json is ignored for that run and only CLI flags + defaults are used.

Example .upgradeps.json

{
  "fixed": false,
  "groups": ["dependencies", "devDependencies"],
  "minor": false,
  "registry": "",
  "skip": ["react", "react-dom"],
  "upgrade": false,
  "verbose": false,
  "yarn": false
}

Available options

All properties are optional. When a property is omitted, its default is used.

  • fixed (boolean): Remove ^ carets when upgrading. Default: false
  • groups (array of strings): Specify dependency groups to process. Default: [] (all supported groups present in package.json)
  • minor (boolean): Process only minor and patch updates. Default: false
  • registry (string): Set custom npm registry URL. Default: ""
  • skip (array of strings): Packages to skip during upgrade. Default: [] (none)
  • upgrade (boolean): Automatically upgrade package.json. Default: false
  • verbose (boolean): Print information for latest dependencies as well. Default: false
  • yarn (boolean): Use yarn instead of npm. Default: false

CLI vs config

  • Running upgradeps with no options uses .upgradeps.json (if present) + built-in defaults.
  • Running upgradeps with one or more options uses only CLI flags + built-in defaults (.upgradeps.json is ignored for that run).

In other words, .upgradeps.json is for plain runs with no flags (as soon as you pass options, you're opting into a fully CLI-driven run).

Tips

  • Run a dry audit first (without -u) to see what will change.
  • Commit your package.json and lockfile before running upgradeps so you can easily revert if needed.
  • Combine -m with -u to perform safe, incremental updates on large projects.

License

ISC

Links

  • npm package page: https://www.npmjs.com/package/upgradeps
  • Repository and issue tracker: https://github.com/lropero/upgradeps