Question 1

What is the difference between caret and tilde in npm?

Accepted Answer

Caret (^): allows minor and patch updates. ^18.2.0 → 18.x.x (18.3.0 works). Tilde (~): allows patch updates only. ~4.17.21 → 4.17.x (4.17.22 works, 4.18.0 doesn't). Caret is more flexible, common for libraries. Tilde more conservative, good for utilities. Fixed version (no prefix) locks exact version.

Question 2

Should I use fixed versions in package.json?

Accepted Answer

Fixed versions: pros - reproducible builds, no unexpected updates. cons - miss bug fixes, manual updates needed. Use fixed for: critical packages, breaking changes common, production apps. Use caret for: most dependencies, libraries. Use tilde for: patch-only updates wanted. package-lock.json locks resolved versions regardless of prefix.

Question 3

How do I check for outdated npm packages?

Accepted Answer

Check outdated: npm outdated shows current, wanted, latest versions. Current: installed. Wanted: allowed by package.json. Latest: newest available. Update: npm update (within allowed range), npm install package@latest (to latest). Review changelog before major updates. Test after updates. Use npm audit for security issues.

Question 4

What is package-lock.json?

Accepted Answer

package-lock.json: locks exact installed versions of all dependencies (including nested). Created/updated on npm install. Ensures reproducible installs across machines. Commit to git for consistency. Overrides package.json version ranges for installation. Delete and reinstall to update to newest allowed versions. Don't manually edit - use npm commands.

Question 5

How do I update all dependencies safely?

Accepted Answer

Update safely: npm outdated first, review changelogs for major changes. Update: npm update for patch/minor within allowed versions. Major updates: npm install package@latest manually. Use npm audit for security. Test thoroughly after updates. Consider: commit before updating, update incrementally, check breaking changes. Use tools like npm-check-updates for bulk updates.

Dependency Version Checker

Paste package.json

Analysis Results

Version Prefix Types

Best Practices

Useful Commands