npm/pnpm/yarn

Packages Commands

List, update, and audit installed packages. Find outdated dependencies, check for security vulnerabilities, and manage package versions across your project.

12 commands

Pro Tips

Use 'npm outdated' to see which packages have newer versions available — shows current, wanted, and latest.

Use 'npm ls --depth=0' for a clean top-level view of installed packages without the full dependency tree.

Use 'npm explain pkg' to see why a package is installed and what depends on it.

Common Mistakes

Running 'npm update' respects semver ranges in package.json. Major version updates need 'npm install pkg@latest' explicitly.

Deleting node_modules and reinstalling fixes many issues but is slow. Try 'npm cache clean --force' first.

Commands

Update package

$ npm update <package>

Update package to latest allowed version.

Check outdated

$ npm outdated

Show packages with newer versions available.

Security audit

$ npm audit

Scan for security vulnerabilities.

Fix vulnerabilities

$ npm audit fix

Auto-fix security vulnerabilities.

List dependencies

$ npm ls --depth=0

List top-level installed packages.

Why is package installed

$ npm explain <package>

Show dependency chain for a package.

Prune unused

$ npm prune

Remove packages not in package.json.

Deduplicate

$ npm dedupe

Reduce duplication in dependency tree.

View package info

$ npm view <package>

Show package registry information.

View all versions

$ npm view <package> versions

List all published versions.

pnpm store prune

$ pnpm store prune

Remove orphaned packages from pnpm store.

yarn why

$ yarn why <package>

Explain why package is installed (shows chain).