Outdated vendor packages

[brianteeman]

Today purely by chance I noticed that the skipto package we are using is outdated and that the current release has a lot more features etc. The reason that we didn't automatically get notified of the new release was because it jumped to v3 and the entry in our package.json said ^2.1.1

My understanding is that the entry is correct because we wouldn't want to automatically update to a new major version which probably has b/c issues. However how can we avoid this scenario happening again with this or other packages?

Is there a way to have npm notify you that there is a newer version even if it is excluded by the entry in package.json?

(I will be submitting a PR next week for the new version once I update the Joomla code that implements it to take advabtage of the new features etc)

[brianteeman]

@wilsonge any idea? Without checking all the vendor packages it is possible that there are other outdated packages

[wilsonge]

We can enable something like dependabot to do automatic Pull Requests. But I think that's about it.

[wilsonge]

Oh I assume you're talking about stuff beyond the npm outdated command...

[brianteeman]

I didn't know about that command - very interesting

Package	Current	Wanted	Latest	Location
@babel/core	7.12.3	7.12.10	7.12.10	joomla
@babel/plugin-transform-runtime	7.12.1	7.12.10	7.12.10	joomla
@babel/preset-env	7.12.1	7.12.11	7.12.11	joomla
autoprefixer	9.8.6	9.8.6	10.1.0	joomla
babel-loader	8.1.0	8.2.2	8.2.2	joomla
browserify	16.5.2	16.5.2	17.0.0	joomla
codemirror	5.58.3	5.59.1	5.59.1	joomla
commander	5.1.0	5.1.0	6.2.1	joomla
cross-env	7.0.2	7.0.3	7.0.3	joomla
css-loader	3.6.0	3.6.0	5.0.1	joomla
diff	4.0.2	4.0.2	5.0.0	joomla
dragula	3.7.2	3.7.2	3.7.3	joomla
eslint	7.12.1	7.17.0	7.17.0	joomla
eslint-config-airbnb-base	14.2.0	14.2.1	14.2.1	joomla
eslint-plugin-vue	7.1.0	7.4.0	7.4.0	joomla
file-saver	2.0.2	2.0.5	2.0.5	joomla
ini	1.3.7	1.3.8	2.0.0	joomla
jquery-migrate	3.3.1	3.3.2	3.3.2	joomla
karma-firefox-launcher	1.3.0	1.3.0	2.1.0	joomla
karma-jasmine	3.3.1	3.3.1	4.0.1	joomla
mini-css-extract-plugin	0.9.0	0.9.0	1.3.3	joomla
punycode	1.4.1	1.4.1	2.1.1	joomla
sass	1.28.0	1.32.0	1.32.0	joomla
sass-loader	8.0.2	8.0.2	10.1.0	joomla
selenium-standalone	6.20.1	6.23.0	6.23.0	joomla
skipto	2.1.1	2.1.1	3.1.1	joomla
stylelint	13.7.2	13.8.0	13.8.0	joomla
tinymce	5.6.1	5.6.2	5.6.2	joomla
vue-loader	15.9.5	15.9.6	15.9.6	joomla
vuex	3.5.1	3.6.0	3.6.0	joomla
vuex-persistedstate	3.1.0	3.1.0	4.0.0-beta.1	joomla
webpack	4.44.2	4.44.2	5.11.1	joomla
webpack-cli	3.3.12	3.3.12	4.3.1	joomla