cli icon indicating copy to clipboard operation
cli copied to clipboard
verified publisher icon npm

[BUG] npm outdated -g outputs that it wants to upgrade to a new major version

Open Choppel opened this issue 4 years ago • 3 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Current Behavior

With npm@7 and any other package installed globally that is not up to date (e.g. npm-check-updates@10) the cli call "npm outdated -g" outputs the next major version (npm-check-updates@11) as "wanted". Callign "npm update" updates to that major version.

Expected Behavior

npm@7 should never update to a different major version due to possible breaking changes. This worked in npm@6.

Steps To Reproduce

Test for npm 6

Install npm@6 sudo npm i -g npm@6

Create a test project and install a package locally mkdir test cd test npm init npm i --save npm-check-updates@10 npm outdated OK: Column "wanted" for package "npm-check-updates" shows 10..

Install package globally sudo npm i -g npm-check-updates@10 sudo npm outdated -g OK: Column "wanted" for package "npm-check-updates" shows 10..

Test for npm 7 Install npm 7 sudo npm i -g npm@7

Create a test project and install a package locally mkdir test cd test npm init npm i --save npm-check-updates@10 npm outdated OK: Column "wanted" for package "npm-check-updates" shows 10..

Install package globally sudo npm i -g npm-check-updates@10 sudo npm outdated -g ERROR: Column "wanted" for package "npm-check-updates" shows 11..

Environment

  • OS: Linux Mint 20.2 Cinnamon
  • Node: 16.6.0
  • npm: 7.20.3 / 6.14.14

Choppel avatar Aug 05 '21 16:08 Choppel

Same issue here even after updating to npm 8, for example I have angular/cli 12.2.12 installed globaly and npm is showing version 13.0.1 as wanted:

❯ npm outdated -g
Package       Current  Wanted  Latest  Location                   Depended by
@angular/cli  12.2.12  13.0.1  13.0.1  node_modules/@angular/cli  global

This contradicts the official documentation, according to which:

If there's no available semver range (i.e. you're running npm outdated --global, or the package isn't included in package.json), then wanted shows the currently-installed version.

LucaBlackDragon avatar Nov 10 '21 12:11 LucaBlackDragon

This is still an issue in all versions of npm after 7.

Choppel avatar Oct 06 '25 04:10 Choppel

@lukekarrys This is still an issue in npm@11 so the Label "Release 7.x" is incorrect.

The documentation at https://docs.npmjs.com/cli/v11/commands/npm-update clearly states

Note: Globally installed packages are treated as if they are installed with a caret semver range specified.

This is not true. The semver range algorithm is completely ignored. Instead, npm always updates to latest.

Choppel avatar Nov 08 '25 06:11 Choppel