github raineorshine/npm-check-updates v22.0.0
on GitHub

latest release: v22.0.1
10 hours ago

Breaking Changes

--cooldown now falls back to the greatest non-prerelease version rather than skipping the upgrade entirely when the latest version falls within the cooldown window.

  • This only affects --cooldown (or inferred cooldown from min-release-age/minimumReleaseAge/npmMinimalAgeGate).
  • This only affects --target latest (which is the default).

⚠️ WARNING

In rare circumstances, it is now possible for ncu --cooldown 10 to install a version that was never published to latest. This is because the npm registry does not store a history of versions published to the latest dist-tag. It is impossible to fall back to an earlier latest version, because there is no record of it. However, we do have a list of all published versions, and it's likely that a boring version like 1.0.1 was published to latest at some point. Versions like 1.0.1-pre.0, 1.0.1-beta, 1.0.1-build.58157394, etc will be ignored, as you would expect.

While npm-check-updates typically takes a conservative approach to version upgrades, following semver exactly and only upgrading to the latest version, falling back to the highest version outside the cooldown window is clearly the more intuitive behavior, and this outweighs the few cases where the results would be undesirable. The discussion in #1556 and the large amount of confusion since the initial release of --cooldown attest to this.

How to opt out of the new behavior

You can opt out of the new behavior by using --target "@latest". This forces a strict upgrade (or downgrade) to the latest tag only, without any fallback behavior.

For granular control, use a custom ncurc function to set the target or disable cooldown for a single package.

What's Changed

  • Bump verdaccio from 6.5.1 to 6.5.2 by @dependabot[bot] in #1679
  • Bump vite from 8.0.8 to 8.0.9 by @dependabot[bot] in #1680
  • Bump @typescript-eslint/parser from 8.58.2 to 8.59.0 by @dependabot[bot] in #1681
  • Bump @typescript-eslint/eslint-plugin from 8.58.2 to 8.59.0 by @dependabot[bot] in #1682
  • Update dependencies by @onemen in #1685
  • build: stub cosmiconfig's typescript dependency to reduce bundle size by 8MB by @onemen in #1686
  • feat(cooldown): fall back to greatest passing version when latest is within cooldown by @marcosgilf in #1688

New Contributors

Full Changelog: v21.0.3...v22.0.0

Check out latest releases or
releases around raineorshine/npm-check-updates v22.0.0

Don't miss a new npm-check-updates release

NewReleases is sending notifications on new releases.

Get notifications