npmモジュールのバージョンアップ - node

2020-06-06

npm-checkを使うと対話式でアップデートできるのでわかりやすい。

# Install checking module globally.
$ npm install -g npm-check

# Run.
# -u means "update"
$ npm-check -u

# Select all basically.
? Choose which packages to update. (Press <space> to select)
  
 Missing. You probably want these.
❯◯ normalize.css missing                          8.0.1   https://necolas.github.io/normalize.css
 ◯ babel-core devDep missing                      6.26.3  https://babeljs.io/
 ◯ browser-sync devDep missing                    2.26.7  https://browsersync.io/
 ◯ gulp devDep missing                            4.0.2   https://gulpjs.com
 ◯ gulp-file-include devDep missing               2.2.2   https://github.com/haoxins/gulp-file-include#readme
 ◯ gulp-plumber devDep missing                    1.2.1   https://github.com/floatdrop/gulp-plumber
 ◯ gulp-replace devDep missing                    1.0.0   https://github.com/lazd/gulp-replace#readme
 ◯ gulp-sass devDep missing                       4.1.0   https://github.com/dlmanning/gulp-sass#readme
 ◯ gulp-sourcemaps devDep missing                 2.6.5   http://github.com/gulp-sourcemaps/gulp-sourcemaps
 ◯ node-sass-package-importer devDep missing      5.3.2   https://github.com/maoberlehner/node-sass-magic-importer/tree/master/packages/node-sass-p
ackage-importer
  
 Major Update Potentially breaking API changes. Use caution.
 ◯ autoprefixer devDep missing            6.7.7   ❯  9.8.0   https://github.com/postcss/autoprefixer#readme
 ◯ eslint devDep missing                  3.19.0  ❯  7.1.0   https://eslint.org
 ◯ eslint-config-prettier devDep missing  2.10.0  ❯  6.11.0  https://github.com/prettier/eslint-config-prettier#readme
 ◯ gifsicle devDep missing                4.0.1   ❯  5.1.0   https://github.com/imagemin/gifsicle-bin#readme
 ◯ gulp-babel devDep missing              7.0.1   ❯  8.0.0   https://github.com/babel/gulp-babel#readme

知らぬ間にGitHubで立てていたリポジトリにnpmの脆弱性通知が来ていて、アカウントが乗っ取られたのかと思いました🤣

参考