Update Your Obsolete Packages

A Great Solution…

Maven, Leiningen, Nuget, Gradle, NPM, and numerous other package/dependency management tools are very helpful for modern (or perhaps post-modern) development, which typically involves numerous library dependencies.

These tools implement a fundamentally good and important idea:

List the packages, and versions, your package/application depends on. In a text file. In the project. Where it can be diffed and merged.
Run a command, all the libraries are all fetched and made available.

All of the above tools default to fetching from open source software repositories. Some or all of them can be easily configured to perform the same job with internal, closed-source repositories if needed.

All of the above tools are a large improvement over the bad old days, when adding a library meant a manual, recursive search of the internet for transitive dependencies.

… Leads to a New Problem

These tools make it so easy to “lock in” specific library versions, that projects can very easily fall far behind the current release versions of those libraries. To avoid this in our projects, a few times per year we upgrade all the libraries (timed to avoid doing it right before any important release dates).

I’ve seen this done by hand, looking up the current version of each library – and it is very tedious. Instead, a package/dependency manager ought to have an easy way to update versions. Sadly, as far as I know none of them have such a thing built in. Here are the addon tools I’ve found so far:

NPM

Use npm-check-updates. The built in “npm obsolete” sounds like it might do the right thing, but it doesn’t.

npm-check-updates -u

Leiningen

Use lein-ancient.

lein ancient upgrade

Maven

The Versions Plugin does the job.

mvn versions:use-latest-releases

Ruby

gem outdated

bundle outdated

Bower

There are numerous Stack Overflow questions asking for this functionality, but it is not present. To some extent, “bower list” will show you packages for which newer versions are available, then you can manually update them in your bower.json file.

Cocoapods

pod outdated

Others?

If anyone knows of similar tools for other dependency managers, I’ll be happy to add them to this list.

2 thoughts on “Update Your Obsolete Packages”

Alexis Gallagher says:

November 27, 2013 at 12:23 am

Cocoapods, the dependency management tool for iOS development, has the command “pod outdated”
edbond says:

November 27, 2013 at 7:06 am

You can add Ruby:

gem outdated
or
bundle outdated

Example output for bundler:
Outdated gems included in the bundle:
* actionmailer (4.0.1 > 3.2.10)
* actionpack (4.0.1 > 3.2.10)
* activemodel (4.0.1 > 3.2.10)
* activerecord (4.0.1 > 3.2.10)

Comments are closed.